Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
File:                     upyRALMvz2LV39ghy9BWq3PS5FU.mft (raw, json)
Hash identifier:          aaBi6O9VPIja8LvUp6codYjPeC+VET4YZp1IC2eW2YY=
Subject key identifier:   99:C4:CE:5C:E3:1F:10:36:07:CA:B1:39:9C:27:E0:CD:70:3A:8E:F6
Authority key identifier: BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55
Certificate issuer:       /CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
Certificate serial:       019D38667C0C35CE6579F6768891B8964D3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
Manifest number:          0DFF
Signing time:             Sun 29 Mar 2026 07:02:13 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:13 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:13 +0000
Files and hashes:         1: upyRALMvz2LV39ghy9BWq3PS5FU.crl (hash: GtiHg1VhfSQDAPcojsY4rZvHtvSNr/vzE75VSFokoUc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:7c:0c:35:ce:65:79:f6:76:88:91:b8:96:4d:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
        Validity
            Not Before: Mar 29 07:02:13 2026 GMT
            Not After : Mar 30 07:02:13 2026 GMT
        Subject: CN=99c4ce5ce31f103607cab1399c27e0cd703a8ef6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:12:75:c9:50:5b:e7:96:55:e6:87:1c:95:ae:
                    06:82:e9:46:0b:37:3a:c3:64:48:e5:d5:3f:58:20:
                    cd:25:c1:b9:ce:a5:37:12:bc:4e:cf:6c:fa:1a:62:
                    a4:75:49:24:2e:0e:5f:01:51:4e:1c:4b:04:55:24:
                    89:5c:f9:5a:95:46:06:c5:51:26:51:76:a2:83:23:
                    ca:90:fb:49:e1:7c:d0:91:70:14:40:91:72:55:d1:
                    06:da:9e:5f:ed:a9:ef:1b:3a:0e:a2:ec:62:95:2b:
                    f0:b1:8e:b8:16:e9:46:b2:44:ef:7e:eb:d5:67:00:
                    f1:b2:55:b1:03:81:12:50:94:e5:7a:13:9a:a1:c9:
                    be:78:dc:0c:c1:8f:bd:b4:69:0b:31:f6:80:5b:f4:
                    f5:c2:dd:dd:75:e2:a9:3b:c6:e3:e4:35:c5:a6:11:
                    f9:98:07:f6:77:0c:d5:da:11:0e:d4:df:2d:da:63:
                    38:e2:c4:aa:f1:04:86:d1:29:f6:00:3a:a8:b9:eb:
                    78:2e:26:1f:97:c5:7c:e8:97:ef:83:89:38:25:dd:
                    00:70:e1:ad:5f:f6:6f:dd:d4:b5:81:6d:b8:43:03:
                    7a:a8:bf:e7:cf:7b:44:f5:35:ae:4c:1c:f9:67:2d:
                    d5:d4:b3:65:0a:2a:d2:c7:81:bb:b5:35:f2:b8:3b:
                    16:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:C4:CE:5C:E3:1F:10:36:07:CA:B1:39:9C:27:E0:CD:70:3A:8E:F6
            X509v3 Authority Key Identifier:
                keyid:BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:2f:cf:6d:2d:85:d0:2f:d8:54:be:11:34:f5:ae:86:c3:d3:
         6e:47:f2:44:af:73:3a:32:fe:e8:b6:35:4b:1c:09:c1:82:ea:
         a0:35:71:18:f5:60:4f:bf:5a:94:6a:32:5a:5c:3e:c0:0a:85:
         3b:4e:52:7c:5f:59:09:68:49:d5:8a:3a:e8:db:37:69:da:bc:
         c9:3a:1d:a4:d8:a1:4a:ec:cc:b8:2f:8a:55:cc:bb:05:1c:32:
         d0:fd:61:2b:87:48:29:7c:14:2d:07:2a:cd:6c:64:ca:a5:b9:
         13:56:30:23:c8:96:18:3c:c2:85:02:f6:96:1f:f1:18:08:39:
         53:0d:0b:84:3e:9c:35:56:c6:96:8b:f0:35:af:a7:b3:58:49:
         65:9c:c1:43:a7:4e:8a:d2:67:f7:4f:68:dc:11:81:f7:e3:b6:
         8a:cf:d4:b1:76:44:12:e6:75:8f:ce:9e:18:81:5e:e2:ac:54:
         25:57:64:6c:d8:1b:30:7d:b6:c5:09:73:c6:48:12:7b:74:b8:
         bc:5e:cc:a3:08:78:b7:41:b1:ae:fc:c4:2b:ad:48:f1:80:e9:
         00:1c:e8:0e:49:69:06:c1:be:e7:b9:20:1f:82:d6:f3:09:79:
         9b:91:72:8b:2d:f3:6c:6d:8d:3f:58:d8:a1:06:5e:80:a7:c3:
         51:de:9d:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZnwMNc5lefZ2iJG4lk0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWM5MTAwYjMyZmNmNjJkNWRmZDgyMWNiZDA1NmFiNzNk
MmU0NTUwHhcNMjYwMzI5MDcwMjEzWhcNMjYwMzMwMDcwMjEzWjAzMTEwLwYDVQQD
Eyg5OWM0Y2U1Y2UzMWYxMDM2MDdjYWIxMzk5YzI3ZTBjZDcwM2E4ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBJ1yVBb55ZV5occla4GgulGCzc6
w2RI5dU/WCDNJcG5zqU3ErxOz2z6GmKkdUkkLg5fAVFOHEsEVSSJXPlalUYGxVEm
UXaigyPKkPtJ4XzQkXAUQJFyVdEG2p5f7anvGzoOouxilSvwsY64FulGskTvfuvV
ZwDxslWxA4ESUJTlehOaocm+eNwMwY+9tGkLMfaAW/T1wt3ddeKpO8bj5DXFphH5
mAf2dwzV2hEO1N8t2mM44sSq8QSG0Sn2ADqouet4LiYfl8V86Jfvg4k4Jd0AcOGt
X/Zv3dS1gW24QwN6qL/nz3tE9TWuTBz5Zy3V1LNlCirSx4G7tTXyuDsWqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnEzlzjHxA2B8qxOZwn4M1wOo72MB8GA1UdIwQY
MBaAFLqckQCzL89i1d/YIcvQVqtz0uRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQt
OTJkMGQwMTEzOWY5LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQtOTJkMGQwMTEzOWY5
LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApS/PbS2F
0C/YVL4RNPWuhsPTbkfyRK9zOjL+6LY1SxwJwYLqoDVxGPVgT79alGoyWlw+wAqF
O05SfF9ZCWhJ1Yo66Ns3adq8yTodpNihSuzMuC+KVcy7BRwy0P1hK4dIKXwULQcq
zWxkyqW5E1YwI8iWGDzChQL2lh/xGAg5Uw0LhD6cNVbGlovwNa+ns1hJZZzBQ6dO
itJn909o3BGB9+O2is/UsXZEEuZ1j86eGIFe4qxUJVdkbNgbMH22xQlzxkgSe3S4
vF7Mowh4t0GxrvzEK61I8YDpABzoDklpBsG+57kgH4LW8wl5m5Fyiy3zbG2NP1jY
oQZegKfDUd6dFw==
-----END CERTIFICATE-----