Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: 1wpSl5BlOIZX33ulPzLPg42Nbk6flu86sd0MzT7097A=
Subject key identifier: 77:C9:32:B6:57:8D:82:F6:16:3E:CD:F3:4B:A2:97:24:DB:62:A7:A3
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 0199FA6A6A5330B710C52D88A73F5F4BCF65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0DC8
Signing time: Sun 19 Oct 2025 03:01:41 +0000
Manifest this update: Sun 19 Oct 2025 03:01:41 +0000
Manifest next update: Mon 20 Oct 2025 03:01:41 +0000
Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: QNdJZmoAA+ueuTWUk1aQ0dqf4id2hnsCuk3/wf6O8nI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 03:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:6a:6a:53:30:b7:10:c5:2d:88:a7:3f:5f:4b:cf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Oct 19 03:01:41 2025 GMT
Not After : Oct 20 03:01:41 2025 GMT
Subject: CN=77c932b6578d82f6163ecdf34ba29724db62a7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:09:da:42:bb:58:60:de:ae:35:55:86:e6:9a:
b3:af:0a:30:3a:22:22:12:af:b3:67:94:ed:8d:af:
70:e5:10:6a:b9:a3:a7:02:fb:36:96:2f:1b:43:e7:
43:df:3e:32:81:c9:88:9e:84:0e:bd:c1:a7:2f:cf:
fb:5e:89:db:2d:b2:dc:61:88:4b:f7:7e:3e:24:07:
83:c6:c3:61:d8:81:f7:9e:4d:61:1f:3c:1f:65:9b:
2c:1b:fe:cb:6c:91:3f:0d:1d:fb:c3:63:f8:f7:b9:
1e:f5:5f:ed:2b:7a:82:a6:2d:91:fb:7b:22:4c:34:
6f:97:38:0c:1d:9c:bd:ba:74:22:fd:db:c8:56:c8:
3b:8b:dd:fa:4d:7a:dd:ac:c5:35:43:0e:66:0e:49:
f8:b5:f1:f5:fe:5a:fb:9d:91:46:bb:2c:08:10:9d:
c5:a8:1c:a1:71:f5:1d:96:fd:df:9e:ba:62:86:37:
63:b6:d5:1b:a2:df:69:2e:a6:a9:77:2d:43:d0:65:
78:45:e7:73:ce:76:5a:d8:6f:0a:d6:57:9a:67:04:
6b:62:81:c6:a9:8a:41:8c:75:a2:09:a6:92:ad:fb:
c0:69:45:88:c3:5b:14:2e:24:b9:2d:63:e5:5a:3d:
e9:9d:07:d4:72:7b:54:11:d8:ea:f6:6b:51:25:56:
43:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C9:32:B6:57:8D:82:F6:16:3E:CD:F3:4B:A2:97:24:DB:62:A7:A3
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:71:c1:58:d3:c0:b5:2d:b1:b0:51:ed:c4:88:68:ef:fd:9a:
23:2c:40:83:b3:1c:a2:d0:70:c7:fe:4d:f6:63:d4:75:9c:b3:
fa:36:02:09:e1:4e:14:eb:e7:05:7c:16:f4:b1:18:31:39:d8:
66:62:ac:2d:b9:58:8d:98:bd:bb:9a:57:f9:aa:fb:6e:20:76:
22:ff:4c:e9:d9:45:04:28:36:07:9d:ba:92:38:6b:bf:8e:b8:
37:7b:34:29:b4:c2:72:1d:12:54:99:05:3b:00:e6:28:e8:07:
a7:8c:60:58:46:85:e7:cd:5d:70:7e:89:f5:1a:91:fc:5f:c9:
51:60:8b:a1:16:02:44:77:9e:b5:59:f1:35:ad:d5:5c:0e:9c:
a0:1f:c9:92:b1:41:d6:2b:76:e9:43:93:2f:dd:82:ed:ba:55:
c6:b5:a2:7d:30:33:c3:ba:93:0c:fa:a2:a0:87:0d:51:7c:73:
d8:aa:a9:81:9b:83:05:d9:79:de:ec:e8:a7:01:06:0b:6f:d6:
04:00:5a:6a:9f:42:bb:37:c6:8c:8f:e3:19:5f:b2:18:30:cd:
1d:f4:ae:75:e2:a3:42:a9:d2:29:2b:98:e0:e4:71:55:f0:0d:
64:a6:73:8e:00:05:5c:07:c4:f7:ea:a6:39:38:ae:28:05:77:
44:d4:76:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6ampTMLcQxS2Ipz9fS89lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjUxMDE5MDMwMTQxWhcNMjUxMDIwMDMwMTQxWjAzMTEwLwYDVQQD
Eyg3N2M5MzJiNjU3OGQ4MmY2MTYzZWNkZjM0YmEyOTcyNGRiNjJhN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAnaQrtYYN6uNVWG5pqzrwowOiIi
Eq+zZ5Ttja9w5RBquaOnAvs2li8bQ+dD3z4ygcmInoQOvcGnL8/7XonbLbLcYYhL
934+JAeDxsNh2IH3nk1hHzwfZZssG/7LbJE/DR37w2P497ke9V/tK3qCpi2R+3si
TDRvlzgMHZy9unQi/dvIVsg7i936TXrdrMU1Qw5mDkn4tfH1/lr7nZFGuywIEJ3F
qByhcfUdlv3fnrpihjdjttUbot9pLqapdy1D0GV4RedzznZa2G8K1leaZwRrYoHG
qYpBjHWiCaaSrfvAaUWIw1sULiS5LWPlWj3pnQfUcntUEdjq9mtRJVZDcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfJMrZXjYL2Fj7N80uilyTbYqejMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZnHBWNPA
tS2xsFHtxIho7/2aIyxAg7McotBwx/5N9mPUdZyz+jYCCeFOFOvnBXwW9LEYMTnY
ZmKsLblYjZi9u5pX+ar7biB2Iv9M6dlFBCg2B526kjhrv464N3s0KbTCch0SVJkF
OwDmKOgHp4xgWEaF581dcH6J9RqR/F/JUWCLoRYCRHeetVnxNa3VXA6coB/JkrFB
1it26UOTL92C7bpVxrWifTAzw7qTDPqioIcNUXxz2KqpgZuDBdl53uzopwEGC2/W
BABaap9CuzfGjI/jGV+yGDDNHfSudeKjQqnSKSuY4ORxVfANZKZzjgAFXAfE9+qm
OTiuKAV3RNR2Zg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 12:57:56 2025 by rpki-client