Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
File: stlAHspsipMG0QCSu-DC4ZUA6X8.mft (raw, json)
Hash identifier: cLXQHnnOjHIV6zCeb0dkq+L1NZgmCl6lsuB8s3NQipw=
Subject key identifier: B2:0B:58:7E:49:83:82:40:BB:EA:D7:BD:FD:1B:69:EC:5D:84:28:56
Authority key identifier: B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
Certificate issuer: /CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Certificate serial: 0197BFDA7F5699ED1878D2A8604E21D41470
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
Manifest number: 15BC
Signing time: Mon 30 Jun 2025 08:00:57 +0000
Manifest this update: Mon 30 Jun 2025 08:00:57 +0000
Manifest next update: Tue 01 Jul 2025 08:00:57 +0000
Files and hashes: 1: soSBsLQYC7V6yaNpfJM8sFC7fR4.roa (hash: nF8wYjzOXAcieN8jO0uTIHBAl7NBBBuHSNIF4hRr2/A=)
2: stlAHspsipMG0QCSu-DC4ZUA6X8.crl (hash: 5cr5dRFCu7HMAHGIkSTRDy9H9pYElgUvk68mzexte8c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 08:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:da:7f:56:99:ed:18:78:d2:a8:60:4e:21:d4:14:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Validity
Not Before: Jun 30 08:00:57 2025 GMT
Not After : Jul 1 08:00:57 2025 GMT
Subject: CN=b20b587e49838240bbead7bdfd1b69ec5d842856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:32:5e:9c:5f:c7:61:dd:97:d2:fe:ac:02:86:
e4:f0:47:3a:f0:82:80:ef:c4:66:f1:eb:dd:c0:e9:
87:a4:66:bd:94:6d:e2:cb:d4:be:a7:b3:e8:fb:c8:
89:53:9d:53:43:92:5a:d3:79:4e:23:a5:75:ec:ad:
fd:90:d8:9d:95:dd:de:92:c6:14:02:35:52:02:8f:
02:33:b3:90:85:54:6f:c5:24:9f:87:cf:b2:e4:9c:
e2:6e:28:14:d6:04:a5:ad:40:05:3b:f4:a2:4a:2f:
28:f8:c1:02:0a:e3:ad:9b:8c:dd:8f:33:02:95:55:
d2:4d:4a:11:89:ee:f1:6e:93:a9:0b:cd:de:d2:64:
60:1e:83:19:b5:4e:0d:eb:a6:95:54:71:4e:90:f5:
af:24:18:2e:25:32:1b:60:4a:83:fa:33:27:a1:54:
91:cd:7a:c6:47:bb:88:82:8b:18:a9:c5:6e:0b:06:
b7:4f:d4:4d:8d:20:3e:b8:49:80:70:8f:9a:67:ae:
60:63:43:b7:03:53:05:ea:7f:98:cb:65:67:b8:55:
61:42:2e:de:fa:a8:f8:da:78:7b:d6:cb:5b:49:72:
c2:c4:60:da:83:be:88:b1:1b:06:75:e9:1c:b1:bd:
14:38:af:7b:87:39:e6:91:1c:86:4f:f8:3d:0d:47:
ea:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0B:58:7E:49:83:82:40:BB:EA:D7:BD:FD:1B:69:EC:5D:84:28:56
X509v3 Authority Key Identifier:
keyid:B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:c4:c0:b1:6c:db:34:08:0c:9b:c7:2c:d1:0f:e2:b1:10:1a:
da:ad:7c:69:1b:f5:66:26:4d:57:3f:b3:9e:7a:14:e8:33:3e:
d2:c2:3c:06:01:67:19:e6:a2:4f:da:40:7a:10:2e:fe:81:c7:
26:74:94:8b:68:9e:6f:d8:91:1d:ef:32:95:00:f6:0f:9d:eb:
c2:91:24:82:b6:e9:e0:66:f3:bb:bb:3e:39:28:f7:5d:b7:40:
cc:26:da:96:d3:f2:ee:29:84:db:fe:de:d8:67:e7:f0:45:e7:
7e:ec:cb:a8:0f:23:f7:d6:27:30:e6:14:b0:0c:58:8c:78:66:
4f:8c:db:4b:73:a0:05:1f:8f:0f:61:76:d1:d5:ee:95:09:6c:
7a:31:77:8a:82:ba:19:9c:0f:ff:94:29:2a:32:5f:41:6b:24:
39:cf:41:70:af:97:9a:8a:4f:70:3a:c3:42:37:1c:22:20:3d:
21:97:8a:2b:64:04:71:62:19:c8:b7:7c:c0:92:59:fc:13:c7:
83:c3:8d:8d:17:13:71:8c:50:e7:59:09:f9:d6:07:d5:f1:e9:
01:1f:a4:60:c6:24:11:82:8b:cf:87:dc:cc:56:a5:23:d3:e9:
cf:34:6b:5b:c9:6c:8d:e7:78:0a:15:eb:01:6e:b5:f9:f2:0c:
c5:50:12:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe/2n9Wme0YeNKoYE4h1BRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDk0MDFlY2E2YzhhOTMwNmQxMDA5MmJiZTBjMmUxOTUw
MGU5N2YwHhcNMjUwNjMwMDgwMDU3WhcNMjUwNzAxMDgwMDU3WjAzMTEwLwYDVQQD
EyhiMjBiNTg3ZTQ5ODM4MjQwYmJlYWQ3YmRmZDFiNjllYzVkODQyODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8jJenF/HYd2X0v6sAobk8Ec68IKA
78Rm8evdwOmHpGa9lG3iy9S+p7Po+8iJU51TQ5Ja03lOI6V17K39kNidld3eksYU
AjVSAo8CM7OQhVRvxSSfh8+y5JzibigU1gSlrUAFO/SiSi8o+MECCuOtm4zdjzMC
lVXSTUoRie7xbpOpC83e0mRgHoMZtU4N66aVVHFOkPWvJBguJTIbYEqD+jMnoVSR
zXrGR7uIgosYqcVuCwa3T9RNjSA+uEmAcI+aZ65gY0O3A1MF6n+Yy2VnuFVhQi7e
+qj42nh71stbSXLCxGDag76IsRsGdekcsb0UOK97hznmkRyGT/g9DUfqWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLILWH5Jg4JAu+rXvf0baexdhChWMB8GA1UdIwQY
MBaAFLLZQB7KbIqTBtEAkrvgwuGVAOl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWIt
ZTEzMzJlN2YwNmZjLzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWItZTEzMzJlN2YwNmZj
LzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcMTAsWzb
NAgMm8cs0Q/isRAa2q18aRv1ZiZNVz+znnoU6DM+0sI8BgFnGeaiT9pAehAu/oHH
JnSUi2ieb9iRHe8ylQD2D53rwpEkgrbp4Gbzu7s+OSj3XbdAzCbaltPy7imE2/7e
2Gfn8EXnfuzLqA8j99YnMOYUsAxYjHhmT4zbS3OgBR+PD2F20dXulQlsejF3ioK6
GZwP/5QpKjJfQWskOc9BcK+XmopPcDrDQjccIiA9IZeKK2QEcWIZyLd8wJJZ/BPH
g8ONjRcTcYxQ51kJ+dYH1fHpAR+kYMYkEYKLz4fczFalI9PpzzRrW8lsjed4ChXr
AW61+fIMxVASKA==
-----END CERTIFICATE-----
Generated at Mon Jun 30 18:04:34 2025 by rpki-client