Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: Ea4lJWEha6txuGH5xqVI2Ze1doDtCDDcJvQOkuqSVi8=
Subject key identifier: C1:59:E6:89:D2:73:A0:D3:76:39:E6:9C:52:72:10:4F:24:95:13:E0
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 0199FB0EE6AE875FF555060AAF5E8D527A5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0C28
Signing time: Sun 19 Oct 2025 06:01:21 +0000
Manifest this update: Sun 19 Oct 2025 06:01:21 +0000
Manifest next update: Mon 20 Oct 2025 06:01:21 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: GrJbqccLQN199j3LiKCj/sUGBSI2cid+f6zzOoIJkTQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:0e:e6:ae:87:5f:f5:55:06:0a:af:5e:8d:52:7a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Oct 19 06:01:21 2025 GMT
Not After : Oct 20 06:01:21 2025 GMT
Subject: CN=c159e689d273a0d37639e69c5272104f249513e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e8:4e:e4:24:8e:7a:cf:03:9f:7b:3d:f4:ea:
11:fe:08:73:32:52:2d:90:c6:0d:a4:fe:69:3c:95:
69:24:94:ef:7b:b5:0f:b7:2b:32:96:fd:e4:9d:6c:
19:01:73:e4:8f:54:ae:00:69:98:c3:2e:19:7d:91:
38:3d:66:c1:2b:9a:29:5c:b0:18:32:fc:5d:ea:4b:
32:b5:db:d7:02:d7:9c:19:00:a9:eb:34:d2:b2:cc:
f9:1e:b7:91:cd:99:f9:de:23:cd:75:86:25:f5:36:
82:c9:8d:d9:f3:0a:73:a7:44:5a:06:1e:26:cb:c5:
51:74:e4:14:cc:5d:60:0e:21:57:4b:8a:ef:6f:1d:
af:20:90:23:41:c0:75:ee:d4:dd:78:9f:82:1d:31:
8a:93:41:0f:2e:cb:74:98:4c:e9:dd:cc:11:46:5d:
5d:fd:7a:c6:9f:53:37:56:4c:27:1b:9f:7f:0e:8e:
97:2c:b1:2c:31:e2:ca:82:0e:f2:66:18:e3:35:63:
90:44:f4:e7:49:13:11:50:2f:b2:21:7b:2c:04:dc:
25:4b:fc:0a:8d:e6:27:fc:2d:8c:ba:a6:15:e7:5b:
f1:38:fb:3d:ab:7d:b8:f4:0c:76:2a:03:0c:82:4d:
97:9e:7e:d0:b6:84:07:c8:db:86:bb:ef:30:d5:a0:
c3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:59:E6:89:D2:73:A0:D3:76:39:E6:9C:52:72:10:4F:24:95:13:E0
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:2a:a5:31:90:6a:04:19:fa:f2:a1:f6:c2:17:89:71:6e:a4:
0d:cf:ae:58:86:d5:93:74:9c:29:d7:b8:9a:4e:e2:6d:f4:5c:
e7:d6:eb:c8:0c:5b:95:64:53:0d:90:65:21:98:00:f5:89:a6:
74:91:c0:e5:fc:6a:11:ff:16:6f:39:07:67:64:6e:c3:14:76:
60:5f:89:12:a9:cb:c8:96:db:83:ad:92:cd:a6:8a:27:8b:5d:
cf:3f:52:06:fb:90:4a:d7:8d:a5:31:c8:73:ff:07:8c:81:0f:
59:0c:27:de:5f:e7:11:ec:e1:0a:b9:f8:9a:8b:4c:ee:05:b2:
33:2f:03:ea:a7:37:2d:9d:92:56:dc:5a:a6:d5:40:46:13:17:
f4:84:b1:3e:62:f2:ee:36:80:91:2c:a1:91:3f:03:c4:12:dc:
f2:ab:aa:30:fb:8d:e5:ae:2e:44:9f:6c:99:77:03:29:5b:b1:
a3:d8:3d:8d:d9:bd:b4:2c:0f:95:0b:75:ab:8f:57:52:96:f7:
ee:70:31:19:39:fe:bf:68:00:09:89:c1:80:a5:af:8f:2f:84:
0a:e0:d6:99:37:15:f3:04:34:94:51:b0:e8:9a:e9:e2:23:97:
68:06:a7:06:4c:49:33:1f:6a:3c:05:06:7d:19:90:f6:80:3c:
05:55:43:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Duauh1/1VQYKr16NUnpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUxMDE5MDYwMTIxWhcNMjUxMDIwMDYwMTIxWjAzMTEwLwYDVQQD
EyhjMTU5ZTY4OWQyNzNhMGQzNzYzOWU2OWM1MjcyMTA0ZjI0OTUxM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOhO5CSOes8Dn3s99OoR/ghzMlIt
kMYNpP5pPJVpJJTve7UPtysylv3knWwZAXPkj1SuAGmYwy4ZfZE4PWbBK5opXLAY
Mvxd6ksytdvXAtecGQCp6zTSssz5HreRzZn53iPNdYYl9TaCyY3Z8wpzp0RaBh4m
y8VRdOQUzF1gDiFXS4rvbx2vIJAjQcB17tTdeJ+CHTGKk0EPLst0mEzp3cwRRl1d
/XrGn1M3VkwnG59/Do6XLLEsMeLKgg7yZhjjNWOQRPTnSRMRUC+yIXssBNwlS/wK
jeYn/C2MuqYV51vxOPs9q3249Ax2KgMMgk2Xnn7QtoQHyNuGu+8w1aDDaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFZ5onSc6DTdjnmnFJyEE8klRPgMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeSqlMZBq
BBn68qH2wheJcW6kDc+uWIbVk3ScKde4mk7ibfRc59bryAxblWRTDZBlIZgA9Ymm
dJHA5fxqEf8WbzkHZ2RuwxR2YF+JEqnLyJbbg62SzaaKJ4tdzz9SBvuQSteNpTHI
c/8HjIEPWQwn3l/nEezhCrn4motM7gWyMy8D6qc3LZ2SVtxaptVARhMX9ISxPmLy
7jaAkSyhkT8DxBLc8quqMPuN5a4uRJ9smXcDKVuxo9g9jdm9tCwPlQt1q49XUpb3
7nAxGTn+v2gACYnBgKWvjy+ECuDWmTcV8wQ0lFGw6Jrp4iOXaAanBkxJMx9qPAUG
fRmQ9oA8BVVDFg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:32:33 2025 by rpki-client