Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
File: stlAHspsipMG0QCSu-DC4ZUA6X8.mft (raw, json)
Hash identifier: lRZKRBm5y+wta2IrlkgJVdx5Qbf4neYaqSyYphuxUaY=
Subject key identifier: 3F:9E:48:C6:3B:E9:A6:7F:3F:01:76:16:FF:D3:24:51:18:28:F1:32
Authority key identifier: B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
Certificate issuer: /CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Certificate serial: 019D39414881C939DFD5F3C2A8248DF7BD36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 11:01:12 +0000
Manifest this update: Sun 29 Mar 2026 11:01:12 +0000
Manifest next update: Mon 30 Mar 2026 11:01:12 +0000
Files and hashes: 1: Yes7E1nCE9WsDeErGONsuMIwDwg.roa (hash: Aujc0YkvltRGmUvtiXkpAVJcAgOt8vjAA0FwFtGvrVs=)
2: stlAHspsipMG0QCSu-DC4ZUA6X8.crl (hash: fF7OMiXkotGJoSoVmfq9RzogmqmwQwb0j5ks1qOVta8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:48:81:c9:39:df:d5:f3:c2:a8:24:8d:f7:bd:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Validity
Not Before: Mar 29 11:01:12 2026 GMT
Not After : Mar 30 11:01:12 2026 GMT
Subject: CN=3f9e48c63be9a67f3f017616ffd324511828f132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9a:78:1a:01:f9:e2:ec:1d:5a:2f:a2:87:fd:
fa:9c:7b:b3:7a:2e:b0:e3:d5:66:77:4b:a7:8f:51:
f7:c1:6f:4e:a6:7d:bd:7e:5f:30:30:b1:7c:50:a1:
ee:3a:a5:ba:b3:3b:87:31:30:3b:5b:b8:6f:56:4e:
4e:07:e0:27:57:4a:9c:9f:8f:af:6e:e3:1c:bd:7b:
0e:3d:8b:82:84:8d:b7:48:4b:ee:fc:0f:e1:6a:12:
57:cc:ed:c5:32:3d:00:e4:17:ef:d2:2d:00:5a:a4:
7e:9f:d7:17:b6:77:65:ca:7b:a0:d9:ce:36:23:6d:
7d:cd:8f:41:d0:ee:e3:86:d9:a7:5f:92:0a:3f:0e:
3a:2d:df:ba:f4:76:42:76:0f:b4:03:6c:21:e6:90:
03:2d:17:08:0e:4f:44:0c:c7:27:f6:9b:c4:88:68:
41:25:ca:e5:73:cb:9d:3a:f6:03:14:c2:41:ca:34:
b6:46:06:07:72:ad:c2:09:cd:a1:72:5f:05:b0:0d:
a2:26:77:91:e5:92:06:15:5e:2f:03:25:f4:81:ff:
0f:3a:51:2e:1b:d1:5d:b2:9e:8a:07:2a:e8:df:e9:
51:98:4c:50:3f:fb:f5:4f:40:65:0e:46:28:e4:a3:
b0:4d:2c:00:ab:65:44:18:9e:57:3c:aa:41:71:3a:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9E:48:C6:3B:E9:A6:7F:3F:01:76:16:FF:D3:24:51:18:28:F1:32
X509v3 Authority Key Identifier:
keyid:B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:e6:96:bd:f0:2e:59:6c:6b:69:da:83:04:f2:45:98:43:62:
37:24:d1:42:d5:6a:e6:25:13:98:08:65:d1:ab:42:f8:6f:cf:
3b:34:d4:0a:5c:0e:11:37:6e:f2:93:e5:f6:a6:08:9e:0b:ff:
25:67:4c:05:0f:0a:49:b7:79:4c:a3:38:88:c1:fa:28:2d:19:
c6:d3:46:02:90:07:e9:a1:fd:18:7d:e8:31:6a:6e:58:e3:dd:
a1:bb:5e:01:76:33:22:64:58:ea:1e:fa:f7:1d:ac:cf:bf:b1:
a0:30:0a:97:e8:8f:fd:4c:1a:3b:5d:ff:e0:ac:6b:7b:c7:9f:
1c:59:d8:0a:33:90:91:0e:27:f1:15:67:b5:c8:70:31:da:57:
e6:23:a7:62:57:25:1d:d6:a7:df:cf:d4:8a:fd:3f:19:80:34:
57:82:2e:cc:14:ef:3e:e4:6d:e5:c4:d2:68:19:82:54:3a:86:
91:cb:56:5a:85:ce:54:81:12:27:53:6d:ac:d3:23:47:20:3f:
1b:f0:6e:c8:37:e8:9c:da:f9:c7:51:e9:ce:16:0b:d6:01:36:
68:a3:94:5a:84:23:de:e6:b3:13:58:a2:68:f3:07:4e:7a:3d:
cc:ad:ef:ff:ac:f6:3d:9f:5c:28:19:6c:de:ee:5a:7d:92:35:
f9:5e:0f:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QUiByTnf1fPCqCSN9702MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDk0MDFlY2E2YzhhOTMwNmQxMDA5MmJiZTBjMmUxOTUw
MGU5N2YwHhcNMjYwMzI5MTEwMTEyWhcNMjYwMzMwMTEwMTEyWjAzMTEwLwYDVQQD
EygzZjllNDhjNjNiZTlhNjdmM2YwMTc2MTZmZmQzMjQ1MTE4MjhmMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5p4GgH54uwdWi+ih/36nHuzei6w
49Vmd0unj1H3wW9Opn29fl8wMLF8UKHuOqW6szuHMTA7W7hvVk5OB+AnV0qcn4+v
buMcvXsOPYuChI23SEvu/A/hahJXzO3FMj0A5Bfv0i0AWqR+n9cXtndlynug2c42
I219zY9B0O7jhtmnX5IKPw46Ld+69HZCdg+0A2wh5pADLRcIDk9EDMcn9pvEiGhB
Jcrlc8udOvYDFMJByjS2RgYHcq3CCc2hcl8FsA2iJneR5ZIGFV4vAyX0gf8POlEu
G9Fdsp6KByro3+lRmExQP/v1T0BlDkYo5KOwTSwAq2VEGJ5XPKpBcTrP7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+eSMY76aZ/PwF2Fv/TJFEYKPEyMB8GA1UdIwQY
MBaAFLLZQB7KbIqTBtEAkrvgwuGVAOl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWIt
ZTEzMzJlN2YwNmZjLzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWItZTEzMzJlN2YwNmZj
LzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdeaWvfAu
WWxradqDBPJFmENiNyTRQtVq5iUTmAhl0atC+G/POzTUClwOETdu8pPl9qYIngv/
JWdMBQ8KSbd5TKM4iMH6KC0ZxtNGApAH6aH9GH3oMWpuWOPdobteAXYzImRY6h76
9x2sz7+xoDAKl+iP/UwaO13/4Kxre8efHFnYCjOQkQ4n8RVntchwMdpX5iOnYlcl
Hdan38/Uiv0/GYA0V4IuzBTvPuRt5cTSaBmCVDqGkctWWoXOVIESJ1NtrNMjRyA/
G/BuyDfonNr5x1HpzhYL1gE2aKOUWoQj3uazE1iiaPMHTno9zK3v/6z2PZ9cKBls
3u5afZI1+V4PaA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:59:57 2026 by rpki-client