Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: 83WBCE//gaWLEZaakC5FUyKge0cScoodQxNN+8EdlZk=
Subject key identifier: C1:C6:0C:7F:68:9B:73:69:FF:7C:7C:F0:7C:3F:EE:FB:19:1A:1F:10
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 019A5C7AE2620C35BA206FF82F17B036850B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 0519
Signing time: Fri 07 Nov 2025 04:02:28 +0000
Manifest this update: Fri 07 Nov 2025 04:02:28 +0000
Manifest next update: Sat 08 Nov 2025 04:02:28 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: jzt1FTxbmCbRx41aTxLTuyzFEqbCcUbj9+6zv6DuPnk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 04:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:5c:7a:e2:62:0c:35:ba:20:6f:f8:2f:17:b0:36:85:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Nov 7 04:02:28 2025 GMT
Not After : Nov 8 04:02:28 2025 GMT
Subject: CN=c1c60c7f689b7369ff7c7cf07c3feefb191a1f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:54:17:b4:5c:14:ac:f3:e0:22:bf:ad:d6:
65:c2:6b:2c:5a:21:1c:2c:f3:e0:b5:36:5d:f2:e5:
97:54:e6:bc:a3:e5:a2:73:d3:44:bc:29:af:31:96:
5c:71:65:e6:11:78:3d:a6:32:b0:84:62:cf:cf:95:
98:7f:33:92:ed:e7:2b:0b:fe:b6:1f:85:ac:37:e5:
70:8b:0d:4d:ff:41:ed:76:e3:46:04:d5:cb:15:f3:
95:35:1f:ef:0b:25:b6:7f:89:0b:db:4a:78:84:fa:
29:38:f5:1b:fd:f9:0c:78:0d:89:5a:72:ea:30:8c:
fd:0c:bc:d2:38:c9:ef:63:93:76:99:26:ad:83:d1:
78:ca:66:46:11:99:46:87:87:79:18:01:fe:4e:d8:
e4:4c:fc:de:5f:e9:91:c7:91:ac:4a:45:a4:37:3e:
ab:28:d2:7f:e1:a8:f3:10:df:63:0d:b6:57:cf:28:
1c:35:d5:8b:c3:3c:2d:b2:96:cb:8b:3f:4a:3c:c0:
da:69:bb:17:2d:28:75:46:6b:0a:63:68:42:33:da:
22:5b:30:cb:9c:e9:f7:13:30:2a:e8:74:a2:3a:1e:
8c:81:f9:9f:74:9b:6a:9a:3a:68:fd:6c:35:34:24:
58:24:7f:ac:c0:bc:b6:9c:1f:63:97:7b:4d:d1:35:
95:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C6:0C:7F:68:9B:73:69:FF:7C:7C:F0:7C:3F:EE:FB:19:1A:1F:10
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:cc:e1:24:6f:1a:61:89:71:48:8c:ed:96:cb:75:a7:f2:45:
28:fe:2e:46:fc:35:3a:cc:f7:a9:6d:b7:0b:76:6a:fb:cb:b0:
f0:f0:b2:76:0b:5c:5a:c0:68:47:db:ab:76:7e:07:aa:61:4f:
60:9f:c7:d6:c9:26:0c:28:45:92:a0:f5:24:af:61:f4:4f:99:
44:70:fd:06:11:73:f4:7b:6e:ab:8f:d9:62:34:14:f8:d0:fa:
47:87:e2:be:07:f5:da:be:f3:22:ac:c2:2b:5a:68:67:de:aa:
95:64:98:26:ec:eb:b8:1d:1c:5e:1d:d5:d0:53:73:f1:36:5b:
26:63:71:dc:de:13:f3:b5:fc:43:ab:78:bf:6a:e6:2a:cc:d7:
23:76:64:b6:4a:ca:37:eb:98:b8:f7:80:9d:60:1b:14:05:b3:
3b:08:97:5c:f3:60:de:83:b3:30:41:82:8e:7a:41:19:c2:a0:
c7:5a:e9:50:3d:a7:87:a6:71:17:e3:ba:80:6a:df:dd:16:f2:
65:52:8c:45:6c:a7:75:01:ec:89:ba:18:72:33:ff:5d:45:5e:
60:02:a6:95:71:e5:b5:0c:39:75:ae:f9:68:97:a0:a9:2d:a8:
23:49:f4:4a:05:a5:8f:69:b2:9f:0c:f3:2e:86:a5:34:98:a5:
01:57:02:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpceuJiDDW6IG/4LxewNoULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUxMTA3MDQwMjI4WhcNMjUxMTA4MDQwMjI4WjAzMTEwLwYDVQQD
EyhjMWM2MGM3ZjY4OWI3MzY5ZmY3YzdjZjA3YzNmZWVmYjE5MWExZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdpUF7RcFKzz4CK/rdZlwmssWiEc
LPPgtTZd8uWXVOa8o+Wic9NEvCmvMZZccWXmEXg9pjKwhGLPz5WYfzOS7ecrC/62
H4WsN+Vwiw1N/0HtduNGBNXLFfOVNR/vCyW2f4kL20p4hPopOPUb/fkMeA2JWnLq
MIz9DLzSOMnvY5N2mSatg9F4ymZGEZlGh4d5GAH+TtjkTPzeX+mRx5GsSkWkNz6r
KNJ/4ajzEN9jDbZXzygcNdWLwzwtspbLiz9KPMDaabsXLSh1RmsKY2hCM9oiWzDL
nOn3EzAq6HSiOh6MgfmfdJtqmjpo/Ww1NCRYJH+swLy2nB9jl3tN0TWVdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHGDH9om3Np/3x88Hw/7vsZGh8QMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArszhJG8a
YYlxSIztlst1p/JFKP4uRvw1Osz3qW23C3Zq+8uw8PCydgtcWsBoR9urdn4HqmFP
YJ/H1skmDChFkqD1JK9h9E+ZRHD9BhFz9Htuq4/ZYjQU+ND6R4fivgf12r7zIqzC
K1poZ96qlWSYJuzruB0cXh3V0FNz8TZbJmNx3N4T87X8Q6t4v2rmKszXI3ZktkrK
N+uYuPeAnWAbFAWzOwiXXPNg3oOzMEGCjnpBGcKgx1rpUD2nh6ZxF+O6gGrf3Rby
ZVKMRWyndQHsiboYcjP/XUVeYAKmlXHltQw5da75aJegqS2oI0n0SgWlj2mynwzz
LoalNJilAVcC+A==
-----END CERTIFICATE-----
Generated at Fri Nov 7 13:01:20 2025 by rpki-client