Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: 4VeWF3YuRuCtJoom9qTcfish95dFOLJTbMePrlL/h18=
Subject key identifier: 2F:B7:6A:CF:0A:74:98:8A:A7:F9:09:76:0B:C0:09:11:AB:A1:34:3E
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019EC337CD1A5176FA43093E2FBE0A9477F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0EA2
Signing time: Sat 13 Jun 2026 23:01:14 +0000
Manifest this update: Sat 13 Jun 2026 23:01:14 +0000
Manifest next update: Sun 14 Jun 2026 23:01:14 +0000
Files and hashes: 1: H3RmjMDhi-VIQKw953O9EUU-NrU.roa (hash: u8dYTQtYNEtT+hfaZbOUxQvhTTWTaktw3famZ+VPWSU=)
2: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (hash: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: D6ppncXNtokVeXy3q1+NdDXX/d8SunSebUE4rGW/Kuk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c3:37:cd:1a:51:76:fa:43:09:3e:2f:be:0a:94:77:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Jun 13 23:01:14 2026 GMT
Not After : Jun 14 23:01:14 2026 GMT
Subject: CN=2fb76acf0a74988aa7f909760bc00911aba1343e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a0:88:ab:ce:a0:40:82:af:6d:91:8d:d8:a2:
a5:c2:80:39:46:23:07:19:22:ab:78:6f:f9:8a:de:
7c:94:e3:7d:60:14:c0:b0:4d:16:69:13:d7:0a:f3:
2f:a1:f3:75:4b:57:66:b0:bf:27:5a:a3:b8:32:0a:
bd:2f:40:0e:e8:cd:9c:c1:b1:c5:4f:a9:a0:5f:0a:
5d:8a:b1:d0:bb:12:e5:16:5b:b4:18:1c:aa:e8:b4:
6e:33:87:80:f7:f9:35:09:ef:26:45:c5:55:db:07:
3f:be:ba:29:16:e1:4a:81:8d:fa:f9:b7:72:24:0e:
dc:3a:0f:5d:94:7c:ab:5a:6d:c8:1f:94:f3:98:d8:
39:ee:dd:c0:3b:cb:93:d4:17:97:85:9a:01:11:52:
64:de:3c:79:23:37:51:d6:31:e1:f0:07:7c:f7:16:
1e:a6:22:0c:51:f1:f8:79:b8:68:db:e3:b4:04:2b:
03:4b:f4:9c:ce:f3:02:4a:a0:d5:e1:91:e7:72:7f:
2d:4d:bf:0b:7f:8d:d5:dd:df:08:14:20:f7:30:44:
2d:ae:13:fb:fe:b8:d7:a9:5c:17:d2:08:3e:2f:cc:
f7:24:3a:48:80:8d:38:9b:a1:db:4e:ed:42:7e:07:
c7:ed:ac:dc:b3:29:6d:2a:52:70:32:f8:56:84:77:
3a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B7:6A:CF:0A:74:98:8A:A7:F9:09:76:0B:C0:09:11:AB:A1:34:3E
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:41:bc:97:37:ad:06:1c:e7:02:f9:02:8f:4b:01:21:c8:06:
a3:85:fb:e1:b7:32:31:e2:b3:82:20:be:75:b2:25:b2:91:06:
e4:74:5b:8f:2e:23:45:60:7b:12:55:24:5a:45:ac:8e:4c:a3:
be:49:af:c0:50:76:c3:2c:e9:4b:24:92:5d:6d:12:bc:1a:99:
7f:b1:76:23:90:3f:51:4f:7e:e5:37:6a:5d:28:fc:2c:fb:dc:
b8:45:27:8a:ab:cf:71:12:82:ed:70:0f:1c:03:7e:43:df:cc:
d7:bf:d8:be:ce:46:97:f7:2c:0d:63:c8:f2:ce:b9:52:32:c0:
03:a2:d0:77:34:03:65:11:b6:1a:68:8a:9a:81:d4:41:04:77:
a2:1e:50:9d:c2:eb:73:e2:7c:0d:9a:7f:08:b7:cc:de:41:09:
a2:61:18:ed:17:26:6a:5c:ee:a4:f5:58:d7:f8:b5:4a:44:a2:
4f:05:0c:5a:33:6d:f5:ef:3c:2a:8c:0e:ad:27:95:bf:fb:a7:
40:e6:4e:56:65:34:7b:8c:aa:13:3a:4d:ae:71:17:97:d8:02:
50:48:07:fe:b2:62:0a:90:f8:d9:30:da:07:99:6a:49:46:67:
af:44:9f:62:8d:3c:03:ec:5f:b5:f1:21:61:35:b2:b8:b4:51:
5d:0e:e1:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7DN80aUXb6Qwk+L74KlHf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjYwNjEzMjMwMTE0WhcNMjYwNjE0MjMwMTE0WjAzMTEwLwYDVQQD
EygyZmI3NmFjZjBhNzQ5ODhhYTdmOTA5NzYwYmMwMDkxMWFiYTEzNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaCIq86gQIKvbZGN2KKlwoA5RiMH
GSKreG/5it58lON9YBTAsE0WaRPXCvMvofN1S1dmsL8nWqO4Mgq9L0AO6M2cwbHF
T6mgXwpdirHQuxLlFlu0GByq6LRuM4eA9/k1Ce8mRcVV2wc/vropFuFKgY36+bdy
JA7cOg9dlHyrWm3IH5TzmNg57t3AO8uT1BeXhZoBEVJk3jx5IzdR1jHh8Ad89xYe
piIMUfH4ebho2+O0BCsDS/SczvMCSqDV4ZHncn8tTb8Lf43V3d8IFCD3MEQtrhP7
/rjXqVwX0gg+L8z3JDpIgI04m6HbTu1CfgfH7azcsyltKlJwMvhWhHc6OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+3as8KdJiKp/kJdgvACRGroTQ+MB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU0G8lzet
BhznAvkCj0sBIcgGo4X74bcyMeKzgiC+dbIlspEG5HRbjy4jRWB7ElUkWkWsjkyj
vkmvwFB2wyzpSySSXW0SvBqZf7F2I5A/UU9+5TdqXSj8LPvcuEUniqvPcRKC7XAP
HAN+Q9/M17/Yvs5Gl/csDWPI8s65UjLAA6LQdzQDZRG2GmiKmoHUQQR3oh5QncLr
c+J8DZp/CLfM3kEJomEY7RcmalzupPVY1/i1SkSiTwUMWjNt9e88KowOrSeVv/un
QOZOVmU0e4yqEzpNrnEXl9gCUEgH/rJiCpD42TDaB5lqSUZnr0SfYo08A+xftfEh
YTWyuLRRXQ7h0A==
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:51:43 2026 by rpki-client