Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft
File:                     upsYDHz0DC3X-keDflGa37wisD0.mft (raw, json)
Hash identifier:          8MBM5FALdiKhLGcG6OUsiQVaPnyHkm3oNMVMlAw2Ays=
Subject key identifier:   A6:D5:31:41:70:7C:8E:A1:5F:7D:33:B8:04:84:3F:E6:70:43:EA:64
Authority key identifier: BA:9B:18:0C:7C:F4:0C:2D:D7:FA:47:83:7E:51:9A:DF:BC:22:B0:3D
Certificate issuer:       /CN=ba9b180c7cf40c2dd7fa47837e519adfbc22b03d
Certificate serial:       019D2996F9C00801B8F7B601923D1CB47E76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft
Manifest number:          01F3
Signing time:             Thu 26 Mar 2026 10:00:53 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:53 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:53 +0000
Files and hashes:         1: upsYDHz0DC3X-keDflGa37wisD0.crl (hash: 9EP+44W6Tnb7nBDjjg0401Ba67ZAiAHFrO0R59XDW90=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:f9:c0:08:01:b8:f7:b6:01:92:3d:1c:b4:7e:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9b180c7cf40c2dd7fa47837e519adfbc22b03d
        Validity
            Not Before: Mar 26 10:00:53 2026 GMT
            Not After : Mar 27 10:00:53 2026 GMT
        Subject: CN=a6d53141707c8ea15f7d33b804843fe67043ea64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:46:e5:24:98:a7:ea:79:4c:d3:23:4b:52:f2:
                    ae:60:c2:2f:94:12:a5:b0:f1:21:e4:61:5b:e8:10:
                    b8:9b:90:b6:42:e6:ca:9b:c9:52:1a:8f:3b:0a:89:
                    f5:4c:5f:cc:0a:55:f3:41:a7:95:37:c9:90:38:39:
                    7d:66:a5:77:62:c2:ad:98:1a:bf:a8:69:ac:ea:ba:
                    54:22:6f:32:6e:69:fb:76:d1:6b:ca:46:53:fc:29:
                    d4:83:8f:0c:bb:59:4d:28:34:d0:d9:06:cb:a9:8b:
                    c8:e7:29:ae:f9:a4:84:5a:e9:5c:87:f4:c1:ff:6c:
                    52:b8:dd:a5:96:8c:46:4f:3e:50:16:e1:7a:72:81:
                    8e:35:b8:1f:df:8b:1e:de:bf:b3:6f:77:4c:dd:a4:
                    52:db:5b:3d:99:02:9c:91:ad:19:e6:1d:d2:91:4d:
                    8a:4e:89:eb:ab:41:b8:08:58:45:d9:ac:dc:fd:90:
                    03:5b:88:eb:92:4a:5b:08:10:af:44:99:ab:9f:bc:
                    be:18:5c:1c:db:f8:5c:46:9b:2b:ba:5c:65:11:f3:
                    c3:4d:33:12:15:08:35:07:41:54:25:a6:76:97:49:
                    24:15:3b:f2:2a:33:c3:fb:8e:61:34:d9:6e:6c:81:
                    04:44:6c:36:05:96:da:73:47:bf:42:42:8f:b1:4b:
                    7e:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:D5:31:41:70:7C:8E:A1:5F:7D:33:B8:04:84:3F:E6:70:43:EA:64
            X509v3 Authority Key Identifier:
                keyid:BA:9B:18:0C:7C:F4:0C:2D:D7:FA:47:83:7E:51:9A:DF:BC:22:B0:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:9a:24:d3:72:d5:24:26:0b:34:e8:f4:99:c1:27:4a:64:62:
         b2:b5:8b:6c:08:4e:95:90:ac:7d:94:54:4b:40:3d:a7:41:46:
         4f:b3:25:60:b0:e1:41:da:57:e3:96:68:99:fe:01:9e:e7:09:
         ee:e0:9f:b6:b9:87:39:db:e8:5b:40:57:4d:f6:0d:56:44:d9:
         21:77:b9:0a:c5:22:c5:b9:ab:d2:f3:60:29:e6:a8:8f:d4:3f:
         d7:95:0a:cf:6f:3e:68:3a:4b:d4:f8:dd:04:59:ce:a0:9e:bc:
         ba:95:7b:b0:dd:2b:d0:7d:b7:78:d4:a3:a0:cc:bc:69:be:3e:
         f0:98:a8:78:99:9a:92:8e:f8:36:9c:1f:d3:43:e5:4f:c2:08:
         77:82:ec:7c:63:df:33:87:e2:27:38:7f:70:5a:b8:a9:a0:ee:
         f3:36:19:c5:4d:ba:e5:ca:a9:6d:f7:7a:26:87:ed:31:23:e2:
         c7:e9:13:d0:7a:1b:a8:e1:88:7a:12:d3:f7:e7:ba:df:9e:17:
         e9:14:66:25:d8:25:5b:e9:50:c1:c8:db:d5:54:0a:74:ae:0f:
         ab:cc:11:7c:3e:d6:b2:50:63:25:20:d7:9f:ad:fa:d2:7b:c1:
         ff:5f:b7:20:80:e7:49:e8:11:9d:5c:2f:32:85:bb:52:97:d7:
         ad:5c:ab:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plvnACAG497YBkj0ctH52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWIxODBjN2NmNDBjMmRkN2ZhNDc4MzdlNTE5YWRmYmMy
MmIwM2QwHhcNMjYwMzI2MTAwMDUzWhcNMjYwMzI3MTAwMDUzWjAzMTEwLwYDVQQD
EyhhNmQ1MzE0MTcwN2M4ZWExNWY3ZDMzYjgwNDg0M2ZlNjcwNDNlYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EblJJin6nlM0yNLUvKuYMIvlBKl
sPEh5GFb6BC4m5C2QubKm8lSGo87Con1TF/MClXzQaeVN8mQODl9ZqV3YsKtmBq/
qGms6rpUIm8ybmn7dtFrykZT/CnUg48Mu1lNKDTQ2QbLqYvI5ymu+aSEWulch/TB
/2xSuN2lloxGTz5QFuF6coGONbgf34se3r+zb3dM3aRS21s9mQKcka0Z5h3SkU2K
Tonrq0G4CFhF2azc/ZADW4jrkkpbCBCvRJmrn7y+GFwc2/hcRpsrulxlEfPDTTMS
FQg1B0FUJaZ2l0kkFTvyKjPD+45hNNlubIEERGw2BZbac0e/QkKPsUt+iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKbVMUFwfI6hX30zuASEP+ZwQ+pkMB8GA1UdIwQY
MBaAFLqbGAx89Awt1/pHg35Rmt+8IrA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80NTEyYTAtNzNmYS00NDI2LWI1ZTkt
NzRiNzc4YzBiNTQ2LzEvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy80NTEyYTAtNzNmYS00NDI2LWI1ZTktNzRiNzc4YzBiNTQ2
LzEvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJok03LV
JCYLNOj0mcEnSmRisrWLbAhOlZCsfZRUS0A9p0FGT7MlYLDhQdpX45Zomf4BnucJ
7uCftrmHOdvoW0BXTfYNVkTZIXe5CsUixbmr0vNgKeaoj9Q/15UKz28+aDpL1Pjd
BFnOoJ68upV7sN0r0H23eNSjoMy8ab4+8JioeJmako74Npwf00PlT8IId4LsfGPf
M4fiJzh/cFq4qaDu8zYZxU265cqpbfd6JoftMSPix+kT0HobqOGIehLT9+e6354X
6RRmJdglW+lQwcjb1VQKdK4Pq8wRfD7WslBjJSDXn6360nvB/1+3IIDnSegRnVwv
MoW7UpfXrVyrYQ==
-----END CERTIFICATE-----