Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
File: bhWkM20vXhvWBzfelXlomSp0cOk.mft (raw, json)
Hash identifier: 3iG2P/8VbKR130Sce2LhWyjkLVMrf1bnL0o8d1/orwI=
Subject key identifier: F3:DA:61:DD:76:E4:88:1D:3A:9E:8F:D1:69:6F:AA:A5:2C:9C:AC:D3
Authority key identifier: 6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
Certificate issuer: /CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Certificate serial: 019D2A72526715BD6D84E3484116EC4E7336
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 14:00:28 +0000
Manifest this update: Thu 26 Mar 2026 14:00:28 +0000
Manifest next update: Fri 27 Mar 2026 14:00:28 +0000
Files and hashes: 1: Vu-e1GygyQXjjracczxIzivdztw.roa (hash: VKVRS5igE/oTY5xgq6v9aHjG9onlTSU6jTSymC7H728=)
2: bhWkM20vXhvWBzfelXlomSp0cOk.crl (hash: DCepqSWFqxYupb4KyqqVMNM3Zbfi7Rb+WFFGWxPhmEY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:52:67:15:bd:6d:84:e3:48:41:16:ec:4e:73:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Validity
Not Before: Mar 26 14:00:28 2026 GMT
Not After : Mar 27 14:00:28 2026 GMT
Subject: CN=f3da61dd76e4881d3a9e8fd1696faaa52c9cacd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:eb:df:7b:60:fb:d5:3b:ed:81:01:ba:9c:47:
5f:28:9e:6d:3e:03:a8:f4:b7:fc:8c:7d:bd:53:d2:
f1:3b:c3:96:9b:12:c4:b7:d2:c2:ee:f6:34:43:c0:
aa:eb:a2:7f:55:62:11:8b:11:46:3c:13:80:2d:b3:
a8:d1:9d:99:04:7e:78:87:e7:c0:57:9f:40:4c:84:
e8:b4:8c:d9:ab:4d:db:9f:df:4f:a0:cc:ed:91:98:
94:c5:8a:69:c5:a3:07:e9:d1:a4:42:f1:58:a0:53:
08:9a:11:7f:7c:c6:b9:70:f8:19:f4:02:f6:4a:6b:
58:58:86:da:86:76:18:cf:49:fa:1e:70:9b:b3:e5:
39:d7:8c:15:ac:aa:a4:67:a2:7e:07:20:ed:8e:1d:
50:b9:93:cb:3e:2d:f9:53:90:14:b6:c8:9a:be:de:
74:d1:b9:66:02:bc:54:72:05:e9:84:aa:0b:5c:71:
11:87:76:c4:04:92:02:f5:8f:df:8e:dd:4b:39:d7:
d6:da:10:6d:78:aa:75:cc:48:76:62:bf:6b:2d:fd:
b9:f8:8e:3b:8a:ca:c0:fe:63:2f:84:03:0f:c2:da:
2a:5b:2d:8c:c4:03:a0:84:b3:c7:d0:e8:14:6e:8c:
0c:fe:55:1a:4c:4c:55:34:2a:68:10:89:d1:29:41:
55:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:DA:61:DD:76:E4:88:1D:3A:9E:8F:D1:69:6F:AA:A5:2C:9C:AC:D3
X509v3 Authority Key Identifier:
keyid:6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:42:2c:4c:64:ec:f2:aa:df:0e:8f:8c:02:b1:cd:c2:b5:41:
1b:58:bf:55:b3:86:79:c9:68:7a:f9:f5:e8:a3:58:f7:f1:2f:
f1:6a:f9:0a:6f:d1:6e:70:dd:bf:b4:7a:97:0e:b1:ae:eb:17:
5a:24:95:99:4c:3a:86:8a:db:a0:a9:73:69:6f:91:88:2d:b7:
e7:64:71:e5:74:08:2e:6a:4c:0d:96:8c:ad:ab:0c:28:39:de:
b1:90:88:0f:48:52:f8:8e:8a:b6:e3:86:8d:9b:07:fd:85:7a:
f0:08:46:25:bc:5d:56:52:63:7f:e9:ea:63:c8:76:53:1a:98:
69:77:5e:37:a5:90:51:38:95:64:6b:93:99:69:07:63:98:ec:
b0:11:13:21:8e:81:1e:10:3f:7f:f5:7d:a0:53:d3:15:7f:83:
34:03:5c:4d:ef:24:4a:99:ad:b8:c8:dc:73:34:c9:17:f3:d7:
4f:c7:0c:8d:ff:6a:fe:c0:e1:c8:c0:79:ff:37:c5:b0:ff:b7:
42:7b:ef:5e:1a:e0:a7:ca:e2:00:53:26:e7:9c:86:14:39:2d:
29:23:c3:21:7e:4c:3d:bd:4d:ef:34:2f:df:16:fe:24:2b:e5:
55:0c:81:0e:86:ac:4b:2d:8b:81:a5:e0:94:c9:8c:f9:fd:1b:
fd:cb:41:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qclJnFb1thONIQRbsTnM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMTVhNDMzNmQyZjVlMWJkNjA3MzdkZTk1Nzk2ODk5MmE3
NDcwZTkwHhcNMjYwMzI2MTQwMDI4WhcNMjYwMzI3MTQwMDI4WjAzMTEwLwYDVQQD
EyhmM2RhNjFkZDc2ZTQ4ODFkM2E5ZThmZDE2OTZmYWFhNTJjOWNhY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuvfe2D71TvtgQG6nEdfKJ5tPgOo
9Lf8jH29U9LxO8OWmxLEt9LC7vY0Q8Cq66J/VWIRixFGPBOALbOo0Z2ZBH54h+fA
V59ATITotIzZq03bn99PoMztkZiUxYppxaMH6dGkQvFYoFMImhF/fMa5cPgZ9AL2
SmtYWIbahnYYz0n6HnCbs+U514wVrKqkZ6J+ByDtjh1QuZPLPi35U5AUtsiavt50
0blmArxUcgXphKoLXHERh3bEBJIC9Y/fjt1LOdfW2hBteKp1zEh2Yr9rLf25+I47
isrA/mMvhAMPwtoqWy2MxAOghLPH0OgUbowM/lUaTExVNCpoEInRKUFVUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPaYd125IgdOp6P0WlvqqUsnKzTMB8GA1UdIwQY
MBaAFG4VpDNtL14b1gc33pV5aJkqdHDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAt
OGQ1MjQ2YTIwMjQ1LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAtOGQ1MjQ2YTIwMjQ1
LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKEIsTGTs
8qrfDo+MArHNwrVBG1i/VbOGecloevn16KNY9/Ev8Wr5Cm/RbnDdv7R6lw6xrusX
WiSVmUw6horboKlzaW+RiC2352Rx5XQILmpMDZaMrasMKDnesZCID0hS+I6KtuOG
jZsH/YV68AhGJbxdVlJjf+nqY8h2UxqYaXdeN6WQUTiVZGuTmWkHY5jssBETIY6B
HhA/f/V9oFPTFX+DNANcTe8kSpmtuMjcczTJF/PXT8cMjf9q/sDhyMB5/zfFsP+3
QnvvXhrgp8riAFMm55yGFDktKSPDIX5MPb1N7zQv3xb+JCvlVQyBDoasSy2LgaXg
lMmM+f0b/ctBUA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:22:33 2026 by rpki-client