Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: YLPa56l62f1tLMB+zXqMD37OOtguKgblQ33GEYEeiHQ=
Subject key identifier: 30:A8:69:EA:B4:B7:07:52:04:60:67:8B:5D:4D:DF:C2:C9:C1:65:2A
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019D2704E4DED7B83AF980F1385FE68FF161
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0F6D
Signing time: Wed 25 Mar 2026 22:02:05 +0000
Manifest this update: Wed 25 Mar 2026 22:02:05 +0000
Manifest next update: Thu 26 Mar 2026 22:02:05 +0000
Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: f3LLxT1JpzgxQz9I40JMyRSQemoJYU1B2Twk8/9qtMc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:e4:de:d7:b8:3a:f9:80:f1:38:5f:e6:8f:f1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Mar 25 22:02:05 2026 GMT
Not After : Mar 26 22:02:05 2026 GMT
Subject: CN=30a869eab4b707520460678b5d4ddfc2c9c1652a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ca:c4:57:96:b0:6c:73:af:3b:0c:51:76:ad:
85:4e:32:42:db:c5:87:66:29:6f:f5:74:87:ac:64:
f5:1e:d4:3b:dc:fe:d4:51:9e:da:04:ad:c1:69:d1:
60:24:eb:d2:cf:62:40:eb:f6:e8:f8:14:cf:1d:30:
13:97:aa:8e:1d:50:26:8f:e0:c0:aa:07:9c:c9:a0:
34:22:95:8a:84:71:48:44:7b:24:ce:58:6b:a6:c1:
44:6f:db:d9:c5:f8:a2:c4:36:d5:4f:76:9c:54:3f:
69:5d:b8:2e:1f:bc:79:d7:20:7f:e7:77:d7:2e:c9:
57:b4:80:ad:1e:f0:bd:05:66:4f:d0:63:b1:5c:fa:
4f:fa:11:ae:f2:e0:e9:26:5b:fd:66:76:b8:58:88:
3d:bd:ac:5a:bd:90:e4:e7:c0:af:aa:33:e8:c3:b5:
23:e6:66:3f:9c:8e:24:b8:83:dc:51:7c:dc:9a:e4:
8e:a6:cf:a9:22:7d:31:a2:49:ce:8f:f8:11:19:60:
f4:e4:7f:ab:a2:7c:50:81:21:67:38:dc:30:06:ca:
b5:fb:5a:7e:a4:cf:a0:e1:c4:28:93:37:43:09:d2:
17:43:7f:a2:a9:84:2d:f7:ad:38:42:7b:2e:0d:5c:
22:90:e6:dd:90:61:2f:45:f3:d5:53:91:a7:8e:37:
b9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A8:69:EA:B4:B7:07:52:04:60:67:8B:5D:4D:DF:C2:C9:C1:65:2A
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:2d:01:5a:19:c9:04:d3:0d:38:51:cc:71:11:e2:c8:33:35:
c0:60:89:40:b8:af:bf:b6:d3:91:d6:08:a5:a9:72:e0:40:c7:
f7:f4:0b:6e:ef:89:5e:1a:45:11:36:ec:96:58:f5:ab:45:c2:
10:00:e0:d8:9c:ca:83:cb:c0:69:3c:f3:d8:13:f2:73:30:14:
64:e9:b2:b7:8d:b2:38:bd:96:9e:48:3e:e0:08:1c:0d:af:79:
97:62:b1:78:c8:e9:d5:e8:07:b7:5c:76:c2:f8:0d:22:dc:a9:
ad:f4:63:b3:d6:9c:d1:d3:3c:3f:97:b2:fa:62:0b:d8:9b:d0:
87:fc:38:c3:fd:95:af:be:f4:24:81:be:4a:4c:4b:6c:7c:6e:
3d:86:6d:2b:06:cf:61:22:e2:14:d7:74:bc:8b:a4:36:d1:da:
ce:1d:3a:ec:46:13:4e:8e:a8:ae:fa:ee:8e:d8:81:da:a4:74:
b4:31:e7:15:2d:4b:e7:fc:d3:15:21:21:a7:d1:cc:8c:d3:ec:
4f:02:d6:be:3b:9b:1e:bb:90:67:db:b5:2e:75:7e:8d:f7:e6:
a2:6a:69:9b:2c:94:09:f3:3d:a1:12:00:a3:1c:11:57:de:57:
fc:38:84:08:85:7c:4e:4f:65:dc:f4:f9:5e:f4:73:16:2c:24:
d9:7a:48:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBOTe17g6+YDxOF/mj/FhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjYwMzI1MjIwMjA1WhcNMjYwMzI2MjIwMjA1WjAzMTEwLwYDVQQD
EygzMGE4NjllYWI0YjcwNzUyMDQ2MDY3OGI1ZDRkZGZjMmM5YzE2NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcrEV5awbHOvOwxRdq2FTjJC28WH
Zilv9XSHrGT1HtQ73P7UUZ7aBK3BadFgJOvSz2JA6/bo+BTPHTATl6qOHVAmj+DA
qgecyaA0IpWKhHFIRHskzlhrpsFEb9vZxfiixDbVT3acVD9pXbguH7x51yB/53fX
LslXtICtHvC9BWZP0GOxXPpP+hGu8uDpJlv9Zna4WIg9vaxavZDk58CvqjPow7Uj
5mY/nI4kuIPcUXzcmuSOps+pIn0xoknOj/gRGWD05H+ronxQgSFnONwwBsq1+1p+
pM+g4cQokzdDCdIXQ3+iqYQt9604QnsuDVwikObdkGEvRfPVU5Gnjje5QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCoaeq0twdSBGBni11N38LJwWUqMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEi0BWhnJ
BNMNOFHMcRHiyDM1wGCJQLivv7bTkdYIpaly4EDH9/QLbu+JXhpFETbsllj1q0XC
EADg2JzKg8vAaTzz2BPyczAUZOmyt42yOL2Wnkg+4AgcDa95l2KxeMjp1egHt1x2
wvgNItyprfRjs9ac0dM8P5ey+mIL2JvQh/w4w/2Vr770JIG+SkxLbHxuPYZtKwbP
YSLiFNd0vIukNtHazh067EYTTo6orvrujtiB2qR0tDHnFS1L5/zTFSEhp9HMjNPs
TwLWvjubHruQZ9u1LnV+jffmomppmyyUCfM9oRIAoxwRV95X/DiECIV8Tk9l3PT5
XvRzFiwk2XpIHg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:18:54 2026 by rpki-client