Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: Fp6iD6urj7gba0qzo9mp1qd9uu++JNCnCmXvIvfmKco=
Subject key identifier: 20:3A:F2:44:8C:5B:D0:8D:25:16:78:AF:F2:C2:EC:01:70:C4:53:74
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 0197B7B2F5BED50924A870857E11636D2F7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0AFC
Signing time: Sat 28 Jun 2025 18:00:48 +0000
Manifest this update: Sat 28 Jun 2025 18:00:48 +0000
Manifest next update: Sun 29 Jun 2025 18:00:48 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: R/IStC1WJ7vq/pMLXYBYdA1fUgwJjiACcz0c9eoFOaw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b2:f5:be:d5:09:24:a8:70:85:7e:11:63:6d:2f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Jun 28 18:00:48 2025 GMT
Not After : Jun 29 18:00:48 2025 GMT
Subject: CN=203af2448c5bd08d251678aff2c2ec0170c45374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a2:9a:3a:92:42:96:56:3d:ec:84:63:4a:33:
b2:05:68:eb:e9:05:bf:3d:f1:59:2f:05:dd:4b:b0:
28:f2:6f:0f:24:ee:5f:b1:c7:2c:8b:f5:46:8a:42:
fa:3e:90:ba:f7:db:63:1c:2e:3b:7b:01:ad:e3:76:
71:e2:2f:e9:bb:22:d8:28:a5:db:93:39:e5:0f:a0:
9b:8f:75:86:de:b6:b7:f2:3b:15:51:6a:c0:22:c5:
77:fd:15:f2:18:1a:01:4f:53:c4:0d:2c:76:f6:b6:
1b:86:30:92:78:b8:e4:43:dd:aa:e9:2f:94:6c:96:
fc:24:86:07:12:ea:36:3e:34:fe:49:86:02:14:98:
32:12:c4:10:28:3a:65:61:78:86:c9:cf:ca:a2:89:
18:9e:01:cf:60:96:d4:ed:1b:60:88:c4:f9:86:60:
d9:03:cf:07:97:60:ed:e6:61:ef:2b:fd:e4:29:f7:
3e:ac:a4:9a:83:61:19:76:be:85:4f:d6:2a:62:dc:
c9:0b:b6:e5:d0:d9:30:53:77:71:a8:0d:3b:cf:93:
17:e5:71:c2:94:22:e1:72:ea:6b:6d:90:d9:75:95:
6a:61:75:35:a4:ab:44:91:28:05:1a:03:d9:d0:61:
4b:74:b9:90:ca:97:78:89:c3:80:fb:8d:7d:91:b0:
7f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3A:F2:44:8C:5B:D0:8D:25:16:78:AF:F2:C2:EC:01:70:C4:53:74
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:9d:d5:02:2d:3a:36:79:0c:63:46:0f:4a:f3:ff:59:cd:b8:
ba:f0:89:98:89:f2:04:1b:4f:60:e6:a6:60:c3:08:47:dd:a4:
e7:f6:bc:f2:a9:b2:99:52:29:82:e7:ab:15:0e:82:28:63:8a:
40:25:39:bd:46:fa:03:d2:74:16:26:28:65:2a:fc:b9:37:c3:
96:c1:a5:04:5d:76:d0:a8:ad:ce:25:81:11:39:ec:72:60:c5:
29:bb:c3:2c:cd:42:82:f0:53:58:86:58:83:bd:64:2f:1e:a4:
7b:0a:0b:5b:92:bd:44:d7:35:22:30:70:43:7a:f5:e0:8d:82:
97:05:ff:fd:95:a1:4a:5d:de:88:f3:1d:be:e6:53:ba:2c:63:
9d:6b:84:f2:e2:2f:30:31:8f:94:77:0d:ad:63:b7:0b:9f:3f:
2a:d0:59:5e:87:4d:45:98:6d:e7:70:62:ea:1e:71:07:3c:b2:
e0:51:27:fe:9e:85:59:e2:af:f0:09:bd:94:f7:98:30:cb:e7:
6c:bd:24:db:6c:9b:c1:ba:8d:33:f4:1b:2a:20:e2:9a:6a:6d:
fd:b4:5d:27:3d:12:e6:c0:a2:5b:bb:20:11:f1:cd:f4:89:78:
46:ff:d1:4a:80:a5:ee:cf:b7:f6:2f:ef:fa:a4:88:de:56:06:
f2:2d:9d:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3svW+1QkkqHCFfhFjbS96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwNjI4MTgwMDQ4WhcNMjUwNjI5MTgwMDQ4WjAzMTEwLwYDVQQD
EygyMDNhZjI0NDhjNWJkMDhkMjUxNjc4YWZmMmMyZWMwMTcwYzQ1Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqKaOpJCllY97IRjSjOyBWjr6QW/
PfFZLwXdS7Ao8m8PJO5fsccsi/VGikL6PpC699tjHC47ewGt43Zx4i/puyLYKKXb
kznlD6Cbj3WG3ra38jsVUWrAIsV3/RXyGBoBT1PEDSx29rYbhjCSeLjkQ92q6S+U
bJb8JIYHEuo2PjT+SYYCFJgyEsQQKDplYXiGyc/KookYngHPYJbU7RtgiMT5hmDZ
A88Hl2Dt5mHvK/3kKfc+rKSag2EZdr6FT9YqYtzJC7bl0NkwU3dxqA07z5MX5XHC
lCLhcuprbZDZdZVqYXU1pKtEkSgFGgPZ0GFLdLmQypd4icOA+419kbB/QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCA68kSMW9CNJRZ4r/LC7AFwxFN0MB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf53VAi06
NnkMY0YPSvP/Wc24uvCJmInyBBtPYOamYMMIR92k5/a88qmymVIpguerFQ6CKGOK
QCU5vUb6A9J0FiYoZSr8uTfDlsGlBF120KitziWBETnscmDFKbvDLM1CgvBTWIZY
g71kLx6kewoLW5K9RNc1IjBwQ3r14I2ClwX//ZWhSl3eiPMdvuZTuixjnWuE8uIv
MDGPlHcNrWO3C58/KtBZXodNRZht53Bi6h5xBzyy4FEn/p6FWeKv8Am9lPeYMMvn
bL0k22ybwbqNM/QbKiDimmpt/bRdJz0S5sCiW7sgEfHN9Il4Rv/RSoCl7s+39i/v
+qSI3lYG8i2dew==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:45:29 2025 by rpki-client