Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
File: stlAHspsipMG0QCSu-DC4ZUA6X8.mft (raw, json)
Hash identifier: UymGAGEj8rKHz/cI7MFntWb1zosvvFyK57jjxEn4muc=
Subject key identifier: 95:8D:DB:71:42:A2:06:1E:DE:09:0D:A3:91:76:BE:96:DD:29:6D:ED
Authority key identifier: B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
Certificate issuer: /CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Certificate serial: 0196778CEDAFF8F9431AD4BC1EF4B79AD8B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
Manifest number: 1512
Signing time: Sun 27 Apr 2025 14:00:46 +0000
Manifest this update: Sun 27 Apr 2025 14:00:46 +0000
Manifest next update: Mon 28 Apr 2025 14:00:46 +0000
Files and hashes: 1: soSBsLQYC7V6yaNpfJM8sFC7fR4.roa (hash: nF8wYjzOXAcieN8jO0uTIHBAl7NBBBuHSNIF4hRr2/A=)
2: stlAHspsipMG0QCSu-DC4ZUA6X8.crl (hash: 4EeERGnYPutkb/HQEZWTJqUJ6F9tHhvDmJmPns5896c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:77:8c:ed:af:f8:f9:43:1a:d4:bc:1e:f4:b7:9a:d8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Validity
Not Before: Apr 27 14:00:46 2025 GMT
Not After : Apr 28 14:00:46 2025 GMT
Subject: CN=958ddb7142a2061ede090da39176be96dd296ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:15:69:e5:13:fc:92:3c:eb:a2:a8:8a:92:
34:0a:57:d0:ad:f4:ec:f3:71:5b:3d:68:70:c2:f9:
53:16:cc:5d:4d:8d:bc:65:f5:34:64:b7:48:e3:74:
a0:25:b2:5b:0e:9f:44:b9:f3:5c:86:54:1a:df:fc:
ea:3f:53:79:c2:b7:0d:20:46:26:97:13:f4:8b:6c:
4d:0d:40:3f:0c:da:cf:8f:4c:13:2e:0c:91:60:d8:
af:73:36:9e:bb:9f:03:96:ab:44:c8:2a:df:95:4a:
6c:a2:9f:70:50:6b:fd:2d:63:b2:0f:e6:36:43:d8:
8d:45:4b:b5:ed:8d:06:97:5e:b0:4c:f1:69:59:4e:
6d:75:6d:ba:04:0d:cd:b5:89:45:97:b9:14:c8:c0:
7f:34:e7:6d:ee:6c:4c:2d:b5:e1:e3:fb:b7:d6:66:
2e:4c:a9:6a:3a:9c:85:87:7f:cf:7b:35:10:0a:ac:
a1:70:fa:d4:37:5e:e7:4f:dc:cf:bc:89:13:94:65:
48:aa:32:9c:4b:af:f3:50:af:16:f3:f6:da:d5:a9:
69:9d:1a:44:70:0d:42:49:24:f0:d0:6c:7d:64:1b:
8e:43:ec:e9:3f:35:34:b4:87:76:e7:e5:75:75:23:
87:28:3b:e8:e4:2a:98:8f:c5:64:08:1d:7f:b3:80:
2e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8D:DB:71:42:A2:06:1E:DE:09:0D:A3:91:76:BE:96:DD:29:6D:ED
X509v3 Authority Key Identifier:
keyid:B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:66:3a:ba:ff:b6:2b:82:a5:94:1e:1d:36:ef:74:f6:31:50:
7e:56:92:18:46:4b:e8:23:9b:20:89:0a:44:46:78:81:24:c4:
bb:30:cd:a3:3d:de:26:f9:49:24:9f:47:73:cf:61:bf:6c:38:
4f:15:0d:9d:04:f0:5e:37:ae:82:eb:56:92:33:bc:37:13:ef:
8d:87:3c:eb:a5:77:8b:db:45:a1:28:98:e5:87:b1:04:13:64:
f4:11:c8:0f:d1:ad:27:b1:b6:2a:e6:c8:19:1e:6f:75:6f:36:
5e:e2:c4:de:bc:7c:2d:b8:9c:54:fb:b6:a1:db:3c:a0:d5:97:
33:6e:ea:5d:5a:d1:43:53:7a:ca:59:ca:15:07:e7:06:5d:24:
24:39:0d:34:d8:62:7c:5d:37:e0:4e:48:d5:ce:40:63:d4:e7:
92:b8:f5:8f:32:30:21:5c:f6:37:c2:66:87:5e:fc:3f:fd:bb:
e2:b4:c6:a3:ab:57:4a:4a:00:46:72:a9:b0:0f:f0:9c:fa:94:
92:49:4c:9b:dc:a0:3d:5a:3a:9d:24:ad:b8:27:53:43:92:aa:
e2:ad:b6:c2:8d:f8:d3:cd:9b:97:e6:99:e0:0f:dd:7b:2c:02:
47:a0:7f:9e:b0:0b:a0:5b:02:59:ff:b2:5a:03:e2:9b:57:af:
5a:dc:f6:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3jO2v+PlDGtS8HvS3mti4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDk0MDFlY2E2YzhhOTMwNmQxMDA5MmJiZTBjMmUxOTUw
MGU5N2YwHhcNMjUwNDI3MTQwMDQ2WhcNMjUwNDI4MTQwMDQ2WjAzMTEwLwYDVQQD
Eyg5NThkZGI3MTQyYTIwNjFlZGUwOTBkYTM5MTc2YmU5NmRkMjk2ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveEVaeUT/JI866KoipI0ClfQrfTs
83FbPWhwwvlTFsxdTY28ZfU0ZLdI43SgJbJbDp9EufNchlQa3/zqP1N5wrcNIEYm
lxP0i2xNDUA/DNrPj0wTLgyRYNivczaeu58DlqtEyCrflUpsop9wUGv9LWOyD+Y2
Q9iNRUu17Y0Gl16wTPFpWU5tdW26BA3NtYlFl7kUyMB/NOdt7mxMLbXh4/u31mYu
TKlqOpyFh3/PezUQCqyhcPrUN17nT9zPvIkTlGVIqjKcS6/zUK8W8/ba1alpnRpE
cA1CSSTw0Gx9ZBuOQ+zpPzU0tId25+V1dSOHKDvo5CqYj8VkCB1/s4AuwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWN23FCogYe3gkNo5F2vpbdKW3tMB8GA1UdIwQY
MBaAFLLZQB7KbIqTBtEAkrvgwuGVAOl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWIt
ZTEzMzJlN2YwNmZjLzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWItZTEzMzJlN2YwNmZj
LzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABmY6uv+2
K4KllB4dNu909jFQflaSGEZL6CObIIkKREZ4gSTEuzDNoz3eJvlJJJ9Hc89hv2w4
TxUNnQTwXjeugutWkjO8NxPvjYc866V3i9tFoSiY5YexBBNk9BHID9GtJ7G2KubI
GR5vdW82XuLE3rx8LbicVPu2ods8oNWXM27qXVrRQ1N6ylnKFQfnBl0kJDkNNNhi
fF034E5I1c5AY9Tnkrj1jzIwIVz2N8Jmh178P/274rTGo6tXSkoARnKpsA/wnPqU
kklMm9ygPVo6nSStuCdTQ5Kq4q22wo34082bl+aZ4A/deywCR6B/nrALoFsCWf+y
WgPim1evWtz24A==
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:35:13 2025 by rpki-client