Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: 2h0YmD7azCU4q3ooybi2+j/HM+eOxQA/xKjIOVy0X00=
Subject key identifier: 9F:26:5A:B5:AA:D6:AF:BE:C1:A1:1B:02:EE:56:2A:BB:33:3A:C4:EC
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 4BC9FB54F36090FD220CBB574DAF259D2991FD62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 040C
Signing time: Mon 02 Mar 2026 08:34:02 +0000
Manifest this update: Mon 02 Mar 2026 08:29:02 +0000
Manifest next update: Tue 03 Mar 2026 08:49:02 +0000
Files and hashes: 1: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: SQPPpGAfcWzeQjBcG69M0Ql5cnWUCRPHaAkbYVbbBkE=)
2: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: FuzKHRx6/7/GOEm/aPyzV/XvL10wsTkJUYEXwCKuGOE=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c9:fb:54:f3:60:90:fd:22:0c:bb:57:4d:af:25:9d:29:91:fd:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Mar 2 08:29:02 2026 GMT
Not After : Mar 3 08:49:02 2026 GMT
Subject: CN=9F265AB5AAD6AFBEC1A11B02EE562ABB333AC4EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0d:69:46:4b:ee:ff:cd:23:6e:81:13:6f:de:
d4:1e:12:c6:21:73:75:12:a6:65:37:dd:9b:50:46:
cf:a2:11:0f:5c:62:0c:14:ae:1c:a0:93:75:fc:8b:
e5:09:c0:a4:ff:ba:a5:28:e5:d4:c7:da:77:b8:97:
52:8d:c8:cb:6c:58:bc:c6:07:bd:bc:a3:e9:35:a2:
dd:bc:6d:72:85:b8:0e:ce:3e:51:99:aa:a9:f1:5e:
bf:72:b4:ff:8b:0d:1f:94:07:61:ba:4a:98:8f:63:
d8:b6:59:58:c2:78:f4:89:5a:a2:47:b7:c0:b0:54:
77:77:0a:df:a8:60:97:5a:cf:c6:40:b2:af:6c:3c:
9c:0c:d8:8d:1c:15:a4:70:51:06:92:77:ed:b9:60:
ad:90:1b:e9:3d:e6:2e:71:09:88:e1:3c:2f:ee:94:
a6:89:da:1d:78:03:3a:6e:12:e4:14:12:95:83:8d:
0a:2f:ec:09:68:fa:35:7c:9e:c6:9e:f0:68:61:09:
14:35:89:45:92:3f:73:4f:f4:a2:91:3c:f9:21:26:
49:c7:e2:36:6c:30:21:e4:8b:08:9c:6d:f1:db:cf:
78:20:26:bf:f4:36:42:03:67:9b:73:c7:05:3b:8d:
04:ce:7b:81:f7:96:79:31:21:16:35:9b:f8:45:ee:
1a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:26:5A:B5:AA:D6:AF:BE:C1:A1:1B:02:EE:56:2A:BB:33:3A:C4:EC
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:35:d2:f4:53:10:65:7e:5a:8a:ed:97:6e:8b:c8:19:ac:cf:
a5:2e:21:7c:63:8f:b9:6d:dc:50:e0:61:36:de:0b:9d:38:df:
ea:fd:e5:bf:a6:5d:0e:33:11:15:41:ed:e0:b8:92:6b:63:7d:
3f:c3:b9:1a:fa:56:cd:56:dc:23:39:ce:e2:45:9b:cd:18:de:
23:98:ae:6e:f3:2f:16:c5:57:fc:9a:11:fe:11:3d:75:9c:32:
cf:f8:e7:a1:57:c4:6e:3d:28:2f:d0:d6:9f:76:03:67:61:b4:
4f:fe:c1:9e:ed:f5:ec:ec:d2:06:3f:61:84:b7:07:ab:b3:2f:
1c:a2:19:93:60:dc:3a:12:24:b5:48:06:bf:50:1c:f0:95:e9:
95:a5:a4:03:50:98:f4:ac:1e:f7:47:f1:3c:62:f0:54:c4:1e:
f1:17:7d:71:b6:23:7c:66:32:6f:e8:a7:cf:7c:c9:c7:43:4d:
8f:c6:76:ef:70:d0:e1:59:77:96:bb:b4:dc:a4:26:97:2a:b5:
51:54:16:28:12:4b:73:0f:b1:fa:0d:1c:ab:ee:13:55:6b:7a:
88:ab:f6:ad:ec:e3:ff:44:57:54:bf:9d:1a:73:22:55:ea:06:
32:72:d1:8e:4a:47:bc:84:d9:04:8f:98:2f:31:ed:25:7c:7d:
9c:50:57:1f
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUS8n7VPNgkP0iDLtXTa8lnSmR/WIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNjAzMDIwODI5MDJaFw0yNjAzMDMwODQ5MDJaMDMxMTAvBgNV
BAMTKDlGMjY1QUI1QUFENkFGQkVDMUExMUIwMkVFNTYyQUJCMzMzQUM0RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDODWlGS+7/zSNugRNv3tQeEsYh
c3USpmU33ZtQRs+iEQ9cYgwUrhygk3X8i+UJwKT/uqUo5dTH2ne4l1KNyMtsWLzG
B728o+k1ot28bXKFuA7OPlGZqqnxXr9ytP+LDR+UB2G6SpiPY9i2WVjCePSJWqJH
t8CwVHd3Ct+oYJdaz8ZAsq9sPJwM2I0cFaRwUQaSd+25YK2QG+k95i5xCYjhPC/u
lKaJ2h14AzpuEuQUEpWDjQov7Alo+jV8nsae8GhhCRQ1iUWSP3NP9KKRPPkhJknH
4jZsMCHkiwicbfHbz3ggJr/0NkIDZ5tzxwU7jQTOe4H3lnkxIRY1m/hF7hp1AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUnyZatarWr77BoRsC7lYquzM6xOwwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDXS9FMQZX5aiu2XbovI
GazPpS4hfGOPuW3cUOBhNt4LnTjf6v3lv6ZdDjMRFUHt4LiSa2N9P8O5GvpWzVbc
IznO4kWbzRjeI5iubvMvFsVX/JoR/hE9dZwyz/jnoVfEbj0oL9DWn3YDZ2G0T/7B
nu317OzSBj9hhLcHq7MvHKIZk2DcOhIktUgGv1Ac8JXplaWkA1CY9Kwe90fxPGLw
VMQe8Rd9cbYjfGYyb+inz3zJx0NNj8Z273DQ4Vl3lru03KQmlyq1UVQWKBJLcw+x
+g0cq+4TVWt6iKv2rezj/0RXVL+dGnMiVeoGMnLRjkpHvITZBI+YLzHtJXx9nFBX
Hw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:45:34 2026 by rpki-client