Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: /ugOowj4eYB5SZuKQdMVh6FQJ2FUWcIkW7XJlC8QVU8=
Subject key identifier: 1E:01:7B:55:88:D9:42:B7:B4:6F:35:E3:B4:E3:D0:8C:98:CD:1C:40
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 0199FFC7147843E36CE0C2037F616AE8A534
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 16E2
Signing time: Mon 20 Oct 2025 04:01:00 +0000
Manifest this update: Mon 20 Oct 2025 04:01:00 +0000
Manifest next update: Tue 21 Oct 2025 04:01:00 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: IohMcxiU0LwqRRPFR4RgWUaBK2SMg0kUheK8wF1RQOI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:14:78:43:e3:6c:e0:c2:03:7f:61:6a:e8:a5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: Oct 20 04:01:00 2025 GMT
Not After : Oct 21 04:01:00 2025 GMT
Subject: CN=1e017b5588d942b7b46f35e3b4e3d08c98cd1c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fd:79:a6:f6:2d:21:27:32:7d:e5:db:78:c0:
b1:90:58:3f:24:dd:42:7f:37:f9:79:24:05:a6:8c:
6f:7b:c3:c9:9c:5e:8f:10:54:8b:52:2b:fd:38:16:
b4:36:4b:97:f6:91:fc:31:11:70:99:e6:d7:4b:92:
98:98:8e:66:e7:6e:42:d7:65:f1:c4:52:c4:29:b0:
b7:58:8b:ad:f7:a1:e9:64:e8:00:6c:db:6c:ae:73:
6e:07:60:66:6c:b5:cc:ad:3a:4b:2c:74:ec:ac:59:
25:7c:93:1c:28:3f:43:cc:4a:f8:c3:b2:ec:1c:87:
1e:27:29:4c:6a:21:3e:06:2c:a0:eb:22:ad:53:eb:
d4:b2:ff:aa:e4:51:9b:c3:d3:90:c4:80:09:0e:8e:
9f:4e:3e:0c:90:18:83:2c:44:9d:54:75:17:99:89:
bc:14:a9:72:c2:f1:c7:56:ae:64:20:b1:0a:5e:94:
22:f5:9e:74:a8:0f:fd:ae:ea:fe:ae:0b:82:9e:90:
92:41:4c:a3:15:29:7d:fa:ec:dd:ca:91:b9:84:7b:
e6:88:1f:5f:4a:19:0d:ab:05:44:1b:03:b1:18:b1:
5e:47:a8:9d:2c:91:30:4d:ce:6a:72:82:00:68:29:
e3:8d:8b:aa:68:01:e0:38:d5:97:5f:53:01:7b:2f:
51:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:01:7B:55:88:D9:42:B7:B4:6F:35:E3:B4:E3:D0:8C:98:CD:1C:40
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:5a:e4:a8:88:3c:de:62:ec:a2:f0:b1:a6:4b:53:d9:10:c2:
29:4d:de:0c:0a:27:c9:f3:2f:a9:06:19:9e:78:fe:95:c3:8d:
07:66:37:2a:7c:37:aa:3d:d1:94:0f:3b:91:c5:ac:8a:b6:26:
9e:53:24:13:7e:ce:c4:ed:6e:75:46:51:c4:93:47:c8:09:2f:
dc:11:b6:59:60:4c:0a:fa:ac:47:9c:c2:df:a9:81:d1:c5:a1:
e0:05:2d:0a:dc:1a:7e:c7:2b:00:9d:f9:2f:df:bf:07:5b:cc:
7d:18:cb:8e:8a:cb:cc:f7:8c:de:f8:9e:ed:40:95:6a:1d:9d:
85:b9:b9:55:af:65:a3:fa:a8:6c:8e:01:01:fb:30:6f:73:bb:
a4:c5:ce:21:b6:f5:88:0f:b7:23:23:7e:95:1e:d5:5a:71:d6:
47:1c:c7:3b:b2:61:35:2a:51:3e:f9:a6:78:24:47:6d:4a:d3:
24:0b:42:03:76:59:54:5e:d1:5b:41:c9:4c:b9:29:26:f7:49:
d1:23:33:b7:5e:05:d4:1f:50:20:0c:5d:b3:f6:f2:0a:5f:0f:
dc:24:0e:ca:e4:39:f2:cb:2d:f2:d3:bb:f2:ad:1a:4e:1f:3e:
3f:2f:6f:b2:f6:b9:5b:c5:d0:70:db:fc:00:a7:ca:12:93:d4:
52:2d:af:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/xxR4Q+Ns4MIDf2Fq6KU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjUxMDIwMDQwMTAwWhcNMjUxMDIxMDQwMTAwWjAzMTEwLwYDVQQD
EygxZTAxN2I1NTg4ZDk0MmI3YjQ2ZjM1ZTNiNGUzZDA4Yzk4Y2QxYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv15pvYtIScyfeXbeMCxkFg/JN1C
fzf5eSQFpoxve8PJnF6PEFSLUiv9OBa0NkuX9pH8MRFwmebXS5KYmI5m525C12Xx
xFLEKbC3WIut96HpZOgAbNtsrnNuB2BmbLXMrTpLLHTsrFklfJMcKD9DzEr4w7Ls
HIceJylMaiE+Biyg6yKtU+vUsv+q5FGbw9OQxIAJDo6fTj4MkBiDLESdVHUXmYm8
FKlywvHHVq5kILEKXpQi9Z50qA/9rur+rguCnpCSQUyjFSl9+uzdypG5hHvmiB9f
ShkNqwVEGwOxGLFeR6idLJEwTc5qcoIAaCnjjYuqaAHgONWXX1MBey9RpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4Be1WI2UK3tG8147Tj0IyYzRxAMB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVrkqIg8
3mLsovCxpktT2RDCKU3eDAonyfMvqQYZnnj+lcONB2Y3Knw3qj3RlA87kcWsirYm
nlMkE37OxO1udUZRxJNHyAkv3BG2WWBMCvqsR5zC36mB0cWh4AUtCtwafscrAJ35
L9+/B1vMfRjLjorLzPeM3vie7UCVah2dhbm5Va9lo/qobI4BAfswb3O7pMXOIbb1
iA+3IyN+lR7VWnHWRxzHO7JhNSpRPvmmeCRHbUrTJAtCA3ZZVF7RW0HJTLkpJvdJ
0SMzt14F1B9QIAxds/byCl8P3CQOyuQ58sst8tO78q0aTh8+Py9vsva5W8XQcNv8
AKfKEpPUUi2vjg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:29:00 2025 by rpki-client