Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: G13fPqUCzgtk6kcIEW2MC/EMznqsSsQdsEHN7Zb711w=
Subject key identifier: 26:27:D6:5B:61:22:F9:C1:E4:FF:D6:90:D1:93:69:10:F9:F0:1A:A3
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 019A51877B393A828D18031EFFF221212F71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 1277
Signing time: Wed 05 Nov 2025 01:00:24 +0000
Manifest this update: Wed 05 Nov 2025 01:00:24 +0000
Manifest next update: Thu 06 Nov 2025 01:00:24 +0000
Files and hashes: 1: gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa (hash: rJ5djAjgxTYzs8j0EQsFjkKUrs3CGg0sgiibLKW68Ck=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: cLAU1Hj64r4pHVyq8GwCD1ehxKM/AHozCKcbD4no6Ew=)
3: wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa (hash: QMvHM8N7K9OdWcNx9rJFFp+Z7jXiktM21WFlvU4ZxMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:87:7b:39:3a:82:8d:18:03:1e:ff:f2:21:21:2f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Nov 5 01:00:24 2025 GMT
Not After : Nov 6 01:00:24 2025 GMT
Subject: CN=2627d65b6122f9c1e4ffd690d1936910f9f01aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3e:5c:07:bc:f6:96:62:a1:c2:6e:2d:22:32:
62:a3:0e:5f:0a:4a:9e:63:43:b7:a3:e8:95:9e:f2:
27:43:94:2f:fe:26:f1:a0:1d:19:8e:cd:67:dc:8f:
1f:56:d1:e0:bd:f5:3d:1e:4e:6f:b6:fe:cd:ba:cc:
8d:9d:c4:b4:c4:c0:df:16:5c:df:9f:3b:71:66:cb:
db:1d:ea:08:1e:47:57:64:ae:0c:80:da:c3:bb:e7:
89:75:e3:31:94:55:2f:c2:c4:86:aa:0c:a4:4f:b5:
09:9d:2d:58:b4:ac:3d:a7:b2:ef:d3:a4:56:8c:ec:
b1:6e:1b:a8:64:c4:e3:f3:96:88:f3:3a:9f:b8:96:
e3:27:73:ff:f7:f9:9b:86:5e:35:06:51:01:43:6b:
bf:b4:93:f0:7b:40:ed:11:13:1f:5c:32:bf:3d:db:
51:e6:60:f1:0c:c0:90:20:96:5e:2f:ef:14:e5:4b:
fe:d6:3d:67:07:9a:45:77:39:82:a0:5b:58:d4:ce:
23:97:0e:5a:f3:a3:6f:1f:89:d1:00:9c:ec:7d:b0:
8b:1e:5d:f0:ec:5c:63:09:bf:7c:28:d3:e2:4b:42:
f1:90:b8:75:fb:4f:e6:de:66:08:19:f8:f8:c7:1b:
44:eb:a9:33:5f:4e:a3:e5:3b:31:2c:e9:47:55:3d:
26:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:27:D6:5B:61:22:F9:C1:E4:FF:D6:90:D1:93:69:10:F9:F0:1A:A3
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:e3:44:4e:36:31:f6:30:19:49:64:ab:46:a8:b9:a8:9c:73:
db:d2:a8:59:13:47:05:e8:a2:74:b5:17:da:d9:a4:28:1c:9d:
b8:e3:21:12:19:07:e8:d8:be:67:c9:f5:12:76:60:62:a2:20:
8c:61:ff:14:35:e6:d7:c6:60:e1:d4:2d:c0:c0:cc:e5:de:f9:
b2:4d:a2:0a:d9:3d:35:05:e6:68:dd:3d:33:76:00:1a:e1:57:
d9:53:6e:44:0f:d2:b8:93:68:22:de:e3:5d:ea:36:da:e7:57:
69:ed:78:66:b2:ff:3d:3c:f9:b9:a1:2e:99:7f:6e:0a:f4:3a:
c7:b1:26:61:50:ff:61:bd:68:42:eb:ce:dd:d8:89:c5:ab:14:
5b:97:80:ea:28:34:a4:cb:86:13:cc:be:57:1b:c0:7f:c4:5e:
ca:80:63:aa:b8:a5:94:22:47:ba:34:85:91:f5:0b:36:51:48:
e3:e5:2f:15:fd:e6:ec:11:07:cf:8e:ae:b5:4a:ad:65:c2:17:
4e:6d:e5:71:b9:27:c7:bb:94:f5:37:b3:87:d4:25:06:92:cc:
e8:ca:9f:3f:c5:8e:74:a4:c1:c8:2c:39:cb:73:f8:33:c4:eb:
2c:93:a8:76:40:c3:ea:b5:a9:c8:dd:c5:89:7d:5d:e7:5b:6d:
2a:f8:53:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh3s5OoKNGAMe//IhIS9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjUxMTA1MDEwMDI0WhcNMjUxMTA2MDEwMDI0WjAzMTEwLwYDVQQD
EygyNjI3ZDY1YjYxMjJmOWMxZTRmZmQ2OTBkMTkzNjkxMGY5ZjAxYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD5cB7z2lmKhwm4tIjJiow5fCkqe
Y0O3o+iVnvInQ5Qv/ibxoB0Zjs1n3I8fVtHgvfU9Hk5vtv7NusyNncS0xMDfFlzf
nztxZsvbHeoIHkdXZK4MgNrDu+eJdeMxlFUvwsSGqgykT7UJnS1YtKw9p7Lv06RW
jOyxbhuoZMTj85aI8zqfuJbjJ3P/9/mbhl41BlEBQ2u/tJPwe0DtERMfXDK/PdtR
5mDxDMCQIJZeL+8U5Uv+1j1nB5pFdzmCoFtY1M4jlw5a86NvH4nRAJzsfbCLHl3w
7FxjCb98KNPiS0LxkLh1+0/m3mYIGfj4xxtE66kzX06j5TsxLOlHVT0mXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYn1lthIvnB5P/WkNGTaRD58BqjMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX+NETjYx
9jAZSWSrRqi5qJxz29KoWRNHBeiidLUX2tmkKByduOMhEhkH6Ni+Z8n1EnZgYqIg
jGH/FDXm18Zg4dQtwMDM5d75sk2iCtk9NQXmaN09M3YAGuFX2VNuRA/SuJNoIt7j
Xeo22udXae14ZrL/PTz5uaEumX9uCvQ6x7EmYVD/Yb1oQuvO3diJxasUW5eA6ig0
pMuGE8y+VxvAf8ReyoBjqrillCJHujSFkfULNlFI4+UvFf3m7BEHz46utUqtZcIX
Tm3lcbknx7uU9Tezh9QlBpLM6MqfP8WOdKTByCw5y3P4M8TrLJOodkDD6rWpyN3F
iX1d51ttKvhTDw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:49:23 2025 by rpki-client