Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: PrSpLab8QLNv747aX0fkXTefpAW14oQPYiKJT0w8ZBg=
Subject key identifier: 8A:3A:1B:5C:EA:16:70:3F:5A:53:37:F0:06:02:7F:8A:F6:5C:3C:AE
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 0198530EE8EDF15713598EE7DB443010BC3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 040B
Signing time: Mon 28 Jul 2025 22:02:22 +0000
Manifest this update: Mon 28 Jul 2025 22:02:22 +0000
Manifest next update: Tue 29 Jul 2025 22:02:22 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: czttA4yqc1LVC8YY5/Mh0DlmDTrNhx0ZuLTyB7kmvQw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 22:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:53:0e:e8:ed:f1:57:13:59:8e:e7:db:44:30:10:bc:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Jul 28 22:02:22 2025 GMT
Not After : Jul 29 22:02:22 2025 GMT
Subject: CN=8a3a1b5cea16703f5a5337f006027f8af65c3cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a3:b6:72:0f:71:5d:b8:39:42:f5:d2:c5:b8:
29:87:f3:b1:b0:df:8c:50:43:bf:9c:e9:9c:05:18:
be:98:d0:20:42:c6:7a:bd:94:a6:1a:93:f4:cd:8c:
d5:d2:8e:da:f0:7b:a6:25:d2:13:83:80:bd:20:9a:
00:38:f5:0a:2e:5b:cd:dc:33:c2:12:c9:0c:e3:0a:
e7:fa:b2:d5:f3:5f:25:73:38:6a:db:50:00:90:f9:
90:e7:d7:9f:bb:d8:9a:0e:92:86:54:0e:32:3a:af:
8c:bd:63:88:72:36:a5:a0:09:9c:ee:47:c0:cc:8a:
9f:f3:59:c6:f0:9c:b3:34:fa:11:cc:8c:bc:d2:6d:
07:23:4a:0b:2c:51:0c:a4:cf:22:a8:f8:a9:31:7e:
eb:aa:99:d6:55:08:3d:de:ea:bb:e5:65:57:fc:10:
81:08:c6:62:8e:a7:09:b7:ec:ba:78:55:0a:ce:1c:
db:f4:eb:98:93:df:98:da:d4:f0:d5:9e:26:fe:95:
95:39:f8:8f:4d:c9:ce:82:c6:a9:a1:d7:c7:2b:c5:
bd:2c:ad:4b:55:e6:c2:17:56:42:cd:05:7d:a4:f4:
f8:69:14:43:f5:56:a2:fe:a3:10:b5:f9:a9:d6:87:
ff:fc:14:d7:d0:d0:5a:96:ed:29:b2:11:65:34:82:
bb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3A:1B:5C:EA:16:70:3F:5A:53:37:F0:06:02:7F:8A:F6:5C:3C:AE
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:59:c4:eb:29:c5:36:a6:9c:db:54:e2:1c:13:c1:26:f7:22:
86:fb:04:6a:62:c5:e8:66:b8:bb:33:89:76:d9:7a:e3:71:f7:
a2:6e:3c:de:0b:a5:7b:8d:2e:92:e0:9d:7a:d6:f4:eb:c0:13:
16:76:82:62:7b:cd:50:99:d1:e8:6a:ca:b1:9a:ce:b7:86:60:
c2:eb:7c:b0:21:17:6b:24:b7:a8:ae:4d:0a:34:4d:72:e0:d1:
60:ef:a5:71:0c:16:01:c3:47:4d:f6:a7:97:fe:1e:ee:ac:af:
ef:52:be:24:21:26:3d:38:41:3a:0c:c6:8f:70:7f:6c:85:fd:
ef:75:bf:fe:18:04:ce:c7:a3:77:b3:fb:6f:ad:91:0b:17:f3:
01:a2:8e:a9:cb:84:c7:c4:15:60:34:2d:be:80:63:47:eb:ef:
80:6f:09:5b:ec:26:90:ce:f4:05:66:17:93:83:bf:79:16:52:
39:dc:b4:dc:9e:ae:9e:8b:78:e4:0e:01:11:4f:d2:bf:45:e2:
3b:4f:ca:75:43:0b:31:5a:21:66:f3:12:ab:db:0d:b4:3a:fc:
e1:6c:3c:61:17:61:62:cd:2f:85:ff:d5:50:a7:9f:94:ff:a8:
f8:e5:28:d4:46:2e:a7:13:7b:44:61:d3:a1:7c:e7:f2:d1:b2:
c6:57:d4:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTDujt8VcTWY7n20QwELw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUwNzI4MjIwMjIyWhcNMjUwNzI5MjIwMjIyWjAzMTEwLwYDVQQD
Eyg4YTNhMWI1Y2VhMTY3MDNmNWE1MzM3ZjAwNjAyN2Y4YWY2NWMzY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKO2cg9xXbg5QvXSxbgph/OxsN+M
UEO/nOmcBRi+mNAgQsZ6vZSmGpP0zYzV0o7a8HumJdITg4C9IJoAOPUKLlvN3DPC
EskM4wrn+rLV818lczhq21AAkPmQ59efu9iaDpKGVA4yOq+MvWOIcjaloAmc7kfA
zIqf81nG8JyzNPoRzIy80m0HI0oLLFEMpM8iqPipMX7rqpnWVQg93uq75WVX/BCB
CMZijqcJt+y6eFUKzhzb9OuYk9+Y2tTw1Z4m/pWVOfiPTcnOgsapodfHK8W9LK1L
VebCF1ZCzQV9pPT4aRRD9Vai/qMQtfmp1of//BTX0NBalu0pshFlNIK7/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIo6G1zqFnA/WlM38AYCf4r2XDyuMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAelnE6ynF
Nqac21TiHBPBJvcihvsEamLF6Ga4uzOJdtl643H3om483gule40ukuCdetb068AT
FnaCYnvNUJnR6GrKsZrOt4Zgwut8sCEXayS3qK5NCjRNcuDRYO+lcQwWAcNHTfan
l/4e7qyv71K+JCEmPThBOgzGj3B/bIX973W//hgEzsejd7P7b62RCxfzAaKOqcuE
x8QVYDQtvoBjR+vvgG8JW+wmkM70BWYXk4O/eRZSOdy03J6unot45A4BEU/Sv0Xi
O0/KdUMLMVohZvMSq9sNtDr84Ww8YRdhYs0vhf/VUKeflP+o+OUo1EYupxN7RGHT
oXzn8tGyxlfULg==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:28:34 2025 by rpki-client