Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: wkjKYnEqifDMpck7G38aEK/n0NWT7ufSSmS7SrkdVFk=
Subject key identifier: C9:AD:BF:79:59:96:B6:3E:13:3A:30:E3:DF:B8:C3:9A:0C:C6:47:31
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019747B0D0F5E1483CFC8E2696632B8692A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0AC2
Signing time: Sat 07 Jun 2025 00:00:59 +0000
Manifest this update: Sat 07 Jun 2025 00:00:59 +0000
Manifest next update: Sun 08 Jun 2025 00:00:59 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: CadzislwJuHNHr+sRgAQmO7eRc0vyquKHl/4asP4UrE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:b0:d0:f5:e1:48:3c:fc:8e:26:96:63:2b:86:92:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Jun 7 00:00:59 2025 GMT
Not After : Jun 8 00:00:59 2025 GMT
Subject: CN=c9adbf795996b63e133a30e3dfb8c39a0cc64731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:2f:99:5c:c6:33:0e:1b:49:75:91:35:06:85:
1f:2a:81:3e:ff:59:0f:e3:a5:59:fd:16:ad:fd:ca:
84:6d:25:2d:51:d8:5c:50:57:ff:bc:e7:df:bd:62:
5f:2d:a9:ba:bf:36:22:cd:be:23:40:67:9f:90:47:
d0:9f:a8:ea:fb:7d:46:17:5d:9d:13:e3:8b:61:eb:
d0:b3:69:f2:8c:34:92:d0:a5:d2:91:50:05:dd:86:
b8:0b:b9:cf:ed:77:a2:d8:1d:c7:49:9f:7b:26:eb:
88:d5:39:f0:a5:6f:b2:41:a2:36:6b:ba:1e:86:c0:
8d:70:77:85:f6:07:95:05:73:13:a2:68:e1:58:d4:
7a:76:8c:c4:e5:e4:62:9f:3a:a8:e3:c5:d2:d5:7f:
97:5e:57:83:54:0f:2f:56:e0:03:a2:56:be:56:5f:
42:7d:7d:1d:51:ec:d2:51:be:d9:22:1e:f8:3c:fd:
47:f4:3d:cc:b0:ff:96:1f:9a:38:7c:5f:f6:bf:a4:
de:4f:37:09:8a:ff:53:8a:6e:b0:a0:37:82:20:03:
6f:85:ce:a7:10:63:e8:22:b2:34:36:e6:1b:a7:1a:
b5:83:13:24:41:6b:ff:75:7f:64:8d:c0:ad:18:98:
66:5b:76:6b:af:3f:78:45:9d:db:c3:3f:5f:18:b1:
25:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AD:BF:79:59:96:B6:3E:13:3A:30:E3:DF:B8:C3:9A:0C:C6:47:31
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:68:37:1b:e1:71:73:eb:5c:7c:97:ef:14:f7:a2:97:3f:5c:
e1:8d:c2:64:70:af:79:54:6e:89:95:60:11:25:77:f2:48:55:
91:f3:0e:4f:34:2f:ec:7b:9a:f2:66:aa:df:ef:7c:07:e1:6a:
35:6e:d7:e7:08:e7:55:4d:4f:c2:8f:f9:68:18:b9:e6:e9:1e:
d8:26:1e:35:5d:2a:02:48:3d:3b:db:80:16:40:ba:59:f2:78:
a2:d4:a7:20:dc:20:5e:dd:ff:99:67:83:f3:f1:d7:ee:6e:1a:
f7:7f:75:54:51:7b:16:5f:de:ce:cb:08:66:ce:bf:c2:d3:86:
67:c0:f5:77:f4:d1:0b:dd:e3:6f:1e:3f:f9:43:0a:55:e8:21:
aa:13:34:a9:bf:7e:22:ac:6e:0d:79:e1:49:ee:a5:71:3f:25:
be:da:c5:05:4a:b2:36:f5:31:2b:91:c4:f0:e9:80:c6:f0:41:
99:bc:1c:90:73:7f:8d:a4:f8:ec:77:cb:ed:2d:33:92:24:20:
d4:32:87:27:20:49:30:f5:fb:bf:d1:b3:19:26:80:de:d2:54:
3a:d8:2d:e9:c7:0b:63:f2:a4:ad:b8:6d:d6:14:3c:d4:5f:1c:
a4:bf:1f:27:79:08:bb:4c:56:e5:cd:ea:59:1d:c5:51:fe:6e:
f1:7a:ac:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHsND14Ug8/I4mlmMrhpKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwNjA3MDAwMDU5WhcNMjUwNjA4MDAwMDU5WjAzMTEwLwYDVQQD
EyhjOWFkYmY3OTU5OTZiNjNlMTMzYTMwZTNkZmI4YzM5YTBjYzY0NzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9S+ZXMYzDhtJdZE1BoUfKoE+/1kP
46VZ/Rat/cqEbSUtUdhcUFf/vOffvWJfLam6vzYizb4jQGefkEfQn6jq+31GF12d
E+OLYevQs2nyjDSS0KXSkVAF3Ya4C7nP7Xei2B3HSZ97JuuI1TnwpW+yQaI2a7oe
hsCNcHeF9geVBXMTomjhWNR6dozE5eRinzqo48XS1X+XXleDVA8vVuADola+Vl9C
fX0dUezSUb7ZIh74PP1H9D3MsP+WH5o4fF/2v6TeTzcJiv9Tim6woDeCIANvhc6n
EGPoIrI0NuYbpxq1gxMkQWv/dX9kjcCtGJhmW3Zrrz94RZ3bwz9fGLElWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmtv3lZlrY+Ezow49+4w5oMxkcxMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANWg3G+Fx
c+tcfJfvFPeilz9c4Y3CZHCveVRuiZVgESV38khVkfMOTzQv7Hua8maq3+98B+Fq
NW7X5wjnVU1Pwo/5aBi55uke2CYeNV0qAkg9O9uAFkC6WfJ4otSnINwgXt3/mWeD
8/HX7m4a9391VFF7Fl/ezssIZs6/wtOGZ8D1d/TRC93jbx4/+UMKVeghqhM0qb9+
IqxuDXnhSe6lcT8lvtrFBUqyNvUxK5HE8OmAxvBBmbwckHN/jaT47HfL7S0zkiQg
1DKHJyBJMPX7v9GzGSaA3tJUOtgt6ccLY/Kkrbht1hQ81F8cpL8fJ3kIu0xW5c3q
WR3FUf5u8XqsMg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:54:38 2025 by rpki-client