Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: SrT9Ex+ieTLm09D1G+uQnxJ6XSu99tnyERskRaQ8CDY=
Subject key identifier: D8:04:23:41:4E:43:7B:4A:B3:5E:09:AC:CF:F4:1D:0A:86:39:7B:9E
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 0198D6600C97044AB29B421349E986548369
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 044F
Signing time: Sat 23 Aug 2025 10:01:15 +0000
Manifest this update: Sat 23 Aug 2025 10:01:15 +0000
Manifest next update: Sun 24 Aug 2025 10:01:15 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: 4uP4QWwE4F9NWkZ0TDDZ7BMEoDkFmkj0XrglJ7+8Xek=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:0c:97:04:4a:b2:9b:42:13:49:e9:86:54:83:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Aug 23 10:01:15 2025 GMT
Not After : Aug 24 10:01:15 2025 GMT
Subject: CN=d80423414e437b4ab35e09accff41d0a86397b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fb:54:b0:16:ce:41:56:42:37:1e:86:5c:16:
a5:6c:af:2a:3d:07:3f:e6:e5:a9:9b:e5:14:46:34:
79:cc:71:f7:29:43:75:f6:90:f3:6e:6f:c2:21:f6:
ec:8d:61:91:bc:07:a4:38:6f:a5:88:9d:85:41:ef:
fb:9a:77:49:9b:74:21:73:e3:74:90:b2:e7:d6:9b:
ab:ae:41:d4:84:19:cb:88:92:b2:ac:d6:9e:7c:15:
0f:28:ae:1f:c9:94:14:5e:10:72:71:4e:a6:f3:2d:
57:14:00:7a:88:4f:b2:ca:0b:41:8d:24:b2:79:ae:
76:c5:4f:d4:ab:57:d1:39:fe:07:3d:6c:28:48:7e:
08:1a:65:7f:aa:5d:af:15:ab:b4:a9:7f:46:a7:e9:
66:7a:45:b4:3c:3d:98:d9:03:fb:0d:74:cd:ca:9b:
9f:19:fb:37:6f:7d:6a:15:28:66:dd:e2:c3:eb:d0:
f0:c5:33:76:ce:94:da:47:b3:ce:c1:20:b0:33:d8:
a2:f1:82:ef:31:ca:bc:ae:f8:91:9c:a4:d4:98:37:
16:a3:19:de:6a:a4:9f:d1:63:eb:53:43:31:90:26:
d9:98:a8:0a:f4:4f:16:b8:c8:41:90:4f:0d:00:37:
da:e1:bb:c4:42:e9:c3:19:09:a5:08:71:ed:f5:ae:
93:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:04:23:41:4E:43:7B:4A:B3:5E:09:AC:CF:F4:1D:0A:86:39:7B:9E
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:98:6e:bb:34:d1:2b:a3:2d:f0:b9:52:a4:01:6a:23:c6:ec:
03:06:8b:56:a9:3a:7b:14:e0:2f:07:1d:bd:6d:7e:55:85:2e:
ed:71:4b:8f:d6:7f:53:e7:45:6b:87:eb:15:7f:71:b6:b5:d6:
28:d1:7d:e3:3b:a7:a0:1e:61:14:fb:c4:86:91:4a:34:01:bd:
43:e1:1e:61:b3:c3:14:3b:57:8b:9c:92:4a:c7:93:86:35:5f:
1a:88:58:57:65:80:5d:2a:1d:12:fb:32:22:d7:da:76:51:17:
75:e3:95:a5:d8:58:f5:20:3a:28:69:b9:d6:7d:73:6c:a0:28:
dc:42:58:03:d8:c2:85:f8:cc:ad:77:2e:21:10:4d:5c:2e:9c:
76:6b:99:86:a8:a2:3d:3b:c0:9e:e8:03:07:bd:b9:cb:fb:a6:
3b:3d:08:2d:1d:6c:d3:9d:b2:bd:ff:bb:07:4e:26:96:97:54:
a0:c7:60:51:ba:47:5a:6d:17:7c:8a:62:10:a0:92:8b:e0:01:
15:ec:4e:8b:e8:50:e1:09:83:cd:9d:d7:07:e6:b8:d6:21:d1:
f6:2a:43:df:e8:a5:22:3e:f6:ca:bb:4d:74:5f:ab:91:08:ef:
f0:5e:d3:c9:08:9f:bc:7c:53:5c:e4:48:ed:88:6a:3b:41:4e:
a8:47:f5:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYAyXBEqym0ITSemGVINpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUwODIzMTAwMTE1WhcNMjUwODI0MTAwMTE1WjAzMTEwLwYDVQQD
EyhkODA0MjM0MTRlNDM3YjRhYjM1ZTA5YWNjZmY0MWQwYTg2Mzk3YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvtUsBbOQVZCNx6GXBalbK8qPQc/
5uWpm+UURjR5zHH3KUN19pDzbm/CIfbsjWGRvAekOG+liJ2FQe/7mndJm3Qhc+N0
kLLn1purrkHUhBnLiJKyrNaefBUPKK4fyZQUXhBycU6m8y1XFAB6iE+yygtBjSSy
ea52xU/Uq1fROf4HPWwoSH4IGmV/ql2vFau0qX9Gp+lmekW0PD2Y2QP7DXTNypuf
Gfs3b31qFShm3eLD69DwxTN2zpTaR7POwSCwM9ii8YLvMcq8rviRnKTUmDcWoxne
aqSf0WPrU0MxkCbZmKgK9E8WuMhBkE8NADfa4bvEQunDGQmlCHHt9a6TPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgEI0FOQ3tKs14JrM/0HQqGOXueMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYphuuzTR
K6Mt8LlSpAFqI8bsAwaLVqk6exTgLwcdvW1+VYUu7XFLj9Z/U+dFa4frFX9xtrXW
KNF94zunoB5hFPvEhpFKNAG9Q+EeYbPDFDtXi5ySSseThjVfGohYV2WAXSodEvsy
ItfadlEXdeOVpdhY9SA6KGm51n1zbKAo3EJYA9jChfjMrXcuIRBNXC6cdmuZhqii
PTvAnugDB725y/umOz0ILR1s052yvf+7B04mlpdUoMdgUbpHWm0XfIpiEKCSi+AB
FexOi+hQ4QmDzZ3XB+a41iHR9ipD3+ilIj72yrtNdF+rkQjv8F7TyQifvHxTXORI
7YhqO0FOqEf1IQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:42:42 2025 by rpki-client