Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: c4BlANCAv1vOiTklcZGHtKNVLyRB7P6KUpRDyZ9kqMs=
Subject key identifier: 8B:71:05:9D:F3:B6:C9:B1:6E:56:1A:2C:1E:27:97:09:D6:36:F7:CC
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019D29CE10B8F0D3C7ABB7410AFEA7CD5763
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0DCE
Signing time: Thu 26 Mar 2026 11:01:03 +0000
Manifest this update: Thu 26 Mar 2026 11:01:03 +0000
Manifest next update: Fri 27 Mar 2026 11:01:03 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: sQOxL6UXHuMyn3hl0ZsC90/7QsE3LaIIfDQ1lKPRVfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 11:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:10:b8:f0:d3:c7:ab:b7:41:0a:fe:a7:cd:57:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Mar 26 11:01:03 2026 GMT
Not After : Mar 27 11:01:03 2026 GMT
Subject: CN=8b71059df3b6c9b16e561a2c1e279709d636f7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:06:2f:c8:5a:35:2e:84:91:e2:14:c6:50:ab:
6e:03:46:d7:df:7d:91:14:dd:ef:37:4f:d2:16:3e:
17:77:b9:9a:18:dd:9e:a5:32:23:e4:27:44:11:3a:
eb:2b:ad:59:2c:9e:f2:a3:06:6d:fa:da:30:4c:12:
f2:e3:68:61:4b:d0:bb:03:27:c4:b4:46:52:6b:d1:
27:94:98:65:12:90:15:8a:d5:6a:9f:f9:a6:39:68:
25:8f:13:d2:1e:cc:d9:43:95:a4:0f:85:52:f3:fb:
b1:13:2b:06:14:4e:72:fe:02:82:e3:45:74:e3:be:
a8:e9:aa:5e:ac:9b:8d:1d:e2:86:79:fd:d2:fe:a9:
6b:cc:b7:cd:86:16:d0:c2:06:bc:4b:3e:65:e8:e2:
87:ae:93:5a:b2:70:82:b5:3e:51:fd:60:b6:25:f3:
0c:3d:c9:21:ab:bf:de:02:96:3e:89:e5:d5:da:02:
c3:fa:8f:54:c1:a4:47:11:8a:be:e9:54:d6:57:b9:
c3:7c:0f:66:01:51:f4:47:25:19:92:59:03:fa:12:
4a:d5:92:28:83:71:8e:c8:4a:55:ec:ae:db:32:44:
65:70:02:6c:55:71:ad:90:12:c0:3d:26:ba:0e:b6:
8f:3e:37:fd:91:86:54:fc:c5:0a:b4:64:e9:62:2f:
03:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:71:05:9D:F3:B6:C9:B1:6E:56:1A:2C:1E:27:97:09:D6:36:F7:CC
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:1a:a5:3d:58:05:23:15:a0:ab:20:f7:0a:ac:fa:d1:0b:7d:
6b:3f:00:af:06:fa:9b:7f:1d:4d:2d:b2:47:80:a9:fb:d5:d7:
98:fb:31:f0:a8:75:7d:0d:20:b3:46:0e:66:95:7f:0b:2c:8a:
06:fd:c3:33:49:f4:a2:94:5a:e7:01:3c:76:75:62:22:81:b2:
de:7c:02:d7:2e:e1:ba:4f:e8:42:32:a2:e5:bd:e9:ae:72:32:
0b:3b:4d:d9:ff:f0:87:de:50:01:6e:87:b8:ed:23:3f:32:82:
6d:76:28:96:e7:be:25:18:50:94:b3:e6:ea:9d:10:9a:e2:10:
2b:fd:5f:45:ce:5d:3d:e4:1a:ec:ee:7c:bc:7a:75:8f:43:d4:
f6:58:bd:3e:17:8f:80:6b:4f:e0:d5:18:1d:81:47:b1:c5:a1:
eb:9e:89:a8:d5:2e:33:62:9f:b5:7c:ab:8f:d5:56:a6:57:2c:
b3:f6:33:13:53:f0:b0:77:26:c4:35:94:b8:3f:25:d4:59:38:
31:73:19:75:85:92:95:83:3a:b5:74:dc:ad:8e:d7:03:e3:9a:
1a:a2:dd:2d:32:73:1b:ce:3a:25:5d:3c:28:b8:7b:48:ee:b5:
55:e8:4d:92:e1:ac:cb:0b:a2:96:a3:f3:50:d9:19:09:e5:7d:
53:12:54:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzhC48NPHq7dBCv6nzVdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwMzI2MTEwMTAzWhcNMjYwMzI3MTEwMTAzWjAzMTEwLwYDVQQD
Eyg4YjcxMDU5ZGYzYjZjOWIxNmU1NjFhMmMxZTI3OTcwOWQ2MzZmN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwYvyFo1LoSR4hTGUKtuA0bX332R
FN3vN0/SFj4Xd7maGN2epTIj5CdEETrrK61ZLJ7yowZt+towTBLy42hhS9C7AyfE
tEZSa9EnlJhlEpAVitVqn/mmOWgljxPSHszZQ5WkD4VS8/uxEysGFE5y/gKC40V0
476o6aperJuNHeKGef3S/qlrzLfNhhbQwga8Sz5l6OKHrpNasnCCtT5R/WC2JfMM
Pckhq7/eApY+ieXV2gLD+o9UwaRHEYq+6VTWV7nDfA9mAVH0RyUZklkD+hJK1ZIo
g3GOyEpV7K7bMkRlcAJsVXGtkBLAPSa6DraPPjf9kYZU/MUKtGTpYi8DxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItxBZ3ztsmxblYaLB4nlwnWNvfMMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHxqlPVgF
IxWgqyD3Cqz60Qt9az8Arwb6m38dTS2yR4Cp+9XXmPsx8Kh1fQ0gs0YOZpV/CyyK
Bv3DM0n0opRa5wE8dnViIoGy3nwC1y7huk/oQjKi5b3prnIyCztN2f/wh95QAW6H
uO0jPzKCbXYolue+JRhQlLPm6p0QmuIQK/1fRc5dPeQa7O58vHp1j0PU9li9PheP
gGtP4NUYHYFHscWh656JqNUuM2KftXyrj9VWplcss/YzE1PwsHcmxDWUuD8l1Fk4
MXMZdYWSlYM6tXTcrY7XA+OaGqLdLTJzG846JV08KLh7SO61VehNkuGsywuilqPz
UNkZCeV9UxJU0w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:37:05 2026 by rpki-client