Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: eeG+sGJDZstDncwHmkhBQjrSMspDFqNHevYDHM96rSI=
Subject key identifier: 6A:C7:FE:72:09:5E:4A:FE:6A:3F:24:2B:AC:FA:0A:48:11:3F:38:0D
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019D988693115246E668E195E57433FFAE7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 05C6
Signing time: Thu 16 Apr 2026 23:00:49 +0000
Manifest this update: Thu 16 Apr 2026 23:00:49 +0000
Manifest next update: Fri 17 Apr 2026 23:00:49 +0000
Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: Oxrgoqk9xU5os6OyIbSZO4Hplxe0DhXGL5bM1vpuiac=)
2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:86:93:11:52:46:e6:68:e1:95:e5:74:33:ff:ae:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Apr 16 23:00:49 2026 GMT
Not After : Apr 17 23:00:49 2026 GMT
Subject: CN=6ac7fe72095e4afe6a3f242bacfa0a48113f380d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:63:4f:c8:e6:14:fd:a5:d0:95:b3:77:7c:
4e:36:b9:33:7f:14:4d:fd:b2:02:a1:ed:4a:5e:36:
ed:ab:25:53:36:b3:7d:c6:33:e1:2b:d3:6f:95:44:
bf:cd:bb:c0:c1:a4:ea:2f:f4:35:a2:ac:9a:a9:b1:
31:31:59:9e:64:b0:c3:43:d6:d2:df:c3:44:74:c9:
25:e6:bc:4d:70:bd:ce:52:76:47:3a:dd:01:a2:5f:
66:1e:b2:38:8a:18:e8:5c:ee:eb:ea:e7:f9:21:a4:
3f:8b:d0:c8:d9:e5:d1:7c:a8:7c:ef:15:39:2f:da:
07:5a:79:ee:68:3c:19:ac:3a:97:db:62:51:5f:8e:
5b:f0:32:dd:eb:41:c1:37:75:67:c3:59:c9:82:39:
28:61:1a:88:e8:a0:fb:be:0d:c1:43:d4:dc:db:1a:
af:2e:1b:27:66:14:3d:6f:8d:42:01:b8:f1:d9:54:
26:3b:3a:f5:15:39:72:8d:74:80:7c:64:62:42:4d:
f6:87:68:5c:24:f3:49:ca:a2:a5:5e:4a:30:4f:0b:
a1:67:bf:f1:f6:6b:b6:b8:0d:db:5a:aa:79:b6:79:
c1:8b:b3:cd:f3:00:e5:94:80:97:c1:95:c3:f4:e6:
47:c9:15:08:c3:30:21:35:6b:d9:10:89:3f:99:b9:
5a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C7:FE:72:09:5E:4A:FE:6A:3F:24:2B:AC:FA:0A:48:11:3F:38:0D
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:68:0a:2c:25:bd:e7:89:7c:03:d9:bd:23:71:31:86:ba:d2:
fe:4e:8f:6f:10:db:ff:74:4e:8b:35:cf:fc:d4:58:a3:08:39:
58:06:ec:e6:14:2e:15:a7:b5:91:90:c9:b9:30:a9:28:5a:4c:
d4:c9:d0:c5:80:a4:3e:a2:b4:1d:43:94:c1:7a:11:49:8f:2d:
9a:e8:5c:ff:a8:54:1e:ff:8d:b8:d3:81:ab:67:f8:98:5b:8f:
6f:09:c3:ac:f0:da:6e:a1:46:03:44:c6:50:3f:63:ce:c5:54:
2f:4d:1c:2c:9f:27:98:3a:e1:d8:14:72:ab:76:c8:df:49:79:
ac:4d:19:e1:7a:12:8f:51:c4:42:5c:2a:db:e5:22:17:d6:24:
8c:e0:5c:72:25:e5:9f:94:b1:72:0d:34:56:99:1a:15:84:7a:
27:37:fe:50:5f:a1:90:44:dd:2d:b0:c5:75:07:7b:79:23:65:
ce:22:77:65:bd:50:f7:37:81:21:cf:6c:a5:16:2b:e6:5f:58:
b5:69:63:9b:05:9a:c0:3d:f8:e1:8f:09:19:23:ac:d5:1a:5c:
07:4f:92:15:e2:cf:ec:85:a7:e7:d5:5e:0f:bb:3a:60:5c:66:
de:e2:d6:77:cb:40:bc:d0:b4:52:f8:65:9a:86:2c:96:c2:d6:
6c:97:4f:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YhpMRUkbmaOGV5XQz/65/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjYwNDE2MjMwMDQ5WhcNMjYwNDE3MjMwMDQ5WjAzMTEwLwYDVQQD
Eyg2YWM3ZmU3MjA5NWU0YWZlNmEzZjI0MmJhY2ZhMGE0ODExM2YzODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSZjT8jmFP2l0JWzd3xONrkzfxRN
/bICoe1KXjbtqyVTNrN9xjPhK9NvlUS/zbvAwaTqL/Q1oqyaqbExMVmeZLDDQ9bS
38NEdMkl5rxNcL3OUnZHOt0Bol9mHrI4ihjoXO7r6uf5IaQ/i9DI2eXRfKh87xU5
L9oHWnnuaDwZrDqX22JRX45b8DLd60HBN3Vnw1nJgjkoYRqI6KD7vg3BQ9Tc2xqv
LhsnZhQ9b41CAbjx2VQmOzr1FTlyjXSAfGRiQk32h2hcJPNJyqKlXkowTwuhZ7/x
9mu2uA3bWqp5tnnBi7PN8wDllICXwZXD9OZHyRUIwzAhNWvZEIk/mblaPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrH/nIJXkr+aj8kK6z6CkgRPzgNMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARmgKLCW9
54l8A9m9I3ExhrrS/k6PbxDb/3ROizXP/NRYowg5WAbs5hQuFae1kZDJuTCpKFpM
1MnQxYCkPqK0HUOUwXoRSY8tmuhc/6hUHv+NuNOBq2f4mFuPbwnDrPDabqFGA0TG
UD9jzsVUL00cLJ8nmDrh2BRyq3bI30l5rE0Z4XoSj1HEQlwq2+UiF9YkjOBcciXl
n5Sxcg00VpkaFYR6Jzf+UF+hkETdLbDFdQd7eSNlziJ3Zb1Q9zeBIc9spRYr5l9Y
tWljmwWawD344Y8JGSOs1RpcB0+SFeLP7IWn59VeD7s6YFxm3uLWd8tAvNC0Uvhl
moYslsLWbJdPbA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:44:23 2026 by rpki-client