Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: Wo/Oz6m5bJWpi6v0SHRKT17nQ8db2xjlKcUPI+EWqWc=
Subject key identifier: 95:D9:CC:94:04:B0:9B:84:9F:EA:47:58:09:B4:20:09:7D:48:5B:C7
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019D39E589101AB1A2CE372F20B287E41B38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 0595
Signing time: Sun 29 Mar 2026 14:00:37 +0000
Manifest this update: Sun 29 Mar 2026 14:00:37 +0000
Manifest next update: Mon 30 Mar 2026 14:00:37 +0000
Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: uytOKy07hdaEUvy9V27gH/JAWdTN62swAhzeSa4BBzM=)
2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:89:10:1a:b1:a2:ce:37:2f:20:b2:87:e4:1b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Mar 29 14:00:37 2026 GMT
Not After : Mar 30 14:00:37 2026 GMT
Subject: CN=95d9cc9404b09b849fea475809b420097d485bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1b:a1:75:c2:1f:40:e7:d8:55:6e:e4:40:ca:
f1:e0:39:70:6d:ae:ca:f7:3c:04:96:06:e7:a2:e0:
fe:a5:ff:6c:30:b2:24:71:80:3e:98:b9:6b:f9:6b:
8c:cc:28:18:7d:43:5d:29:7d:2e:af:fb:33:c7:52:
48:f5:dd:53:30:e2:1c:65:24:d2:c0:6a:84:db:e2:
15:cb:8d:ac:7e:6b:46:3a:97:02:a4:c4:a9:c3:a3:
92:81:ff:f1:45:3f:76:c2:38:3c:35:9f:04:00:3d:
a8:90:ca:bc:a9:93:90:25:a5:bc:19:42:e4:e1:5f:
76:96:22:c3:f9:ab:5b:35:c6:5e:e2:ff:72:c6:fc:
69:57:9a:43:01:78:09:01:84:cb:4a:f2:5b:8e:90:
5a:5f:84:b3:87:f4:09:30:bf:01:38:6e:06:e3:4b:
cf:24:e5:f9:b3:ee:83:4b:03:9f:71:4f:98:5d:f6:
a8:72:fc:66:49:df:e4:8c:f4:e3:32:fd:b7:14:83:
91:34:e6:bb:dd:b0:ca:1b:3e:f4:a8:82:f8:9d:7d:
24:0a:97:b3:00:1a:85:54:1d:3b:99:fe:b0:a6:43:
25:71:f9:ff:b5:65:76:c4:54:90:28:f5:00:fd:8b:
d4:7d:33:b3:e3:71:0e:b9:78:19:b9:b4:84:56:50:
e0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D9:CC:94:04:B0:9B:84:9F:EA:47:58:09:B4:20:09:7D:48:5B:C7
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:bb:26:f8:32:92:93:0a:e3:5c:70:bc:f7:2c:1f:f2:a4:24:
76:1a:f3:a9:a7:a2:8e:8f:f2:93:0c:cf:ce:41:e5:e5:9d:15:
6f:f2:8a:86:0b:44:86:d7:08:52:86:86:a1:e6:75:81:b1:ec:
86:d3:5b:35:e9:23:41:56:ee:36:b3:22:c5:b1:49:56:9d:89:
3f:10:8e:6a:c2:9d:c5:11:aa:cc:9d:d4:90:04:64:00:72:52:
45:ed:da:90:4b:9e:b5:9f:36:fd:a0:eb:9b:a5:52:9c:60:b8:
8a:af:9b:d9:f2:16:ad:2a:ea:82:67:10:db:ee:b2:7f:f5:10:
3a:1e:76:86:1e:34:09:66:c6:6a:30:f2:73:32:26:cd:b1:a0:
43:b8:1a:dc:29:bf:67:dc:75:cc:a8:41:b4:35:40:92:99:8d:
5e:aa:a0:46:03:08:d0:94:b2:66:75:bf:c1:60:fd:d5:7f:08:
7c:ed:e6:f0:29:6a:bb:ca:da:2c:6b:de:ac:20:f2:56:0c:1b:
1c:89:3f:8c:43:a4:ce:bd:c0:97:70:93:06:0b:52:50:a3:d7:
2e:0c:06:be:e0:8a:8d:a5:fd:4f:7d:eb:08:08:4f:96:ed:a8:
30:7d:25:42:47:68:6f:53:7e:97:6d:c7:e1:75:e1:53:49:d8:
7d:c9:7c:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055YkQGrGizjcvILKH5Bs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjYwMzI5MTQwMDM3WhcNMjYwMzMwMTQwMDM3WjAzMTEwLwYDVQQD
Eyg5NWQ5Y2M5NDA0YjA5Yjg0OWZlYTQ3NTgwOWI0MjAwOTdkNDg1YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBuhdcIfQOfYVW7kQMrx4Dlwba7K
9zwElgbnouD+pf9sMLIkcYA+mLlr+WuMzCgYfUNdKX0ur/szx1JI9d1TMOIcZSTS
wGqE2+IVy42sfmtGOpcCpMSpw6OSgf/xRT92wjg8NZ8EAD2okMq8qZOQJaW8GULk
4V92liLD+atbNcZe4v9yxvxpV5pDAXgJAYTLSvJbjpBaX4Szh/QJML8BOG4G40vP
JOX5s+6DSwOfcU+YXfaocvxmSd/kjPTjMv23FIORNOa73bDKGz70qIL4nX0kCpez
ABqFVB07mf6wpkMlcfn/tWV2xFSQKPUA/YvUfTOz43EOuXgZubSEVlDgZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXZzJQEsJuEn+pHWAm0IAl9SFvHMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOLsm+DKS
kwrjXHC89ywf8qQkdhrzqaeijo/ykwzPzkHl5Z0Vb/KKhgtEhtcIUoaGoeZ1gbHs
htNbNekjQVbuNrMixbFJVp2JPxCOasKdxRGqzJ3UkARkAHJSRe3akEuetZ82/aDr
m6VSnGC4iq+b2fIWrSrqgmcQ2+6yf/UQOh52hh40CWbGajDyczImzbGgQ7ga3Cm/
Z9x1zKhBtDVAkpmNXqqgRgMI0JSyZnW/wWD91X8IfO3m8Clqu8raLGverCDyVgwb
HIk/jEOkzr3Al3CTBgtSUKPXLgwGvuCKjaX9T33rCAhPlu2oMH0lQkdob1N+l23H
4XXhU0nYfcl8Og==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:59:33 2026 by rpki-client