Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
File:                     UPX-mbwiMohxFv2sgtQIKtvGrLc.mft (raw, json)
Hash identifier:          AKXt60aT+TVa4b8fM4PZKfdFqkMELs47/5/X351GEHc=
Subject key identifier:   EA:9C:AF:A5:32:3E:AE:A3:39:91:B4:3A:0B:40:E0:87:BA:27:41:AA
Authority key identifier: 50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7
Certificate issuer:       /CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
Certificate serial:       019D333E93BCDB4B5EB4E01AA40468794445
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
Manifest number:          0717
Signing time:             Sat 28 Mar 2026 07:00:32 +0000
Manifest this update:     Sat 28 Mar 2026 07:00:32 +0000
Manifest next update:     Sun 29 Mar 2026 07:00:32 +0000
Files and hashes:         1: UPX-mbwiMohxFv2sgtQIKtvGrLc.crl (hash: AgiWKc6VN4RnmtBTe4kHcqEvr67PptIth1+kllBuBvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:3e:93:bc:db:4b:5e:b4:e0:1a:a4:04:68:79:44:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
        Validity
            Not Before: Mar 28 07:00:32 2026 GMT
            Not After : Mar 29 07:00:32 2026 GMT
        Subject: CN=ea9cafa5323eaea33991b43a0b40e087ba2741aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:93:4e:55:1d:a4:d0:fd:c2:46:a2:9a:cf:f1:
                    af:6e:b9:67:ab:b0:6d:42:d2:04:5e:83:ef:c1:b2:
                    8f:aa:3f:43:e8:9b:b9:fe:54:e3:3b:cf:ed:24:11:
                    26:72:48:af:12:a7:41:ea:27:59:5b:1c:d3:a4:14:
                    cd:70:8f:98:2a:f0:fb:4e:ea:5e:f2:22:5e:b6:fb:
                    db:ae:4d:17:63:44:38:7a:b4:5d:8b:e1:13:57:b2:
                    e1:f1:54:56:d9:70:ed:80:38:aa:95:91:ce:97:c4:
                    44:53:f1:60:00:24:29:b7:5b:dc:c8:ca:e1:f8:f1:
                    eb:5d:fe:86:96:36:06:52:3b:68:64:5b:e3:c0:3f:
                    c1:c1:69:1b:ea:83:7c:82:9c:b3:bc:dc:d1:13:5a:
                    fb:93:4d:50:b7:8a:4f:ae:12:3e:f6:5e:b8:f1:45:
                    93:c7:17:9f:86:81:12:a7:b0:f2:49:6f:87:c0:24:
                    59:95:79:88:24:46:fb:33:fb:18:8d:e2:01:f3:17:
                    3b:42:be:c0:22:ba:2b:66:bd:4c:fe:2b:25:3d:a1:
                    a8:0b:ec:84:3c:c1:c1:46:89:82:75:ba:51:26:6a:
                    06:d9:2b:3d:7a:bf:cc:a5:b0:25:8f:c6:40:1f:34:
                    4f:93:8d:18:74:02:91:72:02:89:02:83:1d:28:47:
                    b6:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:9C:AF:A5:32:3E:AE:A3:39:91:B4:3A:0B:40:E0:87:BA:27:41:AA
            X509v3 Authority Key Identifier:
                keyid:50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:87:8d:28:5d:32:91:04:b9:74:1e:76:6c:9b:32:56:71:cd:
         b6:84:47:26:6a:2d:64:41:31:ee:07:10:52:cb:cc:a3:d1:a3:
         09:ee:b6:c3:b7:23:64:ff:e8:fd:28:67:84:4f:b0:1c:2d:a5:
         43:10:52:70:3d:97:19:f2:81:db:54:a4:68:ed:fd:08:37:4a:
         5f:dc:8e:98:3d:6b:ec:bd:df:21:5f:6b:8d:67:ec:bd:38:87:
         d5:2e:d4:c1:c5:b3:bb:4d:16:ce:a9:44:06:b0:74:2f:8c:35:
         f0:04:f3:5a:6d:16:ba:49:fa:25:33:f4:cc:60:69:c9:11:33:
         01:bf:34:bb:02:5c:72:6d:74:68:4a:1d:11:1c:e1:7e:42:ba:
         e3:aa:aa:22:89:f6:c7:45:e7:04:25:94:5c:8b:a6:43:29:8e:
         d5:68:ef:b6:1d:28:05:ea:67:12:67:02:36:4c:08:d1:2f:d5:
         20:3e:6d:9d:2d:0e:3b:78:c9:84:e2:1f:b5:30:54:1b:35:c0:
         b1:02:b4:de:42:8d:6c:17:88:c9:5d:d8:7f:a0:07:aa:3f:be:
         64:e2:73:57:bd:0a:46:02:43:93:3a:f2:d5:e6:fb:24:9a:5c:
         f9:ab:a8:75:6a:c0:e3:6e:57:87:0e:e8:34:3d:c5:61:7e:16:
         54:42:15:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPpO820tetOAapARoeURFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjVmZTk5YmMyMjMyODg3MTE2ZmRhYzgyZDQwODJhZGJj
NmFjYjcwHhcNMjYwMzI4MDcwMDMyWhcNMjYwMzI5MDcwMDMyWjAzMTEwLwYDVQQD
EyhlYTljYWZhNTMyM2VhZWEzMzk5MWI0M2EwYjQwZTA4N2JhMjc0MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZNOVR2k0P3CRqKaz/Gvbrlnq7Bt
QtIEXoPvwbKPqj9D6Ju5/lTjO8/tJBEmckivEqdB6idZWxzTpBTNcI+YKvD7Tupe
8iJetvvbrk0XY0Q4erRdi+ETV7Lh8VRW2XDtgDiqlZHOl8REU/FgACQpt1vcyMrh
+PHrXf6GljYGUjtoZFvjwD/BwWkb6oN8gpyzvNzRE1r7k01Qt4pPrhI+9l648UWT
xxefhoESp7DySW+HwCRZlXmIJEb7M/sYjeIB8xc7Qr7AIrorZr1M/islPaGoC+yE
PMHBRomCdbpRJmoG2Ss9er/MpbAlj8ZAHzRPk40YdAKRcgKJAoMdKEe2FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqcr6UyPq6jOZG0OgtA4Ie6J0GqMB8GA1UdIwQY
MBaAFFD1/pm8IjKIcRb9rILUCCrbxqy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmIt
NzQ1NmY0MzBjM2YxLzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmItNzQ1NmY0MzBjM2Yx
LzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIeNKF0y
kQS5dB52bJsyVnHNtoRHJmotZEEx7gcQUsvMo9GjCe62w7cjZP/o/ShnhE+wHC2l
QxBScD2XGfKB21SkaO39CDdKX9yOmD1r7L3fIV9rjWfsvTiH1S7UwcWzu00WzqlE
BrB0L4w18ATzWm0Wukn6JTP0zGBpyREzAb80uwJccm10aEodERzhfkK646qqIon2
x0XnBCWUXIumQymO1Wjvth0oBepnEmcCNkwI0S/VID5tnS0OO3jJhOIftTBUGzXA
sQK03kKNbBeIyV3Yf6AHqj++ZOJzV70KRgJDkzry1eb7JJpc+auodWrA425Xhw7o
ND3FYX4WVEIVxw==
-----END CERTIFICATE-----