Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
File: stCgxoogOf8MpRQCQRUnHIoEZgg.mft (raw, json)
Hash identifier: FEdO+HIG6b3LmZICThj6W3ad1ElEQxwM2JopYnvz8I4=
Subject key identifier: F8:7E:E6:21:6A:CB:71:F5:BB:B9:46:A6:3D:FA:14:37:C2:0D:52:69
Authority key identifier: B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08
Certificate issuer: /CN=b2d0a0c68a2039ff0ca514024115271c8a046608
Certificate serial: 0198D40478C162C347B15EADEEDC0EBB07BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
Manifest number: 15D8
Signing time: Fri 22 Aug 2025 23:01:59 +0000
Manifest this update: Fri 22 Aug 2025 23:01:59 +0000
Manifest next update: Sat 23 Aug 2025 23:01:59 +0000
Files and hashes: 1: 98pSG03PsWjsaovooO14-BTQ9Vo.roa (hash: Nos0vMcOhKzLe90FJjKrPfa+9LXdDpzz5DlngxI3jBk=)
2: stCgxoogOf8MpRQCQRUnHIoEZgg.crl (hash: xAhVeVoV0izzqdid8/r/UKfupmDWDmh/2yhcd6lY5Gk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:04:78:c1:62:c3:47:b1:5e:ad:ee:dc:0e:bb:07:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d0a0c68a2039ff0ca514024115271c8a046608
Validity
Not Before: Aug 22 23:01:59 2025 GMT
Not After : Aug 23 23:01:59 2025 GMT
Subject: CN=f87ee6216acb71f5bbb946a63dfa1437c20d5269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5d:e2:62:98:57:a3:ba:9d:ba:12:69:5c:ac:
83:20:f5:4d:87:fd:ae:b1:e3:df:93:57:02:ff:10:
3b:87:af:58:23:2d:58:44:15:7d:21:c3:a2:ea:2d:
2a:09:45:bb:e2:71:91:1e:22:e9:ab:01:95:ec:2f:
17:2a:10:26:c6:09:c7:11:3a:2a:cb:37:fb:c7:3f:
ea:35:13:41:d4:fe:8a:72:9f:30:03:c9:c7:8c:09:
a4:15:4d:90:65:06:4c:26:07:0c:33:e2:76:81:25:
54:a4:00:24:24:49:a8:2d:29:28:f6:ec:90:42:92:
ab:ee:16:dd:4c:7b:e2:13:a5:87:9f:2d:db:cf:b7:
31:13:8f:0e:17:3d:9e:33:6b:c3:db:22:39:6e:7c:
6e:75:2a:07:5e:f7:6a:51:4c:de:2f:0a:3b:8f:1a:
1d:a0:3a:39:7a:17:99:b6:dd:37:c6:9b:76:4a:fd:
b3:d1:ae:f4:b0:1a:dd:d8:05:86:fc:12:cc:b8:d1:
ca:c5:b1:b0:4a:d4:9e:c8:60:14:83:f9:3b:4f:bf:
d5:09:31:70:79:87:19:42:68:de:b1:a4:fa:11:64:
31:f1:04:bc:be:96:bc:7a:77:2e:86:ee:da:ad:6a:
f0:a0:03:be:ef:ed:a9:46:d7:c3:bf:70:30:52:ee:
55:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7E:E6:21:6A:CB:71:F5:BB:B9:46:A6:3D:FA:14:37:C2:0D:52:69
X509v3 Authority Key Identifier:
keyid:B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:f6:f0:51:9b:cf:1a:b4:ec:0d:85:2c:4c:2b:cd:4a:fb:5e:
87:4a:30:75:68:4c:49:fa:1a:94:9c:ba:f1:c1:a8:b2:8e:16:
56:aa:1c:c5:d7:cf:f2:38:e4:4c:76:e5:1c:69:b4:97:6f:32:
7c:ae:87:be:c8:a2:22:51:03:18:97:ce:58:70:94:96:d9:9e:
30:3f:9d:6b:6d:19:56:ec:45:d9:e2:ab:59:fc:63:d8:e5:b3:
67:5a:2f:34:ec:4a:bf:46:e0:b9:99:73:f7:95:97:b5:28:4e:
2a:f6:fb:f0:f5:9f:60:78:b8:03:3a:ee:eb:35:6f:08:15:e7:
b2:74:00:7e:94:fb:43:b6:5b:27:f8:1b:54:33:46:87:53:08:
30:1d:ef:46:dc:14:3b:34:e4:85:1d:76:2c:a5:26:23:19:27:
b2:47:19:f6:cf:6e:90:30:bf:5e:1f:67:fe:ae:3d:41:f7:28:
01:f3:80:64:95:23:ff:44:12:3d:ae:39:19:40:ec:a5:06:3f:
2e:6b:c8:b1:9f:81:38:c6:5c:80:0b:16:94:ac:2d:74:d3:10:
1d:dd:6c:fe:12:d0:3a:46:88:03:a8:33:f5:58:99:c0:be:3a:
46:f8:5c:88:52:a9:6d:b8:29:c1:cd:63:bc:21:15:6b:e0:66:
6c:70:00:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUBHjBYsNHsV6t7twOuwe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDBhMGM2OGEyMDM5ZmYwY2E1MTQwMjQxMTUyNzFjOGEw
NDY2MDgwHhcNMjUwODIyMjMwMTU5WhcNMjUwODIzMjMwMTU5WjAzMTEwLwYDVQQD
EyhmODdlZTYyMTZhY2I3MWY1YmJiOTQ2YTYzZGZhMTQzN2MyMGQ1MjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF3iYphXo7qduhJpXKyDIPVNh/2u
sePfk1cC/xA7h69YIy1YRBV9IcOi6i0qCUW74nGRHiLpqwGV7C8XKhAmxgnHEToq
yzf7xz/qNRNB1P6Kcp8wA8nHjAmkFU2QZQZMJgcMM+J2gSVUpAAkJEmoLSko9uyQ
QpKr7hbdTHviE6WHny3bz7cxE48OFz2eM2vD2yI5bnxudSoHXvdqUUzeLwo7jxod
oDo5eheZtt03xpt2Sv2z0a70sBrd2AWG/BLMuNHKxbGwStSeyGAUg/k7T7/VCTFw
eYcZQmjesaT6EWQx8QS8vpa8encuhu7arWrwoAO+7+2pRtfDv3AwUu5VTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPh+5iFqy3H1u7lGpj36FDfCDVJpMB8GA1UdIwQY
MBaAFLLQoMaKIDn/DKUUAkEVJxyKBGYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQt
NDFhYjdjODcyZmVhLzEvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQtNDFhYjdjODcyZmVh
LzEvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/bwUZvP
GrTsDYUsTCvNSvteh0owdWhMSfoalJy68cGoso4WVqocxdfP8jjkTHblHGm0l28y
fK6HvsiiIlEDGJfOWHCUltmeMD+da20ZVuxF2eKrWfxj2OWzZ1ovNOxKv0bguZlz
95WXtShOKvb78PWfYHi4Azru6zVvCBXnsnQAfpT7Q7ZbJ/gbVDNGh1MIMB3vRtwU
OzTkhR12LKUmIxknskcZ9s9ukDC/Xh9n/q49QfcoAfOAZJUj/0QSPa45GUDspQY/
LmvIsZ+BOMZcgAsWlKwtdNMQHd1s/hLQOkaIA6gz9ViZwL46RvhciFKpbbgpwc1j
vCEVa+BmbHAA3w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:16:28 2025 by rpki-client