Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json)
Hash identifier: ycuORhHGXWp3J6fxGQK8ZUHah8qB4eeXR3OqT8IjqTk=
Subject key identifier: 54:AB:46:F7:91:87:46:9A:A3:56:E2:17:8C:DB:7B:D1:82:40:35:F8
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 0199FEB517B0DE360A7A6E36ADD3A5EA11D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
Manifest number: 0F8D
Signing time: Sun 19 Oct 2025 23:01:44 +0000
Manifest this update: Sun 19 Oct 2025 23:01:44 +0000
Manifest next update: Mon 20 Oct 2025 23:01:44 +0000
Files and hashes: 1: JBBfWvBvIPbMFEPW3wW2A3eZfMw.roa (hash: HPVfysoAPIIkBoYBVqV/VP2S0bfAf3Hk6zV6kpgHup8=)
2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: 0VufdOJCf/zE8aXYWfciuzLKxGyPgWrXih4Rzkk0hco=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:b5:17:b0:de:36:0a:7a:6e:36:ad:d3:a5:ea:11:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Oct 19 23:01:44 2025 GMT
Not After : Oct 20 23:01:44 2025 GMT
Subject: CN=54ab46f79187469aa356e2178cdb7bd1824035f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:07:0c:90:7a:7a:90:18:08:1f:47:86:b8:af:
c5:47:c6:e2:0b:c0:d5:4e:b3:9e:ce:fa:b6:4f:2f:
e0:cb:40:6d:3d:2e:ed:c6:b8:15:0b:41:88:62:bc:
b1:82:48:c4:17:2c:1b:49:06:4e:3a:b2:11:a5:98:
cc:c3:1b:47:46:72:c1:21:72:31:e7:21:69:6d:47:
e5:6f:3a:e4:e2:a9:99:83:27:77:79:37:dd:ac:38:
6e:1e:ed:f2:d8:ae:e9:88:e8:0d:33:0c:ab:5c:d6:
1c:56:c5:89:2b:0a:2c:c8:21:95:c4:19:a6:72:c3:
c3:0b:47:9c:70:7f:b8:cd:42:84:08:40:d5:2a:39:
0f:68:9e:eb:1b:8f:ef:41:81:8c:6b:a0:8b:8e:b8:
ad:57:5a:aa:11:8b:24:1d:da:82:f0:f1:16:fd:29:
5a:f4:5d:33:1d:91:dd:00:a1:a1:24:fb:7a:dc:b8:
77:9d:f7:c0:b9:2d:00:93:89:1f:b5:ef:ee:14:15:
05:b0:ac:75:7f:26:53:24:7e:5a:11:4f:c3:c6:a9:
56:06:6f:6a:e6:c4:c7:43:c8:83:63:f8:fd:60:7b:
01:6d:25:0b:5d:6b:6c:8a:61:da:5e:77:6e:94:60:
6f:07:a1:01:8f:1b:84:3c:e4:3c:c7:29:43:d0:43:
84:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:AB:46:F7:91:87:46:9A:A3:56:E2:17:8C:DB:7B:D1:82:40:35:F8
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:25:ea:da:1d:ad:f5:34:7e:92:ad:84:d2:e5:98:de:92:25:
f2:5d:ee:ce:55:a3:34:11:32:8b:f5:d6:bb:88:d0:31:88:f4:
2a:7b:a2:d6:9f:da:a4:00:59:f6:9c:da:20:89:16:74:4c:1e:
51:0e:11:cc:58:17:cb:a3:3e:04:3c:e6:e5:90:0f:26:ca:86:
53:43:30:8b:f3:78:ec:d3:68:92:36:26:0f:18:00:17:6b:4c:
ce:83:48:4c:a5:8f:de:3e:24:29:78:23:f2:1f:1b:43:c3:9b:
d2:56:bd:d6:80:d5:be:ea:1b:9a:c9:00:b8:4f:9a:98:35:63:
8c:14:82:7c:bd:5a:98:1a:2c:72:c0:b0:d9:e7:31:9e:d1:a8:
ce:d2:92:8e:20:7d:07:0f:91:15:36:3e:63:e9:ce:6c:a7:94:
1a:71:b0:02:20:e7:d9:0a:77:39:82:0b:89:e8:93:28:56:e4:
07:ef:a1:3e:8d:ea:4b:6f:66:44:7d:cb:dd:22:0d:28:71:9d:
c4:f3:24:e7:8e:03:a4:96:62:a9:80:7c:3c:b0:2d:a1:86:87:
aa:09:54:06:9a:25:df:2c:88:61:4a:55:ee:78:98:4b:ff:3c:
c9:b6:0b:c2:87:1b:3a:cc:b7:e2:7d:6a:83:df:13:41:63:37:
01:c3:a7:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tRew3jYKem42rdOl6hHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjUxMDE5MjMwMTQ0WhcNMjUxMDIwMjMwMTQ0WjAzMTEwLwYDVQQD
Eyg1NGFiNDZmNzkxODc0NjlhYTM1NmUyMTc4Y2RiN2JkMTgyNDAzNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQcMkHp6kBgIH0eGuK/FR8biC8DV
TrOezvq2Ty/gy0BtPS7txrgVC0GIYryxgkjEFywbSQZOOrIRpZjMwxtHRnLBIXIx
5yFpbUflbzrk4qmZgyd3eTfdrDhuHu3y2K7piOgNMwyrXNYcVsWJKwosyCGVxBmm
csPDC0eccH+4zUKECEDVKjkPaJ7rG4/vQYGMa6CLjritV1qqEYskHdqC8PEW/Sla
9F0zHZHdAKGhJPt63Lh3nffAuS0Ak4kfte/uFBUFsKx1fyZTJH5aEU/DxqlWBm9q
5sTHQ8iDY/j9YHsBbSULXWtsimHaXndulGBvB6EBjxuEPOQ8xylD0EOE8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSrRveRh0aao1biF4zbe9GCQDX4MB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIiXq2h2t
9TR+kq2E0uWY3pIl8l3uzlWjNBEyi/XWu4jQMYj0Knui1p/apABZ9pzaIIkWdEwe
UQ4RzFgXy6M+BDzm5ZAPJsqGU0Mwi/N47NNokjYmDxgAF2tMzoNITKWP3j4kKXgj
8h8bQ8Ob0la91oDVvuobmskAuE+amDVjjBSCfL1amBoscsCw2ecxntGoztKSjiB9
Bw+RFTY+Y+nObKeUGnGwAiDn2Qp3OYILieiTKFbkB++hPo3qS29mRH3L3SINKHGd
xPMk544DpJZiqYB8PLAtoYaHqglUBpol3yyIYUpV7niYS/88ybYLwocbOsy34n1q
g98TQWM3AcOn8A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:23:56 2025 by rpki-client