Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: O4ZWyVhT4i3Xq+56HNSuHzXsIWm/0ZnlqhUXyCZ1yFM=
Subject key identifier: 39:24:00:07:36:E9:19:0A:19:DE:30:7A:65:33:9D:EF:2C:AF:ED:6B
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 019D25BA5C37855147737C3A94ACD8B2CDA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 068D
Signing time: Wed 25 Mar 2026 16:01:03 +0000
Manifest this update: Wed 25 Mar 2026 16:01:03 +0000
Manifest next update: Thu 26 Mar 2026 16:01:03 +0000
Files and hashes: 1: YYlR0VhASW-c1FKU9zzl7csrdhQ.roa (hash: L8Cgn7blv4wmGFxmaxB9nE0adWzGkvnaCFP3mMVQv7g=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: b1fnEJ1ZZWnPJncy8/1R/kihs3olT622ilPohFlbcCI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:5c:37:85:51:47:73:7c:3a:94:ac:d8:b2:cd:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Mar 25 16:01:03 2026 GMT
Not After : Mar 26 16:01:03 2026 GMT
Subject: CN=3924000736e9190a19de307a65339def2cafed6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f7:6b:aa:7b:8a:37:5c:6d:89:7e:aa:cf:ac:
d1:fe:cd:33:f4:2c:a6:03:bc:c5:f5:c4:bc:4d:97:
90:eb:25:6e:1b:15:73:3b:92:78:32:65:b2:45:8f:
77:a1:4c:8b:e4:f2:0d:25:4d:fc:4f:4b:31:e5:54:
1d:bb:9a:cf:3f:b9:9e:95:b3:38:fe:8b:d7:86:70:
c7:f9:08:09:7b:6d:65:be:18:98:d2:c8:db:51:3a:
7a:d5:69:e1:6f:b3:a9:c3:3a:08:df:7f:72:54:4e:
3d:89:9e:f2:db:30:0b:ca:b6:9f:59:e0:86:33:b9:
b8:06:fb:d1:61:8f:8e:e0:96:f8:8b:b2:22:bb:4b:
76:3a:52:e9:48:f1:c2:c4:a7:2e:2f:94:a5:34:cd:
5d:12:02:8c:36:88:c2:13:48:28:29:3d:58:1d:b2:
ee:1a:07:d7:86:dd:8a:d8:b1:2a:bf:fc:28:8e:c6:
aa:c2:58:a3:4f:2e:d9:9d:9e:0b:8a:a1:ba:e1:6f:
ae:c7:f0:03:88:ef:25:90:ee:85:eb:43:00:0b:8e:
4f:f4:86:ca:f4:93:bc:0c:a8:5d:39:50:18:e0:be:
b8:e3:51:e3:79:61:fe:ab:a1:dc:a4:d4:b0:1b:81:
b9:9d:34:d9:6e:54:7f:91:06:0c:9c:98:30:7d:14:
83:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:24:00:07:36:E9:19:0A:19:DE:30:7A:65:33:9D:EF:2C:AF:ED:6B
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:7c:91:69:67:26:0a:f6:56:71:ae:1a:9e:ba:8a:c4:2f:16:
42:ed:b7:07:1d:d0:c6:3d:38:6d:1e:51:a0:1d:13:e0:bd:16:
2a:62:dc:3c:45:f2:ca:d9:a2:7f:92:59:be:ac:83:00:00:b8:
a3:9a:36:30:63:25:1d:5e:3a:7d:cf:37:57:cf:d4:95:47:93:
24:97:51:be:de:15:24:25:b6:94:08:e5:bb:d6:be:8f:16:ad:
17:1f:65:7b:2c:c8:6e:28:c3:5f:6b:2d:f4:59:bb:fc:b6:fa:
c9:fb:7a:3f:c9:dc:97:38:9f:c0:09:ab:dc:15:12:5a:9d:bd:
7e:36:7e:20:ec:57:20:89:29:6d:64:ea:49:0d:f9:73:ee:97:
40:33:32:ca:2c:8e:55:f5:91:e7:3f:19:4d:34:f8:92:7c:0d:
62:d8:cc:bc:5e:5e:63:26:4b:71:7e:c7:3f:b1:a5:62:3b:07:
a0:f9:86:df:a4:4a:90:76:da:35:cf:12:1b:37:ce:ad:2a:41:
fd:e7:c2:3d:82:26:72:04:3d:9e:6d:c2:1d:f0:da:64:9c:a6:
b0:0c:d4:6c:01:de:ba:dd:bd:04:1b:db:5d:dd:99:82:0f:88:
0f:e3:49:7b:09:ed:f8:06:a4:b3:a7:a9:b4:4f:53:8a:c3:1a:
7d:40:be:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lulw3hVFHc3w6lKzYss2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjYwMzI1MTYwMTAzWhcNMjYwMzI2MTYwMTAzWjAzMTEwLwYDVQQD
EygzOTI0MDAwNzM2ZTkxOTBhMTlkZTMwN2E2NTMzOWRlZjJjYWZlZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vdrqnuKN1xtiX6qz6zR/s0z9Cym
A7zF9cS8TZeQ6yVuGxVzO5J4MmWyRY93oUyL5PINJU38T0sx5VQdu5rPP7melbM4
/ovXhnDH+QgJe21lvhiY0sjbUTp61Wnhb7OpwzoI339yVE49iZ7y2zALyrafWeCG
M7m4BvvRYY+O4Jb4i7Iiu0t2OlLpSPHCxKcuL5SlNM1dEgKMNojCE0goKT1YHbLu
GgfXht2K2LEqv/wojsaqwlijTy7ZnZ4LiqG64W+ux/ADiO8lkO6F60MAC45P9IbK
9JO8DKhdOVAY4L6441HjeWH+q6HcpNSwG4G5nTTZblR/kQYMnJgwfRSDHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkkAAc26RkKGd4wemUzne8sr+1rMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcXyRaWcm
CvZWca4anrqKxC8WQu23Bx3Qxj04bR5RoB0T4L0WKmLcPEXyytmif5JZvqyDAAC4
o5o2MGMlHV46fc83V8/UlUeTJJdRvt4VJCW2lAjlu9a+jxatFx9leyzIbijDX2st
9Fm7/Lb6yft6P8nclzifwAmr3BUSWp29fjZ+IOxXIIkpbWTqSQ35c+6XQDMyyiyO
VfWR5z8ZTTT4knwNYtjMvF5eYyZLcX7HP7GlYjsHoPmG36RKkHbaNc8SGzfOrSpB
/efCPYImcgQ9nm3CHfDaZJymsAzUbAHeut29BBvbXd2Zgg+ID+NJewnt+Aaks6ep
tE9TisMafUC+Cw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:08 2026 by rpki-client