Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: xVPcHkINS03DNGhMbWBgm/yHTq3BzLUqt7KfItgCSQM=
Subject key identifier: 67:C1:0F:B6:5A:23:A6:2A:09:FA:55:49:5D:91:4B:32:B2:B7:A2:F4
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019D98F4EAE1E152D322790D59AE6C5A405E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0FA8
Signing time: Fri 17 Apr 2026 01:01:20 +0000
Manifest this update: Fri 17 Apr 2026 01:01:20 +0000
Manifest next update: Sat 18 Apr 2026 01:01:20 +0000
Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: hcofeaNzJvM5/mKxDOBuH3f8XoKymXOEgRz94PyyGeg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:ea:e1:e1:52:d3:22:79:0d:59:ae:6c:5a:40:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Apr 17 01:01:20 2026 GMT
Not After : Apr 18 01:01:20 2026 GMT
Subject: CN=67c10fb65a23a62a09fa55495d914b32b2b7a2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:98:27:92:b6:e0:9c:10:dd:2a:d1:a8:77:
05:c9:69:dd:8c:82:de:1d:73:7a:ea:5d:a6:fb:f1:
c4:49:34:1b:70:ef:b5:8d:8a:20:91:72:5e:ab:5f:
9c:56:dc:73:8a:d2:4b:a3:0a:f5:bc:f9:19:45:3b:
ed:10:c0:e9:db:f5:1a:27:55:a8:89:c1:91:a2:63:
0c:75:f8:54:31:19:ec:c3:98:61:91:46:80:68:ea:
2a:52:2b:49:22:1b:2e:4c:0f:6c:6f:c5:95:cc:44:
f2:fa:1a:50:30:cd:84:1b:16:b9:92:89:64:20:61:
ca:73:a3:2f:ae:65:9f:1c:e5:bc:c0:86:57:52:03:
a6:1c:5b:e6:c7:86:8e:00:38:e4:c5:c9:2f:05:c2:
7a:bd:3a:42:09:5e:55:98:66:72:2b:32:0a:83:b4:
e6:9e:fa:df:ca:92:bc:5d:b5:fa:7f:a3:4f:83:8a:
1e:64:f0:84:4b:69:9e:a8:0a:fe:e5:f5:67:88:a5:
39:60:bb:a5:1f:d2:ca:b4:2b:dd:99:5e:a0:d1:17:
49:58:22:0d:6c:4a:63:5f:41:30:ba:89:dc:e2:d1:
e4:0c:5c:93:b4:3d:c5:79:ba:ff:c0:dc:10:2d:59:
cb:70:11:f2:06:9a:ad:16:e7:04:09:44:89:63:2b:
51:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C1:0F:B6:5A:23:A6:2A:09:FA:55:49:5D:91:4B:32:B2:B7:A2:F4
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:af:b3:a0:ee:e0:9d:d2:54:d9:2a:54:a8:53:24:7d:06:0c:
9c:48:8a:ec:34:e6:09:87:43:92:ea:8d:47:0c:bb:ab:f4:09:
fa:81:ea:c6:c3:d6:c5:18:3a:5a:da:55:e0:e0:d7:61:7e:2d:
8f:fc:49:65:d4:fc:f3:6c:97:5b:fd:2a:89:c9:17:f6:da:52:
d1:8a:71:b6:2d:66:70:46:d9:b3:bd:fd:84:28:0f:a1:02:2c:
76:39:c6:ee:af:e9:3c:74:9d:ed:8e:6c:86:79:28:c3:d9:b2:
c7:be:e3:53:ca:85:b2:93:3d:e0:ba:4e:6b:b7:17:ad:ea:ea:
55:36:9e:39:68:68:2f:ea:23:3d:80:c7:99:f5:84:43:75:55:
d0:ea:f4:35:fa:23:9b:ad:d1:57:42:e5:5a:42:50:e2:40:eb:
4b:c4:11:90:a8:36:45:7f:e2:c5:20:cd:29:5d:08:68:bd:05:
bd:74:10:bb:60:41:ba:a1:82:46:d0:5e:97:fd:f1:85:f8:dc:
b7:3e:c8:5c:27:2c:92:b9:39:4c:67:3a:5d:57:a0:f5:ea:67:
b6:e8:c1:c2:8e:32:12:39:76:4a:3b:83:99:ba:6a:af:61:21:
74:d0:68:02:14:00:75:fa:7c:02:7f:cf:51:bc:86:6d:cc:3a:
d8:a6:a9:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Orh4VLTInkNWa5sWkBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjYwNDE3MDEwMTIwWhcNMjYwNDE4MDEwMTIwWjAzMTEwLwYDVQQD
Eyg2N2MxMGZiNjVhMjNhNjJhMDlmYTU1NDk1ZDkxNGIzMmIyYjdhMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupaYJ5K24JwQ3SrRqHcFyWndjILe
HXN66l2m+/HESTQbcO+1jYogkXJeq1+cVtxzitJLowr1vPkZRTvtEMDp2/UaJ1Wo
icGRomMMdfhUMRnsw5hhkUaAaOoqUitJIhsuTA9sb8WVzETy+hpQMM2EGxa5kolk
IGHKc6MvrmWfHOW8wIZXUgOmHFvmx4aOADjkxckvBcJ6vTpCCV5VmGZyKzIKg7Tm
nvrfypK8XbX6f6NPg4oeZPCES2meqAr+5fVniKU5YLulH9LKtCvdmV6g0RdJWCIN
bEpjX0Ewuonc4tHkDFyTtD3Febr/wNwQLVnLcBHyBpqtFucECUSJYytRUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfBD7ZaI6YqCfpVSV2RSzKyt6L0MB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc6+zoO7g
ndJU2SpUqFMkfQYMnEiK7DTmCYdDkuqNRwy7q/QJ+oHqxsPWxRg6WtpV4ODXYX4t
j/xJZdT882yXW/0qickX9tpS0Ypxti1mcEbZs739hCgPoQIsdjnG7q/pPHSd7Y5s
hnkow9myx77jU8qFspM94LpOa7cXrerqVTaeOWhoL+ojPYDHmfWEQ3VV0Or0Nfoj
m63RV0LlWkJQ4kDrS8QRkKg2RX/ixSDNKV0IaL0FvXQQu2BBuqGCRtBel/3xhfjc
tz7IXCcskrk5TGc6XVeg9epntujBwo4yEjl2SjuDmbpqr2EhdNBoAhQAdfp8An/P
UbyGbcw62Kap6w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:19:54 2026 by rpki-client