Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: bEk55RRBTzPcxkGHxrOdAaV3zlEhTMcq6LjMYx2hK9Y=
Subject key identifier: 29:AA:16:6E:05:6F:BC:6C:25:E2:57:72:C0:D9:80:85:8D:F6:4E:60
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 3D8039F8046A95D7BD480D577A674BC0B17485BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 0411
Signing time: Thu 05 Mar 2026 19:05:38 +0000
Manifest this update: Thu 05 Mar 2026 19:00:38 +0000
Manifest next update: Fri 06 Mar 2026 19:50:38 +0000
Files and hashes: 1: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: SQPPpGAfcWzeQjBcG69M0Ql5cnWUCRPHaAkbYVbbBkE=)
2: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: Ec6zxgJWbGST5ZfzI1/unMF8IVGP61cQZseANztnw9E=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:80:39:f8:04:6a:95:d7:bd:48:0d:57:7a:67:4b:c0:b1:74:85:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Mar 5 19:00:38 2026 GMT
Not After : Mar 6 19:50:38 2026 GMT
Subject: CN=29AA166E056FBC6C25E25772C0D980858DF64E60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:33:5a:b1:45:bb:42:9f:df:d5:1c:bc:89:3e:
d3:15:52:a0:c7:31:0b:9d:9d:34:45:36:5c:6c:20:
2b:ed:39:90:eb:3b:46:68:68:71:ee:2f:3b:17:2b:
1b:62:b3:11:30:6a:90:9a:5a:0d:a8:28:3b:19:60:
e4:65:71:3d:2b:5c:81:23:f7:15:e6:20:ca:64:70:
db:d1:e3:08:40:f9:bf:38:be:0d:f1:18:ae:a2:6b:
61:e1:06:0d:d3:0c:a2:b1:d4:5b:f6:4b:4f:19:83:
83:ec:df:38:fe:9f:f8:f1:2a:e9:3f:c1:2a:a4:1d:
87:3c:ee:7d:78:8e:6a:72:4d:a1:30:0e:54:cd:d8:
a7:bd:b2:6d:56:f0:77:8c:ca:00:bc:39:6b:22:a0:
6b:d4:85:07:07:7a:52:6c:75:c5:5a:f1:e8:65:8e:
70:81:87:fe:8f:57:02:6f:ab:a1:a3:18:a2:0b:68:
6e:06:35:4d:3f:4f:60:2a:8a:cb:c4:24:83:1f:a0:
3d:f9:a9:94:e3:dd:a2:d1:09:c5:d9:ba:95:e0:51:
9b:7c:12:5c:40:9f:02:58:44:57:72:f3:c2:6c:4d:
05:19:43:69:c2:d5:8d:56:35:0c:10:ff:64:78:8b:
a5:c7:38:89:de:13:53:ec:0f:02:fc:72:6a:5a:87:
0d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AA:16:6E:05:6F:BC:6C:25:E2:57:72:C0:D9:80:85:8D:F6:4E:60
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:2f:74:02:f3:f4:0b:5a:64:d9:1e:43:93:6f:6c:85:c8:0a:
ae:90:f0:15:c6:f2:91:1a:16:9d:bf:4c:39:f9:1b:d9:b5:ac:
e9:3c:51:1c:70:10:b3:54:d4:58:b1:b5:71:6c:f8:9b:fa:ef:
f7:76:ac:fa:5a:c7:c1:2b:9b:d7:19:c8:a5:07:25:81:5c:67:
fb:d4:d2:ac:8c:3f:e9:66:fe:bd:88:6c:ab:d7:19:9f:cb:44:
02:55:7a:8c:64:e9:e8:31:ac:43:c8:78:28:8e:5e:f5:ef:22:
25:61:dd:a3:a9:d9:d3:58:36:c6:48:d4:3c:a0:d6:cf:64:36:
ab:19:a2:db:13:d5:8b:e2:8b:39:d0:4e:fd:5a:50:fe:a6:72:
15:20:51:d7:6c:92:f1:c9:80:3d:b1:0d:75:0f:28:43:db:a0:
60:56:5d:86:be:3d:23:34:fe:91:b0:a3:b1:2b:39:e7:f4:0a:
99:5c:51:e2:5e:e2:8f:c5:f2:c0:27:09:37:b5:5c:97:89:7e:
7a:ab:a1:88:9c:f1:4f:34:f4:cb:36:40:6d:f3:97:dd:ae:e8:
1f:e2:9d:8e:90:0e:39:92:9f:7d:e4:57:d0:3a:10:ac:11:ba:
ce:ce:3a:af:13:93:f1:57:d1:31:f8:d4:7f:a9:4e:6c:b2:f6:
d5:eb:bd:0c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUPYA5+ARqlde9SA1XemdLwLF0hbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNjAzMDUxOTAwMzhaFw0yNjAzMDYxOTUwMzhaMDMxMTAvBgNV
BAMTKDI5QUExNjZFMDU2RkJDNkMyNUUyNTc3MkMwRDk4MDg1OERGNjRFNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfM1qxRbtCn9/VHLyJPtMVUqDH
MQudnTRFNlxsICvtOZDrO0ZoaHHuLzsXKxtisxEwapCaWg2oKDsZYORlcT0rXIEj
9xXmIMpkcNvR4whA+b84vg3xGK6ia2HhBg3TDKKx1Fv2S08Zg4Ps3zj+n/jxKuk/
wSqkHYc87n14jmpyTaEwDlTN2Ke9sm1W8HeMygC8OWsioGvUhQcHelJsdcVa8ehl
jnCBh/6PVwJvq6GjGKILaG4GNU0/T2AqisvEJIMfoD35qZTj3aLRCcXZupXgUZt8
ElxAnwJYRFdy88JsTQUZQ2nC1Y1WNQwQ/2R4i6XHOIneE1PsDwL8cmpahw0/AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUKaoWbgVvvGwl4ldywNmAhY32TmAwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhS90AvP0C1pk2R5Dk29s
hcgKrpDwFcbykRoWnb9MOfkb2bWs6TxRHHAQs1TUWLG1cWz4m/rv93as+lrHwSub
1xnIpQclgVxn+9TSrIw/6Wb+vYhsq9cZn8tEAlV6jGTp6DGsQ8h4KI5e9e8iJWHd
o6nZ01g2xkjUPKDWz2Q2qxmi2xPVi+KLOdBO/VpQ/qZyFSBR12yS8cmAPbENdQ8o
Q9ugYFZdhr49IzT+kbCjsSs55/QKmVxR4l7ij8XywCcJN7Vcl4l+equhiJzxTzT0
yzZAbfOX3a7oH+KdjpAOOZKffeRX0DoQrBG6zs46rxOT8VfRMfjUf6lObLL21eu9
DA==
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:45:27 2026 by rpki-client