Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json)
Hash identifier: IAAC2tHApVziGxRDTuII+pqVU3WTnakJSyCWaUXMO7Y=
Subject key identifier: 3C:D4:0E:41:F0:32:A1:4E:82:42:55:A9:58:E1:FC:32:5C:39:FB:B7
Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f
Certificate serial: 0197B7453F6205B6D229196F750FC9BED06B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
Manifest number: 1548
Signing time: Sat 28 Jun 2025 16:00:58 +0000
Manifest this update: Sat 28 Jun 2025 16:00:58 +0000
Manifest next update: Sun 29 Jun 2025 16:00:58 +0000
Files and hashes: 1: HoMgEifDpVQ65AHqBFCCx_7uMoE.roa (hash: MZgT/uxhPiKd1q/F+OrFW0KnU1po9n7PWWPZxZXmYvg=)
2: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: ci4sS/Y3zAcFssmBXnBvjNRoMODNg9hornNfBe7ftBI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:3f:62:05:b6:d2:29:19:6f:75:0f:c9:be:d0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f
Validity
Not Before: Jun 28 16:00:58 2025 GMT
Not After : Jun 29 16:00:58 2025 GMT
Subject: CN=3cd40e41f032a14e824255a958e1fc325c39fbb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:82:5b:5c:19:8f:4e:39:b1:af:e9:4b:b6:06:
c8:1c:2e:3f:2f:d1:25:44:a1:23:87:09:fd:b9:92:
13:7e:df:87:67:c4:8a:86:cf:36:8c:f1:02:a9:84:
d2:4a:df:17:08:51:22:92:a4:c6:ec:19:df:22:0a:
ac:8d:65:b7:bc:0e:82:01:04:1a:7a:1c:ea:78:9c:
a7:a7:ce:29:38:89:f1:38:70:65:49:ce:ee:27:4b:
94:b2:e2:c2:95:2f:d3:1e:61:18:e4:28:40:19:67:
29:6d:1b:89:43:ce:5a:59:b5:95:3b:6a:6c:59:a4:
c1:e5:38:54:1e:05:d8:c4:d5:3b:95:e7:e0:3f:35:
c1:9d:6b:af:6f:c0:48:09:c3:25:c5:aa:13:2d:f6:
2b:67:99:01:0c:64:da:65:b5:8c:a4:56:15:5b:0f:
c9:a6:40:32:62:ac:0e:90:2a:61:61:75:0b:ec:40:
65:24:15:bb:57:6d:6a:95:7d:21:2b:08:44:ff:67:
2d:42:e0:16:8f:9e:a8:63:40:32:10:da:cb:3e:81:
c4:25:a7:e8:f8:5f:68:ea:69:18:8a:8e:81:07:99:
b7:0c:24:f0:71:bf:4b:7a:6d:71:60:35:a9:1b:b4:
ea:44:d1:eb:bd:3b:bf:d5:29:07:7e:bf:e0:a8:2e:
be:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D4:0E:41:F0:32:A1:4E:82:42:55:A9:58:E1:FC:32:5C:39:FB:B7
X509v3 Authority Key Identifier:
keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:72:1c:e4:0b:c6:75:86:3d:fd:a4:a8:e1:c7:1d:22:1b:22:
cf:f7:12:87:eb:8e:72:3d:56:c6:49:86:2d:9e:33:54:85:36:
b9:10:ad:d2:ee:4f:a5:29:16:98:81:40:70:ba:b0:7b:a6:60:
4a:4e:41:f4:2e:24:5c:22:bf:85:22:2e:a5:5c:e7:ce:b6:54:
ee:47:be:45:52:df:ff:29:12:dd:22:62:36:ea:c9:97:3e:7d:
45:41:63:a2:4e:02:d4:91:63:f3:30:8c:2f:4a:6c:15:2e:5c:
d9:03:65:16:4f:87:1e:66:79:ef:d3:de:c6:8b:26:5e:b4:aa:
09:04:7c:62:31:e0:ad:7e:a6:81:6b:0a:ce:98:0d:4e:18:c1:
65:dd:fa:3f:ef:9e:97:39:1b:66:19:ba:a3:9a:91:af:d4:84:
24:0a:2a:95:d5:3a:95:2b:17:83:73:ec:af:69:d9:7b:70:76:
ae:a3:d5:ca:40:62:ba:fc:d5:7a:40:ca:48:2b:7d:cf:f9:40:
88:2c:ff:39:d4:b9:c2:cf:05:a7:db:d6:cd:bc:d8:ab:78:d1:
d7:85:44:c2:8e:fc:2c:69:b9:44:6f:47:b1:af:9f:27:ca:5f:
87:02:fc:cb:20:51:7f:fb:ba:9f:6b:31:b7:9c:e1:5d:d2:6d:
8a:59:b6:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RT9iBbbSKRlvdQ/JvtBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz
ODEyNGYwHhcNMjUwNjI4MTYwMDU4WhcNMjUwNjI5MTYwMDU4WjAzMTEwLwYDVQQD
EygzY2Q0MGU0MWYwMzJhMTRlODI0MjU1YTk1OGUxZmMzMjVjMzlmYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4JbXBmPTjmxr+lLtgbIHC4/L9El
RKEjhwn9uZITft+HZ8SKhs82jPECqYTSSt8XCFEikqTG7BnfIgqsjWW3vA6CAQQa
ehzqeJynp84pOInxOHBlSc7uJ0uUsuLClS/THmEY5ChAGWcpbRuJQ85aWbWVO2ps
WaTB5ThUHgXYxNU7lefgPzXBnWuvb8BICcMlxaoTLfYrZ5kBDGTaZbWMpFYVWw/J
pkAyYqwOkCphYXUL7EBlJBW7V21qlX0hKwhE/2ctQuAWj56oY0AyENrLPoHEJafo
+F9o6mkYio6BB5m3DCTwcb9Lem1xYDWpG7TqRNHrvTu/1SkHfr/gqC6+XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzUDkHwMqFOgkJVqVjh/DJcOfu3MB8GA1UdIwQY
MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt
ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj
LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUnIc5AvG
dYY9/aSo4ccdIhsiz/cSh+uOcj1WxkmGLZ4zVIU2uRCt0u5PpSkWmIFAcLqwe6Zg
Sk5B9C4kXCK/hSIupVznzrZU7ke+RVLf/ykS3SJiNurJlz59RUFjok4C1JFj8zCM
L0psFS5c2QNlFk+HHmZ579PexosmXrSqCQR8YjHgrX6mgWsKzpgNThjBZd36P++e
lzkbZhm6o5qRr9SEJAoqldU6lSsXg3Psr2nZe3B2rqPVykBiuvzVekDKSCt9z/lA
iCz/OdS5ws8Fp9vWzbzYq3jR14VEwo78LGm5RG9Hsa+fJ8pfhwL8yyBRf/u6n2sx
t5zhXdJtilm2AA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:32:52 2025 by rpki-client