Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: uNu/QK5RR1GSyuiW1JXAPV0+C+pvXw2dEFiQb5IJCQg=
Subject key identifier: 9B:49:C2:BF:BE:17:ED:19:C8:DC:8D:FE:71:3D:CE:B1:62:CE:3C:16
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 0197B77CA7BAED1649B88E1243FCBA413F59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 11CF
Signing time: Sat 28 Jun 2025 17:01:29 +0000
Manifest this update: Sat 28 Jun 2025 17:01:29 +0000
Manifest next update: Sun 29 Jun 2025 17:01:29 +0000
Files and hashes: 1: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (hash: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=)
2: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: TV/Wqi4RjoM6DsKg4A9gmF77N6AmgM6FVawnElmdJKE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:a7:ba:ed:16:49:b8:8e:12:43:fc:ba:41:3f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Jun 28 17:01:29 2025 GMT
Not After : Jun 29 17:01:29 2025 GMT
Subject: CN=9b49c2bfbe17ed19c8dc8dfe713dceb162ce3c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:06:f3:78:ba:9d:f7:0d:17:ce:7c:13:a4:
ed:fa:19:b9:46:9a:53:bc:cd:41:ef:14:e3:00:f9:
05:f0:3a:ce:7b:ff:41:9d:70:d1:7e:3d:ec:e6:0d:
85:e1:2c:4e:ba:97:83:84:e0:e5:bc:40:15:51:e7:
d5:86:e2:98:da:13:d2:4f:93:d0:e1:c3:f7:05:61:
75:8b:98:3e:07:36:31:8f:ba:d4:c4:5b:45:7f:9c:
0c:6e:7c:81:3a:b1:f3:e0:fd:1b:8e:25:94:05:ad:
8e:ef:5b:a8:ec:0f:e0:f1:0b:66:af:db:0b:97:a7:
70:e4:e9:17:b3:40:d5:44:71:41:3e:7c:73:8f:0c:
bc:31:1e:3d:67:f0:90:54:f5:1d:d4:b7:6c:1b:e8:
37:ae:99:82:ed:4a:b3:16:a8:f9:09:1e:fc:fb:86:
11:2e:f7:48:f9:e7:9e:d5:fb:81:50:b0:d7:87:e2:
57:99:3b:5a:d5:c5:fa:b7:75:cf:5a:d4:43:b2:a6:
eb:12:21:1e:bc:cc:20:ec:1f:e8:36:53:15:64:11:
53:e7:05:af:50:a6:4f:2e:a1:4b:f2:ab:a4:0e:69:
1f:60:bf:fd:7d:91:41:77:29:6c:96:41:31:80:e2:
ea:23:e2:b8:41:c1:19:a4:fd:80:2a:8b:cb:e5:ae:
e8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:49:C2:BF:BE:17:ED:19:C8:DC:8D:FE:71:3D:CE:B1:62:CE:3C:16
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:bb:ae:03:b6:a9:2a:56:16:0a:b2:6b:0b:75:96:71:78:f4:
46:46:75:72:98:a2:9d:1e:7a:33:04:7c:52:38:17:20:27:12:
14:ab:9a:aa:94:b1:2b:af:f7:24:cf:9b:60:1a:5d:a4:23:88:
63:b6:b7:b4:90:93:0b:b6:2b:45:ab:a4:65:a9:c1:e8:37:30:
bc:08:ed:06:4a:c2:e4:7d:e0:c4:7b:7c:00:8b:c0:74:cb:f7:
f9:0d:db:60:f0:76:67:4d:aa:c1:54:f5:da:0e:8e:25:67:50:
b5:8b:0f:e8:b9:a5:41:0f:bc:9d:4d:c4:72:e1:67:e6:2e:19:
fc:29:4f:2e:d2:e9:92:dc:c0:66:b1:82:d0:d3:37:dc:a5:61:
bc:7e:8d:35:2b:90:30:ee:86:26:79:7a:fd:05:6f:61:e8:c6:
df:3e:c9:f4:93:55:17:e3:51:ae:64:71:f2:7d:55:d1:82:39:
6b:ef:2c:20:0e:20:ff:c6:c5:c0:24:a0:5d:9e:ac:48:24:cd:
00:d1:90:46:62:51:25:70:bf:05:d9:7e:b8:0a:7c:bd:c3:f0:
65:3b:10:82:12:27:04:71:25:98:a2:43:9f:4f:55:03:cc:04:
6e:5f:dd:48:df:6d:6f:13:d3:18:c4:27:c3:cc:36:44:29:b6:
a4:25:2d:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fKe67RZJuI4SQ/y6QT9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjUwNjI4MTcwMTI5WhcNMjUwNjI5MTcwMTI5WjAzMTEwLwYDVQQD
Eyg5YjQ5YzJiZmJlMTdlZDE5YzhkYzhkZmU3MTNkY2ViMTYyY2UzYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj4G83i6nfcNF858E6Tt+hm5RppT
vM1B7xTjAPkF8DrOe/9BnXDRfj3s5g2F4SxOupeDhODlvEAVUefVhuKY2hPST5PQ
4cP3BWF1i5g+BzYxj7rUxFtFf5wMbnyBOrHz4P0bjiWUBa2O71uo7A/g8Qtmr9sL
l6dw5OkXs0DVRHFBPnxzjwy8MR49Z/CQVPUd1LdsG+g3rpmC7UqzFqj5CR78+4YR
LvdI+eee1fuBULDXh+JXmTta1cX6t3XPWtRDsqbrEiEevMwg7B/oNlMVZBFT5wWv
UKZPLqFL8qukDmkfYL/9fZFBdylslkExgOLqI+K4QcEZpP2AKovL5a7oAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtJwr++F+0ZyNyN/nE9zrFizjwWMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFruuA7ap
KlYWCrJrC3WWcXj0RkZ1cpiinR56MwR8UjgXICcSFKuaqpSxK6/3JM+bYBpdpCOI
Y7a3tJCTC7YrRaukZanB6DcwvAjtBkrC5H3gxHt8AIvAdMv3+Q3bYPB2Z02qwVT1
2g6OJWdQtYsP6LmlQQ+8nU3EcuFn5i4Z/ClPLtLpktzAZrGC0NM33KVhvH6NNSuQ
MO6GJnl6/QVvYejG3z7J9JNVF+NRrmRx8n1V0YI5a+8sIA4g/8bFwCSgXZ6sSCTN
ANGQRmJRJXC/Bdl+uAp8vcPwZTsQghInBHElmKJDn09VA8wEbl/dSN9tbxPTGMQn
w8w2RCm2pCUtNQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:23:28 2025 by rpki-client