
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.mft
File: BSAFu2w9aGW4nBDzOwuZS3Svljs.mft (raw, json)
Hash identifier: yQA9X+Kf6DoDvwTv51ayY9axhizhm7DZcKccvu8XQmo=
Subject key identifier: 9E:9C:D3:6C:92:CF:04:21:2D:61:C7:4A:72:DD:56:17:C7:28:42:83
Authority key identifier: 05:20:05:BB:6C:3D:68:65:B8:9C:10:F3:3B:0B:99:4B:74:AF:96:3B
Certificate issuer: /CN=052005bb6c3d6865b89c10f33b0b994b74af963b
Certificate serial: 019A03A4184522E11FE084573398DAD59D09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSAFu2w9aGW4nBDzOwuZS3Svljs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.mft
Manifest number: 16E8
Signing time: Mon 20 Oct 2025 22:01:16 +0000
Manifest this update: Mon 20 Oct 2025 22:01:16 +0000
Manifest next update: Tue 21 Oct 2025 22:01:16 +0000
Files and hashes: 1: BSAFu2w9aGW4nBDzOwuZS3Svljs.crl (hash: WF3UolpzdfT6Ac9j/sL/rrpJ9IO7AUiAoaPBMhbumbE=)
2: ir1RS50i8n6-S2GFn7ZgzEJxgqk.roa (hash: c+oT6rdCWtyUihO7r4CT9JSZ34sdZ4eqqblxSm+cQz4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.mft
rsync://rpki.ripe.net/repository/DEFAULT/BSAFu2w9aGW4nBDzOwuZS3Svljs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:a4:18:45:22:e1:1f:e0:84:57:33:98:da:d5:9d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=052005bb6c3d6865b89c10f33b0b994b74af963b
Validity
Not Before: Oct 20 22:01:16 2025 GMT
Not After : Oct 21 22:01:16 2025 GMT
Subject: CN=9e9cd36c92cf04212d61c74a72dd5617c7284283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b7:05:01:c3:aa:ed:67:9f:c4:81:1c:8e:da:
26:16:4b:29:55:81:6e:a7:84:51:a8:04:8b:3d:c2:
cb:d2:94:13:5e:c1:14:87:2c:dd:25:6a:de:0f:47:
63:3e:52:ac:35:1b:96:3c:54:45:86:dc:5f:c5:a5:
30:c5:65:bd:12:fe:1c:a1:0b:2a:dc:f0:46:05:b8:
03:f4:a3:ab:00:91:60:e0:13:79:cc:71:05:71:9d:
9b:81:97:56:55:d8:59:b8:98:4c:39:91:a1:9a:68:
d3:99:cf:70:fc:ac:b0:5b:65:fe:76:3a:f6:97:96:
39:6a:53:c5:3a:a6:fb:a9:3b:6a:85:55:bd:2b:75:
a8:6e:5e:20:dc:10:63:5e:1c:08:7a:a2:70:32:a9:
78:69:df:89:ab:40:ee:e1:d9:bf:28:c3:db:35:5a:
87:1a:37:f6:79:f8:51:d1:22:ec:cc:49:31:a6:56:
ea:e0:c7:d7:69:72:d7:90:44:fe:82:4c:83:66:a5:
a9:65:ea:65:6d:4a:7d:7d:a7:75:aa:8e:84:7a:1b:
b7:d5:68:4f:0f:bd:63:d9:34:77:e2:08:86:76:19:
e4:9c:6c:5e:60:8d:d7:8d:ea:99:fa:ae:29:4a:8b:
2e:0d:54:c3:23:46:45:24:55:0b:ee:2a:3d:85:60:
10:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9C:D3:6C:92:CF:04:21:2D:61:C7:4A:72:DD:56:17:C7:28:42:83
X509v3 Authority Key Identifier:
keyid:05:20:05:BB:6C:3D:68:65:B8:9C:10:F3:3B:0B:99:4B:74:AF:96:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSAFu2w9aGW4nBDzOwuZS3Svljs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:fb:83:76:d9:df:f3:f1:0a:b8:ce:ea:23:18:c8:61:4a:b7:
5c:3b:35:81:89:25:7a:03:78:3d:80:5f:3b:45:0a:bb:93:75:
c3:ba:e2:c3:06:46:71:40:34:78:07:b1:29:85:c2:70:15:12:
09:52:83:00:94:59:43:c7:cb:d5:40:81:19:56:9d:87:f8:e1:
5f:7b:51:d4:fd:00:7f:03:0e:3b:81:c8:91:35:b3:5b:33:65:
43:0d:d0:7d:0e:e5:65:06:fb:11:28:4f:be:13:eb:09:ff:7d:
f4:7e:9e:f0:78:0a:80:db:8d:92:57:08:a3:91:34:10:1f:20:
f8:ea:18:67:95:3e:7b:01:f0:b8:89:a5:71:b8:ef:dd:55:d0:
f7:99:70:a4:6c:e1:e9:85:00:f1:f6:39:d6:ef:a6:fb:0d:bd:
4a:02:03:fd:6a:05:e8:fb:5f:9e:54:8d:93:d7:95:d6:8e:56:
1d:6b:af:bc:e8:6f:62:55:e9:7c:ed:25:b7:2d:4c:c0:16:38:
f8:48:89:73:c4:ea:fd:f9:84:f8:af:83:0e:dc:27:1f:e8:35:
d2:a8:71:27:3f:78:38:a2:6c:21:ff:fa:67:f5:e5:f0:f2:d7:
97:fa:04:0a:30:f6:37:60:dc:0c:8c:e3:29:e1:28:7e:b1:51:
14:5a:f5:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDpBhFIuEf4IRXM5ja1Z0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjAwNWJiNmMzZDY4NjViODljMTBmMzNiMGI5OTRiNzRh
Zjk2M2IwHhcNMjUxMDIwMjIwMTE2WhcNMjUxMDIxMjIwMTE2WjAzMTEwLwYDVQQD
Eyg5ZTljZDM2YzkyY2YwNDIxMmQ2MWM3NGE3MmRkNTYxN2M3Mjg0MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rcFAcOq7WefxIEcjtomFkspVYFu
p4RRqASLPcLL0pQTXsEUhyzdJWreD0djPlKsNRuWPFRFhtxfxaUwxWW9Ev4coQsq
3PBGBbgD9KOrAJFg4BN5zHEFcZ2bgZdWVdhZuJhMOZGhmmjTmc9w/KywW2X+djr2
l5Y5alPFOqb7qTtqhVW9K3Wobl4g3BBjXhwIeqJwMql4ad+Jq0Du4dm/KMPbNVqH
Gjf2efhR0SLszEkxplbq4MfXaXLXkET+gkyDZqWpZeplbUp9fad1qo6Eehu31WhP
D71j2TR34giGdhnknGxeYI3XjeqZ+q4pSosuDVTDI0ZFJFUL7io9hWAQJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6c02ySzwQhLWHHSnLdVhfHKEKDMB8GA1UdIwQY
MBaAFAUgBbtsPWhluJwQ8zsLmUt0r5Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNBRnUydzlhR1c0bkJEek93dVpTM1N2bGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84M2ViMDktM2ExNC00NTViLTg4OTUt
YmEwYTc2ZjQzNzA0LzEvQlNBRnUydzlhR1c0bkJEek93dVpTM1N2bGpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84M2ViMDktM2ExNC00NTViLTg4OTUtYmEwYTc2ZjQzNzA0
LzEvQlNBRnUydzlhR1c0bkJEek93dVpTM1N2bGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG/uDdtnf
8/EKuM7qIxjIYUq3XDs1gYklegN4PYBfO0UKu5N1w7riwwZGcUA0eAexKYXCcBUS
CVKDAJRZQ8fL1UCBGVadh/jhX3tR1P0AfwMOO4HIkTWzWzNlQw3QfQ7lZQb7EShP
vhPrCf999H6e8HgKgNuNklcIo5E0EB8g+OoYZ5U+ewHwuImlcbjv3VXQ95lwpGzh
6YUA8fY51u+m+w29SgID/WoF6PtfnlSNk9eV1o5WHWuvvOhvYlXpfO0lty1MwBY4
+EiJc8Tq/fmE+K+DDtwnH+g10qhxJz94OKJsIf/6Z/Xl8PLXl/oECjD2N2DcDIzj
KeEofrFRFFr1OQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:31:20 2025 by rpki-client