Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
File: stlAHspsipMG0QCSu-DC4ZUA6X8.mft (raw, json)
Hash identifier: cfshkpOA+sRgzTDo14VHbKI6GS2Dml+QRaPpw0C+q/g=
Subject key identifier: CA:A5:B2:04:6D:6E:BB:8B:24:9F:55:D1:47:8B:96:0B:E3:70:A3:44
Authority key identifier: B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
Certificate issuer: /CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Certificate serial: 01988AA116B04A53258D63B68467E868B16E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
Manifest number: 1625
Signing time: Fri 08 Aug 2025 17:01:09 +0000
Manifest this update: Fri 08 Aug 2025 17:01:09 +0000
Manifest next update: Sat 09 Aug 2025 17:01:09 +0000
Files and hashes: 1: soSBsLQYC7V6yaNpfJM8sFC7fR4.roa (hash: nF8wYjzOXAcieN8jO0uTIHBAl7NBBBuHSNIF4hRr2/A=)
2: stlAHspsipMG0QCSu-DC4ZUA6X8.crl (hash: +b80spHzroMyqpJGlEg7Z7660rgSrt58QHykAwKUXJA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 17:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8a:a1:16:b0:4a:53:25:8d:63:b6:84:67:e8:68:b1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Validity
Not Before: Aug 8 17:01:09 2025 GMT
Not After : Aug 9 17:01:09 2025 GMT
Subject: CN=caa5b2046d6ebb8b249f55d1478b960be370a344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:24:2e:c9:77:1b:4f:5b:e2:d1:3b:b3:1e:
e3:54:4b:ad:ae:62:85:7d:0d:f9:cb:6f:58:66:e0:
e9:ca:bb:12:7e:09:be:19:7d:e9:cb:9f:5a:cd:3d:
fb:57:59:59:08:40:97:72:9e:0f:72:9e:52:02:6a:
e3:31:04:59:d5:dc:f8:7f:03:d7:9a:79:df:ee:c3:
05:f0:66:c0:2d:b5:f9:3a:c7:ca:05:d0:05:be:88:
fc:61:2f:a4:ad:75:01:47:71:fa:95:c8:87:9d:6d:
2b:0a:4e:2b:98:9c:28:83:a4:70:64:93:39:24:3f:
ed:9d:73:39:c2:3e:92:95:71:95:76:c8:8c:05:03:
bf:98:31:2e:34:e3:89:47:c0:7e:33:8c:68:0e:01:
af:ba:a6:62:0d:4b:d9:48:81:aa:6f:5e:82:79:69:
3b:33:40:99:f4:51:2b:26:85:7c:51:2c:2e:30:6d:
f5:84:b0:4e:35:e8:c4:48:ad:5a:7c:c4:bb:27:e3:
25:90:e9:96:f9:23:fc:8d:92:11:36:77:ad:2a:f8:
bf:70:fe:8a:cc:85:de:cd:4c:e6:20:74:32:da:48:
e7:49:22:b9:ec:2c:a2:21:4a:a8:17:72:15:84:f8:
87:ce:b5:e4:b8:ba:2d:69:4a:17:17:91:91:60:ee:
3c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A5:B2:04:6D:6E:BB:8B:24:9F:55:D1:47:8B:96:0B:E3:70:A3:44
X509v3 Authority Key Identifier:
keyid:B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:21:bf:99:53:93:3b:61:b2:6b:39:3d:f0:7b:cd:70:54:cc:
d3:65:ff:48:b0:17:83:b0:33:54:08:24:90:d6:ac:fb:e1:7d:
1b:48:1b:2d:b7:a7:30:b8:f1:de:97:2e:69:2c:a1:a0:12:99:
18:bd:9a:30:d0:67:75:ca:dd:de:e6:63:81:ff:05:55:b8:93:
ac:05:7e:e8:91:66:f3:a8:9c:5c:f0:9c:84:b7:15:b7:71:94:
fb:f2:11:74:9c:cf:6c:ed:cb:c8:a1:fd:6c:41:01:50:6a:e4:
44:c3:b6:c1:1e:d6:a6:f4:ab:ba:4d:ab:57:3a:0d:06:49:7d:
42:0d:cf:f3:4e:c8:07:16:ce:8d:f8:7b:99:ce:47:de:b7:74:
3f:05:2a:2f:63:6e:6f:74:36:a6:59:31:8f:75:7e:5c:78:85:
46:2a:28:1b:33:19:7e:31:c5:63:1a:da:54:fb:a9:b2:49:88:
2c:ac:c8:61:69:06:85:cc:e1:57:f6:d3:61:c7:76:09:b1:22:
93:ca:21:27:f8:bc:ad:fd:4c:24:ec:3c:d3:47:08:b6:81:3f:
26:5f:49:f1:66:d2:1c:bb:5d:f1:44:ad:9b:94:70:96:2b:6d:
5a:d8:bf:63:79:5f:bd:45:cb:c0:a7:23:ef:f7:f7:b0:d2:9d:
22:4f:ef:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiKoRawSlMljWO2hGfoaLFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDk0MDFlY2E2YzhhOTMwNmQxMDA5MmJiZTBjMmUxOTUw
MGU5N2YwHhcNMjUwODA4MTcwMTA5WhcNMjUwODA5MTcwMTA5WjAzMTEwLwYDVQQD
EyhjYWE1YjIwNDZkNmViYjhiMjQ5ZjU1ZDE0NzhiOTYwYmUzNzBhMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYYkLsl3G09b4tE7sx7jVEutrmKF
fQ35y29YZuDpyrsSfgm+GX3py59azT37V1lZCECXcp4Pcp5SAmrjMQRZ1dz4fwPX
mnnf7sMF8GbALbX5OsfKBdAFvoj8YS+krXUBR3H6lciHnW0rCk4rmJwog6RwZJM5
JD/tnXM5wj6SlXGVdsiMBQO/mDEuNOOJR8B+M4xoDgGvuqZiDUvZSIGqb16CeWk7
M0CZ9FErJoV8USwuMG31hLBONejESK1afMS7J+MlkOmW+SP8jZIRNnetKvi/cP6K
zIXezUzmIHQy2kjnSSK57CyiIUqoF3IVhPiHzrXkuLotaUoXF5GRYO487QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqlsgRtbruLJJ9V0UeLlgvjcKNEMB8GA1UdIwQY
MBaAFLLZQB7KbIqTBtEAkrvgwuGVAOl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWIt
ZTEzMzJlN2YwNmZjLzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWItZTEzMzJlN2YwNmZj
LzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSG/mVOT
O2Gyazk98HvNcFTM02X/SLAXg7AzVAgkkNas++F9G0gbLbenMLjx3pcuaSyhoBKZ
GL2aMNBndcrd3uZjgf8FVbiTrAV+6JFm86icXPCchLcVt3GU+/IRdJzPbO3LyKH9
bEEBUGrkRMO2wR7WpvSruk2rVzoNBkl9Qg3P807IBxbOjfh7mc5H3rd0PwUqL2Nu
b3Q2plkxj3V+XHiFRiooGzMZfjHFYxraVPupskmILKzIYWkGhczhV/bTYcd2CbEi
k8ohJ/i8rf1MJOw800cItoE/Jl9J8WbSHLtd8UStm5RwlittWti/Y3lfvUXLwKcj
7/f3sNKdIk/veg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 00:59:39 2025 by rpki-client