Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: qSmXVr5vmHkV5J1KwIxQ+oO5lcbYWldB5vSnvAALbVA=
Subject key identifier: A8:93:7E:48:9E:C9:F1:98:11:9A:81:4C:BD:A3:8D:59:50:33:1D:5C
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 019D9963007EAB35E68DEFF177C23509F864
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 14DB
Signing time: Fri 17 Apr 2026 03:01:35 +0000
Manifest this update: Fri 17 Apr 2026 03:01:35 +0000
Manifest next update: Sat 18 Apr 2026 03:01:35 +0000
Files and hashes: 1: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: U5yXkHBdq4Ou4Y9QLjZagz8KM/1gDSskfC7NzRpyXJk=)
2: WIUAFonkV2sfv2obw7wp_H-MGvU.roa (hash: GtKF8czJWl3ExfCMW9FZWgpdCqhRe9QAiKNJnvpNNSc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:63:00:7e:ab:35:e6:8d:ef:f1:77:c2:35:09:f8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Apr 17 03:01:35 2026 GMT
Not After : Apr 18 03:01:35 2026 GMT
Subject: CN=a8937e489ec9f198119a814cbda38d5950331d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:21:88:e4:7d:06:49:11:4d:ed:f7:a0:94:a7:
b5:22:11:00:cf:aa:58:a2:76:72:63:05:ee:5a:a5:
73:c7:c5:4c:fa:5d:36:5e:0d:8c:10:26:d7:67:42:
4d:54:d2:36:f6:5b:27:64:02:fc:2a:a9:8b:82:e7:
c4:58:08:04:f5:f2:0c:79:21:c4:3e:d9:19:91:3b:
eb:a8:bb:53:98:70:be:ff:c1:5d:91:7e:ea:23:9e:
96:ba:97:50:c7:8c:3b:04:07:11:ab:c3:1d:2d:f1:
5a:cc:ac:80:d7:d6:bd:c3:f5:c5:a7:d8:ad:b6:f8:
d8:73:23:4a:78:e4:3c:da:26:df:29:49:16:51:4d:
6d:bf:04:0e:a2:71:33:8a:99:a8:3b:15:d6:dc:3c:
58:9a:dc:6a:6b:55:a7:f2:72:33:12:68:ef:3f:a2:
d0:9e:03:c9:87:78:93:78:9f:7f:64:c4:bf:d0:1f:
79:7e:3c:e9:cf:74:7f:8e:3c:89:b7:5e:8a:47:8f:
ff:cc:ae:4f:3b:91:cf:c6:3b:52:5e:8a:90:fb:07:
70:ab:b9:02:9c:4c:85:c2:1a:6b:bf:d7:31:bf:29:
a4:cd:f5:fb:df:f1:78:73:07:37:22:87:7a:f8:e7:
35:66:ff:40:bc:5f:db:d7:43:1b:33:30:99:44:40:
a4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:93:7E:48:9E:C9:F1:98:11:9A:81:4C:BD:A3:8D:59:50:33:1D:5C
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:9f:7c:b7:e5:46:3c:07:39:23:f1:31:5c:7b:89:8d:32:ac:
78:45:66:cb:2d:83:21:77:09:d6:af:74:45:13:bf:a1:49:9c:
28:05:33:90:06:10:c8:e3:9f:b3:10:68:dd:62:51:e5:d0:46:
96:83:28:a6:28:72:83:ac:43:0d:e1:54:60:90:5c:5a:3b:5a:
ad:f3:02:a5:92:1c:12:42:31:f0:bf:eb:a7:18:bb:dd:de:a8:
0e:be:fb:d9:f2:ed:4b:03:de:08:70:5f:32:4a:51:2b:67:55:
bf:4b:d2:70:69:12:4c:c9:b6:1a:b2:4a:3e:c7:cd:84:c7:1d:
af:ce:85:67:c3:d1:e9:32:83:b4:d2:ad:18:e0:3c:f9:10:12:
bd:1a:5a:a2:d8:c6:17:25:ff:d4:a4:dd:d0:2d:cd:04:b1:2b:
b3:a3:7e:68:84:d9:86:17:b5:b0:7b:fd:88:a2:52:6d:3e:99:
79:97:bf:80:ec:42:a2:6c:86:e6:ea:ea:fd:68:fb:14:8f:50:
e2:2e:a1:b6:ee:a7:5c:2a:b2:dc:3e:19:16:aa:00:58:a5:c5:
55:0d:f0:82:5a:5d:cb:71:62:7a:d6:31:49:7e:b6:94:f8:ab:
66:e8:07:2c:f2:85:74:1d:d7:18:0a:24:10:c7:9b:72:a3:d3:
ea:4c:aa:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYwB+qzXmje/xd8I1CfhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjYwNDE3MDMwMTM1WhcNMjYwNDE4MDMwMTM1WjAzMTEwLwYDVQQD
EyhhODkzN2U0ODllYzlmMTk4MTE5YTgxNGNiZGEzOGQ1OTUwMzMxZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCGI5H0GSRFN7feglKe1IhEAz6pY
onZyYwXuWqVzx8VM+l02Xg2MECbXZ0JNVNI29lsnZAL8KqmLgufEWAgE9fIMeSHE
PtkZkTvrqLtTmHC+/8FdkX7qI56WupdQx4w7BAcRq8MdLfFazKyA19a9w/XFp9it
tvjYcyNKeOQ82ibfKUkWUU1tvwQOonEzipmoOxXW3DxYmtxqa1Wn8nIzEmjvP6LQ
ngPJh3iTeJ9/ZMS/0B95fjzpz3R/jjyJt16KR4//zK5PO5HPxjtSXoqQ+wdwq7kC
nEyFwhprv9cxvymkzfX73/F4cwc3Iod6+Oc1Zv9AvF/b10MbMzCZRECkwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiTfkieyfGYEZqBTL2jjVlQMx1cMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbJ98t+VG
PAc5I/ExXHuJjTKseEVmyy2DIXcJ1q90RRO/oUmcKAUzkAYQyOOfsxBo3WJR5dBG
loMopihyg6xDDeFUYJBcWjtarfMCpZIcEkIx8L/rpxi73d6oDr772fLtSwPeCHBf
MkpRK2dVv0vScGkSTMm2GrJKPsfNhMcdr86FZ8PR6TKDtNKtGOA8+RASvRpaotjG
FyX/1KTd0C3NBLErs6N+aITZhhe1sHv9iKJSbT6ZeZe/gOxComyG5urq/Wj7FI9Q
4i6htu6nXCqy3D4ZFqoAWKXFVQ3wglpdy3FietYxSX62lPirZugHLPKFdB3XGAok
EMebcqPT6kyqBA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:24:05 2026 by rpki-client