Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json)
Hash identifier: HYBzBAGP5LWzgDme+CMesI+NbMEtf4jdGDf1Qa+Y64M=
Subject key identifier: 86:18:37:FD:EB:AB:B0:1D:B9:18:12:6C:D9:BF:6B:65:57:47:93:44
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 0199228C6A7E6939A7855DC668F107163EC2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
Manifest number: 0F1B
Signing time: Sun 07 Sep 2025 05:00:51 +0000
Manifest this update: Sun 07 Sep 2025 05:00:51 +0000
Manifest next update: Mon 08 Sep 2025 05:00:51 +0000
Files and hashes: 1: JBBfWvBvIPbMFEPW3wW2A3eZfMw.roa (hash: HPVfysoAPIIkBoYBVqV/VP2S0bfAf3Hk6zV6kpgHup8=)
2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: 45+vYdC+EQrSvBMbD1moSxJ8Fsrk4oywLlNuWWAxGmA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:8c:6a:7e:69:39:a7:85:5d:c6:68:f1:07:16:3e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Sep 7 05:00:51 2025 GMT
Not After : Sep 8 05:00:51 2025 GMT
Subject: CN=861837fdebabb01db918126cd9bf6b6557479344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:25:b7:1f:13:ab:38:09:17:42:a2:5a:72:b1:
6e:ba:d8:50:ec:be:cf:f1:0c:c1:20:7e:05:f5:14:
96:f2:17:34:cf:66:30:ac:df:20:72:c8:77:28:eb:
fc:8a:ab:d1:b2:82:fa:47:21:da:46:83:57:e3:18:
ae:0f:a3:c1:90:7c:bd:93:16:42:96:49:fb:bb:66:
1d:6c:45:39:5d:8b:db:95:2d:bc:66:82:6a:bb:16:
bf:6d:99:b4:14:87:d1:cb:2d:39:1b:d4:21:55:28:
bd:1b:f7:b7:f9:5e:c6:78:f9:82:95:b9:73:07:2e:
52:2b:c0:78:3d:e8:1f:52:f0:cd:c7:d7:43:94:0b:
86:55:c7:cb:19:31:66:bc:37:26:05:97:f7:e7:30:
5b:82:bc:1c:19:57:f4:75:82:bf:10:0b:5a:e1:18:
90:58:01:83:83:22:c6:15:d0:57:32:d2:d2:46:f0:
ab:23:e9:d0:c4:a0:68:10:e0:20:d3:8e:1f:87:d4:
ca:e3:5d:0e:7a:01:74:73:30:67:58:d9:24:ac:1b:
ef:dc:3a:3d:2a:b7:6c:db:d5:25:9a:6d:b4:46:7b:
af:5b:b8:51:80:b1:fc:51:a4:32:ca:4e:fd:94:5a:
58:0c:a1:00:92:4b:22:a8:08:0e:f6:ff:45:c7:45:
fa:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:18:37:FD:EB:AB:B0:1D:B9:18:12:6C:D9:BF:6B:65:57:47:93:44
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:6b:ba:35:c6:76:06:f7:58:1f:22:b5:c2:f2:c7:22:56:73:
58:fb:8e:4d:4e:d0:a2:67:d1:48:98:6b:6b:ba:b2:d8:f5:48:
cc:63:23:d9:67:5d:44:e1:e2:c9:74:c5:0d:e2:9c:ea:57:bb:
f9:4f:ad:e8:90:23:26:72:7b:0f:60:af:6e:9e:b4:d7:da:5c:
95:a3:bb:e0:6d:a8:36:56:f9:bd:db:46:a8:da:0d:e2:c9:00:
d5:13:16:95:fb:a1:98:3c:5e:e2:6e:56:56:de:19:79:d8:c8:
28:0a:d4:25:36:46:2f:81:86:4c:ad:32:19:0e:69:63:c1:02:
a6:53:02:f8:c6:7f:77:3a:28:10:eb:3b:52:ba:78:99:c4:97:
44:85:f3:d9:96:11:05:2a:8d:2f:88:df:4c:64:f4:d1:0c:e2:
8d:85:a9:c6:35:86:c1:2f:6c:20:46:24:54:6d:e4:c4:11:cd:
92:29:6c:13:bc:0d:c9:a2:19:ab:f2:28:d3:6c:15:8e:6b:9c:
16:e1:9e:df:15:6c:74:d3:45:09:11:4d:0d:25:75:31:3e:a5:
85:85:ab:0c:0f:f3:94:e5:48:8f:62:46:98:92:6e:ea:70:e3:
b4:a6:27:72:ce:90:1d:14:48:1c:19:a0:37:9d:2b:1b:c2:17:
ff:98:5e:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijGp+aTmnhV3GaPEHFj7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjUwOTA3MDUwMDUxWhcNMjUwOTA4MDUwMDUxWjAzMTEwLwYDVQQD
Eyg4NjE4MzdmZGViYWJiMDFkYjkxODEyNmNkOWJmNmI2NTU3NDc5MzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCW3HxOrOAkXQqJacrFuuthQ7L7P
8QzBIH4F9RSW8hc0z2YwrN8gcsh3KOv8iqvRsoL6RyHaRoNX4xiuD6PBkHy9kxZC
lkn7u2YdbEU5XYvblS28ZoJquxa/bZm0FIfRyy05G9QhVSi9G/e3+V7GePmClblz
By5SK8B4PegfUvDNx9dDlAuGVcfLGTFmvDcmBZf35zBbgrwcGVf0dYK/EAta4RiQ
WAGDgyLGFdBXMtLSRvCrI+nQxKBoEOAg044fh9TK410OegF0czBnWNkkrBvv3Do9
Krds29Ulmm20RnuvW7hRgLH8UaQyyk79lFpYDKEAkksiqAgO9v9Fx0X6jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYYN/3rq7AduRgSbNm/a2VXR5NEMB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZWu6NcZ2
BvdYHyK1wvLHIlZzWPuOTU7QomfRSJhra7qy2PVIzGMj2WddROHiyXTFDeKc6le7
+U+t6JAjJnJ7D2Cvbp6019pclaO74G2oNlb5vdtGqNoN4skA1RMWlfuhmDxe4m5W
Vt4ZedjIKArUJTZGL4GGTK0yGQ5pY8ECplMC+MZ/dzooEOs7Urp4mcSXRIXz2ZYR
BSqNL4jfTGT00QzijYWpxjWGwS9sIEYkVG3kxBHNkilsE7wNyaIZq/Io02wVjmuc
FuGe3xVsdNNFCRFNDSV1MT6lhYWrDA/zlOVIj2JGmJJu6nDjtKYncs6QHRRIHBmg
N50rG8IX/5heWQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:15:03 2025 by rpki-client