Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: B1Qe1+7HH8G1rMO4pW6fW2MfaVJSsZHdRooGcRmPwDs=
Subject key identifier: 36:E8:71:18:F6:8C:32:C9:7B:14:3A:58:96:5B:B1:5A:2F:FD:8B:9E
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 0199FB462C80865C05FA38BE5A0B75678D9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 138E
Signing time: Sun 19 Oct 2025 07:01:44 +0000
Manifest this update: Sun 19 Oct 2025 07:01:44 +0000
Manifest next update: Mon 20 Oct 2025 07:01:44 +0000
Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=)
2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: uqdnlD4f6gQWKsl1JuOFRU+qw/+n16BA8zT/iqG8LMI=)
3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:46:2c:80:86:5c:05:fa:38:be:5a:0b:75:67:8d:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Oct 19 07:01:44 2025 GMT
Not After : Oct 20 07:01:44 2025 GMT
Subject: CN=36e87118f68c32c97b143a58965bb15a2ffd8b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e2:35:a7:9f:77:be:19:f0:cd:b8:8b:50:11:
c5:a1:cd:58:77:42:18:78:b7:50:b1:59:5d:e2:af:
eb:8a:92:91:0e:2e:ca:ca:a5:e8:dd:c5:7e:5e:af:
93:ca:d3:1e:58:14:36:1b:e9:79:c7:e4:b7:e2:b5:
46:26:f9:26:e7:61:4f:cf:78:a9:6c:27:c4:41:35:
a3:49:3e:49:76:41:38:b2:01:1f:8d:28:98:3a:5a:
2a:bb:1e:88:50:41:a3:12:1c:7b:dc:11:8b:bb:03:
4d:84:6a:01:0d:f0:53:a6:6e:78:b0:9e:72:02:53:
49:bb:2a:a8:9a:4c:c8:7f:09:d8:32:d9:64:d2:c9:
6b:a7:55:92:bb:f5:0d:ef:8f:5a:b5:43:cd:5c:ec:
0c:df:e1:4f:71:ac:06:5c:bb:fa:dd:30:19:2e:e8:
b3:0d:be:3b:e9:d5:c1:d0:b2:0f:98:59:b1:bb:a5:
dc:91:e6:0d:c9:9a:40:d4:d4:29:c7:22:47:05:9b:
fd:bd:77:a1:10:0e:7f:7f:5e:94:85:16:24:4d:02:
64:f7:ee:8d:05:49:53:0d:7f:5e:fe:eb:de:69:f8:
d4:4d:da:5c:3d:62:a8:a4:fb:f6:0c:ca:9e:0d:53:
f8:32:a2:42:4d:78:59:14:e7:72:02:6a:97:15:ea:
a1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E8:71:18:F6:8C:32:C9:7B:14:3A:58:96:5B:B1:5A:2F:FD:8B:9E
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:8c:a2:3a:00:7e:b2:dd:01:2d:ec:e1:7c:28:0a:82:43:4b:
13:58:00:63:19:de:b6:53:e5:e4:43:cd:ed:3a:79:7c:11:de:
cc:6f:c8:8f:ec:43:f6:fa:10:53:6a:c4:6b:f6:47:03:f3:a3:
eb:09:ba:d3:aa:9a:96:39:b7:aa:23:96:e0:87:7f:bd:41:95:
5b:0b:b7:48:06:0b:b5:14:74:f3:33:b0:43:fc:de:1e:1c:e2:
52:03:8e:4c:6f:b4:29:46:c3:24:92:71:5d:5e:9e:cb:e6:16:
11:a2:2e:86:c5:98:e9:a3:ea:af:89:77:2a:c6:1a:b8:c4:31:
14:e6:23:8c:5f:c6:69:61:f9:ad:94:76:8e:0d:06:8c:79:7f:
f9:70:29:2b:fa:22:86:f4:a2:62:6c:3a:8b:60:0c:3f:a0:ea:
82:39:5d:fe:e4:0c:f4:cc:77:b0:f7:7f:59:0f:89:6f:08:ad:
47:ea:04:8b:6d:1c:ab:ba:bc:7e:f7:d9:b6:3b:7e:1f:d4:51:
2c:f7:da:85:10:14:81:0e:a1:a1:1d:61:38:f7:73:ce:ba:5a:
a1:28:d3:e7:d4:dd:c3:94:c1:9c:28:80:2f:49:ec:45:09:5f:
8c:3a:ed:a8:98:af:f1:2b:24:1e:33:98:cd:60:76:c0:67:9d:
9a:66:2d:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RiyAhlwF+ji+Wgt1Z42aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUxMDE5MDcwMTQ0WhcNMjUxMDIwMDcwMTQ0WjAzMTEwLwYDVQQD
EygzNmU4NzExOGY2OGMzMmM5N2IxNDNhNTg5NjViYjE1YTJmZmQ4YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uI1p593vhnwzbiLUBHFoc1Yd0IY
eLdQsVld4q/ripKRDi7KyqXo3cV+Xq+TytMeWBQ2G+l5x+S34rVGJvkm52FPz3ip
bCfEQTWjST5JdkE4sgEfjSiYOloqux6IUEGjEhx73BGLuwNNhGoBDfBTpm54sJ5y
AlNJuyqomkzIfwnYMtlk0slrp1WSu/UN749atUPNXOwM3+FPcawGXLv63TAZLuiz
Db476dXB0LIPmFmxu6XckeYNyZpA1NQpxyJHBZv9vXehEA5/f16UhRYkTQJk9+6N
BUlTDX9e/uveafjUTdpcPWKopPv2DMqeDVP4MqJCTXhZFOdyAmqXFeqhrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbocRj2jDLJexQ6WJZbsVov/YueMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg4yiOgB+
st0BLezhfCgKgkNLE1gAYxnetlPl5EPN7Tp5fBHezG/Ij+xD9voQU2rEa/ZHA/Oj
6wm606qaljm3qiOW4Id/vUGVWwu3SAYLtRR08zOwQ/zeHhziUgOOTG+0KUbDJJJx
XV6ey+YWEaIuhsWY6aPqr4l3KsYauMQxFOYjjF/GaWH5rZR2jg0GjHl/+XApK/oi
hvSiYmw6i2AMP6Dqgjld/uQM9Mx3sPd/WQ+JbwitR+oEi20cq7q8fvfZtjt+H9RR
LPfahRAUgQ6hoR1hOPdzzrpaoSjT59Tdw5TBnCiAL0nsRQlfjDrtqJiv8SskHjOY
zWB2wGedmmYtpg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:11:29 2025 by rpki-client