Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: rIABB++QHIvH49u4SoLuXUOcYkP7YmUqsT3frsG92xk=
Subject key identifier: 6D:49:14:C1:BD:33:A8:38:6E:A6:46:86:B2:CC:B2:28:A5:A4:A5:90
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 019A50E30078C2DE9B15AE877A2F4E224EDC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 0513
Signing time: Tue 04 Nov 2025 22:00:45 +0000
Manifest this update: Tue 04 Nov 2025 22:00:45 +0000
Manifest next update: Wed 05 Nov 2025 22:00:45 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: iNLS4GqPR/dJuxDfZRzVz6EpDDh9R8L+vK3TUNKM1tI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:00:78:c2:de:9b:15:ae:87:7a:2f:4e:22:4e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Nov 4 22:00:45 2025 GMT
Not After : Nov 5 22:00:45 2025 GMT
Subject: CN=6d4914c1bd33a8386ea64686b2ccb228a5a4a590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fd:a2:4c:a4:92:2b:6e:53:a5:45:c8:ca:66:
fc:9c:59:58:4e:df:a1:39:07:6d:c1:5d:85:c0:24:
6d:ca:91:a8:16:69:69:1d:b4:c2:f7:2e:54:5a:3f:
bf:05:e5:11:f7:b3:ef:7c:53:1f:4c:ef:3b:f7:0f:
7b:54:5f:32:11:a7:3f:4d:d6:80:26:a0:4e:c9:62:
22:7b:b6:f4:5b:c1:ad:43:3e:a5:9d:bb:77:16:a6:
c5:f6:0f:e8:40:da:d4:e7:79:a5:81:ef:50:c6:96:
b2:27:3a:96:45:94:d4:e4:44:c1:5e:6e:f3:5c:11:
2e:b2:2f:87:32:4d:5f:01:91:ab:fa:63:4e:2b:04:
e7:fa:58:bf:93:63:e3:06:e6:94:4d:b6:35:3d:bd:
ff:18:92:a3:bd:8c:08:5a:5d:a0:ba:5e:e0:54:6d:
05:51:7e:fa:0a:a0:0b:5e:99:47:5b:ea:f1:9d:6d:
37:8b:b3:9c:8f:89:3f:e1:f0:9c:44:0a:c7:52:fe:
8d:6c:bc:c2:6a:69:5c:7c:b5:4d:b1:ce:36:3a:c4:
c5:82:11:2c:72:e2:38:c1:1a:6e:f8:86:8c:28:02:
2a:ab:bf:b8:70:ec:4d:69:0b:e0:bd:b7:27:0c:6c:
f1:45:a7:02:e8:39:7d:23:14:e2:b2:db:d8:08:10:
e2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:49:14:C1:BD:33:A8:38:6E:A6:46:86:B2:CC:B2:28:A5:A4:A5:90
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:bf:41:4b:57:7d:4d:83:de:44:33:d3:b5:c1:5c:d0:3c:47:
bf:e2:d0:04:b8:3d:f1:b3:d8:a4:46:95:c2:68:a0:7e:b7:0b:
cb:a8:17:a8:d0:1d:52:6b:74:76:28:b2:12:be:dc:af:f1:be:
a1:89:76:2f:bd:77:30:f3:f3:40:d8:f3:0e:0b:db:87:43:61:
c1:cf:09:3e:27:de:c4:37:2f:83:c2:66:b9:8d:16:11:6e:0b:
9d:8e:b9:70:6b:95:59:57:c6:1c:5d:9d:66:c9:92:74:c0:63:
d7:97:7d:8a:28:21:1f:1b:eb:7c:32:e5:2b:5c:2e:20:35:f9:
22:4c:c2:18:0b:21:a9:ca:76:5c:cb:e0:6c:78:82:fb:de:bc:
9c:d7:24:01:0a:5a:56:d2:44:dd:23:46:f6:31:95:65:47:00:
16:cc:93:11:d0:b9:f5:24:83:4d:1f:ed:c0:6a:2b:51:90:5d:
2f:04:dd:9d:6b:a9:1f:2a:9f:4e:f3:c2:54:54:5e:cf:ac:da:
86:f6:3c:45:ff:31:ef:82:83:87:87:c5:ea:97:09:08:1d:4d:
f0:b8:f3:c0:41:7b:80:f1:00:2d:f4:be:a9:c5:5a:d9:3d:5e:
95:92:bb:c2:f4:f9:06:b1:47:b0:52:d6:39:a8:7c:4b:86:44:
43:39:79:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4wB4wt6bFa6Hei9OIk7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUxMTA0MjIwMDQ1WhcNMjUxMTA1MjIwMDQ1WjAzMTEwLwYDVQQD
Eyg2ZDQ5MTRjMWJkMzNhODM4NmVhNjQ2ODZiMmNjYjIyOGE1YTRhNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv2iTKSSK25TpUXIymb8nFlYTt+h
OQdtwV2FwCRtypGoFmlpHbTC9y5UWj+/BeUR97PvfFMfTO879w97VF8yEac/TdaA
JqBOyWIie7b0W8GtQz6lnbt3FqbF9g/oQNrU53mlge9QxpayJzqWRZTU5ETBXm7z
XBEusi+HMk1fAZGr+mNOKwTn+li/k2PjBuaUTbY1Pb3/GJKjvYwIWl2gul7gVG0F
UX76CqALXplHW+rxnW03i7Ocj4k/4fCcRArHUv6NbLzCamlcfLVNsc42OsTFghEs
cuI4wRpu+IaMKAIqq7+4cOxNaQvgvbcnDGzxRacC6Dl9IxTistvYCBDiMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1JFMG9M6g4bqZGhrLMsiilpKWQMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADb9BS1d9
TYPeRDPTtcFc0DxHv+LQBLg98bPYpEaVwmigfrcLy6gXqNAdUmt0diiyEr7cr/G+
oYl2L713MPPzQNjzDgvbh0Nhwc8JPifexDcvg8JmuY0WEW4LnY65cGuVWVfGHF2d
ZsmSdMBj15d9iighHxvrfDLlK1wuIDX5IkzCGAshqcp2XMvgbHiC+968nNckAQpa
VtJE3SNG9jGVZUcAFsyTEdC59SSDTR/twGorUZBdLwTdnWupHyqfTvPCVFRez6za
hvY8Rf8x74KDh4fF6pcJCB1N8LjzwEF7gPEALfS+qcVa2T1elZK7wvT5BrFHsFLW
Oah8S4ZEQzl5QA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:16:28 2025 by rpki-client