Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: lDzvgTzPcK+zCIpl6Fd7Xj1KMz+wNkZmcdW/Q5qam48=
Subject key identifier: 17:0C:12:A2:16:7E:7C:CD:F4:7A:27:B5:C2:5F:7B:C7:1D:9D:41:2E
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019E1F10E0B92C5C74D33715A20439CBD62D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0E4D
Signing time: Wed 13 May 2026 02:01:00 +0000
Manifest this update: Wed 13 May 2026 02:01:00 +0000
Manifest next update: Thu 14 May 2026 02:01:00 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: tLyAzkU2qyuGVClkrmd6/6C4gwfNpWTr/p0Pmxx9OME=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1f:10:e0:b9:2c:5c:74:d3:37:15:a2:04:39:cb:d6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: May 13 02:01:00 2026 GMT
Not After : May 14 02:01:00 2026 GMT
Subject: CN=170c12a2167e7ccdf47a27b5c25f7bc71d9d412e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2a:87:ea:e0:c1:ba:82:32:b4:c0:e4:ad:6c:
b8:fe:9c:71:35:30:ff:b2:96:1c:c2:79:92:24:e9:
bc:5d:3e:25:09:2c:57:aa:41:1a:8a:a8:33:04:44:
1a:40:f4:7f:5f:16:32:5a:83:2c:fa:ff:07:a7:65:
54:2e:71:2a:22:a9:cf:5c:92:3a:78:03:9c:fe:ac:
a0:49:94:81:11:08:1f:63:fa:33:99:90:45:5b:9a:
ab:41:53:2a:b1:4f:b5:d6:28:e2:ae:2c:2c:28:6c:
3a:19:6d:31:d4:d5:6e:90:37:25:17:bd:3a:76:13:
ce:62:a6:a1:28:76:63:f0:fd:0e:5d:81:18:64:6c:
a2:b0:01:0a:bc:e1:ae:a5:41:60:08:d4:22:1c:46:
17:fd:11:b6:11:ef:e4:f7:e4:b4:36:3c:19:77:15:
0a:58:07:60:c0:ef:e2:de:b5:8a:36:8e:65:df:9b:
11:b0:cc:2b:8d:54:3b:73:fc:4f:1d:57:03:26:99:
b1:ba:74:08:20:7e:03:f9:92:cd:6e:13:3b:48:2d:
cc:77:84:5c:9a:93:53:a6:ec:58:51:35:69:20:65:
b2:05:45:2a:1e:4f:91:5c:1e:26:db:22:19:29:30:
59:b3:2a:03:61:86:6a:d3:2d:83:92:06:78:08:d8:
a1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0C:12:A2:16:7E:7C:CD:F4:7A:27:B5:C2:5F:7B:C7:1D:9D:41:2E
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:a2:ea:c5:17:21:e6:00:ef:ea:49:6c:70:b7:4b:da:24:3f:
ad:e5:3e:35:ff:cb:68:88:a4:62:c9:2a:53:51:3f:87:7c:c8:
a0:22:a8:dd:7d:3a:1f:71:1a:8c:80:14:c1:3f:9d:6e:a0:8b:
f0:d5:82:0c:4c:04:30:b6:e6:17:8e:66:39:36:a0:26:69:1d:
4d:d9:67:7c:57:01:58:8b:ee:5a:62:83:4a:29:bb:69:03:04:
7c:5f:66:cb:41:61:dd:1e:e2:fb:3d:fa:ce:8d:17:07:57:4f:
9c:8f:a5:70:dc:43:95:95:d1:ab:aa:e8:f5:1c:fd:f3:7a:6e:
77:23:00:8f:57:91:9f:13:30:64:31:1b:d1:56:22:0f:bc:57:
fb:76:ba:9a:3b:8a:52:23:3e:32:67:2a:a6:5d:6f:af:1f:6b:
1e:84:fd:ec:45:24:cf:ae:6d:f3:56:5c:a8:a4:50:32:8f:84:
4a:fb:0e:fd:b6:4b:33:79:ff:87:86:ff:d0:77:04:41:11:40:
6d:af:93:f1:d3:6a:25:6f:11:d5:ea:59:7f:82:10:53:01:68:
58:3f:04:06:c5:7b:1b:75:88:3e:30:72:cd:e5:c1:f7:d7:d6:
99:a0:30:12:92:a3:91:9d:cc:ff:57:35:d1:af:57:26:f0:03:
d8:0b:5b:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fEOC5LFx00zcVogQ5y9YtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwNTEzMDIwMTAwWhcNMjYwNTE0MDIwMTAwWjAzMTEwLwYDVQQD
EygxNzBjMTJhMjE2N2U3Y2NkZjQ3YTI3YjVjMjVmN2JjNzFkOWQ0MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCqH6uDBuoIytMDkrWy4/pxxNTD/
spYcwnmSJOm8XT4lCSxXqkEaiqgzBEQaQPR/XxYyWoMs+v8Hp2VULnEqIqnPXJI6
eAOc/qygSZSBEQgfY/ozmZBFW5qrQVMqsU+11ijiriwsKGw6GW0x1NVukDclF706
dhPOYqahKHZj8P0OXYEYZGyisAEKvOGupUFgCNQiHEYX/RG2Ee/k9+S0NjwZdxUK
WAdgwO/i3rWKNo5l35sRsMwrjVQ7c/xPHVcDJpmxunQIIH4D+ZLNbhM7SC3Md4Rc
mpNTpuxYUTVpIGWyBUUqHk+RXB4m2yIZKTBZsyoDYYZq0y2DkgZ4CNihswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcMEqIWfnzN9HontcJfe8cdnUEuMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATaLqxRch
5gDv6klscLdL2iQ/reU+Nf/LaIikYskqU1E/h3zIoCKo3X06H3EajIAUwT+dbqCL
8NWCDEwEMLbmF45mOTagJmkdTdlnfFcBWIvuWmKDSim7aQMEfF9my0Fh3R7i+z36
zo0XB1dPnI+lcNxDlZXRq6ro9Rz983pudyMAj1eRnxMwZDEb0VYiD7xX+3a6mjuK
UiM+Mmcqpl1vrx9rHoT97EUkz65t81ZcqKRQMo+ESvsO/bZLM3n/h4b/0HcEQRFA
ba+T8dNqJW8R1epZf4IQUwFoWD8EBsV7G3WIPjByzeXB99fWmaAwEpKjkZ3M/1c1
0a9XJvAD2AtbIQ==
-----END CERTIFICATE-----
Generated at Wed May 13 05:52:58 2026 by rpki-client