Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
File: StzxlnKWX1GxbYevqxsUkILmw-4.mft (raw, json)
Hash identifier: a+fOv/3MvQAKdLwvpISP6lzTVOwAFHc1JQmG+V5H6e0=
Subject key identifier: 83:7C:D2:C9:FD:1D:C1:37:79:6B:AD:05:F4:03:9C:42:DC:CC:19:E0
Authority key identifier: 4A:DC:F1:96:72:96:5F:51:B1:6D:87:AF:AB:1B:14:90:82:E6:C3:EE
Certificate issuer: /CN=4adcf19672965f51b16d87afab1b149082e6c3ee
Certificate serial: 019A70A4FE87CB626A82BE0401A6BE076ACC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 02:00:52 +0000
Manifest this update: Tue 11 Nov 2025 02:00:52 +0000
Manifest next update: Wed 12 Nov 2025 02:00:52 +0000
Files and hashes: 1: StzxlnKWX1GxbYevqxsUkILmw-4.crl (hash: I+lO4dUdh2mSB1lD5KxCfpT0OYwxZe2gwgrl6WbJ5Fk=)
2: rGUQbl63n9K0Wn_57q9XL0tQAuA.roa (hash: vyvu3YaIjRy8oAh1PUr3JRdMW+KlCqlVTwrvF8kfQF4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:fe:87:cb:62:6a:82:be:04:01:a6:be:07:6a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4adcf19672965f51b16d87afab1b149082e6c3ee
Validity
Not Before: Nov 11 02:00:52 2025 GMT
Not After : Nov 12 02:00:52 2025 GMT
Subject: CN=837cd2c9fd1dc137796bad05f4039c42dccc19e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:33:29:ad:47:4d:e4:d3:b1:6b:26:c1:78:0c:
2f:94:17:c2:43:05:d7:d4:36:21:31:49:a2:83:8d:
8e:93:70:f4:f4:09:c2:1c:44:b9:86:0d:a8:77:c0:
44:6c:7c:c7:69:2c:4c:3c:26:e8:0c:51:fe:f0:de:
1c:81:77:bb:3d:ae:8b:3f:57:33:98:02:d8:28:63:
91:cb:6d:f5:2f:cc:07:64:7e:02:0d:dd:90:7d:91:
9c:a4:eb:d6:76:bb:f9:d8:f3:ee:67:cd:8f:28:8f:
df:80:4e:74:f7:65:08:91:eb:aa:f6:3b:a2:9d:f6:
ac:7e:4c:7d:d0:25:bf:d8:aa:22:b0:cb:f6:76:ba:
3a:4c:02:76:70:cc:ca:0e:35:28:b4:73:fa:80:4c:
d4:90:c9:9b:65:7f:8d:5a:35:35:e3:1a:6d:65:92:
79:bd:27:e2:29:e7:8f:46:ed:64:dc:ab:8a:f3:34:
64:c6:b4:fe:e2:06:16:df:43:79:eb:d7:91:d2:db:
79:da:2f:d6:e7:1c:e2:83:ce:c8:d6:88:8c:fd:84:
ce:18:05:ae:00:a6:1b:aa:18:0c:e7:62:c0:a0:1e:
6e:92:61:98:e3:c4:cd:8e:56:4f:25:ee:7d:da:1f:
34:c7:61:1d:b7:40:a2:34:1e:93:95:18:d2:68:53:
09:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:7C:D2:C9:FD:1D:C1:37:79:6B:AD:05:F4:03:9C:42:DC:CC:19:E0
X509v3 Authority Key Identifier:
keyid:4A:DC:F1:96:72:96:5F:51:B1:6D:87:AF:AB:1B:14:90:82:E6:C3:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:27:9c:92:e8:c3:2d:22:d8:78:83:52:f0:73:25:6d:f0:ce:
b7:0d:a5:d9:75:d3:1f:5d:dc:87:e8:ec:b8:d0:b1:6e:32:50:
7e:d4:70:ef:58:ee:b4:0f:90:13:de:ed:54:10:35:e5:e1:a0:
59:2c:8c:e3:60:25:96:63:55:79:1d:60:fb:fe:60:7a:5f:a4:
3d:4d:fa:ab:9d:ec:6f:16:2d:6b:ea:4a:61:49:7f:67:39:73:
b9:80:02:64:27:55:3a:b3:25:a7:23:7c:4d:0d:40:b0:80:de:
e2:15:4d:9e:5b:78:54:be:e4:ef:db:22:64:be:ad:e8:05:77:
97:d7:b9:4f:ed:19:ad:2d:38:f2:56:c7:d6:e5:2a:7d:66:12:
3e:62:79:d8:55:a4:a7:88:4e:84:d3:b5:58:63:37:49:cb:2c:
e6:b6:d0:d0:18:34:3d:77:2d:7f:fd:07:cb:32:27:29:51:ac:
3e:c8:dd:65:4d:31:d8:ea:89:05:fd:f8:d5:34:0f:2b:9e:38:
5c:ab:86:60:06:f4:49:e2:c5:d5:3c:ba:2c:d4:63:64:23:c9:
d3:36:64:05:5f:f5:d6:11:e4:1a:23:1a:6f:49:4a:d8:1f:e9:
2f:58:c8:6e:60:00:35:b9:97:cd:02:d7:cc:df:65:c4:b0:4d:
df:59:92:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpP6Hy2Jqgr4EAaa+B2rMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZGNmMTk2NzI5NjVmNTFiMTZkODdhZmFiMWIxNDkwODJl
NmMzZWUwHhcNMjUxMTExMDIwMDUyWhcNMjUxMTEyMDIwMDUyWjAzMTEwLwYDVQQD
Eyg4MzdjZDJjOWZkMWRjMTM3Nzk2YmFkMDVmNDAzOWM0MmRjY2MxOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjMprUdN5NOxaybBeAwvlBfCQwXX
1DYhMUmig42Ok3D09AnCHES5hg2od8BEbHzHaSxMPCboDFH+8N4cgXe7Pa6LP1cz
mALYKGORy231L8wHZH4CDd2QfZGcpOvWdrv52PPuZ82PKI/fgE5092UIkeuq9jui
nfasfkx90CW/2KoisMv2dro6TAJ2cMzKDjUotHP6gEzUkMmbZX+NWjU14xptZZJ5
vSfiKeePRu1k3KuK8zRkxrT+4gYW30N569eR0tt52i/W5xzig87I1oiM/YTOGAWu
AKYbqhgM52LAoB5ukmGY48TNjlZPJe592h80x2Edt0CiNB6TlRjSaFMJKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIN80sn9HcE3eWutBfQDnELczBngMB8GA1UdIwQY
MBaAFErc8ZZyll9RsW2Hr6sbFJCC5sPuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yZDJlYjYtMDVkNS00N2EwLThmZWQt
ZWJmMzJhMDQ2OWM3LzEvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yZDJlYjYtMDVkNS00N2EwLThmZWQtZWJmMzJhMDQ2OWM3
LzEvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOSeckujD
LSLYeINS8HMlbfDOtw2l2XXTH13ch+jsuNCxbjJQftRw71jutA+QE97tVBA15eGg
WSyM42AllmNVeR1g+/5gel+kPU36q53sbxYta+pKYUl/ZzlzuYACZCdVOrMlpyN8
TQ1AsIDe4hVNnlt4VL7k79siZL6t6AV3l9e5T+0ZrS048lbH1uUqfWYSPmJ52FWk
p4hOhNO1WGM3Scss5rbQ0Bg0PXctf/0HyzInKVGsPsjdZU0x2OqJBf341TQPK544
XKuGYAb0SeLF1Ty6LNRjZCPJ0zZkBV/11hHkGiMab0lK2B/pL1jIbmAANbmXzQLX
zN9lxLBN31mSNw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:00:30 2025 by rpki-client