Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: hFO5IUP1/rGAQUSxWm/SCX/+rQ1AyoJlN4MA/6WdSYo=
Subject key identifier: 1B:66:B6:E1:66:7B:64:98:D4:4F:DF:AF:6E:EC:B4:E3:AA:55:FA:61
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019A4EF4F2FA5CF641096839D927248EF67A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 0412
Signing time: Tue 04 Nov 2025 13:01:07 +0000
Manifest this update: Tue 04 Nov 2025 13:01:07 +0000
Manifest next update: Wed 05 Nov 2025 13:01:07 +0000
Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=)
2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: yZQOqVz9+/h/SMIJId+BvA9mbgdqjyk5KLKndgphCu4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:f2:fa:5c:f6:41:09:68:39:d9:27:24:8e:f6:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Nov 4 13:01:07 2025 GMT
Not After : Nov 5 13:01:07 2025 GMT
Subject: CN=1b66b6e1667b6498d44fdfaf6eecb4e3aa55fa61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:c7:b4:df:14:39:35:23:8a:9b:d3:cb:d5:
86:dc:1b:9e:f1:6a:b5:4e:89:b6:7a:5f:23:ef:5d:
7e:50:ea:a5:08:63:e8:3b:97:a0:78:55:61:8c:c6:
97:cf:b7:b3:2f:d5:44:09:ee:a4:e5:f3:e5:6f:49:
ed:62:c7:1f:9e:cc:1e:39:a0:3a:9d:3e:56:d5:cd:
bb:ba:3d:78:c3:19:29:5d:f2:04:85:7f:8f:50:62:
d0:53:d2:07:76:30:59:b4:45:06:82:5d:95:84:1d:
d6:5f:c3:39:67:98:b5:a5:d2:a6:5d:b5:98:7d:43:
3c:a0:88:bf:d9:63:a3:3c:51:ae:0a:f4:43:ea:5a:
67:bd:67:b4:ce:ee:50:9c:0d:ab:ae:da:ea:1a:9c:
6f:95:f9:09:3a:46:38:55:5c:4d:2c:93:60:f9:c7:
f7:23:20:7c:74:fb:f1:70:06:18:8b:41:d3:d7:67:
a8:07:05:ec:a2:ed:e5:88:0c:b6:69:c9:db:f5:97:
13:5b:d2:e5:4f:43:64:e4:64:40:c8:90:b2:79:64:
e7:50:01:6a:0c:46:fe:23:e2:da:45:66:51:73:f9:
b0:bb:17:56:12:31:31:5c:52:e1:26:49:4a:02:8f:
15:9b:15:44:a6:3a:15:d6:d9:6b:36:fa:81:20:5d:
99:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:66:B6:E1:66:7B:64:98:D4:4F:DF:AF:6E:EC:B4:E3:AA:55:FA:61
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:33:e5:c4:53:42:f5:ba:6b:5e:79:cc:b8:fd:39:5e:7c:a7:
9c:1e:c3:c5:c2:f9:55:09:f3:90:0d:ec:62:a6:e9:00:a4:8f:
79:af:10:6b:d4:d4:6f:f8:f6:0f:66:81:9f:c4:53:b5:81:b4:
04:af:c9:b8:7d:28:ab:c3:a7:cb:b6:20:57:12:bf:82:c5:f6:
d7:13:0b:e5:7a:fe:74:85:a6:a1:60:3c:f8:7b:d5:c8:97:81:
6f:d3:99:6c:f2:8a:59:ea:cd:2b:f2:db:5c:d4:a4:1a:d7:2e:
93:94:c5:4c:ee:fc:b4:c1:a2:6c:3c:0e:04:05:eb:33:0e:f8:
86:38:84:9e:b3:cc:79:ed:37:48:29:fe:3c:cf:16:6c:c0:e9:
8d:3e:33:f4:cf:cb:1e:0e:66:fb:92:00:65:0e:40:83:8e:55:
3e:a3:d1:c7:d5:ee:36:9c:d8:25:22:86:31:a5:1c:e5:4c:a1:
5e:30:2a:80:ac:39:1a:b1:57:d1:6d:3b:7a:31:af:f0:9d:7a:
c6:4c:44:b9:99:67:2b:f8:2a:73:23:93:73:82:a9:a5:89:1c:
cd:6a:72:05:26:43:ec:8d:82:31:ee:8b:6f:60:05:cf:98:54:
90:b4:d0:36:12:a1:2a:e2:47:2f:b7:1a:b8:91:ee:08:18:a7:
7b:2c:cd:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9PL6XPZBCWg52SckjvZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjUxMTA0MTMwMTA3WhcNMjUxMTA1MTMwMTA3WjAzMTEwLwYDVQQD
EygxYjY2YjZlMTY2N2I2NDk4ZDQ0ZmRmYWY2ZWVjYjRlM2FhNTVmYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMLHtN8UOTUjipvTy9WG3Bue8Wq1
Tom2el8j711+UOqlCGPoO5egeFVhjMaXz7ezL9VECe6k5fPlb0ntYscfnsweOaA6
nT5W1c27uj14wxkpXfIEhX+PUGLQU9IHdjBZtEUGgl2VhB3WX8M5Z5i1pdKmXbWY
fUM8oIi/2WOjPFGuCvRD6lpnvWe0zu5QnA2rrtrqGpxvlfkJOkY4VVxNLJNg+cf3
IyB8dPvxcAYYi0HT12eoBwXsou3liAy2acnb9ZcTW9LlT0Nk5GRAyJCyeWTnUAFq
DEb+I+LaRWZRc/mwuxdWEjExXFLhJklKAo8VmxVEpjoV1tlrNvqBIF2ZIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtmtuFme2SY1E/fr27stOOqVfphMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAODPlxFNC
9bprXnnMuP05XnynnB7DxcL5VQnzkA3sYqbpAKSPea8Qa9TUb/j2D2aBn8RTtYG0
BK/JuH0oq8Ony7YgVxK/gsX21xML5Xr+dIWmoWA8+HvVyJeBb9OZbPKKWerNK/Lb
XNSkGtcuk5TFTO78tMGibDwOBAXrMw74hjiEnrPMee03SCn+PM8WbMDpjT4z9M/L
Hg5m+5IAZQ5Ag45VPqPRx9XuNpzYJSKGMaUc5UyhXjAqgKw5GrFX0W07ejGv8J16
xkxEuZlnK/gqcyOTc4KppYkczWpyBSZD7I2CMe6Lb2AFz5hUkLTQNhKhKuJHL7ca
uJHuCBineyzNiw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:16:34 2025 by rpki-client