
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
File: BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft (raw, json)
Hash identifier: XoMT9bPz7/lrXq+ri8mxkRmehbbt1gOHRezbkkaH1ig=
Subject key identifier: 71:A8:AE:48:39:92:A2:7A:66:C6:07:D7:CD:C7:08:EE:AF:ED:F3:17
Authority key identifier: 04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A
Certificate issuer: /CN=04d29211f92e560f0b7834bb2932ac63cabfa14a
Certificate serial: 019A00DA698CA0EBEC6D88A3E68B27702BA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
Manifest number: 0BC9
Signing time: Mon 20 Oct 2025 09:01:44 +0000
Manifest this update: Mon 20 Oct 2025 09:01:44 +0000
Manifest next update: Tue 21 Oct 2025 09:01:44 +0000
Files and hashes: 1: BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl (hash: HhL2Qdguf5Mm4Gx21jjbKepNDocfn2B6xqUOL/m8Mbo=)
2: dShe1ipT6-Y_-edVr4eNtxtPKAo.roa (hash: 34QucPlafnV+iMZk3j4FDiUJFtGuS1f17YL6xBvVoIo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:da:69:8c:a0:eb:ec:6d:88:a3:e6:8b:27:70:2b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d29211f92e560f0b7834bb2932ac63cabfa14a
Validity
Not Before: Oct 20 09:01:44 2025 GMT
Not After : Oct 21 09:01:44 2025 GMT
Subject: CN=71a8ae483992a27a66c607d7cdc708eeafedf317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a7:d6:17:6a:c7:5a:2f:3a:0e:69:4d:fd:9c:
dd:59:26:01:f9:93:24:e5:05:f9:8f:63:e0:8b:33:
92:9a:85:ff:a2:3d:05:e7:16:9b:01:99:ab:f2:fc:
0c:c7:5b:08:05:a5:91:4b:27:11:0c:b3:c9:0e:28:
d2:e8:2c:45:19:51:68:28:bd:1b:95:88:4d:48:72:
7a:6e:d2:3f:e8:a4:b6:9c:6e:43:ce:f6:43:b4:8d:
eb:bf:ad:87:91:7c:ec:9f:18:2c:85:fe:a8:9d:dd:
c4:13:bc:9f:34:7a:d7:68:66:8e:dd:e2:ba:f6:37:
d0:ef:51:29:c8:bf:b9:9f:d1:b4:ff:69:67:21:e9:
a9:9d:a2:10:44:24:5c:12:a7:12:db:f4:83:69:29:
fb:3a:09:35:c2:3e:40:8a:4a:88:43:27:1e:be:d3:
91:89:70:9e:11:1f:6e:ad:bf:54:c5:40:67:39:bd:
1e:85:cc:5a:6d:cf:09:a0:06:fd:24:d3:67:7c:8f:
ee:a3:be:95:7d:07:3b:55:cc:b1:59:c2:53:ce:cd:
ac:e5:d0:e8:96:f3:74:a0:ab:8a:8c:ba:f7:dd:b7:
a9:37:08:f6:cc:5f:b4:2a:99:9a:b0:64:74:7c:df:
68:62:ad:88:a6:3a:00:c5:8d:1c:d1:80:a0:ab:68:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A8:AE:48:39:92:A2:7A:66:C6:07:D7:CD:C7:08:EE:AF:ED:F3:17
X509v3 Authority Key Identifier:
keyid:04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:1b:e3:7e:da:5e:bf:0b:2e:4a:2e:1d:03:54:c7:ef:39:70:
d7:51:52:1d:b6:0f:fe:30:b3:cc:a6:fd:f0:fb:c4:e2:eb:aa:
46:b7:cc:b4:4e:a0:52:86:a6:75:fc:9e:87:32:a6:00:dd:54:
2f:3a:d6:52:e1:0c:be:aa:d7:ae:8e:e2:67:5e:ad:d3:6f:28:
2c:3f:c0:cc:a6:c8:24:7f:8e:28:e6:f6:4e:de:06:3b:7a:7d:
26:5e:b6:f6:b2:4b:e5:3d:24:e6:a6:4d:c5:06:db:89:0c:06:
7f:7c:54:aa:41:3f:db:90:bd:69:4b:cf:98:1d:d6:0c:f8:02:
c4:75:9e:ea:ca:f5:fe:aa:dd:87:8d:37:8d:a5:2d:fa:c1:85:
21:75:97:a5:14:48:05:e9:42:3d:0b:ba:dd:e8:05:96:25:12:
70:59:f8:54:8e:94:66:1d:15:71:df:ce:56:2e:64:e5:57:90:
81:77:7d:31:4c:73:b5:ec:d3:86:6d:a4:eb:02:6d:d5:bc:7d:
d7:e0:f6:23:a4:1b:15:c2:56:9a:03:4c:ff:e9:21:81:4d:fd:
40:bd:3f:1a:7e:c8:c8:9b:e9:73:e2:17:f8:21:75:6e:99:7f:
10:6d:61:33:c8:ef:c4:76:74:59:cf:a8:90:be:01:94:7c:bd:
e7:df:7f:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2mmMoOvsbYij5osncCugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDI5MjExZjkyZTU2MGYwYjc4MzRiYjI5MzJhYzYzY2Fi
ZmExNGEwHhcNMjUxMDIwMDkwMTQ0WhcNMjUxMDIxMDkwMTQ0WjAzMTEwLwYDVQQD
Eyg3MWE4YWU0ODM5OTJhMjdhNjZjNjA3ZDdjZGM3MDhlZWFmZWRmMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6afWF2rHWi86DmlN/ZzdWSYB+ZMk
5QX5j2PgizOSmoX/oj0F5xabAZmr8vwMx1sIBaWRSycRDLPJDijS6CxFGVFoKL0b
lYhNSHJ6btI/6KS2nG5DzvZDtI3rv62HkXzsnxgshf6ond3EE7yfNHrXaGaO3eK6
9jfQ71EpyL+5n9G0/2lnIempnaIQRCRcEqcS2/SDaSn7Ogk1wj5AikqIQycevtOR
iXCeER9urb9UxUBnOb0ehcxabc8JoAb9JNNnfI/uo76VfQc7VcyxWcJTzs2s5dDo
lvN0oKuKjLr33bepNwj2zF+0KpmasGR0fN9oYq2IpjoAxY0c0YCgq2ikZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGorkg5kqJ6ZsYH183HCO6v7fMXMB8GA1UdIwQY
MBaAFATSkhH5LlYPC3g0uykyrGPKv6FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQt
ZThkMTkyOTYzOTVjLzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQtZThkMTkyOTYzOTVj
LzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRvjftpe
vwsuSi4dA1TH7zlw11FSHbYP/jCzzKb98PvE4uuqRrfMtE6gUoamdfyehzKmAN1U
LzrWUuEMvqrXro7iZ16t028oLD/AzKbIJH+OKOb2Tt4GO3p9Jl629rJL5T0k5qZN
xQbbiQwGf3xUqkE/25C9aUvPmB3WDPgCxHWe6sr1/qrdh403jaUt+sGFIXWXpRRI
BelCPQu63egFliUScFn4VI6UZh0Vcd/OVi5k5VeQgXd9MUxztezThm2k6wJt1bx9
1+D2I6QbFcJWmgNM/+khgU39QL0/Gn7IyJvpc+IX+CF1bpl/EG1hM8jvxHZ0Wc+o
kL4BlHy9599/LA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:12:39 2025 by rpki-client