Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.mft
File: BFYL6jkur2kgircF70Bc94aEF2s.mft (raw, json)
Hash identifier: uIKjvwXN2HFnPVoh+fieCQE5R59zbi8qxSJDgYheoiY=
Subject key identifier: BA:01:3F:8D:28:E2:48:14:62:86:74:0D:1A:8F:9D:59:B5:71:9C:5A
Authority key identifier: 04:56:0B:EA:39:2E:AF:69:20:8A:B7:05:EF:40:5C:F7:86:84:17:6B
Certificate issuer: /CN=04560bea392eaf69208ab705ef405cf78684176b
Certificate serial: 0197B70F0B62E914EAA24FC3D947B323ECF7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.mft
Manifest number: 15BA
Signing time: Sat 28 Jun 2025 15:01:45 +0000
Manifest this update: Sat 28 Jun 2025 15:01:45 +0000
Manifest next update: Sun 29 Jun 2025 15:01:45 +0000
Files and hashes: 1: 8kdm1ZAPNcZedXP01TafIjBXKRs.roa (hash: itb59cI824fq1EKKCsVfc6XjwoFA0+TxsZlQLnTiMW4=)
2: BFYL6jkur2kgircF70Bc94aEF2s.crl (hash: Bdp5K4qqFH7mYNTV8/+mHOJgFxzjRPplW1+dGhwUSxc=)
3: NyItizXaNDYcIoRvpNc_5Mkg2Qg.roa (hash: 6BsyUuSqs5SSPqJlfjsNi68lsr8Mj9jzzqX6MyZpWe0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0f:0b:62:e9:14:ea:a2:4f:c3:d9:47:b3:23:ec:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04560bea392eaf69208ab705ef405cf78684176b
Validity
Not Before: Jun 28 15:01:45 2025 GMT
Not After : Jun 29 15:01:45 2025 GMT
Subject: CN=ba013f8d28e248146286740d1a8f9d59b5719c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:d7:c5:0a:39:af:bc:e2:59:c9:2d:42:be:
49:c2:6b:31:c0:ca:00:33:72:a4:c1:c1:be:a3:d2:
3d:40:57:30:0f:b8:c7:48:c1:a2:f1:6d:41:e1:e1:
b1:00:ab:38:7a:d1:29:12:8b:2a:51:6d:6f:dc:d0:
47:34:72:da:73:96:0b:04:62:34:36:40:81:2d:9a:
bb:34:e1:c6:8f:7c:c9:93:f0:55:74:db:b3:ae:54:
16:c5:d3:2d:d6:54:ca:be:b3:da:0c:c7:ea:5b:0d:
d0:2b:ca:35:07:ab:90:91:42:6e:06:a8:a8:6f:33:
e1:e6:22:8c:11:75:0a:f7:a6:72:9f:53:c9:17:70:
0e:8f:7d:36:19:a2:00:f4:0f:12:a9:5e:11:06:8f:
f0:ff:bb:41:2d:80:c4:9e:f1:e3:97:7f:04:f2:1d:
9d:5f:d1:ac:9e:69:e6:2a:eb:09:70:c5:bf:f7:17:
c4:c4:98:3c:0a:ac:8c:7e:9b:7a:23:b5:73:3a:ba:
b9:7f:42:60:41:da:b0:c1:35:68:01:9c:1d:5f:11:
b5:0c:97:fd:18:96:76:2b:b1:7d:4f:9d:32:e4:08:
ad:0e:84:03:75:37:26:0e:3e:8c:af:30:d1:5c:69:
58:63:7a:5d:86:b7:e5:49:9b:3d:49:04:15:87:83:
1d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:01:3F:8D:28:E2:48:14:62:86:74:0D:1A:8F:9D:59:B5:71:9C:5A
X509v3 Authority Key Identifier:
keyid:04:56:0B:EA:39:2E:AF:69:20:8A:B7:05:EF:40:5C:F7:86:84:17:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:38:2e:0a:86:57:02:7b:66:5d:b2:ed:88:ac:f7:d4:0e:e2:
95:8f:80:30:41:49:9c:63:c5:d5:a1:9c:61:5b:e6:db:14:73:
72:33:74:57:21:28:5a:83:26:82:86:6c:76:c6:d0:b5:cf:67:
3a:69:a8:f0:8c:ab:ac:5e:76:75:74:41:84:a9:79:84:d8:17:
53:95:00:d5:0f:90:5e:9e:b3:bc:af:59:e0:b5:1f:12:e4:b6:
94:b3:1a:ba:d2:b2:93:af:b0:d2:9a:d2:dc:bb:dc:7f:b4:37:
22:f6:c6:fe:b0:f9:9a:1f:3f:0f:be:29:e6:e2:bf:89:ff:d1:
7a:17:be:84:64:a3:63:04:e2:ae:a5:a4:02:10:c0:ee:dd:ac:
2c:bb:4d:79:0e:43:b5:20:81:6b:1d:be:7e:54:7a:4c:79:6a:
c2:0d:c7:3d:61:47:fe:cc:ec:48:e4:1e:5d:45:a1:dc:c5:f6:
0f:f2:4c:7e:dc:20:25:57:96:d4:07:e1:36:1f:8d:59:e4:3d:
b4:ce:bb:5d:d2:e3:64:d6:8c:6f:ba:e2:40:a6:23:e4:af:cb:
f1:63:14:a9:83:48:de:7d:1f:a0:57:4c:7f:6e:85:9c:89:ca:
e3:64:21:e5:bf:68:75:53:76:39:37:e8:a9:ef:34:b3:53:98:
01:9b:7e:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dwti6RTqok/D2UezI+z3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NTYwYmVhMzkyZWFmNjkyMDhhYjcwNWVmNDA1Y2Y3ODY4
NDE3NmIwHhcNMjUwNjI4MTUwMTQ1WhcNMjUwNjI5MTUwMTQ1WjAzMTEwLwYDVQQD
EyhiYTAxM2Y4ZDI4ZTI0ODE0NjI4Njc0MGQxYThmOWQ1OWI1NzE5YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQHXxQo5r7ziWcktQr5JwmsxwMoA
M3KkwcG+o9I9QFcwD7jHSMGi8W1B4eGxAKs4etEpEosqUW1v3NBHNHLac5YLBGI0
NkCBLZq7NOHGj3zJk/BVdNuzrlQWxdMt1lTKvrPaDMfqWw3QK8o1B6uQkUJuBqio
bzPh5iKMEXUK96Zyn1PJF3AOj302GaIA9A8SqV4RBo/w/7tBLYDEnvHjl38E8h2d
X9GsnmnmKusJcMW/9xfExJg8CqyMfpt6I7VzOrq5f0JgQdqwwTVoAZwdXxG1DJf9
GJZ2K7F9T50y5AitDoQDdTcmDj6MrzDRXGlYY3pdhrflSZs9SQQVh4MduwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoBP40o4kgUYoZ0DRqPnVm1cZxaMB8GA1UdIwQY
MBaAFARWC+o5Lq9pIIq3Be9AXPeGhBdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkZZTDZqa3VyMmtnaXJjRjcwQmM5NGFFRjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9jZTRhNGUtYjFhMy00NWY0LWEyN2Mt
ZTFhY2EwMTA2MmZmLzEvQkZZTDZqa3VyMmtnaXJjRjcwQmM5NGFFRjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9jZTRhNGUtYjFhMy00NWY0LWEyN2MtZTFhY2EwMTA2MmZm
LzEvQkZZTDZqa3VyMmtnaXJjRjcwQmM5NGFFRjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlzguCoZX
AntmXbLtiKz31A7ilY+AMEFJnGPF1aGcYVvm2xRzcjN0VyEoWoMmgoZsdsbQtc9n
Ommo8IyrrF52dXRBhKl5hNgXU5UA1Q+QXp6zvK9Z4LUfEuS2lLMautKyk6+w0prS
3Lvcf7Q3IvbG/rD5mh8/D74p5uK/if/Rehe+hGSjYwTirqWkAhDA7t2sLLtNeQ5D
tSCBax2+flR6THlqwg3HPWFH/szsSOQeXUWh3MX2D/JMftwgJVeW1AfhNh+NWeQ9
tM67XdLjZNaMb7riQKYj5K/L8WMUqYNI3n0foFdMf26FnInK42Qh5b9odVN2OTfo
qe80s1OYAZt+gg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:06:39 2025 by rpki-client