Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: mBJB6T0VLofvcKN8luMDIvjRj/bBDAXIvGFQ5mTOi5w=
Subject key identifier: 03:F5:FE:47:35:CB:77:60:25:2C:46:83:5D:F2:FF:EC:24:BE:F6:07
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019EBE7FD7A30DBAEE8286C5317250355E66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 1040
Signing time: Sat 13 Jun 2026 01:01:49 +0000
Manifest this update: Sat 13 Jun 2026 01:01:49 +0000
Manifest next update: Sun 14 Jun 2026 01:01:49 +0000
Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: 7a5LYU58O61oJFReEg7zmlB0x57CihY7Xasb1xYFob4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:be:7f:d7:a3:0d:ba:ee:82:86:c5:31:72:50:35:5e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Jun 13 01:01:49 2026 GMT
Not After : Jun 14 01:01:49 2026 GMT
Subject: CN=03f5fe4735cb7760252c46835df2ffec24bef607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:92:b5:76:72:70:fe:47:5a:f8:ef:31:19:1a:
f0:30:b0:77:aa:20:ca:3a:5f:b4:04:5f:46:3c:77:
4b:84:09:76:51:92:73:d9:4d:be:e8:32:94:10:b4:
b3:b2:94:f1:99:8e:a4:1a:ca:39:ed:90:f9:80:55:
79:5b:43:d3:4c:ed:03:10:e3:6f:d6:78:7e:a8:5f:
71:e2:e1:a0:68:39:39:e2:ba:5e:6b:6f:c7:81:3d:
dc:2a:c2:26:a5:6f:a8:4a:52:76:a5:c0:5e:84:7f:
ae:46:85:d0:04:10:89:d1:e9:c6:2c:64:14:90:e8:
b2:74:57:91:ce:6f:0d:67:d0:c4:a5:9d:11:9c:f2:
d4:1b:c8:76:bf:8c:0f:f5:6b:45:54:ef:77:e0:9e:
b5:28:2c:13:37:07:85:fd:df:20:31:03:3f:eb:45:
0d:73:8c:3e:b3:c2:2d:21:96:6c:29:bb:3d:c5:ea:
b7:15:22:90:af:96:7e:a9:73:ab:1d:3a:d1:4a:0f:
a9:ac:e2:68:20:8a:dc:a0:87:86:ad:0a:03:9b:a7:
dc:82:ee:5b:53:e3:3e:44:53:2d:84:2d:e2:f6:ce:
dd:0e:be:5c:d1:3a:5c:02:1b:94:eb:14:57:1b:b4:
65:c4:ab:8e:d5:64:c8:2b:d4:c6:0e:e0:d2:6c:74:
1b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F5:FE:47:35:CB:77:60:25:2C:46:83:5D:F2:FF:EC:24:BE:F6:07
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:ea:e1:82:96:a3:ea:02:c3:ab:a3:ea:29:b6:03:82:f8:a7:
4c:82:bc:cc:d4:b9:a9:10:32:81:aa:e4:d2:28:6f:d6:9a:88:
b5:17:29:05:8a:a6:a6:d3:ce:d0:d7:33:8c:80:ac:5f:6b:34:
54:19:1a:70:5e:49:00:ad:50:25:15:34:88:b0:ee:b7:23:e4:
36:c1:b4:9f:1f:f5:13:c2:61:68:53:ee:6e:81:dd:f4:1f:1f:
c8:8f:b6:f9:d1:18:06:6b:6d:ba:f2:5c:d4:39:a4:aa:0d:3e:
f4:7a:c7:37:40:ec:ea:17:55:3a:a5:b3:d3:6d:33:58:03:51:
c8:62:b9:f8:79:3d:7c:c5:db:74:37:e0:ba:b3:13:bb:05:90:
05:47:3d:80:65:ea:4f:4f:2a:5d:ba:61:e6:e3:0d:85:17:a3:
20:bb:13:40:b1:7b:32:52:5f:42:06:3b:fe:7a:24:ea:e2:ed:
b1:84:bf:8c:0e:89:21:eb:14:7d:7c:7c:52:e5:f8:6f:0a:5b:
86:27:6f:2a:78:23:09:2d:4d:ca:c2:f7:60:9e:7c:5c:26:ce:
e3:91:31:f0:15:71:6a:ec:26:ff:05:bf:9f:61:56:ed:11:f9:
c7:28:49:36:e7:26:fa:8f:f2:6a:78:c5:9f:24:88:8e:b5:14:
28:f7:14:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f9ejDbrugobFMXJQNV5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjYwNjEzMDEwMTQ5WhcNMjYwNjE0MDEwMTQ5WjAzMTEwLwYDVQQD
EygwM2Y1ZmU0NzM1Y2I3NzYwMjUyYzQ2ODM1ZGYyZmZlYzI0YmVmNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5K1dnJw/kda+O8xGRrwMLB3qiDK
Ol+0BF9GPHdLhAl2UZJz2U2+6DKUELSzspTxmY6kGso57ZD5gFV5W0PTTO0DEONv
1nh+qF9x4uGgaDk54rpea2/HgT3cKsImpW+oSlJ2pcBehH+uRoXQBBCJ0enGLGQU
kOiydFeRzm8NZ9DEpZ0RnPLUG8h2v4wP9WtFVO934J61KCwTNweF/d8gMQM/60UN
c4w+s8ItIZZsKbs9xeq3FSKQr5Z+qXOrHTrRSg+prOJoIIrcoIeGrQoDm6fcgu5b
U+M+RFMthC3i9s7dDr5c0TpcAhuU6xRXG7RlxKuO1WTIK9TGDuDSbHQbswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAP1/kc1y3dgJSxGg13y/+wkvvYHMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk+rhgpaj
6gLDq6PqKbYDgvinTIK8zNS5qRAygark0ihv1pqItRcpBYqmptPO0NczjICsX2s0
VBkacF5JAK1QJRU0iLDutyPkNsG0nx/1E8JhaFPuboHd9B8fyI+2+dEYBmttuvJc
1Dmkqg0+9HrHN0Ds6hdVOqWz020zWANRyGK5+Hk9fMXbdDfgurMTuwWQBUc9gGXq
T08qXbph5uMNhRejILsTQLF7MlJfQgY7/nok6uLtsYS/jA6JIesUfXx8UuX4bwpb
hidvKngjCS1NysL3YJ58XCbO45Ex8BVxauwm/wW/n2FW7RH5xyhJNucm+o/yanjF
nySIjrUUKPcUYQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:14:13 2026 by rpki-client