Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: eZRInWIP4rZODlyUZYS8dxERmNNidl6NR/v8wrvSXqw=
Subject key identifier: 59:CA:0C:B1:AA:91:FB:F0:B6:33:06:7C:19:06:14:D4:5C:08:1D:7E
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 0198597DC4205AF57C76DEEE9B28C3845CA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 1172
Signing time: Wed 30 Jul 2025 04:01:11 +0000
Manifest this update: Wed 30 Jul 2025 04:01:11 +0000
Manifest next update: Thu 31 Jul 2025 04:01:11 +0000
Files and hashes: 1: gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa (hash: rJ5djAjgxTYzs8j0EQsFjkKUrs3CGg0sgiibLKW68Ck=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: wzO36yievpbthtEbQ22+CXO9QzCXK3I2mPXk2tPBOPo=)
3: wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa (hash: QMvHM8N7K9OdWcNx9rJFFp+Z7jXiktM21WFlvU4ZxMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 31 Jul 2025 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:59:7d:c4:20:5a:f5:7c:76:de:ee:9b:28:c3:84:5c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Jul 30 04:01:11 2025 GMT
Not After : Jul 31 04:01:11 2025 GMT
Subject: CN=59ca0cb1aa91fbf0b633067c190614d45c081d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d0:19:2d:aa:bf:70:15:5d:0f:90:a2:3f:fe:
a7:bf:80:4a:e9:50:8f:5f:83:ad:21:22:2d:7c:47:
77:97:50:34:6f:3c:51:5a:18:03:aa:c7:b9:9b:98:
23:81:4d:29:39:8b:71:bb:d0:75:dc:56:61:77:b2:
c9:82:cf:bd:33:61:20:55:27:4e:16:3c:a8:38:7f:
bf:3f:79:8d:19:81:57:5a:6a:41:3a:ea:a1:4d:f1:
d2:f0:05:10:b5:32:31:ad:b8:ea:df:9b:22:20:11:
c6:e0:8d:0e:8e:d7:fc:93:75:cc:04:b0:60:74:f7:
ce:11:6a:f4:e6:f4:52:8d:a1:0f:72:57:eb:4f:51:
ba:52:bd:3e:26:2d:3b:5c:6a:d2:ea:58:14:cb:75:
3b:8c:e2:75:29:61:20:63:b5:3a:6e:80:8e:bf:d2:
f3:4b:b4:3c:fe:c1:a2:3b:3a:e6:6d:17:d7:ce:6c:
75:72:c1:2f:11:0e:2f:67:34:60:4f:c8:11:ff:7c:
a2:30:a6:60:41:05:bc:a2:bf:2c:35:7c:92:bc:a3:
6f:9c:d0:94:ae:e5:dc:b8:16:7d:f5:c6:b8:70:75:
9b:3b:88:15:35:78:6e:10:2b:5e:ae:20:65:be:e7:
bc:0e:95:ca:f1:6f:a9:cc:c7:d7:66:85:99:3f:9b:
dc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CA:0C:B1:AA:91:FB:F0:B6:33:06:7C:19:06:14:D4:5C:08:1D:7E
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:b0:1a:45:65:31:16:9c:dc:54:2f:2c:e7:2f:cb:fc:67:f0:
17:c4:e2:fd:70:de:1f:59:0a:1f:24:f7:4a:03:22:56:50:ac:
b9:5c:e8:e3:b4:9c:a0:e2:b7:d3:a1:15:c7:d0:93:40:8c:1f:
b0:81:74:a3:41:77:1e:12:6f:f4:ca:a1:5d:b4:7e:41:3d:62:
d4:f6:72:fc:02:78:08:dc:c6:1e:dd:40:ed:ed:a4:58:05:e3:
9a:0b:7e:5a:73:f1:74:f6:db:9c:0b:65:b7:60:bd:9d:d7:4b:
47:32:40:dd:30:66:c3:76:ae:fb:70:2c:0c:a5:d7:82:9e:d7:
75:f6:48:85:9d:c8:78:4f:ff:34:29:ca:cb:39:ef:95:fa:36:
d4:7e:e0:81:b9:11:dd:07:c0:6f:4c:4a:ec:b3:fe:6c:60:9d:
ed:cf:75:55:d3:85:4e:92:27:04:96:4d:4a:c6:bd:50:22:9d:
7a:2b:30:68:3f:82:f8:a9:28:1a:c3:e9:50:9e:15:5b:91:c0:
1c:03:9a:5a:4f:3e:1d:99:45:2e:a2:08:f8:63:fa:86:95:73:
77:b7:49:d2:81:b3:b9:62:1a:c7:a9:f5:ae:f6:54:51:d4:5b:
e2:93:0b:bc:be:fc:95:fa:df:8f:32:0a:8c:88:ad:5f:f3:2b:
93:17:67:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhZfcQgWvV8dt7umyjDhFygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjUwNzMwMDQwMTExWhcNMjUwNzMxMDQwMTExWjAzMTEwLwYDVQQD
Eyg1OWNhMGNiMWFhOTFmYmYwYjYzMzA2N2MxOTA2MTRkNDVjMDgxZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttAZLaq/cBVdD5CiP/6nv4BK6VCP
X4OtISItfEd3l1A0bzxRWhgDqse5m5gjgU0pOYtxu9B13FZhd7LJgs+9M2EgVSdO
FjyoOH+/P3mNGYFXWmpBOuqhTfHS8AUQtTIxrbjq35siIBHG4I0Ojtf8k3XMBLBg
dPfOEWr05vRSjaEPclfrT1G6Ur0+Ji07XGrS6lgUy3U7jOJ1KWEgY7U6boCOv9Lz
S7Q8/sGiOzrmbRfXzmx1csEvEQ4vZzRgT8gR/3yiMKZgQQW8or8sNXySvKNvnNCU
ruXcuBZ99ca4cHWbO4gVNXhuECteriBlvue8DpXK8W+pzMfXZoWZP5vc3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnKDLGqkfvwtjMGfBkGFNRcCB1+MB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASbAaRWUx
FpzcVC8s5y/L/GfwF8Ti/XDeH1kKHyT3SgMiVlCsuVzo47ScoOK306EVx9CTQIwf
sIF0o0F3HhJv9MqhXbR+QT1i1PZy/AJ4CNzGHt1A7e2kWAXjmgt+WnPxdPbbnAtl
t2C9nddLRzJA3TBmw3au+3AsDKXXgp7XdfZIhZ3IeE//NCnKyznvlfo21H7ggbkR
3QfAb0xK7LP+bGCd7c91VdOFTpInBJZNSsa9UCKdeiswaD+C+KkoGsPpUJ4VW5HA
HAOaWk8+HZlFLqII+GP6hpVzd7dJ0oGzuWIax6n1rvZUUdRb4pMLvL78lfrfjzIK
jIitX/MrkxdnvA==
-----END CERTIFICATE-----
Generated at Wed Jul 30 14:06:41 2025 by rpki-client