Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: HEOjQJ84qelNSf2dWLhifc6baOwEH2doJQv7rnr6sIs=
Subject key identifier: 30:FC:4F:6D:F6:28:70:CC:2B:1B:5D:D4:CB:3D:C8:10:1D:C3:D2:C5
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 01985231817A444089860E2BE3778FE79B07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0B4C
Signing time: Mon 28 Jul 2025 18:00:32 +0000
Manifest this update: Mon 28 Jul 2025 18:00:32 +0000
Manifest next update: Tue 29 Jul 2025 18:00:32 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: IGgnTWJT4dBCyhmAeDbxWR6Te2AUO5LB5fnzpkJtYDo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:52:31:81:7a:44:40:89:86:0e:2b:e3:77:8f:e7:9b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Jul 28 18:00:32 2025 GMT
Not After : Jul 29 18:00:32 2025 GMT
Subject: CN=30fc4f6df62870cc2b1b5dd4cb3dc8101dc3d2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d9:a3:ad:3e:d7:bd:6c:ec:b1:7c:74:92:17:
b5:9f:3f:0f:8d:a0:57:f5:c9:ec:9c:e6:64:51:9c:
a8:14:e8:61:b7:5d:6e:26:86:33:4e:27:fb:f6:b1:
8f:c7:ee:cf:0d:f0:2c:1a:49:0b:ad:78:c4:a9:bf:
2b:e2:43:12:7d:09:f8:48:ab:4b:ff:86:f6:35:47:
12:5c:55:3a:02:e0:5e:da:8c:a0:c2:33:b0:99:97:
75:05:54:1c:b0:a6:cb:6e:42:bd:d4:23:e2:73:74:
00:90:ca:7c:99:48:63:43:b6:16:34:3d:73:db:9a:
3c:5b:19:9a:8d:61:92:8e:5a:9d:3a:d6:74:24:49:
5d:53:b8:dc:49:d4:87:33:81:f6:79:b7:70:7f:68:
14:3f:a4:fd:82:dc:57:13:9e:2c:d0:61:30:f1:8b:
fc:eb:91:e8:2a:f0:c3:46:4f:ad:98:ef:f1:f0:74:
fb:dd:e5:7a:88:5c:0b:19:98:d9:ba:0b:7a:0e:6a:
f0:b2:c5:19:38:16:2f:74:d7:60:2e:09:2e:45:2e:
8e:b4:5c:bd:ad:94:b1:05:a9:a7:76:cb:87:94:ab:
cd:c3:11:f4:90:6f:44:38:36:c2:3a:89:07:63:85:
8b:c7:72:19:12:d7:a5:25:af:48:38:51:ec:ac:bf:
14:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FC:4F:6D:F6:28:70:CC:2B:1B:5D:D4:CB:3D:C8:10:1D:C3:D2:C5
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:23:93:2d:f1:6f:42:af:4c:96:bd:be:46:31:f2:84:94:b0:
ec:e5:43:92:d7:ec:9e:34:89:92:b8:ae:e1:cb:53:3a:e4:0a:
26:08:bc:92:1b:7b:1f:84:4a:0f:ec:1e:1f:ec:81:05:e5:38:
f1:6a:0c:e1:88:9d:ba:36:3c:c1:03:ad:ee:3a:73:9d:e5:fa:
bc:07:53:b6:89:73:ce:32:bf:9c:d5:44:ea:78:1d:41:0b:10:
5f:32:ef:bf:85:f8:18:ac:b5:51:3b:8a:1c:7b:82:81:0e:d0:
fe:ec:53:21:6c:de:1d:2d:2d:9d:ec:9d:18:a2:68:61:51:1d:
83:c7:4c:11:ff:8a:07:29:ba:0f:6f:58:b5:78:ec:6b:b9:b5:
c8:ac:e3:37:90:dc:6a:eb:bd:75:5f:cd:3d:61:d5:d6:e2:94:
a4:7b:a7:01:4b:72:81:e3:05:a4:43:d3:22:3c:89:2f:a4:54:
f4:6e:10:89:d3:5d:73:c8:9a:29:c2:79:29:88:5a:aa:cc:98:
5e:a5:c9:eb:26:97:70:ce:84:8f:05:74:89:6f:7f:d2:df:84:
c6:f5:c3:b5:05:a5:b9:f8:3c:7c:a7:41:12:7f:f0:93:ed:e9:
b6:25:b4:66:46:78:b4:fc:b0:b3:58:97:66:ac:65:32:ce:18:
4b:78:72:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhSMYF6RECJhg4r43eP55sHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwNzI4MTgwMDMyWhcNMjUwNzI5MTgwMDMyWjAzMTEwLwYDVQQD
EygzMGZjNGY2ZGY2Mjg3MGNjMmIxYjVkZDRjYjNkYzgxMDFkYzNkMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tmjrT7XvWzssXx0khe1nz8PjaBX
9cnsnOZkUZyoFOhht11uJoYzTif79rGPx+7PDfAsGkkLrXjEqb8r4kMSfQn4SKtL
/4b2NUcSXFU6AuBe2oygwjOwmZd1BVQcsKbLbkK91CPic3QAkMp8mUhjQ7YWND1z
25o8WxmajWGSjlqdOtZ0JEldU7jcSdSHM4H2ebdwf2gUP6T9gtxXE54s0GEw8Yv8
65HoKvDDRk+tmO/x8HT73eV6iFwLGZjZugt6DmrwssUZOBYvdNdgLgkuRS6OtFy9
rZSxBamndsuHlKvNwxH0kG9EODbCOokHY4WLx3IZEtelJa9IOFHsrL8UswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDD8T232KHDMKxtd1Ms9yBAdw9LFMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASSOTLfFv
Qq9Mlr2+RjHyhJSw7OVDktfsnjSJkriu4ctTOuQKJgi8kht7H4RKD+weH+yBBeU4
8WoM4YidujY8wQOt7jpzneX6vAdTtolzzjK/nNVE6ngdQQsQXzLvv4X4GKy1UTuK
HHuCgQ7Q/uxTIWzeHS0tneydGKJoYVEdg8dMEf+KBym6D29YtXjsa7m1yKzjN5Dc
auu9dV/NPWHV1uKUpHunAUtygeMFpEPTIjyJL6RU9G4QidNdc8iaKcJ5KYhaqsyY
XqXJ6yaXcM6EjwV0iW9/0t+ExvXDtQWlufg8fKdBEn/wk+3ptiW0ZkZ4tPyws1iX
ZqxlMs4YS3hyPQ==
-----END CERTIFICATE-----
Generated at Tue Jul 29 01:54:40 2025 by rpki-client