Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: c9C0smLFI/2uIyGDXkYAaOd0gImPdHD9+1SHefrfVj0=
Subject key identifier: 95:65:EF:5E:FA:89:DC:B3:E4:31:D2:C2:3D:54:D6:20:B2:35:F3:A2
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 7E14B4A4965E427218271D110F0AF8A17BFE6EF8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 0323
Signing time: Mon 08 Sep 2025 05:53:59 +0000
Manifest this update: Mon 08 Sep 2025 05:48:59 +0000
Manifest next update: Tue 09 Sep 2025 07:44:59 +0000
Files and hashes: 1: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: YpaIa1NRQfbbqRcu46tr+FD7Nt3z9kn9fhnPS89XPAo=)
2: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: AMOOReO25pB/UyWle0jkXv+B6m1MTNWZ4+1w+73+7MY=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:14:b4:a4:96:5e:42:72:18:27:1d:11:0f:0a:f8:a1:7b:fe:6e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Sep 8 05:48:59 2025 GMT
Not After : Sep 9 07:44:59 2025 GMT
Subject: CN=9565EF5EFA89DCB3E431D2C23D54D620B235F3A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2d:0e:61:67:45:08:c6:58:38:d1:78:07:dc:
0e:45:5e:13:81:00:ff:db:a0:39:a4:dc:72:72:15:
89:39:50:fe:fb:98:e3:3d:73:e2:d1:7e:48:9b:2a:
81:18:a5:ea:51:57:8e:ca:6e:f4:bf:43:f5:8e:48:
1d:67:4b:64:af:51:59:48:13:89:59:23:9d:c5:4c:
44:c4:1e:2f:93:c4:86:34:81:c5:af:21:66:07:8d:
ee:15:9a:02:78:9a:32:3d:7c:0e:d1:5b:52:1f:95:
38:26:00:8a:fa:47:1f:ac:4b:05:12:d5:22:26:46:
22:dc:1c:7e:81:76:9d:41:73:6d:d0:00:c0:64:75:
b9:44:30:66:7e:31:f9:1c:cb:f8:2e:f6:da:c2:92:
59:6f:38:a4:81:52:79:51:44:56:73:07:5b:0d:cd:
0f:f0:6d:e7:92:87:43:db:9f:49:04:c8:72:cd:a1:
86:87:d5:c3:ff:f4:39:95:d3:98:6b:ef:a0:40:a7:
e7:5b:bd:9e:bd:42:4b:eb:46:95:85:87:a5:65:53:
ca:42:c6:2a:2b:b9:39:02:3c:a8:93:f4:13:9d:df:
d9:35:00:9c:5e:2d:60:cf:ad:2b:1a:b4:96:f4:a7:
1b:28:32:7a:68:2c:cf:a6:c6:35:e8:d7:74:a5:61:
a8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:65:EF:5E:FA:89:DC:B3:E4:31:D2:C2:3D:54:D6:20:B2:35:F3:A2
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:02:41:36:8f:0b:d3:af:d3:bb:7a:e7:49:b7:4a:f5:65:48:
27:b2:40:1e:10:ed:d8:0a:fe:6d:8d:56:7f:61:e0:f2:aa:02:
48:e5:d8:ad:19:8b:22:ae:1b:aa:9f:09:f3:38:20:d0:67:8f:
cf:15:1e:ef:73:e9:3f:59:5b:46:d4:84:03:6b:87:99:ff:39:
55:88:f3:06:93:bd:21:bb:58:57:26:e9:0d:b6:6c:e3:9e:0f:
47:14:c4:85:c6:b7:8e:77:68:2a:86:eb:20:53:a4:12:5e:3f:
10:d3:05:59:e9:e3:70:d1:52:a4:f2:b5:7b:21:2f:13:ef:83:
52:09:96:09:c7:06:89:72:e3:1a:99:a4:74:19:94:71:d5:f5:
2b:76:ef:e8:40:c4:d6:0f:2e:8f:b7:48:05:50:e7:66:7a:5e:
d1:4a:57:1a:6e:b5:dc:1a:be:c0:fc:94:86:eb:0f:25:5f:ad:
ca:c2:15:17:93:52:41:f9:14:d0:1e:7c:12:96:da:8a:89:97:
39:f7:d3:d3:e2:c8:61:ce:d6:08:cb:ff:8d:41:a6:a0:37:9a:
1b:03:81:2e:ea:b2:c7:7e:d3:06:79:c3:bd:ac:b9:22:1f:a9:
22:bf:06:49:b0:7d:9c:40:d1:35:0f:3c:12:54:04:7a:68:3f:
c9:23:6f:71
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUfhS0pJZeQnIYJx0RDwr4oXv+bvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNTA5MDgwNTQ4NTlaFw0yNTA5MDkwNzQ0NTlaMDMxMTAvBgNV
BAMTKDk1NjVFRjVFRkE4OURDQjNFNDMxRDJDMjNENTRENjIwQjIzNUYzQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnLQ5hZ0UIxlg40XgH3A5FXhOB
AP/boDmk3HJyFYk5UP77mOM9c+LRfkibKoEYpepRV47KbvS/Q/WOSB1nS2SvUVlI
E4lZI53FTETEHi+TxIY0gcWvIWYHje4VmgJ4mjI9fA7RW1IflTgmAIr6Rx+sSwUS
1SImRiLcHH6Bdp1Bc23QAMBkdblEMGZ+Mfkcy/gu9trCkllvOKSBUnlRRFZzB1sN
zQ/wbeeSh0Pbn0kEyHLNoYaH1cP/9DmV05hr76BAp+dbvZ69QkvrRpWFh6VlU8pC
xioruTkCPKiT9BOd39k1AJxeLWDPrSsatJb0pxsoMnpoLM+mxjXo13SlYairAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUlWXvXvqJ3LPkMdLCPVTWILI186IwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADwJBNo8L06/Tu3rnSbdK
9WVIJ7JAHhDt2Ar+bY1Wf2Hg8qoCSOXYrRmLIq4bqp8J8zgg0GePzxUe73PpP1lb
RtSEA2uHmf85VYjzBpO9IbtYVybpDbZs454PRxTEhca3jndoKobrIFOkEl4/ENMF
WenjcNFSpPK1eyEvE++DUgmWCccGiXLjGpmkdBmUcdX1K3bv6EDE1g8uj7dIBVDn
Znpe0UpXGm613Bq+wPyUhusPJV+tysIVF5NSQfkU0B58EpbaiomXOffT0+LIYc7W
CMv/jUGmoDeaGwOBLuqyx37TBnnDvay5Ih+pIr8GSbB9nEDRNQ88ElQEemg/ySNv
cQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 09:56:52 2025 by rpki-client