Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: eaa8LXQp98etH4tZgSqkVrJ1Pk4vHsOclR2Si9iPaFA=
Subject key identifier: 6C:ED:55:93:50:F4:D8:6D:91:E8:45:DB:37:36:C4:18:66:03:3A:40
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 019745F8BF61873FDDC4386E3F95D4B6C8FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 1227
Signing time: Fri 06 Jun 2025 16:00:19 +0000
Manifest this update: Fri 06 Jun 2025 16:00:19 +0000
Manifest next update: Sat 07 Jun 2025 16:00:19 +0000
Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=)
2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: mapuNbGCHiUBAi9pIdaztQCRMbnBuCsvGVSasBUGMsw=)
3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:45:f8:bf:61:87:3f:dd:c4:38:6e:3f:95:d4:b6:c8:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Jun 6 16:00:19 2025 GMT
Not After : Jun 7 16:00:19 2025 GMT
Subject: CN=6ced559350f4d86d91e845db3736c41866033a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:45:d8:15:bd:8c:6c:8d:2c:e2:93:4b:09:8e:
80:da:86:44:5a:40:13:64:6a:8e:25:14:4f:6e:bb:
d2:6d:aa:53:da:61:b5:6d:be:6d:7d:3d:9e:9c:1c:
4e:5d:23:57:3e:36:f0:91:d5:bc:0d:db:99:5b:3b:
c8:10:27:61:11:2d:e3:ec:b0:5a:df:72:22:c8:67:
31:ad:f1:58:46:43:a5:f1:3c:10:6b:e1:e4:72:91:
a0:3f:c2:bd:37:e8:c0:b5:7b:17:f9:23:46:e4:a0:
f4:2e:05:ca:8d:ff:42:7b:74:d4:e3:3a:25:3a:5d:
e4:ae:bf:c9:c3:54:26:97:45:32:64:c0:14:be:fd:
69:48:8c:b4:65:bc:a0:e7:b5:35:cc:0c:ba:b5:fe:
60:bb:59:88:a2:57:2f:e0:e0:60:b9:ed:94:54:a8:
28:c3:e3:36:06:4a:f4:ee:e8:70:93:9c:08:03:a5:
07:de:05:6d:b3:f7:5e:8b:17:3a:1f:72:1e:de:43:
15:08:bd:13:42:55:5e:e9:bb:88:f0:99:75:33:3f:
04:96:89:10:2f:1c:54:d8:73:94:e1:ee:e9:78:b1:
69:1a:0e:b0:4b:ff:4b:3d:13:f6:9f:c9:f4:7f:98:
b8:4e:fa:df:20:cc:8f:4a:fc:c7:0e:b2:a6:0f:90:
61:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:ED:55:93:50:F4:D8:6D:91:E8:45:DB:37:36:C4:18:66:03:3A:40
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:42:13:cd:f5:01:f3:cd:d6:34:52:50:c3:17:27:1b:3e:02:
f8:7e:bf:1c:28:6a:ff:92:c4:6c:84:b3:85:94:f8:d1:4e:ae:
42:89:82:c6:38:24:ca:a9:c9:95:ce:0d:11:a4:02:e3:ee:b2:
d4:46:59:85:a1:fb:78:f8:dc:0b:4a:a6:86:64:c8:72:08:fd:
18:69:5b:1a:a0:77:38:43:02:99:f7:ce:df:f0:54:0d:2a:e3:
96:17:d6:3c:21:96:be:6b:01:7d:81:e0:9e:93:12:12:34:06:
54:35:33:6b:7a:7c:b5:ba:ac:24:a4:24:6a:65:f2:63:8d:31:
1d:80:42:fd:12:7e:7e:46:36:4d:48:21:74:81:80:95:53:d0:
97:b2:1a:6b:c9:a7:7a:cc:3e:6c:b1:68:10:d5:4f:cb:49:48:
d8:7a:4e:a0:c3:e3:f8:f5:65:0a:1f:09:5d:92:e9:09:40:03:
8d:8f:2a:ca:4e:3c:6f:f7:4a:0c:9b:ca:bd:ee:88:f6:4d:d7:
94:40:ba:76:94:1f:22:10:a2:05:74:bb:f2:11:18:f6:20:df:
25:a4:5f:bc:db:86:88:4d:c1:e3:64:39:77:29:44:7a:81:af:
ff:2d:41:32:29:19:a8:a1:61:87:68:b4:f7:59:e6:7e:b5:ca:
c1:21:03:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdF+L9hhz/dxDhuP5XUtsj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUwNjA2MTYwMDE5WhcNMjUwNjA3MTYwMDE5WjAzMTEwLwYDVQQD
Eyg2Y2VkNTU5MzUwZjRkODZkOTFlODQ1ZGIzNzM2YzQxODY2MDMzYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskXYFb2MbI0s4pNLCY6A2oZEWkAT
ZGqOJRRPbrvSbapT2mG1bb5tfT2enBxOXSNXPjbwkdW8DduZWzvIECdhES3j7LBa
33IiyGcxrfFYRkOl8TwQa+HkcpGgP8K9N+jAtXsX+SNG5KD0LgXKjf9Ce3TU4zol
Ol3krr/Jw1Qml0UyZMAUvv1pSIy0Zbyg57U1zAy6tf5gu1mIolcv4OBgue2UVKgo
w+M2Bkr07uhwk5wIA6UH3gVts/deixc6H3Ie3kMVCL0TQlVe6buI8Jl1Mz8ElokQ
LxxU2HOU4e7peLFpGg6wS/9LPRP2n8n0f5i4TvrfIMyPSvzHDrKmD5Bh2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGztVZNQ9NhtkehF2zc2xBhmAzpAMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkITzfUB
883WNFJQwxcnGz4C+H6/HChq/5LEbISzhZT40U6uQomCxjgkyqnJlc4NEaQC4+6y
1EZZhaH7ePjcC0qmhmTIcgj9GGlbGqB3OEMCmffO3/BUDSrjlhfWPCGWvmsBfYHg
npMSEjQGVDUza3p8tbqsJKQkamXyY40xHYBC/RJ+fkY2TUghdIGAlVPQl7Iaa8mn
esw+bLFoENVPy0lI2HpOoMPj+PVlCh8JXZLpCUADjY8qyk48b/dKDJvKve6I9k3X
lEC6dpQfIhCiBXS78hEY9iDfJaRfvNuGiE3B42Q5dylEeoGv/y1BMikZqKFhh2i0
91nmfrXKwSEDYw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:20:47 2025 by rpki-client