Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: dwRjG7b+qE9wiLBUPjPQOq5lZbSZR1Ntc9C+Aju0cXs=
Subject key identifier: 15:37:13:F1:DE:8F:E8:30:BF:FE:EC:AD:E9:97:D0:5F:BB:66:D4:31
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019CE55B3ABECE3E2AACBB8C4C30741FB4CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0F4B
Signing time: Fri 13 Mar 2026 04:01:27 +0000
Manifest this update: Fri 13 Mar 2026 04:01:27 +0000
Manifest next update: Sat 14 Mar 2026 04:01:27 +0000
Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: 5xtTAoEsJJmz96fqKFqTpl50wIVVdhB4MDIZ5UJB6jk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:5b:3a:be:ce:3e:2a:ac:bb:8c:4c:30:74:1f:b4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Mar 13 04:01:27 2026 GMT
Not After : Mar 14 04:01:27 2026 GMT
Subject: CN=153713f1de8fe830bffeecade997d05fbb66d431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:96:c2:d3:60:63:1c:7b:83:3c:72:d1:1d:
39:49:45:30:b0:f8:39:8d:e8:35:c8:75:fb:c1:47:
3d:ef:a1:80:de:3e:13:a1:db:b9:cd:69:df:0b:47:
98:49:b9:6d:d0:d5:7e:72:6d:62:da:0d:50:d0:e4:
95:5f:b4:a4:6d:af:8a:24:61:21:1f:56:ed:5d:ca:
57:fa:9e:ab:a5:30:ce:22:ba:97:25:aa:20:eb:6b:
e1:d5:65:ad:5b:f7:e1:56:e1:73:40:75:df:2c:01:
aa:0c:13:65:66:54:82:b1:48:1a:a0:0b:69:5e:82:
ca:0c:a9:e4:c3:d2:f7:ca:eb:65:6d:a3:4e:34:3b:
d2:8a:cf:f8:06:8c:f7:cd:16:eb:c4:6a:39:39:30:
a1:45:6c:bb:28:55:72:5f:e7:21:91:de:82:22:62:
2a:9d:df:7b:a4:8c:5e:83:23:7e:9d:ee:4c:20:52:
f4:24:84:d2:bb:eb:0e:8e:9f:ce:da:02:13:d9:a6:
1b:76:23:ff:38:f3:62:9e:53:78:19:c1:3d:45:88:
bb:35:04:de:d5:1c:9a:be:3a:3b:c2:ca:17:91:ab:
ac:55:49:33:c4:bc:97:09:a0:72:f9:0c:e9:9e:10:
d3:9d:a7:80:86:63:ad:91:80:5e:e4:08:87:79:f4:
a5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:37:13:F1:DE:8F:E8:30:BF:FE:EC:AD:E9:97:D0:5F:BB:66:D4:31
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:ae:82:0b:c2:fc:62:4d:13:32:34:4c:d7:79:d2:54:d8:c7:
28:2e:c8:25:4b:57:e5:65:7b:e8:5b:35:8d:ed:45:0b:f6:f1:
5c:3d:0e:4c:06:31:ac:48:2d:96:60:e8:7d:b4:f6:60:5e:88:
91:97:05:ce:7f:e3:07:2a:28:34:48:c8:f1:78:ea:4d:10:92:
26:30:74:f6:88:00:cb:45:20:9e:12:d6:4f:d3:84:76:1b:cd:
6b:17:68:ec:1c:7d:6e:b6:a6:2e:b2:c2:d7:25:ff:19:50:39:
d8:b6:81:65:c8:f6:d5:20:7e:68:46:f1:28:fe:2f:37:5b:10:
39:ec:87:5e:b6:ed:d5:82:c8:e2:1e:eb:a0:7c:0f:a6:5a:31:
d6:6f:7a:44:2a:99:79:cd:3b:90:b4:cf:05:18:be:05:85:fa:
3c:d1:8e:d6:4c:b6:41:6b:3e:67:ee:fa:02:01:a4:b5:7d:be:
cf:6a:28:ac:60:c5:04:63:21:14:ca:3e:b8:0a:fa:f6:e6:8a:
ac:18:37:ff:1c:85:70:8b:aa:88:9d:0e:c0:d2:17:bf:bf:29:
70:58:d2:89:28:d0:66:f7:c9:8b:67:98:8b:26:b4:6d:bc:20:
99:d3:e0:38:b0:9b:99:9a:8d:1f:55:36:75:a9:bd:86:d6:a0:
65:c8:f0:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlWzq+zj4qrLuMTDB0H7TPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjYwMzEzMDQwMTI3WhcNMjYwMzE0MDQwMTI3WjAzMTEwLwYDVQQD
EygxNTM3MTNmMWRlOGZlODMwYmZmZWVjYWRlOTk3ZDA1ZmJiNjZkNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvneWwtNgYxx7gzxy0R05SUUwsPg5
jeg1yHX7wUc976GA3j4Todu5zWnfC0eYSblt0NV+cm1i2g1Q0OSVX7Skba+KJGEh
H1btXcpX+p6rpTDOIrqXJaog62vh1WWtW/fhVuFzQHXfLAGqDBNlZlSCsUgaoAtp
XoLKDKnkw9L3yutlbaNONDvSis/4Boz3zRbrxGo5OTChRWy7KFVyX+chkd6CImIq
nd97pIxegyN+ne5MIFL0JITSu+sOjp/O2gIT2aYbdiP/OPNinlN4GcE9RYi7NQTe
1Ryavjo7wsoXkausVUkzxLyXCaBy+QzpnhDTnaeAhmOtkYBe5AiHefSlxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBU3E/Hej+gwv/7sremX0F+7ZtQxMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR66CC8L8
Yk0TMjRM13nSVNjHKC7IJUtX5WV76Fs1je1FC/bxXD0OTAYxrEgtlmDofbT2YF6I
kZcFzn/jByooNEjI8XjqTRCSJjB09ogAy0UgnhLWT9OEdhvNaxdo7Bx9bramLrLC
1yX/GVA52LaBZcj21SB+aEbxKP4vN1sQOeyHXrbt1YLI4h7roHwPplox1m96RCqZ
ec07kLTPBRi+BYX6PNGO1ky2QWs+Z+76AgGktX2+z2oorGDFBGMhFMo+uAr69uaK
rBg3/xyFcIuqiJ0OwNIXv78pcFjSiSjQZvfJi2eYiya0bbwgmdPgOLCbmZqNH1U2
dam9htagZcjw/A==
-----END CERTIFICATE-----
Generated at Fri Mar 13 09:54:24 2026 by rpki-client