Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: eMA+mdqVa97NQeAKXHYHfTlzdVRCBuYj3NhwobgjUrc=
Subject key identifier: 6D:CA:A7:21:18:A7:9D:D0:57:86:02:86:19:84:65:ED:1C:D7:83:F1
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019DCF080FFA2D099FFCBF5A9FB0DBF5BB35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0FC4
Signing time: Mon 27 Apr 2026 13:01:45 +0000
Manifest this update: Mon 27 Apr 2026 13:01:45 +0000
Manifest next update: Tue 28 Apr 2026 13:01:45 +0000
Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: O6IyAchkjDjuv3dgT3wnsZHNfiILQt51+tJ5QD4WPhI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 13:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:08:0f:fa:2d:09:9f:fc:bf:5a:9f:b0:db:f5:bb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Apr 27 13:01:45 2026 GMT
Not After : Apr 28 13:01:45 2026 GMT
Subject: CN=6dcaa72118a79dd057860286198465ed1cd783f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:8d:df:fe:08:96:b1:91:57:8f:b7:e4:46:
09:fe:11:c7:9d:50:2a:8e:16:f3:22:b0:69:66:f7:
d9:b6:71:8c:89:45:24:9f:ca:ee:85:06:a3:63:07:
49:8b:bb:ae:35:66:b5:98:13:69:ff:9e:01:64:24:
7f:84:f0:96:02:20:5a:07:00:4c:33:c0:e1:e7:ed:
57:cf:e0:fe:88:0d:f1:58:bb:74:1a:f5:15:ee:66:
88:3d:4b:c3:95:68:25:7b:1f:b6:bb:30:e1:d3:68:
70:6f:5e:ca:ad:14:3d:9a:fd:41:49:e5:51:f3:9b:
e7:11:ee:1c:93:6f:0e:56:7c:25:08:d3:15:5c:7a:
c2:dd:aa:6c:4a:27:85:6b:f9:b8:7f:ac:10:7b:96:
ad:ec:4f:d7:c3:c8:ea:71:8d:9d:23:43:7e:ab:3b:
91:e1:c6:ed:97:61:7e:1f:bd:41:2d:c6:ea:7e:1f:
5d:e9:ee:0c:36:af:07:40:6f:46:8c:b2:9c:cb:bb:
05:1b:21:09:32:fd:79:1b:a0:25:2d:05:38:8e:b7:
08:a5:3a:a1:93:64:09:5c:f1:98:50:01:73:62:57:
26:32:43:b9:99:4b:04:98:ca:47:fd:01:0e:1a:ef:
88:a5:05:02:6c:ec:fd:94:62:ff:b9:8b:16:79:80:
a8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:CA:A7:21:18:A7:9D:D0:57:86:02:86:19:84:65:ED:1C:D7:83:F1
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:23:ed:8b:14:14:d0:d8:70:36:43:2a:b4:7c:e8:2a:5c:e5:
cf:5c:91:9f:07:e5:5f:92:8e:10:6a:ab:b5:0f:b5:8b:00:37:
59:2e:67:38:fa:81:73:a0:7d:56:30:a3:03:6f:97:e5:5b:87:
2a:d9:d7:70:7e:3a:2e:fa:71:33:02:cb:c9:5b:01:9e:b3:a6:
44:8d:a6:de:f9:54:6a:33:a3:50:d0:de:60:0b:5f:b6:bf:cc:
9b:c3:a9:91:b2:84:5b:0c:67:4d:44:f7:1f:27:ce:73:f1:b9:
33:ac:18:e6:3a:c0:89:fd:99:6c:fe:47:88:3b:87:16:c3:24:
bb:1c:4b:92:c2:4c:43:1f:7f:ab:56:7e:b9:87:59:58:d0:7d:
0f:5a:8b:a0:ed:6b:f2:16:b5:48:61:07:9e:7f:73:61:4b:2b:
fb:ad:68:3b:85:99:eb:21:1b:15:30:28:59:d6:ad:12:59:b6:
6a:a6:f7:c1:16:02:3e:dc:4c:11:fe:fe:1e:f8:b8:a5:73:ce:
d5:02:7e:c6:6c:cc:1a:63:43:af:51:f0:51:57:3f:d3:4f:bb:
7b:9e:1f:a8:54:01:c4:9c:70:28:93:ae:6a:bb:ae:97:30:ae:
f2:64:9b:80:09:2a:44:7b:db:68:db:93:21:99:7d:ee:05:b0:
87:17:1a:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PCA/6LQmf/L9an7Db9bs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjYwNDI3MTMwMTQ1WhcNMjYwNDI4MTMwMTQ1WjAzMTEwLwYDVQQD
Eyg2ZGNhYTcyMTE4YTc5ZGQwNTc4NjAyODYxOTg0NjVlZDFjZDc4M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOiN3/4IlrGRV4+35EYJ/hHHnVAq
jhbzIrBpZvfZtnGMiUUkn8ruhQajYwdJi7uuNWa1mBNp/54BZCR/hPCWAiBaBwBM
M8Dh5+1Xz+D+iA3xWLt0GvUV7maIPUvDlWglex+2uzDh02hwb17KrRQ9mv1BSeVR
85vnEe4ck28OVnwlCNMVXHrC3apsSieFa/m4f6wQe5at7E/Xw8jqcY2dI0N+qzuR
4cbtl2F+H71BLcbqfh9d6e4MNq8HQG9GjLKcy7sFGyEJMv15G6AlLQU4jrcIpTqh
k2QJXPGYUAFzYlcmMkO5mUsEmMpH/QEOGu+IpQUCbOz9lGL/uYsWeYCojQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG3KpyEYp53QV4YChhmEZe0c14PxMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCPtixQU
0NhwNkMqtHzoKlzlz1yRnwflX5KOEGqrtQ+1iwA3WS5nOPqBc6B9VjCjA2+X5VuH
KtnXcH46LvpxMwLLyVsBnrOmRI2m3vlUajOjUNDeYAtftr/Mm8OpkbKEWwxnTUT3
HyfOc/G5M6wY5jrAif2ZbP5HiDuHFsMkuxxLksJMQx9/q1Z+uYdZWNB9D1qLoO1r
8ha1SGEHnn9zYUsr+61oO4WZ6yEbFTAoWdatElm2aqb3wRYCPtxMEf7+Hvi4pXPO
1QJ+xmzMGmNDr1HwUVc/00+7e54fqFQBxJxwKJOuaruulzCu8mSbgAkqRHvbaNuT
IZl97gWwhxcahA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:35:59 2026 by rpki-client