Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: aXqaT1MVYij486aGXIp2VS/N4B78F+x+WBD5QGFKJ78=
Subject key identifier: 56:3D:C0:B6:43:34:CC:CF:BA:1F:EB:61:A6:8C:29:A0:C0:2E:87:45
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 16251B1FFD0185E8E6D9D263A90DF7E1CBF84660
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 02C4
Signing time: Sat 28 Jun 2025 15:34:10 +0000
Manifest this update: Sat 28 Jun 2025 15:29:10 +0000
Manifest next update: Sun 29 Jun 2025 19:03:10 +0000
Files and hashes: 1: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: AMOOReO25pB/UyWle0jkXv+B6m1MTNWZ4+1w+73+7MY=)
2: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: 6wmeUAQbcuu65wEhJT1sZ3B+uY9oYWM17Kv/9Umkze0=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:25:1b:1f:fd:01:85:e8:e6:d9:d2:63:a9:0d:f7:e1:cb:f8:46:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Jun 28 15:29:10 2025 GMT
Not After : Jun 29 19:03:10 2025 GMT
Subject: CN=563DC0B64334CCCFBA1FEB61A68C29A0C02E8745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:07:2b:72:64:0e:d7:93:19:6e:ce:e0:90:75:
89:cf:37:5c:29:3d:73:01:89:6d:f0:2a:c8:8d:c6:
59:10:bc:96:d0:e0:c1:a0:e0:56:26:50:99:46:54:
8c:b1:1c:88:7c:07:17:d3:44:be:31:1c:60:94:28:
86:ac:77:fc:f3:d8:ec:c4:1f:6f:6c:8d:45:4c:57:
15:de:89:8f:40:f6:53:f7:d8:c0:e1:bb:03:03:bd:
15:2d:91:ab:92:0d:53:bb:cf:42:3a:e8:b8:34:35:
37:ed:51:ab:12:12:18:e5:c5:46:14:b2:03:94:25:
f1:83:47:d5:60:74:5f:29:25:16:62:89:61:93:a4:
79:7d:03:11:a8:14:c2:bc:64:fe:7c:8b:ec:32:95:
d3:47:be:69:6d:b1:0b:a2:b4:19:52:4e:8d:47:e5:
b8:56:88:b7:7e:2d:e0:38:eb:02:33:d5:16:eb:c3:
fc:60:44:bc:ad:de:b2:c3:24:fa:da:e3:86:28:a4:
b6:5e:60:39:9f:67:a4:40:b9:af:81:f4:3a:17:b8:
ff:3c:09:22:65:2b:5a:d0:35:5a:e5:1b:ec:49:e5:
db:c7:f5:1f:eb:34:78:c8:81:1b:f7:9f:a7:68:ac:
be:21:93:91:a9:79:51:1b:55:a9:4d:5b:af:c4:fa:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3D:C0:B6:43:34:CC:CF:BA:1F:EB:61:A6:8C:29:A0:C0:2E:87:45
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:f9:cc:f0:6b:4b:32:aa:5b:61:f2:06:e7:95:08:ee:28:eb:
51:b9:07:2e:12:41:e3:cf:69:a2:e2:de:82:80:20:7e:7b:e3:
51:89:11:3d:d3:05:63:4e:85:76:ce:48:e0:64:82:ce:f0:17:
9e:0e:2f:3c:11:e3:f7:d4:7f:a0:1f:41:ea:39:7a:ed:34:09:
df:fa:4f:df:00:48:2d:88:38:d4:52:78:76:26:48:c0:19:44:
dc:d7:35:73:76:cd:33:b8:58:f6:3d:20:41:eb:f0:26:99:35:
43:af:1f:8f:d6:12:3e:97:56:1c:2b:a6:ae:fc:04:63:fb:d7:
1f:52:0c:02:cf:4d:0f:98:f3:1d:32:05:25:e9:7a:15:96:5a:
f8:1a:24:84:ec:d0:06:17:b1:4a:9b:f6:27:aa:9f:5d:3f:9d:
d3:79:b2:8a:0a:bf:9d:4b:25:4e:61:d7:ce:db:2d:e2:e1:84:
16:bf:f9:44:01:38:a7:1f:0d:38:d5:3a:97:43:bb:8d:52:02:
56:88:55:54:c4:60:be:c6:a1:9a:18:c0:86:fd:e6:6a:a5:d6:
20:98:73:a9:8e:57:bf:a6:05:40:cf:ec:8a:96:e1:33:bd:4b:
9e:e3:4c:46:95:e6:ec:fa:b4:a0:15:49:5f:89:69:45:a1:22:
4e:f8:86:51
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUFiUbH/0Bhejm2dJjqQ334cv4RmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNTA2MjgxNTI5MTBaFw0yNTA2MjkxOTAzMTBaMDMxMTAvBgNV
BAMTKDU2M0RDMEI2NDMzNENDQ0ZCQTFGRUI2MUE2OEMyOUEwQzAyRTg3NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpBytyZA7XkxluzuCQdYnPN1wp
PXMBiW3wKsiNxlkQvJbQ4MGg4FYmUJlGVIyxHIh8BxfTRL4xHGCUKIasd/zz2OzE
H29sjUVMVxXeiY9A9lP32MDhuwMDvRUtkauSDVO7z0I66Lg0NTftUasSEhjlxUYU
sgOUJfGDR9VgdF8pJRZiiWGTpHl9AxGoFMK8ZP58i+wyldNHvmltsQuitBlSTo1H
5bhWiLd+LeA46wIz1Rbrw/xgRLyt3rLDJPra44YopLZeYDmfZ6RAua+B9DoXuP88
CSJlK1rQNVrlG+xJ5dvH9R/rNHjIgRv3n6dorL4hk5GpeVEbValNW6/E+urVAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUVj3AtkM0zM+6H+thpowpoMAuh0UwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfnM8GtLMqpbYfIG55UI
7ijrUbkHLhJB489pouLegoAgfnvjUYkRPdMFY06Fds5I4GSCzvAXng4vPBHj99R/
oB9B6jl67TQJ3/pP3wBILYg41FJ4diZIwBlE3Nc1c3bNM7hY9j0gQevwJpk1Q68f
j9YSPpdWHCumrvwEY/vXH1IMAs9ND5jzHTIFJel6FZZa+BokhOzQBhexSpv2J6qf
XT+d03myigq/nUslTmHXztst4uGEFr/5RAE4px8NONU6l0O7jVICVohVVMRgvsah
mhjAhv3maqXWIJhzqY5Xv6YFQM/sipbhM71LnuNMRpXm7Pq0oBVJX4lpRaEiTviG
UQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:33:06 2025 by rpki-client