Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: TGNF7HaA0r6gpIskxdcpJ+++LB56dwUOVQms/RaDcH0=
Subject key identifier: 06:6D:83:F6:7C:76:34:37:9A:F0:68:EA:EE:A4:3A:26:D3:9A:31:D4
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 019688496259E01B268FBD8863966A377571
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 1132
Signing time: Wed 30 Apr 2025 20:00:32 +0000
Manifest this update: Wed 30 Apr 2025 20:00:32 +0000
Manifest next update: Thu 01 May 2025 20:00:32 +0000
Files and hashes: 1: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (hash: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=)
2: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: m9JKlcvuiFATlaR6Cw43YVwNfcvc/pShBjI8mntc8Iw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 20:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:49:62:59:e0:1b:26:8f:bd:88:63:96:6a:37:75:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Apr 30 20:00:32 2025 GMT
Not After : May 1 20:00:32 2025 GMT
Subject: CN=066d83f67c7634379af068eaeea43a26d39a31d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:14:e3:8b:3b:26:2d:a2:b0:1d:c6:d6:52:
94:73:98:ab:8c:bc:bc:7f:94:4f:00:a4:52:35:69:
68:72:c5:2e:82:b8:d1:3a:be:6d:76:3e:b2:53:10:
0b:3d:fb:f4:15:ec:35:05:50:c5:d6:52:a4:52:8e:
42:1d:b1:95:fc:da:00:8b:50:0a:62:6e:c5:2f:7a:
3f:fb:fe:b1:62:98:4c:b0:d7:5c:88:69:f7:b3:a1:
97:55:8f:b2:bb:63:9e:04:4e:fe:c5:ac:52:ff:9d:
6a:07:60:b0:6c:a0:0d:14:17:ca:b5:8a:ff:e4:00:
9a:43:44:1d:e0:b6:49:50:49:80:72:15:ae:2c:e3:
e7:08:c0:57:7f:3b:ac:e2:d3:00:b7:0f:14:f4:70:
b8:3c:29:0b:8b:eb:9a:63:f4:a9:6d:cc:40:01:e4:
ca:fc:33:7f:66:94:16:be:d3:b4:5a:36:ca:87:e2:
27:44:ce:f7:3a:73:c2:1c:66:10:5b:cf:9b:17:db:
0e:6d:a4:a6:4e:3a:fb:c2:f0:bd:2d:28:05:9e:9c:
35:36:cc:07:de:fe:3c:cd:87:6e:f2:2c:db:2e:19:
22:1f:f4:a5:86:d2:3d:0c:f7:bf:3b:90:6b:57:c9:
aa:9c:d9:1b:42:30:d4:7f:9a:16:3d:e7:52:f1:39:
43:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6D:83:F6:7C:76:34:37:9A:F0:68:EA:EE:A4:3A:26:D3:9A:31:D4
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:47:46:a8:dd:9c:0e:d9:9e:1b:02:93:41:5c:59:74:e5:c8:
0c:42:b1:a8:76:dc:7f:b3:f2:17:17:f0:a5:74:d2:3d:92:ea:
88:5c:23:c6:61:b3:34:29:83:0a:a9:d0:51:ca:cd:28:2f:e7:
7a:74:b1:05:59:ae:eb:6d:46:de:a2:1d:d7:ad:9e:5d:77:4f:
6f:f3:74:30:ef:9b:f5:a0:63:c4:f1:d3:6b:c1:46:d3:57:2d:
d6:f7:cf:36:bc:4e:8a:cd:34:84:e9:e3:94:c9:21:03:63:3c:
d1:6b:a1:9e:7e:09:e1:1b:3a:f0:2c:24:a1:64:20:b8:63:d8:
63:b7:2c:94:6b:9d:dc:db:5b:05:4c:66:2c:8e:b2:36:59:93:
76:5a:45:1c:3e:f8:19:17:67:a7:50:cd:cd:aa:1b:40:8f:54:
23:7a:8a:97:c4:6f:de:ec:1c:6e:d2:ec:05:3a:36:62:7e:69:
5e:80:78:de:a5:6f:06:7c:c5:b9:cc:99:5c:38:d4:6c:3a:77:
e4:13:8e:43:02:f5:8b:71:51:bf:61:4c:80:a2:84:a0:d0:31:
16:58:aa:30:50:25:f8:e0:27:45:1a:29:54:b4:45:3d:b9:39:
f3:bf:28:a4:b5:3b:d5:cf:31:63:e3:d7:71:25:73:e0:3f:2c:
17:67:2f:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaISWJZ4Bsmj72IY5ZqN3VxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjUwNDMwMjAwMDMyWhcNMjUwNTAxMjAwMDMyWjAzMTEwLwYDVQQD
EygwNjZkODNmNjdjNzYzNDM3OWFmMDY4ZWFlZWE0M2EyNmQzOWEzMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7EU44s7Ji2isB3G1lKUc5irjLy8
f5RPAKRSNWlocsUugrjROr5tdj6yUxALPfv0Few1BVDF1lKkUo5CHbGV/NoAi1AK
Ym7FL3o/+/6xYphMsNdciGn3s6GXVY+yu2OeBE7+xaxS/51qB2CwbKANFBfKtYr/
5ACaQ0Qd4LZJUEmAchWuLOPnCMBXfzus4tMAtw8U9HC4PCkLi+uaY/SpbcxAAeTK
/DN/ZpQWvtO0WjbKh+InRM73OnPCHGYQW8+bF9sObaSmTjr7wvC9LSgFnpw1NswH
3v48zYdu8izbLhkiH/SlhtI9DPe/O5BrV8mqnNkbQjDUf5oWPedS8TlDgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZtg/Z8djQ3mvBo6u6kOibTmjHUMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnkdGqN2c
DtmeGwKTQVxZdOXIDEKxqHbcf7PyFxfwpXTSPZLqiFwjxmGzNCmDCqnQUcrNKC/n
enSxBVmu621G3qId162eXXdPb/N0MO+b9aBjxPHTa8FG01ct1vfPNrxOis00hOnj
lMkhA2M80Wuhnn4J4Rs68CwkoWQguGPYY7cslGud3NtbBUxmLI6yNlmTdlpFHD74
GRdnp1DNzaobQI9UI3qKl8Rv3uwcbtLsBTo2Yn5pXoB43qVvBnzFucyZXDjUbDp3
5BOOQwL1i3FRv2FMgKKEoNAxFliqMFAl+OAnRRopVLRFPbk5878opLU71c8xY+PX
cSVz4D8sF2cvLg==
-----END CERTIFICATE-----
Generated at Thu May 1 00:02:45 2025 by rpki-client