Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: XMdxT6DUNsJJvlheFxn/4og/3qOzY3+n3QlPdeHAdhM=
Subject key identifier: A5:88:59:51:C4:50:7E:3B:C1:54:85:33:08:72:7A:A2:61:93:73:73
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 019881680A5E1226919284770A0A2411598F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 0423
Signing time: Wed 06 Aug 2025 22:02:15 +0000
Manifest this update: Wed 06 Aug 2025 22:02:15 +0000
Manifest next update: Thu 07 Aug 2025 22:02:15 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: EB7BA2cfdvSyGIRDvtgoOWSxNc+SCfkPpO/mE7Oip54=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:81:68:0a:5e:12:26:91:92:84:77:0a:0a:24:11:59:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Aug 6 22:02:15 2025 GMT
Not After : Aug 7 22:02:15 2025 GMT
Subject: CN=a5885951c4507e3bc154853308727aa261937373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7c:dd:27:35:6c:f0:15:89:18:93:99:3b:37:
c7:02:fe:33:2b:77:3e:8f:26:96:16:96:ba:53:93:
36:4a:47:a6:8d:d3:55:f4:9f:7b:85:46:2a:82:df:
b8:9c:24:15:0c:64:5f:a9:8c:12:50:ef:d7:fa:b2:
73:02:db:5c:56:45:2f:63:39:b4:67:11:f3:f6:70:
4f:0d:b3:1f:ed:3e:19:ce:89:d0:a0:45:ff:6f:e5:
73:e0:1a:d4:58:6c:5a:8c:05:68:ea:96:bc:e8:31:
9c:7b:bc:f5:de:26:5f:57:dc:9c:53:e2:9d:cc:8d:
83:f1:ab:1d:1c:ce:01:75:d0:66:d9:5f:61:75:1d:
94:19:c4:d5:21:f4:1b:b8:80:09:d5:65:00:fe:4b:
9b:14:b3:65:41:1c:a2:8b:8d:4a:1b:6a:35:0f:2d:
39:26:eb:15:58:56:e4:8a:1c:df:87:1c:c3:58:0b:
50:a0:d4:b5:13:9a:b9:60:1b:59:c3:f5:8b:d0:d6:
f9:f9:6f:7d:d1:67:cf:c0:86:e5:29:4d:da:99:60:
4e:4c:11:77:da:19:12:15:ae:46:19:61:2f:1f:6d:
6f:55:46:40:fe:05:87:ce:2d:d5:fb:75:68:c9:97:
b6:9d:e5:42:2a:65:08:d5:d6:cd:df:00:ae:b0:0b:
23:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:88:59:51:C4:50:7E:3B:C1:54:85:33:08:72:7A:A2:61:93:73:73
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:45:cb:94:f9:12:54:92:d1:0b:3b:97:75:22:fc:70:c7:b4:
7e:bc:a8:44:b1:1b:46:8c:61:46:f4:b5:66:f0:97:70:32:39:
a4:aa:bc:26:bc:45:cd:c5:f0:0f:dd:4c:81:14:81:63:53:10:
ae:00:3b:e9:ad:c2:cb:23:0e:64:16:af:19:45:90:0d:1c:2b:
59:a9:24:09:40:cc:53:cc:ee:98:60:80:c4:8d:48:1c:23:5d:
1c:46:49:51:a1:a0:4a:f0:46:b9:14:5a:cc:8c:24:d2:39:af:
b7:fd:39:ae:ea:01:19:07:00:16:f0:8f:4a:39:1c:c1:58:13:
db:c8:b5:19:0a:41:48:aa:b4:f0:50:09:e2:fa:27:fd:df:85:
18:40:78:61:f3:90:99:89:3f:5e:11:4c:2b:05:b1:55:f6:12:
e6:c2:3f:59:ab:d0:a0:a8:76:a5:29:5e:31:35:55:13:0d:8e:
95:ea:c4:d8:a2:24:ad:80:a9:2a:c5:f2:16:7b:3f:ca:ea:5f:
a4:59:ac:9a:d0:83:94:5e:85:52:79:a5:a7:98:3b:13:4e:08:
43:cb:1e:37:25:78:bb:89:c6:1f:ed:ac:ce:ac:40:96:19:88:
1e:17:9d:41:92:70:d2:2d:fa:93:5b:5a:dd:31:7f:b7:1c:d9:
d3:80:3f:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBaApeEiaRkoR3CgokEVmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUwODA2MjIwMjE1WhcNMjUwODA3MjIwMjE1WjAzMTEwLwYDVQQD
EyhhNTg4NTk1MWM0NTA3ZTNiYzE1NDg1MzMwODcyN2FhMjYxOTM3MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3zdJzVs8BWJGJOZOzfHAv4zK3c+
jyaWFpa6U5M2SkemjdNV9J97hUYqgt+4nCQVDGRfqYwSUO/X+rJzAttcVkUvYzm0
ZxHz9nBPDbMf7T4ZzonQoEX/b+Vz4BrUWGxajAVo6pa86DGce7z13iZfV9ycU+Kd
zI2D8asdHM4BddBm2V9hdR2UGcTVIfQbuIAJ1WUA/kubFLNlQRyii41KG2o1Dy05
JusVWFbkihzfhxzDWAtQoNS1E5q5YBtZw/WL0Nb5+W990WfPwIblKU3amWBOTBF3
2hkSFa5GGWEvH21vVUZA/gWHzi3V+3VoyZe2neVCKmUI1dbN3wCusAsjFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWIWVHEUH47wVSFMwhyeqJhk3NzMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUXLlPkS
VJLRCzuXdSL8cMe0fryoRLEbRoxhRvS1ZvCXcDI5pKq8JrxFzcXwD91MgRSBY1MQ
rgA76a3CyyMOZBavGUWQDRwrWakkCUDMU8zumGCAxI1IHCNdHEZJUaGgSvBGuRRa
zIwk0jmvt/05ruoBGQcAFvCPSjkcwVgT28i1GQpBSKq08FAJ4von/d+FGEB4YfOQ
mYk/XhFMKwWxVfYS5sI/WavQoKh2pSleMTVVEw2OlerE2KIkrYCpKsXyFns/yupf
pFmsmtCDlF6FUnmlp5g7E04IQ8seNyV4u4nGH+2szqxAlhmIHhedQZJw0i36k1ta
3TF/txzZ04A/Jw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 00:26:32 2025 by rpki-client