Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          T25SIO38QbSxfu00D6igXyligikllBmmCcvu/w1PZL8=
Subject key identifier:   1B:EF:13:8C:F7:69:6D:08:10:F8:24:84:38:7B:0E:AD:2A:D0:DD:D2
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       019A71B82F38CE35F81E93DF687630199B5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          05F6
Signing time:             Tue 11 Nov 2025 07:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:27 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: mDXBNlXTMqdxDeydEJHbKOXUpL+IOzspY31z6w+83PE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:2f:38:ce:35:f8:1e:93:df:68:76:30:19:9b:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: Nov 11 07:01:27 2025 GMT
            Not After : Nov 12 07:01:27 2025 GMT
        Subject: CN=1bef138cf7696d0810f82484387b0ead2ad0ddd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f1:22:46:14:9e:0c:5a:21:d3:4c:89:9d:31:
                    6d:f5:41:1c:d3:42:62:ef:e1:98:33:69:30:cb:92:
                    d2:9d:a3:6b:24:86:09:37:89:2a:59:38:4f:4a:97:
                    c2:29:ad:6c:02:ee:b4:a3:48:50:e7:63:c2:94:98:
                    18:a4:a3:38:08:b2:f3:e2:88:25:30:99:61:8f:23:
                    e7:80:9e:45:59:1d:3f:ca:95:35:4f:c2:c3:66:d6:
                    36:1f:9a:16:1a:5e:51:45:50:32:33:ac:65:b0:d7:
                    5d:b4:0b:21:e7:f4:31:00:d3:7b:30:28:44:d9:5c:
                    c7:08:fc:07:32:cc:d2:cd:75:8f:e7:9f:64:57:e1:
                    2e:9b:4b:0c:0d:ad:f7:21:af:4c:36:95:d6:06:fc:
                    4e:95:c1:c0:12:a8:e5:d1:e1:73:c4:d3:77:d3:f3:
                    cd:f7:4e:29:a1:45:2d:6c:78:e6:2f:ed:55:10:ef:
                    03:c3:99:ac:c0:f4:ef:7a:88:b9:a3:2c:9b:1c:03:
                    76:0f:53:c4:f5:b6:6c:75:64:73:cc:8c:5e:5a:03:
                    37:a3:c0:43:e9:59:cc:da:f3:46:85:ca:eb:b8:67:
                    75:f6:40:fe:fd:33:42:ca:6b:22:f6:5c:27:37:85:
                    b8:16:df:db:de:6e:6c:2f:6c:9f:57:1f:94:eb:aa:
                    73:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:EF:13:8C:F7:69:6D:08:10:F8:24:84:38:7B:0E:AD:2A:D0:DD:D2
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:0a:27:0c:0a:4d:e8:01:80:1e:89:97:b2:8f:ec:1a:eb:2c:
         cb:cc:2e:3a:da:03:92:21:58:c7:63:da:34:3e:df:a3:ca:ac:
         0b:3f:71:32:04:a6:f7:b6:79:86:74:0f:ec:ab:37:c7:a3:81:
         7e:89:a5:82:f9:b5:e0:8d:a8:27:5c:71:94:d8:51:dd:6d:9e:
         a4:ba:53:42:99:ce:63:cd:2c:30:ad:a6:2a:ee:da:43:37:e6:
         cf:b9:f0:71:32:41:2c:e5:79:6d:92:a3:45:1b:a0:99:90:31:
         3d:cb:fc:9a:d1:56:26:be:19:5a:fa:b4:0d:65:79:d3:8f:76:
         30:01:c9:3f:4d:91:16:46:95:1f:0d:8a:96:ee:4d:eb:16:0d:
         55:33:97:fe:09:72:58:50:26:4c:83:31:da:a8:df:39:bc:6a:
         ce:f5:a7:10:e0:0e:ae:d6:21:c8:d7:6b:61:77:b3:2a:30:ab:
         2d:71:af:43:2a:29:b3:bd:78:a0:97:7a:24:77:4c:da:46:19:
         88:f3:ac:b8:1f:f7:a5:15:4f:21:5f:4a:2a:41:a5:9b:b0:c6:
         77:13:29:8f:ff:fe:cd:da:0a:c2:75:b3:2e:7f:b8:fd:43:db:
         bd:1c:f4:44:de:f6:f8:57:28:bc:c5:7d:45:f8:be:13:c3:35:
         67:da:2c:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuC84zjX4HpPfaHYwGZteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
EygxYmVmMTM4Y2Y3Njk2ZDA4MTBmODI0ODQzODdiMGVhZDJhZDBkZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvEiRhSeDFoh00yJnTFt9UEc00Ji
7+GYM2kwy5LSnaNrJIYJN4kqWThPSpfCKa1sAu60o0hQ52PClJgYpKM4CLLz4ogl
MJlhjyPngJ5FWR0/ypU1T8LDZtY2H5oWGl5RRVAyM6xlsNddtAsh5/QxANN7MChE
2VzHCPwHMszSzXWP559kV+Eum0sMDa33Ia9MNpXWBvxOlcHAEqjl0eFzxNN30/PN
904poUUtbHjmL+1VEO8Dw5mswPTveoi5oyybHAN2D1PE9bZsdWRzzIxeWgM3o8BD
6VnM2vNGhcrruGd19kD+/TNCymsi9lwnN4W4Ft/b3m5sL2yfVx+U66pz2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvvE4z3aW0IEPgkhDh7Dq0q0N3SMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgonDApN
6AGAHomXso/sGussy8wuOtoDkiFYx2PaND7fo8qsCz9xMgSm97Z5hnQP7Ks3x6OB
fomlgvm14I2oJ1xxlNhR3W2epLpTQpnOY80sMK2mKu7aQzfmz7nwcTJBLOV5bZKj
RRugmZAxPcv8mtFWJr4ZWvq0DWV50492MAHJP02RFkaVHw2Klu5N6xYNVTOX/gly
WFAmTIMx2qjfObxqzvWnEOAOrtYhyNdrYXezKjCrLXGvQyops714oJd6JHdM2kYZ
iPOsuB/3pRVPIV9KKkGlm7DGdxMpj//+zdoKwnWzLn+4/UPbvRz0RN72+FcovMV9
Rfi+E8M1Z9osSw==
-----END CERTIFICATE-----