Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
File:                     upyRALMvz2LV39ghy9BWq3PS5FU.mft (raw, json)
Hash identifier:          ncKXo93OZN/+VuQVtcxuN+zdF55m86RXv/CZoufQ/lg=
Subject key identifier:   DF:F3:7B:1A:4E:3F:F0:25:01:7B:36:E1:48:FB:AC:C7:70:98:62:3A
Authority key identifier: BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55
Certificate issuer:       /CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
Certificate serial:       019EB8B3CA3DC8BA9EB1C082444D2889DCB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
Manifest number:          0EC6
Signing time:             Thu 11 Jun 2026 22:00:50 +0000
Manifest this update:     Thu 11 Jun 2026 22:00:50 +0000
Manifest next update:     Fri 12 Jun 2026 22:00:50 +0000
Files and hashes:         1: upyRALMvz2LV39ghy9BWq3PS5FU.crl (hash: WhNA4Nq0eSY2yicjz5EkG6KlEiP6omYL14FfGqc9jlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 20:26:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b8:b3:ca:3d:c8:ba:9e:b1:c0:82:44:4d:28:89:dc:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
        Validity
            Not Before: Jun 11 22:00:50 2026 GMT
            Not After : Jun 12 22:00:50 2026 GMT
        Subject: CN=dff37b1a4e3ff025017b36e148fbacc77098623a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8f:eb:62:00:02:e9:10:18:ed:bf:63:d9:de:
                    33:36:04:1d:49:ac:4d:f0:ee:46:fc:cf:b0:6b:75:
                    81:07:a1:b8:d0:b8:1a:bf:8d:9d:60:5b:bf:fa:f2:
                    c1:01:ce:db:30:21:4f:69:bd:81:cb:08:c9:cd:e4:
                    80:d5:7e:35:c8:8b:51:45:4b:74:dc:9c:bd:f5:ed:
                    db:c2:0f:7c:2b:71:1b:16:4f:b7:cd:79:be:1d:a9:
                    01:45:32:ef:3c:73:d0:d4:85:4b:63:f9:ed:cb:88:
                    ac:30:8b:ab:0f:ba:56:c5:41:05:17:19:e4:48:85:
                    ee:2a:49:7d:68:5e:c2:fe:08:8d:16:27:36:1e:bb:
                    32:cf:a8:71:6a:ee:2b:3a:85:e8:7e:10:ec:f8:5a:
                    b9:fa:b5:e1:33:b1:da:06:4d:44:01:d4:49:4c:ff:
                    30:37:70:4e:8f:cf:4f:30:5c:a1:99:14:1e:cc:bc:
                    5a:8d:fc:bd:d3:1e:98:75:99:de:7e:7a:92:d7:8f:
                    3f:b5:64:1d:fe:23:da:b0:47:6f:06:fd:09:da:fa:
                    aa:81:92:dc:8a:21:2b:a0:ce:14:54:da:40:e8:14:
                    d9:c6:37:44:13:4b:1f:ea:91:33:0f:75:87:39:ba:
                    03:e1:2c:3b:9d:88:7f:ec:95:4f:14:ed:12:80:c8:
                    bd:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:F3:7B:1A:4E:3F:F0:25:01:7B:36:E1:48:FB:AC:C7:70:98:62:3A
            X509v3 Authority Key Identifier:
                keyid:BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:ba:d0:9a:c9:c7:7b:e0:c9:ea:f3:b7:d4:39:7b:5d:ed:50:
         d5:f3:13:85:eb:de:60:cb:b2:1a:55:ed:2d:17:3d:86:f2:09:
         27:00:a2:f8:66:92:81:c1:09:ff:1b:19:f3:3d:51:07:3e:2c:
         aa:b4:be:c7:9b:a2:65:71:03:22:23:21:8d:c5:4e:d3:d7:5f:
         b1:f7:c9:cc:b6:be:18:55:11:c5:7d:e9:f1:56:f0:47:95:fb:
         a7:44:8e:20:de:dc:fe:7a:a4:a5:60:52:3a:1e:54:aa:26:6f:
         2f:52:c4:58:d1:80:d1:3d:b7:b1:c6:4b:d5:a5:bc:53:ed:cd:
         9e:c5:de:76:c2:cc:22:82:ad:1d:80:00:df:c6:58:47:0a:dd:
         b2:00:df:38:8d:a5:50:3c:1a:5b:fa:2d:db:7f:6c:e3:77:70:
         2a:f6:80:b5:60:28:1e:54:a5:e2:c3:64:73:57:47:3e:45:d1:
         af:f7:67:cb:89:72:75:59:6c:48:86:3c:17:c1:7e:8e:fa:71:
         ac:d8:dc:a7:1d:82:30:ab:c1:66:1b:e7:2f:13:49:b3:e4:f8:
         1a:d0:bf:84:2e:44:83:2a:99:70:d4:84:91:d3:0b:2d:ef:61:
         ae:eb:2b:65:0c:ed:44:dc:6e:3a:c4:c3:83:c0:b8:80:d6:38:
         6f:cd:35:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64s8o9yLqescCCRE0oidy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWM5MTAwYjMyZmNmNjJkNWRmZDgyMWNiZDA1NmFiNzNk
MmU0NTUwHhcNMjYwNjExMjIwMDUwWhcNMjYwNjEyMjIwMDUwWjAzMTEwLwYDVQQD
EyhkZmYzN2IxYTRlM2ZmMDI1MDE3YjM2ZTE0OGZiYWNjNzcwOTg2MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4/rYgAC6RAY7b9j2d4zNgQdSaxN
8O5G/M+wa3WBB6G40Lgav42dYFu/+vLBAc7bMCFPab2BywjJzeSA1X41yItRRUt0
3Jy99e3bwg98K3EbFk+3zXm+HakBRTLvPHPQ1IVLY/nty4isMIurD7pWxUEFFxnk
SIXuKkl9aF7C/giNFic2Hrsyz6hxau4rOoXofhDs+Fq5+rXhM7HaBk1EAdRJTP8w
N3BOj89PMFyhmRQezLxajfy90x6YdZnefnqS148/tWQd/iPasEdvBv0J2vqqgZLc
iiEroM4UVNpA6BTZxjdEE0sf6pEzD3WHOboD4Sw7nYh/7JVPFO0SgMi95QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/zexpOP/AlAXs24Uj7rMdwmGI6MB8GA1UdIwQY
MBaAFLqckQCzL89i1d/YIcvQVqtz0uRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQt
OTJkMGQwMTEzOWY5LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQtOTJkMGQwMTEzOWY5
LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7rQmsnH
e+DJ6vO31Dl7Xe1Q1fMTheveYMuyGlXtLRc9hvIJJwCi+GaSgcEJ/xsZ8z1RBz4s
qrS+x5uiZXEDIiMhjcVO09dfsffJzLa+GFURxX3p8VbwR5X7p0SOIN7c/nqkpWBS
Oh5UqiZvL1LEWNGA0T23scZL1aW8U+3NnsXedsLMIoKtHYAA38ZYRwrdsgDfOI2l
UDwaW/ot239s43dwKvaAtWAoHlSl4sNkc1dHPkXRr/dny4lydVlsSIY8F8F+jvpx
rNjcpx2CMKvBZhvnLxNJs+T4GtC/hC5EgyqZcNSEkdMLLe9hrusrZQztRNxuOsTD
g8C4gNY4b801gA==
-----END CERTIFICATE-----