Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json)
Hash identifier: gh+oKCdaZTPjuoOKOsxF/tSpuBfZCy/9Y3NC/+89+4U=
Subject key identifier: 4F:FF:9B:13:E4:E5:76:7E:34:49:40:28:2A:8E:23:C3:40:F0:07:3E
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 0198D54E204E54CCA1F6643DAC4FCE479338
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
Manifest number: 0EF3
Signing time: Sat 23 Aug 2025 05:02:03 +0000
Manifest this update: Sat 23 Aug 2025 05:02:03 +0000
Manifest next update: Sun 24 Aug 2025 05:02:03 +0000
Files and hashes: 1: JBBfWvBvIPbMFEPW3wW2A3eZfMw.roa (hash: HPVfysoAPIIkBoYBVqV/VP2S0bfAf3Hk6zV6kpgHup8=)
2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: LRkve/FPZzgkYZjmTudFS13cwbcsVi0Mldi0dUsZM0A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4e:20:4e:54:cc:a1:f6:64:3d:ac:4f:ce:47:93:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Aug 23 05:02:03 2025 GMT
Not After : Aug 24 05:02:03 2025 GMT
Subject: CN=4fff9b13e4e5767e344940282a8e23c340f0073e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6e:cb:ca:18:a3:58:98:7d:d3:bd:b1:52:ba:
4c:d3:0d:2a:bb:39:41:84:b4:4d:61:8d:76:b9:ab:
30:18:be:ed:f4:c9:4d:b5:5b:c4:7a:43:1e:b3:15:
50:71:ac:8c:f2:cf:4e:1d:9c:6f:91:4f:c5:f4:2f:
60:ec:0d:92:23:f5:28:71:89:b4:8c:f6:16:5e:71:
68:61:a1:a1:46:96:22:b5:49:26:94:1c:a1:e5:3d:
72:43:4c:d5:3b:4b:fe:ad:15:cb:c3:7f:35:19:e5:
2a:15:ec:d5:5d:d4:a3:e6:13:33:30:02:df:db:e0:
94:0f:2a:e0:8f:65:31:7c:ad:de:2c:a4:66:83:29:
ed:52:de:83:b4:4e:37:4d:1f:b0:32:9b:5d:e1:15:
8a:c3:23:a9:d4:e2:6a:cc:44:7b:00:bc:6d:25:d7:
d2:74:77:be:57:d6:e1:0d:41:5b:23:65:c5:a9:cf:
07:94:84:18:99:1a:92:2a:92:eb:df:82:0b:7f:91:
8f:ce:9d:2c:97:b9:e3:fd:9b:3a:4a:d1:e7:31:c6:
84:69:f6:18:d5:c2:32:28:f2:f3:38:b2:f8:c8:18:
2d:66:94:ba:aa:21:f8:dc:e0:ca:bf:9e:cd:fb:0e:
5a:f1:72:3e:cd:9b:5c:64:1b:01:e3:53:ec:36:ae:
a8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FF:9B:13:E4:E5:76:7E:34:49:40:28:2A:8E:23:C3:40:F0:07:3E
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:c3:60:72:4c:02:5a:25:36:fa:c3:9a:7a:b5:5a:97:aa:1b:
e9:38:57:3a:cc:78:90:d6:0e:38:38:7a:82:e6:f3:ed:6c:5b:
63:43:50:df:c6:c4:eb:da:8a:05:39:c8:98:44:36:1a:e0:d6:
da:e3:31:a0:b9:13:d3:74:97:14:b1:26:ea:21:2c:32:8d:70:
fd:71:6f:86:48:81:a5:8b:a0:31:db:97:62:1d:0a:ad:1b:af:
fd:cb:60:87:0e:c4:62:38:c6:d3:f3:c3:ca:f7:bf:a6:91:28:
54:bd:72:44:95:80:cf:a2:20:96:01:2e:87:b8:ca:e4:03:2a:
6a:ec:23:1f:67:3a:c2:8c:fa:a1:37:cc:1b:59:66:61:fc:be:
27:85:ef:7e:63:ae:52:4d:f4:02:86:a2:5a:47:9e:6b:cf:43:
ba:2d:1e:54:2e:ca:0a:c1:5d:06:c2:f7:c9:76:17:36:db:8c:
64:61:5f:89:d1:00:3b:cb:4f:f5:f1:0e:27:bd:8f:8c:74:15:
9f:ca:21:00:63:15:ee:1c:9b:eb:b8:d2:7c:ea:42:70:fe:b8:
c4:b1:88:b0:6b:23:9c:90:0b:62:cf:d2:82:e3:01:09:2f:78:
82:87:0b:63:d0:6c:7e:a1:3b:b3:81:84:94:0c:29:e6:70:2e:
75:8a:73:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTiBOVMyh9mQ9rE/OR5M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjUwODIzMDUwMjAzWhcNMjUwODI0MDUwMjAzWjAzMTEwLwYDVQQD
Eyg0ZmZmOWIxM2U0ZTU3NjdlMzQ0OTQwMjgyYThlMjNjMzQwZjAwNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG7LyhijWJh9072xUrpM0w0quzlB
hLRNYY12uaswGL7t9MlNtVvEekMesxVQcayM8s9OHZxvkU/F9C9g7A2SI/UocYm0
jPYWXnFoYaGhRpYitUkmlByh5T1yQ0zVO0v+rRXLw381GeUqFezVXdSj5hMzMALf
2+CUDyrgj2UxfK3eLKRmgyntUt6DtE43TR+wMptd4RWKwyOp1OJqzER7ALxtJdfS
dHe+V9bhDUFbI2XFqc8HlIQYmRqSKpLr34ILf5GPzp0sl7nj/Zs6StHnMcaEafYY
1cIyKPLzOLL4yBgtZpS6qiH43ODKv57N+w5a8XI+zZtcZBsB41PsNq6oOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE//mxPk5XZ+NElAKCqOI8NA8Ac+MB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8NgckwC
WiU2+sOaerVal6ob6ThXOsx4kNYOODh6gubz7WxbY0NQ38bE69qKBTnImEQ2GuDW
2uMxoLkT03SXFLEm6iEsMo1w/XFvhkiBpYugMduXYh0KrRuv/ctghw7EYjjG0/PD
yve/ppEoVL1yRJWAz6IglgEuh7jK5AMqauwjH2c6woz6oTfMG1lmYfy+J4XvfmOu
Uk30AoaiWkeea89Dui0eVC7KCsFdBsL3yXYXNtuMZGFfidEAO8tP9fEOJ72PjHQV
n8ohAGMV7hyb67jSfOpCcP64xLGIsGsjnJALYs/SguMBCS94gocLY9BsfqE7s4GE
lAwp5nAudYpzVg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:33:33 2025 by rpki-client