Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: R6d1EONe6kio3e+Y4PkKNIH+7FXKOxEv7fKrCd/6Dqg=
Subject key identifier: A4:EB:0F:31:DD:00:73:40:BA:97:AA:C4:64:74:87:02:E5:73:DF:FE
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 0CCF44EF926164C9BC7D6F66C06317FE1A7E9B9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 042C
Signing time: Thu 26 Mar 2026 02:17:37 +0000
Manifest this update: Thu 26 Mar 2026 02:12:37 +0000
Manifest next update: Fri 27 Mar 2026 02:45:37 +0000
Files and hashes: 1: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: 0o3nsPV638SmdckYvrbZzcDFCVLqB7kMKeIxKe7KYUw=)
2: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: SQPPpGAfcWzeQjBcG69M0Ql5cnWUCRPHaAkbYVbbBkE=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:45:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:cf:44:ef:92:61:64:c9:bc:7d:6f:66:c0:63:17:fe:1a:7e:9b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Mar 26 02:12:37 2026 GMT
Not After : Mar 27 02:45:37 2026 GMT
Subject: CN=A4EB0F31DD007340BA97AAC464748702E573DFFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d5:f1:7c:86:18:0f:05:78:6f:30:ca:e4:fe:
02:35:64:73:98:8b:9d:14:5a:3c:ce:70:8e:1c:bd:
38:47:09:b9:7a:bc:54:db:94:a6:8d:81:5f:00:f8:
27:32:6f:05:02:3a:ff:87:d1:f0:f3:1a:3f:d7:f3:
a6:4f:e6:e8:98:2f:07:27:38:73:66:44:21:ad:78:
9f:3b:e2:f3:93:7d:45:c6:33:78:c6:92:50:6d:99:
c5:e7:b5:74:a6:2a:7a:c2:15:a2:65:16:ea:94:e2:
ef:1f:12:0e:a0:fd:cb:8b:d4:fb:0b:d6:f8:61:4c:
70:d7:3e:f3:60:0e:68:2d:70:f9:49:c9:a8:77:3f:
8e:37:b1:4f:13:a9:5f:4e:d0:08:ba:db:38:15:c0:
f1:dd:c9:c2:eb:e7:a0:a5:d8:11:ca:60:37:e7:80:
16:69:4d:fd:9e:41:a3:6e:65:e5:ba:ac:53:54:c1:
b2:7f:c8:fb:72:5c:23:08:b9:d0:6f:cf:27:0c:e3:
85:8a:6b:c4:0e:f0:f1:f9:84:c7:c7:df:68:9b:c0:
fe:5c:6c:02:27:5a:a1:ec:06:c4:8f:80:2b:fd:55:
e4:b4:c6:3d:18:7f:68:e5:99:be:34:d9:ca:f9:b0:
7d:db:99:9a:16:33:61:7f:98:0a:b8:f0:32:a8:08:
94:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EB:0F:31:DD:00:73:40:BA:97:AA:C4:64:74:87:02:E5:73:DF:FE
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:3d:47:12:d5:df:41:b9:98:f7:bd:e1:ce:68:d0:c3:52:37:
43:95:29:80:db:8f:38:9c:b3:27:c4:4c:76:31:2d:48:a2:0d:
80:20:47:68:36:00:b9:d7:66:f0:6b:f5:09:d4:6a:46:db:25:
d6:f6:7c:de:79:4c:93:99:5a:38:c0:e5:0a:a3:62:0b:aa:13:
b4:88:a9:8d:a6:43:cc:99:e0:0b:65:4f:fb:33:22:c5:21:9e:
b4:4e:ec:d5:53:d9:c8:88:fe:bc:11:38:a9:0d:c5:6b:aa:4e:
4f:6b:cf:0e:53:df:da:22:b4:ed:d9:f6:a0:41:97:c3:e7:41:
aa:ac:d0:a4:5a:18:d0:e4:87:06:d8:88:29:04:b1:97:a6:79:
b7:6e:d7:ab:8b:6d:b3:88:a2:a7:bb:5b:cc:ba:86:64:13:2c:
81:73:49:82:3a:24:ae:d6:e4:9b:26:41:af:a0:38:ab:c2:69:
8d:ba:88:f5:f3:63:a6:78:b1:e2:b2:3a:5e:74:7e:83:e8:cc:
65:f1:fe:27:58:9c:b8:c0:7a:12:05:4b:5c:d6:0a:ff:3b:d3:
9e:b6:c8:5f:9c:54:80:d4:e2:dc:80:84:d5:b8:8e:fb:9b:eb:
af:4a:c5:d4:e3:2d:b7:ca:12:1b:56:47:25:f1:7e:71:e1:72:
6b:52:68:f4
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUDM9E75JhZMm8fW9mwGMX/hp+m5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNjAzMjYwMjEyMzdaFw0yNjAzMjcwMjQ1MzdaMDMxMTAvBgNV
BAMTKEE0RUIwRjMxREQwMDczNDBCQTk3QUFDNDY0NzQ4NzAyRTU3M0RGRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO1fF8hhgPBXhvMMrk/gI1ZHOY
i50UWjzOcI4cvThHCbl6vFTblKaNgV8A+CcybwUCOv+H0fDzGj/X86ZP5uiYLwcn
OHNmRCGteJ874vOTfUXGM3jGklBtmcXntXSmKnrCFaJlFuqU4u8fEg6g/cuL1PsL
1vhhTHDXPvNgDmgtcPlJyah3P443sU8TqV9O0Ai62zgVwPHdycLr56Cl2BHKYDfn
gBZpTf2eQaNuZeW6rFNUwbJ/yPtyXCMIudBvzycM44WKa8QO8PH5hMfH32ibwP5c
bAInWqHsBsSPgCv9VeS0xj0Yf2jlmb402cr5sH3bmZoWM2F/mAq48DKoCJTJAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUpOsPMd0Ac0C6l6rEZHSHAuVz3/4wHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABD1HEtXfQbmY973hzmjQ
w1I3Q5UpgNuPOJyzJ8RMdjEtSKINgCBHaDYAuddm8Gv1CdRqRtsl1vZ83nlMk5la
OMDlCqNiC6oTtIipjaZDzJngC2VP+zMixSGetE7s1VPZyIj+vBE4qQ3Fa6pOT2vP
DlPf2iK07dn2oEGXw+dBqqzQpFoY0OSHBtiIKQSxl6Z5t27Xq4tts4iip7tbzLqG
ZBMsgXNJgjokrtbkmyZBr6A4q8JpjbqI9fNjpnix4rI6XnR+g+jMZfH+J1icuMB6
EgVLXNYK/zvTnrbIX5xUgNTi3ICE1biO+5vrr0rF1OMtt8oSG1ZHJfF+ceFya1Jo
9A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:43:07 2026 by rpki-client