Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: d9gQl1XaakC32HYGOFSroGx5Bwd46lfCX8tcLiG/uuE=
Subject key identifier: 38:A1:D7:17:E5:AD:DB:D8:77:FD:51:F6:FA:16:D4:06:71:C0:E9:BA
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 019CAAFD8B9ACDA2938BB0D152FFC04A1DCF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 054B
Signing time: Sun 01 Mar 2026 20:01:08 +0000
Manifest this update: Sun 01 Mar 2026 20:01:08 +0000
Manifest next update: Mon 02 Mar 2026 20:01:08 +0000
Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: G5fq7jWkEC3k3QE9o1HC5vX3D7P8QI16I2L87iFmtSw=)
2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:8b:9a:cd:a2:93:8b:b0:d1:52:ff:c0:4a:1d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Mar 1 20:01:08 2026 GMT
Not After : Mar 2 20:01:08 2026 GMT
Subject: CN=38a1d717e5addbd877fd51f6fa16d40671c0e9ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:61:91:78:30:dc:ff:6a:d4:47:81:60:98:7e:
92:d4:de:33:22:3a:9a:e9:79:0c:21:a7:2a:19:20:
3a:f1:48:61:68:1e:c2:b6:6c:82:1c:e6:cb:13:65:
9c:9c:c1:31:28:63:87:63:60:28:6a:99:d9:89:06:
6d:4c:d4:de:1e:0d:8c:4d:6d:8c:8f:dc:82:65:33:
22:7c:7c:bd:ff:28:69:fc:13:c0:7a:b7:c7:06:c6:
f4:a3:37:06:76:24:27:75:bd:fa:a1:d3:e1:de:9f:
cc:5f:23:53:15:a7:55:9f:2f:63:9a:b4:2d:7c:ed:
50:bf:06:71:46:be:69:3e:0a:93:5a:2f:ed:b5:7b:
d2:d0:b0:f6:5b:f0:4a:8e:a7:3a:56:b7:52:8f:08:
89:d2:ef:ca:73:18:4d:f9:a7:bf:00:2d:99:e9:71:
1f:98:b6:9b:c4:3b:0d:1d:c5:1f:a3:01:fb:b9:36:
57:0d:f6:bb:da:8f:79:f9:bf:e9:e8:1f:80:f7:ce:
0c:96:57:16:bb:db:11:6a:e5:48:6c:02:e7:be:06:
93:ca:88:da:d0:6e:c2:c2:e8:24:8b:fc:b2:61:05:
e9:a7:62:53:c7:5c:81:33:10:1b:78:17:50:f0:c7:
00:5a:c6:32:99:b7:c4:aa:cd:32:04:7e:fa:d2:8c:
e5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A1:D7:17:E5:AD:DB:D8:77:FD:51:F6:FA:16:D4:06:71:C0:E9:BA
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:5b:de:39:57:bb:66:b5:a8:ac:b8:17:bb:cf:2c:47:15:8b:
d3:3d:56:f7:1f:42:42:28:84:e7:f9:d8:10:fa:f9:9f:90:59:
fa:46:3d:63:49:40:9e:63:ad:ae:bd:31:89:49:91:30:a4:3a:
b1:85:fb:ea:55:e8:57:b8:11:20:e2:00:75:ee:3c:cb:a8:97:
a9:70:b2:b2:64:44:cb:a9:73:62:79:77:49:31:e3:85:1c:94:
8e:40:0c:4c:58:cc:7c:ca:71:ef:7b:a0:2f:d7:f9:7a:5a:5f:
2f:12:73:d6:4f:3b:c0:d6:cc:8a:e0:e8:76:9b:18:de:f8:24:
b8:99:4a:8a:05:b0:97:28:84:35:7c:e4:ef:46:d0:65:2c:22:
8c:dc:4d:69:92:ac:75:fc:0c:92:e7:57:e7:83:98:89:5f:56:
39:a3:9c:d8:74:99:cc:6c:94:de:56:0c:b8:91:85:ba:06:0c:
90:84:9b:93:e1:c2:1b:d0:84:25:bf:19:30:4c:ca:77:e0:a9:
5f:69:9b:fd:32:b8:13:57:6a:bd:59:0e:f9:e5:47:6e:31:ae:
b0:6b:4d:43:61:5b:cc:be:81:1d:bc:22:e7:80:40:f2:bc:e7:
8b:f2:f3:3e:3c:3f:32:bc:54:db:8e:38:d1:54:bf:8c:63:0e:
90:6a:51:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/YuazaKTi7DRUv/ASh3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjYwMzAxMjAwMTA4WhcNMjYwMzAyMjAwMTA4WjAzMTEwLwYDVQQD
EygzOGExZDcxN2U1YWRkYmQ4NzdmZDUxZjZmYTE2ZDQwNjcxYzBlOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGGReDDc/2rUR4FgmH6S1N4zIjqa
6XkMIacqGSA68UhhaB7CtmyCHObLE2WcnMExKGOHY2AoapnZiQZtTNTeHg2MTW2M
j9yCZTMifHy9/yhp/BPAerfHBsb0ozcGdiQndb36odPh3p/MXyNTFadVny9jmrQt
fO1QvwZxRr5pPgqTWi/ttXvS0LD2W/BKjqc6VrdSjwiJ0u/KcxhN+ae/AC2Z6XEf
mLabxDsNHcUfowH7uTZXDfa72o95+b/p6B+A984MllcWu9sRauVIbALnvgaTyoja
0G7Cwugki/yyYQXpp2JTx1yBMxAbeBdQ8McAWsYymbfEqs0yBH760ozlsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDih1xflrdvYd/1R9voW1AZxwOm6MB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQlveOVe7
ZrWorLgXu88sRxWL0z1W9x9CQiiE5/nYEPr5n5BZ+kY9Y0lAnmOtrr0xiUmRMKQ6
sYX76lXoV7gRIOIAde48y6iXqXCysmREy6lzYnl3STHjhRyUjkAMTFjMfMpx73ug
L9f5elpfLxJz1k87wNbMiuDodpsY3vgkuJlKigWwlyiENXzk70bQZSwijNxNaZKs
dfwMkudX54OYiV9WOaOc2HSZzGyU3lYMuJGFugYMkISbk+HCG9CEJb8ZMEzKd+Cp
X2mb/TK4E1dqvVkO+eVHbjGusGtNQ2FbzL6BHbwi54BA8rzni/LzPjw/MrxU2444
0VS/jGMOkGpR8g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:25:49 2026 by rpki-client