Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/3a6bb4-24b8-4086-a29d-ee6c509b6221/1/mFW4DEXftep6qn3R2O2LFPnB3EU.mft
File: mFW4DEXftep6qn3R2O2LFPnB3EU.mft (raw, json)
Hash identifier: IAoh2iAYWTavm2a6j5P3tjotkalee0ayA67fS0IMuDg=
Subject key identifier: A4:08:59:D2:8E:0D:10:57:FE:B0:B4:9B:94:0E:70:74:75:84:E6:50
Authority key identifier: 98:55:B8:0C:45:DF:B5:EA:7A:AA:7D:D1:D8:ED:8B:14:F9:C1:DC:45
Certificate issuer: /CN=9855b80c45dfb5ea7aaa7dd1d8ed8b14f9c1dc45
Certificate serial: 019A72CA7102EAB7BCEE6545453D6FA2A344
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFW4DEXftep6qn3R2O2LFPnB3EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/3a6bb4-24b8-4086-a29d-ee6c509b6221/1/mFW4DEXftep6qn3R2O2LFPnB3EU.mft
Manifest number: 0209
Signing time: Tue 11 Nov 2025 12:01:01 +0000
Manifest this update: Tue 11 Nov 2025 12:01:01 +0000
Manifest next update: Wed 12 Nov 2025 12:01:01 +0000
Files and hashes: 1: NymzbNZBsKNd-Q-QLvAahyZY8zY.roa (hash: 4tm9+O5MAP6uU3Q2HGQCNAKZry1kf/X+Xwuo3WltB+8=)
2: mFW4DEXftep6qn3R2O2LFPnB3EU.crl (hash: expV4BidT8hWS6JaYLb3jXQIufW6UNOtHYI1R5cN+Yk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/3a6bb4-24b8-4086-a29d-ee6c509b6221/1/mFW4DEXftep6qn3R2O2LFPnB3EU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/3a6bb4-24b8-4086-a29d-ee6c509b6221/1/mFW4DEXftep6qn3R2O2LFPnB3EU.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFW4DEXftep6qn3R2O2LFPnB3EU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:71:02:ea:b7:bc:ee:65:45:45:3d:6f:a2:a3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9855b80c45dfb5ea7aaa7dd1d8ed8b14f9c1dc45
Validity
Not Before: Nov 11 12:01:01 2025 GMT
Not After : Nov 12 12:01:01 2025 GMT
Subject: CN=a40859d28e0d1057feb0b49b940e70747584e650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f3:c0:2c:33:58:57:82:c2:8a:6f:af:81:96:
39:2e:96:61:71:a5:bb:f6:79:bc:ec:c0:f7:e1:73:
14:59:24:02:fc:b3:6b:7b:9a:29:4a:03:3f:5d:b7:
fc:b4:72:8b:45:8a:0f:ae:b5:4a:28:03:39:06:2e:
a2:8d:17:ab:d9:3c:43:38:a4:b1:26:d3:aa:bd:de:
b5:74:4d:61:fc:da:c2:2b:4e:a8:cd:bd:b5:37:84:
60:52:55:8c:49:dc:34:d8:b2:48:3d:a1:f4:54:30:
05:4b:ac:aa:fd:11:d3:0f:80:80:bd:10:3f:25:57:
e3:62:fd:16:fa:ae:20:96:1a:f7:44:29:ad:25:74:
17:ea:2f:db:91:a0:5e:ce:93:c5:a2:eb:c0:52:4b:
f7:24:59:f5:c1:cf:62:69:4b:8a:43:0a:e3:ed:1f:
91:5f:61:a4:1d:56:34:95:63:e1:0e:34:d5:a4:8c:
bb:eb:78:df:dd:3f:5f:57:71:c1:07:3f:18:45:6a:
0a:e7:7a:9e:a1:1f:fd:f2:ed:20:4f:f5:de:bb:9e:
ad:0e:48:80:62:aa:d3:73:2b:4b:0f:3d:9c:80:0d:
15:0a:fa:ef:cf:12:6f:11:71:f9:a0:60:6c:f1:e4:
00:16:01:fc:a6:3f:ad:49:b8:98:38:fb:5b:67:8c:
29:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:08:59:D2:8E:0D:10:57:FE:B0:B4:9B:94:0E:70:74:75:84:E6:50
X509v3 Authority Key Identifier:
keyid:98:55:B8:0C:45:DF:B5:EA:7A:AA:7D:D1:D8:ED:8B:14:F9:C1:DC:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFW4DEXftep6qn3R2O2LFPnB3EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/3a6bb4-24b8-4086-a29d-ee6c509b6221/1/mFW4DEXftep6qn3R2O2LFPnB3EU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/3a6bb4-24b8-4086-a29d-ee6c509b6221/1/mFW4DEXftep6qn3R2O2LFPnB3EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:d9:8a:d4:05:67:7b:1a:78:89:4f:0c:5e:d4:c8:52:45:71:
c9:03:e9:45:f3:31:ae:01:02:4f:fc:11:ae:ba:b6:a5:da:ff:
d3:7a:86:11:eb:0b:60:b1:a0:30:72:d4:55:b9:df:cb:87:02:
57:88:c1:12:eb:1e:d1:98:a4:fd:33:ce:f7:d8:e8:76:ee:3d:
77:e2:d7:7a:93:10:56:7e:84:05:2c:33:22:ca:53:7a:65:f6:
55:ea:aa:25:9a:d3:15:58:5c:94:3a:45:6c:50:49:f2:f1:b6:
09:d4:40:37:2c:5a:df:00:31:cf:ab:73:b4:13:11:86:09:b8:
6c:10:db:43:8a:19:b2:91:a4:4c:3c:38:f1:9a:44:e5:51:8f:
e5:39:c5:2b:fe:cc:8d:eb:e2:52:f4:4c:e4:b3:76:b4:09:55:
62:b7:11:b0:c8:b8:06:9b:69:59:1c:91:dd:0d:95:b1:ce:45:
fd:eb:8c:84:0e:86:e3:be:65:95:2b:eb:42:c9:2e:67:53:62:
55:a5:34:1c:a9:e1:b4:5f:dd:c2:90:91:10:35:c1:91:c7:b4:
3a:e8:52:88:90:96:60:22:d4:c4:80:dd:92:d7:ca:7d:5e:6e:
42:d6:84:28:70:5e:ca:4e:dd:da:88:11:02:aa:5d:e4:3d:67:
78:46:b6:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyynEC6re87mVFRT1voqNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NTViODBjNDVkZmI1ZWE3YWFhN2RkMWQ4ZWQ4YjE0Zjlj
MWRjNDUwHhcNMjUxMTExMTIwMTAxWhcNMjUxMTEyMTIwMTAxWjAzMTEwLwYDVQQD
EyhhNDA4NTlkMjhlMGQxMDU3ZmViMGI0OWI5NDBlNzA3NDc1ODRlNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PPALDNYV4LCim+vgZY5LpZhcaW7
9nm87MD34XMUWSQC/LNre5opSgM/Xbf8tHKLRYoPrrVKKAM5Bi6ijRer2TxDOKSx
JtOqvd61dE1h/NrCK06ozb21N4RgUlWMSdw02LJIPaH0VDAFS6yq/RHTD4CAvRA/
JVfjYv0W+q4glhr3RCmtJXQX6i/bkaBezpPFouvAUkv3JFn1wc9iaUuKQwrj7R+R
X2GkHVY0lWPhDjTVpIy763jf3T9fV3HBBz8YRWoK53qeoR/98u0gT/Xeu56tDkiA
YqrTcytLDz2cgA0VCvrvzxJvEXH5oGBs8eQAFgH8pj+tSbiYOPtbZ4wp8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQIWdKODRBX/rC0m5QOcHR1hOZQMB8GA1UdIwQY
MBaAFJhVuAxF37Xqeqp90djtixT5wdxFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZXNERFWGZ0ZXA2cW4zUjJPMkxGUG5CM0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zYTZiYjQtMjRiOC00MDg2LWEyOWQt
ZWU2YzUwOWI2MjIxLzEvbUZXNERFWGZ0ZXA2cW4zUjJPMkxGUG5CM0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zYTZiYjQtMjRiOC00MDg2LWEyOWQtZWU2YzUwOWI2MjIx
LzEvbUZXNERFWGZ0ZXA2cW4zUjJPMkxGUG5CM0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACtmK1AVn
exp4iU8MXtTIUkVxyQPpRfMxrgECT/wRrrq2pdr/03qGEesLYLGgMHLUVbnfy4cC
V4jBEuse0Zik/TPO99jodu49d+LXepMQVn6EBSwzIspTemX2VeqqJZrTFVhclDpF
bFBJ8vG2CdRANyxa3wAxz6tztBMRhgm4bBDbQ4oZspGkTDw48ZpE5VGP5TnFK/7M
jeviUvRM5LN2tAlVYrcRsMi4BptpWRyR3Q2Vsc5F/euMhA6G475llSvrQskuZ1Ni
VaU0HKnhtF/dwpCREDXBkce0OuhSiJCWYCLUxIDdktfKfV5uQtaEKHBeyk7d2ogR
Aqpd5D1neEa2Tg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:43 2025 by rpki-client