Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json)
Hash identifier: K/kK/9KXprZrrTIt4LOn8Z3h+eywTzzkUOhrP9UFWT8=
Subject key identifier: 1C:19:68:A1:FF:E1:88:A7:BA:3C:B5:6F:90:63:D0:B1:78:B5:B8:92
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 019D270402EB1E0B98FB46F4DF5103556DDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
Manifest number: 1130
Signing time: Wed 25 Mar 2026 22:01:07 +0000
Manifest this update: Wed 25 Mar 2026 22:01:07 +0000
Manifest next update: Thu 26 Mar 2026 22:01:07 +0000
Files and hashes: 1: 7TJ8GqKMB7ONKpmIttAKlfVjIPI.roa (hash: YqU7Dk9vgRbL9GHaPYk9nyjuTWJnjnKlb/odLn25dDg=)
2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: EYkPxeadVCu/pde0YSvo6ASv9PN7pe1MkKQRzvniHws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:02:eb:1e:0b:98:fb:46:f4:df:51:03:55:6d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Mar 25 22:01:07 2026 GMT
Not After : Mar 26 22:01:07 2026 GMT
Subject: CN=1c1968a1ffe188a7ba3cb56f9063d0b178b5b892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d1:06:45:f3:bc:9a:84:4a:52:f9:a8:67:34:
2b:78:7c:45:24:bf:06:d1:c3:9c:a7:25:2a:b7:da:
a9:05:5a:2f:84:5c:15:d3:d9:15:ed:15:8a:18:02:
67:35:f0:15:48:87:1b:12:f8:f2:23:30:00:ff:84:
6a:6e:66:6d:e7:fb:e0:99:48:c3:7b:6e:5b:41:04:
83:b6:16:99:c8:86:61:f1:81:ac:20:a5:d0:24:d5:
2b:cf:e9:2c:e2:e7:fd:8e:64:13:94:68:70:80:87:
e2:7d:ca:e0:b6:af:aa:c0:2a:59:11:d8:db:79:6f:
d6:3a:bf:d5:b3:a9:80:2b:c0:7a:61:db:57:cc:d1:
11:fc:65:54:d3:7f:fc:d4:9b:88:3d:a5:d1:79:65:
12:75:3d:ac:59:2a:6d:9f:31:64:2c:b2:48:b4:fc:
9d:89:9a:b2:68:d8:a3:53:f7:ab:4c:46:dd:fa:f4:
67:77:1f:7d:4e:a0:59:df:98:37:8e:a1:1d:95:f1:
ac:ac:dd:77:13:3b:6d:e4:4d:0c:ea:69:57:68:d5:
98:e4:3a:9f:a1:cd:95:c6:8f:e3:b3:1a:57:90:7d:
02:07:1f:a1:26:5e:20:7e:74:03:74:00:eb:75:a2:
0b:e2:14:e4:08:9d:34:a6:ab:06:54:24:44:df:61:
c2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:19:68:A1:FF:E1:88:A7:BA:3C:B5:6F:90:63:D0:B1:78:B5:B8:92
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:85:d4:6a:46:bf:ea:23:67:b1:21:b7:d8:9f:ed:ae:bb:c6:
9d:80:b2:32:0b:e9:36:3a:6f:39:1b:9d:c3:f2:b5:7b:1e:f9:
62:6c:79:47:2a:3d:b5:8d:f4:84:de:39:e4:e6:cb:52:f9:32:
59:49:a9:bb:6c:9c:67:b3:c7:41:55:63:f7:13:3c:f1:49:e0:
79:c9:aa:d6:5d:15:07:44:48:d9:b5:a6:24:b0:7d:02:4e:d5:
73:f3:ee:81:66:6d:a9:5a:42:21:20:7e:44:0c:2d:bf:08:65:
ba:f0:46:2a:10:ed:a6:ea:26:bf:8c:32:7b:db:04:96:98:74:
7f:17:88:63:1c:c4:26:67:fe:26:c6:d9:fc:42:9d:40:9d:31:
70:c8:64:a4:d6:3a:ba:37:47:b4:1d:48:a9:12:f6:0e:8f:b9:
2c:dc:19:6b:cd:30:db:a4:bb:74:e8:98:13:c2:ff:5b:c0:59:
e6:83:fd:71:05:20:9a:8f:1e:09:d7:79:ad:bd:4c:2a:8c:0c:
9a:c9:f2:52:5e:65:8b:23:cf:2a:c8:7b:d7:85:ec:42:2e:ec:
63:7b:28:f0:b4:e4:7d:71:ab:dc:85:77:68:01:21:57:b3:2f:
82:5b:8d:db:91:92:55:de:e0:cf:6f:c3:f9:54:1a:2f:d4:b0:
10:d4:82:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBALrHguY+0b031EDVW3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjYwMzI1MjIwMTA3WhcNMjYwMzI2MjIwMTA3WjAzMTEwLwYDVQQD
EygxYzE5NjhhMWZmZTE4OGE3YmEzY2I1NmY5MDYzZDBiMTc4YjViODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9EGRfO8moRKUvmoZzQreHxFJL8G
0cOcpyUqt9qpBVovhFwV09kV7RWKGAJnNfAVSIcbEvjyIzAA/4RqbmZt5/vgmUjD
e25bQQSDthaZyIZh8YGsIKXQJNUrz+ks4uf9jmQTlGhwgIfifcrgtq+qwCpZEdjb
eW/WOr/Vs6mAK8B6YdtXzNER/GVU03/81JuIPaXReWUSdT2sWSptnzFkLLJItPyd
iZqyaNijU/erTEbd+vRndx99TqBZ35g3jqEdlfGsrN13Eztt5E0M6mlXaNWY5Dqf
oc2Vxo/jsxpXkH0CBx+hJl4gfnQDdADrdaIL4hTkCJ00pqsGVCRE32HCgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwZaKH/4Yinujy1b5Bj0LF4tbiSMB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe4XUaka/
6iNnsSG32J/trrvGnYCyMgvpNjpvORudw/K1ex75Ymx5Ryo9tY30hN455ObLUvky
WUmpu2ycZ7PHQVVj9xM88Ungecmq1l0VB0RI2bWmJLB9Ak7Vc/PugWZtqVpCISB+
RAwtvwhluvBGKhDtpuomv4wye9sElph0fxeIYxzEJmf+JsbZ/EKdQJ0xcMhkpNY6
ujdHtB1IqRL2Do+5LNwZa80w26S7dOiYE8L/W8BZ5oP9cQUgmo8eCdd5rb1MKowM
msnyUl5liyPPKsh714XsQi7sY3so8LTkfXGr3IV3aAEhV7MvgluN25GSVd7gz2/D
+VQaL9SwENSCmg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:16:36 2026 by rpki-client