Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: BzLMparZJFGPcHehDbwakmcfMai9gD6+b2ChSMh6CpI=
Subject key identifier: 36:16:DE:CD:54:08:6B:9B:B4:E8:CB:D5:52:71:20:48:FD:E9:62:9B
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 019D38D332C92978252BA2C1B5A9B016EC95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 14A9
Signing time: Sun 29 Mar 2026 09:00:58 +0000
Manifest this update: Sun 29 Mar 2026 09:00:58 +0000
Manifest next update: Mon 30 Mar 2026 09:00:58 +0000
Files and hashes: 1: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: m/3pA/ljZDaOEHgjXMK6Wpe1leyjn/zsKXck++8k/5g=)
2: WIUAFonkV2sfv2obw7wp_H-MGvU.roa (hash: GtKF8czJWl3ExfCMW9FZWgpdCqhRe9QAiKNJnvpNNSc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:32:c9:29:78:25:2b:a2:c1:b5:a9:b0:16:ec:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Mar 29 09:00:58 2026 GMT
Not After : Mar 30 09:00:58 2026 GMT
Subject: CN=3616decd54086b9bb4e8cbd552712048fde9629b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:81:3e:74:71:94:0a:96:e7:9e:68:0d:1c:e7:
1d:bc:fa:13:e2:d7:21:68:7e:5c:e6:0d:bc:74:6f:
b3:22:12:37:e0:4c:4b:72:a3:40:be:7c:c7:8c:54:
59:33:c1:90:8b:ba:a8:5f:e0:5e:07:8e:16:b6:61:
68:f6:30:23:13:f8:85:ac:1d:f1:dc:ee:71:81:86:
1f:02:0c:56:10:50:bb:9b:3e:43:03:28:40:bf:c7:
2f:64:6b:fa:9a:04:4c:d0:b0:c7:4a:bb:42:f1:b0:
9c:43:7f:9b:ba:67:7d:3d:52:39:31:b8:e7:84:0a:
9e:3c:2e:7c:e3:2b:6f:23:49:82:f2:e7:f7:19:87:
34:42:da:ef:3d:26:1a:ba:a2:46:e6:58:48:5e:ef:
8b:d1:81:b0:eb:c2:a0:bb:95:d8:1d:c3:0a:fc:42:
20:54:49:7f:f0:2e:2b:e2:f0:41:bc:b9:85:f5:6b:
63:75:0a:e0:ad:e2:ab:0d:31:fd:64:ba:5d:8d:1c:
7f:b9:94:05:69:09:5b:1e:c3:7a:08:08:f4:3f:07:
93:6b:01:66:39:47:f5:62:d0:0c:88:ef:ff:ff:9c:
c9:c9:bf:95:01:a5:45:5e:30:1f:b9:15:2c:dc:a2:
39:9e:d8:f4:08:ed:5a:12:6e:f3:fb:ac:61:3b:1a:
5a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:16:DE:CD:54:08:6B:9B:B4:E8:CB:D5:52:71:20:48:FD:E9:62:9B
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e3:a4:1d:df:2d:06:01:be:60:93:05:4a:1d:61:b8:52:04:0f:
cb:1b:7a:bd:4c:54:57:75:b1:98:ea:1d:c4:f0:b6:65:93:5c:
ef:15:42:86:ec:fb:d5:0d:be:f2:86:db:32:f4:ac:11:63:f3:
d2:2c:6b:fa:01:7e:00:60:c0:cd:db:7f:2b:50:8c:9a:eb:3d:
49:f0:34:f9:70:61:bf:fd:a0:f9:86:94:49:b6:d0:e4:73:18:
69:a0:0a:68:8c:c3:2b:27:bf:7e:d0:c1:fe:bc:9c:fc:26:56:
8e:ef:69:2c:4b:94:c7:53:37:32:c6:42:a7:d6:e1:a0:a5:bb:
de:24:64:d1:3e:48:28:02:d6:ee:de:32:4f:55:14:14:ba:dc:
39:0a:79:1e:3a:af:8a:8a:0a:ef:f8:61:68:79:f1:f6:69:48:
30:c4:72:00:cd:e9:c2:e7:5c:66:30:9e:de:bc:83:e0:e9:10:
e4:c5:85:45:aa:cf:d9:3d:15:45:05:1c:0d:f4:7f:5e:39:9c:
b8:85:1c:dc:92:4a:78:9c:2b:24:f1:20:1d:0f:f3:43:8f:75:
f9:18:0a:93:b8:7f:02:89:96:09:a2:82:0d:89:b3:77:80:07:
76:ca:0d:52:1d:ef:9d:d0:81:bb:e5:94:8b:c7:2b:0c:0f:d6:
cd:86:b7:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zLJKXglK6LBtamwFuyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjYwMzI5MDkwMDU4WhcNMjYwMzMwMDkwMDU4WjAzMTEwLwYDVQQD
EygzNjE2ZGVjZDU0MDg2YjliYjRlOGNiZDU1MjcxMjA0OGZkZTk2MjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoE+dHGUCpbnnmgNHOcdvPoT4tch
aH5c5g28dG+zIhI34ExLcqNAvnzHjFRZM8GQi7qoX+BeB44WtmFo9jAjE/iFrB3x
3O5xgYYfAgxWEFC7mz5DAyhAv8cvZGv6mgRM0LDHSrtC8bCcQ3+bumd9PVI5Mbjn
hAqePC584ytvI0mC8uf3GYc0QtrvPSYauqJG5lhIXu+L0YGw68Kgu5XYHcMK/EIg
VEl/8C4r4vBBvLmF9WtjdQrgreKrDTH9ZLpdjRx/uZQFaQlbHsN6CAj0PweTawFm
OUf1YtAMiO///5zJyb+VAaVFXjAfuRUs3KI5ntj0CO1aEm7z+6xhOxpaHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYW3s1UCGubtOjL1VJxIEj96WKbMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA46Qd3y0G
Ab5gkwVKHWG4UgQPyxt6vUxUV3WxmOodxPC2ZZNc7xVChuz71Q2+8obbMvSsEWPz
0ixr+gF+AGDAzdt/K1CMmus9SfA0+XBhv/2g+YaUSbbQ5HMYaaAKaIzDKye/ftDB
/ryc/CZWju9pLEuUx1M3MsZCp9bhoKW73iRk0T5IKALW7t4yT1UUFLrcOQp5Hjqv
iooK7/hhaHnx9mlIMMRyAM3pwudcZjCe3ryD4OkQ5MWFRarP2T0VRQUcDfR/Xjmc
uIUc3JJKeJwrJPEgHQ/zQ491+RgKk7h/AomWCaKCDYmzd4AHdsoNUh3vndCBu+WU
i8crDA/WzYa35g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:02 2026 by rpki-client