Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json)
Hash identifier: TZcrGD2RTqeA3ujXAdC6qbB5Ti1bli/cOZCSgOPlUJM=
Subject key identifier: 23:D7:14:4F:F3:2D:37:D4:45:88:B3:19:73:38:FE:8D:20:A1:66:24
Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f
Certificate serial: 019D265F41279F283DC942B9EFDCED252E6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
Manifest number: 1819
Signing time: Wed 25 Mar 2026 19:01:09 +0000
Manifest this update: Wed 25 Mar 2026 19:01:09 +0000
Manifest next update: Thu 26 Mar 2026 19:01:09 +0000
Files and hashes: 1: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: tvy8y1gDu/U4DCOsoiagaOUY1T+9Sietk6xwL6fPRc8=)
2: q4MMxbvpWnkqIJJ1G1vh9k5IaD0.roa (hash: atJClVpeASPtSX6kEGrHIIjj/e8dWQQKfuBLHQmvtvQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:41:27:9f:28:3d:c9:42:b9:ef:dc:ed:25:2e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f
Validity
Not Before: Mar 25 19:01:09 2026 GMT
Not After : Mar 26 19:01:09 2026 GMT
Subject: CN=23d7144ff32d37d44588b3197338fe8d20a16624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ea:aa:99:b1:8a:06:c0:e4:8f:9b:16:a9:d5:
96:af:80:7a:93:49:2a:e6:af:eb:51:4d:aa:2b:d5:
b2:42:03:b0:39:8c:55:aa:6b:88:f1:b6:6a:c5:21:
10:f7:d1:da:49:68:3c:e2:a7:84:f9:d3:bc:56:75:
b9:b7:b3:94:6b:99:98:60:cb:9c:c4:0d:d7:e5:f1:
ce:31:e9:d1:df:25:f2:a6:e5:92:71:0b:37:03:0b:
02:59:bf:44:49:2f:e4:5f:eb:e7:59:5c:8b:16:37:
cb:52:4c:06:41:03:71:7c:0f:9f:4e:2a:2f:dd:63:
ef:99:f8:91:12:c7:4f:ba:09:05:b1:2d:19:90:6b:
33:9a:c1:b3:b8:48:f7:13:24:fd:c0:e8:0c:fb:0f:
c6:4d:1a:66:fe:b8:6f:2f:b3:47:2e:6a:4c:91:b1:
5e:69:9f:11:f4:b6:73:5f:6f:31:cf:dc:3f:a7:e5:
7d:65:2c:fa:de:0f:3b:ef:ae:5a:c5:20:89:3b:09:
af:ac:31:ad:9e:11:ae:c3:29:3b:42:fd:b3:15:b3:
d5:ba:92:70:0e:8d:d0:72:d0:9b:c9:b4:01:8b:de:
46:e3:09:75:0d:79:cc:10:f1:50:26:4a:29:b8:62:
1d:ff:57:4a:a1:41:9e:42:4c:e7:25:de:6f:2b:8f:
9f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D7:14:4F:F3:2D:37:D4:45:88:B3:19:73:38:FE:8D:20:A1:66:24
X509v3 Authority Key Identifier:
keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:0a:9c:c0:c4:e7:87:e4:0a:d1:01:a1:46:ed:84:e6:57:09:
f1:0e:5c:e8:6c:20:97:cb:b6:6a:53:72:0e:04:4f:dc:37:9a:
10:9f:7e:07:db:71:d6:5e:2a:84:bc:c0:bf:26:7f:c7:44:1d:
6f:83:3a:27:ae:d2:f5:e9:4d:45:10:6e:7b:a7:a4:ee:bf:f4:
ec:20:87:35:b6:10:77:ad:25:3f:da:7b:df:5a:a8:a1:e9:1d:
2f:7c:c7:c5:c0:d7:09:1b:9f:89:41:53:32:33:8f:5b:22:06:
ed:e8:7c:1a:6e:80:40:75:7b:00:bf:9b:57:4f:b7:10:71:fe:
85:84:41:85:79:ac:40:bc:b6:36:d2:ac:ed:b0:90:b6:e8:d6:
04:dd:76:cd:ac:27:a9:63:9a:ba:c9:0d:73:bc:05:09:54:23:
89:44:8f:0d:2e:79:a3:b8:28:13:c5:be:ce:e5:4f:d7:9c:b7:
5c:c8:74:ba:4f:0f:2c:fd:28:fb:2b:e9:55:86:8f:4a:dc:f7:
c8:89:74:21:f6:78:9b:bd:bb:09:58:be:0b:9c:3b:37:fa:29:
ff:fd:71:3c:b3:32:6c:f7:45:ad:02:dc:81:6d:20:d4:b5:96:
39:35:7b:4a:ea:79:e4:00:f5:b5:fc:a5:f1:e8:08:b5:df:48:
8f:1e:1b:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX0Ennyg9yUK579ztJS5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz
ODEyNGYwHhcNMjYwMzI1MTkwMTA5WhcNMjYwMzI2MTkwMTA5WjAzMTEwLwYDVQQD
EygyM2Q3MTQ0ZmYzMmQzN2Q0NDU4OGIzMTk3MzM4ZmU4ZDIwYTE2NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+qqmbGKBsDkj5sWqdWWr4B6k0kq
5q/rUU2qK9WyQgOwOYxVqmuI8bZqxSEQ99HaSWg84qeE+dO8VnW5t7OUa5mYYMuc
xA3X5fHOMenR3yXypuWScQs3AwsCWb9ESS/kX+vnWVyLFjfLUkwGQQNxfA+fTiov
3WPvmfiREsdPugkFsS0ZkGszmsGzuEj3EyT9wOgM+w/GTRpm/rhvL7NHLmpMkbFe
aZ8R9LZzX28xz9w/p+V9ZSz63g87765axSCJOwmvrDGtnhGuwyk7Qv2zFbPVupJw
Do3QctCbybQBi95G4wl1DXnMEPFQJkopuGId/1dKoUGeQkznJd5vK4+fTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPXFE/zLTfURYizGXM4/o0goWYkMB8GA1UdIwQY
MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt
ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj
LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFwqcwMTn
h+QK0QGhRu2E5lcJ8Q5c6Gwgl8u2alNyDgRP3DeaEJ9+B9tx1l4qhLzAvyZ/x0Qd
b4M6J67S9elNRRBue6ek7r/07CCHNbYQd60lP9p731qooekdL3zHxcDXCRufiUFT
MjOPWyIG7eh8Gm6AQHV7AL+bV0+3EHH+hYRBhXmsQLy2NtKs7bCQtujWBN12zawn
qWOauskNc7wFCVQjiUSPDS55o7goE8W+zuVP15y3XMh0uk8PLP0o+yvpVYaPStz3
yIl0IfZ4m727CVi+C5w7N/op//1xPLMybPdFrQLcgW0g1LWWOTV7Sup55AD1tfyl
8egItd9Ijx4boA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:27:46 2026 by rpki-client