Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: VvQAWDcfuFRPM92MUMPkk1UC/TVQDNT4R0fbppUfUBE=
Subject key identifier: D8:CF:17:B2:A3:18:00:63:4B:3F:C1:ED:C9:36:BF:E5:59:BB:85:14
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019F18D6EA2A6D02EC1F76EF698668D1A297
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 068D
Signing time: Tue 30 Jun 2026 14:02:45 +0000
Manifest this update: Tue 30 Jun 2026 14:02:45 +0000
Manifest next update: Wed 01 Jul 2026 14:02:45 +0000
Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: wPy8suIHEZyZ+Zfzljs045wPERVzJCXTfDibdvBV6bE=)
2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:d6:ea:2a:6d:02:ec:1f:76:ef:69:86:68:d1:a2:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Jun 30 14:02:45 2026 GMT
Not After : Jul 1 14:02:45 2026 GMT
Subject: CN=d8cf17b2a31800634b3fc1edc936bfe559bb8514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:75:34:4b:95:30:b0:3a:74:09:55:db:52:26:
00:b3:2e:a1:d2:e2:4d:d8:b4:b4:10:8c:fa:51:68:
45:e3:46:20:54:0e:81:ac:c3:9d:14:25:59:73:6b:
13:0f:6b:fe:a5:c8:5e:ad:61:c9:8c:d9:0a:1d:77:
db:13:e6:57:84:fa:1b:3c:58:98:1b:31:b8:1a:f3:
77:ff:96:b4:00:14:1c:f7:b2:b7:31:e6:67:24:ee:
3e:05:cc:f9:f6:c3:ee:df:91:db:e1:c6:d6:d5:b9:
2d:f5:d5:b7:43:e7:28:25:73:7f:b3:70:4e:dd:8a:
5a:0d:58:68:42:6c:6d:16:2a:12:4f:b2:bd:60:c3:
ec:d8:4f:e8:3f:6a:25:d6:3d:e6:76:27:6e:8f:6e:
2c:c3:7c:7f:d1:9b:b7:16:71:13:4f:e3:29:e9:37:
78:04:b1:da:14:f2:f9:5f:e5:66:36:7f:20:80:ca:
ff:da:1d:91:b8:10:05:23:ca:1e:1b:13:56:e7:5d:
bb:be:d1:07:f1:aa:95:6c:56:94:75:90:55:c4:9f:
e2:9e:ed:79:08:bf:ff:56:a0:74:17:a3:37:5d:49:
5b:66:e9:c4:c1:0e:97:47:9d:f7:c2:02:dd:4e:08:
41:42:86:c0:04:2f:77:15:93:42:59:b2:43:11:d8:
0a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CF:17:B2:A3:18:00:63:4B:3F:C1:ED:C9:36:BF:E5:59:BB:85:14
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:74:d6:dd:33:e9:cf:26:42:16:0a:1a:1c:09:26:b6:19:49:
73:a7:b2:1c:50:4c:bf:23:a0:4e:a7:41:80:40:2d:75:5a:b4:
3a:2c:f4:9f:b0:67:71:fe:32:74:7b:87:0d:20:b2:b9:ae:7a:
ec:63:c7:95:ea:e3:5c:25:8d:ac:f4:be:48:8c:26:37:98:b7:
8b:3a:ae:4d:81:75:c5:ca:43:2e:2d:a4:45:54:62:5a:a2:25:
08:df:45:bd:20:68:27:40:2e:8c:92:e1:78:49:f6:a3:5b:cc:
ad:87:91:5a:f7:33:28:a6:97:36:1a:cc:81:78:62:f2:a9:d7:
ba:fc:6f:b9:a7:a1:83:72:04:e8:6f:6a:41:1a:63:72:b2:f7:
7a:87:62:73:d0:21:83:19:07:49:a1:47:e3:5c:15:34:83:59:
70:88:17:25:51:1e:32:bf:8b:3d:ac:f7:dd:bb:17:69:ae:02:
6c:ba:12:6a:ab:6a:ee:01:6a:70:bb:74:68:2d:38:2f:99:b8:
42:25:df:f4:6f:02:35:ff:7c:c2:87:e3:2d:2a:50:90:8d:45:
8c:d3:b2:2b:f1:c1:8a:e6:e8:f2:01:63:21:45:9b:13:75:5a:
f7:33:cb:eb:c0:9e:af:73:7b:f3:ff:77:c2:f0:71:86:d9:d2:
9e:a8:27:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Y1uoqbQLsH3bvaYZo0aKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjYwNjMwMTQwMjQ1WhcNMjYwNzAxMTQwMjQ1WjAzMTEwLwYDVQQD
EyhkOGNmMTdiMmEzMTgwMDYzNGIzZmMxZWRjOTM2YmZlNTU5YmI4NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43U0S5UwsDp0CVXbUiYAsy6h0uJN
2LS0EIz6UWhF40YgVA6BrMOdFCVZc2sTD2v+pcherWHJjNkKHXfbE+ZXhPobPFiY
GzG4GvN3/5a0ABQc97K3MeZnJO4+Bcz59sPu35Hb4cbW1bkt9dW3Q+coJXN/s3BO
3YpaDVhoQmxtFioST7K9YMPs2E/oP2ol1j3mdiduj24sw3x/0Zu3FnETT+Mp6Td4
BLHaFPL5X+VmNn8ggMr/2h2RuBAFI8oeGxNW5127vtEH8aqVbFaUdZBVxJ/inu15
CL//VqB0F6M3XUlbZunEwQ6XR533wgLdTghBQobABC93FZNCWbJDEdgKXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjPF7KjGABjSz/B7ck2v+VZu4UUMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgHTW3TPp
zyZCFgoaHAkmthlJc6eyHFBMvyOgTqdBgEAtdVq0Oiz0n7Bncf4ydHuHDSCyua56
7GPHlerjXCWNrPS+SIwmN5i3izquTYF1xcpDLi2kRVRiWqIlCN9FvSBoJ0AujJLh
eEn2o1vMrYeRWvczKKaXNhrMgXhi8qnXuvxvuaehg3IE6G9qQRpjcrL3eodic9Ah
gxkHSaFH41wVNINZcIgXJVEeMr+LPaz33bsXaa4CbLoSaqtq7gFqcLt0aC04L5m4
QiXf9G8CNf98wofjLSpQkI1FjNOyK/HBiubo8gFjIUWbE3Va9zPL68Cer3N78/93
wvBxhtnSnqgnOA==
-----END CERTIFICATE-----
Generated at Tue Jun 30 22:42:39 2026 by rpki-client