Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: QpA7F3nLgg5yGghS1WixBVy6fVsB6/WQdURySNew0Y8=
Subject key identifier: 20:F9:05:5C:E4:E5:DC:4D:0F:C8:B5:6E:B7:3A:16:57:46:D8:E9:EB
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 019A4FD06E4356E262A2CD7AD054669A76EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 1327
Signing time: Tue 04 Nov 2025 17:00:51 +0000
Manifest this update: Tue 04 Nov 2025 17:00:51 +0000
Manifest next update: Wed 05 Nov 2025 17:00:51 +0000
Files and hashes: 1: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (hash: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=)
2: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: nq7KvtVmg68QzZUqWaa0+PbEP7qvoEW87S2dv+ctPaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:d0:6e:43:56:e2:62:a2:cd:7a:d0:54:66:9a:76:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Nov 4 17:00:51 2025 GMT
Not After : Nov 5 17:00:51 2025 GMT
Subject: CN=20f9055ce4e5dc4d0fc8b56eb73a165746d8e9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:99:60:6c:5d:34:f9:54:e4:5c:e0:4c:49:
f7:e5:b2:08:9b:27:06:cd:d8:b4:ac:2b:45:1b:ab:
fb:b6:59:17:e6:d1:b0:95:8a:e5:16:e9:91:af:c9:
fb:8a:ea:1b:e6:6d:e0:43:a0:93:c7:42:36:b5:f7:
43:e9:2c:3b:e8:75:65:c7:48:3f:7a:f9:a4:0e:23:
5c:d7:d6:98:2a:93:e6:69:75:47:ac:f5:08:ad:62:
dd:c3:5b:75:fe:e5:51:91:58:16:67:12:ac:bb:5d:
ae:b1:ee:50:80:bf:ba:cb:b6:d2:1e:34:f7:59:92:
a8:df:6c:00:7e:56:78:4c:21:9e:85:28:e9:63:c8:
59:d6:5c:c1:ca:f3:00:01:bc:21:5c:e7:0e:8f:e7:
d0:f2:87:4e:99:07:e2:b5:ce:50:62:af:18:6f:cc:
1d:51:a6:41:04:5d:83:2f:d9:f3:0a:bb:c2:2f:17:
56:cf:6f:fb:80:07:90:48:35:e8:8b:81:5a:ac:b8:
5a:6e:28:4d:e1:70:2c:f8:7e:70:45:63:73:07:14:
80:bb:7c:29:01:1f:00:3f:9f:ff:73:c7:eb:e5:00:
cf:6d:d0:ff:85:1c:50:f3:e8:ba:c9:8c:6b:fe:f2:
00:e6:96:6b:21:c5:d5:aa:76:a0:f6:bf:85:8e:dc:
e6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F9:05:5C:E4:E5:DC:4D:0F:C8:B5:6E:B7:3A:16:57:46:D8:E9:EB
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:29:32:b7:2e:93:66:f8:05:c2:f0:51:92:d4:fb:8a:a0:b0:
cd:c1:45:0b:06:02:42:ba:e3:37:25:2a:71:07:58:c5:fe:42:
9f:09:d7:2f:bb:de:75:10:47:ec:e5:56:29:f6:ae:34:99:02:
0c:90:21:98:fe:50:c5:cf:d0:4a:1e:5c:1a:7f:93:7c:df:c5:
5f:cf:fb:4f:2e:0c:4d:15:65:d3:46:3a:12:3a:c9:7b:97:c9:
6c:4c:7c:ac:8f:d0:9b:b8:3d:91:10:d9:9d:22:87:f1:94:e6:
ac:3e:c4:28:26:31:01:37:09:b7:1f:c2:2f:63:90:68:5b:7b:
8e:22:e3:b4:2e:2f:1b:90:32:c2:ad:4e:68:c3:11:a7:1b:23:
91:1f:ee:d7:39:6e:86:d8:59:51:da:29:d4:38:32:79:e7:c5:
f5:fd:46:69:0d:8f:18:8c:84:ea:48:a0:e6:d6:1d:98:be:5a:
45:e3:29:07:e2:51:4e:8a:f5:7f:93:af:b3:ad:40:89:0d:1e:
55:e5:75:04:34:c4:bf:76:6f:9c:ce:7c:ff:b5:49:3f:30:54:
ff:4d:27:59:7f:3b:58:a5:81:ac:68:a7:71:d3:ab:d4:3f:34:
22:f2:d7:5c:35:98:64:c7:7b:1c:a6:fa:9d:ea:79:27:2b:99:
6b:94:3a:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0G5DVuJios160FRmmnbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjUxMTA0MTcwMDUxWhcNMjUxMTA1MTcwMDUxWjAzMTEwLwYDVQQD
EygyMGY5MDU1Y2U0ZTVkYzRkMGZjOGI1NmViNzNhMTY1NzQ2ZDhlOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6eZYGxdNPlU5FzgTEn35bIImycG
zdi0rCtFG6v7tlkX5tGwlYrlFumRr8n7iuob5m3gQ6CTx0I2tfdD6Sw76HVlx0g/
evmkDiNc19aYKpPmaXVHrPUIrWLdw1t1/uVRkVgWZxKsu12use5QgL+6y7bSHjT3
WZKo32wAflZ4TCGehSjpY8hZ1lzByvMAAbwhXOcOj+fQ8odOmQfitc5QYq8Yb8wd
UaZBBF2DL9nzCrvCLxdWz2/7gAeQSDXoi4FarLhabihN4XAs+H5wRWNzBxSAu3wp
AR8AP5//c8fr5QDPbdD/hRxQ8+i6yYxr/vIA5pZrIcXVqnag9r+FjtzmLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCD5BVzk5dxND8i1brc6FldG2OnrMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYykyty6T
ZvgFwvBRktT7iqCwzcFFCwYCQrrjNyUqcQdYxf5CnwnXL7vedRBH7OVWKfauNJkC
DJAhmP5Qxc/QSh5cGn+TfN/FX8/7Ty4MTRVl00Y6EjrJe5fJbEx8rI/Qm7g9kRDZ
nSKH8ZTmrD7EKCYxATcJtx/CL2OQaFt7jiLjtC4vG5Aywq1OaMMRpxsjkR/u1zlu
hthZUdop1DgyeefF9f1GaQ2PGIyE6kig5tYdmL5aReMpB+JRTor1f5Ovs61AiQ0e
VeV1BDTEv3ZvnM58/7VJPzBU/00nWX87WKWBrGincdOr1D80IvLXXDWYZMd7HKb6
nep5JyuZa5Q6+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:20:41 2025 by rpki-client