Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: SXsLx4B5ld57BXhFQJs5AHsTmCsuTkzbI+g1wg1R3HQ=
Subject key identifier: A5:85:4E:D5:7D:68:44:6C:95:0F:35:CA:F2:4C:16:8A:B1:30:24:F6
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 0198D516296AE64D93A8F445AC140A383D00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 11B2
Signing time: Sat 23 Aug 2025 04:00:55 +0000
Manifest this update: Sat 23 Aug 2025 04:00:55 +0000
Manifest next update: Sun 24 Aug 2025 04:00:55 +0000
Files and hashes: 1: gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa (hash: rJ5djAjgxTYzs8j0EQsFjkKUrs3CGg0sgiibLKW68Ck=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: 3lorMlxTH36UZ8OBT/8PTvOnmYEflfwLYfn9kMJmMsk=)
3: wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa (hash: QMvHM8N7K9OdWcNx9rJFFp+Z7jXiktM21WFlvU4ZxMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:16:29:6a:e6:4d:93:a8:f4:45:ac:14:0a:38:3d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Aug 23 04:00:55 2025 GMT
Not After : Aug 24 04:00:55 2025 GMT
Subject: CN=a5854ed57d68446c950f35caf24c168ab13024f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:0d:4f:19:20:a6:64:9a:e9:d3:b3:dd:d8:
84:d8:a8:5e:d1:d0:df:5a:5e:00:d4:4c:b1:dc:88:
48:14:62:fb:3d:79:aa:95:9d:20:57:66:d1:23:fa:
a9:d7:b4:b9:16:1a:87:a3:7f:91:39:8a:4e:f1:75:
83:e0:8b:8a:d6:3b:32:42:6d:d9:a4:db:43:57:75:
34:d9:09:f3:fe:63:cb:5c:aa:fd:97:95:ee:a7:ee:
5e:89:5e:1e:94:b8:8b:05:a0:88:69:b2:25:82:c7:
98:ed:8d:01:eb:a9:eb:7c:b6:e8:16:41:60:13:c3:
73:6a:14:59:fe:17:59:34:b5:18:3b:9e:5c:56:61:
bd:4f:6b:47:a7:76:47:c1:f3:e5:96:75:a7:d5:47:
80:fa:0e:58:be:3e:6a:6d:7a:ce:ae:ae:0d:7f:8d:
c8:b7:d6:91:cd:c0:c9:7c:df:22:ef:ef:70:44:9c:
29:5e:bf:5d:b8:b4:47:bb:1f:e9:36:a4:c0:97:81:
54:7f:d3:df:9a:8b:92:f9:e1:6e:c2:34:19:48:8e:
f1:0d:8f:53:e9:c3:fa:ef:f8:8b:79:d0:76:87:5a:
12:54:31:63:ef:2c:5a:a0:d4:63:af:69:36:e7:12:
c8:f3:fc:db:88:b3:57:b2:37:cf:02:ab:29:e2:09:
cf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:85:4E:D5:7D:68:44:6C:95:0F:35:CA:F2:4C:16:8A:B1:30:24:F6
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:77:92:a3:16:22:df:c7:53:6e:9f:fb:70:64:c6:48:98:9b:
91:36:f0:41:85:9b:e3:0e:4e:1e:c5:34:c6:d5:4a:24:fb:cc:
39:d8:85:03:5e:3d:89:1e:ed:92:b9:42:45:45:0f:57:6e:d4:
3b:75:7b:19:63:cf:d7:88:0e:70:06:38:93:79:7c:6d:59:f8:
13:1b:2f:ee:4e:b8:18:06:e6:17:96:be:dd:f6:4d:9b:8b:dd:
fb:f9:57:94:ad:8a:47:fb:30:59:5d:c6:5f:1b:10:51:2c:74:
6e:ae:4f:c7:80:da:ff:58:12:a6:2b:e9:f5:64:87:1d:e5:98:
98:94:98:db:a8:ac:ab:ed:89:03:79:ec:b2:34:82:dc:0d:fa:
ed:01:51:62:26:3e:c8:73:1c:cf:c7:80:db:04:e8:87:56:e9:
9e:0d:a1:0e:9d:a8:71:d2:bf:94:31:82:67:47:dd:59:61:25:
0d:bc:a2:e5:26:85:62:a9:93:5f:0b:47:3d:29:55:41:9f:c6:
59:70:b7:05:e2:e7:28:df:92:85:64:15:49:2c:ce:4e:14:6a:
c2:4b:e2:7f:c2:2f:7d:c6:e4:fa:1f:d0:6a:e2:37:ac:b2:87:
6b:36:a4:80:18:6f:2e:c8:d0:fa:e3:b6:fd:cf:8f:7d:bf:d9:
af:49:b1:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFilq5k2TqPRFrBQKOD0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjUwODIzMDQwMDU1WhcNMjUwODI0MDQwMDU1WjAzMTEwLwYDVQQD
EyhhNTg1NGVkNTdkNjg0NDZjOTUwZjM1Y2FmMjRjMTY4YWIxMzAyNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmesNTxkgpmSa6dOz3diE2Khe0dDf
Wl4A1Eyx3IhIFGL7PXmqlZ0gV2bRI/qp17S5FhqHo3+ROYpO8XWD4IuK1jsyQm3Z
pNtDV3U02Qnz/mPLXKr9l5Xup+5eiV4elLiLBaCIabIlgseY7Y0B66nrfLboFkFg
E8NzahRZ/hdZNLUYO55cVmG9T2tHp3ZHwfPllnWn1UeA+g5Yvj5qbXrOrq4Nf43I
t9aRzcDJfN8i7+9wRJwpXr9duLRHux/pNqTAl4FUf9PfmouS+eFuwjQZSI7xDY9T
6cP67/iLedB2h1oSVDFj7yxaoNRjr2k25xLI8/zbiLNXsjfPAqsp4gnPeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWFTtV9aERslQ81yvJMFoqxMCT2MB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtneSoxYi
38dTbp/7cGTGSJibkTbwQYWb4w5OHsU0xtVKJPvMOdiFA149iR7tkrlCRUUPV27U
O3V7GWPP14gOcAY4k3l8bVn4Exsv7k64GAbmF5a+3fZNm4vd+/lXlK2KR/swWV3G
XxsQUSx0bq5Px4Da/1gSpivp9WSHHeWYmJSY26isq+2JA3nssjSC3A367QFRYiY+
yHMcz8eA2wToh1bpng2hDp2ocdK/lDGCZ0fdWWElDbyi5SaFYqmTXwtHPSlVQZ/G
WXC3BeLnKN+ShWQVSSzOThRqwkvif8Ivfcbk+h/QauI3rLKHazakgBhvLsjQ+uO2
/c+Pfb/Zr0mx9g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:07:42 2025 by rpki-client