Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft
File: BcW97HMY-HHVPoZkgvQXM97wlCg.mft (raw, json)
Hash identifier: cAR6i3n7Ke4CbxYS9drpch3wxHRYSeWXJflm1vx9U6s=
Subject key identifier: 8F:B8:6A:0D:5B:7E:53:3C:C2:56:39:E0:16:2D:A9:50:55:E7:59:E9
Authority key identifier: 05:C5:BD:EC:73:18:F8:71:D5:3E:86:64:82:F4:17:33:DE:F0:94:28
Certificate issuer: /CN=05c5bdec7318f871d53e866482f41733def09428
Certificate serial: 0198D65F12E1B19F5C92A4E562551581E3EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BcW97HMY-HHVPoZkgvQXM97wlCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft
Manifest number: 0DAA
Signing time: Sat 23 Aug 2025 10:00:11 +0000
Manifest this update: Sat 23 Aug 2025 10:00:11 +0000
Manifest next update: Sun 24 Aug 2025 10:00:11 +0000
Files and hashes: 1: BcW97HMY-HHVPoZkgvQXM97wlCg.crl (hash: Fsmp4FLO8FQF+11wG4Kj763SbSD2tALbW6dIv5Gd2do=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BcW97HMY-HHVPoZkgvQXM97wlCg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:12:e1:b1:9f:5c:92:a4:e5:62:55:15:81:e3:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05c5bdec7318f871d53e866482f41733def09428
Validity
Not Before: Aug 23 10:00:11 2025 GMT
Not After : Aug 24 10:00:11 2025 GMT
Subject: CN=8fb86a0d5b7e533cc25639e0162da95055e759e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b2:d0:31:02:b6:5b:03:60:3f:39:9a:67:a8:
30:37:a0:46:ac:8b:74:65:46:42:1d:d5:2c:1a:59:
34:85:4b:eb:56:a6:fe:2f:7e:c3:20:29:08:7c:c2:
0a:8e:c1:63:c2:59:97:92:78:e6:7c:54:96:5c:d4:
df:35:71:a7:1e:75:65:6f:39:50:06:ed:e6:8b:7b:
af:42:22:ea:4c:a5:41:d2:19:c1:d5:84:ec:aa:23:
81:3c:93:ac:51:9e:e9:5c:b1:51:15:36:fb:49:c4:
5b:c1:32:63:e7:e2:18:c4:9d:66:76:4a:0d:9d:dd:
fe:08:24:62:9f:44:01:6e:e8:f5:92:ea:95:69:96:
54:31:2c:6c:75:de:c9:6d:e8:97:5d:ed:12:27:4d:
a3:02:49:5a:e1:80:b4:8c:77:20:ce:06:c4:39:4d:
c1:18:d2:c4:d6:fb:96:a4:27:ad:79:69:97:1c:21:
5e:64:89:24:54:9e:3c:93:ea:6d:d2:bf:06:a2:1a:
a4:1c:6e:22:d0:43:91:fa:ad:1e:fe:47:b1:07:51:
ef:87:fe:17:44:77:75:b2:6b:bb:1b:a5:57:4e:32:
68:f8:28:e8:67:19:48:ad:30:19:e4:eb:aa:df:4d:
89:30:8b:67:37:a2:82:ec:51:91:57:9e:2c:a9:f0:
6a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B8:6A:0D:5B:7E:53:3C:C2:56:39:E0:16:2D:A9:50:55:E7:59:E9
X509v3 Authority Key Identifier:
keyid:05:C5:BD:EC:73:18:F8:71:D5:3E:86:64:82:F4:17:33:DE:F0:94:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcW97HMY-HHVPoZkgvQXM97wlCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:bc:10:e7:8a:16:7f:99:0e:0f:61:ee:a5:63:ef:70:3f:d6:
61:b8:1c:3a:0d:92:db:4b:ef:34:b0:37:71:ce:c5:d9:2a:f6:
fb:8b:dc:dd:ed:3a:a7:86:44:66:ec:5c:6b:6f:7d:6f:35:ef:
49:1e:33:8f:df:88:35:9e:b7:16:22:5e:6f:45:af:31:bd:db:
62:25:ae:5c:5f:bb:a6:bb:e9:eb:35:d9:06:80:92:96:ac:12:
28:58:8b:7c:e4:66:c0:9c:83:bf:3e:a8:aa:b1:eb:48:82:cd:
c0:f6:1a:f7:1e:09:1f:6f:1c:70:a6:ac:31:93:8a:5a:36:5e:
bd:8b:fa:af:f3:6c:87:79:ab:bf:83:05:95:5c:69:a5:a6:85:
0a:5f:c6:38:c9:fd:7d:2c:cd:68:19:13:3b:5a:f3:54:c8:e7:
94:0a:e4:9a:07:6e:81:f7:a0:57:72:74:ef:f5:8f:db:25:62:
4f:97:ee:bd:a0:20:ce:59:7d:3c:71:a3:eb:74:2f:5c:87:f4:
98:62:86:06:99:cb:5b:70:8a:66:71:ab:f4:19:a1:2a:9c:96:
42:39:f9:90:80:bd:9d:36:b9:98:d2:1f:d2:ca:2b:b3:c0:5a:
47:7f:8b:54:ca:ff:40:c9:e9:63:8a:0c:23:4d:51:6b:b5:15:
08:da:0e:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXxLhsZ9ckqTlYlUVgePuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YzViZGVjNzMxOGY4NzFkNTNlODY2NDgyZjQxNzMzZGVm
MDk0MjgwHhcNMjUwODIzMTAwMDExWhcNMjUwODI0MTAwMDExWjAzMTEwLwYDVQQD
Eyg4ZmI4NmEwZDViN2U1MzNjYzI1NjM5ZTAxNjJkYTk1MDU1ZTc1OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLLQMQK2WwNgPzmaZ6gwN6BGrIt0
ZUZCHdUsGlk0hUvrVqb+L37DICkIfMIKjsFjwlmXknjmfFSWXNTfNXGnHnVlbzlQ
Bu3mi3uvQiLqTKVB0hnB1YTsqiOBPJOsUZ7pXLFRFTb7ScRbwTJj5+IYxJ1mdkoN
nd3+CCRin0QBbuj1kuqVaZZUMSxsdd7JbeiXXe0SJ02jAkla4YC0jHcgzgbEOU3B
GNLE1vuWpCeteWmXHCFeZIkkVJ48k+pt0r8GohqkHG4i0EOR+q0e/kexB1Hvh/4X
RHd1smu7G6VXTjJo+CjoZxlIrTAZ5Ouq302JMItnN6KC7FGRV54sqfBqFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+4ag1bflM8wlY54BYtqVBV51npMB8GA1UdIwQY
MBaAFAXFvexzGPhx1T6GZIL0FzPe8JQoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNXOTdITVktSEhWUG9aa2d2UVhNOTd3bENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zZWJkMGMtMjk5MS00NTgzLWJmZWMt
NzEyMmZlYWZjOGM3LzEvQmNXOTdITVktSEhWUG9aa2d2UVhNOTd3bENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zZWJkMGMtMjk5MS00NTgzLWJmZWMtNzEyMmZlYWZjOGM3
LzEvQmNXOTdITVktSEhWUG9aa2d2UVhNOTd3bENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIbwQ54oW
f5kOD2HupWPvcD/WYbgcOg2S20vvNLA3cc7F2Sr2+4vc3e06p4ZEZuxca299bzXv
SR4zj9+INZ63FiJeb0WvMb3bYiWuXF+7prvp6zXZBoCSlqwSKFiLfORmwJyDvz6o
qrHrSILNwPYa9x4JH28ccKasMZOKWjZevYv6r/Nsh3mrv4MFlVxppaaFCl/GOMn9
fSzNaBkTO1rzVMjnlArkmgdugfegV3J07/WP2yViT5fuvaAgzll9PHGj63QvXIf0
mGKGBpnLW3CKZnGr9BmhKpyWQjn5kIC9nTa5mNIf0sors8BaR3+LVMr/QMnpY4oM
I01Ra7UVCNoOgw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:15:57 2025 by rpki-client