Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File:                     upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier:          Sru9RvDxVgMBY0aZjjYJUNyn/CuVtbHi7LG9TR/PzIQ=
Subject key identifier:   9B:81:D9:6A:B4:75:5E:B4:AD:1A:53:43:FD:82:8F:90:B0:A6:8B:83
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer:       /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial:       019A01EBF44732EDD9D752E183A31CCF3820
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number:          136E
Signing time:             Mon 20 Oct 2025 14:00:31 +0000
Manifest this update:     Mon 20 Oct 2025 14:00:31 +0000
Manifest next update:     Tue 21 Oct 2025 14:00:31 +0000
Files and hashes:         1: SIndVbkKUXy4BUQozeoniwpZDAY.roa (hash: w+S8wcJNHWfC84514ZDYZ2EFFwmdH9ulSWKDE7QHbmQ=)
                          2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: eLOtMO0aNAu2AvY/RRm//NooyKwtqtu7MB3bhBZvb5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:eb:f4:47:32:ed:d9:d7:52:e1:83:a3:1c:cf:38:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
        Validity
            Not Before: Oct 20 14:00:31 2025 GMT
            Not After : Oct 21 14:00:31 2025 GMT
        Subject: CN=9b81d96ab4755eb4ad1a5343fd828f90b0a68b83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f9:3b:ed:d5:e7:87:2e:a0:1f:4a:7c:47:d2:
                    db:67:aa:c1:a8:5e:89:f3:00:d4:53:51:b8:1f:1d:
                    f3:37:0b:61:55:8c:0b:06:77:20:da:6a:b3:79:ef:
                    3c:c9:56:b0:5b:6a:56:a3:75:f7:5b:00:c0:9a:8f:
                    86:7e:e5:9f:19:25:f9:ca:5d:67:d2:22:f1:72:09:
                    9e:57:de:37:60:20:69:26:60:1e:24:93:d0:50:4c:
                    74:d4:de:ca:06:51:95:43:73:01:7b:f8:ac:73:f9:
                    59:1a:66:c5:da:a5:b5:95:b4:d7:29:a3:13:a5:56:
                    49:a0:a1:2f:46:46:83:00:f5:78:89:20:42:9b:c6:
                    ea:f7:80:9e:2c:ca:66:e3:d1:46:10:30:90:d9:24:
                    09:42:75:be:d7:85:58:b4:0b:96:95:c3:54:c8:0c:
                    68:6b:c2:4f:1a:69:c8:63:05:d1:fc:4d:b3:9b:f7:
                    ce:2a:ef:45:01:1a:fe:48:44:7a:2a:6e:be:d2:2e:
                    95:b6:7b:16:e4:15:a9:ad:f3:dd:81:28:82:5e:e8:
                    42:57:1d:4a:7e:d0:5f:5d:88:2c:23:2f:d7:15:69:
                    96:99:50:dd:99:d1:0f:ab:db:cb:f5:6e:61:4e:0d:
                    75:85:e8:e9:f9:b7:87:24:6e:11:51:1f:cb:8f:0d:
                    a3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:81:D9:6A:B4:75:5E:B4:AD:1A:53:43:FD:82:8F:90:B0:A6:8B:83
            X509v3 Authority Key Identifier:
                keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:1a:f1:c3:de:f2:01:aa:5f:2d:a5:fa:fa:9f:a4:ad:5f:07:
         68:12:b1:80:43:1f:af:dc:eb:05:9f:aa:22:3c:8b:e8:ab:fc:
         c8:27:0b:9c:21:f0:b6:e1:1b:b6:db:5b:73:c1:ad:e5:57:fa:
         58:0c:f6:64:0f:23:f7:85:32:7c:8e:72:fa:bb:08:0b:14:ca:
         d6:02:48:c4:f7:76:74:02:ea:f2:ee:6d:0e:bf:5c:ce:42:1f:
         15:f2:cf:11:35:8f:fc:20:ba:6e:1b:c8:29:48:df:00:1b:bc:
         42:be:e8:6a:a5:0a:ee:af:46:ef:03:2c:0a:03:84:05:ae:d0:
         52:26:2b:3a:f8:9a:62:76:d1:36:ad:c4:36:e1:4b:75:83:6e:
         61:75:ba:22:94:e7:ca:a0:6c:c0:e6:d2:e1:56:56:d0:61:7f:
         6c:bc:f0:96:09:84:c2:23:89:a6:fa:76:bb:6c:8e:a5:c9:74:
         16:56:2d:ea:e5:60:b1:95:4a:41:6a:2f:b1:88:c5:11:1e:ba:
         52:19:db:27:49:2c:8c:48:b3:c3:7a:76:0e:77:05:e2:c1:54:
         11:01:14:78:9c:e5:f8:c8:a9:ab:eb:0a:cf:90:19:4f:b0:4d:
         73:1d:9e:cb:8f:b7:0e:1a:c0:23:7d:84:3f:65:78:f2:3f:44:
         f3:1c:d6:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoB6/RHMu3Z11Lhg6MczzggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjUxMDIwMTQwMDMxWhcNMjUxMDIxMTQwMDMxWjAzMTEwLwYDVQQD
Eyg5YjgxZDk2YWI0NzU1ZWI0YWQxYTUzNDNmZDgyOGY5MGIwYTY4YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Pk77dXnhy6gH0p8R9LbZ6rBqF6J
8wDUU1G4Hx3zNwthVYwLBncg2mqzee88yVawW2pWo3X3WwDAmo+GfuWfGSX5yl1n
0iLxcgmeV943YCBpJmAeJJPQUEx01N7KBlGVQ3MBe/isc/lZGmbF2qW1lbTXKaMT
pVZJoKEvRkaDAPV4iSBCm8bq94CeLMpm49FGEDCQ2SQJQnW+14VYtAuWlcNUyAxo
a8JPGmnIYwXR/E2zm/fOKu9FARr+SER6Km6+0i6VtnsW5BWprfPdgSiCXuhCVx1K
ftBfXYgsIy/XFWmWmVDdmdEPq9vL9W5hTg11hejp+beHJG4RUR/Ljw2jWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuB2Wq0dV60rRpTQ/2Cj5CwpouDMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJxrxw97y
AapfLaX6+p+krV8HaBKxgEMfr9zrBZ+qIjyL6Kv8yCcLnCHwtuEbtttbc8Gt5Vf6
WAz2ZA8j94UyfI5y+rsICxTK1gJIxPd2dALq8u5tDr9czkIfFfLPETWP/CC6bhvI
KUjfABu8Qr7oaqUK7q9G7wMsCgOEBa7QUiYrOviaYnbRNq3ENuFLdYNuYXW6IpTn
yqBswObS4VZW0GF/bLzwlgmEwiOJpvp2u2yOpcl0FlYt6uVgsZVKQWovsYjFER66
UhnbJ0ksjEizw3p2DncF4sFUEQEUeJzl+Mipq+sKz5AZT7BNcx2ey4+3DhrAI32E
P2V48j9E8xzWjA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:32:11 2025 by rpki-client