Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: eLGATvkdfQ+8db/TLRLexer113JlztOPbhY4OYQqwVY=
Subject key identifier: DD:4B:8B:CE:96:3C:EF:59:94:13:55:68:6D:A3:4A:22:CD:1E:BC:3A
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 019A7112BB89381EA6BDA47C4D85460E397A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 13CB
Signing time: Tue 11 Nov 2025 04:00:44 +0000
Manifest this update: Tue 11 Nov 2025 04:00:44 +0000
Manifest next update: Wed 12 Nov 2025 04:00:44 +0000
Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=)
2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: uio+Xke50i5gKxTdgzmsWPiDUDJO9n7XJLut87NS+po=)
3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:bb:89:38:1e:a6:bd:a4:7c:4d:85:46:0e:39:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Nov 11 04:00:44 2025 GMT
Not After : Nov 12 04:00:44 2025 GMT
Subject: CN=dd4b8bce963cef59941355686da34a22cd1ebc3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:12:94:24:3a:12:5d:dd:75:68:34:67:58:e3:
ba:36:ec:84:c5:54:93:24:cc:dc:3e:5a:96:78:4d:
55:f8:83:fb:63:9a:db:38:81:41:45:1b:39:1e:1e:
cb:de:e4:05:a6:5b:ec:96:16:88:87:59:66:9f:fc:
11:58:d5:43:49:76:65:45:54:5c:2f:73:2f:be:f3:
17:f9:0e:ff:24:02:40:32:e7:66:4a:54:f1:49:4b:
65:e4:d8:a8:d0:7f:a7:fd:c3:d0:d1:39:33:0f:97:
48:62:90:f0:54:8a:a4:9d:d1:4c:9b:a3:53:c0:d5:
ff:e0:97:5a:0a:e1:75:98:28:8e:d7:4d:3d:8c:1a:
e7:5b:0b:14:d5:bd:70:38:fa:7e:6a:ca:cc:52:75:
e3:68:97:fa:aa:d1:d1:8c:2d:43:9a:81:65:77:dd:
79:42:8e:ad:51:3f:1e:c0:7f:a3:97:7e:eb:e8:67:
4f:14:13:60:cc:9a:dc:a2:e8:16:17:4a:3f:a3:f3:
62:82:6f:3e:f5:af:14:83:6a:e9:f1:5c:c9:cc:e3:
c4:45:3d:d5:8a:ca:04:5a:e5:e4:45:63:12:69:b1:
5a:ce:20:a4:8e:5e:b0:5e:02:95:08:c5:57:12:ab:
2f:3a:e9:d2:c0:6c:bd:35:c8:ab:1d:56:9b:4f:c1:
b5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4B:8B:CE:96:3C:EF:59:94:13:55:68:6D:A3:4A:22:CD:1E:BC:3A
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:b4:b6:33:c0:df:37:53:d6:ff:18:72:87:8e:af:50:1e:04:
59:10:4d:c1:d3:60:9b:aa:39:40:e9:4c:b7:41:6d:c7:08:25:
9e:66:82:8b:82:11:22:fb:07:f2:f0:1f:60:ee:22:42:9d:68:
a3:7d:4f:dc:e0:31:62:64:5e:d9:a9:1a:ad:ed:1f:44:d9:fb:
83:65:a0:af:22:81:e8:3a:55:e5:3e:ca:02:6b:8a:e0:28:69:
37:6a:b9:f5:d7:85:ac:b4:bb:20:2b:96:95:39:a3:77:02:2a:
64:b9:5b:e4:b8:a7:ee:73:57:80:48:2b:46:88:40:1e:42:54:
b8:b2:86:26:80:08:11:19:82:80:96:06:2e:1c:b8:d5:ef:40:
7b:95:ba:b2:45:19:be:d4:99:e3:e6:f2:41:80:94:63:a2:40:
38:ea:4c:6a:70:ae:59:ea:10:c2:21:1c:c4:13:3e:15:bc:96:
9a:a3:85:52:e9:50:21:a0:ed:01:a6:a9:9a:a0:2c:33:bf:53:
50:37:d0:db:52:09:21:6d:d2:97:22:81:e4:5e:27:3b:09:c1:
a6:f7:cc:e4:b3:e0:1f:4a:11:5b:85:4f:a5:bd:0d:df:57:c5:
64:4a:1f:aa:7e:68:97:cc:6f:eb:43:93:f7:06:c7:f2:70:d6:
b3:b7:e4:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEruJOB6mvaR8TYVGDjl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUxMTExMDQwMDQ0WhcNMjUxMTEyMDQwMDQ0WjAzMTEwLwYDVQQD
EyhkZDRiOGJjZTk2M2NlZjU5OTQxMzU1Njg2ZGEzNGEyMmNkMWViYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRKUJDoSXd11aDRnWOO6NuyExVST
JMzcPlqWeE1V+IP7Y5rbOIFBRRs5Hh7L3uQFplvslhaIh1lmn/wRWNVDSXZlRVRc
L3MvvvMX+Q7/JAJAMudmSlTxSUtl5Nio0H+n/cPQ0TkzD5dIYpDwVIqkndFMm6NT
wNX/4JdaCuF1mCiO1009jBrnWwsU1b1wOPp+asrMUnXjaJf6qtHRjC1DmoFld915
Qo6tUT8ewH+jl37r6GdPFBNgzJrcougWF0o/o/Nigm8+9a8Ug2rp8VzJzOPERT3V
isoEWuXkRWMSabFaziCkjl6wXgKVCMVXEqsvOunSwGy9NcirHVabT8G1swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1Li86WPO9ZlBNVaG2jSiLNHrw6MB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfLS2M8Df
N1PW/xhyh46vUB4EWRBNwdNgm6o5QOlMt0FtxwglnmaCi4IRIvsH8vAfYO4iQp1o
o31P3OAxYmRe2akare0fRNn7g2WgryKB6DpV5T7KAmuK4ChpN2q59deFrLS7ICuW
lTmjdwIqZLlb5Lin7nNXgEgrRohAHkJUuLKGJoAIERmCgJYGLhy41e9Ae5W6skUZ
vtSZ4+byQYCUY6JAOOpManCuWeoQwiEcxBM+FbyWmqOFUulQIaDtAaapmqAsM79T
UDfQ21IJIW3SlyKB5F4nOwnBpvfM5LPgH0oRW4VPpb0N31fFZEofqn5ol8xv60OT
9wbH8nDWs7fkoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:43 2025 by rpki-client