Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json)
Hash identifier: unsnJQ3wdPp7FD/ErgBSsCjIoW6LRd0sOR973wEKxY0=
Subject key identifier: 7F:5E:A1:AC:B5:48:52:FB:B2:80:95:68:F1:B0:02:65:CD:B2:82:72
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 019D2960E9D9CE8D6A35A5E7ECC782D71C18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
Manifest number: 14A1
Signing time: Thu 26 Mar 2026 09:01:50 +0000
Manifest this update: Thu 26 Mar 2026 09:01:50 +0000
Manifest next update: Fri 27 Mar 2026 09:01:50 +0000
Files and hashes: 1: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: LhpXzO452nok1s8JZ9RF3W4JVFf0mAxTrXK7iwmPnio=)
2: WIUAFonkV2sfv2obw7wp_H-MGvU.roa (hash: GtKF8czJWl3ExfCMW9FZWgpdCqhRe9QAiKNJnvpNNSc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:e9:d9:ce:8d:6a:35:a5:e7:ec:c7:82:d7:1c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Mar 26 09:01:50 2026 GMT
Not After : Mar 27 09:01:50 2026 GMT
Subject: CN=7f5ea1acb54852fbb2809568f1b00265cdb28272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d0:db:f8:49:5d:38:86:a5:dd:60:44:6f:55:
13:a6:be:ea:6b:88:13:32:8c:55:36:04:86:c1:5d:
25:e0:af:ee:37:dc:ba:09:f6:da:3f:bd:59:b2:f7:
9b:6b:1f:7a:b6:0c:e1:f4:f3:f8:ef:dd:b2:0b:d8:
4c:bf:a0:86:bd:cf:dc:0a:b5:76:af:15:2d:e7:dc:
7b:ac:70:74:f9:5d:61:7a:7b:86:d3:48:18:53:ff:
7f:25:26:af:5d:89:07:02:58:34:82:79:2b:c5:89:
de:c3:17:44:f2:d2:f8:02:38:05:24:e0:80:5e:f2:
d3:4a:b2:5b:fb:60:9e:26:d6:29:45:db:7d:94:d8:
0b:50:a8:ca:fd:73:25:86:1d:1e:49:bf:90:94:3e:
e0:03:88:58:7a:7e:f7:c8:55:01:a6:b9:f0:03:11:
75:8d:c8:6b:07:cb:f0:2a:ec:a5:d8:c0:55:8a:cb:
5e:40:fb:5d:57:a8:5b:8d:f5:bf:52:2c:8c:25:74:
88:65:15:60:b1:a2:0c:35:00:9e:2f:62:1a:2f:ba:
09:95:31:d5:2b:71:66:22:d0:30:a0:91:c5:9b:1a:
7d:65:f8:0e:5f:f8:26:98:c6:d0:b8:ed:56:07:98:
5e:02:aa:ba:0f:d7:a0:2e:df:54:e3:54:49:1d:ea:
1f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5E:A1:AC:B5:48:52:FB:B2:80:95:68:F1:B0:02:65:CD:B2:82:72
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:4e:ad:88:cb:91:c8:4d:de:be:73:13:a8:28:99:46:63:69:
c6:8a:71:c6:3d:6a:2c:86:9c:a4:c2:2a:e2:9e:db:4d:16:6e:
7c:14:cf:2b:87:d9:ed:20:e7:44:e7:5c:c7:93:f5:09:66:5c:
12:10:93:60:32:bf:9f:e9:3e:11:7d:31:b8:a8:a0:73:6d:44:
c7:85:f9:8c:14:ee:a5:00:0b:a1:09:2a:f9:d9:53:ab:e5:2b:
c6:67:16:c8:e2:64:97:fe:42:f0:7c:26:c3:99:85:12:bf:9b:
4e:ca:ea:8b:74:aa:96:00:c4:6e:b0:24:38:26:35:15:2d:bd:
2f:38:f9:1b:21:f5:43:31:0b:43:7b:31:9c:38:a4:10:39:59:
28:28:ba:86:2c:8f:69:2f:9c:53:46:b6:77:0d:6a:f4:df:70:
1d:ff:f5:ca:82:0d:1a:37:98:ab:4d:4e:ee:54:58:bd:43:04:
02:86:78:7c:31:c2:2d:64:50:b1:c9:58:06:87:a1:3f:5b:8a:
aa:1e:7c:d6:48:3a:84:76:0f:f5:8e:a6:4d:8d:08:95:35:93:
5d:4c:d2:f9:bc:d6:4c:fd:61:75:78:ea:88:60:a9:2b:20:2b:
75:cb:e5:4f:49:09:0e:f6:13:1b:16:25:f5:c9:01:e4:c0:92:
cf:f2:b0:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYOnZzo1qNaXn7MeC1xwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjYwMzI2MDkwMTUwWhcNMjYwMzI3MDkwMTUwWjAzMTEwLwYDVQQD
Eyg3ZjVlYTFhY2I1NDg1MmZiYjI4MDk1NjhmMWIwMDI2NWNkYjI4MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9Db+EldOIal3WBEb1UTpr7qa4gT
MoxVNgSGwV0l4K/uN9y6CfbaP71Zsvebax96tgzh9PP4792yC9hMv6CGvc/cCrV2
rxUt59x7rHB0+V1henuG00gYU/9/JSavXYkHAlg0gnkrxYnewxdE8tL4AjgFJOCA
XvLTSrJb+2CeJtYpRdt9lNgLUKjK/XMlhh0eSb+QlD7gA4hYen73yFUBprnwAxF1
jchrB8vwKuyl2MBVisteQPtdV6hbjfW/UiyMJXSIZRVgsaIMNQCeL2IaL7oJlTHV
K3FmItAwoJHFmxp9ZfgOX/gmmMbQuO1WB5heAqq6D9egLt9U41RJHeofUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9eoay1SFL7soCVaPGwAmXNsoJyMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvU6tiMuR
yE3evnMTqCiZRmNpxopxxj1qLIacpMIq4p7bTRZufBTPK4fZ7SDnROdcx5P1CWZc
EhCTYDK/n+k+EX0xuKigc21Ex4X5jBTupQALoQkq+dlTq+UrxmcWyOJkl/5C8Hwm
w5mFEr+bTsrqi3SqlgDEbrAkOCY1FS29Lzj5GyH1QzELQ3sxnDikEDlZKCi6hiyP
aS+cU0a2dw1q9N9wHf/1yoINGjeYq01O7lRYvUMEAoZ4fDHCLWRQsclYBoehP1uK
qh581kg6hHYP9Y6mTY0IlTWTXUzS+bzWTP1hdXjqiGCpKyArdcvlT0kJDvYTGxYl
9ckB5MCSz/KwfA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:02:21 2026 by rpki-client