Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: p3tPF9E7wuEsYSg5DjrsQJNWQVo9KEpgMIzR3IIIlcc=
Subject key identifier: 33:F4:66:F4:54:F7:99:3D:20:1B:58:49:17:69:6F:88:7F:F6:64:17
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019A500707F96DA2F718DD91E554600A4713
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0C54
Signing time: Tue 04 Nov 2025 18:00:29 +0000
Manifest this update: Tue 04 Nov 2025 18:00:29 +0000
Manifest next update: Wed 05 Nov 2025 18:00:29 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: Jem7EBClRu+IO/20mXN9Eoph4sflZxwEOskgka+RVR4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:07:f9:6d:a2:f7:18:dd:91:e5:54:60:0a:47:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Nov 4 18:00:29 2025 GMT
Not After : Nov 5 18:00:29 2025 GMT
Subject: CN=33f466f454f7993d201b584917696f887ff66417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5d:8a:a6:bd:cc:fe:11:6e:c3:97:9c:84:86:
b4:62:33:2a:b7:cf:c5:7c:d6:bf:8f:25:c2:b8:4b:
26:3e:6a:80:df:34:25:6f:f0:60:00:77:11:f1:fb:
58:bd:ea:3f:d2:3b:f8:d6:f5:89:7b:29:8d:ca:a5:
2a:9f:03:1a:bc:6e:1c:75:51:ea:72:36:c5:f5:ae:
19:d6:f8:55:03:07:6f:97:7c:36:a9:10:c7:9b:c3:
08:9b:67:07:21:83:a2:0d:ea:67:a7:c9:71:5a:62:
b1:b2:5b:83:34:3a:3d:7d:03:14:f9:b4:c5:d7:75:
37:d4:34:07:f3:c5:88:44:50:53:6e:1a:62:81:77:
e7:be:b8:48:74:ae:0b:ce:e0:8e:94:f1:14:70:3d:
1d:dd:ab:d0:db:5f:27:bb:f0:c3:ff:03:d2:72:50:
56:e6:d3:af:ae:5e:5a:e6:5c:62:73:66:d9:dd:1d:
0f:88:23:70:9c:22:17:55:08:74:8d:bb:65:d6:c0:
65:ae:bb:fd:88:12:96:36:5b:e1:a2:4f:ab:e5:d2:
32:bc:be:4b:d5:e1:3f:c0:f8:2d:f7:37:f4:0e:29:
16:0d:44:89:52:8a:7d:e3:0b:10:59:0b:fe:ea:84:
06:fb:77:02:f1:2c:3d:86:69:34:58:5a:37:80:02:
03:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F4:66:F4:54:F7:99:3D:20:1B:58:49:17:69:6F:88:7F:F6:64:17
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:14:ef:34:1b:fb:b3:67:de:b3:67:33:b7:8e:c5:f0:55:04:
5c:23:48:15:12:6a:a4:86:96:c8:1e:53:d7:ac:ea:66:30:62:
eb:64:d3:7d:9b:c3:47:02:25:03:64:6a:8f:e1:5a:7b:b8:07:
13:a3:f9:a5:a0:93:4b:54:29:c1:e6:2e:f1:92:e6:1f:ef:1b:
10:f3:26:b4:f6:ba:f7:7f:9e:46:af:8c:be:49:03:02:eb:13:
87:9d:a0:bc:61:b3:26:08:47:2e:7d:c4:26:6c:c9:90:22:34:
f6:b7:9a:ba:c5:eb:f9:66:d3:a3:41:f4:21:68:02:c3:61:6a:
de:94:d8:b0:1a:01:ed:86:f3:96:7c:2a:3e:62:0c:3e:8c:e7:
21:04:38:87:02:be:28:26:dd:9f:67:4a:85:22:2c:8e:26:7a:
6e:21:cb:5d:fd:3e:b9:e8:35:d9:f7:9e:89:c1:4b:61:49:e3:
e2:45:77:3a:a2:17:8e:6d:a9:58:c1:0a:2d:f3:b5:de:51:bf:
7f:f6:0c:0b:4b:64:7a:29:3d:ef:b7:7f:1e:f4:d9:52:f5:1f:
8d:cf:35:e5:33:ab:1c:71:48:b6:b5:01:e5:0e:46:90:7d:85:
6a:90:dc:c9:da:a7:02:80:3e:37:b8:e2:2f:5e:3d:98:86:e0:
7e:91:65:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQBwf5baL3GN2R5VRgCkcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUxMTA0MTgwMDI5WhcNMjUxMTA1MTgwMDI5WjAzMTEwLwYDVQQD
EygzM2Y0NjZmNDU0Zjc5OTNkMjAxYjU4NDkxNzY5NmY4ODdmZjY2NDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF2Kpr3M/hFuw5echIa0YjMqt8/F
fNa/jyXCuEsmPmqA3zQlb/BgAHcR8ftYveo/0jv41vWJeymNyqUqnwMavG4cdVHq
cjbF9a4Z1vhVAwdvl3w2qRDHm8MIm2cHIYOiDepnp8lxWmKxsluDNDo9fQMU+bTF
13U31DQH88WIRFBTbhpigXfnvrhIdK4LzuCOlPEUcD0d3avQ218nu/DD/wPSclBW
5tOvrl5a5lxic2bZ3R0PiCNwnCIXVQh0jbtl1sBlrrv9iBKWNlvhok+r5dIyvL5L
1eE/wPgt9zf0DikWDUSJUop94wsQWQv+6oQG+3cC8Sw9hmk0WFo3gAID2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDP0ZvRU95k9IBtYSRdpb4h/9mQXMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARTvNBv7
s2fes2czt47F8FUEXCNIFRJqpIaWyB5T16zqZjBi62TTfZvDRwIlA2Rqj+Fae7gH
E6P5paCTS1QpweYu8ZLmH+8bEPMmtPa693+eRq+MvkkDAusTh52gvGGzJghHLn3E
JmzJkCI09reausXr+WbTo0H0IWgCw2Fq3pTYsBoB7YbzlnwqPmIMPoznIQQ4hwK+
KCbdn2dKhSIsjiZ6biHLXf0+ueg12feeicFLYUnj4kV3OqIXjm2pWMEKLfO13lG/
f/YMC0tkeik977d/HvTZUvUfjc815TOrHHFItrUB5Q5GkH2FapDcydqnAoA+N7ji
L149mIbgfpFlVw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:04:05 2025 by rpki-client