Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: LeijjNTkZRdhlSAgnaEsbTs/9SfAUOYbHWHhvet/5yk=
Subject key identifier: 16:A7:47:09:CA:B7:59:55:C8:3C:CE:27:FA:FD:F7:F5:73:4D:37:B5
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 019D28F3128C8C57D2F09A246EACA0FC5C82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 1885
Signing time: Thu 26 Mar 2026 07:01:51 +0000
Manifest this update: Thu 26 Mar 2026 07:01:51 +0000
Manifest next update: Fri 27 Mar 2026 07:01:51 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: FEdhqCuiZoHxeNYe2pmpv0udDkQXtelXsAt0DLOgdfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f3:12:8c:8c:57:d2:f0:9a:24:6e:ac:a0:fc:5c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: Mar 26 07:01:51 2026 GMT
Not After : Mar 27 07:01:51 2026 GMT
Subject: CN=16a74709cab75955c83cce27fafdf7f5734d37b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d0:76:da:cc:48:cf:e8:8f:8e:af:09:3c:45:
d2:fd:04:00:3c:3a:bc:79:18:38:78:5f:3a:b9:46:
e4:0f:97:20:3d:ee:09:8f:63:55:90:6f:01:3c:86:
d2:a4:4c:e4:7c:5d:82:83:48:6c:11:23:47:fb:5f:
17:c0:e6:40:d1:92:bf:51:b0:7a:ca:83:d1:73:e4:
0d:91:f6:4a:16:22:4c:4a:f0:54:df:3e:d2:e0:b7:
91:6a:a4:22:40:81:54:67:93:1b:50:db:67:b4:23:
9d:84:b1:3f:34:9f:f1:81:e5:d6:b5:62:8e:ef:f2:
5f:be:11:e7:16:54:1c:d3:03:f9:cc:83:ea:00:7e:
03:c6:7d:80:6e:1f:a7:bb:f9:60:16:64:e9:19:c3:
eb:ca:72:ae:39:52:f2:4f:f3:f8:13:e7:cc:4d:32:
1f:9a:c8:cf:51:42:8f:4d:c9:87:8c:1f:b1:9d:6a:
5c:f8:38:b2:c2:98:a3:a0:d1:fb:7f:ee:42:8f:11:
a1:15:33:f2:a0:60:38:b9:a8:6d:45:95:57:b4:c3:
28:4c:d4:5d:b7:c3:55:16:08:d9:90:e2:9f:61:da:
30:4a:70:52:6a:95:a8:4f:ed:b4:fc:57:ba:85:d6:
35:8f:6d:3a:03:d6:18:b4:99:5d:b3:17:68:dc:16:
6d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A7:47:09:CA:B7:59:55:C8:3C:CE:27:FA:FD:F7:F5:73:4D:37:B5
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:67:fe:cc:74:59:a6:58:b7:de:5b:41:0f:a1:32:f6:19:93:
47:21:2c:a6:e9:49:51:19:db:6a:c9:d3:36:d4:bb:9e:3e:64:
a0:e1:03:2b:07:fc:90:2e:f0:0e:81:45:40:8c:b4:c7:a1:aa:
9f:72:13:ba:5a:70:59:ff:94:f3:7b:13:e8:11:db:53:02:bc:
3e:10:45:ad:1a:28:98:e0:72:73:b4:d7:0e:14:d5:63:00:da:
71:f2:ee:c8:36:44:c2:19:16:1b:ca:56:45:72:71:77:98:5c:
eb:ed:76:cf:d7:09:0a:21:be:7f:f2:dc:85:7f:8b:7c:a5:d7:
79:78:94:70:6d:d9:8e:38:fa:0b:6c:01:31:a2:30:9b:87:63:
46:d2:1a:2b:7f:69:4c:20:ba:24:b4:19:bb:f0:74:55:69:4b:
38:b7:e3:e0:13:3a:2d:b7:2b:ec:b3:0e:aa:b0:af:61:f8:c6:
44:fa:ff:08:a9:d3:f4:c7:c0:5f:88:ee:64:e9:69:9e:1c:87:
7d:ac:72:0d:9f:4c:63:b3:e9:c7:54:04:fc:1c:41:cb:7c:64:
b9:d6:6b:4b:f7:6f:0c:aa:74:03:67:53:83:c9:8a:b2:c0:3a:
41:aa:3a:7a:ad:71:ee:f3:b3:1a:98:c8:95:7e:18:93:61:e4:
f6:05:bc:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8xKMjFfS8Jokbqyg/FyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjYwMzI2MDcwMTUxWhcNMjYwMzI3MDcwMTUxWjAzMTEwLwYDVQQD
EygxNmE3NDcwOWNhYjc1OTU1YzgzY2NlMjdmYWZkZjdmNTczNGQzN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNB22sxIz+iPjq8JPEXS/QQAPDq8
eRg4eF86uUbkD5cgPe4Jj2NVkG8BPIbSpEzkfF2Cg0hsESNH+18XwOZA0ZK/UbB6
yoPRc+QNkfZKFiJMSvBU3z7S4LeRaqQiQIFUZ5MbUNtntCOdhLE/NJ/xgeXWtWKO
7/JfvhHnFlQc0wP5zIPqAH4Dxn2Abh+nu/lgFmTpGcPrynKuOVLyT/P4E+fMTTIf
msjPUUKPTcmHjB+xnWpc+DiywpijoNH7f+5CjxGhFTPyoGA4uahtRZVXtMMoTNRd
t8NVFgjZkOKfYdowSnBSapWoT+20/Fe6hdY1j206A9YYtJldsxdo3BZtWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBanRwnKt1lVyDzOJ/r99/VzTTe1MB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmf+zHRZ
pli33ltBD6Ey9hmTRyEspulJURnbasnTNtS7nj5koOEDKwf8kC7wDoFFQIy0x6Gq
n3ITulpwWf+U83sT6BHbUwK8PhBFrRoomOByc7TXDhTVYwDacfLuyDZEwhkWG8pW
RXJxd5hc6+12z9cJCiG+f/LchX+LfKXXeXiUcG3Zjjj6C2wBMaIwm4djRtIaK39p
TCC6JLQZu/B0VWlLOLfj4BM6Lbcr7LMOqrCvYfjGRPr/CKnT9MfAX4juZOlpnhyH
faxyDZ9MY7Ppx1QE/BxBy3xkudZrS/dvDKp0A2dTg8mKssA6Qao6eq1x7vOzGpjI
lX4Yk2Hk9gW8Tw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:52:24 2026 by rpki-client