Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: xbNgAkHyN3xwxGM5usaNvQbucTeqQ+jt0JgjG6+P0iQ=
Subject key identifier: 51:B3:AE:B2:C9:64:A6:ED:77:7A:2C:4E:6D:1E:F2:7F:B2:28:1F:1B
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019D37529A4AFBD192D3DC0A1398CA61FC59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0DD5
Signing time: Sun 29 Mar 2026 02:00:53 +0000
Manifest this update: Sun 29 Mar 2026 02:00:53 +0000
Manifest next update: Mon 30 Mar 2026 02:00:53 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: 2bQnA4unZTwXO+V0YtSmQ9wI+lu08Fgqd07nx0VoFGw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:9a:4a:fb:d1:92:d3:dc:0a:13:98:ca:61:fc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Mar 29 02:00:53 2026 GMT
Not After : Mar 30 02:00:53 2026 GMT
Subject: CN=51b3aeb2c964a6ed777a2c4e6d1ef27fb2281f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1f:0f:0b:bf:27:76:00:65:65:75:38:bb:ef:
50:cc:77:17:38:1e:97:4c:b0:c0:0b:86:82:42:e0:
d4:0f:97:93:c6:d2:29:ef:58:27:04:99:16:5c:7b:
99:79:c3:76:56:36:c4:f7:ac:26:f2:39:be:3a:d7:
87:c3:25:34:de:0f:ec:85:cc:5f:81:20:2a:d8:f5:
0c:27:06:70:8a:90:88:1d:81:c2:5e:d7:8a:5b:9f:
0e:17:f7:d5:51:ba:16:d1:41:04:01:52:f0:26:f9:
94:ca:77:85:2c:8a:61:ad:e8:2a:3e:0d:e5:7f:1a:
55:f8:bc:c3:7c:41:14:a7:31:d2:6b:ee:96:fd:e7:
cc:c2:ea:d9:13:cf:b6:01:d6:62:a5:5d:82:36:dc:
da:65:72:00:1f:02:4b:7d:02:41:66:f3:0b:74:64:
51:ef:71:ef:5c:1f:2b:5b:69:e3:ff:a5:e4:7d:7f:
ce:7a:28:b4:f0:49:2d:8f:73:95:24:7c:9b:3a:04:
cd:7b:35:02:f3:12:66:0c:d6:d4:e5:79:af:09:2f:
72:79:0a:c2:49:8c:5a:9f:3f:fd:05:73:6d:76:93:
3f:d9:84:bc:c5:0a:a1:43:27:10:5f:1c:12:e7:d5:
15:e8:50:6f:61:57:54:3d:d8:f6:96:bc:4b:7b:f3:
71:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B3:AE:B2:C9:64:A6:ED:77:7A:2C:4E:6D:1E:F2:7F:B2:28:1F:1B
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:45:98:ae:09:f5:b5:23:31:1f:0a:9c:77:65:a6:d5:84:bc:
88:02:4e:28:74:73:3b:c5:b3:da:51:4d:1b:d8:19:f6:fe:94:
1a:e8:3d:df:5e:9c:98:a1:8e:e3:85:b5:cd:79:6d:29:ca:08:
07:74:66:0b:fe:15:21:ba:2b:1a:ff:92:8d:9f:57:2e:0d:80:
84:c5:57:22:d2:5d:2e:75:de:d8:b4:7a:08:c7:5e:4a:c5:33:
86:7a:56:6a:12:0c:de:95:73:34:57:c1:b2:bc:94:04:14:14:
63:d2:45:da:e6:cd:f1:83:90:75:42:89:78:0c:2b:bb:39:52:
f4:a5:c6:01:2e:ce:48:65:01:6e:8d:6b:a8:36:5e:ad:73:93:
c4:e3:a9:53:68:f8:60:56:c3:c2:3d:cc:91:1d:34:f9:bb:31:
0c:f3:cf:61:c8:40:31:6b:ca:a0:e3:11:35:6f:44:ed:05:21:
17:70:d4:70:84:3c:f0:42:ea:93:17:9c:3e:41:5a:1c:a0:9b:
70:0b:d0:ec:5c:36:84:8a:3a:0e:92:2a:4d:b0:47:8a:3e:5c:
67:3a:dc:39:fb:05:86:23:fb:36:80:ac:00:b4:e3:9c:bf:b3:
f6:d2:7e:3f:18:c0:6c:a6:5c:bc:e6:58:70:9b:cc:00:9b:3d:
c0:4f:85:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UppK+9GS09wKE5jKYfxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwMzI5MDIwMDUzWhcNMjYwMzMwMDIwMDUzWjAzMTEwLwYDVQQD
Eyg1MWIzYWViMmM5NjRhNmVkNzc3YTJjNGU2ZDFlZjI3ZmIyMjgxZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR8PC78ndgBlZXU4u+9QzHcXOB6X
TLDAC4aCQuDUD5eTxtIp71gnBJkWXHuZecN2VjbE96wm8jm+OteHwyU03g/shcxf
gSAq2PUMJwZwipCIHYHCXteKW58OF/fVUboW0UEEAVLwJvmUyneFLIphregqPg3l
fxpV+LzDfEEUpzHSa+6W/efMwurZE8+2AdZipV2CNtzaZXIAHwJLfQJBZvMLdGRR
73HvXB8rW2nj/6XkfX/Oeii08Ektj3OVJHybOgTNezUC8xJmDNbU5XmvCS9yeQrC
SYxanz/9BXNtdpM/2YS8xQqhQycQXxwS59UV6FBvYVdUPdj2lrxLe/NxiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFGzrrLJZKbtd3osTm0e8n+yKB8bMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmkWYrgn1
tSMxHwqcd2Wm1YS8iAJOKHRzO8Wz2lFNG9gZ9v6UGug9316cmKGO44W1zXltKcoI
B3RmC/4VIborGv+SjZ9XLg2AhMVXItJdLnXe2LR6CMdeSsUzhnpWahIM3pVzNFfB
sryUBBQUY9JF2ubN8YOQdUKJeAwruzlS9KXGAS7OSGUBbo1rqDZerXOTxOOpU2j4
YFbDwj3MkR00+bsxDPPPYchAMWvKoOMRNW9E7QUhF3DUcIQ88ELqkxecPkFaHKCb
cAvQ7Fw2hIo6DpIqTbBHij5cZzrcOfsFhiP7NoCsALTjnL+z9tJ+PxjAbKZcvOZY
cJvMAJs9wE+FyQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:22 2026 by rpki-client