Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: mMfUvgwqkPQSNdDz42/DUJV24P5RwmfDq4N+uDwgfX0=
Subject key identifier: 6D:9D:DA:4A:C8:88:62:A1:CD:1E:58:E8:4B:3A:A8:14:5F:A8:85:50
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019CAC46F1A5EE39607B40A935783046AEB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0D8D
Signing time: Mon 02 Mar 2026 02:00:56 +0000
Manifest this update: Mon 02 Mar 2026 02:00:56 +0000
Manifest next update: Tue 03 Mar 2026 02:00:56 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: 6lURaUH1SJIrLwqh8f2P3y67QSLRikzQK5ZZ05Y6VTY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:f1:a5:ee:39:60:7b:40:a9:35:78:30:46:ae:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Mar 2 02:00:56 2026 GMT
Not After : Mar 3 02:00:56 2026 GMT
Subject: CN=6d9dda4ac88862a1cd1e58e84b3aa8145fa88550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4f:ae:11:d9:59:cd:33:9a:2c:28:9d:cb:27:
46:d8:3c:23:ed:f0:3a:5e:27:4e:af:70:c0:e9:c3:
82:f4:ac:32:17:03:07:d1:5a:20:ba:3b:7d:ef:2f:
3f:4e:ad:77:e7:62:8e:b9:d2:7f:63:2b:cf:38:9a:
61:37:e5:93:86:2f:19:d4:02:50:97:62:46:e8:fb:
72:af:9f:46:5e:af:de:ca:64:b3:fa:05:4a:df:5c:
54:cd:3b:b4:70:70:71:d4:bc:fb:0e:d1:de:0b:05:
c0:8c:2e:9c:78:1a:0d:13:37:2e:c5:69:08:6b:fb:
81:b8:fd:93:da:82:de:9e:44:84:5e:17:96:35:5d:
db:a9:76:9c:ab:89:5e:31:37:ba:e6:80:7f:9b:c2:
11:97:52:d1:d8:04:56:f1:6d:6d:85:e2:36:55:5f:
4c:d1:26:74:0b:f9:f8:55:83:de:f6:e3:a8:c3:49:
7a:d4:a8:0d:ac:89:8c:94:5e:3d:21:45:a5:82:cd:
be:d7:bd:f9:e2:6f:ef:3a:cf:23:dd:c0:cc:bf:de:
39:3e:43:59:7e:5f:a8:04:1d:72:2e:1a:8c:b6:5b:
9e:9c:c9:97:c9:15:c4:e2:03:5c:1a:f3:22:1b:28:
26:7a:a8:f6:e9:ea:ef:9e:24:87:9c:55:09:45:8f:
27:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9D:DA:4A:C8:88:62:A1:CD:1E:58:E8:4B:3A:A8:14:5F:A8:85:50
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:80:52:49:65:57:f6:ed:c5:e8:5d:0a:0c:0b:b4:94:98:8e:
73:a3:5f:68:3c:ac:90:75:96:bc:64:e9:61:76:b2:7d:68:51:
f0:57:13:48:33:84:3f:2a:df:70:82:58:cc:f2:34:a2:9c:ab:
7e:fd:df:32:56:74:0e:6f:31:3e:ad:0b:2f:17:53:7d:d6:df:
da:f6:f1:f9:3c:f9:50:f8:3d:2d:cc:80:a4:2e:49:1c:d2:78:
bd:44:89:99:e0:5c:a9:fa:21:b3:37:c2:e0:83:c8:30:fb:25:
33:d4:ae:5f:11:c2:72:01:28:7f:f6:f0:e1:60:45:59:49:e0:
56:40:58:4f:1c:a1:6d:aa:5e:39:57:c6:71:f4:04:14:44:8d:
a6:ca:f2:de:08:1c:86:c2:80:39:68:b7:a8:92:a7:92:14:4b:
b1:9f:d3:a0:e6:f5:43:d5:20:27:33:13:c9:cb:59:54:e7:22:
d4:8f:7a:f9:9e:3c:60:aa:ca:21:5a:b5:f0:06:ff:48:4e:53:
75:98:49:eb:16:66:b2:93:9e:41:57:b1:44:00:2a:76:2d:ef:
8e:dc:b7:90:22:4e:fe:27:91:3c:16:3b:3d:6e:f1:6a:09:82:
2d:e3:ab:ba:69:0b:25:67:3a:d1:51:9a:93:e1:25:66:03:04:
78:61:41:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRvGl7jlge0CpNXgwRq6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwMzAyMDIwMDU2WhcNMjYwMzAzMDIwMDU2WjAzMTEwLwYDVQQD
Eyg2ZDlkZGE0YWM4ODg2MmExY2QxZTU4ZTg0YjNhYTgxNDVmYTg4NTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU+uEdlZzTOaLCidyydG2Dwj7fA6
XidOr3DA6cOC9KwyFwMH0Vogujt97y8/Tq1352KOudJ/YyvPOJphN+WThi8Z1AJQ
l2JG6Ptyr59GXq/eymSz+gVK31xUzTu0cHBx1Lz7DtHeCwXAjC6ceBoNEzcuxWkI
a/uBuP2T2oLenkSEXheWNV3bqXacq4leMTe65oB/m8IRl1LR2ARW8W1theI2VV9M
0SZ0C/n4VYPe9uOow0l61KgNrImMlF49IUWlgs2+17354m/vOs8j3cDMv945PkNZ
fl+oBB1yLhqMtluenMmXyRXE4gNcGvMiGygmeqj26ervniSHnFUJRY8ncwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2d2krIiGKhzR5Y6Es6qBRfqIVQMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIBSSWVX
9u3F6F0KDAu0lJiOc6NfaDyskHWWvGTpYXayfWhR8FcTSDOEPyrfcIJYzPI0opyr
fv3fMlZ0Dm8xPq0LLxdTfdbf2vbx+Tz5UPg9LcyApC5JHNJ4vUSJmeBcqfohszfC
4IPIMPslM9SuXxHCcgEof/bw4WBFWUngVkBYTxyhbapeOVfGcfQEFESNpsry3ggc
hsKAOWi3qJKnkhRLsZ/ToOb1Q9UgJzMTyctZVOci1I96+Z48YKrKIVq18Ab/SE5T
dZhJ6xZmspOeQVexRAAqdi3vjty3kCJO/ieRPBY7PW7xagmCLeOrumkLJWc60VGa
k+ElZgMEeGFB+Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:13:47 2026 by rpki-client