Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: iD8gXqmwrWfoRhyiWWGb7rrjj6RLtc0mG6MFOuZjt2w=
Subject key identifier: 98:C7:17:30:D2:A5:5E:06:0C:C8:E9:C6:4A:9D:36:9B:DC:65:51:96
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019A4470993C410F759F990A47FAB792D633
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0C4E
Signing time: Sun 02 Nov 2025 12:00:21 +0000
Manifest this update: Sun 02 Nov 2025 12:00:21 +0000
Manifest next update: Mon 03 Nov 2025 12:00:21 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: 0LpjfSd5f4XmSJd8RXRfpvZ0SlfP/ZyMAALdArPIxQ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Nov 2025 06:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:44:70:99:3c:41:0f:75:9f:99:0a:47:fa:b7:92:d6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Nov 2 12:00:21 2025 GMT
Not After : Nov 3 12:00:21 2025 GMT
Subject: CN=98c71730d2a55e060cc8e9c64a9d369bdc655196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fe:6d:68:83:3e:1b:af:47:8d:20:4e:bc:aa:
39:80:87:22:2a:aa:4e:86:5e:a2:f4:67:b0:91:1e:
ef:10:b3:b2:9d:3c:e4:24:d9:a0:de:c9:45:6d:1c:
6a:eb:8a:b0:d0:0a:9c:d6:28:34:6e:c4:36:b7:1b:
ff:4b:6f:63:f3:55:2f:62:a8:bc:44:32:de:83:f5:
4d:33:b7:de:30:b0:55:e1:a9:5f:47:4a:19:e7:f3:
e4:4e:7a:eb:e4:8b:b2:12:81:c7:1b:0a:72:77:8a:
d7:06:42:00:d4:e7:af:5e:f4:da:14:d8:d0:93:4d:
ab:06:68:5d:b9:3a:f4:19:a0:65:65:ef:6c:70:e7:
dc:84:7e:48:40:af:00:32:d5:11:32:25:e8:48:ca:
3e:94:e1:66:17:a8:48:11:7c:e8:5e:f6:b2:46:e0:
53:b9:4d:52:f8:78:af:67:8f:48:6f:f2:5d:5d:0b:
e5:c3:6c:88:69:b0:4f:73:ca:6f:9e:c3:c6:fd:13:
fa:b0:20:a7:61:94:08:0b:b7:76:0f:9f:5d:d9:78:
7b:81:1a:28:ce:6e:44:45:e4:42:10:f7:36:03:cb:
07:89:49:52:b2:3f:ff:9b:dd:be:e8:fb:c5:f2:02:
e0:c7:20:b4:f4:cc:16:3c:cb:aa:7d:fb:94:01:e0:
44:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C7:17:30:D2:A5:5E:06:0C:C8:E9:C6:4A:9D:36:9B:DC:65:51:96
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:a1:96:15:3f:26:2b:1a:e3:18:8f:8f:27:23:3b:37:de:8f:
75:60:64:fe:b5:52:c1:96:57:04:76:14:e6:f3:3d:6a:18:62:
85:25:b8:0e:fc:66:3d:cd:5c:a3:1c:01:47:cd:97:95:3d:6b:
8c:f2:2f:b9:65:8f:fa:97:4e:23:0c:be:87:6f:38:45:c6:eb:
63:e1:cc:5d:5e:64:ce:9d:ac:08:27:f9:e6:62:ca:16:8f:07:
82:7f:5c:66:2d:c9:b5:f0:30:95:d5:03:b0:5e:28:bc:1b:5e:
42:68:ea:78:d7:6b:6b:98:6f:7f:71:c1:09:ba:5d:d0:0d:de:
be:01:88:99:0d:29:43:35:90:93:bd:3d:02:bb:0c:c1:52:69:
02:fd:38:3c:b8:ab:82:af:83:34:0d:3f:75:84:af:cb:5c:f4:
34:8d:17:15:f1:d9:12:b4:76:65:d3:58:8a:5e:60:0c:81:dd:
3c:86:9f:a3:97:72:90:ed:43:1e:ee:55:c1:77:de:f4:e4:01:
cb:fe:1d:d5:d2:98:27:2e:e5:3b:81:79:61:a2:db:ba:0c:b8:
b2:17:78:ab:2b:40:ed:1c:dc:63:45:94:c2:3c:c9:57:59:e1:
6d:c4:b9:fc:aa:d8:26:e8:3c:56:7c:5f:26:4d:29:f9:d0:ba:
ce:cf:94:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpEcJk8QQ91n5kKR/q3ktYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUxMTAyMTIwMDIxWhcNMjUxMTAzMTIwMDIxWjAzMTEwLwYDVQQD
Eyg5OGM3MTczMGQyYTU1ZTA2MGNjOGU5YzY0YTlkMzY5YmRjNjU1MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv5taIM+G69HjSBOvKo5gIciKqpO
hl6i9GewkR7vELOynTzkJNmg3slFbRxq64qw0Aqc1ig0bsQ2txv/S29j81UvYqi8
RDLeg/VNM7feMLBV4alfR0oZ5/PkTnrr5IuyEoHHGwpyd4rXBkIA1OevXvTaFNjQ
k02rBmhduTr0GaBlZe9scOfchH5IQK8AMtURMiXoSMo+lOFmF6hIEXzoXvayRuBT
uU1S+HivZ49Ib/JdXQvlw2yIabBPc8pvnsPG/RP6sCCnYZQIC7d2D59d2Xh7gRoo
zm5EReRCEPc2A8sHiUlSsj//m92+6PvF8gLgxyC09MwWPMuqffuUAeBEAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjHFzDSpV4GDMjpxkqdNpvcZVGWMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKGWFT8m
KxrjGI+PJyM7N96PdWBk/rVSwZZXBHYU5vM9ahhihSW4DvxmPc1coxwBR82XlT1r
jPIvuWWP+pdOIwy+h284RcbrY+HMXV5kzp2sCCf55mLKFo8Hgn9cZi3JtfAwldUD
sF4ovBteQmjqeNdra5hvf3HBCbpd0A3evgGImQ0pQzWQk709ArsMwVJpAv04PLir
gq+DNA0/dYSvy1z0NI0XFfHZErR2ZdNYil5gDIHdPIafo5dykO1DHu5VwXfe9OQB
y/4d1dKYJy7lO4F5YaLbugy4shd4qytA7RzcY0WUwjzJV1nhbcS5/KrYJug8Vnxf
Jk0p+dC6zs+UUA==
-----END CERTIFICATE-----
Generated at Sun Nov 2 13:10:16 2025 by rpki-client