Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft
File: STKJJW4ziHd9leTVMVZ842cqFJo.mft (raw, json)
Hash identifier: 1KEGz+2a2mgs0jBGes8tYUal5CkO6UTVOgKk7i+0owc=
Subject key identifier: 5D:9B:EA:02:F5:90:70:02:50:DE:F8:69:A6:4F:73:52:DB:B3:25:EF
Authority key identifier: 49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A
Certificate issuer: /CN=493289256e3388777d95e4d531567ce3672a149a
Certificate serial: 0199FFFE55666CEBFF7727C618893282850E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft
Manifest number: 16E4
Signing time: Mon 20 Oct 2025 05:01:22 +0000
Manifest this update: Mon 20 Oct 2025 05:01:22 +0000
Manifest next update: Tue 21 Oct 2025 05:01:22 +0000
Files and hashes: 1: PDkI417cWn_abbXt0o9HD-0vD6g.roa (hash: mxVaLWpnhSe1agkXL4xYhLyldi4/weSHgH61n+a6Rqk=)
2: STKJJW4ziHd9leTVMVZ842cqFJo.crl (hash: t+QMu1kDC9JGoQ0BjIJzameJznEclJvhjcON0xo0/tg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:55:66:6c:eb:ff:77:27:c6:18:89:32:82:85:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493289256e3388777d95e4d531567ce3672a149a
Validity
Not Before: Oct 20 05:01:22 2025 GMT
Not After : Oct 21 05:01:22 2025 GMT
Subject: CN=5d9bea02f590700250def869a64f7352dbb325ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:16:ea:15:9f:7d:fc:b0:80:de:05:9a:67:
65:45:86:ad:4c:3d:a0:69:64:c4:b6:18:06:e7:d0:
4e:69:63:66:27:be:c4:0d:49:4d:62:c1:ab:cd:7e:
32:bc:a9:e1:2d:30:49:c5:a0:8d:d5:b9:b0:92:ca:
d8:e0:ed:10:a4:49:93:15:01:64:3b:3a:e8:99:0f:
45:00:9f:de:84:78:64:02:96:d5:c2:1c:94:11:b0:
22:bd:6c:b7:b9:4c:6a:11:04:b2:5e:45:b2:37:43:
56:f8:1e:61:9c:ab:5d:b6:2e:d3:aa:82:12:d5:a5:
0f:e7:15:c1:c5:74:10:81:b1:7d:99:43:24:f8:46:
1f:e1:a7:21:aa:53:83:58:25:2e:1a:4b:47:f8:65:
66:46:05:c5:30:4e:7d:48:5a:7e:0b:c6:84:36:17:
9c:61:94:36:46:b4:87:91:57:95:03:e6:c0:bc:41:
5d:68:b0:c4:71:b7:d1:6d:17:20:77:d7:1f:f6:b1:
c2:3c:c2:45:7f:94:46:a5:d3:48:9a:1a:c2:da:15:
bb:2c:91:98:54:93:49:2f:37:20:01:84:6b:2c:11:
ed:71:5c:ab:48:f9:2f:a8:67:5b:51:4e:bd:ea:5e:
04:fb:f4:e4:c8:9c:78:7b:fe:3a:de:cb:c9:8c:4f:
1c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9B:EA:02:F5:90:70:02:50:DE:F8:69:A6:4F:73:52:DB:B3:25:EF
X509v3 Authority Key Identifier:
keyid:49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:0e:8d:ca:5e:32:11:48:db:36:b3:a3:57:55:ba:42:70:14:
44:c6:a6:32:e2:f9:25:74:b6:95:90:09:bb:f6:02:18:46:45:
58:ae:a5:87:ba:a2:2e:46:8b:76:cd:dd:51:a8:5b:ca:38:63:
4f:79:1a:c3:1b:73:c8:d1:ec:e4:ea:ed:da:9e:9f:33:c8:22:
df:59:fe:c2:2e:d6:b6:d3:bc:42:76:8a:a3:8f:93:0d:19:c4:
85:4f:e2:a1:d7:b4:f8:d9:03:bc:92:29:6d:1d:f5:1b:73:b1:
63:b4:77:6d:98:56:fb:d7:c4:ef:af:c3:2a:41:97:ee:d0:0f:
1c:61:ec:06:a3:8e:04:d5:69:ef:5e:4b:4d:64:9c:37:04:c3:
40:df:5a:aa:ca:89:fa:a3:ad:32:7b:84:19:98:5f:4a:68:f3:
01:ae:47:b6:0e:ed:65:66:38:09:7a:54:91:09:3c:f8:d7:20:
8e:d9:3b:79:d2:f6:91:91:e3:7c:16:5a:49:e8:ee:17:eb:20:
80:5f:85:55:2e:26:16:b4:a5:4e:0a:e4:04:39:57:5d:f4:5c:
59:40:17:16:c0:96:44:0f:bb:7b:de:17:c0:2b:97:83:05:df:
cd:e2:d0:33:1f:42:21:6a:3c:dc:bf:5b:ca:fd:0b:6e:a9:25:
a6:9c:1f:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//lVmbOv/dyfGGIkygoUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MzI4OTI1NmUzMzg4Nzc3ZDk1ZTRkNTMxNTY3Y2UzNjcy
YTE0OWEwHhcNMjUxMDIwMDUwMTIyWhcNMjUxMDIxMDUwMTIyWjAzMTEwLwYDVQQD
Eyg1ZDliZWEwMmY1OTA3MDAyNTBkZWY4NjlhNjRmNzM1MmRiYjMyNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNIW6hWfffywgN4FmmdlRYatTD2g
aWTEthgG59BOaWNmJ77EDUlNYsGrzX4yvKnhLTBJxaCN1bmwksrY4O0QpEmTFQFk
OzromQ9FAJ/ehHhkApbVwhyUEbAivWy3uUxqEQSyXkWyN0NW+B5hnKtdti7TqoIS
1aUP5xXBxXQQgbF9mUMk+EYf4achqlODWCUuGktH+GVmRgXFME59SFp+C8aENhec
YZQ2RrSHkVeVA+bAvEFdaLDEcbfRbRcgd9cf9rHCPMJFf5RGpdNImhrC2hW7LJGY
VJNJLzcgAYRrLBHtcVyrSPkvqGdbUU696l4E+/TkyJx4e/463svJjE8c3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2b6gL1kHACUN74aaZPc1LbsyXvMB8GA1UdIwQY
MBaAFEkyiSVuM4h3fZXk1TFWfONnKhSaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEt
ZDRkOWEyZTYwZTY0LzEvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEtZDRkOWEyZTYwZTY0
LzEvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEQ6Nyl4y
EUjbNrOjV1W6QnAURMamMuL5JXS2lZAJu/YCGEZFWK6lh7qiLkaLds3dUahbyjhj
T3kawxtzyNHs5Ort2p6fM8gi31n+wi7WttO8QnaKo4+TDRnEhU/iode0+NkDvJIp
bR31G3OxY7R3bZhW+9fE76/DKkGX7tAPHGHsBqOOBNVp715LTWScNwTDQN9aqsqJ
+qOtMnuEGZhfSmjzAa5Htg7tZWY4CXpUkQk8+Ncgjtk7edL2kZHjfBZaSejuF+sg
gF+FVS4mFrSlTgrkBDlXXfRcWUAXFsCWRA+7e94XwCuXgwXfzeLQMx9CIWo83L9b
yv0Lbqklppwftg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:46:40 2025 by rpki-client