Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
File: sgTq-NsT70M8-YIp0jLTMKX14lY.mft (raw, json)
Hash identifier: ZhiMj1wZsi/zMTY/yZFN04aueIp/UqS7N0DWClwePwI=
Subject key identifier: 1A:7C:D2:52:AD:9C:6B:FD:FF:DE:A7:AC:02:5A:6A:CB:EA:6C:4F:B3
Authority key identifier: B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
Certificate issuer: /CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Certificate serial: 019843D141A4071F25CFBD27187F2B5404BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
Manifest number: 15FE
Signing time: Fri 25 Jul 2025 23:00:43 +0000
Manifest this update: Fri 25 Jul 2025 23:00:43 +0000
Manifest next update: Sat 26 Jul 2025 23:00:43 +0000
Files and hashes: 1: sgTq-NsT70M8-YIp0jLTMKX14lY.crl (hash: tXGEJuvkwoPV/Mtvbr70VcHkertqCOUVckfnfJxcuLc=)
2: xgKcu0KPsxc8M315Trs0GW1UUwk.roa (hash: ICZ6+2Jz2veLFc1cLdSpid822PA3P/5mVBK8JthGSW0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:43:d1:41:a4:07:1f:25:cf:bd:27:18:7f:2b:54:04:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Validity
Not Before: Jul 25 23:00:43 2025 GMT
Not After : Jul 26 23:00:43 2025 GMT
Subject: CN=1a7cd252ad9c6bfdffdea7ac025a6acbea6c4fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:69:28:bb:0a:3a:c0:07:47:dc:ad:e6:db:6a:
5c:b5:28:b4:5f:0f:d1:a2:f9:81:32:e6:b7:83:7f:
bb:cd:e5:a9:fe:53:28:cd:05:9a:09:fe:9d:fb:65:
e5:94:b4:3b:ff:e2:bf:68:2d:10:ca:55:aa:b2:07:
76:08:7a:cb:b3:42:67:4f:82:bd:e9:b4:b4:6e:64:
6a:5b:ac:91:71:64:dd:17:24:f4:78:73:63:3d:72:
c6:a7:d1:63:89:82:e1:c3:cf:02:b1:12:78:1f:81:
2b:49:01:4c:3f:16:94:6f:3b:df:9f:b9:e1:79:de:
ae:7f:aa:00:26:bf:81:a0:f7:a3:79:ae:f2:06:4f:
f1:3f:40:99:18:99:a5:03:55:55:7c:fa:80:18:8b:
0e:2d:3e:d8:1f:bb:a3:a2:dc:f5:e0:78:b2:c3:28:
38:fd:b1:5e:26:08:82:4a:db:ac:3b:c0:58:21:cb:
6a:63:1c:c8:86:b8:6a:b1:71:29:e5:2e:7b:bd:a8:
1b:72:82:1c:40:62:29:ce:97:e9:09:80:97:11:75:
81:97:d6:77:4c:2b:f7:54:5b:e4:e2:d7:2f:39:01:
d6:89:81:8f:1f:8d:c9:ec:91:32:98:ba:a7:a8:38:
ee:5a:ff:bb:92:17:27:c2:6d:3e:29:fa:ad:09:b3:
8e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7C:D2:52:AD:9C:6B:FD:FF:DE:A7:AC:02:5A:6A:CB:EA:6C:4F:B3
X509v3 Authority Key Identifier:
keyid:B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:18:32:8d:ed:2b:05:6b:b2:72:15:27:cd:72:fc:9a:59:d9:
c4:09:2f:e4:d9:7b:52:d5:fc:e0:73:a5:a7:4d:5b:a1:16:94:
31:04:ac:3b:d8:93:da:31:4f:02:92:c6:0b:7b:ae:b8:2b:3f:
d5:74:3d:a4:1b:f8:68:cb:b8:ee:e4:0f:e6:9d:8f:8f:78:6d:
78:0f:6a:ba:a0:76:9c:b6:18:3f:20:78:33:40:a3:73:c3:59:
4d:e6:e5:d5:90:82:c2:34:e8:83:ea:eb:a5:7d:80:74:96:d0:
3a:42:a9:34:82:b0:ed:cc:26:56:17:bb:e6:69:09:01:9f:75:
cb:6d:04:4c:f5:39:2e:b5:e0:68:c2:1d:f4:65:79:60:93:f4:
05:f4:37:d5:d2:b3:d7:51:c7:fd:c1:a2:f0:94:43:4c:06:c7:
23:d8:89:c4:7d:da:28:55:d8:b3:43:97:48:67:e2:3c:fd:8a:
f5:e1:9d:b5:1d:4e:ed:52:f9:b7:f6:43:74:25:d6:87:8d:66:
b6:6c:e6:a4:10:07:f8:03:58:d9:23:10:d3:b8:7d:8a:99:6a:
21:22:ac:c5:fc:bb:51:09:35:8e:ca:2a:77:91:9c:be:61:10:
cd:6e:56:19:4f:92:0a:77:32:bd:d9:ac:1b:bd:78:3e:5f:c5:
c8:85:e8:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhD0UGkBx8lz70nGH8rVAS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDRlYWY4ZGIxM2VmNDMzY2Y5ODIyOWQyMzJkMzMwYTVm
NWUyNTYwHhcNMjUwNzI1MjMwMDQzWhcNMjUwNzI2MjMwMDQzWjAzMTEwLwYDVQQD
EygxYTdjZDI1MmFkOWM2YmZkZmZkZWE3YWMwMjVhNmFjYmVhNmM0ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mkouwo6wAdH3K3m22pctSi0Xw/R
ovmBMua3g3+7zeWp/lMozQWaCf6d+2XllLQ7/+K/aC0QylWqsgd2CHrLs0JnT4K9
6bS0bmRqW6yRcWTdFyT0eHNjPXLGp9FjiYLhw88CsRJ4H4ErSQFMPxaUbzvfn7nh
ed6uf6oAJr+BoPejea7yBk/xP0CZGJmlA1VVfPqAGIsOLT7YH7ujotz14Hiywyg4
/bFeJgiCStusO8BYIctqYxzIhrhqsXEp5S57vagbcoIcQGIpzpfpCYCXEXWBl9Z3
TCv3VFvk4tcvOQHWiYGPH43J7JEymLqnqDjuWv+7khcnwm0+KfqtCbOOpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBp80lKtnGv9/96nrAJaasvqbE+zMB8GA1UdIwQY
MBaAFLIE6vjbE+9DPPmCKdIy0zCl9eJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAt
MjUwMTdlYzk0MDk1LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAtMjUwMTdlYzk0MDk1
LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqRgyje0r
BWuychUnzXL8mlnZxAkv5Nl7UtX84HOlp01boRaUMQSsO9iT2jFPApLGC3uuuCs/
1XQ9pBv4aMu47uQP5p2Pj3hteA9quqB2nLYYPyB4M0Cjc8NZTebl1ZCCwjTog+rr
pX2AdJbQOkKpNIKw7cwmVhe75mkJAZ91y20ETPU5LrXgaMId9GV5YJP0BfQ31dKz
11HH/cGi8JRDTAbHI9iJxH3aKFXYs0OXSGfiPP2K9eGdtR1O7VL5t/ZDdCXWh41m
tmzmpBAH+ANY2SMQ07h9iplqISKsxfy7UQk1jsoqd5GcvmEQzW5WGU+SCncyvdms
G714Pl/FyIXoww==
-----END CERTIFICATE-----
Generated at Sat Jul 26 05:45:33 2025 by rpki-client