Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/76d161-e1bb-46d7-bc72-05b0cf2ce19a/1/BNokfsP0AQu8LqUqIqxkd4vKPkc.mft
File: BNokfsP0AQu8LqUqIqxkd4vKPkc.mft (raw, json)
Hash identifier: Bb1t/5Y468jc2bdxw9+87vFCSeDN6sQ2cCwxR4xrOT4=
Subject key identifier: 07:F3:23:40:1A:0F:A8:71:39:C0:4C:3A:23:7B:70:72:9E:2D:89:E8
Authority key identifier: 04:DA:24:7E:C3:F4:01:0B:BC:2E:A5:2A:22:AC:64:77:8B:CA:3E:47
Certificate issuer: /CN=04da247ec3f4010bbc2ea52a22ac64778bca3e47
Certificate serial: 019E1CB4FA405182874864F132B6BCB02DFF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNokfsP0AQu8LqUqIqxkd4vKPkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/76d161-e1bb-46d7-bc72-05b0cf2ce19a/1/BNokfsP0AQu8LqUqIqxkd4vKPkc.mft
Manifest number: 25
Signing time: Tue 12 May 2026 15:01:23 +0000
Manifest this update: Tue 12 May 2026 15:01:23 +0000
Manifest next update: Wed 13 May 2026 15:01:23 +0000
Files and hashes: 1: BNokfsP0AQu8LqUqIqxkd4vKPkc.crl (hash: R8Y2rz/3tYe/d6vKbbwcMSdCVYL5WwfKMj5vPmcKTIU=)
2: qNh9B_T6D7zIQKtKj3CH1wBuJrU.roa (hash: VVk6xhwAHQjOQSYBNf9v9JyyynNzDFxtsukm+hVtrgE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/76d161-e1bb-46d7-bc72-05b0cf2ce19a/1/BNokfsP0AQu8LqUqIqxkd4vKPkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/76d161-e1bb-46d7-bc72-05b0cf2ce19a/1/BNokfsP0AQu8LqUqIqxkd4vKPkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BNokfsP0AQu8LqUqIqxkd4vKPkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:b4:fa:40:51:82:87:48:64:f1:32:b6:bc:b0:2d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04da247ec3f4010bbc2ea52a22ac64778bca3e47
Validity
Not Before: May 12 15:01:23 2026 GMT
Not After : May 13 15:01:23 2026 GMT
Subject: CN=07f323401a0fa87139c04c3a237b70729e2d89e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ca:0f:f2:e7:a0:ac:23:31:f8:89:44:38:79:
c2:69:8a:8f:8c:1a:37:87:48:cf:d0:e5:0b:51:bc:
a2:7f:9c:da:8c:07:8a:e9:14:ac:3c:e0:d3:ef:19:
c8:e1:8b:46:ab:90:fa:26:03:7d:cf:a8:d2:24:0c:
67:14:31:ae:ad:43:c3:bf:b6:fd:99:d0:3c:a9:7f:
4a:61:0d:ce:a8:c4:9a:38:c2:95:d6:ae:21:db:b3:
20:f6:b4:aa:06:9c:6e:88:0d:37:97:26:70:d8:db:
48:2a:73:bd:56:71:7c:10:dc:a7:4c:d1:f8:e2:87:
e6:3e:33:53:60:20:b8:be:e8:b3:bc:32:88:d7:ae:
8f:a3:dc:2d:8d:49:04:43:59:d2:56:5c:36:80:90:
a3:e7:00:3d:51:d3:39:73:12:d1:b5:3f:5f:43:76:
06:b1:45:f9:d5:41:c5:4f:e4:ca:17:74:01:53:49:
dd:30:64:39:b8:2e:5b:ed:0f:b0:aa:f6:5a:8f:ed:
de:c5:4d:9a:1e:d1:79:10:3f:49:0b:4b:bc:bc:f7:
96:0c:7e:f3:84:1d:b3:9a:f6:78:c4:e8:8a:a6:a4:
f0:65:09:0f:36:05:22:e9:b0:71:5e:cf:c4:74:ef:
8d:78:dd:21:a6:d6:3e:d1:27:13:29:04:b2:b3:0b:
1f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F3:23:40:1A:0F:A8:71:39:C0:4C:3A:23:7B:70:72:9E:2D:89:E8
X509v3 Authority Key Identifier:
keyid:04:DA:24:7E:C3:F4:01:0B:BC:2E:A5:2A:22:AC:64:77:8B:CA:3E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNokfsP0AQu8LqUqIqxkd4vKPkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/76d161-e1bb-46d7-bc72-05b0cf2ce19a/1/BNokfsP0AQu8LqUqIqxkd4vKPkc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/76d161-e1bb-46d7-bc72-05b0cf2ce19a/1/BNokfsP0AQu8LqUqIqxkd4vKPkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:ae:a4:d2:f5:18:7d:0d:94:64:71:e1:de:bb:96:aa:0e:1c:
80:f4:3f:a0:7d:dc:f5:98:c2:ee:59:bd:50:22:f2:4d:74:5a:
73:3c:1c:65:4d:b6:d3:43:20:15:70:df:66:22:f5:b2:0e:d1:
ce:64:96:78:8c:b2:fc:6e:35:e3:14:58:9c:f5:c5:5c:dc:88:
e8:65:26:9f:22:ed:4c:09:ed:7d:31:e5:c4:0f:23:12:f4:d1:
fc:6e:90:08:42:a9:ff:91:f7:eb:8c:1a:c4:7f:40:4a:6b:f5:
a6:eb:1a:06:0c:7a:a5:81:28:48:b9:26:d7:46:08:54:48:d5:
6e:eb:f9:82:ca:1b:14:cb:65:2a:18:96:49:fa:5c:54:7f:d6:
26:5a:10:7b:ac:20:c7:32:bc:19:7d:64:d6:c7:d4:8e:a6:63:
b4:4e:a9:d3:15:1c:18:50:71:ab:43:f4:21:a2:ae:b6:cc:56:
9e:c2:d3:a5:d8:d5:6b:f0:98:d0:49:ea:27:b7:d2:cf:0a:f5:
12:99:e6:72:e5:e6:5d:9c:ea:c8:29:07:f7:f0:1a:44:d7:93:
af:8f:e9:76:2c:92:eb:97:66:86:0e:ad:12:54:09:23:e2:70:
3a:54:35:a9:92:f7:11:8f:f2:cd:27:70:89:72:d9:eb:15:af:
a8:ce:01:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ctPpAUYKHSGTxMra8sC3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZGEyNDdlYzNmNDAxMGJiYzJlYTUyYTIyYWM2NDc3OGJj
YTNlNDcwHhcNMjYwNTEyMTUwMTIzWhcNMjYwNTEzMTUwMTIzWjAzMTEwLwYDVQQD
EygwN2YzMjM0MDFhMGZhODcxMzljMDRjM2EyMzdiNzA3MjllMmQ4OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMoP8uegrCMx+IlEOHnCaYqPjBo3
h0jP0OULUbyif5zajAeK6RSsPODT7xnI4YtGq5D6JgN9z6jSJAxnFDGurUPDv7b9
mdA8qX9KYQ3OqMSaOMKV1q4h27Mg9rSqBpxuiA03lyZw2NtIKnO9VnF8ENynTNH4
4ofmPjNTYCC4vuizvDKI166Po9wtjUkEQ1nSVlw2gJCj5wA9UdM5cxLRtT9fQ3YG
sUX51UHFT+TKF3QBU0ndMGQ5uC5b7Q+wqvZaj+3exU2aHtF5ED9JC0u8vPeWDH7z
hB2zmvZ4xOiKpqTwZQkPNgUi6bBxXs/EdO+NeN0hptY+0ScTKQSyswsfzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfzI0AaD6hxOcBMOiN7cHKeLYnoMB8GA1UdIwQY
MBaAFATaJH7D9AELvC6lKiKsZHeLyj5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5va2ZzUDBBUXU4THFVcUlxeGtkNHZLUGtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83NmQxNjEtZTFiYi00NmQ3LWJjNzIt
MDViMGNmMmNlMTlhLzEvQk5va2ZzUDBBUXU4THFVcUlxeGtkNHZLUGtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83NmQxNjEtZTFiYi00NmQ3LWJjNzItMDViMGNmMmNlMTlh
LzEvQk5va2ZzUDBBUXU4THFVcUlxeGtkNHZLUGtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIa6k0vUY
fQ2UZHHh3ruWqg4cgPQ/oH3c9ZjC7lm9UCLyTXRaczwcZU2200MgFXDfZiL1sg7R
zmSWeIyy/G414xRYnPXFXNyI6GUmnyLtTAntfTHlxA8jEvTR/G6QCEKp/5H364wa
xH9ASmv1pusaBgx6pYEoSLkm10YIVEjVbuv5gsobFMtlKhiWSfpcVH/WJloQe6wg
xzK8GX1k1sfUjqZjtE6p0xUcGFBxq0P0IaKutsxWnsLTpdjVa/CY0EnqJ7fSzwr1
EpnmcuXmXZzqyCkH9/AaRNeTr4/pdiyS65dmhg6tElQJI+JwOlQ1qZL3EY/yzSdw
iXLZ6xWvqM4B0Q==
-----END CERTIFICATE-----
Generated at Tue May 12 21:16:19 2026 by rpki-client