Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: VMjJJmAeZPFSzShkbt/wieAfeEwLa4TegRcMmig5/fg=
Subject key identifier: E2:45:1C:5F:6B:D9:78:DB:45:C8:18:1C:53:FF:F8:F0:5D:93:45:8F
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 0198D583704B7228CF040513DF0971460EBA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0B90
Signing time: Sat 23 Aug 2025 06:00:17 +0000
Manifest this update: Sat 23 Aug 2025 06:00:17 +0000
Manifest next update: Sun 24 Aug 2025 06:00:17 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: qhc2T9Wi8wf/Ym2UuqlM2FxjJgi5T8VyYr8FxTvc+Gw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:70:4b:72:28:cf:04:05:13:df:09:71:46:0e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Aug 23 06:00:17 2025 GMT
Not After : Aug 24 06:00:17 2025 GMT
Subject: CN=e2451c5f6bd978db45c8181c53fff8f05d93458f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:50:90:51:2f:5b:2e:d4:37:c0:b5:c2:ad:8b:
46:8c:45:ee:ba:8d:b8:4c:12:a0:a8:28:9a:fd:df:
57:03:93:7d:8c:fb:03:2a:30:9a:ab:ee:18:82:e8:
a3:e5:7c:93:d3:39:5d:21:f6:e1:8c:ca:a1:80:13:
09:b1:6b:fd:db:5c:59:23:38:8a:ee:9e:1d:a7:14:
9e:18:95:3f:cf:20:c8:d4:7e:e8:f2:5d:64:7b:f9:
62:17:c0:a2:d5:bc:ce:f8:38:c9:52:c6:a1:f1:7e:
02:d5:09:8d:b8:40:0f:7e:a0:a8:ee:9c:9b:97:ea:
33:fd:90:7a:21:d2:ef:7f:a7:a1:93:d5:d5:c5:f7:
1e:f6:8d:98:3b:e4:3a:ea:18:ed:9d:f9:0e:7c:89:
a2:21:99:b5:82:2c:78:00:12:8d:e9:15:28:a3:41:
a9:7b:56:43:9f:f9:3e:2e:84:13:87:1b:59:23:3a:
90:79:f2:74:0a:f4:be:6d:8c:17:17:6d:14:2d:41:
46:3c:f5:01:92:e8:9a:a0:f5:11:85:97:07:2f:bb:
a8:71:dc:c3:8e:82:51:64:7d:29:d3:3d:90:17:3f:
bf:80:be:98:b9:c6:45:db:78:42:b0:71:c6:24:e6:
34:b3:00:27:66:4b:c0:4f:1f:cf:17:a5:e5:a5:b3:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:45:1C:5F:6B:D9:78:DB:45:C8:18:1C:53:FF:F8:F0:5D:93:45:8F
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:8f:8b:c9:38:92:1a:11:07:d4:47:0a:f9:bf:ca:0a:c5:0e:
b4:ee:1b:4f:27:25:b2:f2:3f:e0:90:6b:06:9a:42:9b:89:b6:
80:2c:83:f5:a6:30:78:30:e7:6b:57:1a:e2:f1:77:f3:08:3d:
dc:c8:d3:a7:cc:17:c7:c3:6c:0c:17:12:ce:63:41:5a:75:dc:
a2:dc:c9:16:a2:23:0f:ef:95:0d:41:32:cb:3b:ee:24:8e:f6:
48:13:21:d3:6c:08:84:9e:2f:25:59:43:45:fa:e0:19:7d:b6:
d3:08:0b:3c:5a:45:50:9c:f5:8a:08:78:0e:29:8f:77:2f:09:
8b:b8:e7:68:38:d3:fa:89:0d:58:0b:c8:30:a2:f1:ad:12:26:
b4:72:26:24:bb:e4:62:4d:4e:e5:83:cd:0c:3d:c4:98:52:20:
be:20:52:a7:b4:b4:a7:8d:1a:0d:24:f8:91:00:76:38:33:ff:
c7:a4:94:cc:05:9b:cf:e7:70:c9:52:d1:c0:a9:f8:cc:ba:76:
aa:39:63:85:b5:de:eb:b1:ba:fc:c0:49:7a:e7:2f:a8:bb:55:
45:bc:00:84:4c:aa:98:2c:18:12:38:ae:e7:f7:c1:cd:b1:9a:
de:76:a2:dd:49:06:d8:db:c1:15:77:b5:28:ed:06:39:4a:88:
44:96:32:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg3BLcijPBAUT3wlxRg66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwODIzMDYwMDE3WhcNMjUwODI0MDYwMDE3WjAzMTEwLwYDVQQD
EyhlMjQ1MWM1ZjZiZDk3OGRiNDVjODE4MWM1M2ZmZjhmMDVkOTM0NThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FCQUS9bLtQ3wLXCrYtGjEXuuo24
TBKgqCia/d9XA5N9jPsDKjCaq+4Yguij5XyT0zldIfbhjMqhgBMJsWv921xZIziK
7p4dpxSeGJU/zyDI1H7o8l1ke/liF8Ci1bzO+DjJUsah8X4C1QmNuEAPfqCo7pyb
l+oz/ZB6IdLvf6ehk9XVxfce9o2YO+Q66hjtnfkOfImiIZm1gix4ABKN6RUoo0Gp
e1ZDn/k+LoQThxtZIzqQefJ0CvS+bYwXF20ULUFGPPUBkuiaoPURhZcHL7uocdzD
joJRZH0p0z2QFz+/gL6YucZF23hCsHHGJOY0swAnZkvATx/PF6XlpbOWBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJFHF9r2XjbRcgYHFP/+PBdk0WPMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4+LyTiS
GhEH1EcK+b/KCsUOtO4bTyclsvI/4JBrBppCm4m2gCyD9aYweDDna1ca4vF38wg9
3MjTp8wXx8NsDBcSzmNBWnXcotzJFqIjD++VDUEyyzvuJI72SBMh02wIhJ4vJVlD
RfrgGX220wgLPFpFUJz1igh4DimPdy8Ji7jnaDjT+okNWAvIMKLxrRImtHImJLvk
Yk1O5YPNDD3EmFIgviBSp7S0p40aDST4kQB2ODP/x6SUzAWbz+dwyVLRwKn4zLp2
qjljhbXe67G6/MBJeucvqLtVRbwAhEyqmCwYEjiu5/fBzbGa3nai3UkG2NvBFXe1
KO0GOUqIRJYyYQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:35:20 2025 by rpki-client