Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
File: StzxlnKWX1GxbYevqxsUkILmw-4.mft (raw, json)
Hash identifier: ZMUXyl+iWwNF/HG00izFJdfUf5e46tLbiOxtdiK9Szc=
Subject key identifier: F3:2E:35:FC:9E:6F:60:61:3E:8B:40:28:1B:8D:63:46:91:79:5D:65
Authority key identifier: 4A:DC:F1:96:72:96:5F:51:B1:6D:87:AF:AB:1B:14:90:82:E6:C3:EE
Certificate issuer: /CN=4adcf19672965f51b16d87afab1b149082e6c3ee
Certificate serial: 019A4DE1AD0583DD7DE239A03B3F886A0C0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 08:00:26 +0000
Manifest this update: Tue 04 Nov 2025 08:00:26 +0000
Manifest next update: Wed 05 Nov 2025 08:00:26 +0000
Files and hashes: 1: StzxlnKWX1GxbYevqxsUkILmw-4.crl (hash: iD9dSAAOyR5f1Qrq071vddWOTOFXw3hQXne8k2tXVDo=)
2: rGUQbl63n9K0Wn_57q9XL0tQAuA.roa (hash: vyvu3YaIjRy8oAh1PUr3JRdMW+KlCqlVTwrvF8kfQF4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:ad:05:83:dd:7d:e2:39:a0:3b:3f:88:6a:0c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4adcf19672965f51b16d87afab1b149082e6c3ee
Validity
Not Before: Nov 4 08:00:26 2025 GMT
Not After : Nov 5 08:00:26 2025 GMT
Subject: CN=f32e35fc9e6f60613e8b40281b8d634691795d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:15:be:27:5b:0c:c1:38:8c:99:1f:73:79:0b:
78:7b:df:4d:8e:35:f7:a9:c5:4f:b6:0e:b2:ea:89:
a2:9d:5d:b4:99:d5:b0:53:cb:af:5f:40:9d:bc:b1:
d4:fb:d9:6c:18:bb:ad:87:a8:18:5a:8a:a6:de:94:
84:d6:e3:ba:36:5a:a9:52:55:ff:f6:85:fd:c5:78:
c6:fc:26:48:df:c8:3d:ce:cf:3f:78:0a:e8:86:3d:
94:32:37:48:fb:10:94:04:80:ba:c5:3b:01:54:98:
c5:a1:84:e6:4d:a4:09:99:cb:62:77:17:35:d1:2b:
9d:9b:66:16:1e:63:48:03:ef:60:db:80:fa:72:6e:
e9:37:ba:90:a1:34:d0:50:a6:53:cc:31:9a:f4:e5:
b9:98:3a:a8:5f:02:9e:88:3a:33:e0:ca:c4:b9:ff:
0a:1f:ad:33:cf:04:69:a8:f7:53:f8:c2:e9:95:14:
06:5a:88:36:09:c4:1e:5e:b1:40:db:3b:d7:e9:21:
48:fd:c5:3b:e1:01:4b:4b:e1:97:0c:a1:a0:2e:77:
c1:11:d7:8d:af:d1:eb:ea:39:c8:81:01:70:6a:0f:
eb:81:29:ff:6a:86:16:05:c1:db:de:51:04:24:b8:
f1:e4:6f:0f:e2:89:3b:e7:31:31:71:87:70:fc:d6:
cd:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2E:35:FC:9E:6F:60:61:3E:8B:40:28:1B:8D:63:46:91:79:5D:65
X509v3 Authority Key Identifier:
keyid:4A:DC:F1:96:72:96:5F:51:B1:6D:87:AF:AB:1B:14:90:82:E6:C3:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:05:55:f3:50:c1:4e:9d:40:ab:3d:b4:02:22:e6:7b:f3:90:
3d:7c:08:45:1c:f8:fe:e0:fa:7a:83:ab:b8:47:91:3e:42:65:
b7:8d:9e:1c:8a:49:16:6e:94:6a:07:0c:51:c4:f8:3a:e0:39:
8a:01:ec:7a:34:3d:d4:40:2c:f2:e7:eb:7e:20:6c:e4:e0:b5:
15:43:50:28:95:dc:b9:e0:16:4d:02:3e:9f:38:a9:86:3c:5e:
45:f0:99:2a:e8:e1:74:f7:28:2b:99:ba:fd:64:f5:0b:02:dd:
5a:7e:01:f5:8e:e2:56:78:b4:37:8b:f8:df:19:80:f3:df:a6:
ab:fa:c4:89:16:dc:97:e2:2e:04:ab:92:f0:92:e3:98:0e:c0:
a8:76:e1:b3:27:b2:f0:66:6f:a2:93:1f:4a:07:60:0f:d9:1b:
93:7b:69:58:49:7f:cd:2b:77:32:48:37:9e:ad:02:87:70:3e:
ac:13:49:ba:56:9a:a6:94:f0:22:7a:6c:56:4b:38:4c:05:77:
38:1d:61:ac:9b:69:b3:a5:ee:a6:35:d2:77:c7:7b:70:f7:09:
da:5e:9f:4c:8c:c1:fd:7b:1c:5c:3b:00:cf:45:36:67:c9:f0:
93:d5:2f:53:b8:30:b6:b3:25:db:fa:d4:c1:12:7e:8b:9f:f2:
7b:bd:e9:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4a0Fg9194jmgOz+IagwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZGNmMTk2NzI5NjVmNTFiMTZkODdhZmFiMWIxNDkwODJl
NmMzZWUwHhcNMjUxMTA0MDgwMDI2WhcNMjUxMTA1MDgwMDI2WjAzMTEwLwYDVQQD
EyhmMzJlMzVmYzllNmY2MDYxM2U4YjQwMjgxYjhkNjM0NjkxNzk1ZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBW+J1sMwTiMmR9zeQt4e99NjjX3
qcVPtg6y6ominV20mdWwU8uvX0CdvLHU+9lsGLuth6gYWoqm3pSE1uO6NlqpUlX/
9oX9xXjG/CZI38g9zs8/eArohj2UMjdI+xCUBIC6xTsBVJjFoYTmTaQJmctidxc1
0Sudm2YWHmNIA+9g24D6cm7pN7qQoTTQUKZTzDGa9OW5mDqoXwKeiDoz4MrEuf8K
H60zzwRpqPdT+MLplRQGWog2CcQeXrFA2zvX6SFI/cU74QFLS+GXDKGgLnfBEdeN
r9Hr6jnIgQFwag/rgSn/aoYWBcHb3lEEJLjx5G8P4ok75zExcYdw/NbN4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMuNfyeb2BhPotAKBuNY0aReV1lMB8GA1UdIwQY
MBaAFErc8ZZyll9RsW2Hr6sbFJCC5sPuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yZDJlYjYtMDVkNS00N2EwLThmZWQt
ZWJmMzJhMDQ2OWM3LzEvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yZDJlYjYtMDVkNS00N2EwLThmZWQtZWJmMzJhMDQ2OWM3
LzEvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwVV81DB
Tp1Aqz20AiLme/OQPXwIRRz4/uD6eoOruEeRPkJlt42eHIpJFm6UagcMUcT4OuA5
igHsejQ91EAs8ufrfiBs5OC1FUNQKJXcueAWTQI+nziphjxeRfCZKujhdPcoK5m6
/WT1CwLdWn4B9Y7iVni0N4v43xmA89+mq/rEiRbcl+IuBKuS8JLjmA7AqHbhsyey
8GZvopMfSgdgD9kbk3tpWEl/zSt3Mkg3nq0Ch3A+rBNJulaappTwInpsVks4TAV3
OB1hrJtps6XupjXSd8d7cPcJ2l6fTIzB/XscXDsAz0U2Z8nwk9UvU7gwtrMl2/rU
wRJ+i5/ye73pqQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:15:22 2025 by rpki-client