Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
File: BZ9RaALCYTCaYQSHcubq_VhnqZA.mft (raw, json)
Hash identifier: YGVjoNR4hjKmNLfmY14gpdCT4uEhi9mep3sS18CWzGg=
Subject key identifier: CB:40:B0:CE:76:53:73:C2:4B:63:C0:3C:67:82:3E:77:88:31:79:9D
Authority key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
Certificate issuer: /CN=059f516802c261309a61048772e6eafd5867a990
Certificate serial: 0199FCFD789F0E88E8AFEA8148AB198991EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
Manifest number: 159F
Signing time: Sun 19 Oct 2025 15:01:33 +0000
Manifest this update: Sun 19 Oct 2025 15:01:33 +0000
Manifest next update: Mon 20 Oct 2025 15:01:33 +0000
Files and hashes: 1: BZ9RaALCYTCaYQSHcubq_VhnqZA.crl (hash: wNVHG/MaEv5Jg0UL4gLqECiNmwr9Iwn4ZUNkn5J6Z/g=)
2: RyM0TaDcy3MATcF4kZgnomIhcSc.roa (hash: u1hwu96g0Ti3Leptf/8mOz/le6P/VB383vy/UE8/YqQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:78:9f:0e:88:e8:af:ea:81:48:ab:19:89:91:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059f516802c261309a61048772e6eafd5867a990
Validity
Not Before: Oct 19 15:01:33 2025 GMT
Not After : Oct 20 15:01:33 2025 GMT
Subject: CN=cb40b0ce765373c24b63c03c67823e778831799d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b9:5d:c9:01:09:58:df:4c:7b:ee:d5:a9:66:
a3:85:4f:35:10:01:00:1a:54:b2:19:27:b1:d7:7f:
9b:20:e5:63:66:c8:d1:bf:55:75:d4:83:f7:5c:e8:
ec:55:6e:ba:a2:be:fe:25:10:74:16:d5:52:59:b1:
84:86:26:bc:c7:c9:c2:4e:c7:79:0f:1f:b7:1b:7a:
58:68:19:00:11:8b:36:a4:13:32:65:99:2a:1b:d8:
4d:23:04:6c:f3:8d:8d:fd:09:3a:ef:18:9d:7e:f3:
a4:b0:a6:73:eb:b3:a2:5d:28:a9:ee:45:d4:32:0c:
f0:62:d3:87:7d:e0:6c:dc:3d:70:85:e1:20:2d:fc:
a8:f1:32:db:fa:1e:80:fe:d6:ee:4e:43:e2:ac:f1:
83:b6:37:62:30:46:4c:cb:1f:e8:73:b3:d8:e9:e1:
11:d5:b3:c7:47:5c:3c:77:7a:7e:a0:dc:96:84:8d:
90:5d:9b:fc:3c:b1:07:32:2e:2e:3e:29:22:26:f0:
11:fd:62:24:ee:e6:b9:4d:4e:18:25:85:f9:0c:bc:
24:73:17:93:a3:e1:13:5a:89:0a:7b:ab:26:86:dc:
e6:69:01:1d:66:40:c9:59:a0:0a:49:ea:35:e3:fa:
9e:7f:dd:b3:4f:af:1c:b7:c0:0f:81:84:2a:d4:32:
dd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:40:B0:CE:76:53:73:C2:4B:63:C0:3C:67:82:3E:77:88:31:79:9D
X509v3 Authority Key Identifier:
keyid:05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:f2:a0:35:f3:fc:d7:e7:31:c4:25:ae:e7:07:46:43:d4:f0:
37:f4:cf:5e:64:35:fc:cc:8e:60:70:b9:85:aa:07:2d:f4:59:
db:96:de:f1:d6:e5:30:04:6c:96:7e:7e:85:5a:16:ed:87:5c:
f4:2c:3c:d4:e3:21:05:4d:f4:1a:98:5f:8b:ec:e1:30:49:0d:
d6:74:91:74:7c:0c:e9:55:19:38:70:ba:e0:d8:2a:97:12:f1:
d3:98:03:11:80:1c:78:36:d3:33:7b:14:91:4a:a8:52:d7:cf:
85:86:47:64:db:14:1e:b8:9c:67:5b:fc:44:6a:d8:3a:be:76:
d5:e9:fe:69:48:2f:a9:1e:31:de:51:a7:0b:52:c7:9d:36:0d:
e2:92:04:10:66:6e:3c:1f:8f:cb:b0:2a:95:44:75:14:85:fb:
b8:df:2a:e6:7d:27:4e:0a:d7:27:26:68:2e:13:65:d0:21:a8:
3c:78:14:6c:f0:72:f5:66:ea:0c:1f:78:dd:2e:10:6c:2f:f5:
ce:00:42:78:0a:a4:96:02:27:b6:fb:cc:ca:1d:bb:00:8b:bf:
43:da:9f:3c:d7:74:c2:2c:0c:0d:54:1d:56:34:68:a8:25:de:
b9:be:18:8a:04:43:d7:32:b2:3b:bd:59:58:e4:4f:22:52:d0:
d1:71:8a:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/XifDojor+qBSKsZiZHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWY1MTY4MDJjMjYxMzA5YTYxMDQ4NzcyZTZlYWZkNTg2
N2E5OTAwHhcNMjUxMDE5MTUwMTMzWhcNMjUxMDIwMTUwMTMzWjAzMTEwLwYDVQQD
EyhjYjQwYjBjZTc2NTM3M2MyNGI2M2MwM2M2NzgyM2U3Nzg4MzE3OTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobldyQEJWN9Me+7VqWajhU81EAEA
GlSyGSex13+bIOVjZsjRv1V11IP3XOjsVW66or7+JRB0FtVSWbGEhia8x8nCTsd5
Dx+3G3pYaBkAEYs2pBMyZZkqG9hNIwRs842N/Qk67xidfvOksKZz67OiXSip7kXU
MgzwYtOHfeBs3D1wheEgLfyo8TLb+h6A/tbuTkPirPGDtjdiMEZMyx/oc7PY6eER
1bPHR1w8d3p+oNyWhI2QXZv8PLEHMi4uPikiJvAR/WIk7ua5TU4YJYX5DLwkcxeT
o+ETWokKe6smhtzmaQEdZkDJWaAKSeo14/qef92zT68ct8APgYQq1DLdwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtAsM52U3PCS2PAPGeCPneIMXmdMB8GA1UdIwQY
MBaAFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUt
OTUxYjE5ODU2NzFjLzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUtOTUxYjE5ODU2NzFj
LzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfKgNfP8
1+cxxCWu5wdGQ9TwN/TPXmQ1/MyOYHC5haoHLfRZ25be8dblMARsln5+hVoW7Ydc
9Cw81OMhBU30Gphfi+zhMEkN1nSRdHwM6VUZOHC64NgqlxLx05gDEYAceDbTM3sU
kUqoUtfPhYZHZNsUHricZ1v8RGrYOr521en+aUgvqR4x3lGnC1LHnTYN4pIEEGZu
PB+Py7AqlUR1FIX7uN8q5n0nTgrXJyZoLhNl0CGoPHgUbPBy9WbqDB943S4QbC/1
zgBCeAqklgIntvvMyh27AIu/Q9qfPNd0wiwMDVQdVjRoqCXeub4YigRD1zKyO71Z
WORPIlLQ0XGKUA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:43:41 2025 by rpki-client