Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: sHacX0LFUrFaRcEJSR6bQ75VFyyhGozmgirv9y0AXws=
Subject key identifier: 6A:6B:61:92:FA:00:59:4C:E4:E1:10:4E:56:AE:01:9C:E3:E6:2F:2D
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 019D3909EF82176B7AD7CC2A57E284FDAE9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 0697
Signing time: Sun 29 Mar 2026 10:00:45 +0000
Manifest this update: Sun 29 Mar 2026 10:00:45 +0000
Manifest next update: Mon 30 Mar 2026 10:00:45 +0000
Files and hashes: 1: YYlR0VhASW-c1FKU9zzl7csrdhQ.roa (hash: L8Cgn7blv4wmGFxmaxB9nE0adWzGkvnaCFP3mMVQv7g=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: jeQw8YK52BIMPgw8uBTA4Ch7leceuFArn7bwEpVBfQc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:ef:82:17:6b:7a:d7:cc:2a:57:e2:84:fd:ae:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Mar 29 10:00:45 2026 GMT
Not After : Mar 30 10:00:45 2026 GMT
Subject: CN=6a6b6192fa00594ce4e1104e56ae019ce3e62f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:91:6d:76:91:8b:a7:f8:c2:38:55:10:50:9f:
e5:58:2e:6d:7e:e4:77:ef:8d:c0:2a:0e:95:42:bf:
84:e4:31:60:b2:4e:df:f2:09:45:72:90:fd:a8:aa:
98:61:25:e8:3f:1a:ba:92:61:3d:b4:08:b9:f4:d7:
f7:99:bb:4f:7d:29:74:1a:36:ef:94:08:a8:ea:cf:
8e:84:b9:4e:a1:d6:95:8b:2c:69:6c:e3:41:9e:58:
1a:6c:11:1d:9f:94:30:c2:d0:ea:97:a3:f1:7e:6c:
54:b5:47:e8:ba:01:77:0f:ba:2d:3e:df:e5:12:5c:
90:5f:ce:2b:29:a4:cc:78:45:a4:d1:b7:fa:12:29:
ac:f5:d8:f8:0b:bf:1d:83:1d:e4:43:73:30:86:36:
c1:ce:7a:49:13:76:c8:a2:c4:63:21:eb:4c:63:47:
13:7d:20:f4:76:23:e2:7f:da:75:32:d6:1e:a2:f0:
de:cc:b3:2f:ca:77:85:57:b8:01:76:5a:ac:c1:40:
2c:10:cb:52:31:06:1d:78:fa:78:9f:e9:68:f3:08:
ae:ca:ca:5f:30:90:b5:a2:55:30:86:8e:e6:56:09:
1c:95:0b:a6:05:3e:36:1a:64:7d:98:16:21:a0:31:
d3:81:c7:4f:f2:8c:40:9f:4a:dd:d5:b8:20:b4:e4:
56:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:6B:61:92:FA:00:59:4C:E4:E1:10:4E:56:AE:01:9C:E3:E6:2F:2D
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:da:ef:3d:dd:e1:bd:52:c2:95:19:05:63:a7:12:22:24:a1:
17:51:fa:e4:9d:9d:b0:e6:c0:6f:a1:97:44:93:37:53:29:5d:
dc:a1:2f:c8:81:98:72:9c:d6:c4:4f:3a:e5:79:71:78:6a:88:
1f:3d:7c:f8:0c:64:10:45:31:26:1c:ae:7a:51:ae:fa:18:35:
0b:48:98:9c:9c:27:8e:95:ee:d0:58:10:a6:cd:37:c6:2f:dd:
da:49:dc:96:e3:48:a4:90:d5:74:f1:9d:e4:0f:0b:f1:b7:47:
fb:7d:52:8c:3e:fe:c4:ab:3a:cc:e5:73:6b:04:73:b8:20:0b:
72:fc:82:a6:bb:48:4f:7c:7d:1b:22:1e:77:e6:34:8d:1d:aa:
e2:22:40:16:f4:7d:8a:4e:80:3c:4b:34:dd:ee:bc:58:15:d8:
4d:ac:02:64:b9:cc:ff:ec:c7:a0:58:c5:69:a1:13:e4:ad:42:
72:48:81:5a:69:21:3e:51:be:7b:26:38:e7:ff:8f:b4:37:e7:
ff:7a:95:66:8c:4d:d3:3d:61:c2:06:52:ef:20:68:27:2c:1c:
3c:91:b1:39:89:f9:da:37:8f:af:e6:63:7b:b4:d1:1c:d0:86:
02:fb:26:96:ea:c9:53:82:67:67:b8:7f:f1:ff:45:8b:e3:8f:
09:dc:b7:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ce+CF2t618wqV+KE/a6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjYwMzI5MTAwMDQ1WhcNMjYwMzMwMTAwMDQ1WjAzMTEwLwYDVQQD
Eyg2YTZiNjE5MmZhMDA1OTRjZTRlMTEwNGU1NmFlMDE5Y2UzZTYyZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJFtdpGLp/jCOFUQUJ/lWC5tfuR3
743AKg6VQr+E5DFgsk7f8glFcpD9qKqYYSXoPxq6kmE9tAi59Nf3mbtPfSl0Gjbv
lAio6s+OhLlOodaViyxpbONBnlgabBEdn5QwwtDql6PxfmxUtUfougF3D7otPt/l
ElyQX84rKaTMeEWk0bf6Eims9dj4C78dgx3kQ3MwhjbBznpJE3bIosRjIetMY0cT
fSD0diPif9p1MtYeovDezLMvyneFV7gBdlqswUAsEMtSMQYdePp4n+lo8wiuyspf
MJC1olUwho7mVgkclQumBT42GmR9mBYhoDHTgcdP8oxAn0rd1bggtORWJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGprYZL6AFlM5OEQTlauAZzj5i8tMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASdrvPd3h
vVLClRkFY6cSIiShF1H65J2dsObAb6GXRJM3Uyld3KEvyIGYcpzWxE865XlxeGqI
Hz18+AxkEEUxJhyuelGu+hg1C0iYnJwnjpXu0FgQps03xi/d2kncluNIpJDVdPGd
5A8L8bdH+31SjD7+xKs6zOVzawRzuCALcvyCprtIT3x9GyIed+Y0jR2q4iJAFvR9
ik6APEs03e68WBXYTawCZLnM/+zHoFjFaaET5K1CckiBWmkhPlG+eyY45/+PtDfn
/3qVZoxN0z1hwgZS7yBoJywcPJGxOYn52jePr+Zje7TRHNCGAvsmlurJU4JnZ7h/
8f9Fi+OPCdy3SA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:50:12 2026 by rpki-client