Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6cfd9a2c-87f1-48a9-b6ea-28ad097b75d3/0/D0E968AC84894210B3D280EF43830657F28075D6.mft
File: D0E968AC84894210B3D280EF43830657F28075D6.mft (raw, json)
Hash identifier: 9tRgKC4CC4ZPjp9MG35FbHmkfzn2x8ANTk8/ptwmhd8=
Subject key identifier: F4:9B:0D:CF:95:83:7D:77:09:78:F8:21:01:79:32:69:05:C6:91:A8
Authority key identifier: D0:E9:68:AC:84:89:42:10:B3:D2:80:EF:43:83:06:57:F2:80:75:D6
Certificate issuer: /CN=d0e968ac84894210b3d280ef43830657f28075d6
Certificate serial: 67FC0CB605BDD96E1273161FDB831FB173A4583F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OlorISJQhCz0oDvQ4MGV_KAddY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6cfd9a2c-87f1-48a9-b6ea-28ad097b75d3/0/D0E968AC84894210B3D280EF43830657F28075D6.mft
Manifest number: 22
Signing time: Tue 28 Apr 2026 20:02:11 +0000
Manifest this update: Tue 28 Apr 2026 19:57:11 +0000
Manifest next update: Wed 29 Apr 2026 21:00:11 +0000
Files and hashes: 1: D0E968AC84894210B3D280EF43830657F28075D6.crl (hash: zoF645i+3/VhakaNpQDsqaD32/VONEc5tvbJ4pboIuA=)
2: AS201398.asa (hash: n2wkwGrf3QROcsDyInpQ0Xfd7WdYDokAiwGbN4VXzkE=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6cfd9a2c-87f1-48a9-b6ea-28ad097b75d3/0/D0E968AC84894210B3D280EF43830657F28075D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/6cfd9a2c-87f1-48a9-b6ea-28ad097b75d3/0/D0E968AC84894210B3D280EF43830657F28075D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/0OlorISJQhCz0oDvQ4MGV_KAddY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 21:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:fc:0c:b6:05:bd:d9:6e:12:73:16:1f:db:83:1f:b1:73:a4:58:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e968ac84894210b3d280ef43830657f28075d6
Validity
Not Before: Apr 28 19:57:11 2026 GMT
Not After : Apr 29 21:00:11 2026 GMT
Subject: CN=F49B0DCF95837D770978F8210179326905C691A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b4:9a:f5:b1:23:76:d3:09:5a:4a:e8:a2:c3:
59:b8:30:3c:7e:60:7b:4d:bf:96:4d:be:37:9d:ef:
19:90:46:9e:90:63:2d:73:ea:0d:44:ef:f0:7e:6f:
7b:3a:b9:ba:72:b6:49:1f:98:b3:ea:95:be:a7:61:
e4:8d:b1:47:f7:0e:3d:4d:a0:9f:cb:d7:97:4f:fa:
05:7c:07:8d:87:16:27:64:16:24:74:4f:70:56:67:
9b:20:18:0d:82:57:21:db:2c:bf:8d:82:e2:74:ef:
a9:aa:5a:c8:5e:d7:c0:85:c9:9e:0c:d1:00:6c:35:
e5:61:57:0e:3c:8c:2a:45:c4:5d:28:cf:17:88:64:
41:4a:4a:bd:01:f4:81:3d:47:50:e3:cd:c6:1c:b8:
f3:5a:57:89:8a:74:67:34:f4:52:78:b4:b1:b9:cc:
f3:67:b1:22:13:21:69:be:5b:9f:17:da:98:73:fc:
f7:8b:60:64:f5:3d:a2:9f:62:27:4b:93:0e:50:e2:
ba:f0:f9:75:4c:cf:73:24:34:9c:de:22:b3:07:a7:
06:65:9f:80:5b:6c:02:20:70:02:bd:a2:15:0b:1f:
bb:2d:94:a9:43:0a:ac:4d:60:78:63:c4:c4:9d:be:
8a:fe:8f:3c:ac:02:74:30:64:de:f4:b5:73:05:8f:
73:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9B:0D:CF:95:83:7D:77:09:78:F8:21:01:79:32:69:05:C6:91:A8
X509v3 Authority Key Identifier:
keyid:D0:E9:68:AC:84:89:42:10:B3:D2:80:EF:43:83:06:57:F2:80:75:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6cfd9a2c-87f1-48a9-b6ea-28ad097b75d3/0/D0E968AC84894210B3D280EF43830657F28075D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OlorISJQhCz0oDvQ4MGV_KAddY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6cfd9a2c-87f1-48a9-b6ea-28ad097b75d3/0/D0E968AC84894210B3D280EF43830657F28075D6.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:6d:f6:57:90:18:3e:7c:ca:fa:b1:70:05:8b:68:fc:83:56:
1e:94:1a:c8:1d:33:9b:3c:e9:46:43:84:58:8f:53:5f:96:70:
7d:fb:a8:ba:9a:0e:0d:34:78:65:e0:cd:f7:6c:66:db:8d:62:
df:0b:2d:3a:1e:8b:2c:65:b0:d5:f1:ca:d0:af:ea:b1:0c:0f:
6e:b7:53:5e:85:60:99:ff:16:dd:97:75:0f:6a:63:8d:f9:be:
62:7a:4b:c3:1a:17:2e:41:c6:42:ba:ea:dc:0c:8d:ab:bc:35:
ea:51:59:9c:a1:a3:48:26:06:1d:68:be:d7:54:c5:5e:56:71:
8f:1a:4f:f1:07:71:cb:bf:72:97:7d:e1:65:c2:b6:a2:3c:79:
5c:1b:d2:05:1d:69:ad:f0:06:4a:07:17:7d:44:a1:2c:ea:8c:
64:27:1f:4c:a8:b2:70:87:0d:3a:7f:04:09:6d:07:81:2b:9b:
73:70:a9:18:53:00:04:29:31:47:ab:c7:24:90:89:c8:64:2a:
7a:14:c1:5f:15:55:b0:97:a4:e4:ba:b2:a6:f1:60:02:a6:76:
fe:51:30:f2:95:b7:70:f7:eb:bd:40:be:59:cd:35:e0:c1:86:
21:ea:cd:73:49:6f:b4:0d:e3:04:f2:ad:59:d8:78:39:0a:99:
dd:ff:75:e0
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUZ/wMtgW92W4ScxYf24MfsXOkWD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDBlOTY4YWM4NDg5NDIxMGIzZDI4MGVmNDM4MzA2NTdm
MjgwNzVkNjAeFw0yNjA0MjgxOTU3MTFaFw0yNjA0MjkyMTAwMTFaMDMxMTAvBgNV
BAMTKEY0OUIwRENGOTU4MzdENzcwOTc4RjgyMTAxNzkzMjY5MDVDNjkxQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKtJr1sSN20wlaSuiiw1m4MDx+
YHtNv5ZNvjed7xmQRp6QYy1z6g1E7/B+b3s6ubpytkkfmLPqlb6nYeSNsUf3Dj1N
oJ/L15dP+gV8B42HFidkFiR0T3BWZ5sgGA2CVyHbLL+NguJ076mqWshe18CFyZ4M
0QBsNeVhVw48jCpFxF0ozxeIZEFKSr0B9IE9R1DjzcYcuPNaV4mKdGc09FJ4tLG5
zPNnsSITIWm+W58X2phz/PeLYGT1PaKfYidLkw5Q4rrw+XVMz3MkNJzeIrMHpwZl
n4BbbAIgcAK9ohULH7stlKlDCqxNYHhjxMSdvor+jzysAnQwZN70tXMFj3OxAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU9JsNz5WDfXcJePghAXkyaQXGkagwHwYDVR0j
BBgwFoAU0OlorISJQhCz0oDvQ4MGV/KAddYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNmZDlhMmMtODdmMS00OGE5LWI2ZWEtMjhhZDA5N2I3
NWQzLzAvRDBFOTY4QUM4NDg5NDIxMEIzRDI4MEVGNDM4MzA2NTdGMjgwNzVENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBPbG9ySVNKUWhDejBvRHZRNE1HVl9L
QWRkWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS82Y2ZkOWEyYy04
N2YxLTQ4YTktYjZlYS0yOGFkMDk3Yjc1ZDMvMC9EMEU5NjhBQzg0ODk0MjEwQjNE
MjgwRUY0MzgzMDY1N0YyODA3NUQ2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsG32V5AYPnzK+rFwBYto
/INWHpQayB0zmzzpRkOEWI9TX5ZwffuoupoODTR4ZeDN92xm241i3wstOh6LLGWw
1fHK0K/qsQwPbrdTXoVgmf8W3Zd1D2pjjfm+YnpLwxoXLkHGQrrq3AyNq7w16lFZ
nKGjSCYGHWi+11TFXlZxjxpP8Qdxy79yl33hZcK2ojx5XBvSBR1prfAGSgcXfUSh
LOqMZCcfTKiycIcNOn8ECW0HgSubc3CpGFMABCkxR6vHJJCJyGQqehTBXxVVsJek
5LqypvFgAqZ2/lEw8pW3cPfrvUC+Wc014MGGIerNc0lvtA3jBPKtWdh4OQqZ3f91
4A==
-----END CERTIFICATE-----
Generated at Wed Apr 29 07:30:30 2026 by rpki-client