Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: pYXbwR23MOohj6U+rpRJB3zMggBKAZ1sPJIVAmT+JV0=
Subject key identifier: A4:B2:83:2E:56:8B:48:57:88:83:CE:81:A6:AB:D3:5B:5E:00:70:67
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019F126506E0E5DDF8C3CFC9D98C9DD5593E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0ECB
Signing time: Mon 29 Jun 2026 08:00:38 +0000
Manifest this update: Mon 29 Jun 2026 08:00:38 +0000
Manifest next update: Tue 30 Jun 2026 08:00:38 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: zf+bh/i+LR17PFmYX1yZPIOzka8lSSXQRp4wc/ueQW0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:65:06:e0:e5:dd:f8:c3:cf:c9:d9:8c:9d:d5:59:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Jun 29 08:00:38 2026 GMT
Not After : Jun 30 08:00:38 2026 GMT
Subject: CN=a4b2832e568b48578883ce81a6abd35b5e007067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c4:51:96:2b:db:5d:ab:f6:99:d7:e3:1a:ef:
c9:a9:dd:f3:0b:2d:25:67:78:7c:ae:d9:9e:65:9f:
bf:18:80:3f:fc:ef:cd:19:7b:d0:c9:5e:0d:37:45:
54:00:e8:2b:af:41:92:92:86:83:13:bc:4d:19:2f:
d0:df:a0:6f:ed:18:50:e0:fc:bc:b3:50:2f:9e:ff:
4a:b5:3c:c5:ae:80:19:b8:e9:c0:85:c1:c8:64:3c:
92:1a:42:42:ea:c1:3b:12:7b:f6:f6:7e:55:47:56:
c7:bc:8b:56:9b:e7:14:fc:d9:15:03:a4:1a:a1:9e:
3a:36:7a:28:c0:57:15:6a:d4:40:7a:d4:82:e9:81:
2e:50:76:b7:61:6a:90:40:73:e1:90:d4:ce:cb:80:
69:d5:3d:a2:d5:ef:7b:1b:8f:b7:45:4f:56:23:9d:
48:fd:50:c0:e3:a1:11:58:97:25:53:14:a7:0f:cb:
b1:ca:bc:66:93:ea:a9:ab:25:74:3f:54:c8:83:9e:
fc:2f:30:44:21:06:5f:9f:89:0d:8b:74:ae:21:88:
5e:93:a3:95:d2:c4:6d:ff:c1:c7:08:a7:8b:39:28:
77:8a:a6:a5:6f:1d:4d:56:cc:65:3c:9b:a0:60:6f:
ce:7a:20:29:30:05:44:d5:3d:72:c0:36:69:63:d7:
05:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B2:83:2E:56:8B:48:57:88:83:CE:81:A6:AB:D3:5B:5E:00:70:67
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:40:33:39:75:e9:3e:f5:87:38:82:c6:e8:cb:80:30:91:e0:
8a:4d:5b:c2:18:ea:51:63:8a:fc:3c:39:f1:0b:bb:5f:24:3b:
cd:45:9f:10:2d:2a:9e:b0:42:f6:7d:1e:ab:86:46:37:a5:74:
a9:d8:f9:90:df:50:40:ce:65:a3:49:1a:17:63:80:bc:c0:a5:
b6:41:01:ce:7f:b3:51:29:ec:91:42:85:79:28:7d:3a:ae:2b:
fd:83:78:b9:d6:56:f4:96:6f:45:8f:b1:6d:0a:43:f4:3a:84:
23:25:a6:89:50:a3:4e:8f:62:c2:4f:c2:eb:55:75:c0:7c:50:
b8:82:ab:e9:33:5c:e3:f0:d8:78:b7:4e:3c:08:5f:f4:66:1e:
ef:44:03:c6:31:58:92:34:8e:14:01:7d:f1:cd:8c:9f:87:76:
6b:ca:23:aa:3c:c7:1f:d1:8b:93:08:65:b0:8d:4c:63:c1:2b:
b6:12:f8:8c:ac:c4:ee:cf:4c:e8:c9:0f:77:4f:b2:7c:34:90:
a1:9f:16:0c:e8:1d:87:4f:5f:2c:db:52:4f:74:62:05:e8:5f:
d9:6c:6b:30:b7:eb:2d:98:8e:c8:6e:f5:d7:1b:9b:dd:1e:c6:
3d:69:2f:26:4b:9e:18:15:8d:34:e9:66:8f:9d:71:71:1e:a1:
d7:da:d5:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8SZQbg5d34w8/J2Yyd1Vk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwNjI5MDgwMDM4WhcNMjYwNjMwMDgwMDM4WjAzMTEwLwYDVQQD
EyhhNGIyODMyZTU2OGI0ODU3ODg4M2NlODFhNmFiZDM1YjVlMDA3MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMRRlivbXav2mdfjGu/Jqd3zCy0l
Z3h8rtmeZZ+/GIA//O/NGXvQyV4NN0VUAOgrr0GSkoaDE7xNGS/Q36Bv7RhQ4Py8
s1Avnv9KtTzFroAZuOnAhcHIZDySGkJC6sE7Env29n5VR1bHvItWm+cU/NkVA6Qa
oZ46NnoowFcVatRAetSC6YEuUHa3YWqQQHPhkNTOy4Bp1T2i1e97G4+3RU9WI51I
/VDA46ERWJclUxSnD8uxyrxmk+qpqyV0P1TIg578LzBEIQZfn4kNi3SuIYhek6OV
0sRt/8HHCKeLOSh3iqalbx1NVsxlPJugYG/OeiApMAVE1T1ywDZpY9cFJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSygy5Wi0hXiIPOgaar01teAHBnMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL0AzOXXp
PvWHOILG6MuAMJHgik1bwhjqUWOK/Dw58Qu7XyQ7zUWfEC0qnrBC9n0eq4ZGN6V0
qdj5kN9QQM5lo0kaF2OAvMCltkEBzn+zUSnskUKFeSh9Oq4r/YN4udZW9JZvRY+x
bQpD9DqEIyWmiVCjTo9iwk/C61V1wHxQuIKr6TNc4/DYeLdOPAhf9GYe70QDxjFY
kjSOFAF98c2Mn4d2a8ojqjzHH9GLkwhlsI1MY8ErthL4jKzE7s9M6MkPd0+yfDSQ
oZ8WDOgdh09fLNtST3RiBehf2WxrMLfrLZiOyG711xub3R7GPWkvJkueGBWNNOlm
j51xcR6h19rVgQ==
-----END CERTIFICATE-----
Generated at Mon Jun 29 11:43:42 2026 by rpki-client