Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: znw4OAT5H01SX5aUOpikVo0pCXySzeGNQ5OKHgWnQgU=
Subject key identifier: D4:2E:1D:19:0C:84:86:05:0D:FB:4C:7B:02:CB:FF:E6:8F:A6:B2:65
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 019A70A5484AD5AE7635BF61198AE59A0BE8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 1338
Signing time: Tue 11 Nov 2025 02:01:11 +0000
Manifest this update: Tue 11 Nov 2025 02:01:11 +0000
Manifest next update: Wed 12 Nov 2025 02:01:11 +0000
Files and hashes: 1: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (hash: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=)
2: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: XXVaPamY1YgYG5SXyJiHVFPays4LlgurSMbs4LBvRz0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:48:4a:d5:ae:76:35:bf:61:19:8a:e5:9a:0b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Nov 11 02:01:11 2025 GMT
Not After : Nov 12 02:01:11 2025 GMT
Subject: CN=d42e1d190c8486050dfb4c7b02cbffe68fa6b265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:63:e2:56:a5:b0:81:19:99:c1:54:f8:66:09:
96:2b:5a:64:b2:47:e2:01:73:10:27:19:2c:d4:bd:
21:76:9e:04:40:0c:1b:31:6c:bf:e7:0f:ea:b7:4d:
d5:55:95:57:13:56:5f:89:18:d8:a7:27:5e:60:91:
9a:5b:35:c6:70:e7:56:54:6a:cd:21:48:e1:26:1e:
29:76:cb:e2:87:b9:7f:ae:2e:9c:d7:00:2d:bd:8d:
42:60:ea:4f:4f:3d:61:26:a8:b2:3e:76:ff:19:c4:
66:31:42:76:ce:a9:67:fa:15:8c:76:cb:c0:ea:ea:
21:8e:f1:89:e5:20:c6:4d:5d:5d:5f:07:67:75:4b:
25:5d:71:d7:82:64:cd:24:0b:6d:28:f0:b8:41:61:
87:f7:71:94:d0:90:5d:28:bf:55:e3:c8:b6:c0:10:
6e:7a:0a:41:bc:42:37:d2:99:9c:a1:d0:e1:b9:8d:
3a:13:43:67:0c:c1:f3:20:84:b6:1a:5b:42:e2:14:
1d:69:ee:39:41:10:38:f2:10:13:29:3f:cf:2f:1d:
b2:3d:d6:d8:f4:32:10:80:b0:da:8a:7b:bb:a3:4c:
7d:52:cc:52:1c:e3:b6:81:55:e0:28:97:bb:31:62:
f7:fc:19:20:78:3e:e7:5d:c8:fe:3d:46:d0:1b:d3:
62:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2E:1D:19:0C:84:86:05:0D:FB:4C:7B:02:CB:FF:E6:8F:A6:B2:65
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:c8:02:7b:42:a5:4e:aa:b2:2b:6b:48:f2:c0:38:37:42:55:
19:95:c4:d3:54:56:37:46:dc:ac:0a:68:79:a4:46:24:e7:03:
99:1f:d6:7f:d5:9f:18:10:a8:dc:03:2c:6a:69:43:cf:38:99:
b1:7a:86:c7:cf:1e:76:b4:49:6d:77:a6:2a:4b:d3:aa:e7:b9:
f1:b6:52:b3:ba:f4:6d:0d:a8:df:58:fe:30:8f:f0:41:c2:08:
7e:cc:c0:06:3c:f7:aa:20:98:d6:a9:5e:dd:e7:bf:4e:4f:f6:
30:39:33:64:d0:86:07:19:0d:89:a1:90:1f:59:c8:ba:23:d3:
70:e7:42:f9:7c:35:97:84:55:ed:d0:85:4c:c6:98:68:d1:77:
2f:ee:b8:96:7e:e7:69:85:79:30:cc:80:5c:f4:7d:d0:ce:92:
72:a9:34:0b:c1:0a:53:63:75:18:70:58:6a:94:e1:b2:5b:a3:
df:4f:00:46:9d:84:99:19:48:30:b6:c3:d1:1b:45:3b:7d:f6:
68:cb:85:5d:94:76:43:0a:05:7a:77:9f:64:2f:16:35:ac:6f:
aa:19:dc:40:f0:5e:92:8b:d4:bf:3b:21:bb:25:98:03:00:c7:
39:78:aa:16:56:9a:48:31:fb:3c:4d:7a:03:ea:5f:5d:79:53:
96:5e:53:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpUhK1a52Nb9hGYrlmgvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjUxMTExMDIwMTExWhcNMjUxMTEyMDIwMTExWjAzMTEwLwYDVQQD
EyhkNDJlMWQxOTBjODQ4NjA1MGRmYjRjN2IwMmNiZmZlNjhmYTZiMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGPiVqWwgRmZwVT4ZgmWK1pkskfi
AXMQJxks1L0hdp4EQAwbMWy/5w/qt03VVZVXE1ZfiRjYpydeYJGaWzXGcOdWVGrN
IUjhJh4pdsvih7l/ri6c1wAtvY1CYOpPTz1hJqiyPnb/GcRmMUJ2zqln+hWMdsvA
6uohjvGJ5SDGTV1dXwdndUslXXHXgmTNJAttKPC4QWGH93GU0JBdKL9V48i2wBBu
egpBvEI30pmcodDhuY06E0NnDMHzIIS2GltC4hQdae45QRA48hATKT/PLx2yPdbY
9DIQgLDainu7o0x9UsxSHOO2gVXgKJe7MWL3/BkgeD7nXcj+PUbQG9NiCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQuHRkMhIYFDftMewLL/+aPprJlMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0MgCe0Kl
TqqyK2tI8sA4N0JVGZXE01RWN0bcrApoeaRGJOcDmR/Wf9WfGBCo3AMsamlDzziZ
sXqGx88edrRJbXemKkvTque58bZSs7r0bQ2o31j+MI/wQcIIfszABjz3qiCY1qle
3ee/Tk/2MDkzZNCGBxkNiaGQH1nIuiPTcOdC+Xw1l4RV7dCFTMaYaNF3L+64ln7n
aYV5MMyAXPR90M6Scqk0C8EKU2N1GHBYapThsluj308ARp2EmRlIMLbD0RtFO332
aMuFXZR2QwoFenefZC8WNaxvqhncQPBekovUvzshuyWYAwDHOXiqFlaaSDH7PE16
A+pfXXlTll5TPA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:42 2025 by rpki-client