Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
File: oNki4v4kvSzaeToqrcEzYlAM2bE.mft (raw, json)
Hash identifier: zVMkiXm/AWYPHtVD7cWuTkHbNCazUkREFWU5oc2R4UE=
Subject key identifier: 63:A9:1B:9D:79:50:38:5E:4F:A8:ED:33:BA:EF:C5:3A:45:00:6D:12
Authority key identifier: A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
Certificate issuer: /CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Certificate serial: 019D2771E7599C3D4927D95DD279AA481C9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
Manifest number: 0E89
Signing time: Thu 26 Mar 2026 00:01:09 +0000
Manifest this update: Thu 26 Mar 2026 00:01:09 +0000
Manifest next update: Fri 27 Mar 2026 00:01:09 +0000
Files and hashes: 1: oNki4v4kvSzaeToqrcEzYlAM2bE.crl (hash: D691eVxq3zi727OhMqkOnKcsVchR7Yw7KGPA5OfXvT0=)
2: zSlKzVB4Na3PSrvxBdB_0eJnzzM.roa (hash: cuiATN6CsW6UrYic6PJvMAevjZeViQMrG4aNtH1vYrg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:71:e7:59:9c:3d:49:27:d9:5d:d2:79:aa:48:1c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Validity
Not Before: Mar 26 00:01:09 2026 GMT
Not After : Mar 27 00:01:09 2026 GMT
Subject: CN=63a91b9d7950385e4fa8ed33baefc53a45006d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:31:80:26:35:53:4f:13:2c:82:8a:06:a1:
1a:c9:1f:44:3b:32:6c:1b:aa:6b:64:e9:15:18:30:
ba:8b:30:ef:4a:1f:b1:73:1d:90:b1:bb:e6:1d:a1:
1c:59:94:62:d3:16:d3:73:e6:08:7e:21:ee:ee:d2:
dd:4e:20:77:45:4c:2b:6f:7c:fa:2c:13:80:71:8a:
75:92:2b:12:75:9e:f1:23:a1:95:d7:30:9a:8f:82:
96:87:62:21:6d:c4:03:37:2d:ee:96:23:99:a1:77:
a8:56:23:31:2d:1a:a0:a8:82:8e:5b:d2:d1:ee:17:
3a:43:19:49:e5:2e:51:2d:a5:11:8d:1d:15:43:89:
eb:b1:91:d1:c3:25:90:e9:16:12:2a:c1:9c:b4:b4:
e3:e2:ac:13:50:a0:c1:7b:3f:07:bf:98:e8:c3:f0:
10:ba:ca:1f:31:8e:dd:f5:94:78:42:b4:6f:71:23:
dd:a4:4d:5f:ab:b7:25:63:1e:75:b5:e7:c0:1c:59:
7a:14:42:f3:11:f5:49:84:84:eb:c1:d6:35:cb:73:
2d:eb:74:ef:70:15:de:9b:95:e6:77:d7:a0:d3:ec:
a4:10:a8:ee:5a:87:e0:6e:44:0b:36:64:e0:2e:d6:
4c:c7:dd:20:15:e9:7b:41:4c:a2:35:26:c4:ab:38:
58:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A9:1B:9D:79:50:38:5E:4F:A8:ED:33:BA:EF:C5:3A:45:00:6D:12
X509v3 Authority Key Identifier:
keyid:A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:b8:e3:16:ec:5d:98:4a:d5:fa:63:b3:a7:57:18:fc:0c:da:
b0:ef:5b:09:11:82:9d:0d:17:0c:88:43:af:0c:8b:02:a6:f7:
72:a1:df:6e:b5:30:01:dc:f8:c2:f7:63:50:9a:cb:30:82:f5:
89:ed:ad:19:ae:6a:38:5c:30:64:fa:fe:0a:57:bb:9c:26:9e:
53:09:b4:03:3a:0a:13:a9:2c:32:8c:55:fb:7f:67:7c:f1:ad:
14:92:d0:fb:be:c9:5f:51:b7:7f:ad:07:fa:68:32:a2:28:05:
b5:df:46:5d:bd:df:16:a1:ce:9e:42:33:b4:ca:94:a2:da:c3:
a0:1e:8f:f3:3e:96:e7:d8:ad:a8:29:17:5f:7e:a2:ef:1a:c1:
d6:1a:d6:6d:cf:39:73:b6:c3:3a:cb:14:5d:76:61:fe:32:7b:
4b:09:b3:97:d6:81:59:50:ab:81:67:e0:7a:b4:fe:de:60:64:
42:15:b6:fa:e5:dc:5c:9b:32:25:22:87:2b:ea:46:68:cf:f2:
8c:8a:9a:97:c2:8d:58:fc:24:ca:a5:40:d4:86:36:5c:35:65:
ac:ff:d3:ae:82:01:4f:7c:0a:f6:25:d4:cd:7c:48:2e:16:94:
6c:a9:02:0c:fc:b6:15:e8:49:09:0b:04:c1:e4:68:2c:cc:55:
fe:22:49:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncedZnD1JJ9ld0nmqSBybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDkyMmUyZmUyNGJkMmNkYTc5M2EyYWFkYzEzMzYyNTAw
Y2Q5YjEwHhcNMjYwMzI2MDAwMTA5WhcNMjYwMzI3MDAwMTA5WjAzMTEwLwYDVQQD
Eyg2M2E5MWI5ZDc5NTAzODVlNGZhOGVkMzNiYWVmYzUzYTQ1MDA2ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0kxgCY1U08TLIKKBqEayR9EOzJs
G6prZOkVGDC6izDvSh+xcx2QsbvmHaEcWZRi0xbTc+YIfiHu7tLdTiB3RUwrb3z6
LBOAcYp1kisSdZ7xI6GV1zCaj4KWh2IhbcQDNy3uliOZoXeoViMxLRqgqIKOW9LR
7hc6QxlJ5S5RLaURjR0VQ4nrsZHRwyWQ6RYSKsGctLTj4qwTUKDBez8Hv5jow/AQ
usofMY7d9ZR4QrRvcSPdpE1fq7clYx51tefAHFl6FELzEfVJhITrwdY1y3Mt63Tv
cBXem5Xmd9eg0+ykEKjuWofgbkQLNmTgLtZMx90gFel7QUyiNSbEqzhYRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOpG515UDheT6jtM7rvxTpFAG0SMB8GA1UdIwQY
MBaAFKDZIuL+JL0s2nk6Kq3BM2JQDNmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMt
NGE2YWNlMjZiOTcyLzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMtNGE2YWNlMjZiOTcy
LzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp7jjFuxd
mErV+mOzp1cY/AzasO9bCRGCnQ0XDIhDrwyLAqb3cqHfbrUwAdz4wvdjUJrLMIL1
ie2tGa5qOFwwZPr+Cle7nCaeUwm0AzoKE6ksMoxV+39nfPGtFJLQ+77JX1G3f60H
+mgyoigFtd9GXb3fFqHOnkIztMqUotrDoB6P8z6W59itqCkXX36i7xrB1hrWbc85
c7bDOssUXXZh/jJ7Swmzl9aBWVCrgWfgerT+3mBkQhW2+uXcXJsyJSKHK+pGaM/y
jIqal8KNWPwkyqVA1IY2XDVlrP/TroIBT3wK9iXUzXxILhaUbKkCDPy2FehJCQsE
weRoLMxV/iJJoA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:55:51 2026 by rpki-client