Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: l/m1wDwcI9NvvlHxbJH2PKg14YVxUtv1opKdJfCOZwA=
Subject key identifier: C7:54:CD:52:4A:CE:0E:C0:EC:21:97:25:46:83:50:00:AC:85:A4:A9
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 3C3A1B27A0969944DE1A055978C64BC7286FA8E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 044D
Signing time: Sun 19 Apr 2026 21:59:55 +0000
Manifest this update: Sun 19 Apr 2026 21:54:55 +0000
Manifest next update: Tue 21 Apr 2026 00:23:55 +0000
Files and hashes: 1: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: SQPPpGAfcWzeQjBcG69M0Ql5cnWUCRPHaAkbYVbbBkE=)
2: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: ui3ibiPC8AcxdDpC9KNRFUNU2rhWkiEzOd9q0KgZ5OU=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 21:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:3a:1b:27:a0:96:99:44:de:1a:05:59:78:c6:4b:c7:28:6f:a8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Apr 19 21:54:55 2026 GMT
Not After : Apr 21 00:23:55 2026 GMT
Subject: CN=C754CD524ACE0EC0EC21972546835000AC85A4A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6a:ec:7d:f6:c0:92:25:c4:7f:af:a2:2c:46:
9d:0a:f6:d0:90:79:80:6a:41:0c:98:f4:50:ae:8e:
67:50:61:68:56:41:67:af:e9:7b:98:ef:41:fa:b9:
2f:e1:39:82:d4:fe:f5:69:6b:a8:2d:95:d0:1f:96:
a4:34:d2:20:cc:65:96:67:f0:68:af:e3:4e:35:c7:
86:c8:e7:78:99:31:53:89:d9:e3:e4:08:d7:54:98:
e5:bc:02:67:41:9f:5f:ea:33:9f:b6:90:54:8e:da:
0d:e0:8f:14:70:a9:06:47:2e:7e:0b:18:bd:8d:ad:
f9:33:1d:a0:3b:17:42:f7:b1:e5:0d:3f:c9:1e:b6:
62:40:a9:f2:99:b4:b6:39:c3:d5:1c:49:0c:ec:60:
34:e6:7e:c7:f7:5d:bc:34:2d:be:e2:bb:1f:7f:bd:
f7:e8:0f:b1:bd:89:61:c3:20:26:6b:84:40:ae:b6:
4f:4e:92:87:bf:39:be:7e:a5:55:69:ba:a1:89:e1:
13:94:bd:f9:38:40:3a:9e:43:00:9c:d2:8b:06:41:
5b:0b:5a:7b:20:43:d7:94:e3:e7:19:9e:df:83:5f:
10:9a:e3:89:2a:dd:be:42:18:3d:71:84:44:a5:1b:
70:b1:f6:a3:38:bd:c5:64:74:f9:28:bf:0c:7e:db:
04:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:54:CD:52:4A:CE:0E:C0:EC:21:97:25:46:83:50:00:AC:85:A4:A9
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:0e:cb:53:33:9e:10:91:f4:4c:89:e8:4d:a3:07:bc:97:e2:
c1:fd:f3:66:96:1c:f5:3e:30:ce:63:7d:a9:a5:df:50:24:6b:
da:a3:3f:dd:d3:95:a2:2c:2a:70:fb:af:f2:13:cd:1b:a1:a3:
37:db:21:e0:ae:3f:a8:b2:bf:c9:71:c9:c1:e3:4e:ad:87:a4:
ff:81:db:70:d5:43:61:e7:6d:d5:40:f7:40:43:d7:22:ee:79:
64:a6:e7:b2:d1:96:50:f1:72:8e:51:66:e6:69:17:fe:f6:c7:
7e:5f:c8:35:38:bb:9f:44:ab:68:a4:a2:86:1c:82:78:7b:dc:
8e:90:65:6e:98:61:ec:dd:3c:8f:91:1d:fd:15:c1:19:3c:24:
85:85:db:22:6d:75:71:fa:6d:94:b3:9f:f3:c8:65:90:ae:3c:
da:bf:77:20:4e:19:a0:8b:84:e7:e2:85:d6:1c:54:c2:49:8c:
10:46:0f:b0:be:ae:15:c9:e9:be:41:13:aa:26:d3:6e:91:98:
71:46:34:e8:b0:d5:04:1d:ab:1a:77:1d:9e:65:b6:21:0a:8f:
55:2f:e9:0c:7e:e2:1d:e6:db:fd:04:77:1b:cb:a7:c2:30:4b:
61:c7:33:62:cc:44:12:1d:4a:a1:c5:9a:1c:3c:d5:25:30:b6:
b7:e5:9e:a6
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUPDobJ6CWmUTeGgVZeMZLxyhvqOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNjA0MTkyMTU0NTVaFw0yNjA0MjEwMDIzNTVaMDMxMTAvBgNV
BAMTKEM3NTRDRDUyNEFDRTBFQzBFQzIxOTcyNTQ2ODM1MDAwQUM4NUE0QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuaux99sCSJcR/r6IsRp0K9tCQ
eYBqQQyY9FCujmdQYWhWQWev6XuY70H6uS/hOYLU/vVpa6gtldAflqQ00iDMZZZn
8Giv4041x4bI53iZMVOJ2ePkCNdUmOW8AmdBn1/qM5+2kFSO2g3gjxRwqQZHLn4L
GL2NrfkzHaA7F0L3seUNP8ketmJAqfKZtLY5w9UcSQzsYDTmfsf3Xbw0Lb7iux9/
vffoD7G9iWHDICZrhECutk9Okoe/Ob5+pVVpuqGJ4ROUvfk4QDqeQwCc0osGQVsL
WnsgQ9eU4+cZnt+DXxCa44kq3b5CGD1xhESlG3Cx9qM4vcVkdPkovwx+2wTpAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUx1TNUkrODsDsIZclRoNQAKyFpKkwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPQ7LUzOeEJH0TInoTaMH
vJfiwf3zZpYc9T4wzmN9qaXfUCRr2qM/3dOVoiwqcPuv8hPNG6GjN9sh4K4/qLK/
yXHJweNOrYek/4HbcNVDYedt1UD3QEPXIu55ZKbnstGWUPFyjlFm5mkX/vbHfl/I
NTi7n0SraKSihhyCeHvcjpBlbphh7N08j5Ed/RXBGTwkhYXbIm11cfptlLOf88hl
kK482r93IE4ZoIuE5+KF1hxUwkmMEEYPsL6uFcnpvkETqibTbpGYcUY06LDVBB2r
GncdnmW2IQqPVS/pDH7iHebb/QR3G8unwjBLYcczYsxEEh1KocWaHDzVJTC2t+We
pg==
-----END CERTIFICATE-----
Generated at Mon Apr 20 04:52:12 2026 by rpki-client