Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json)
Hash identifier: MGahwrA2w3w2vvAtZn00F5ghGQBI41HJJTedGGo9fAE=
Subject key identifier: A8:B1:CC:2B:5A:6D:41:2E:9E:39:86:2E:8C:76:33:D3:F1:1D:1C:40
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 019D3866605FC260EF638C4CE0262F1694BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
Manifest number: 1139
Signing time: Sun 29 Mar 2026 07:02:06 +0000
Manifest this update: Sun 29 Mar 2026 07:02:06 +0000
Manifest next update: Mon 30 Mar 2026 07:02:06 +0000
Files and hashes: 1: 7TJ8GqKMB7ONKpmIttAKlfVjIPI.roa (hash: YqU7Dk9vgRbL9GHaPYk9nyjuTWJnjnKlb/odLn25dDg=)
2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: RuUbGWQ4dgUrBCBGl9qc+/AYfbVgN1DANJfQ51+ZHlU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:60:5f:c2:60:ef:63:8c:4c:e0:26:2f:16:94:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Mar 29 07:02:06 2026 GMT
Not After : Mar 30 07:02:06 2026 GMT
Subject: CN=a8b1cc2b5a6d412e9e39862e8c7633d3f11d1c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:81:03:ba:29:94:3d:05:42:de:da:38:87:
d1:dc:96:16:72:e4:07:67:3a:be:05:f9:94:d2:92:
df:1b:30:04:e9:b5:19:26:64:16:a4:40:2b:01:10:
8c:0c:e7:1a:e1:a5:34:5f:1b:d8:2b:5c:ac:dd:33:
e5:04:f2:78:1e:fd:76:31:d9:ea:e1:1d:77:17:42:
e9:09:ea:8c:90:3e:6d:dd:35:4f:bb:47:20:70:e7:
16:e6:39:9c:c8:22:27:d6:06:3c:bc:f4:7e:c1:e2:
cd:0f:a2:22:87:8b:fc:eb:e8:cb:5b:62:20:ab:b8:
ed:d8:e2:b9:6e:2d:a1:63:ed:c0:b8:7d:be:8c:d7:
7a:9d:ad:ac:a8:30:52:8b:da:bd:6c:57:61:a5:5d:
0d:d1:a5:c7:d8:8b:65:bf:21:89:9d:34:cc:b8:dd:
59:fd:77:4b:a4:bb:64:f5:0b:61:07:70:5e:d8:0e:
86:9e:46:03:29:83:ec:4e:f0:06:62:24:cc:c0:ef:
25:ab:00:b2:2f:6d:d1:b2:4a:ac:9f:29:3d:c2:ed:
48:a4:5f:8c:d7:8f:ca:a0:c2:18:37:fe:94:fb:c1:
f9:6d:5e:d2:1e:96:b6:3e:70:30:9e:52:19:5c:68:
25:72:a6:1a:62:73:99:78:7d:ff:13:28:09:6c:a9:
dd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B1:CC:2B:5A:6D:41:2E:9E:39:86:2E:8C:76:33:D3:F1:1D:1C:40
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:f5:9e:a9:55:89:5d:9e:a0:2a:f2:e0:80:92:7d:90:10:cf:
e2:30:a9:2c:5f:a3:df:7e:4d:8d:a5:13:65:d5:07:be:78:89:
c8:5a:8e:b0:45:3e:a3:23:91:d7:8b:c0:ab:1a:a0:cf:3a:d9:
f7:9a:59:17:fd:b9:d2:00:a1:75:59:63:d8:72:d8:18:ba:f0:
58:f9:a5:81:da:b9:d5:51:29:ac:38:d0:dd:d9:69:e7:62:16:
c0:63:8d:9f:44:43:95:c1:b7:8b:f4:33:c3:20:12:32:dc:9e:
57:06:1b:e0:bb:71:4a:67:f0:59:7e:da:aa:4d:2a:dd:e9:94:
4d:a0:56:9c:27:e9:76:34:fc:19:4c:e6:58:e0:f9:f9:28:c7:
b5:3a:c9:7a:c3:4c:82:5e:11:e8:a5:2d:95:c3:08:b9:81:24:
79:de:1c:c6:7e:7e:50:09:ea:c5:71:b0:5d:58:d3:5e:e5:35:
e3:d7:af:de:e3:bf:e3:67:16:a7:95:3a:af:31:e6:ee:89:f5:
ba:61:cd:ad:16:c2:6e:9d:b5:07:39:09:a1:0b:f0:3a:bf:94:
f6:12:ea:21:04:b1:bf:a5:e3:01:63:a8:80:bf:c9:37:1d:84:
0a:05:f1:99:c2:25:b7:fd:bc:6a:00:79:70:f8:21:c8:68:19:
66:d1:18:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmBfwmDvY4xM4CYvFpS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjYwMzI5MDcwMjA2WhcNMjYwMzMwMDcwMjA2WjAzMTEwLwYDVQQD
EyhhOGIxY2MyYjVhNmQ0MTJlOWUzOTg2MmU4Yzc2MzNkM2YxMWQxYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiuBA7oplD0FQt7aOIfR3JYWcuQH
Zzq+BfmU0pLfGzAE6bUZJmQWpEArARCMDOca4aU0XxvYK1ys3TPlBPJ4Hv12Mdnq
4R13F0LpCeqMkD5t3TVPu0cgcOcW5jmcyCIn1gY8vPR+weLND6Iih4v86+jLW2Ig
q7jt2OK5bi2hY+3AuH2+jNd6na2sqDBSi9q9bFdhpV0N0aXH2ItlvyGJnTTMuN1Z
/XdLpLtk9QthB3Be2A6GnkYDKYPsTvAGYiTMwO8lqwCyL23Rskqsnyk9wu1IpF+M
14/KoMIYN/6U+8H5bV7SHpa2PnAwnlIZXGglcqYaYnOZeH3/EygJbKndhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKixzCtabUEunjmGLox2M9PxHRxAMB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/WeqVWJ
XZ6gKvLggJJ9kBDP4jCpLF+j335NjaUTZdUHvniJyFqOsEU+oyOR14vAqxqgzzrZ
95pZF/250gChdVlj2HLYGLrwWPmlgdq51VEprDjQ3dlp52IWwGONn0RDlcG3i/Qz
wyASMtyeVwYb4LtxSmfwWX7aqk0q3emUTaBWnCfpdjT8GUzmWOD5+SjHtTrJesNM
gl4R6KUtlcMIuYEked4cxn5+UAnqxXGwXVjTXuU149ev3uO/42cWp5U6rzHm7on1
umHNrRbCbp21BzkJoQvwOr+U9hLqIQSxv6XjAWOogL/JNx2ECgXxmcIlt/28agB5
cPghyGgZZtEY2Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:54:34 2026 by rpki-client