Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: v8qP4KzFqbpuhm+ilurNlOtu61Cq3KGXpXBdnG13LnU=
Subject key identifier: 33:27:46:2C:5C:C4:59:6F:75:3F:45:1C:10:3F:E1:24:55:1D:FB:E3
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 019D76D5F33CE007F33A26DF92C4ED7ECF6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 06B7
Signing time: Fri 10 Apr 2026 10:00:25 +0000
Manifest this update: Fri 10 Apr 2026 10:00:25 +0000
Manifest next update: Sat 11 Apr 2026 10:00:25 +0000
Files and hashes: 1: YYlR0VhASW-c1FKU9zzl7csrdhQ.roa (hash: L8Cgn7blv4wmGFxmaxB9nE0adWzGkvnaCFP3mMVQv7g=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: ynpp7qai7+Lp/hGOHnK3ejfmexPGA0u9KU2Q0ScrE+M=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:76:d5:f3:3c:e0:07:f3:3a:26:df:92:c4:ed:7e:cf:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Apr 10 10:00:25 2026 GMT
Not After : Apr 11 10:00:25 2026 GMT
Subject: CN=3327462c5cc4596f753f451c103fe124551dfbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ab:d4:45:1e:b4:23:12:c0:8b:a8:97:f6:f4:
3d:aa:70:e5:ec:e3:27:20:14:e7:e0:b0:40:b7:80:
9e:1e:d0:3a:ea:5d:9e:36:40:28:1a:60:86:37:f3:
9d:8d:c8:b9:99:28:aa:56:d9:51:bd:49:b9:9d:19:
47:13:c6:8d:cd:f2:0b:a0:1e:20:80:67:4c:8c:6e:
d3:c8:7b:52:77:84:bb:ef:fd:3f:1b:39:ba:0f:37:
9b:f4:dc:e5:74:ed:3c:c5:d1:cd:42:d7:ae:f4:bc:
59:15:46:64:03:5b:57:39:55:64:e0:3b:66:52:fc:
3c:51:62:3c:25:bc:c4:77:03:00:4f:d2:1a:00:6c:
cd:07:61:e5:87:5b:65:07:d1:5c:98:94:80:44:02:
03:f4:62:22:3d:c3:da:19:b6:4c:84:67:00:04:33:
64:49:55:4c:e5:14:5b:cb:e0:93:df:29:63:c5:f2:
3e:fe:42:19:2b:f2:8a:83:f6:c1:33:f3:92:9e:cf:
24:30:9f:97:9a:32:db:d1:4f:b3:a0:55:53:67:d7:
e1:cf:a3:cc:56:23:18:ee:ec:9a:a9:5c:dc:38:6d:
e6:5a:5f:4e:83:a8:84:14:36:51:2d:3f:2d:12:b6:
a5:3b:8b:46:77:52:ea:03:30:8a:f0:a4:10:1f:45:
85:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:27:46:2C:5C:C4:59:6F:75:3F:45:1C:10:3F:E1:24:55:1D:FB:E3
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:64:d2:af:ae:7c:50:a5:09:49:58:f5:c3:bf:87:3d:c5:a1:
f7:9e:a1:65:c2:fb:d8:f4:2a:4d:4c:2c:05:fb:7b:e1:09:d7:
df:ce:5e:b0:91:4f:90:49:3c:ef:73:9d:e7:23:70:ec:0b:ca:
cc:f9:15:63:93:25:bd:67:49:74:81:b3:99:a7:e0:32:ee:fb:
7b:82:1a:b8:11:96:bd:09:58:35:b2:ae:5a:32:e6:7c:51:3c:
9f:fb:97:44:29:f9:f1:08:4a:cc:6d:08:a2:9c:b7:87:96:cc:
5d:0c:e4:26:f4:e4:83:8c:94:6a:0e:6c:76:90:15:a2:9e:72:
0f:a2:ce:cb:79:12:b1:64:08:c1:27:12:e4:87:8f:ae:d6:9b:
27:b3:c5:50:bf:d5:81:6d:33:7d:d1:7d:eb:1a:76:cb:d8:e6:
8f:5d:87:b5:95:f3:27:64:9e:a6:84:a8:d5:f3:33:11:b4:16:
6f:43:0f:95:f1:0a:e6:21:0a:c9:f2:f1:a9:2e:ef:64:b1:17:
03:a8:a0:69:45:45:ab:ba:49:19:fc:f4:8b:8c:d9:ac:d0:c2:
db:1e:6c:e6:e2:2d:a5:f3:15:c1:2d:ab:dd:92:e0:05:e0:95:
5d:06:6c:7b:94:0c:4d:4b:2f:e4:b9:8a:71:53:08:33:4f:12:
b1:8b:cf:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ121fM84AfzOibfksTtfs9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjYwNDEwMTAwMDI1WhcNMjYwNDExMTAwMDI1WjAzMTEwLwYDVQQD
EygzMzI3NDYyYzVjYzQ1OTZmNzUzZjQ1MWMxMDNmZTEyNDU1MWRmYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqvURR60IxLAi6iX9vQ9qnDl7OMn
IBTn4LBAt4CeHtA66l2eNkAoGmCGN/Odjci5mSiqVtlRvUm5nRlHE8aNzfILoB4g
gGdMjG7TyHtSd4S77/0/Gzm6Dzeb9NzldO08xdHNQteu9LxZFUZkA1tXOVVk4Dtm
Uvw8UWI8JbzEdwMAT9IaAGzNB2Hlh1tlB9FcmJSARAID9GIiPcPaGbZMhGcABDNk
SVVM5RRby+CT3yljxfI+/kIZK/KKg/bBM/OSns8kMJ+XmjLb0U+zoFVTZ9fhz6PM
ViMY7uyaqVzcOG3mWl9Og6iEFDZRLT8tEralO4tGd1LqAzCK8KQQH0WFYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMnRixcxFlvdT9FHBA/4SRVHfvjMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADmTSr658
UKUJSVj1w7+HPcWh956hZcL72PQqTUwsBft74QnX385esJFPkEk873Od5yNw7AvK
zPkVY5MlvWdJdIGzmafgMu77e4IauBGWvQlYNbKuWjLmfFE8n/uXRCn58QhKzG0I
opy3h5bMXQzkJvTkg4yUag5sdpAVop5yD6LOy3kSsWQIwScS5IePrtabJ7PFUL/V
gW0zfdF96xp2y9jmj12HtZXzJ2SepoSo1fMzEbQWb0MPlfEK5iEKyfLxqS7vZLEX
A6igaUVFq7pJGfz0i4zZrNDC2x5s5uItpfMVwS2r3ZLgBeCVXQZse5QMTUsv5LmK
cVMIM08SsYvPbw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:59:29 2026 by rpki-client