Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: op9kX5UkWMlQCR5ncDpDc1rERv4ZiTjbkeQn0cFqcb0=
Subject key identifier: 4F:FA:8D:2B:7F:07:8E:65:C0:7E:16:60:75:AF:42:F7:6D:1C:77:69
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019D37F75CFC974D7C2C7FF04DB140191F9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 0594
Signing time: Sun 29 Mar 2026 05:00:51 +0000
Manifest this update: Sun 29 Mar 2026 05:00:51 +0000
Manifest next update: Mon 30 Mar 2026 05:00:51 +0000
Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: 2kYE0d4k8bSXbaiWxD9YJIhNxIRbW2xottjjOmWZIZo=)
2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:5c:fc:97:4d:7c:2c:7f:f0:4d:b1:40:19:1f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Mar 29 05:00:51 2026 GMT
Not After : Mar 30 05:00:51 2026 GMT
Subject: CN=4ffa8d2b7f078e65c07e166075af42f76d1c7769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:68:b5:32:8d:a1:cc:6a:73:bc:0d:59:ae:64:
5e:ee:48:2e:83:3a:00:47:ba:84:0e:a7:7a:40:7e:
08:42:93:47:43:11:ad:d7:e2:26:88:c6:8f:39:4a:
cb:80:20:fb:3b:31:f8:f6:5c:8d:34:05:c3:12:db:
d3:36:73:76:14:fb:83:2a:c3:75:92:e2:5d:69:d4:
ea:c4:79:0b:bd:55:b0:5d:cc:4c:25:67:4c:e1:8f:
52:fd:91:50:15:ad:61:3a:0c:2b:c1:8c:e1:e3:f4:
6b:ad:85:1b:24:ea:4d:54:a0:c3:2c:53:af:13:84:
9b:d3:d4:a7:b3:1d:8e:8c:ab:91:99:12:3a:2d:b1:
94:ce:67:d4:8f:de:d1:05:20:b9:75:48:4f:89:0e:
f8:ea:f8:54:2f:01:b6:ee:19:89:2b:17:3c:49:8b:
98:e4:15:a1:96:bd:95:36:1a:aa:0a:52:84:b5:65:
f6:f7:82:63:cb:ce:eb:e5:15:68:35:7b:b2:2b:cc:
4b:ec:cd:e3:44:ad:ea:e9:2a:ac:56:e6:19:8b:4a:
09:e4:4d:c5:b4:cc:f7:01:14:0a:a3:1e:4e:0d:7c:
8e:23:13:aa:97:44:a7:18:f7:f3:21:00:1a:90:07:
17:0e:85:38:32:02:4d:14:6e:94:54:ba:9b:ce:66:
75:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FA:8D:2B:7F:07:8E:65:C0:7E:16:60:75:AF:42:F7:6D:1C:77:69
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:8a:84:4c:a5:97:66:88:ac:5d:b1:1f:4c:e3:00:9d:65:4c:
24:d1:f5:cb:d2:de:33:0e:cf:54:65:14:9e:c8:eb:73:c8:b8:
67:1f:9e:87:b8:91:ef:8f:c4:a9:78:b7:8e:ce:71:4d:f7:fb:
ad:c1:53:c9:f0:87:79:40:9e:fa:76:3e:1d:ff:4a:41:c2:28:
b6:60:0a:34:fb:89:22:a0:d2:91:4d:10:44:38:a5:4f:b8:32:
7c:a8:aa:c8:17:67:99:80:1e:dd:2e:b5:8c:a8:8f:b4:d0:c1:
1f:9d:80:52:ea:cb:97:59:e5:27:a7:2c:50:2f:6f:0c:8c:95:
2f:3b:7a:d0:76:4d:09:cd:73:0f:de:db:b4:f5:13:fc:31:9b:
95:8c:43:75:f0:b1:a7:38:00:3e:5d:fc:e1:28:36:0d:db:24:
09:9c:84:a1:a1:11:a8:c8:f5:a7:74:f5:fd:89:34:bb:6e:e4:
cc:38:90:3c:de:c5:df:09:1a:4a:44:e0:1b:c5:44:b7:ee:02:
cb:b2:e1:06:83:50:07:88:e4:16:57:55:2f:98:fe:e7:69:83:
64:46:05:94:2c:0e:d1:3f:31:46:b5:4c:0e:c2:73:1c:7c:28:
74:08:99:f5:ae:14:72:d6:e2:b5:27:97:27:fb:ca:98:dc:5d:
60:1a:5b:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0391z8l018LH/wTbFAGR+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjYwMzI5MDUwMDUxWhcNMjYwMzMwMDUwMDUxWjAzMTEwLwYDVQQD
Eyg0ZmZhOGQyYjdmMDc4ZTY1YzA3ZTE2NjA3NWFmNDJmNzZkMWM3NzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gi1Mo2hzGpzvA1ZrmRe7kgugzoA
R7qEDqd6QH4IQpNHQxGt1+ImiMaPOUrLgCD7OzH49lyNNAXDEtvTNnN2FPuDKsN1
kuJdadTqxHkLvVWwXcxMJWdM4Y9S/ZFQFa1hOgwrwYzh4/RrrYUbJOpNVKDDLFOv
E4Sb09Snsx2OjKuRmRI6LbGUzmfUj97RBSC5dUhPiQ746vhULwG27hmJKxc8SYuY
5BWhlr2VNhqqClKEtWX294Jjy87r5RVoNXuyK8xL7M3jRK3q6SqsVuYZi0oJ5E3F
tMz3ARQKox5ODXyOIxOql0SnGPfzIQAakAcXDoU4MgJNFG6UVLqbzmZ1JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/6jSt/B45lwH4WYHWvQvdtHHdpMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnoqETKWX
ZoisXbEfTOMAnWVMJNH1y9LeMw7PVGUUnsjrc8i4Zx+eh7iR74/EqXi3js5xTff7
rcFTyfCHeUCe+nY+Hf9KQcIotmAKNPuJIqDSkU0QRDilT7gyfKiqyBdnmYAe3S61
jKiPtNDBH52AUurLl1nlJ6csUC9vDIyVLzt60HZNCc1zD97btPUT/DGblYxDdfCx
pzgAPl384Sg2DdskCZyEoaERqMj1p3T1/Yk0u27kzDiQPN7F3wkaSkTgG8VEt+4C
y7LhBoNQB4jkFldVL5j+52mDZEYFlCwO0T8xRrVMDsJzHHwodAiZ9a4UctbitSeX
J/vKmNxdYBpbwQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:28 2026 by rpki-client