Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: ptgYTg2PkME7Z29lEG3a6XWC28zk7Rk4jYxP0DASrWw=
Subject key identifier: F4:88:4B:4F:ED:9A:72:2D:60:D4:39:20:05:EE:9E:05:1B:CF:DC:54
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 0197C0ECF83506DA6C3A3CE84839C467C36D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 1123
Signing time: Mon 30 Jun 2025 13:00:44 +0000
Manifest this update: Mon 30 Jun 2025 13:00:44 +0000
Manifest next update: Tue 01 Jul 2025 13:00:44 +0000
Files and hashes: 1: gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa (hash: rJ5djAjgxTYzs8j0EQsFjkKUrs3CGg0sgiibLKW68Ck=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: 0ibEWg5fwDcQapy4Gele4Tdz8YwPBd5S3UyAr1tb7/o=)
3: wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa (hash: QMvHM8N7K9OdWcNx9rJFFp+Z7jXiktM21WFlvU4ZxMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 13:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:ec:f8:35:06:da:6c:3a:3c:e8:48:39:c4:67:c3:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Jun 30 13:00:44 2025 GMT
Not After : Jul 1 13:00:44 2025 GMT
Subject: CN=f4884b4fed9a722d60d4392005ee9e051bcfdc54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c8:74:d1:0d:06:ad:49:34:89:1b:89:d5:63:
3f:78:82:51:e4:cb:79:fc:b2:25:20:73:22:37:2f:
93:1b:20:d9:7c:d3:c7:ee:24:eb:10:73:aa:6e:45:
e3:d3:76:d8:78:6c:7c:cd:7f:12:a6:8f:1b:5f:de:
f2:aa:17:4c:e0:54:53:e6:73:3e:4b:29:e9:a7:b8:
cf:6d:0d:fc:17:80:83:56:d7:f3:c2:27:31:4a:38:
65:d6:f6:e7:2c:3f:8b:4e:c0:0b:7b:dd:78:6d:47:
43:d8:c8:f0:e4:e1:73:22:a7:04:bc:fd:e0:51:b3:
cf:57:3a:0c:fe:20:8f:0b:0d:9f:46:b9:38:f7:34:
ec:c2:42:0c:4b:e2:74:1c:1e:00:f2:f5:f4:da:cd:
75:16:73:a2:53:1c:31:e3:74:5c:23:88:46:7f:1e:
b5:c4:15:1f:a5:c7:8a:5c:a9:4a:e9:08:f8:e7:86:
26:0f:e6:40:8f:c0:28:df:0e:00:3d:f0:b6:2e:3e:
39:9e:64:e2:3c:04:16:96:92:87:30:69:9a:5b:0f:
d7:55:48:79:3a:99:40:e1:bb:72:50:3a:dc:8d:05:
16:0b:f2:fc:65:05:20:a2:d1:88:b4:e7:37:97:eb:
d1:8c:b4:48:ec:d1:82:63:f6:a2:b2:df:d4:63:bf:
b8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:88:4B:4F:ED:9A:72:2D:60:D4:39:20:05:EE:9E:05:1B:CF:DC:54
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:67:af:0a:8c:31:bf:ed:07:6a:84:53:57:ce:17:f0:11:54:
07:0e:06:b6:51:a3:6d:6e:8c:8c:3c:db:8c:63:99:97:e3:43:
90:00:b1:44:bc:1f:cb:a7:46:4d:6a:38:2e:77:86:5e:c5:1c:
d3:3f:fa:1d:90:9b:39:78:37:d6:94:c1:9a:d0:a9:da:8d:bf:
64:d3:38:66:ad:6c:57:11:cf:cb:11:4e:29:81:0f:a5:12:de:
53:41:56:48:36:30:11:eb:26:2a:cf:32:24:05:c9:3c:14:e1:
c6:d6:bb:23:51:62:ef:02:f9:50:84:8c:12:5d:2c:b4:fc:25:
a2:8c:0c:22:a2:41:a5:ae:c3:68:e4:71:ef:76:69:52:f2:d9:
a0:35:49:28:62:1f:fe:a5:aa:f7:4c:80:a4:0f:d9:04:09:f5:
be:4a:d8:2c:39:a6:01:db:24:23:7e:ca:54:6f:da:e2:04:d9:
b3:1f:c9:ce:7b:88:6c:c4:6c:af:57:ee:b5:83:c0:0b:67:ec:
11:a7:00:ba:a8:a2:96:4d:2e:fa:71:af:0c:d2:65:50:03:8d:
cc:fb:fb:7b:68:6f:6f:24:0f:0c:c2:e6:04:60:e2:8b:e8:06:
a8:d5:73:cb:35:04:5c:c1:69:6c:4f:7f:3b:12:fb:87:24:b4:
bc:d7:63:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfA7Pg1BtpsOjzoSDnEZ8NtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjUwNjMwMTMwMDQ0WhcNMjUwNzAxMTMwMDQ0WjAzMTEwLwYDVQQD
EyhmNDg4NGI0ZmVkOWE3MjJkNjBkNDM5MjAwNWVlOWUwNTFiY2ZkYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8h00Q0GrUk0iRuJ1WM/eIJR5Mt5
/LIlIHMiNy+TGyDZfNPH7iTrEHOqbkXj03bYeGx8zX8Spo8bX97yqhdM4FRT5nM+
Synpp7jPbQ38F4CDVtfzwicxSjhl1vbnLD+LTsALe914bUdD2Mjw5OFzIqcEvP3g
UbPPVzoM/iCPCw2fRrk49zTswkIMS+J0HB4A8vX02s11FnOiUxwx43RcI4hGfx61
xBUfpceKXKlK6Qj454YmD+ZAj8Ao3w4APfC2Lj45nmTiPAQWlpKHMGmaWw/XVUh5
OplA4btyUDrcjQUWC/L8ZQUgotGItOc3l+vRjLRI7NGCY/aist/UY7+4kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSIS0/tmnItYNQ5IAXungUbz9xUMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQGevCowx
v+0HaoRTV84X8BFUBw4GtlGjbW6MjDzbjGOZl+NDkACxRLwfy6dGTWo4LneGXsUc
0z/6HZCbOXg31pTBmtCp2o2/ZNM4Zq1sVxHPyxFOKYEPpRLeU0FWSDYwEesmKs8y
JAXJPBThxta7I1Fi7wL5UISMEl0stPwloowMIqJBpa7DaORx73ZpUvLZoDVJKGIf
/qWq90yApA/ZBAn1vkrYLDmmAdskI37KVG/a4gTZsx/JznuIbMRsr1futYPAC2fs
EacAuqiilk0u+nGvDNJlUAONzPv7e2hvbyQPDMLmBGDii+gGqNVzyzUEXMFpbE9/
OxL7hyS0vNdj7Q==
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:47:32 2025 by rpki-client