Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/9157d6-1f05-4510-8037-78c0c02f78a2/1/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.mft
File: BnIOtAfVsbmyRFO4Jsqm8HTn0S0.mft (raw, json)
Hash identifier: YPPohJiQGbrqa+VLGN+4D4dwVLzHv+srEzGqcRcrxkM=
Subject key identifier: 0D:91:A5:36:6E:B7:76:66:F4:F0:6F:BB:80:25:F5:63:D6:99:CD:D9
Authority key identifier: 06:72:0E:B4:07:D5:B1:B9:B2:44:53:B8:26:CA:A6:F0:74:E7:D1:2D
Certificate issuer: /CN=06720eb407d5b1b9b24453b826caa6f074e7d12d
Certificate serial: 019D25BAEB1CA32D05EDD6FF1E1C20E1BD5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/9157d6-1f05-4510-8037-78c0c02f78a2/1/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.mft
Manifest number: 0140
Signing time: Wed 25 Mar 2026 16:01:39 +0000
Manifest this update: Wed 25 Mar 2026 16:01:39 +0000
Manifest next update: Thu 26 Mar 2026 16:01:39 +0000
Files and hashes: 1: 7lQobzQt-5q29EiSIIISjIEGm7I.roa (hash: KDl0HvpgkkQD8R6H4Y75QdJhIr3+SLg/51QYF1pKsL8=)
2: BnIOtAfVsbmyRFO4Jsqm8HTn0S0.crl (hash: WEeV0ZuHieFEs5+0zu0hiyWSMJUtq7MNO3SbUBHr3Us=)
3: joLWUuWtNpnkb1ExukMjJe0diao.asa (hash: 1ErfkIq/8qmG1QuEQD1Vjmn8g7p8pDBX+uSLXcofoPQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/9157d6-1f05-4510-8037-78c0c02f78a2/1/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/9157d6-1f05-4510-8037-78c0c02f78a2/1/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:eb:1c:a3:2d:05:ed:d6:ff:1e:1c:20:e1:bd:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06720eb407d5b1b9b24453b826caa6f074e7d12d
Validity
Not Before: Mar 25 16:01:39 2026 GMT
Not After : Mar 26 16:01:39 2026 GMT
Subject: CN=0d91a5366eb77666f4f06fbb8025f563d699cdd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:95:17:71:a0:86:38:59:6b:4d:86:e3:a6:2f:
8f:e5:30:74:9a:3f:63:d2:c4:3d:1f:f1:96:bd:36:
ed:fe:67:5d:ff:fb:20:c8:a8:e8:44:34:cb:9c:87:
b0:81:db:68:e6:20:1b:78:af:3e:f5:a7:f8:46:85:
77:06:cd:29:11:f5:a5:5e:71:48:46:95:01:3b:78:
ca:e7:5b:94:2f:a8:8f:48:3c:12:8e:59:0e:5c:06:
30:16:33:28:df:e5:d3:3c:c3:3f:d7:f6:25:c9:36:
5e:2f:66:fa:ea:4e:ff:e3:2e:f2:8d:e8:58:05:da:
60:50:74:64:c4:d8:a8:b9:85:64:a7:d6:21:55:98:
e5:76:a7:3a:3e:73:e9:97:a1:5d:e6:76:75:90:a6:
b7:e4:0b:36:b9:75:ad:7b:93:02:0c:dc:43:2c:00:
14:6a:07:7e:b1:6f:21:aa:80:c9:ed:7d:bd:64:bd:
be:e0:31:8c:7f:b2:55:09:dc:05:7f:a9:56:90:69:
23:d3:2b:47:77:2c:a3:ab:88:71:d4:d7:44:32:9a:
f3:c9:1b:f4:0f:a8:d4:39:ef:6d:20:8d:a8:fd:e4:
d4:44:bc:ca:07:f7:bb:7c:db:5b:33:cb:e3:9b:25:
ed:39:53:b0:af:e4:7f:08:99:27:19:28:a9:e6:4c:
ca:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:91:A5:36:6E:B7:76:66:F4:F0:6F:BB:80:25:F5:63:D6:99:CD:D9
X509v3 Authority Key Identifier:
keyid:06:72:0E:B4:07:D5:B1:B9:B2:44:53:B8:26:CA:A6:F0:74:E7:D1:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9157d6-1f05-4510-8037-78c0c02f78a2/1/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9157d6-1f05-4510-8037-78c0c02f78a2/1/BnIOtAfVsbmyRFO4Jsqm8HTn0S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:17:e8:cb:2d:11:1d:8e:b7:c5:59:c3:94:c5:c8:64:63:7f:
0b:57:70:f3:a7:bd:ba:8d:3d:05:51:2c:27:ac:2b:7a:af:58:
4d:b1:71:c2:66:b4:91:94:6a:71:34:a4:eb:2f:36:a6:84:32:
0e:f2:7b:e2:31:37:c8:d1:8d:41:70:74:4c:dd:a4:d8:98:62:
f5:ce:96:b0:85:83:e9:ef:17:0c:76:b2:23:45:48:02:8a:4f:
a2:92:e8:23:d5:98:22:3a:f4:f5:85:12:04:0b:2f:73:e8:e4:
38:11:43:a3:7c:b9:e8:cb:20:bd:8d:4a:1b:87:bb:91:39:00:
52:ab:39:93:73:67:4a:ca:37:87:29:74:3c:ef:5f:77:fa:29:
55:d3:ae:d6:68:41:4c:2e:35:91:c1:0e:1f:c2:46:96:67:38:
a3:83:36:5d:97:a4:d8:6d:ed:65:37:31:43:01:05:7a:77:c9:
e8:d8:82:81:89:af:32:b2:36:af:c8:11:e0:57:55:9d:1f:14:
66:e6:ad:10:cb:ef:d5:45:19:28:10:6d:48:52:16:a7:bf:dc:
49:b9:4d:b8:ec:fe:92:59:01:c4:9d:7f:3b:67:3c:2d:1e:4e:
f8:6b:97:7e:c9:eb:13:e3:10:5f:0d:3c:9f:16:2e:69:58:04:
59:4d:d5:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luuscoy0F7db/Hhwg4b1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzIwZWI0MDdkNWIxYjliMjQ0NTNiODI2Y2FhNmYwNzRl
N2QxMmQwHhcNMjYwMzI1MTYwMTM5WhcNMjYwMzI2MTYwMTM5WjAzMTEwLwYDVQQD
EygwZDkxYTUzNjZlYjc3NjY2ZjRmMDZmYmI4MDI1ZjU2M2Q2OTljZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpUXcaCGOFlrTYbjpi+P5TB0mj9j
0sQ9H/GWvTbt/mdd//sgyKjoRDTLnIewgdto5iAbeK8+9af4RoV3Bs0pEfWlXnFI
RpUBO3jK51uUL6iPSDwSjlkOXAYwFjMo3+XTPMM/1/YlyTZeL2b66k7/4y7yjehY
BdpgUHRkxNiouYVkp9YhVZjldqc6PnPpl6Fd5nZ1kKa35As2uXWte5MCDNxDLAAU
agd+sW8hqoDJ7X29ZL2+4DGMf7JVCdwFf6lWkGkj0ytHdyyjq4hx1NdEMprzyRv0
D6jUOe9tII2o/eTURLzKB/e7fNtbM8vjmyXtOVOwr+R/CJknGSip5kzK3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2RpTZut3Zm9PBvu4Al9WPWmc3ZMB8GA1UdIwQY
MBaAFAZyDrQH1bG5skRTuCbKpvB059EtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5JT3RBZlZzYm15UkZPNEpzcW04SFRuMFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS85MTU3ZDYtMWYwNS00NTEwLTgwMzct
NzhjMGMwMmY3OGEyLzEvQm5JT3RBZlZzYm15UkZPNEpzcW04SFRuMFMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS85MTU3ZDYtMWYwNS00NTEwLTgwMzctNzhjMGMwMmY3OGEy
LzEvQm5JT3RBZlZzYm15UkZPNEpzcW04SFRuMFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJRfoyy0R
HY63xVnDlMXIZGN/C1dw86e9uo09BVEsJ6wreq9YTbFxwma0kZRqcTSk6y82poQy
DvJ74jE3yNGNQXB0TN2k2Jhi9c6WsIWD6e8XDHayI0VIAopPopLoI9WYIjr09YUS
BAsvc+jkOBFDo3y56MsgvY1KG4e7kTkAUqs5k3NnSso3hyl0PO9fd/opVdOu1mhB
TC41kcEOH8JGlmc4o4M2XZek2G3tZTcxQwEFenfJ6NiCgYmvMrI2r8gR4FdVnR8U
ZuatEMvv1UUZKBBtSFIWp7/cSblNuOz+klkBxJ1/O2c8LR5O+GuXfsnrE+MQXw08
nxYuaVgEWU3V5Q==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:26:02 2026 by rpki-client