Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: +/YCPFbxYxZIHVawi9yxJUyJj3exJxtLXNPURdYgf5Y=
Subject key identifier: 36:77:5E:48:C6:E4:0F:7C:19:49:1F:59:34:E0:C0:12:D5:F2:A3:4E
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019A4D7482AB2F97C0607D8CCBAC68F2A8B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0DF3
Signing time: Tue 04 Nov 2025 06:01:12 +0000
Manifest this update: Tue 04 Nov 2025 06:01:12 +0000
Manifest next update: Wed 05 Nov 2025 06:01:12 +0000
Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: 045JlLkqE17pap5WAkrklcFMJgQPEcqhpsaajcHA++o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:82:ab:2f:97:c0:60:7d:8c:cb:ac:68:f2:a8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Nov 4 06:01:12 2025 GMT
Not After : Nov 5 06:01:12 2025 GMT
Subject: CN=36775e48c6e40f7c19491f5934e0c012d5f2a34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:de:f5:f6:8d:fa:8e:4e:83:0b:06:39:9f:
72:13:85:b7:6d:fe:46:47:e7:c4:ac:79:e1:bc:4d:
eb:64:65:71:10:91:15:49:c0:57:a8:2d:f2:53:d5:
e8:5b:4e:0b:97:55:73:a3:d2:f7:40:b9:15:6a:80:
8a:22:b0:47:0d:2c:31:e0:90:17:fd:4a:9c:12:3c:
02:99:42:0c:1c:dd:65:4d:b5:a2:23:4a:20:e8:50:
37:eb:c3:46:a7:a9:d2:af:92:f1:07:c6:20:39:ca:
c8:2a:f0:96:03:8e:ba:b0:80:83:1d:7e:1c:b4:55:
76:70:5e:c8:b5:1a:9e:a1:c1:1b:b9:bd:88:1e:8d:
45:20:06:84:aa:9f:29:f8:04:41:3c:b5:86:5f:d2:
59:d3:cf:94:3c:51:83:22:0b:24:eb:ea:57:bc:18:
68:bb:20:e4:17:9b:21:e5:c1:97:48:76:c1:8c:4d:
15:7e:6c:07:46:ea:8d:30:e6:31:56:ba:9b:0e:0e:
26:69:61:07:dd:0d:17:1b:15:67:75:11:e9:3b:0a:
f6:fd:23:7a:dd:fd:c4:e4:03:6c:77:d4:55:4c:79:
b5:41:e8:50:19:eb:ce:29:2e:f2:c8:b5:ac:6b:d4:
51:b2:b7:44:77:ca:79:af:51:15:1e:8a:ab:47:f5:
55:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:77:5E:48:C6:E4:0F:7C:19:49:1F:59:34:E0:C0:12:D5:F2:A3:4E
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:ab:f7:a7:5a:4e:1d:59:fa:02:3f:c1:d7:7d:95:c1:82:b0:
6e:dd:b0:65:f3:a9:cd:e1:e4:9e:16:be:94:28:97:b6:67:5f:
f3:75:df:1d:fa:4f:07:b8:15:1b:94:13:d3:e8:f9:9a:53:1d:
2a:67:31:13:5d:cd:90:a6:41:42:59:15:84:8f:0d:ca:cc:28:
39:6f:2a:e8:e7:5c:da:e5:ee:5f:a3:ed:00:7b:4a:0a:e8:64:
c5:36:b4:b3:9a:45:a6:29:82:87:c2:6c:98:33:91:63:e4:62:
ff:bd:dd:7c:c8:c1:07:31:03:67:12:32:33:8e:17:1c:76:d3:
2d:4a:76:e2:61:8f:76:e9:71:e8:5c:cc:08:45:b4:ee:65:fa:
84:cc:4d:ba:46:81:74:b6:9b:0b:e8:2d:ad:e2:8c:97:74:37:
86:d8:2c:d4:e2:fd:04:e0:6f:76:7f:5e:91:4c:f6:6d:a3:e1:
cb:67:0c:70:5b:8d:a9:2e:35:68:4f:35:6a:75:b5:f8:0d:69:
ea:1e:43:32:1f:31:25:27:f8:03:c6:66:2e:25:64:da:66:c0:
8b:60:fd:44:97:55:f4:91:d6:dd:9c:fe:14:31:87:61:5a:0f:
e3:83:38:da:22:c9:65:1d:b7:b9:bc:5d:46:55:62:6c:4a:28:
17:27:2b:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdIKrL5fAYH2My6xo8qi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjUxMTA0MDYwMTEyWhcNMjUxMTA1MDYwMTEyWjAzMTEwLwYDVQQD
EygzNjc3NWU0OGM2ZTQwZjdjMTk0OTFmNTkzNGUwYzAxMmQ1ZjJhMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt77e9faN+o5OgwsGOZ9yE4W3bf5G
R+fErHnhvE3rZGVxEJEVScBXqC3yU9XoW04Ll1Vzo9L3QLkVaoCKIrBHDSwx4JAX
/UqcEjwCmUIMHN1lTbWiI0og6FA368NGp6nSr5LxB8YgOcrIKvCWA466sICDHX4c
tFV2cF7ItRqeocEbub2IHo1FIAaEqp8p+ARBPLWGX9JZ08+UPFGDIgsk6+pXvBho
uyDkF5sh5cGXSHbBjE0VfmwHRuqNMOYxVrqbDg4maWEH3Q0XGxVndRHpOwr2/SN6
3f3E5ANsd9RVTHm1QehQGevOKS7yyLWsa9RRsrdEd8p5r1EVHoqrR/VVbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZ3XkjG5A98GUkfWTTgwBLV8qNOMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqv3p1pO
HVn6Aj/B132VwYKwbt2wZfOpzeHknha+lCiXtmdf83XfHfpPB7gVG5QT0+j5mlMd
KmcxE13NkKZBQlkVhI8NyswoOW8q6Odc2uXuX6PtAHtKCuhkxTa0s5pFpimCh8Js
mDORY+Ri/73dfMjBBzEDZxIyM44XHHbTLUp24mGPdulx6FzMCEW07mX6hMxNukaB
dLabC+gtreKMl3Q3htgs1OL9BOBvdn9ekUz2baPhy2cMcFuNqS41aE81anW1+A1p
6h5DMh8xJSf4A8ZmLiVk2mbAi2D9RJdV9JHW3Zz+FDGHYVoP44M42iLJZR23ubxd
RlVibEooFycrKA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:54:46 2025 by rpki-client