Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: P4KW/q3ZZYyHxv282jHFaOvKCXJxj3kxi8QGj3XyJtk=
Subject key identifier: EC:E9:23:6D:32:FE:FE:35:15:76:A9:7B:58:5E:BC:D9:16:B5:07:22
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019E28B8D79A8220D5F42BB356646DE58410
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0E52
Signing time: Thu 14 May 2026 23:01:02 +0000
Manifest this update: Thu 14 May 2026 23:01:02 +0000
Manifest next update: Fri 15 May 2026 23:01:02 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: +nayPDnTCrM64SktPayJcnXbv05yv9XE3tyO7FWyQ0U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 May 2026 23:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:b8:d7:9a:82:20:d5:f4:2b:b3:56:64:6d:e5:84:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: May 14 23:01:02 2026 GMT
Not After : May 15 23:01:02 2026 GMT
Subject: CN=ece9236d32fefe351576a97b585ebcd916b50722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8f:1d:60:b7:84:86:6d:15:d8:b7:82:ee:a5:
83:40:cb:15:90:8b:38:5f:7d:14:ab:3f:6f:24:b5:
53:7d:9d:48:05:19:94:70:da:11:fd:a3:1a:95:6a:
e5:c5:f2:64:cf:1a:81:c0:15:0e:e0:80:b7:f1:bc:
12:20:7e:10:7a:b0:8d:b2:11:82:0c:08:0f:e7:8e:
42:bf:80:2a:55:cb:47:09:58:94:48:13:b8:8b:01:
e1:a5:f3:ed:6e:ba:1e:7c:f7:98:54:93:ca:46:20:
b0:5d:9a:86:35:f5:2c:ec:ae:21:47:42:81:57:b5:
73:7d:d8:47:ab:54:38:ad:53:19:23:87:83:bb:e8:
ec:bc:15:5d:49:28:9d:9c:14:84:ce:88:52:a5:da:
46:ec:9a:29:61:87:9d:f7:ba:a7:f8:c2:37:e4:b1:
2a:18:82:67:33:15:5a:e0:4e:37:7e:62:55:3b:1e:
09:2d:f2:e6:64:25:74:a8:d0:38:04:e6:20:92:84:
4a:60:27:9d:ec:88:e7:b1:ed:c7:a5:8b:6d:7d:4d:
92:bf:1c:42:cd:c9:19:11:eb:ab:ab:83:af:3a:27:
7e:4a:b6:ff:80:27:ab:27:0b:d8:51:bf:b0:7c:d6:
ff:c0:25:1f:ab:5c:63:a7:a4:3d:70:53:b7:5b:cd:
8e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E9:23:6D:32:FE:FE:35:15:76:A9:7B:58:5E:BC:D9:16:B5:07:22
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:ed:1e:4f:1b:d9:0b:f8:7a:31:f4:1f:d3:11:09:b6:25:0e:
68:21:ab:e1:b7:e5:46:cd:7b:51:e3:7f:65:2d:1a:58:3e:e6:
f6:ff:ce:fa:68:78:3a:d7:bf:50:b7:ee:26:fa:2f:f9:e7:52:
bd:39:fe:4f:6c:7d:3e:50:7c:1c:9f:ad:13:90:ef:c3:98:1b:
f1:6e:2f:b7:37:15:c1:66:1c:bb:71:df:d4:15:00:26:cb:2f:
30:46:67:f2:18:5b:d4:93:60:3f:67:74:42:8b:ad:24:28:63:
14:77:f0:f6:96:ba:44:12:fc:d9:75:2e:20:9b:f6:d6:7d:2e:
37:53:bb:8e:6a:ee:05:9d:f4:a7:6e:66:95:d2:9d:22:25:a2:
b7:6b:33:4d:a7:21:a3:8c:b3:03:90:9c:74:4e:8e:53:ba:2d:
27:e4:16:aa:db:e2:00:11:25:8e:d6:25:8b:d7:6f:34:a7:f3:
63:b7:75:14:a6:9e:4d:dd:26:83:07:f2:a0:6b:42:a1:49:71:
97:c4:a1:72:44:59:3f:a7:4f:c5:da:ac:6e:57:94:98:30:b3:
a8:82:2c:81:97:0e:56:0b:00:b7:e3:78:c0:c0:02:fa:23:00:
1a:10:bb:ef:91:3b:fd:05:be:e0:47:8b:2f:cb:5e:5d:93:e1:
a2:5d:cc:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ouNeagiDV9CuzVmRt5YQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwNTE0MjMwMTAyWhcNMjYwNTE1MjMwMTAyWjAzMTEwLwYDVQQD
EyhlY2U5MjM2ZDMyZmVmZTM1MTU3NmE5N2I1ODVlYmNkOTE2YjUwNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI8dYLeEhm0V2LeC7qWDQMsVkIs4
X30Uqz9vJLVTfZ1IBRmUcNoR/aMalWrlxfJkzxqBwBUO4IC38bwSIH4QerCNshGC
DAgP545Cv4AqVctHCViUSBO4iwHhpfPtbroefPeYVJPKRiCwXZqGNfUs7K4hR0KB
V7VzfdhHq1Q4rVMZI4eDu+jsvBVdSSidnBSEzohSpdpG7JopYYed97qn+MI35LEq
GIJnMxVa4E43fmJVOx4JLfLmZCV0qNA4BOYgkoRKYCed7Ijnse3HpYttfU2SvxxC
zckZEeurq4OvOid+Srb/gCerJwvYUb+wfNb/wCUfq1xjp6Q9cFO3W82OKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzpI20y/v41FXape1hevNkWtQciMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk+0eTxvZ
C/h6MfQf0xEJtiUOaCGr4bflRs17UeN/ZS0aWD7m9v/O+mh4Ote/ULfuJvov+edS
vTn+T2x9PlB8HJ+tE5Dvw5gb8W4vtzcVwWYcu3Hf1BUAJssvMEZn8hhb1JNgP2d0
QoutJChjFHfw9pa6RBL82XUuIJv21n0uN1O7jmruBZ30p25mldKdIiWit2szTach
o4yzA5CcdE6OU7otJ+QWqtviABEljtYli9dvNKfzY7d1FKaeTd0mgwfyoGtCoUlx
l8ShckRZP6dPxdqsbleUmDCzqIIsgZcOVgsAt+N4wMAC+iMAGhC775E7/QW+4EeL
L8teXZPhol3MQw==
-----END CERTIFICATE-----
Generated at Fri May 15 07:03:08 2026 by rpki-client