Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File: lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier: XGGXQwOWvS7So7CciOfaNEyfgchPU0UQ6QaLYhxfHYM=
Subject key identifier: 35:5C:62:67:74:2F:48:57:61:11:99:ED:04:FB:CA:C2:EF:FD:56:FE
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer: /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial: 0197CDCCED142F91A843E5A582C7E8EE752A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number: 0498
Signing time: Thu 03 Jul 2025 01:00:48 +0000
Manifest this update: Thu 03 Jul 2025 01:00:48 +0000
Manifest next update: Fri 04 Jul 2025 01:00:48 +0000
Files and hashes: 1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: AsSEViqPeF6db+ekr2ZFHjVlMrjTo25FKslk4dzo+c4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 01:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cd:cc:ed:14:2f:91:a8:43:e5:a5:82:c7:e8:ee:75:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Validity
Not Before: Jul 3 01:00:48 2025 GMT
Not After : Jul 4 01:00:48 2025 GMT
Subject: CN=355c6267742f4857611199ed04fbcac2effd56fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:74:e0:98:6d:d4:df:71:5e:a1:77:83:e7:
b2:76:5a:cd:3c:04:51:50:13:75:b8:cf:5a:0a:17:
88:33:9e:8d:af:7e:95:fc:5a:fe:56:f2:95:61:95:
b6:b9:a2:49:d8:24:75:f5:40:89:13:b6:6c:9f:d2:
19:95:78:01:fa:5b:36:86:e1:12:63:66:52:30:60:
d4:3a:8d:bc:3b:c7:97:71:67:47:ac:c2:aa:88:3b:
a7:49:bc:03:15:a6:8a:18:ee:3c:27:62:43:0f:f1:
8d:80:5d:c1:d7:4b:7f:c6:3b:7f:9f:84:0f:b5:29:
8f:08:7a:a2:78:1c:12:46:31:9f:5c:42:d2:1e:8a:
8d:ce:ce:41:5c:51:69:da:1a:72:32:36:ba:c4:6a:
73:7d:42:3d:64:0b:20:b0:d9:61:c2:ba:e1:9d:2c:
01:8c:d0:e7:cb:44:ef:af:45:15:ef:f5:42:47:e0:
dd:0f:13:04:1a:2d:60:6a:91:c4:5a:3a:61:df:ba:
c9:06:fa:41:7e:81:e2:f3:ce:53:f7:06:e1:00:48:
c2:56:fe:cd:9b:1c:08:92:56:b2:99:86:c8:1f:ca:
fb:a1:93:d4:1d:96:cf:1d:b5:cb:f8:10:9e:59:c8:
5c:ba:71:7a:30:4d:20:4c:16:99:67:28:31:05:60:
ab:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5C:62:67:74:2F:48:57:61:11:99:ED:04:FB:CA:C2:EF:FD:56:FE
X509v3 Authority Key Identifier:
keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:db:b6:fa:83:07:c0:74:f5:ad:16:45:c4:b4:cc:e0:55:64:
05:0b:9c:fc:c9:3b:ab:0e:5f:c4:4c:39:96:45:1f:54:37:b6:
23:21:52:13:0c:d0:29:51:49:24:1c:d5:41:a3:55:33:c9:2d:
7d:69:1a:51:62:a8:f2:b8:fa:9d:9b:1f:d7:e3:b9:1c:09:f6:
49:7d:3f:a8:44:12:a9:c8:40:d0:db:c6:d8:f3:21:5e:25:77:
42:86:6a:6c:26:23:d7:75:b7:d5:c5:dc:b0:5f:4b:42:8f:64:
af:5c:e8:b2:7a:81:d2:2f:e3:9f:30:7b:2f:e6:f7:04:dd:50:
2c:21:f0:4f:b2:01:58:4c:cc:e7:a4:0e:dd:8e:a8:20:ac:2d:
08:69:0a:a1:7c:e3:cd:8d:7c:01:b0:9a:20:11:b3:cc:71:fc:
cb:ac:18:79:ae:19:80:7d:90:d7:d3:fe:f4:22:38:b1:49:5d:
d2:f8:e5:ad:1e:fd:e1:17:08:a6:99:e8:ce:00:6b:90:40:c3:
87:47:f1:d7:17:d3:9b:c8:0f:80:fa:de:0e:c1:6d:cd:19:14:
75:7e:9c:a0:a9:28:92:46:1d:05:3f:65:9b:0f:a6:19:f0:5d:
24:b7:21:c8:6d:fc:c6:51:83:18:94:a6:ce:61:27:04:bf:e7:
38:05:6d:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfNzO0UL5GoQ+Wlgsfo7nUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUwNzAzMDEwMDQ4WhcNMjUwNzA0MDEwMDQ4WjAzMTEwLwYDVQQD
EygzNTVjNjI2Nzc0MmY0ODU3NjExMTk5ZWQwNGZiY2FjMmVmZmQ1NmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXd04Jht1N9xXqF3g+eydlrNPARR
UBN1uM9aCheIM56Nr36V/Fr+VvKVYZW2uaJJ2CR19UCJE7Zsn9IZlXgB+ls2huES
Y2ZSMGDUOo28O8eXcWdHrMKqiDunSbwDFaaKGO48J2JDD/GNgF3B10t/xjt/n4QP
tSmPCHqieBwSRjGfXELSHoqNzs5BXFFp2hpyMja6xGpzfUI9ZAsgsNlhwrrhnSwB
jNDny0Tvr0UV7/VCR+DdDxMEGi1gapHEWjph37rJBvpBfoHi885T9wbhAEjCVv7N
mxwIklaymYbIH8r7oZPUHZbPHbXL+BCeWchcunF6ME0gTBaZZygxBWCrhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVcYmd0L0hXYRGZ7QT7ysLv/Vb+MB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKtu2+oMH
wHT1rRZFxLTM4FVkBQuc/Mk7qw5fxEw5lkUfVDe2IyFSEwzQKVFJJBzVQaNVM8kt
fWkaUWKo8rj6nZsf1+O5HAn2SX0/qEQSqchA0NvG2PMhXiV3QoZqbCYj13W31cXc
sF9LQo9kr1zosnqB0i/jnzB7L+b3BN1QLCHwT7IBWEzM56QO3Y6oIKwtCGkKoXzj
zY18AbCaIBGzzHH8y6wYea4ZgH2Q19P+9CI4sUld0vjlrR794RcIppnozgBrkEDD
h0fx1xfTm8gPgPreDsFtzRkUdX6coKkokkYdBT9lmw+mGfBdJLchyG38xlGDGJSm
zmEnBL/nOAVtQw==
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:10:42 2025 by rpki-client