Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
File: BfWa7cKCluKRck95N954jichZAg.mft (raw, json)
Hash identifier: UofPQpk4leyCw0LOUF+2Ul7Uw+Biea26WYuEs+cgR3E=
Subject key identifier: AA:B4:89:9C:A8:62:C3:CC:1F:4C:09:60:A6:75:2D:92:4F:CA:7D:BB
Authority key identifier: 05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
Certificate issuer: /CN=05f59aedc28296e291724f7937de788e27216408
Certificate serial: 019D29CEC6ABC35D7917B953E5A225B308B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
Manifest number: 17A5
Signing time: Thu 26 Mar 2026 11:01:50 +0000
Manifest this update: Thu 26 Mar 2026 11:01:50 +0000
Manifest next update: Fri 27 Mar 2026 11:01:50 +0000
Files and hashes: 1: 6NLwB5WjlcBTVRx7lvLg-PZn5HQ.roa (hash: dWeJDKFFNOPJVpAu+kJb2B3xAofZRJV/6yg2uCUW2mY=)
2: BfWa7cKCluKRck95N954jichZAg.crl (hash: 562TpQlKpv4PSnqLODCnMdsoRIg/y7lHz//N8QFOOSE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:c6:ab:c3:5d:79:17:b9:53:e5:a2:25:b3:08:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f59aedc28296e291724f7937de788e27216408
Validity
Not Before: Mar 26 11:01:50 2026 GMT
Not After : Mar 27 11:01:50 2026 GMT
Subject: CN=aab4899ca862c3cc1f4c0960a6752d924fca7dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4d:d6:c4:4e:dc:5c:e2:6a:f7:fe:c0:a6:38:
37:7f:22:37:11:f8:78:0b:fa:4d:91:f9:58:6a:b2:
c2:af:87:db:06:f0:ea:c6:7a:63:86:f3:8b:bb:12:
14:ee:a6:92:bf:66:ce:7f:b3:ef:8f:7d:2d:48:23:
48:b7:70:5d:98:4d:e3:05:4f:85:0a:c7:bd:95:36:
ad:23:3f:8c:69:6a:f0:37:a4:f8:b6:05:78:65:42:
23:c3:0f:e6:b3:fa:6b:38:d8:c0:f6:d1:6d:31:e7:
e5:fc:51:de:28:fb:f1:40:9a:51:11:6f:97:4b:bc:
63:24:b6:80:eb:b4:86:fe:3e:fc:50:4b:97:5b:00:
f3:4f:85:60:01:1d:11:e9:cd:60:79:68:0e:69:61:
9b:53:cf:77:c7:83:a4:ec:a1:19:7a:64:43:91:84:
32:61:16:bd:d5:b6:e8:f3:96:a5:0e:6b:8c:6d:64:
ed:30:43:27:a9:ec:f1:26:3b:6d:d1:be:50:74:a8:
0e:ea:21:3e:33:b8:8b:e6:99:51:ac:48:d3:e8:db:
cb:33:6d:4c:26:01:af:55:a6:ee:a0:53:39:a8:19:
7a:2c:ef:c3:91:f4:27:0b:26:ba:85:d3:cd:29:50:
da:55:38:88:6b:49:0b:53:48:b5:65:93:f1:2a:4f:
3d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B4:89:9C:A8:62:C3:CC:1F:4C:09:60:A6:75:2D:92:4F:CA:7D:BB
X509v3 Authority Key Identifier:
keyid:05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:da:32:b6:7f:80:11:84:37:5f:cf:05:20:5a:f4:a1:a2:99:
99:e2:84:fe:62:fd:22:e5:47:a2:42:37:45:d3:3f:7b:35:57:
9f:73:cc:3b:04:e6:1f:05:8a:f1:50:41:9d:b8:0c:48:cf:b4:
3c:8b:f1:d0:e2:b3:66:72:5f:ed:96:fb:32:13:c2:7e:e6:04:
37:0c:bc:35:ad:d2:6d:cf:5b:89:56:cd:cb:8a:02:fc:59:8d:
ad:87:10:52:23:0d:bf:ca:cf:8b:79:2d:19:73:06:9e:93:61:
ed:40:9b:d6:ac:d3:af:fb:35:df:7a:10:6d:f1:1b:ca:2f:cf:
eb:38:3f:27:e8:87:86:5c:5f:09:75:a5:41:ac:6d:b7:cb:10:
d1:15:23:1f:56:04:18:18:c9:76:9e:6c:30:a2:93:0d:14:78:
07:8a:74:b1:45:8a:09:cd:31:2a:79:06:87:5f:9b:83:74:56:
63:94:08:bf:50:ba:e6:c9:96:e5:f5:27:15:d3:85:9b:c3:0a:
bd:73:44:b8:72:c8:90:28:12:56:b5:5a:04:b7:01:10:3e:0e:
3e:a4:79:54:ef:cb:55:6c:70:44:54:bd:15:9f:ad:1e:5d:9b:
a5:ae:8e:1e:be:77:83:8c:6a:73:ca:ee:7c:2f:5e:4a:3c:1b:
52:d6:14:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzsarw115F7lT5aIlswizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjU5YWVkYzI4Mjk2ZTI5MTcyNGY3OTM3ZGU3ODhlMjcy
MTY0MDgwHhcNMjYwMzI2MTEwMTUwWhcNMjYwMzI3MTEwMTUwWjAzMTEwLwYDVQQD
EyhhYWI0ODk5Y2E4NjJjM2NjMWY0YzA5NjBhNjc1MmQ5MjRmY2E3ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp03WxE7cXOJq9/7Apjg3fyI3Efh4
C/pNkflYarLCr4fbBvDqxnpjhvOLuxIU7qaSv2bOf7Pvj30tSCNIt3BdmE3jBU+F
Cse9lTatIz+MaWrwN6T4tgV4ZUIjww/ms/prONjA9tFtMefl/FHeKPvxQJpREW+X
S7xjJLaA67SG/j78UEuXWwDzT4VgAR0R6c1geWgOaWGbU893x4Ok7KEZemRDkYQy
YRa91bbo85alDmuMbWTtMEMnqezxJjtt0b5QdKgO6iE+M7iL5plRrEjT6NvLM21M
JgGvVabuoFM5qBl6LO/DkfQnCya6hdPNKVDaVTiIa0kLU0i1ZZPxKk89xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq0iZyoYsPMH0wJYKZ1LZJPyn27MB8GA1UdIwQY
MBaAFAX1mu3CgpbikXJPeTfeeI4nIWQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2Mt
ZDY0MzY4MjA4MTMxLzEvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2MtZDY0MzY4MjA4MTMx
LzEvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS9oytn+A
EYQ3X88FIFr0oaKZmeKE/mL9IuVHokI3RdM/ezVXn3PMOwTmHwWK8VBBnbgMSM+0
PIvx0OKzZnJf7Zb7MhPCfuYENwy8Na3Sbc9biVbNy4oC/FmNrYcQUiMNv8rPi3kt
GXMGnpNh7UCb1qzTr/s133oQbfEbyi/P6zg/J+iHhlxfCXWlQaxtt8sQ0RUjH1YE
GBjJdp5sMKKTDRR4B4p0sUWKCc0xKnkGh1+bg3RWY5QIv1C65smW5fUnFdOFm8MK
vXNEuHLIkCgSVrVaBLcBED4OPqR5VO/LVWxwRFS9FZ+tHl2bpa6OHr53g4xqc8ru
fC9eSjwbUtYU4g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:40:31 2026 by rpki-client