Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: drF2c+K9yf3m1EG9hi5GHMgMNSBInGJwI2aCu71+bDA=
Subject key identifier: 58:DC:F4:D7:CC:F8:F8:8C:BE:15:7C:C2:B7:41:21:0B:5B:0F:DC:32
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 0197B5FC692DA41DF434124D856AEDE2E7B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 1261
Signing time: Sat 28 Jun 2025 10:01:47 +0000
Manifest this update: Sat 28 Jun 2025 10:01:47 +0000
Manifest next update: Sun 29 Jun 2025 10:01:47 +0000
Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=)
2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: 69+sxJKxSNB3Xxfn7HCLnPf2ZJqUetdWDwcsd0rLO24=)
3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:fc:69:2d:a4:1d:f4:34:12:4d:85:6a:ed:e2:e7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Jun 28 10:01:47 2025 GMT
Not After : Jun 29 10:01:47 2025 GMT
Subject: CN=58dcf4d7ccf8f88cbe157cc2b741210b5b0fdc32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:30:35:f4:93:10:0c:8a:4c:e7:ba:c3:73:
59:96:1f:69:55:9f:4f:31:f7:95:60:3b:0a:6c:bd:
95:9a:96:44:02:7e:0c:06:b6:a1:d0:9d:67:b0:91:
40:72:ce:01:78:6e:6b:40:d6:b9:0c:36:ce:b5:5a:
ab:be:77:51:21:9b:cd:31:48:af:e5:cf:85:48:e4:
d3:0c:b0:69:7d:10:e2:ab:0d:bc:66:aa:80:b4:f1:
1a:20:83:e0:9c:f2:60:a0:e1:3f:c5:b6:76:1b:5d:
05:72:37:76:46:5e:a2:6c:6a:5b:f0:66:a7:b5:d0:
e0:c6:12:6f:2a:3f:59:e5:3d:3f:ae:6e:af:12:7e:
17:00:28:d8:94:3b:d6:c5:25:9f:3e:4e:62:0a:70:
61:a2:82:4f:d0:b8:79:fb:7b:c8:86:10:6e:ab:c6:
70:1b:c5:77:27:df:2a:f6:51:81:67:81:b3:ff:86:
ba:44:f2:d2:6d:35:30:cb:e3:d3:99:d9:0a:f1:2d:
82:ca:e3:1a:48:f5:f3:a9:e3:13:98:8d:c5:b4:01:
e7:e8:18:bd:97:2b:3d:2b:82:7b:20:72:45:68:5e:
b2:39:e8:36:b2:73:09:4a:9a:02:ab:61:aa:f5:92:
76:6b:cd:8b:26:52:67:68:03:e1:0a:48:ae:89:1b:
7b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DC:F4:D7:CC:F8:F8:8C:BE:15:7C:C2:B7:41:21:0B:5B:0F:DC:32
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:70:23:46:9c:ac:cd:13:76:54:e2:25:94:30:23:5c:7f:f3:
2d:ed:c9:aa:09:c7:d7:f6:1e:96:04:52:86:67:4e:db:65:de:
f8:8f:83:94:5d:20:86:3e:2c:0b:cf:71:0b:00:e7:45:1a:b9:
5b:3b:42:1a:d9:84:91:d6:b0:43:ad:45:db:0a:17:4c:47:ec:
28:fe:fe:89:d9:40:dd:8f:8d:d7:a7:a4:b2:e3:56:49:c5:cc:
ca:f2:41:9a:9a:b0:46:e2:ff:a2:78:62:57:f6:02:b8:57:96:
42:a8:22:64:d9:29:34:5d:f9:a0:c9:88:13:e6:35:72:cf:6f:
22:ab:d1:05:51:ee:01:49:82:28:71:43:4b:87:7c:57:02:fa:
fd:22:99:2d:76:78:63:1d:9b:79:2d:9c:4d:09:8d:cb:0e:f4:
7e:78:20:8d:fa:0d:11:63:15:92:ef:23:a9:f9:4c:06:5e:80:
0e:3e:82:78:3e:60:4a:6b:fc:8a:d6:b6:d5:d4:ff:e1:8c:8f:
e9:fb:c0:b6:02:60:89:11:5b:5a:92:07:72:01:54:51:03:15:
7d:c7:10:89:71:fe:c2:00:be:04:c5:74:01:a4:63:db:0c:44:
04:cd:96:da:74:39:6c:3a:b1:e3:84:99:4b:54:aa:03:c9:2a:
6f:1b:3c:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/GktpB30NBJNhWrt4uexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUwNjI4MTAwMTQ3WhcNMjUwNjI5MTAwMTQ3WjAzMTEwLwYDVQQD
Eyg1OGRjZjRkN2NjZjhmODhjYmUxNTdjYzJiNzQxMjEwYjViMGZkYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6owNfSTEAyKTOe6w3NZlh9pVZ9P
MfeVYDsKbL2VmpZEAn4MBrah0J1nsJFAcs4BeG5rQNa5DDbOtVqrvndRIZvNMUiv
5c+FSOTTDLBpfRDiqw28ZqqAtPEaIIPgnPJgoOE/xbZ2G10Fcjd2Rl6ibGpb8Gan
tdDgxhJvKj9Z5T0/rm6vEn4XACjYlDvWxSWfPk5iCnBhooJP0Lh5+3vIhhBuq8Zw
G8V3J98q9lGBZ4Gz/4a6RPLSbTUwy+PTmdkK8S2CyuMaSPXzqeMTmI3FtAHn6Bi9
lys9K4J7IHJFaF6yOeg2snMJSpoCq2Gq9ZJ2a82LJlJnaAPhCkiuiRt7twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjc9NfM+PiMvhV8wrdBIQtbD9wyMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3AjRpys
zRN2VOIllDAjXH/zLe3JqgnH1/YelgRShmdO22Xe+I+DlF0ghj4sC89xCwDnRRq5
WztCGtmEkdawQ61F2woXTEfsKP7+idlA3Y+N16eksuNWScXMyvJBmpqwRuL/onhi
V/YCuFeWQqgiZNkpNF35oMmIE+Y1cs9vIqvRBVHuAUmCKHFDS4d8VwL6/SKZLXZ4
Yx2beS2cTQmNyw70fnggjfoNEWMVku8jqflMBl6ADj6CeD5gSmv8ita21dT/4YyP
6fvAtgJgiRFbWpIHcgFUUQMVfccQiXH+wgC+BMV0AaRj2wxEBM2W2nQ5bDqx44SZ
S1SqA8kqbxs8Iw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:33:10 2025 by rpki-client