Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json)
Hash identifier: rmf18EoXktppUKVy0aqco/wXDZ+DlROUGbDbnkpCYYc=
Subject key identifier: 9D:50:0A:02:D5:EA:A8:38:21:14:68:41:50:84:35:0E:CA:FA:8E:00
Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb
Certificate serial: 019D2771DAB8B2D19E3DC157CE78B9F99B40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
Manifest number: 1322
Signing time: Thu 26 Mar 2026 00:01:06 +0000
Manifest this update: Thu 26 Mar 2026 00:01:06 +0000
Manifest next update: Fri 27 Mar 2026 00:01:06 +0000
Files and hashes: 1: Z2uEQbE7L2pDV1J90F-WHp-FeRc.roa (hash: gG4qjMeD/GD4iye01V4m4U9isqUINl3gT+i69LWAi7I=)
2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: U1kibIkiBB4Z7RtPE8ai2ywjupIEFKEM/9QHWru9z2A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:71:da:b8:b2:d1:9e:3d:c1:57:ce:78:b9:f9:9b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb
Validity
Not Before: Mar 26 00:01:06 2026 GMT
Not After : Mar 27 00:01:06 2026 GMT
Subject: CN=9d500a02d5eaa838211468415084350ecafa8e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:85:28:5e:2f:b9:1c:da:50:bd:99:df:a1:c8:
62:0b:50:e5:45:fc:db:c0:e5:c9:cb:fc:9c:74:f2:
80:bc:08:19:d2:53:8e:90:99:a1:cc:21:97:e8:01:
2c:74:b9:05:6e:59:37:94:d5:52:2b:8c:d7:4c:54:
b0:29:9e:23:b0:26:a7:1c:0f:5b:b0:04:80:1e:02:
39:ce:30:1d:d3:63:ff:8f:17:b2:a1:88:2f:d7:c0:
59:52:de:00:c2:85:2e:91:2c:fd:74:15:cc:78:16:
cf:2f:f3:7a:0b:3b:85:d0:12:d0:c0:08:39:b1:d9:
71:27:16:98:4e:79:1d:3d:0e:d4:cf:e1:9a:5b:7f:
9f:08:0f:d1:61:bd:6a:40:5a:33:96:bd:c5:0b:6e:
08:f8:3b:cd:63:0f:88:4c:23:d0:e5:27:bc:e1:ec:
7b:35:5e:e2:d9:10:8a:97:ac:c3:a3:2f:76:f0:42:
95:d7:e0:97:f9:59:a9:8a:f6:8b:c3:9b:76:df:8c:
f6:cc:e5:02:e5:27:89:9e:c1:9e:3f:af:5b:71:76:
77:f9:73:bf:d4:a8:b2:5e:97:69:56:61:cc:43:38:
7d:24:bc:2f:9b:44:25:e3:ba:d5:e3:dd:d9:fe:af:
85:b0:dd:15:4a:f8:5b:9f:c3:63:76:85:2a:9a:a7:
a0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:50:0A:02:D5:EA:A8:38:21:14:68:41:50:84:35:0E:CA:FA:8E:00
X509v3 Authority Key Identifier:
keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:f9:bf:5f:81:71:aa:b5:85:6a:37:a5:71:cc:66:ec:b4:89:
66:08:f3:51:2a:be:83:fc:d3:30:13:db:1c:b6:bb:ce:22:a7:
bf:45:ba:8c:d0:7c:29:b0:46:ac:1c:8e:79:4c:72:ef:9a:15:
4a:c5:c6:91:d5:f0:a7:65:04:0d:d2:cd:a7:be:5a:89:74:33:
bc:e5:77:f3:3d:17:33:c7:da:03:0f:00:c3:df:1f:0c:1a:d2:
4f:66:85:fe:53:d8:f3:a4:b5:db:2d:17:9d:38:ce:15:58:61:
7d:cc:04:06:b6:ee:2e:ec:5a:1f:2f:4a:65:17:40:63:63:81:
ec:ab:28:77:16:24:c3:23:4e:49:42:d5:e9:7b:d6:19:bd:33:
fa:89:a6:de:23:3f:d8:9c:36:c2:9c:b3:1d:9c:8f:3a:47:52:
5b:b7:e8:c9:7d:c3:25:7a:30:84:88:25:64:fe:61:ce:8f:ca:
57:c7:1f:74:04:32:82:b9:87:50:51:8b:2f:18:fa:57:82:f8:
e8:7b:e8:10:aa:cd:73:bd:77:f0:a7:22:93:56:ef:64:35:2a:
df:65:23:7c:b2:13:cd:c4:95:a1:f0:88:26:f3:05:28:7f:b1:
6f:f1:ea:33:d3:64:9c:24:bb:e0:70:a5:91:a3:86:8d:7e:b5:
72:3d:1d:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncdq4stGePcFXzni5+ZtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz
NTI5Y2IwHhcNMjYwMzI2MDAwMTA2WhcNMjYwMzI3MDAwMTA2WjAzMTEwLwYDVQQD
Eyg5ZDUwMGEwMmQ1ZWFhODM4MjExNDY4NDE1MDg0MzUwZWNhZmE4ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34UoXi+5HNpQvZnfochiC1DlRfzb
wOXJy/ycdPKAvAgZ0lOOkJmhzCGX6AEsdLkFblk3lNVSK4zXTFSwKZ4jsCanHA9b
sASAHgI5zjAd02P/jxeyoYgv18BZUt4AwoUukSz9dBXMeBbPL/N6CzuF0BLQwAg5
sdlxJxaYTnkdPQ7Uz+GaW3+fCA/RYb1qQFozlr3FC24I+DvNYw+ITCPQ5Se84ex7
NV7i2RCKl6zDoy928EKV1+CX+VmpivaLw5t234z2zOUC5SeJnsGeP69bcXZ3+XO/
1KiyXpdpVmHMQzh9JLwvm0Ql47rV493Z/q+FsN0VSvhbn8NjdoUqmqeg/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1QCgLV6qg4IRRoQVCENQ7K+o4AMB8GA1UdIwQY
MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt
ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5
LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPPm/X4Fx
qrWFajelccxm7LSJZgjzUSq+g/zTMBPbHLa7ziKnv0W6jNB8KbBGrByOeUxy75oV
SsXGkdXwp2UEDdLNp75aiXQzvOV38z0XM8faAw8Aw98fDBrST2aF/lPY86S12y0X
nTjOFVhhfcwEBrbuLuxaHy9KZRdAY2OB7KsodxYkwyNOSULV6XvWGb0z+omm3iM/
2Jw2wpyzHZyPOkdSW7foyX3DJXowhIglZP5hzo/KV8cfdAQygrmHUFGLLxj6V4L4
6HvoEKrNc7138Kcik1bvZDUq32UjfLITzcSVofCIJvMFKH+xb/HqM9NknCS74HCl
kaOGjX61cj0dVA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:59:16 2026 by rpki-client