Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: J515Tpouk6fFmASD6HVDpg0kZEZO7o+c87l2A6L3o/Y=
Subject key identifier: 33:55:92:6D:0F:86:D2:64:D5:69:9C:0E:42:5F:F9:D1:17:DE:2F:7D
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 01988FC7C5D315E7D8791964DA24BFCA156F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 123F
Signing time: Sat 09 Aug 2025 17:01:30 +0000
Manifest this update: Sat 09 Aug 2025 17:01:30 +0000
Manifest next update: Sun 10 Aug 2025 17:01:30 +0000
Files and hashes: 1: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (hash: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=)
2: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: TLsUehj0u+wEMvXY/DqKZNsTPdlnktbvjbKIHGUP+JY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:c7:c5:d3:15:e7:d8:79:19:64:da:24:bf:ca:15:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Aug 9 17:01:30 2025 GMT
Not After : Aug 10 17:01:30 2025 GMT
Subject: CN=3355926d0f86d264d5699c0e425ff9d117de2f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5b:d7:05:a3:3b:6e:38:75:61:63:c3:3f:16:
ae:23:5e:e3:34:45:e0:c0:85:97:95:01:91:6c:13:
3c:fb:af:01:09:5b:79:bb:90:d0:b5:b1:c2:c2:45:
fd:b1:3e:ef:66:05:77:01:f1:7f:22:c1:b5:27:3e:
24:4e:02:e0:22:35:0d:00:35:9b:60:96:d2:7c:9e:
fd:f5:b1:fb:b3:15:91:1f:46:c4:b7:f3:20:f4:f4:
05:6c:97:ca:26:4c:3c:9c:b3:88:e6:ee:80:a8:df:
db:ae:04:9a:42:61:40:95:30:ca:ab:ed:97:72:e0:
ed:5f:ca:ec:8e:0c:93:98:04:9e:d7:bb:cf:41:db:
09:18:b7:7f:f2:f9:b8:9e:d5:57:00:19:81:09:66:
fe:44:48:23:58:d0:16:f1:7f:d5:f8:19:0d:41:d7:
d9:95:49:5d:1d:f6:91:3b:8e:d8:d1:a3:7d:87:d3:
de:d3:f4:3b:95:78:b8:aa:ed:6f:b5:08:da:02:04:
b6:65:ca:68:e5:db:54:33:d8:c8:36:76:4b:50:27:
35:e6:40:d9:64:05:c1:e3:f5:be:c6:54:9a:8e:e8:
1f:73:98:60:79:35:98:12:ee:d0:e8:65:ba:5f:1c:
4d:fb:43:ea:57:a3:1a:87:f0:b8:a2:bd:4a:bf:f1:
57:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:55:92:6D:0F:86:D2:64:D5:69:9C:0E:42:5F:F9:D1:17:DE:2F:7D
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:ed:81:9e:f0:cf:02:27:8e:64:af:2c:db:ba:e8:16:f0:5a:
d1:85:31:7a:0d:2d:82:63:ed:aa:e0:0b:73:c9:60:54:1c:75:
c8:d6:49:7f:41:c3:b1:f4:93:bc:fd:fc:32:4e:af:0c:e1:c2:
dc:07:ac:ad:cc:b3:6b:8d:4b:a7:7f:bd:7f:9c:2e:6c:90:73:
f5:23:0a:51:21:01:01:e4:5c:70:69:3f:5c:d0:f9:b5:cb:56:
2a:ac:a1:2a:a9:9c:0d:9a:df:1e:cf:a7:10:5a:9c:59:d7:73:
28:bd:4a:51:00:8b:bd:70:a6:55:d6:4e:03:8b:87:2c:67:80:
b4:58:62:a2:cf:bc:bd:ce:ed:41:8e:c1:cc:b8:f1:e0:b7:57:
1b:67:43:dc:9a:b6:5b:dc:40:40:2c:b6:75:ef:2f:62:72:21:
0b:2b:e3:89:5c:f4:1a:29:b9:d9:8b:74:e4:fa:3b:ff:e9:0b:
59:2a:71:da:47:49:28:34:05:95:1c:36:ec:cd:6c:6f:57:31:
83:d8:d3:d7:2e:f8:40:b9:91:10:89:b2:e7:e9:98:5f:e1:a9:
8b:10:9e:fe:2e:b7:4f:e9:1a:8f:47:f5:1f:fc:ce:ab:10:1f:
23:bd:61:63:8e:15:b2:69:8e:bb:02:e2:dd:cc:46:bc:3b:be:
c1:52:16:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPx8XTFefYeRlk2iS/yhVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjUwODA5MTcwMTMwWhcNMjUwODEwMTcwMTMwWjAzMTEwLwYDVQQD
EygzMzU1OTI2ZDBmODZkMjY0ZDU2OTljMGU0MjVmZjlkMTE3ZGUyZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVvXBaM7bjh1YWPDPxauI17jNEXg
wIWXlQGRbBM8+68BCVt5u5DQtbHCwkX9sT7vZgV3AfF/IsG1Jz4kTgLgIjUNADWb
YJbSfJ799bH7sxWRH0bEt/Mg9PQFbJfKJkw8nLOI5u6AqN/brgSaQmFAlTDKq+2X
cuDtX8rsjgyTmASe17vPQdsJGLd/8vm4ntVXABmBCWb+REgjWNAW8X/V+BkNQdfZ
lUldHfaRO47Y0aN9h9Pe0/Q7lXi4qu1vtQjaAgS2Zcpo5dtUM9jINnZLUCc15kDZ
ZAXB4/W+xlSajugfc5hgeTWYEu7Q6GW6XxxN+0PqV6Mah/C4or1Kv/FXaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNVkm0PhtJk1WmcDkJf+dEX3i99MB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOO2BnvDP
AieOZK8s27roFvBa0YUxeg0tgmPtquALc8lgVBx1yNZJf0HDsfSTvP38Mk6vDOHC
3Aesrcyza41Lp3+9f5wubJBz9SMKUSEBAeRccGk/XND5tctWKqyhKqmcDZrfHs+n
EFqcWddzKL1KUQCLvXCmVdZOA4uHLGeAtFhios+8vc7tQY7BzLjx4LdXG2dD3Jq2
W9xAQCy2de8vYnIhCyvjiVz0Gim52Yt05Po7/+kLWSpx2kdJKDQFlRw27M1sb1cx
g9jT1y74QLmREImy5+mYX+GpixCe/i63T+kaj0f1H/zOqxAfI71hY44VsmmOuwLi
3cxGvDu+wVIWYw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:31:53 2025 by rpki-client