Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: 9P+FPKVxSYEoAmN8IbGE5z/FBKH/G4z1elXr7HdB3H8=
Subject key identifier: 33:05:A1:D6:E3:E8:09:2D:D0:0D:41:CB:87:CC:74:FD:D5:1A:44:52
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019E3117328A0F2C8C626293686154E99BDE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 0615
Signing time: Sat 16 May 2026 14:01:04 +0000
Manifest this update: Sat 16 May 2026 14:01:04 +0000
Manifest next update: Sun 17 May 2026 14:01:04 +0000
Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: kY74V49SnKaC9kVvt5AjHBPS1oqdrTzPg5XkrAD8KTg=)
2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:31:17:32:8a:0f:2c:8c:62:62:93:68:61:54:e9:9b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: May 16 14:01:04 2026 GMT
Not After : May 17 14:01:04 2026 GMT
Subject: CN=3305a1d6e3e8092dd00d41cb87cc74fdd51a4452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b1:24:e0:92:4c:1f:47:39:09:ee:ab:ef:21:
56:95:98:17:15:52:7c:60:bf:73:00:b6:57:57:4f:
b8:89:37:50:a4:59:28:f2:bf:b8:e7:37:a8:56:28:
39:e2:58:42:fb:4d:20:6f:b6:5c:ec:98:82:fb:ab:
46:40:f8:39:ab:c6:25:55:4f:8b:77:5e:b9:12:be:
12:67:69:42:d5:7e:4b:38:d9:f0:e2:dd:dc:52:23:
9a:93:54:56:4e:26:d5:71:35:da:88:5b:b7:4b:1b:
b3:7c:c9:0a:a0:d5:a9:69:87:53:d9:bd:fd:94:31:
b8:06:19:fd:6d:89:c9:70:9f:df:ac:3d:2a:16:ce:
9b:31:79:84:8b:c3:fd:07:39:35:f1:76:dc:fb:77:
dc:82:81:f5:aa:88:56:da:7e:61:72:98:76:eb:fd:
af:4a:9d:86:8a:81:dd:24:a3:54:e6:2c:a9:d1:d8:
59:36:be:60:b6:90:5b:e4:2e:58:31:92:6d:64:85:
97:61:f2:81:43:2e:48:91:3d:d8:96:fc:be:21:ad:
d8:f8:8b:ff:79:c5:6f:f1:92:9a:2a:6d:63:aa:5f:
4f:47:c4:94:eb:3a:93:f8:bc:51:64:76:1f:31:4a:
33:50:c3:f0:6e:11:f1:e2:58:85:05:66:d4:e6:97:
f5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:05:A1:D6:E3:E8:09:2D:D0:0D:41:CB:87:CC:74:FD:D5:1A:44:52
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:3a:13:66:0b:cb:1c:35:05:c9:13:ba:09:51:04:c5:3d:a7:
6c:0d:e4:44:08:bf:14:83:54:dc:79:17:a1:a0:c1:de:70:4d:
20:0c:4b:6f:71:d0:27:8e:76:69:f8:89:6d:78:83:f1:a7:91:
6f:1d:3e:ca:7a:e1:01:7e:c2:68:c7:50:5b:93:ed:cf:78:53:
6e:e4:5e:03:b4:1f:f3:48:b1:55:47:6b:54:dc:5e:5f:2e:42:
44:34:3d:24:ec:48:02:5b:26:b3:9a:b8:56:3b:63:b0:7f:81:
9c:fc:79:da:a6:8d:95:96:ac:f9:5a:d8:66:60:59:cd:e8:7c:
27:07:d9:01:ad:d0:a1:40:4e:2a:be:17:db:9f:fe:35:56:98:
5c:dd:5a:7b:00:ac:db:b3:99:b7:2a:40:43:23:11:02:8b:48:
59:cb:1c:4c:3e:aa:43:95:32:0a:8b:e8:57:ae:04:61:2f:9c:
4c:97:32:27:9a:a0:10:ea:de:51:67:4d:3a:d1:65:08:72:25:
a0:b6:98:9a:74:17:93:6e:0e:a6:2f:34:2d:09:bc:ef:e7:69:
ef:08:68:1c:3e:fd:73:e4:96:80:36:86:89:79:39:7b:a3:cb:
50:f6:cc:37:ac:82:a2:82:09:55:62:2d:36:9f:90:2d:32:c6:
4d:2b:31:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xFzKKDyyMYmKTaGFU6ZveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjYwNTE2MTQwMTA0WhcNMjYwNTE3MTQwMTA0WjAzMTEwLwYDVQQD
EygzMzA1YTFkNmUzZTgwOTJkZDAwZDQxY2I4N2NjNzRmZGQ1MWE0NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbEk4JJMH0c5Ce6r7yFWlZgXFVJ8
YL9zALZXV0+4iTdQpFko8r+45zeoVig54lhC+00gb7Zc7JiC+6tGQPg5q8YlVU+L
d165Er4SZ2lC1X5LONnw4t3cUiOak1RWTibVcTXaiFu3SxuzfMkKoNWpaYdT2b39
lDG4Bhn9bYnJcJ/frD0qFs6bMXmEi8P9Bzk18Xbc+3fcgoH1qohW2n5hcph26/2v
Sp2GioHdJKNU5iyp0dhZNr5gtpBb5C5YMZJtZIWXYfKBQy5IkT3Ylvy+Ia3Y+Iv/
ecVv8ZKaKm1jql9PR8SU6zqT+LxRZHYfMUozUMPwbhHx4liFBWbU5pf1hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMFodbj6Akt0A1By4fMdP3VGkRSMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFToTZgvL
HDUFyRO6CVEExT2nbA3kRAi/FINU3HkXoaDB3nBNIAxLb3HQJ452afiJbXiD8aeR
bx0+ynrhAX7CaMdQW5Ptz3hTbuReA7Qf80ixVUdrVNxeXy5CRDQ9JOxIAlsms5q4
VjtjsH+BnPx52qaNlZas+VrYZmBZzeh8JwfZAa3QoUBOKr4X25/+NVaYXN1aewCs
27OZtypAQyMRAotIWcscTD6qQ5UyCovoV64EYS+cTJcyJ5qgEOreUWdNOtFlCHIl
oLaYmnQXk24Opi80LQm87+dp7whoHD79c+SWgDaGiXk5e6PLUPbMN6yCooIJVWIt
Np+QLTLGTSsxMQ==
-----END CERTIFICATE-----
Generated at Sat May 16 21:13:20 2026 by rpki-client