Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: ggIaq2JJ/Sg8+qV49cHEUeo4VEzJlSjg8+LumkCIb6Q=
Subject key identifier: 71:7A:6A:6C:1E:EC:61:B9:15:E2:58:4C:0F:FA:E4:74:23:9D:00:11
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 01987AC01613F1BFD19BAAED23D978D44336
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0B61
Signing time: Tue 05 Aug 2025 15:01:05 +0000
Manifest this update: Tue 05 Aug 2025 15:01:05 +0000
Manifest next update: Wed 06 Aug 2025 15:01:05 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: Ui9G8/bUwHN7dUtppgM8+gKTFhVkUlF2gWcpm5KMtjY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 15:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7a:c0:16:13:f1:bf:d1:9b:aa:ed:23:d9:78:d4:43:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Aug 5 15:01:05 2025 GMT
Not After : Aug 6 15:01:05 2025 GMT
Subject: CN=717a6a6c1eec61b915e2584c0ffae474239d0011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:32:08:3b:ed:5b:8d:14:ab:94:7e:da:ee:19:
9b:0f:ab:5b:0d:12:10:ee:d0:b8:d1:b2:8a:e4:3f:
ee:d2:4e:8e:7f:f4:af:f1:36:57:0a:d6:b9:c5:3b:
f9:7f:44:33:6d:31:f2:81:33:17:84:d4:82:39:5f:
13:c5:d9:20:65:11:16:73:3f:ed:e0:67:43:9f:26:
45:ff:5d:4a:15:73:fc:93:0a:1a:2b:c3:79:ea:5e:
09:13:7f:16:13:16:b5:d2:bb:cd:5d:db:69:78:a1:
dd:4a:2f:78:ab:3d:8c:c9:ac:90:e4:66:94:76:c5:
70:e5:92:20:ea:2f:be:83:2d:42:cf:0c:d0:0c:2d:
12:95:ec:14:40:1f:ca:e8:2a:cf:48:1c:37:19:7c:
45:72:e2:49:92:41:d5:9d:80:fe:a4:c9:56:c8:63:
96:a4:bd:a6:60:b7:9d:78:0d:59:07:77:63:eb:6c:
a4:d7:ba:d7:c8:f6:3a:cd:ea:c9:59:56:e0:33:75:
38:ea:21:7e:3d:a7:cd:e4:3e:81:d1:29:dd:3c:a9:
aa:24:4a:b6:35:e2:4b:3c:54:0f:2b:fd:fb:33:c0:
f9:72:70:7d:44:81:19:a1:46:b2:71:75:15:71:92:
68:74:5c:9d:ae:0b:da:b0:6e:c3:ac:be:ab:d2:00:
a5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7A:6A:6C:1E:EC:61:B9:15:E2:58:4C:0F:FA:E4:74:23:9D:00:11
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:d1:d1:77:c7:71:01:5c:8e:7d:62:c7:f3:86:c1:c9:f5:9b:
2a:4e:03:bc:98:c6:9d:2f:6f:84:84:7c:bb:f4:c5:00:b5:1f:
ee:4c:88:cf:fb:48:34:62:1a:39:66:48:01:ab:5d:67:c1:1a:
94:7a:84:15:1a:97:64:1b:ad:da:2a:7e:44:dd:d2:ea:f3:12:
79:46:05:fe:0a:09:9f:fd:e7:2e:05:c1:75:16:f3:cd:07:e8:
23:6d:11:af:55:39:a2:18:90:b1:b6:07:48:36:6b:d6:74:cd:
9d:11:6d:c6:8f:e6:46:ef:4f:04:a6:df:4b:37:6c:e6:fe:fd:
9c:aa:8e:f6:23:6f:f0:a6:9a:98:92:ed:6b:49:02:d2:69:e3:
24:37:a2:02:57:d5:31:ff:44:89:65:fc:d1:0d:9e:cf:50:28:
f9:2a:fb:8b:b7:34:01:0d:3d:75:47:be:55:87:3b:d4:4f:48:
32:b2:13:3a:94:6e:cb:cf:25:0b:f5:3e:2e:cd:4f:83:6e:b8:
32:6d:df:61:2b:c5:cc:fa:f2:c3:e9:4d:b1:b7:11:5d:81:21:
e1:ce:fc:12:8e:79:e7:32:29:cd:46:cb:f2:61:8b:eb:bb:3e:
40:df:1e:96:94:d8:86:e3:be:ae:13:d2:11:e7:94:83:ce:a8:
84:5c:e8:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6wBYT8b/Rm6rtI9l41EM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwODA1MTUwMTA1WhcNMjUwODA2MTUwMTA1WjAzMTEwLwYDVQQD
Eyg3MTdhNmE2YzFlZWM2MWI5MTVlMjU4NGMwZmZhZTQ3NDIzOWQwMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDIIO+1bjRSrlH7a7hmbD6tbDRIQ
7tC40bKK5D/u0k6Of/Sv8TZXCta5xTv5f0QzbTHygTMXhNSCOV8TxdkgZREWcz/t
4GdDnyZF/11KFXP8kwoaK8N56l4JE38WExa10rvNXdtpeKHdSi94qz2MyayQ5GaU
dsVw5ZIg6i++gy1CzwzQDC0SlewUQB/K6CrPSBw3GXxFcuJJkkHVnYD+pMlWyGOW
pL2mYLedeA1ZB3dj62yk17rXyPY6zerJWVbgM3U46iF+PafN5D6B0SndPKmqJEq2
NeJLPFQPK/37M8D5cnB9RIEZoUaycXUVcZJodFydrgvasG7DrL6r0gClkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHF6amwe7GG5FeJYTA/65HQjnQARMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsdHRd8dx
AVyOfWLH84bByfWbKk4DvJjGnS9vhIR8u/TFALUf7kyIz/tINGIaOWZIAatdZ8Ea
lHqEFRqXZBut2ip+RN3S6vMSeUYF/goJn/3nLgXBdRbzzQfoI20Rr1U5ohiQsbYH
SDZr1nTNnRFtxo/mRu9PBKbfSzds5v79nKqO9iNv8KaamJLta0kC0mnjJDeiAlfV
Mf9EiWX80Q2ez1Ao+Sr7i7c0AQ09dUe+VYc71E9IMrITOpRuy88lC/U+Ls1Pg264
Mm3fYSvFzPryw+lNsbcRXYEh4c78Eo555zIpzUbL8mGL67s+QN8elpTYhuO+rhPS
EeeUg86ohFzoXA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:54:21 2025 by rpki-client