Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: F0Y6G7YJCp/iT0Idcb82vQhD6B7+YufcaXF+/3WSVeQ=
Subject key identifier: 01:DE:67:AE:88:83:6F:49:F8:CA:33:8E:29:94:CA:DD:F5:53:11:FF
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019D28846A3E547448125D6DB519FCB433C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 058C
Signing time: Thu 26 Mar 2026 05:00:59 +0000
Manifest this update: Thu 26 Mar 2026 05:00:59 +0000
Manifest next update: Fri 27 Mar 2026 05:00:59 +0000
Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: D67F4zV8NrpkW6fRcGQcuDCX5CjEuRAMNfXQRi4HkwM=)
2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:6a:3e:54:74:48:12:5d:6d:b5:19:fc:b4:33:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Mar 26 05:00:59 2026 GMT
Not After : Mar 27 05:00:59 2026 GMT
Subject: CN=01de67ae88836f49f8ca338e2994caddf55311ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:e7:b4:5f:69:99:e4:8d:c0:3d:ea:c5:40:
32:9b:85:75:b5:be:36:26:96:65:f7:df:bf:e2:2b:
fb:c7:70:5a:d8:d1:78:56:bf:d7:ac:49:d1:6e:f2:
3d:3f:75:b1:a1:dd:47:62:dd:8d:1a:13:16:a9:12:
9c:b0:bc:b6:d8:bf:5c:67:dd:9a:5d:8d:b2:ae:fe:
69:fd:1d:5d:e6:7b:85:15:3f:7e:75:97:13:ec:c0:
04:81:00:d2:50:61:3c:42:8d:8e:10:c9:77:a6:a6:
ce:85:75:07:54:92:4a:3d:44:07:33:0e:5b:2b:d9:
16:6a:34:53:75:10:fa:ac:e0:3f:33:ba:d4:1a:81:
67:8e:93:83:35:1c:bf:f4:9d:9a:42:ad:6c:86:ed:
64:a8:fe:4c:ee:a3:56:aa:76:9f:9d:ea:81:ab:89:
5e:9f:e4:ba:ca:c0:0b:f2:73:e1:bc:a5:5a:33:30:
e9:47:09:52:36:e9:c3:4a:e6:5d:e7:0d:24:b2:c2:
e2:b3:d6:9b:ff:f5:c3:c1:90:ff:e6:72:a8:17:78:
47:87:4c:a7:25:26:d9:ed:b9:19:e4:ae:6e:ec:a4:
9e:d6:e4:da:dd:a2:24:e0:ee:53:76:2e:8f:e9:d9:
65:e5:d3:d1:9c:c1:68:5c:98:50:84:2d:03:ca:d2:
18:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DE:67:AE:88:83:6F:49:F8:CA:33:8E:29:94:CA:DD:F5:53:11:FF
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:ae:79:2e:d6:7e:1b:5e:22:17:c0:38:15:07:f2:89:65:9c:
b7:1a:a3:6c:5e:76:b9:c0:0f:fa:ee:48:59:7d:62:79:94:ee:
8c:b0:fd:e3:20:03:80:10:22:28:98:a9:f6:37:ab:49:43:1c:
28:24:89:af:f4:23:e9:d8:dc:0c:fc:b5:f8:0d:fc:84:59:8c:
72:d1:23:9f:d5:31:59:7d:aa:19:20:a6:3d:cc:57:13:82:e9:
85:25:22:ca:82:80:be:d6:22:b5:46:72:d5:b9:a3:e6:a9:db:
a4:09:1a:50:91:9e:57:f8:e5:00:91:0a:e9:f0:86:18:ca:65:
42:cb:ab:69:e6:45:e4:39:37:d8:24:86:88:c1:14:8e:c5:47:
f7:68:68:c0:5a:ed:88:b2:b7:5e:de:1a:d5:4d:19:4e:c9:03:
30:91:ed:5b:1d:ae:75:df:7e:5b:ba:ba:03:8d:12:5c:35:83:
66:50:2e:f1:a3:db:b8:52:db:76:3a:83:37:ca:26:f0:14:3c:
7e:34:f0:69:9f:9b:7f:d2:c6:a4:8a:a1:3d:52:0f:b3:5e:ca:
91:a2:32:f8:5d:3e:de:38:84:96:e9:98:e7:07:51:19:d0:9f:
f6:73:2e:48:b6:46:20:26:4c:77:30:61:78:4c:e9:e3:35:9b:
71:bd:77:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohGo+VHRIEl1ttRn8tDPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjYwMzI2MDUwMDU5WhcNMjYwMzI3MDUwMDU5WjAzMTEwLwYDVQQD
EygwMWRlNjdhZTg4ODM2ZjQ5ZjhjYTMzOGUyOTk0Y2FkZGY1NTMxMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIXntF9pmeSNwD3qxUAym4V1tb42
JpZl99+/4iv7x3Ba2NF4Vr/XrEnRbvI9P3Wxod1HYt2NGhMWqRKcsLy22L9cZ92a
XY2yrv5p/R1d5nuFFT9+dZcT7MAEgQDSUGE8Qo2OEMl3pqbOhXUHVJJKPUQHMw5b
K9kWajRTdRD6rOA/M7rUGoFnjpODNRy/9J2aQq1shu1kqP5M7qNWqnafneqBq4le
n+S6ysAL8nPhvKVaMzDpRwlSNunDSuZd5w0kssLis9ab//XDwZD/5nKoF3hHh0yn
JSbZ7bkZ5K5u7KSe1uTa3aIk4O5Tdi6P6dll5dPRnMFoXJhQhC0DytIYDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHeZ66Ig29J+MozjimUyt31UxH/MB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL655LtZ+
G14iF8A4FQfyiWWctxqjbF52ucAP+u5IWX1ieZTujLD94yADgBAiKJip9jerSUMc
KCSJr/Qj6djcDPy1+A38hFmMctEjn9UxWX2qGSCmPcxXE4LphSUiyoKAvtYitUZy
1bmj5qnbpAkaUJGeV/jlAJEK6fCGGMplQsuraeZF5Dk32CSGiMEUjsVH92howFrt
iLK3Xt4a1U0ZTskDMJHtWx2udd9+W7q6A40SXDWDZlAu8aPbuFLbdjqDN8om8BQ8
fjTwaZ+bf9LGpIqhPVIPs17KkaIy+F0+3jiElumY5wdRGdCf9nMuSLZGICZMdzBh
eEzp4zWbcb13Ww==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:55:27 2026 by rpki-client