Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: 9FT0f9gkmIz1zGQ3KOIR6mxVddK9ZQ98M6//pfnL1hk=
Subject key identifier: 0E:CC:58:F4:01:FF:B1:93:92:DC:46:04:FF:53:25:21:8E:F1:F3:6E
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 0196B8FE91F8EC6EA4C96D2B42ABBB36E55F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 11DE
Signing time: Sat 10 May 2025 07:00:13 +0000
Manifest this update: Sat 10 May 2025 07:00:13 +0000
Manifest next update: Sun 11 May 2025 07:00:13 +0000
Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=)
2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: Fm5NVtFZbVXbtZolOpeOg0MbnYiFA7a7cnaibH1MeyY=)
3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:fe:91:f8:ec:6e:a4:c9:6d:2b:42:ab:bb:36:e5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: May 10 07:00:13 2025 GMT
Not After : May 11 07:00:13 2025 GMT
Subject: CN=0ecc58f401ffb19392dc4604ff5325218ef1f36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:d6:b5:13:b8:ad:54:54:78:25:d7:15:35:
56:7d:a6:ac:8b:f3:ee:55:16:c3:81:6b:04:36:8e:
d1:8d:06:7b:75:a6:1e:dd:60:ac:cc:7b:ef:18:be:
1f:64:79:4f:48:4b:3b:58:24:dc:69:cb:ac:14:1c:
a7:00:99:9a:fa:55:a2:76:d5:61:f1:38:fe:be:f9:
fc:3f:52:1c:52:35:15:41:bc:7d:30:71:43:08:b3:
80:eb:59:cc:05:dc:75:92:a6:e7:de:fd:a5:3b:4c:
ad:53:56:d1:37:30:e8:5f:f2:d2:f9:bb:d2:f3:dc:
82:eb:74:c2:b6:77:58:16:d4:a4:c8:76:0b:a6:cd:
2e:8d:f8:de:9b:a1:e9:25:ea:07:f6:d7:da:7b:72:
1c:0f:c8:fe:5d:0b:6f:34:78:e3:73:d9:82:fa:2c:
bb:96:ed:0c:02:60:55:76:9f:e5:8e:ad:3b:01:f1:
77:98:77:7f:c1:69:1a:d7:02:e2:f4:4c:4e:1f:2c:
ee:54:80:fa:37:5f:56:55:9a:ed:95:11:54:49:25:
61:1a:03:68:46:74:e7:29:28:00:d0:93:6c:a1:b7:
0a:73:eb:22:4b:ba:bf:2d:d3:45:d7:94:0d:dd:dd:
2a:0c:c2:c7:c6:2e:cf:1d:7a:36:63:e4:6a:f8:9e:
12:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CC:58:F4:01:FF:B1:93:92:DC:46:04:FF:53:25:21:8E:F1:F3:6E
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:a1:ad:59:99:0e:11:84:bd:52:41:96:8f:bc:21:9f:c6:3c:
39:5f:ae:14:cf:c5:c3:fa:f3:fc:52:29:a8:21:04:c9:e8:5a:
35:f1:b9:62:58:cc:b5:bc:59:fd:36:8a:8f:b0:fa:ed:04:55:
70:d4:b5:15:e0:e2:3b:d6:b7:10:12:e1:c6:b4:9f:71:07:03:
32:aa:f5:f6:8f:c3:2b:5b:f5:c7:e4:b5:b6:18:08:be:a6:5a:
2f:02:49:43:4b:a6:e8:cf:b4:54:aa:50:17:35:9f:ad:a9:65:
f6:bc:73:cf:7c:47:df:0a:22:97:12:cb:18:5d:26:1d:c6:1a:
74:c2:7b:aa:39:4f:85:5d:a3:51:5c:6d:38:2d:64:1b:4f:f0:
74:cd:32:2b:79:b7:0c:32:fb:2a:0a:aa:79:99:54:be:ea:43:
af:0e:38:52:bf:b7:75:4c:4a:6f:6d:c6:4c:8a:e5:8c:2f:89:
c5:e9:03:d0:7e:7f:89:88:84:bc:0d:62:47:62:a4:24:7d:87:
38:e7:d1:ac:ab:e3:a4:fe:b5:e0:8d:7e:a9:f1:c9:f4:53:87:
64:42:dc:eb:2b:e2:6b:e6:29:c9:7f:37:09:5b:30:08:3e:bf:
de:99:ab:e1:9b:c0:90:9b:39:a8:6c:a8:9f:b4:01:64:a9:1b:
26:06:49:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4/pH47G6kyW0rQqu7NuVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUwNTEwMDcwMDEzWhcNMjUwNTExMDcwMDEzWjAzMTEwLwYDVQQD
EygwZWNjNThmNDAxZmZiMTkzOTJkYzQ2MDRmZjUzMjUyMThlZjFmMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6TWtRO4rVRUeCXXFTVWfaasi/Pu
VRbDgWsENo7RjQZ7daYe3WCszHvvGL4fZHlPSEs7WCTcacusFBynAJma+lWidtVh
8Tj+vvn8P1IcUjUVQbx9MHFDCLOA61nMBdx1kqbn3v2lO0ytU1bRNzDoX/LS+bvS
89yC63TCtndYFtSkyHYLps0ujfjem6HpJeoH9tfae3IcD8j+XQtvNHjjc9mC+iy7
lu0MAmBVdp/ljq07AfF3mHd/wWka1wLi9ExOHyzuVID6N19WVZrtlRFUSSVhGgNo
RnTnKSgA0JNsobcKc+siS7q/LdNF15QN3d0qDMLHxi7PHXo2Y+Rq+J4S9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7MWPQB/7GTktxGBP9TJSGO8fNuMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6GtWZkO
EYS9UkGWj7whn8Y8OV+uFM/Fw/rz/FIpqCEEyehaNfG5YljMtbxZ/TaKj7D67QRV
cNS1FeDiO9a3EBLhxrSfcQcDMqr19o/DK1v1x+S1thgIvqZaLwJJQ0um6M+0VKpQ
FzWfrall9rxzz3xH3woilxLLGF0mHcYadMJ7qjlPhV2jUVxtOC1kG0/wdM0yK3m3
DDL7KgqqeZlUvupDrw44Ur+3dUxKb23GTIrljC+JxekD0H5/iYiEvA1iR2KkJH2H
OOfRrKvjpP614I1+qfHJ9FOHZELc6yvia+YpyX83CVswCD6/3pmr4ZvAkJs5qGyo
n7QBZKkbJgZJHg==
-----END CERTIFICATE-----
Generated at Sat May 10 13:00:34 2025 by rpki-client