Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: jr7euEvJHOFsqqknKn6O/PnYksy8fbtY9UHfhrstc3A=
Subject key identifier: E9:9A:F1:2D:24:42:A9:4B:03:4D:75:35:D2:86:99:BF:99:A7:34:F7
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 0199FFC80AB2219DEC9B40B8F35DEFBB1052
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 03E9
Signing time: Mon 20 Oct 2025 04:02:04 +0000
Manifest this update: Mon 20 Oct 2025 04:02:04 +0000
Manifest next update: Tue 21 Oct 2025 04:02:04 +0000
Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=)
2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: 4ZCVlC1gZenpaNN1VAwoHe303YHCdgTZq8wBbMdj6tQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:0a:b2:21:9d:ec:9b:40:b8:f3:5d:ef:bb:10:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Oct 20 04:02:04 2025 GMT
Not After : Oct 21 04:02:04 2025 GMT
Subject: CN=e99af12d2442a94b034d7535d28699bf99a734f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:63:82:2c:51:c2:6e:6f:98:8b:2a:0e:d3:0b:
cc:3b:95:35:95:82:ce:8d:da:ce:e5:29:39:89:5e:
75:90:af:0b:22:c3:d4:d6:4f:d3:1d:28:72:ea:7a:
8a:6b:b4:99:ab:fb:68:65:03:bb:af:36:46:4a:2a:
12:17:a6:33:36:85:1d:69:a1:02:67:d2:e1:bc:1a:
c9:db:73:2a:cc:19:d7:86:9d:b2:ff:e7:98:91:c1:
88:79:34:38:23:49:ac:38:f5:27:53:d6:71:ab:8e:
af:0a:a3:85:8e:49:4e:86:96:21:7a:8e:27:ed:46:
2e:26:d7:c6:fd:63:17:4f:72:d4:04:27:4e:9d:3e:
e4:f3:8a:f5:e8:f8:25:21:cd:93:2a:86:91:02:0a:
74:b9:2b:59:65:62:dd:54:fb:22:f3:6f:07:ec:2a:
31:e0:0c:28:11:57:93:a2:be:c0:c0:98:44:7c:f2:
6d:48:fc:6a:7b:ab:1f:da:9d:30:d5:0f:b5:88:52:
f5:39:23:81:ae:69:56:e6:da:2c:a9:a0:6a:74:2a:
f1:5c:53:a1:ee:e8:62:18:62:9e:3d:e9:60:5c:4f:
35:0d:1d:a5:4e:ad:00:e4:6b:6f:85:c7:87:08:49:
eb:63:ab:ee:19:43:d6:ee:e3:80:62:bf:53:8c:12:
b4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:9A:F1:2D:24:42:A9:4B:03:4D:75:35:D2:86:99:BF:99:A7:34:F7
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:8e:d4:08:3c:4b:17:c8:ee:47:e2:e3:24:2f:d7:c6:16:90:
c9:e6:8b:e1:d6:1d:6f:bb:ca:40:ee:e9:dd:1f:8e:0b:26:d0:
c4:09:7a:07:cd:73:44:36:28:1e:9c:c0:3e:df:96:3a:91:d4:
b7:7d:44:66:a3:cc:d3:96:aa:4f:7d:71:f2:72:80:08:28:60:
a2:af:74:50:03:64:da:19:12:59:16:47:59:07:7d:96:50:98:
24:96:7b:79:e5:18:41:20:29:d6:81:62:d3:6c:fd:d9:1c:88:
ce:17:af:69:a2:53:f4:30:36:31:10:20:8b:bd:4f:05:49:35:
53:b5:38:38:91:a7:33:2f:ea:c9:94:8c:b1:aa:30:7d:0f:37:
85:a2:63:9c:a7:d9:8a:fd:21:1e:50:ac:c8:ca:66:0d:58:14:
60:3b:d0:c5:8e:e1:1f:cb:0f:4f:a8:c6:3f:8e:b3:5b:5c:3b:
2a:32:47:6d:74:b1:07:ec:85:4a:ed:94:34:9c:6d:27:40:fd:
f3:cf:f1:fb:02:91:e8:f2:2c:a8:38:9c:b5:63:1b:bd:08:d1:
ae:b0:1a:b5:72:57:e2:9c:e4:5c:c8:c9:13:14:39:ba:b1:70:
5d:3f:4e:c3:2e:23:b6:ab:e3:39:e9:f9:cb:a2:39:7a:12:0f:
8e:69:d9:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yAqyIZ3sm0C4813vuxBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjUxMDIwMDQwMjA0WhcNMjUxMDIxMDQwMjA0WjAzMTEwLwYDVQQD
EyhlOTlhZjEyZDI0NDJhOTRiMDM0ZDc1MzVkMjg2OTliZjk5YTczNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmOCLFHCbm+YiyoO0wvMO5U1lYLO
jdrO5Sk5iV51kK8LIsPU1k/THShy6nqKa7SZq/toZQO7rzZGSioSF6YzNoUdaaEC
Z9LhvBrJ23MqzBnXhp2y/+eYkcGIeTQ4I0msOPUnU9Zxq46vCqOFjklOhpYheo4n
7UYuJtfG/WMXT3LUBCdOnT7k84r16PglIc2TKoaRAgp0uStZZWLdVPsi828H7Cox
4AwoEVeTor7AwJhEfPJtSPxqe6sf2p0w1Q+1iFL1OSOBrmlW5tosqaBqdCrxXFOh
7uhiGGKePelgXE81DR2lTq0A5GtvhceHCEnrY6vuGUPW7uOAYr9TjBK0RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOma8S0kQqlLA011NdKGmb+ZpzT3MB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaY7UCDxL
F8juR+LjJC/XxhaQyeaL4dYdb7vKQO7p3R+OCybQxAl6B81zRDYoHpzAPt+WOpHU
t31EZqPM05aqT31x8nKACChgoq90UANk2hkSWRZHWQd9llCYJJZ7eeUYQSAp1oFi
02z92RyIzhevaaJT9DA2MRAgi71PBUk1U7U4OJGnMy/qyZSMsaowfQ83haJjnKfZ
iv0hHlCsyMpmDVgUYDvQxY7hH8sPT6jGP46zW1w7KjJHbXSxB+yFSu2UNJxtJ0D9
88/x+wKR6PIsqDictWMbvQjRrrAatXJX4pzkXMjJExQ5urFwXT9Owy4jtqvjOen5
y6I5ehIPjmnZvA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:01:37 2025 by rpki-client