Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: XmCvK32C/9oS27gBAtqTI0oYcSPO1TZFoPdr2BM3OxQ=
Subject key identifier: 39:32:94:EE:AF:1A:00:A8:F7:9E:8E:69:D2:43:5B:E5:51:F2:A2:B6
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019E1E358FF8D9C989605E8011108D62F7F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0FED
Signing time: Tue 12 May 2026 22:01:27 +0000
Manifest this update: Tue 12 May 2026 22:01:27 +0000
Manifest next update: Wed 13 May 2026 22:01:27 +0000
Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: V7K6g40HyqZqwStmzM0GB2GWLW/LArj/K8KvHMVX8Pc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:35:8f:f8:d9:c9:89:60:5e:80:11:10:8d:62:f7:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: May 12 22:01:27 2026 GMT
Not After : May 13 22:01:27 2026 GMT
Subject: CN=393294eeaf1a00a8f79e8e69d2435be551f2a2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:fd:50:f0:86:ed:82:35:15:4e:89:63:9f:
c8:92:67:05:6c:a6:1d:f8:8d:6e:f4:aa:30:9e:cd:
3a:3c:bc:c4:92:78:23:78:1a:55:3e:ae:83:9b:58:
27:ef:6a:ed:46:ec:8d:8b:b7:95:27:63:e6:ee:20:
60:db:bd:14:b1:50:1a:70:00:e3:73:a7:70:c2:1b:
f0:72:b2:12:dc:ee:30:4d:f1:d7:ca:cb:ab:f0:aa:
51:9b:a0:27:a5:dc:45:34:1a:d5:95:0d:df:f7:90:
74:63:53:c8:a6:ac:c9:84:db:b4:75:c4:77:60:ed:
fe:b3:87:56:4f:d9:0c:56:53:e8:ad:17:74:11:88:
94:7c:ad:2e:cb:36:52:2b:ae:25:03:9a:04:bb:b5:
89:09:65:f5:0b:13:9f:20:6a:07:34:cb:32:b3:a9:
e7:49:eb:b7:10:3b:8c:c0:eb:60:af:7c:09:80:70:
85:bf:5d:90:ad:2b:35:69:3e:1b:f8:10:36:1b:b1:
ab:71:d2:f9:90:b8:60:e7:82:99:62:8d:28:dd:84:
61:e0:30:e1:0e:74:d1:25:25:34:3b:f0:48:e5:57:
2a:4f:f4:d0:ca:41:74:be:02:c6:8d:1f:9e:a5:ed:
68:1c:f2:59:3b:d8:2c:2f:ef:9e:0d:bd:7d:4d:e9:
20:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:32:94:EE:AF:1A:00:A8:F7:9E:8E:69:D2:43:5B:E5:51:F2:A2:B6
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:98:1c:43:4f:a0:ad:7f:c3:bf:78:ac:67:28:5c:07:08:b9:
84:74:bf:9f:ce:e8:bf:9c:3e:05:ba:35:a8:cf:19:2f:91:9d:
8e:44:ee:80:58:fe:6c:4e:5d:fc:ea:5a:bd:93:62:0f:bb:99:
20:b5:dd:9a:49:58:3c:be:9e:95:c8:9d:c2:75:d0:7c:15:35:
8a:3c:75:b9:47:65:92:e5:af:ec:56:7c:c5:45:22:cb:61:7a:
1a:a0:9e:f4:1e:ee:33:1e:71:b5:78:8e:dc:f6:07:4d:38:26:
f1:29:ef:76:dc:9f:68:02:a3:82:e1:34:3b:fe:f2:b1:90:22:
56:97:2a:c1:76:2e:5e:4e:17:00:a3:b0:79:f2:0a:dc:7c:05:
8c:51:c0:91:d9:38:74:d4:59:0e:4b:d4:97:13:83:b4:05:82:
06:4a:e0:fc:36:0e:0c:31:3a:10:31:61:ea:73:1f:77:92:3d:
a9:3c:5a:73:b8:a8:da:55:86:49:92:7d:af:bf:bd:e8:18:53:
db:19:77:28:bf:71:32:63:8b:e8:88:7b:c0:52:f0:7d:6e:7f:
41:dc:c4:5c:f3:a2:ef:14:be:58:4d:34:c3:28:9e:b7:32:e7:
87:d4:ad:6c:b8:eb:f7:c2:ae:26:80:6d:86:49:c0:36:44:aa:
13:67:9f:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNY/42cmJYF6AERCNYvf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjYwNTEyMjIwMTI3WhcNMjYwNTEzMjIwMTI3WjAzMTEwLwYDVQQD
EygzOTMyOTRlZWFmMWEwMGE4Zjc5ZThlNjlkMjQzNWJlNTUxZjJhMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFX9UPCG7YI1FU6JY5/IkmcFbKYd
+I1u9Kowns06PLzEkngjeBpVPq6Dm1gn72rtRuyNi7eVJ2Pm7iBg270UsVAacADj
c6dwwhvwcrIS3O4wTfHXysur8KpRm6AnpdxFNBrVlQ3f95B0Y1PIpqzJhNu0dcR3
YO3+s4dWT9kMVlPorRd0EYiUfK0uyzZSK64lA5oEu7WJCWX1CxOfIGoHNMsys6nn
Seu3EDuMwOtgr3wJgHCFv12QrSs1aT4b+BA2G7GrcdL5kLhg54KZYo0o3YRh4DDh
DnTRJSU0O/BI5VcqT/TQykF0vgLGjR+epe1oHPJZO9gsL++eDb19Tekg4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkylO6vGgCo956OadJDW+VR8qK2MB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJgcQ0+g
rX/Dv3isZyhcBwi5hHS/n87ov5w+Bbo1qM8ZL5GdjkTugFj+bE5d/OpavZNiD7uZ
ILXdmklYPL6elcidwnXQfBU1ijx1uUdlkuWv7FZ8xUUiy2F6GqCe9B7uMx5xtXiO
3PYHTTgm8SnvdtyfaAKjguE0O/7ysZAiVpcqwXYuXk4XAKOwefIK3HwFjFHAkdk4
dNRZDkvUlxODtAWCBkrg/DYODDE6EDFh6nMfd5I9qTxac7io2lWGSZJ9r7+96BhT
2xl3KL9xMmOL6Ih7wFLwfW5/QdzEXPOi7xS+WE00wyietzLnh9StbLjr98KuJoBt
hknANkSqE2efSw==
-----END CERTIFICATE-----
Generated at Wed May 13 03:47:13 2026 by rpki-client