Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: QOmr2wluqIAPEkE17bnXR91kvUC1NrukFwNKVnoSGVE=
Subject key identifier: 24:3A:43:5A:BB:8F:80:17:B4:A8:69:86:A4:A8:D4:79:63:1E:CF:90
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 0198D7A962C4431B4C4060C13E0AE648D75A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 12F7
Signing time: Sat 23 Aug 2025 16:00:58 +0000
Manifest this update: Sat 23 Aug 2025 16:00:58 +0000
Manifest next update: Sun 24 Aug 2025 16:00:58 +0000
Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=)
2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: Mzk1V5r8u9k8pP/wWxgf1H9UHPYOQpvDvicV9DtVkzo=)
3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:a9:62:c4:43:1b:4c:40:60:c1:3e:0a:e6:48:d7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Aug 23 16:00:58 2025 GMT
Not After : Aug 24 16:00:58 2025 GMT
Subject: CN=243a435abb8f8017b4a86986a4a8d479631ecf90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:31:ae:c7:71:48:eb:ff:6d:9c:18:28:9d:8a:
80:e9:c3:28:43:b9:52:24:70:3f:e1:b1:ac:b2:fd:
78:4e:be:c4:d4:7a:0a:2b:3a:be:4f:f0:e9:df:71:
31:19:ec:10:a5:e2:2a:5c:6d:d7:5d:ae:55:7d:5b:
df:6d:02:b2:a5:93:ef:47:a1:9b:72:04:98:41:11:
d5:c1:b5:1c:5b:ce:59:26:26:41:12:ed:1c:fc:d5:
88:4c:05:4b:e0:4c:7e:16:d4:86:63:82:e6:47:cf:
79:5e:c7:ff:2c:d5:3a:68:c9:86:b8:ab:78:b6:88:
03:2e:75:eb:16:8b:b8:4a:89:3d:ae:23:00:0b:a6:
6f:dd:d5:4e:a9:db:be:cb:7b:36:69:a7:fc:77:e9:
61:bb:92:cc:ef:f7:75:f1:95:18:f1:61:cd:29:75:
d8:64:e7:15:d4:93:bc:9d:5d:03:07:2f:04:19:ff:
3e:8c:12:99:84:05:32:25:b1:87:ef:d3:06:1e:60:
cf:80:44:bc:15:41:fb:d3:b6:27:70:93:eb:64:ba:
15:5f:a3:08:54:4f:2c:a2:05:a3:52:fc:d6:b2:75:
4d:3e:9c:c0:f6:a1:62:61:cc:71:2a:55:6c:14:ed:
9d:25:b3:76:71:75:1a:24:5d:44:ac:d6:0c:39:24:
57:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3A:43:5A:BB:8F:80:17:B4:A8:69:86:A4:A8:D4:79:63:1E:CF:90
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:5e:93:ce:98:81:dd:0a:5b:0c:e1:53:0a:c6:f4:7b:70:f2:
7f:f8:80:fa:43:60:b4:6c:7e:80:f7:71:5a:7c:e3:2f:32:99:
b2:94:cd:8e:5a:23:24:55:ff:b6:f6:75:c7:c5:7c:88:60:24:
70:29:cc:8a:13:08:d2:48:1d:97:7c:9c:08:ff:f3:2f:73:e2:
f7:20:82:46:60:4e:b0:6c:42:b3:6d:b6:3a:0b:08:eb:e5:c3:
32:39:a4:dc:f0:1b:3c:6e:bc:c8:65:77:38:b4:72:43:93:17:
7f:36:ec:46:4c:47:ba:c9:e3:cb:4d:fc:e5:e2:23:3f:3a:78:
e2:3b:32:05:54:d9:18:c2:f8:ae:73:d6:74:03:12:02:28:0f:
a4:1c:da:dc:92:b4:97:7e:53:22:ef:85:c9:b3:20:47:0b:34:
c9:f0:21:22:f2:3f:31:08:59:86:8f:37:fd:63:f4:dd:a7:f0:
df:95:e3:eb:41:a5:02:26:25:f6:5b:7e:4d:57:17:d9:95:db:
6d:9e:87:9d:02:a2:09:3d:b3:84:19:52:58:66:4a:bd:e0:ab:
74:4c:a4:0b:f2:41:c6:11:6c:ad:3c:93:95:28:d2:40:5b:31:
e3:12:99:ac:cc:8b:20:01:12:b0:b8:72:b9:81:d0:86:42:95:
3f:a2:6b:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqWLEQxtMQGDBPgrmSNdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUwODIzMTYwMDU4WhcNMjUwODI0MTYwMDU4WjAzMTEwLwYDVQQD
EygyNDNhNDM1YWJiOGY4MDE3YjRhODY5ODZhNGE4ZDQ3OTYzMWVjZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTGux3FI6/9tnBgonYqA6cMoQ7lS
JHA/4bGssv14Tr7E1HoKKzq+T/Dp33ExGewQpeIqXG3XXa5VfVvfbQKypZPvR6Gb
cgSYQRHVwbUcW85ZJiZBEu0c/NWITAVL4Ex+FtSGY4LmR895Xsf/LNU6aMmGuKt4
togDLnXrFou4Sok9riMAC6Zv3dVOqdu+y3s2aaf8d+lhu5LM7/d18ZUY8WHNKXXY
ZOcV1JO8nV0DBy8EGf8+jBKZhAUyJbGH79MGHmDPgES8FUH707YncJPrZLoVX6MI
VE8sogWjUvzWsnVNPpzA9qFiYcxxKlVsFO2dJbN2cXUaJF1ErNYMOSRXEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQ6Q1q7j4AXtKhphqSo1HljHs+QMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdl6TzpiB
3QpbDOFTCsb0e3Dyf/iA+kNgtGx+gPdxWnzjLzKZspTNjlojJFX/tvZ1x8V8iGAk
cCnMihMI0kgdl3ycCP/zL3Pi9yCCRmBOsGxCs222OgsI6+XDMjmk3PAbPG68yGV3
OLRyQ5MXfzbsRkxHusnjy0385eIjPzp44jsyBVTZGML4rnPWdAMSAigPpBza3JK0
l35TIu+FybMgRws0yfAhIvI/MQhZho83/WP03afw35Xj60GlAiYl9lt+TVcX2ZXb
bZ6HnQKiCT2zhBlSWGZKveCrdEykC/JBxhFsrTyTlSjSQFsx4xKZrMyLIAESsLhy
uYHQhkKVP6JrLg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:08:13 2025 by rpki-client