Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: MUn1/kZLH5R/J/Ny7D3JaFsq8QAOSrfQ+2Z8i9KcFC0=
Subject key identifier: EF:10:67:E0:D7:54:F7:6D:3C:85:0A:F8:D9:48:8D:80:0F:50:8B:8B
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 0199FC8F3A27D91CFECA94135EC05C8DD406
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 124B
Signing time: Sun 19 Oct 2025 13:01:08 +0000
Manifest this update: Sun 19 Oct 2025 13:01:08 +0000
Manifest next update: Mon 20 Oct 2025 13:01:08 +0000
Files and hashes: 1: gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa (hash: rJ5djAjgxTYzs8j0EQsFjkKUrs3CGg0sgiibLKW68Ck=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: SNOE0u8ZMc8I8IE9EjOeaxlRX4C0jPRiOQMf32NgfXE=)
3: wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa (hash: QMvHM8N7K9OdWcNx9rJFFp+Z7jXiktM21WFlvU4ZxMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:3a:27:d9:1c:fe:ca:94:13:5e:c0:5c:8d:d4:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Oct 19 13:01:08 2025 GMT
Not After : Oct 20 13:01:08 2025 GMT
Subject: CN=ef1067e0d754f76d3c850af8d9488d800f508b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:41:98:83:45:1f:12:9e:89:5a:1b:d2:91:da:
f4:26:c0:9f:18:f3:41:3e:f6:ba:fd:89:15:bf:9c:
a3:86:32:2a:45:72:1c:5a:34:4d:c0:94:da:9f:fe:
6a:e2:5c:55:c1:73:3e:9b:aa:87:a6:54:03:8f:41:
be:dc:2e:99:e0:c9:0e:f7:63:a0:91:88:9d:ca:4e:
0c:fb:e7:1c:89:0c:47:10:a9:2e:ef:43:0c:fd:32:
3c:a3:3c:49:91:31:b2:5a:45:03:b1:ba:74:10:63:
d3:e3:7c:ec:5e:2d:88:09:e5:a9:74:35:c7:6c:b7:
95:ce:71:fb:4d:08:44:27:b2:d3:c6:ab:af:74:7a:
4e:88:2d:30:e3:ff:32:64:7c:c5:8d:1c:d0:2f:7a:
d0:d0:78:4c:79:01:db:fc:8c:04:37:93:ba:6c:ca:
79:99:24:d8:bd:6c:37:d2:29:c6:43:77:a9:77:5c:
25:70:80:cf:63:aa:e5:14:ca:15:e1:02:8c:38:38:
41:81:35:d2:1e:63:1d:ab:47:72:84:49:8f:bc:6c:
a4:9a:27:8c:68:72:ae:4a:22:e4:4e:3f:dd:10:62:
34:73:24:83:82:bf:85:57:bc:04:1f:78:14:cb:90:
a3:ff:59:c3:8a:0e:7e:02:fc:5e:f1:8b:5b:cc:00:
1a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:10:67:E0:D7:54:F7:6D:3C:85:0A:F8:D9:48:8D:80:0F:50:8B:8B
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:bf:41:fa:6c:55:af:6a:ed:19:fb:cf:d2:42:4e:77:78:de:
29:05:4b:05:16:db:59:34:a6:21:39:0b:30:5a:1e:7e:25:18:
c1:dd:d0:71:2e:d7:96:56:21:70:bd:22:e2:97:ec:c5:d4:23:
1a:64:17:fa:3e:f4:1c:27:ed:df:fc:28:2b:cf:41:61:47:0a:
47:73:c0:32:2a:3a:c0:c9:e6:84:84:a5:12:6f:f1:e6:1f:ec:
f4:e5:6c:44:8a:ed:3c:d0:2d:35:62:9e:05:40:4a:ed:04:fd:
d3:a0:be:d2:c9:07:97:4f:df:7d:9f:81:ed:f1:08:58:93:91:
d0:63:7f:5e:99:77:1a:f1:12:ca:a4:fd:67:20:de:a8:c0:2b:
16:5d:90:cc:06:cd:14:f8:60:e6:63:7e:6a:aa:f9:cc:01:07:
8a:ba:53:01:d9:07:cf:51:d0:c8:dc:8c:59:f0:9c:1c:1a:95:
ed:80:bd:a7:bb:7f:a1:85:39:32:82:e3:94:ce:15:02:a3:94:
5f:73:5e:79:42:93:bd:70:5d:c5:af:82:c9:64:26:91:30:7b:
10:5f:58:50:bf:9a:f7:1e:2f:95:fa:76:97:37:11:4c:6e:bb:
d7:e4:86:98:d0:21:83:0c:1f:44:af:46:fd:05:a1:97:05:14:
c9:b9:12:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jzon2Rz+ypQTXsBcjdQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjUxMDE5MTMwMTA4WhcNMjUxMDIwMTMwMTA4WjAzMTEwLwYDVQQD
EyhlZjEwNjdlMGQ3NTRmNzZkM2M4NTBhZjhkOTQ4OGQ4MDBmNTA4YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEGYg0UfEp6JWhvSkdr0JsCfGPNB
Pva6/YkVv5yjhjIqRXIcWjRNwJTan/5q4lxVwXM+m6qHplQDj0G+3C6Z4MkO92Og
kYidyk4M++cciQxHEKku70MM/TI8ozxJkTGyWkUDsbp0EGPT43zsXi2ICeWpdDXH
bLeVznH7TQhEJ7LTxquvdHpOiC0w4/8yZHzFjRzQL3rQ0HhMeQHb/IwEN5O6bMp5
mSTYvWw30inGQ3epd1wlcIDPY6rlFMoV4QKMODhBgTXSHmMdq0dyhEmPvGykmieM
aHKuSiLkTj/dEGI0cySDgr+FV7wEH3gUy5Cj/1nDig5+Avxe8YtbzAAayQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8QZ+DXVPdtPIUK+NlIjYAPUIuLMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE79B+mxV
r2rtGfvP0kJOd3jeKQVLBRbbWTSmITkLMFoefiUYwd3QcS7XllYhcL0i4pfsxdQj
GmQX+j70HCft3/woK89BYUcKR3PAMio6wMnmhISlEm/x5h/s9OVsRIrtPNAtNWKe
BUBK7QT906C+0skHl0/ffZ+B7fEIWJOR0GN/Xpl3GvESyqT9ZyDeqMArFl2QzAbN
FPhg5mN+aqr5zAEHirpTAdkHz1HQyNyMWfCcHBqV7YC9p7t/oYU5MoLjlM4VAqOU
X3NeeUKTvXBdxa+CyWQmkTB7EF9YUL+a9x4vlfp2lzcRTG671+SGmNAhgwwfRK9G
/QWhlwUUybkS4g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:32:44 2025 by rpki-client