Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: LSBg7axqhGcmCrbE+doo6e+hDfTGLDH6w3p0I5VQJrM=
Subject key identifier: 0F:F3:E1:3D:E1:E4:6E:76:88:94:12:49:DB:E5:F4:73:D3:A2:47:56
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019CA97D754706A4E3A994F99DA8029CA071
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0F2C
Signing time: Sun 01 Mar 2026 13:01:37 +0000
Manifest this update: Sun 01 Mar 2026 13:01:37 +0000
Manifest next update: Mon 02 Mar 2026 13:01:37 +0000
Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: lz4VrS8fpb46k575WTqFOsrjLcOhiBOAqpzbe8mzE0A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:7d:75:47:06:a4:e3:a9:94:f9:9d:a8:02:9c:a0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Mar 1 13:01:37 2026 GMT
Not After : Mar 2 13:01:37 2026 GMT
Subject: CN=0ff3e13de1e46e7688941249dbe5f473d3a24756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8e:9e:89:6b:c8:fc:fc:67:05:f4:91:1e:5e:
11:ed:98:79:41:9d:83:34:bc:08:d9:d3:82:44:2d:
8a:68:12:c0:f3:24:61:96:d8:fc:be:45:74:6d:ae:
29:06:31:6d:05:76:f9:aa:01:95:c8:a2:2f:c1:30:
47:1b:dc:60:4c:f7:50:b7:57:c0:07:73:38:00:9a:
c1:06:f3:ba:4b:62:be:6e:c8:a8:e3:4e:0a:39:6f:
2d:8c:33:51:96:f9:40:a7:21:9f:cb:ed:05:aa:f0:
c0:be:7b:8c:8f:7d:5a:81:16:bd:63:9c:04:cc:0c:
cb:5c:ba:c9:97:2d:87:67:b1:ec:34:4d:b2:ae:ab:
10:92:19:07:11:b8:97:b5:bf:24:73:39:a7:10:1e:
1f:50:ae:88:5a:f0:c5:f3:3a:03:e2:cf:40:5e:59:
cd:b0:34:87:6c:1f:2d:b6:2a:35:53:47:6c:0c:19:
4c:5f:2a:30:cc:92:3b:f1:11:82:dc:a1:0d:6b:9f:
65:7e:15:1f:af:04:fd:ed:7c:db:27:32:dc:39:19:
76:4a:ef:60:70:b0:be:e9:98:01:16:6a:46:7f:dc:
b0:8c:46:23:e1:95:48:02:4c:85:06:ff:a5:54:ca:
c1:2c:00:58:1e:d8:cb:5e:0b:0a:bf:c0:e5:13:98:
b0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F3:E1:3D:E1:E4:6E:76:88:94:12:49:DB:E5:F4:73:D3:A2:47:56
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:e4:e9:7b:bf:5d:a1:14:8c:e7:b0:26:7e:83:ea:6c:33:37:
6f:b5:00:7c:9c:a7:da:e9:50:3a:6a:48:e2:8a:c3:4c:66:40:
68:4b:43:02:9c:05:3f:89:08:bf:f1:2b:80:37:7d:e6:be:31:
c6:c3:98:19:51:22:5b:d7:8a:a1:f5:d7:31:ff:0a:64:ec:db:
b4:26:63:dd:50:a8:9f:28:76:d2:38:22:a5:1b:7c:a4:33:80:
91:21:19:23:95:bc:49:6e:75:14:0d:9f:25:9f:b0:c5:8a:8f:
fc:46:6b:bd:c1:41:68:5f:9a:ef:f3:25:3f:00:d8:06:c5:0f:
b4:e5:58:28:d5:06:f2:39:db:c6:52:75:33:12:02:e0:63:dd:
a3:71:e9:b5:39:a2:c1:49:29:98:89:af:ab:a5:40:25:9a:e0:
5b:74:f5:61:2f:1c:19:86:4f:a5:62:c7:f9:3f:cc:06:82:1e:
0d:49:6c:f8:19:36:bb:b4:1a:a2:ae:f5:e2:0b:9c:8e:de:76:
52:6d:8d:94:f8:29:de:c1:7d:26:47:c7:4a:dd:ad:0b:03:fb:
68:a9:d6:6e:65:49:6b:7a:1f:5e:c3:4c:12:43:7e:04:3b:ec:
88:fd:36:1f:85:1a:bd:03:f7:90:e0:02:e5:78:67:24:d0:86:
48:d9:5d:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfXVHBqTjqZT5nagCnKBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjYwMzAxMTMwMTM3WhcNMjYwMzAyMTMwMTM3WjAzMTEwLwYDVQQD
EygwZmYzZTEzZGUxZTQ2ZTc2ODg5NDEyNDlkYmU1ZjQ3M2QzYTI0NzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2o6eiWvI/PxnBfSRHl4R7Zh5QZ2D
NLwI2dOCRC2KaBLA8yRhltj8vkV0ba4pBjFtBXb5qgGVyKIvwTBHG9xgTPdQt1fA
B3M4AJrBBvO6S2K+bsio404KOW8tjDNRlvlApyGfy+0FqvDAvnuMj31agRa9Y5wE
zAzLXLrJly2HZ7HsNE2yrqsQkhkHEbiXtb8kczmnEB4fUK6IWvDF8zoD4s9AXlnN
sDSHbB8ttio1U0dsDBlMXyowzJI78RGC3KENa59lfhUfrwT97XzbJzLcORl2Su9g
cLC+6ZgBFmpGf9ywjEYj4ZVIAkyFBv+lVMrBLABYHtjLXgsKv8DlE5iw4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/z4T3h5G52iJQSSdvl9HPTokdWMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdOTpe79d
oRSM57AmfoPqbDM3b7UAfJyn2ulQOmpI4orDTGZAaEtDApwFP4kIv/ErgDd95r4x
xsOYGVEiW9eKofXXMf8KZOzbtCZj3VConyh20jgipRt8pDOAkSEZI5W8SW51FA2f
JZ+wxYqP/EZrvcFBaF+a7/MlPwDYBsUPtOVYKNUG8jnbxlJ1MxIC4GPdo3HptTmi
wUkpmImvq6VAJZrgW3T1YS8cGYZPpWLH+T/MBoIeDUls+Bk2u7Qaoq714gucjt52
Um2NlPgp3sF9JkfHSt2tCwP7aKnWbmVJa3ofXsNMEkN+BDvsiP02H4UavQP3kOAC
5XhnJNCGSNldWA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:42:24 2026 by rpki-client