Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: aKD1cDtJEWpmKVIv3GvaYJK8Ptwz00oCMqJ2aB4ibXI=
Subject key identifier: 96:F1:4A:E3:5E:EF:8F:5C:18:DB:99:97:D7:E5:A6:3C:41:4C:0B:2C
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 7AFBA63040C2C2AE6060AC02EAA14C9A0944D4D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 044A
Signing time: Fri 17 Apr 2026 14:44:48 +0000
Manifest this update: Fri 17 Apr 2026 14:39:48 +0000
Manifest next update: Sat 18 Apr 2026 18:11:48 +0000
Files and hashes: 1: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: ukam6ccKcXHyCJfr9AAdQ680v2MDezddvIHA/yb3W+A=)
2: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: SQPPpGAfcWzeQjBcG69M0Ql5cnWUCRPHaAkbYVbbBkE=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:fb:a6:30:40:c2:c2:ae:60:60:ac:02:ea:a1:4c:9a:09:44:d4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Apr 17 14:39:48 2026 GMT
Not After : Apr 18 18:11:48 2026 GMT
Subject: CN=96F14AE35EEF8F5C18DB9997D7E5A63C414C0B2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:79:9f:2e:60:01:66:36:6d:99:14:3e:e7:e8:
74:ba:14:59:0d:65:a4:ba:11:d3:83:5a:17:d2:4c:
48:72:f3:38:35:9a:75:e3:21:02:df:34:68:bd:2b:
10:60:a0:fd:53:0d:fb:49:3d:ec:07:e3:b8:b6:7a:
a7:b4:19:46:7b:f8:b7:6b:93:27:69:eb:74:f7:25:
44:12:6a:68:11:3c:e9:3c:33:d3:64:2f:55:6c:ad:
c2:cc:91:e8:b5:5d:24:25:fd:54:74:6c:f4:90:f7:
9e:b0:df:04:72:3e:32:ed:ea:c4:8c:93:fe:e3:8f:
a5:1d:03:93:26:7b:b0:a6:db:9d:f9:09:e2:75:d8:
f6:c3:55:d6:8a:2b:a9:81:7c:51:d7:01:27:9a:a1:
ab:e0:c3:48:1a:95:45:73:76:8a:64:e1:28:24:e9:
46:14:b1:fa:2a:80:bc:c1:b0:cb:55:5a:6d:d3:3b:
23:88:b5:67:cf:b0:25:92:c7:b8:4b:69:67:7e:8d:
b4:64:c7:65:e6:68:6b:e7:41:d2:9e:fd:6b:5b:1a:
cd:d4:4b:21:7b:4e:30:a7:72:e4:51:cc:82:a0:b2:
71:4d:da:fe:9f:51:13:e6:bc:db:32:f2:71:5d:90:
4d:03:ce:a5:16:38:f6:13:1c:be:36:e6:99:74:cf:
0c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F1:4A:E3:5E:EF:8F:5C:18:DB:99:97:D7:E5:A6:3C:41:4C:0B:2C
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:d1:a2:d9:7d:40:d3:8f:db:a9:4d:cf:b5:d9:11:e0:23:2e:
85:a3:e4:bd:62:6e:4e:58:8c:54:cb:f4:ae:d5:2e:d0:11:68:
53:bb:d8:7a:0f:d6:7c:73:9e:c8:a8:04:3a:72:a8:55:5b:a7:
5c:a0:1e:03:df:77:ec:9c:84:2d:71:ae:bd:6d:26:ff:ef:0d:
38:f1:bb:f6:a0:ed:c4:6e:b5:61:68:9c:36:58:8c:7a:78:2a:
be:b3:66:99:82:bf:68:d7:72:70:21:04:b3:da:54:d8:6f:fa:
58:0c:15:27:24:b4:7d:bb:dc:c8:26:1b:a4:26:5a:3e:e0:01:
18:1a:ad:1b:ea:49:77:4c:3b:06:d5:a8:2e:d8:0f:22:2e:83:
bc:1a:da:1d:eb:a2:9d:c0:63:6b:8e:9b:ce:70:a5:9f:58:12:
bb:69:6e:c5:68:18:4d:11:81:26:7b:41:22:2f:76:6e:8c:99:
cd:82:05:31:8b:4c:c1:5d:f0:2f:98:fa:00:97:e9:d7:b2:a9:
20:5d:80:5a:0c:d6:bc:ef:57:7b:f0:9c:4b:67:5f:c3:d9:03:
41:4d:a2:a6:c0:78:1a:14:04:8f:34:40:ec:bb:4a:dd:0e:de:
c8:93:19:72:6d:5b:8a:97:19:fa:a8:1b:59:8a:9a:cf:87:5c:
e5:cb:09:0b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUevumMEDCwq5gYKwC6qFMmglE1NAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNjA0MTcxNDM5NDhaFw0yNjA0MTgxODExNDhaMDMxMTAvBgNV
BAMTKDk2RjE0QUUzNUVFRjhGNUMxOERCOTk5N0Q3RTVBNjNDNDE0QzBCMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgeZ8uYAFmNm2ZFD7n6HS6FFkN
ZaS6EdODWhfSTEhy8zg1mnXjIQLfNGi9KxBgoP1TDftJPewH47i2eqe0GUZ7+Ldr
kydp63T3JUQSamgRPOk8M9NkL1VsrcLMkei1XSQl/VR0bPSQ956w3wRyPjLt6sSM
k/7jj6UdA5Mme7Cm2535CeJ12PbDVdaKK6mBfFHXASeaoavgw0galUVzdopk4Sgk
6UYUsfoqgLzBsMtVWm3TOyOItWfPsCWSx7hLaWd+jbRkx2XmaGvnQdKe/WtbGs3U
SyF7TjCncuRRzIKgsnFN2v6fURPmvNsy8nFdkE0DzqUWOPYTHL425pl0zwzNAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUlvFK417vj1wY25mX1+WmPEFMCywwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU9Gi2X1A04/bqU3PtdkR
4CMuhaPkvWJuTliMVMv0rtUu0BFoU7vYeg/WfHOeyKgEOnKoVVunXKAeA9937JyE
LXGuvW0m/+8NOPG79qDtxG61YWicNliMengqvrNmmYK/aNdycCEEs9pU2G/6WAwV
JyS0fbvcyCYbpCZaPuABGBqtG+pJd0w7BtWoLtgPIi6DvBraHeuincBja46bznCl
n1gSu2luxWgYTRGBJntBIi92boyZzYIFMYtMwV3wL5j6AJfp17KpIF2AWgzWvO9X
e/CcS2dfw9kDQU2ipsB4GhQEjzRA7LtK3Q7eyJMZcm1bipcZ+qgbWYqaz4dc5csJ
Cw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:39:10 2026 by rpki-client