Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: YsVybE808KmmgV6wxqmP41b51cckQOm2Er4l+rJCsqw=
Subject key identifier: 14:18:16:DF:21:D7:EF:28:E5:AD:CE:8F:48:DD:A3:96:DE:5C:CB:97
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019A22F74737EBA782141D73CD3F78023C39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0DDD
Signing time: Mon 27 Oct 2025 00:00:22 +0000
Manifest this update: Mon 27 Oct 2025 00:00:22 +0000
Manifest next update: Tue 28 Oct 2025 00:00:22 +0000
Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: qq8fFLLOqtuuFlstI/ETotjzNjGEbjDbzpD+Lzu2VF4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:22:f7:47:37:eb:a7:82:14:1d:73:cd:3f:78:02:3c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Oct 27 00:00:22 2025 GMT
Not After : Oct 28 00:00:22 2025 GMT
Subject: CN=141816df21d7ef28e5adce8f48dda396de5ccb97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:43:68:dc:ee:ec:5d:c7:4e:e5:c7:d0:38:3c:
c5:8b:4f:2b:08:aa:78:af:e2:e7:c8:6f:2f:d9:fa:
6e:d9:f4:2e:6b:2e:96:75:44:99:21:7d:c7:6d:cf:
4d:b2:ec:a4:3d:38:62:43:fd:5c:47:5a:26:6f:d3:
4e:3d:00:42:7a:7d:73:92:68:35:a8:ad:a7:2c:65:
3f:8e:6c:89:41:33:d0:20:9b:60:a7:56:20:6b:92:
da:cb:bb:3c:ce:34:f8:46:5d:e1:18:94:80:d6:84:
11:20:71:71:60:5e:e0:38:d2:fa:ee:0a:5b:93:fc:
a0:fb:a6:14:48:d9:a8:7b:4e:01:86:04:45:90:1d:
db:b2:64:27:68:46:e2:99:3c:1a:2f:90:4d:26:1e:
9f:c8:38:90:03:61:62:55:10:f1:a1:a0:20:11:f2:
74:2b:9f:74:1c:50:54:75:2d:29:5c:b5:41:c2:fc:
e2:5c:7d:31:96:69:af:b1:97:5d:f2:90:fd:23:3b:
f2:60:d6:78:e4:d9:fd:ab:7b:00:60:d6:74:df:3d:
f9:b2:2e:98:c4:c5:07:50:86:88:59:81:a6:aa:b0:
10:a2:12:f2:b5:84:9e:9e:4c:4c:df:34:d4:18:7e:
52:71:04:31:f3:b8:5c:bb:4a:f8:be:90:ea:30:8a:
aa:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:18:16:DF:21:D7:EF:28:E5:AD:CE:8F:48:DD:A3:96:DE:5C:CB:97
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:4a:d1:db:0e:93:34:d1:2a:f7:b6:de:be:b4:aa:f8:01:38:
3d:30:c8:1e:9a:18:f3:5e:18:7c:79:98:ab:88:47:9f:94:cf:
5e:85:05:bf:d3:17:d7:42:97:dc:05:51:bb:44:24:84:b3:ed:
19:f9:e7:c6:9f:d5:60:da:0d:a6:49:eb:74:d3:54:6f:bf:16:
82:3b:62:39:82:01:bc:2c:08:58:8e:fc:10:44:2c:61:12:3b:
8e:fb:04:7e:ec:9f:08:7e:d3:0f:f1:7a:80:f8:08:9b:23:57:
17:a1:57:75:eb:ec:bf:dc:e1:e1:4a:9a:1f:2a:7f:be:64:4e:
d9:96:fe:cd:6c:a1:f0:16:40:d7:c3:b6:63:ae:df:af:30:74:
51:70:59:f7:1e:88:cd:1c:46:e8:fe:86:c0:fe:f7:ae:14:39:
f5:7d:25:69:a4:34:39:69:8f:5f:b4:4c:15:be:3c:86:fb:17:
3e:bd:73:49:da:f4:ae:e1:cf:ac:35:66:38:cc:84:30:2f:28:
c1:98:0c:56:3d:34:ec:39:58:e0:b2:c5:51:8b:ac:86:be:bc:
46:ac:7b:14:17:05:c5:73:f4:82:2a:0f:21:b9:78:a6:b9:39:
86:3d:8b:3a:43:e7:14:39:7d:fc:75:dc:e2:1a:39:97:69:59:
5f:96:ff:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoi90c366eCFB1zzT94Ajw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjUxMDI3MDAwMDIyWhcNMjUxMDI4MDAwMDIyWjAzMTEwLwYDVQQD
EygxNDE4MTZkZjIxZDdlZjI4ZTVhZGNlOGY0OGRkYTM5NmRlNWNjYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkNo3O7sXcdO5cfQODzFi08rCKp4
r+LnyG8v2fpu2fQuay6WdUSZIX3Hbc9NsuykPThiQ/1cR1omb9NOPQBCen1zkmg1
qK2nLGU/jmyJQTPQIJtgp1Yga5Lay7s8zjT4Rl3hGJSA1oQRIHFxYF7gONL67gpb
k/yg+6YUSNmoe04BhgRFkB3bsmQnaEbimTwaL5BNJh6fyDiQA2FiVRDxoaAgEfJ0
K590HFBUdS0pXLVBwvziXH0xlmmvsZdd8pD9IzvyYNZ45Nn9q3sAYNZ03z35si6Y
xMUHUIaIWYGmqrAQohLytYSenkxM3zTUGH5ScQQx87hcu0r4vpDqMIqqnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQYFt8h1+8o5a3Oj0jdo5beXMuXMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOUrR2w6T
NNEq97bevrSq+AE4PTDIHpoY814YfHmYq4hHn5TPXoUFv9MX10KX3AVRu0QkhLPt
Gfnnxp/VYNoNpknrdNNUb78WgjtiOYIBvCwIWI78EEQsYRI7jvsEfuyfCH7TD/F6
gPgImyNXF6FXdevsv9zh4UqaHyp/vmRO2Zb+zWyh8BZA18O2Y67frzB0UXBZ9x6I
zRxG6P6GwP73rhQ59X0laaQ0OWmPX7RMFb48hvsXPr1zSdr0ruHPrDVmOMyEMC8o
wZgMVj007DlY4LLFUYushr68Rqx7FBcFxXP0gioPIbl4prk5hj2LOkPnFDl9/HXc
4ho5l2lZX5b/rQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:21:06 2025 by rpki-client