Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
File: stlAHspsipMG0QCSu-DC4ZUA6X8.mft (raw, json)
Hash identifier: SLShaDLBxMoaYWJt285INq7ZspAN5JF3BZhY7yEqwyY=
Subject key identifier: 37:5F:FB:29:D1:01:25:15:A2:75:B8:CB:01:9D:2B:CD:53:4B:25:06
Authority key identifier: B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
Certificate issuer: /CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Certificate serial: 019A54519BC049B8C68AD6E7F7ECAA499D65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
Manifest number: 1712
Signing time: Wed 05 Nov 2025 14:00:25 +0000
Manifest this update: Wed 05 Nov 2025 14:00:25 +0000
Manifest next update: Thu 06 Nov 2025 14:00:25 +0000
Files and hashes: 1: soSBsLQYC7V6yaNpfJM8sFC7fR4.roa (hash: nF8wYjzOXAcieN8jO0uTIHBAl7NBBBuHSNIF4hRr2/A=)
2: stlAHspsipMG0QCSu-DC4ZUA6X8.crl (hash: /O4iIp9Q9EDxL6PahPbBDyB4TYtKXY3Xkrxu2zJiY5k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:51:9b:c0:49:b8:c6:8a:d6:e7:f7:ec:aa:49:9d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Validity
Not Before: Nov 5 14:00:25 2025 GMT
Not After : Nov 6 14:00:25 2025 GMT
Subject: CN=375ffb29d1012515a275b8cb019d2bcd534b2506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a4:a9:b0:90:7f:75:c6:2e:cb:03:d9:a2:72:
dd:a7:80:8e:e4:d5:6a:49:c9:c8:ef:db:28:89:c5:
55:26:94:67:c2:2b:7b:67:4b:96:69:24:57:9e:96:
2c:81:18:6d:45:7d:1d:54:33:fb:1b:0c:8b:a0:8d:
62:11:25:0f:54:38:33:77:54:82:44:20:18:82:1f:
93:c7:3a:f9:f6:b0:9d:ca:ce:05:3c:42:fb:35:1b:
54:98:07:5a:e7:3c:66:d7:de:bb:bc:09:67:2b:a3:
ae:d3:df:1f:56:18:d4:f5:93:b5:22:1e:e8:9f:f5:
8f:32:54:04:fb:c4:54:95:6b:02:67:1c:ab:5e:0d:
0f:34:46:a2:9d:b1:c6:3f:15:67:de:09:57:4e:9a:
24:27:a8:56:43:90:e7:90:66:fa:2b:ac:35:42:03:
a1:86:07:9d:3a:2b:31:c7:0b:14:9e:89:2c:90:2e:
42:d5:0e:40:2f:d5:cd:ac:ec:51:6a:f0:2c:38:3c:
dd:22:c1:f6:df:bf:fd:22:7e:b2:38:e8:24:2a:7b:
fc:3d:0c:ae:79:72:44:ab:23:29:4f:e5:83:20:fd:
47:6f:a8:91:9b:46:7f:5e:41:a9:77:b8:ec:ee:c1:
a5:1a:e7:07:5e:44:09:9d:34:22:a8:8f:9e:cd:b4:
25:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5F:FB:29:D1:01:25:15:A2:75:B8:CB:01:9D:2B:CD:53:4B:25:06
X509v3 Authority Key Identifier:
keyid:B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:a3:0d:57:7b:6f:bb:d1:75:92:00:15:ce:c7:d0:1b:45:4d:
1e:16:6e:3e:c5:7e:3f:11:c7:aa:53:aa:19:a6:fa:61:ed:a0:
68:da:67:8c:de:77:15:85:26:f3:20:03:9a:2e:a5:5b:12:18:
c6:71:d9:b9:d9:1b:fb:4f:bf:06:a7:aa:72:a1:cd:63:91:71:
80:01:13:a4:d7:1a:b5:a5:e7:81:10:a0:d6:38:1e:5a:7a:f4:
1e:d3:36:ba:ab:ce:e0:ea:cd:13:fc:15:9c:d2:7e:c3:51:f5:
56:ff:9e:51:9f:fe:1f:43:d8:a6:63:88:3c:43:8a:4b:c5:73:
2a:3b:3f:96:a1:5d:34:98:3d:5a:be:91:c5:a4:55:f2:c4:67:
1f:2e:14:40:b8:a1:e3:9e:f8:87:56:0a:29:de:42:8c:5b:25:
4a:da:d0:d4:48:ff:56:78:e4:9c:1e:c6:90:85:4a:b6:e5:ba:
58:c3:9c:a9:50:84:b3:73:f5:26:e2:b2:bc:d0:31:ef:de:73:
a5:2b:1d:eb:b4:a2:b2:c8:03:bd:51:51:dd:eb:d5:a5:7d:b8:
98:75:c3:8f:6a:02:1d:3d:11:d2:fb:d5:ad:f3:7f:76:f0:de:
0b:13:67:b0:51:1e:6e:93:23:e7:f1:cc:51:27:5a:8a:22:19:
40:22:a1:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUUZvASbjGitbn9+yqSZ1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDk0MDFlY2E2YzhhOTMwNmQxMDA5MmJiZTBjMmUxOTUw
MGU5N2YwHhcNMjUxMTA1MTQwMDI1WhcNMjUxMTA2MTQwMDI1WjAzMTEwLwYDVQQD
EygzNzVmZmIyOWQxMDEyNTE1YTI3NWI4Y2IwMTlkMmJjZDUzNGIyNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8aSpsJB/dcYuywPZonLdp4CO5NVq
ScnI79soicVVJpRnwit7Z0uWaSRXnpYsgRhtRX0dVDP7GwyLoI1iESUPVDgzd1SC
RCAYgh+Txzr59rCdys4FPEL7NRtUmAda5zxm1967vAlnK6Ou098fVhjU9ZO1Ih7o
n/WPMlQE+8RUlWsCZxyrXg0PNEainbHGPxVn3glXTpokJ6hWQ5DnkGb6K6w1QgOh
hgedOisxxwsUnokskC5C1Q5AL9XNrOxRavAsODzdIsH237/9In6yOOgkKnv8PQyu
eXJEqyMpT+WDIP1Hb6iRm0Z/XkGpd7js7sGlGucHXkQJnTQiqI+ezbQlywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdf+ynRASUVonW4ywGdK81TSyUGMB8GA1UdIwQY
MBaAFLLZQB7KbIqTBtEAkrvgwuGVAOl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWIt
ZTEzMzJlN2YwNmZjLzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWItZTEzMzJlN2YwNmZj
LzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE6MNV3tv
u9F1kgAVzsfQG0VNHhZuPsV+PxHHqlOqGab6Ye2gaNpnjN53FYUm8yADmi6lWxIY
xnHZudkb+0+/BqeqcqHNY5FxgAETpNcataXngRCg1jgeWnr0HtM2uqvO4OrNE/wV
nNJ+w1H1Vv+eUZ/+H0PYpmOIPEOKS8VzKjs/lqFdNJg9Wr6RxaRV8sRnHy4UQLih
4574h1YKKd5CjFslStrQ1Ej/VnjknB7GkIVKtuW6WMOcqVCEs3P1JuKyvNAx795z
pSsd67SissgDvVFR3evVpX24mHXDj2oCHT0R0vvVrfN/dvDeCxNnsFEebpMj5/HM
USdaiiIZQCKh8w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:20:58 2025 by rpki-client