Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json)
Hash identifier: 8XiRWdwHiw7hyCvttx1lO/UwIjfcWLGlTIT3m5LtD5Y=
Subject key identifier: 63:B5:CE:5E:CF:B5:74:F2:0A:EA:F4:7B:22:1B:33:AC:5C:AD:0C:14
Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb
Certificate serial: 019CABD9D44E79D942EFA1499279982C8E5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
Manifest number: 12E2
Signing time: Mon 02 Mar 2026 00:01:45 +0000
Manifest this update: Mon 02 Mar 2026 00:01:45 +0000
Manifest next update: Tue 03 Mar 2026 00:01:45 +0000
Files and hashes: 1: Z2uEQbE7L2pDV1J90F-WHp-FeRc.roa (hash: gG4qjMeD/GD4iye01V4m4U9isqUINl3gT+i69LWAi7I=)
2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: 8D9L1eIEDb85bIZpiPFaGokZ2a+nUsH2BsVhYz0kgSI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:d4:4e:79:d9:42:ef:a1:49:92:79:98:2c:8e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb
Validity
Not Before: Mar 2 00:01:45 2026 GMT
Not After : Mar 3 00:01:45 2026 GMT
Subject: CN=63b5ce5ecfb574f20aeaf47b221b33ac5cad0c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e0:8c:57:da:94:88:aa:de:1a:77:15:ca:d9:
b2:24:b8:3c:b2:ce:40:e7:ca:25:0f:bc:b9:e4:94:
0a:20:dc:11:de:eb:1f:0b:89:28:eb:be:78:b1:6d:
a6:22:d0:b0:ad:0f:14:61:20:80:cf:20:00:56:ac:
9f:62:d9:3b:67:0c:1e:f1:fb:f4:a6:9b:ce:33:ef:
a1:ac:e5:2f:1e:07:35:14:b5:c6:66:89:35:82:b7:
56:41:ac:60:20:1b:e3:ba:9e:d1:c9:b4:6c:c5:ca:
3a:fe:3e:04:78:a0:56:18:4b:7b:01:b8:32:01:68:
53:05:cf:2f:21:d8:79:7b:bf:22:c2:29:ff:66:61:
43:00:5e:c8:ef:1a:57:58:59:22:8b:86:25:e3:e4:
52:5e:81:6e:0a:16:f0:1f:4d:88:14:89:3a:39:e7:
cc:25:83:da:83:7d:f7:e1:4f:2e:b5:33:8e:23:a4:
5a:22:fb:c1:0b:77:34:2b:47:ed:8e:d0:0e:3b:c6:
ee:7e:ec:78:59:c7:65:af:6a:b3:29:a3:98:6c:30:
9a:b3:9a:49:be:fa:d0:b6:78:61:7a:f6:5c:08:39:
ff:f7:d4:17:de:9c:fa:93:9a:b0:38:c2:dd:8f:03:
0f:d4:a7:f3:c6:2c:f3:fa:b2:34:7d:f7:90:47:6c:
0b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B5:CE:5E:CF:B5:74:F2:0A:EA:F4:7B:22:1B:33:AC:5C:AD:0C:14
X509v3 Authority Key Identifier:
keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:e1:9a:17:20:dc:1a:e6:b9:27:f3:a5:76:88:34:6f:6f:e2:
53:f0:05:ba:ec:9c:41:8e:7b:06:a6:d1:3c:a9:f8:a2:b5:c2:
ee:e0:fa:e1:36:49:7c:b1:cd:07:c5:02:0d:2d:59:e6:9d:78:
96:f9:4d:59:36:9f:05:ca:39:24:53:50:c8:f2:4b:45:00:aa:
fc:f2:77:5c:15:ab:bd:a4:b9:9e:8d:70:53:e0:43:9a:f0:e5:
29:0b:c4:8f:f6:77:1c:7a:b4:9f:7c:f2:cb:98:8f:96:c8:0b:
ce:92:95:c3:11:ba:78:2d:50:df:5c:37:06:2f:ee:78:60:0b:
fb:3b:e1:ec:01:12:9e:31:46:d6:f2:65:fd:b0:34:ba:e3:d7:
4e:12:46:5f:c2:66:28:64:b3:c6:7b:c8:3b:95:79:ce:1c:63:
ef:15:4e:0e:22:0f:e6:e7:e8:19:64:13:f9:2d:6c:e2:3d:57:
2c:ce:56:80:d3:d5:ef:41:51:c7:b0:d3:cd:22:77:db:1f:7a:
7c:21:fa:16:8b:2e:d2:ab:5b:91:cf:a5:31:02:53:fd:bc:9c:
13:f3:bc:56:44:ad:93:9e:aa:84:0e:e6:31:15:f3:94:27:54:
98:03:33:a9:89:e1:ff:e1:7c:1b:6b:2a:40:a5:6e:6c:04:6c:
e8:6b:b9:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2dROedlC76FJknmYLI5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz
NTI5Y2IwHhcNMjYwMzAyMDAwMTQ1WhcNMjYwMzAzMDAwMTQ1WjAzMTEwLwYDVQQD
Eyg2M2I1Y2U1ZWNmYjU3NGYyMGFlYWY0N2IyMjFiMzNhYzVjYWQwYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOCMV9qUiKreGncVytmyJLg8ss5A
58olD7y55JQKINwR3usfC4ko6754sW2mItCwrQ8UYSCAzyAAVqyfYtk7Zwwe8fv0
ppvOM++hrOUvHgc1FLXGZok1grdWQaxgIBvjup7RybRsxco6/j4EeKBWGEt7Abgy
AWhTBc8vIdh5e78iwin/ZmFDAF7I7xpXWFkii4Yl4+RSXoFuChbwH02IFIk6OefM
JYPag3334U8utTOOI6RaIvvBC3c0K0ftjtAOO8bufux4Wcdlr2qzKaOYbDCas5pJ
vvrQtnhhevZcCDn/99QX3pz6k5qwOMLdjwMP1Kfzxizz+rI0ffeQR2wL1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGO1zl7PtXTyCur0eyIbM6xcrQwUMB8GA1UdIwQY
MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt
ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5
LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM+GaFyDc
Gua5J/Oldog0b2/iU/AFuuycQY57BqbRPKn4orXC7uD64TZJfLHNB8UCDS1Z5p14
lvlNWTafBco5JFNQyPJLRQCq/PJ3XBWrvaS5no1wU+BDmvDlKQvEj/Z3HHq0n3zy
y5iPlsgLzpKVwxG6eC1Q31w3Bi/ueGAL+zvh7AESnjFG1vJl/bA0uuPXThJGX8Jm
KGSzxnvIO5V5zhxj7xVODiIP5ufoGWQT+S1s4j1XLM5WgNPV70FRx7DTzSJ32x96
fCH6Fosu0qtbkc+lMQJT/bycE/O8VkStk56qhA7mMRXzlCdUmAMzqYnh/+F8G2sq
QKVubARs6Gu5Mw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:06:20 2026 by rpki-client