Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json)
Hash identifier: tcHv8trpyZI5x7Iw+iIkkup/mZ9bVZcEH2nK9vp3FLg=
Subject key identifier: 0D:6E:81:3F:98:9B:39:48:4A:78:B0:59:62:98:57:DA:30:73:AF:2F
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 019A7293FCBA292D62D5B74A93C60ADF9C6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
Manifest number: 0FC9
Signing time: Tue 11 Nov 2025 11:01:32 +0000
Manifest this update: Tue 11 Nov 2025 11:01:32 +0000
Manifest next update: Wed 12 Nov 2025 11:01:32 +0000
Files and hashes: 1: JBBfWvBvIPbMFEPW3wW2A3eZfMw.roa (hash: HPVfysoAPIIkBoYBVqV/VP2S0bfAf3Hk6zV6kpgHup8=)
2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: LCzQzqrzdfLN+wEJ1YMHBnEwJBnd6eQXFNOYoTdEFFw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:fc:ba:29:2d:62:d5:b7:4a:93:c6:0a:df:9c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Nov 11 11:01:32 2025 GMT
Not After : Nov 12 11:01:32 2025 GMT
Subject: CN=0d6e813f989b39484a78b059629857da3073af2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:ee:14:01:83:8e:67:18:b6:44:4b:3f:1d:
66:b8:66:3e:9b:32:38:f7:23:77:52:f9:a2:0a:7e:
c7:83:4e:ce:c0:b8:40:66:22:73:9a:ad:ad:db:c1:
c9:b0:21:00:dc:b6:6a:61:c1:a4:e7:fb:33:18:da:
b6:ec:9d:d0:42:20:28:9f:19:0d:ba:f2:41:29:cc:
ea:d3:dc:67:14:4a:f5:5e:0b:56:45:26:53:f7:bb:
c6:a5:24:48:59:9f:b5:19:c2:1d:d1:ba:84:02:8f:
38:86:e3:23:83:c3:59:66:ac:0f:e6:25:7f:3b:c2:
6a:02:38:66:70:de:4b:b6:b8:64:0c:2e:4e:3f:9b:
4c:ef:d2:23:d0:4e:4b:01:67:3b:d2:ac:ac:47:d9:
d6:12:6d:33:82:4d:7f:45:d7:42:4f:5e:da:54:5a:
92:93:98:8b:19:21:ac:ea:aa:ca:8a:fc:a8:5f:43:
f6:a5:df:8b:59:b7:a0:da:e9:8c:20:fe:fa:5c:8f:
3f:84:93:28:81:d2:e8:d1:22:f7:0e:44:27:1a:51:
cf:fa:6b:81:4e:de:61:b8:2c:65:d4:c3:e8:f9:f5:
7f:a2:92:00:9e:fb:6d:a2:f1:9b:0f:f4:8b:fa:98:
a7:3c:79:55:64:f0:af:e1:3e:34:62:bd:95:6a:8f:
45:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6E:81:3F:98:9B:39:48:4A:78:B0:59:62:98:57:DA:30:73:AF:2F
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:a3:d5:c6:57:f0:3e:f5:b2:4d:cc:da:f3:7b:1e:e9:2a:8e:
18:ac:25:6a:20:d3:04:6a:6f:e7:34:85:55:be:eb:ba:c6:84:
30:fc:b3:5b:c5:3d:a8:e3:61:70:ea:b9:dd:aa:4b:d0:c1:83:
3c:71:44:b7:38:ac:58:d6:12:fe:24:29:0f:e6:8b:9e:67:a7:
82:6b:6f:2f:e9:c1:23:ef:15:d7:12:22:61:8b:68:40:a1:63:
de:f4:85:2c:4e:4a:08:47:06:75:d7:4b:9e:df:75:88:46:fd:
bc:02:46:3e:2d:78:f6:b5:02:5c:a8:d0:d9:1e:5d:9c:ca:24:
6e:8e:53:7e:ab:32:13:32:e1:dd:24:a9:4f:be:35:03:e5:fa:
a6:41:0a:96:68:f6:81:ed:8b:6c:5b:08:a1:59:60:e8:f0:a3:
85:1a:d5:ad:ec:d1:87:38:6e:34:54:12:00:bf:f4:55:ac:d6:
1a:41:9d:21:9b:9d:76:dc:3f:03:1c:d2:95:2c:19:9c:19:c7:
83:28:33:a9:ec:3e:76:19:b1:b1:80:db:d2:33:3f:1d:48:57:
c7:fd:0e:9d:92:ba:15:f0:d5:46:96:74:40:10:cc:ec:db:8d:
5a:b2:0f:4a:f3:3a:d9:d1:8d:86:3c:9c:e3:43:a7:bc:16:82:
a4:15:37:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/y6KS1i1bdKk8YK35xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjUxMTExMTEwMTMyWhcNMjUxMTEyMTEwMTMyWjAzMTEwLwYDVQQD
EygwZDZlODEzZjk4OWIzOTQ4NGE3OGIwNTk2Mjk4NTdkYTMwNzNhZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPfuFAGDjmcYtkRLPx1muGY+mzI4
9yN3UvmiCn7Hg07OwLhAZiJzmq2t28HJsCEA3LZqYcGk5/szGNq27J3QQiAonxkN
uvJBKczq09xnFEr1XgtWRSZT97vGpSRIWZ+1GcId0bqEAo84huMjg8NZZqwP5iV/
O8JqAjhmcN5LtrhkDC5OP5tM79Ij0E5LAWc70qysR9nWEm0zgk1/RddCT17aVFqS
k5iLGSGs6qrKivyoX0P2pd+LWbeg2umMIP76XI8/hJMogdLo0SL3DkQnGlHP+muB
Tt5huCxl1MPo+fV/opIAnvttovGbD/SL+pinPHlVZPCv4T40Yr2Vao9FywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1ugT+YmzlISniwWWKYV9owc68vMB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVqPVxlfw
PvWyTcza83se6SqOGKwlaiDTBGpv5zSFVb7rusaEMPyzW8U9qONhcOq53apL0MGD
PHFEtzisWNYS/iQpD+aLnmengmtvL+nBI+8V1xIiYYtoQKFj3vSFLE5KCEcGdddL
nt91iEb9vAJGPi149rUCXKjQ2R5dnMokbo5TfqsyEzLh3SSpT741A+X6pkEKlmj2
ge2LbFsIoVlg6PCjhRrVrezRhzhuNFQSAL/0VazWGkGdIZuddtw/AxzSlSwZnBnH
gygzqew+dhmxsYDb0jM/HUhXx/0OnZK6FfDVRpZ0QBDM7NuNWrIPSvM62dGNhjyc
40OnvBaCpBU3Zg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:05:48 2025 by rpki-client