Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: xhSoJ5oayFHBY5guNNjL5sSr3hSy0URGi8bx3cMSkpo=
Subject key identifier: A1:D8:99:73:66:F6:8A:8A:E2:EC:B3:56:50:35:C8:03:37:21:AB:75
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019D97E17F58E8D4A633B4422F0B17852758
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0E07
Signing time: Thu 16 Apr 2026 20:00:30 +0000
Manifest this update: Thu 16 Apr 2026 20:00:30 +0000
Manifest next update: Fri 17 Apr 2026 20:00:30 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: 3yhpCK0qt74e6B6vU/zWz8zTmkVoBrfwpm65OWSP0zY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:e1:7f:58:e8:d4:a6:33:b4:42:2f:0b:17:85:27:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Apr 16 20:00:30 2026 GMT
Not After : Apr 17 20:00:30 2026 GMT
Subject: CN=a1d8997366f68a8ae2ecb3565035c8033721ab75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:f2:ad:04:d9:68:8e:93:b4:49:fc:e6:ec:
8e:1b:09:e1:02:52:58:2d:d2:e0:6b:48:fa:e8:45:
8e:74:6a:8a:8e:66:5e:f9:de:1f:19:58:75:11:c7:
41:b1:83:37:76:f9:6f:62:f4:75:70:37:12:4b:12:
f9:61:26:a1:87:3f:0d:1a:c2:24:9d:49:52:c3:e1:
39:1e:f8:df:63:86:83:bc:a1:0f:68:d9:3f:0a:c3:
98:65:3e:79:bd:c8:ef:37:5a:6e:d1:a7:82:19:34:
eb:cb:ab:b4:6d:78:4c:d5:f1:ac:c1:88:fa:48:41:
12:85:cb:ef:4b:d3:a7:f9:8f:06:1f:4e:15:35:33:
d5:d4:f0:82:8c:5f:2f:e3:ea:99:52:34:0f:81:55:
3d:7f:65:a2:da:8b:cf:b3:b8:e4:e0:8e:27:bb:d5:
fe:cb:ac:06:4d:2f:f9:1f:a1:66:0c:f4:07:4a:c6:
74:cc:ba:4d:b7:34:1c:8d:28:d6:1b:25:55:a7:23:
85:a5:40:5b:da:5b:6e:29:0d:64:4f:64:1b:94:96:
87:82:d1:6b:04:74:43:4e:0f:87:df:28:6b:55:4b:
1d:69:bc:67:52:1c:df:f1:69:6e:da:06:b2:f3:51:
63:83:3c:7b:92:72:1e:c2:e5:f6:9f:da:7d:62:5b:
da:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D8:99:73:66:F6:8A:8A:E2:EC:B3:56:50:35:C8:03:37:21:AB:75
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:49:fc:2f:8e:1c:b4:6f:63:f7:c7:3d:ff:53:ed:5a:b6:0a:
c2:6f:27:62:42:8f:ff:dd:e6:37:f2:99:e3:13:23:9a:fe:de:
90:11:dd:2d:45:76:8d:96:25:f7:ef:6e:b7:d8:26:e7:82:ab:
78:bb:1d:c0:c5:47:41:27:e0:65:ff:c8:0f:b6:c5:44:b8:90:
1a:5f:ba:19:98:09:05:28:c4:d1:61:df:75:7b:1a:54:7a:83:
05:d9:ff:aa:a3:a9:ae:ac:01:1b:cd:73:a8:da:a6:48:7a:02:
fa:78:8b:46:2e:de:66:95:f5:f7:9a:bb:05:a1:14:61:c8:2a:
3c:48:c2:54:df:6d:34:5f:72:dd:81:e6:6b:f4:ef:5c:74:5c:
e7:48:cb:61:30:f6:a8:c6:b3:42:d6:a0:6c:c5:8d:52:c4:15:
94:f7:65:50:96:a6:b9:a2:db:83:82:b0:64:32:29:8c:c7:91:
e1:df:3f:a8:fe:aa:b4:5a:9d:7a:fa:8d:5f:69:9d:53:98:18:
e3:c2:c9:ec:0c:37:6a:92:bb:ea:7f:07:b7:14:7e:62:55:2b:
4e:ca:1d:8d:29:66:82:ef:ce:68:af:d2:95:f7:c7:05:97:34:
81:d3:cd:31:3c:3a:86:e9:fa:c2:ef:2c:73:0b:4c:36:4b:7a:
01:da:28:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4X9Y6NSmM7RCLwsXhSdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwNDE2MjAwMDMwWhcNMjYwNDE3MjAwMDMwWjAzMTEwLwYDVQQD
EyhhMWQ4OTk3MzY2ZjY4YThhZTJlY2IzNTY1MDM1YzgwMzM3MjFhYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6/yrQTZaI6TtEn85uyOGwnhAlJY
LdLga0j66EWOdGqKjmZe+d4fGVh1EcdBsYM3dvlvYvR1cDcSSxL5YSahhz8NGsIk
nUlSw+E5HvjfY4aDvKEPaNk/CsOYZT55vcjvN1pu0aeCGTTry6u0bXhM1fGswYj6
SEEShcvvS9On+Y8GH04VNTPV1PCCjF8v4+qZUjQPgVU9f2Wi2ovPs7jk4I4nu9X+
y6wGTS/5H6FmDPQHSsZ0zLpNtzQcjSjWGyVVpyOFpUBb2ltuKQ1kT2QblJaHgtFr
BHRDTg+H3yhrVUsdabxnUhzf8Wlu2gay81Fjgzx7knIewuX2n9p9YlvaxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHYmXNm9oqK4uyzVlA1yAM3Iat1MB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI0n8L44c
tG9j98c9/1PtWrYKwm8nYkKP/93mN/KZ4xMjmv7ekBHdLUV2jZYl9+9ut9gm54Kr
eLsdwMVHQSfgZf/ID7bFRLiQGl+6GZgJBSjE0WHfdXsaVHqDBdn/qqOprqwBG81z
qNqmSHoC+niLRi7eZpX195q7BaEUYcgqPEjCVN9tNF9y3YHma/TvXHRc50jLYTD2
qMazQtagbMWNUsQVlPdlUJamuaLbg4KwZDIpjMeR4d8/qP6qtFqdevqNX2mdU5gY
48LJ7Aw3apK76n8HtxR+YlUrTsodjSlmgu/OaK/SlffHBZc0gdPNMTw6hun6wu8s
cwtMNkt6AdooVQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:54:44 2026 by rpki-client