Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File: lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier: vK6A1AXPyCOT1aE5VxPIlgOjFiTrCzHgSvk+wxuw+Sc=
Subject key identifier: E3:7D:9B:80:74:49:22:F7:0E:DB:D2:1E:56:D1:26:4B:80:E0:D9:14
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer: /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial: 0198D4743793DC25D8A077BB63AC5AE5FBCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number: 0520
Signing time: Sat 23 Aug 2025 01:04:02 +0000
Manifest this update: Sat 23 Aug 2025 01:04:02 +0000
Manifest next update: Sun 24 Aug 2025 01:04:02 +0000
Files and hashes: 1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: tAP37jz+3xZChko431XkmAeO4yKvNdPR9qYXWAC2xAM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:74:37:93:dc:25:d8:a0:77:bb:63:ac:5a:e5:fb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Validity
Not Before: Aug 23 01:04:02 2025 GMT
Not After : Aug 24 01:04:02 2025 GMT
Subject: CN=e37d9b80744922f70edbd21e56d1264b80e0d914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c6:7c:97:7e:4d:91:bd:a7:a1:3c:f4:73:5e:
78:95:0b:9d:ec:d9:f7:3f:89:ef:07:a1:47:91:a2:
88:8b:83:ba:51:61:82:65:ba:49:b7:05:a8:96:7c:
36:37:29:7c:00:98:45:99:a9:4a:2b:4f:6a:01:4c:
89:59:87:81:70:9d:3d:dc:73:67:f1:8f:71:e8:cb:
16:c2:ae:40:6c:fb:e1:62:69:51:45:44:5f:c8:58:
dc:57:fa:4c:e2:f9:e6:b9:ec:7f:b0:5e:2e:f2:42:
15:de:e8:4d:c2:d2:9f:85:25:22:fa:45:d5:34:aa:
8d:09:76:84:31:60:ee:22:7b:19:ce:92:49:61:fc:
10:e1:2a:f4:bd:48:a2:a2:16:ec:af:5e:58:ad:b6:
f7:03:b3:2c:31:c3:25:8f:b5:2c:ff:ae:57:0a:fc:
2c:64:e9:d4:92:ba:eb:7f:8e:55:3a:ef:c0:c9:84:
87:c6:79:eb:96:c4:0c:09:71:93:f1:41:0f:16:54:
52:c7:9c:78:c7:4e:18:8b:ae:50:35:94:43:47:1b:
fa:17:fe:bc:e7:d1:eb:2b:95:87:63:52:0a:72:24:
38:f6:fb:01:78:68:80:eb:d7:fc:96:fd:12:99:e0:
9b:f5:d3:10:f9:0b:31:a7:08:ff:9f:29:a5:4c:c6:
84:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7D:9B:80:74:49:22:F7:0E:DB:D2:1E:56:D1:26:4B:80:E0:D9:14
X509v3 Authority Key Identifier:
keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
da:ee:71:e9:b7:5b:72:6d:cd:c1:ad:f9:ef:60:83:74:09:39:
ae:89:54:5c:8a:d0:a6:97:9a:7f:40:cb:b5:27:e7:50:8b:75:
e2:1a:47:62:33:4c:39:02:95:bf:11:65:95:04:81:d0:44:cd:
5a:fd:a4:92:20:ab:de:31:e9:69:0b:89:4d:22:c5:f8:8c:56:
76:e4:10:8a:9e:48:9b:48:41:91:04:53:4b:cd:a8:41:bb:d4:
50:3e:05:9c:e7:70:5a:bd:54:3f:fa:78:06:44:8d:75:f3:e0:
64:33:76:29:5a:a0:c4:9a:fc:0b:61:f1:ee:89:59:b9:cb:2e:
10:89:bc:ab:63:47:ca:d2:a2:c6:86:66:02:0c:63:5b:ba:64:
06:ae:34:50:65:a4:f1:e6:ea:4d:f5:57:11:9b:03:e5:31:05:
78:c4:07:52:d7:11:0c:d2:a0:26:55:64:e4:7c:9d:de:ae:92:
f0:51:cb:ad:75:e3:37:21:72:fd:6e:2a:99:99:60:84:3d:ce:
6b:b1:f3:c5:29:6c:06:55:cc:fa:78:cf:4c:a9:3b:ad:4d:0a:
f6:1c:9f:0c:d4:4d:07:1c:7d:4c:88:69:ab:15:80:f6:e7:4a:
89:c4:2f:00:0e:b1:be:68:09:5a:94:67:6e:3b:12:11:02:d3:
e7:2a:12:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdDeT3CXYoHe7Y6xa5fvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUwODIzMDEwNDAyWhcNMjUwODI0MDEwNDAyWjAzMTEwLwYDVQQD
EyhlMzdkOWI4MDc0NDkyMmY3MGVkYmQyMWU1NmQxMjY0YjgwZTBkOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcZ8l35Nkb2noTz0c154lQud7Nn3
P4nvB6FHkaKIi4O6UWGCZbpJtwWolnw2Nyl8AJhFmalKK09qAUyJWYeBcJ093HNn
8Y9x6MsWwq5AbPvhYmlRRURfyFjcV/pM4vnmuex/sF4u8kIV3uhNwtKfhSUi+kXV
NKqNCXaEMWDuInsZzpJJYfwQ4Sr0vUiiohbsr15Yrbb3A7MsMcMlj7Us/65XCvws
ZOnUkrrrf45VOu/AyYSHxnnrlsQMCXGT8UEPFlRSx5x4x04Yi65QNZRDRxv6F/68
59HrK5WHY1IKciQ49vsBeGiA69f8lv0SmeCb9dMQ+Qsxpwj/nymlTMaEywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFON9m4B0SSL3DtvSHlbRJkuA4NkUMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2u5x6bdb
cm3Nwa3572CDdAk5rolUXIrQppeaf0DLtSfnUIt14hpHYjNMOQKVvxFllQSB0ETN
Wv2kkiCr3jHpaQuJTSLF+IxWduQQip5Im0hBkQRTS82oQbvUUD4FnOdwWr1UP/p4
BkSNdfPgZDN2KVqgxJr8C2Hx7olZucsuEIm8q2NHytKixoZmAgxjW7pkBq40UGWk
8ebqTfVXEZsD5TEFeMQHUtcRDNKgJlVk5Hyd3q6S8FHLrXXjNyFy/W4qmZlghD3O
a7HzxSlsBlXM+njPTKk7rU0K9hyfDNRNBxx9TIhpqxWA9udKicQvAA6xvmgJWpRn
bjsSEQLT5yoS6A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:27:11 2025 by rpki-client