Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
File: bhWkM20vXhvWBzfelXlomSp0cOk.mft (raw, json)
Hash identifier: rNkOY1wtWWFmLnZWKi5oFreJCjMKbkvIS60UNXUNmnA=
Subject key identifier: 29:C9:6F:13:6E:74:93:2A:A0:91:51:70:4E:23:47:54:EA:DF:7E:01
Authority key identifier: 6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
Certificate issuer: /CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Certificate serial: 019A011155B8DB55E4F3F0E450B24F7AE179
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
Manifest number: 16E5
Signing time: Mon 20 Oct 2025 10:01:44 +0000
Manifest this update: Mon 20 Oct 2025 10:01:44 +0000
Manifest next update: Tue 21 Oct 2025 10:01:44 +0000
Files and hashes: 1: bhWkM20vXhvWBzfelXlomSp0cOk.crl (hash: A1GUdWUbTpobj8UzIfc3s+2PiikprDF0l5bo2xfv15M=)
2: zgsEDv3otZRAtHyWvGAv7rzQjXg.roa (hash: ZyzEtsDUzNfUy6YLDq0VYYYmMcE0twVe+0tLjGTigwU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:11:55:b8:db:55:e4:f3:f0:e4:50:b2:4f:7a:e1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Validity
Not Before: Oct 20 10:01:44 2025 GMT
Not After : Oct 21 10:01:44 2025 GMT
Subject: CN=29c96f136e74932aa09151704e234754eadf7e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c0:16:69:7c:2a:ce:4c:93:b9:e7:6f:3f:67:
29:02:d3:90:66:10:54:f7:12:12:47:66:9d:06:12:
0a:e3:f8:5a:73:16:bc:da:6f:96:6b:58:1e:a3:9f:
1d:f1:d1:21:5d:e1:75:86:cf:a8:4a:3d:ac:37:52:
8e:bb:b4:42:76:18:3c:75:d9:ed:bf:df:72:10:36:
d3:0e:31:d1:bd:f7:80:7d:25:0e:9a:09:14:0f:c2:
cf:66:e9:36:12:2f:2d:d4:35:9d:6d:26:ae:93:d5:
3c:89:b0:61:35:96:1f:2a:24:b5:a4:ac:b4:ce:13:
21:50:b7:69:34:83:49:a4:49:86:e5:62:de:46:17:
02:f6:9b:de:c6:35:9d:c8:5a:22:29:e6:ab:1c:96:
c7:0b:09:65:1e:6e:2f:4f:35:c0:b3:8e:06:cf:c8:
fe:f5:e6:be:13:36:88:f2:f7:0c:70:82:69:86:9f:
dd:62:ce:07:f9:13:4b:f4:00:a2:f5:99:b6:4e:43:
e2:de:71:4c:d3:10:6f:c8:d1:9b:dd:fb:87:db:00:
30:8c:24:0f:45:f3:35:c7:12:d0:d9:a0:49:dc:9a:
84:28:6c:d1:c7:9e:62:e8:b0:18:44:ff:ac:eb:5a:
c4:7c:12:4d:6f:15:71:e1:a2:7d:0d:f8:a3:59:93:
5c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C9:6F:13:6E:74:93:2A:A0:91:51:70:4E:23:47:54:EA:DF:7E:01
X509v3 Authority Key Identifier:
keyid:6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:c0:01:39:0c:8a:1a:52:52:64:64:ea:2e:2e:ea:13:a8:bb:
df:2e:8b:e1:d5:88:7a:d2:f4:88:ca:a1:7b:47:3e:29:c9:5d:
fb:55:bf:5f:1f:b1:a7:ac:2f:b3:7e:b3:9d:66:58:86:b1:3b:
54:57:32:cb:bb:a5:fb:4c:ac:15:a0:aa:fb:4b:5f:8a:a2:a8:
0c:40:cc:50:eb:f3:7a:75:cc:da:1b:51:8a:e3:2b:6e:89:42:
58:db:94:ad:14:66:1e:47:5f:de:49:d0:21:3c:e6:5f:99:18:
e1:d8:db:91:67:b0:0e:9b:97:39:ba:dd:9b:65:31:34:53:03:
68:01:c7:22:58:72:a8:09:88:49:d6:3f:ab:29:36:6e:d9:5d:
6a:78:f5:fb:d9:c1:d7:eb:a4:62:55:37:97:80:b5:92:0e:48:
72:33:f1:93:72:39:f6:38:99:21:58:34:ca:2f:ac:1e:ae:62:
5b:b6:6d:c6:b0:5e:14:c8:a2:c5:54:4b:6f:45:da:b1:d0:15:
14:f4:c6:f9:64:91:33:6c:1c:03:29:da:46:3d:1f:ef:a5:5a:
eb:22:93:e7:fd:fb:84:03:86:8a:64:22:ad:64:53:cf:f6:6e:
da:d5:1d:53:e9:dd:f5:8e:ac:cf:f6:8e:8f:2e:19:3a:ef:e9:
c4:7b:87:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEVW421Xk8/DkULJPeuF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMTVhNDMzNmQyZjVlMWJkNjA3MzdkZTk1Nzk2ODk5MmE3
NDcwZTkwHhcNMjUxMDIwMTAwMTQ0WhcNMjUxMDIxMTAwMTQ0WjAzMTEwLwYDVQQD
EygyOWM5NmYxMzZlNzQ5MzJhYTA5MTUxNzA0ZTIzNDc1NGVhZGY3ZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMAWaXwqzkyTuedvP2cpAtOQZhBU
9xISR2adBhIK4/hacxa82m+Wa1geo58d8dEhXeF1hs+oSj2sN1KOu7RCdhg8ddnt
v99yEDbTDjHRvfeAfSUOmgkUD8LPZuk2Ei8t1DWdbSauk9U8ibBhNZYfKiS1pKy0
zhMhULdpNINJpEmG5WLeRhcC9pvexjWdyFoiKearHJbHCwllHm4vTzXAs44Gz8j+
9ea+EzaI8vcMcIJphp/dYs4H+RNL9ACi9Zm2TkPi3nFM0xBvyNGb3fuH2wAwjCQP
RfM1xxLQ2aBJ3JqEKGzRx55i6LAYRP+s61rEfBJNbxVx4aJ9DfijWZNcvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnJbxNudJMqoJFRcE4jR1Tq334BMB8GA1UdIwQY
MBaAFG4VpDNtL14b1gc33pV5aJkqdHDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAt
OGQ1MjQ2YTIwMjQ1LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAtOGQ1MjQ2YTIwMjQ1
LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApcABOQyK
GlJSZGTqLi7qE6i73y6L4dWIetL0iMqhe0c+Kcld+1W/Xx+xp6wvs36znWZYhrE7
VFcyy7ul+0ysFaCq+0tfiqKoDEDMUOvzenXM2htRiuMrbolCWNuUrRRmHkdf3knQ
ITzmX5kY4djbkWewDpuXObrdm2UxNFMDaAHHIlhyqAmISdY/qyk2btldanj1+9nB
1+ukYlU3l4C1kg5IcjPxk3I59jiZIVg0yi+sHq5iW7ZtxrBeFMiixVRLb0XasdAV
FPTG+WSRM2wcAynaRj0f76Va6yKT5/37hAOGimQirWRTz/Zu2tUdU+nd9Y6sz/aO
jy4ZOu/pxHuH5A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:44:57 2025 by rpki-client