Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
File:                     upyRALMvz2LV39ghy9BWq3PS5FU.mft (raw, json)
Hash identifier:          FbYGkmBhye4irYpeOjmGxGuj+3Qzl8ChVlkHsl4i600=
Subject key identifier:   0C:69:0A:15:8A:19:93:63:66:C4:99:7C:89:75:9F:00:25:F1:1E:D1
Authority key identifier: BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55
Certificate issuer:       /CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
Certificate serial:       019A71B7A2000A83002EFBC7CD14481C11E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
Manifest number:          0C8F
Signing time:             Tue 11 Nov 2025 07:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:51 +0000
Files and hashes:         1: upyRALMvz2LV39ghy9BWq3PS5FU.crl (hash: J4AvY+y7jfCGIksKt7ON9hLZLUCBmFlK4oMfcb9PrBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:a2:00:0a:83:00:2e:fb:c7:cd:14:48:1c:11:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
        Validity
            Not Before: Nov 11 07:00:51 2025 GMT
            Not After : Nov 12 07:00:51 2025 GMT
        Subject: CN=0c690a158a19936366c4997c89759f0025f11ed1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:09:ad:d4:b5:d7:1d:c8:9e:8c:d3:96:dd:71:
                    72:bc:37:dc:9c:a4:8b:74:12:2a:8d:99:0e:a2:1f:
                    31:9d:46:1e:5c:cd:94:a9:1e:cd:bd:a5:df:91:37:
                    b6:0d:73:a0:dc:ed:34:47:94:16:85:bb:41:24:3c:
                    4f:ca:60:e2:cd:bb:ce:a1:c5:73:0b:4a:3e:19:b4:
                    7c:61:88:d0:99:11:d0:a6:11:6c:cc:f7:e1:15:48:
                    06:cb:2a:bd:a1:73:dc:69:78:98:0a:4b:2b:55:a6:
                    4a:cc:53:a7:14:ae:f8:a6:15:85:39:7c:44:77:0b:
                    45:27:e6:75:a0:c8:4a:43:42:f7:20:66:47:6b:15:
                    c9:fb:4c:64:4b:da:64:54:3b:2d:85:99:34:15:55:
                    55:54:25:a1:af:e7:2d:0b:93:c4:46:aa:b5:70:2f:
                    d6:58:17:d7:02:16:45:20:c0:89:a7:15:1f:23:c2:
                    8a:fa:6d:f2:e4:6a:63:76:b6:54:1d:af:f1:82:5a:
                    41:b0:4e:b2:33:38:e8:56:80:e3:b7:a2:38:23:b7:
                    38:0d:f2:2a:0f:ef:f6:f1:de:4c:34:c7:17:ba:71:
                    b2:75:c8:03:85:2b:25:66:6d:d7:9c:49:8a:68:bf:
                    ab:a9:e3:03:8e:19:24:82:b3:2b:31:55:76:e1:c4:
                    10:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:69:0A:15:8A:19:93:63:66:C4:99:7C:89:75:9F:00:25:F1:1E:D1
            X509v3 Authority Key Identifier:
                keyid:BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:71:6d:30:b0:5a:4c:3e:99:87:27:bb:c4:27:a7:b4:93:f9:
         34:9b:e8:53:82:08:d1:b2:76:28:30:e1:54:ba:83:1e:c7:d2:
         82:5d:89:4f:00:f2:7b:78:2f:8a:f3:22:15:c3:2d:4b:79:b4:
         dd:26:ea:11:bf:36:4d:87:c5:15:5f:23:10:10:a9:c8:57:05:
         81:28:d8:d4:b2:d2:38:83:e8:f0:3a:3e:35:54:38:5a:f4:aa:
         48:4f:53:95:f1:27:53:f6:07:97:6f:a4:1c:40:5c:0d:7f:4e:
         aa:99:3a:01:97:1d:78:25:07:92:bc:23:28:01:30:6d:66:c1:
         07:b9:3e:91:f0:1f:61:82:5a:4a:b8:21:4d:15:91:16:b3:13:
         9b:5c:14:a7:f5:21:db:eb:3e:71:be:2a:b7:02:a6:9a:43:ce:
         70:2c:7a:36:d6:06:b5:d9:bb:ca:d5:6a:9d:e4:60:47:26:21:
         6f:04:81:d7:83:36:09:64:4c:43:30:32:e2:ea:c0:10:7d:29:
         3a:8a:50:b6:dc:46:cd:ac:11:02:04:22:e8:c7:a8:57:4c:8e:
         fc:b3:ba:b3:5f:de:a7:3a:a3:6f:e2:4a:d9:73:1a:2d:8b:c6:
         62:ba:a5:e8:0a:7f:a8:81:5e:fd:23:ea:d8:bd:e0:cd:10:07:
         b4:43:ee:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6IACoMALvvHzRRIHBHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWM5MTAwYjMyZmNmNjJkNWRmZDgyMWNiZDA1NmFiNzNk
MmU0NTUwHhcNMjUxMTExMDcwMDUxWhcNMjUxMTEyMDcwMDUxWjAzMTEwLwYDVQQD
EygwYzY5MGExNThhMTk5MzYzNjZjNDk5N2M4OTc1OWYwMDI1ZjExZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgmt1LXXHciejNOW3XFyvDfcnKSL
dBIqjZkOoh8xnUYeXM2UqR7NvaXfkTe2DXOg3O00R5QWhbtBJDxPymDizbvOocVz
C0o+GbR8YYjQmRHQphFszPfhFUgGyyq9oXPcaXiYCksrVaZKzFOnFK74phWFOXxE
dwtFJ+Z1oMhKQ0L3IGZHaxXJ+0xkS9pkVDsthZk0FVVVVCWhr+ctC5PERqq1cC/W
WBfXAhZFIMCJpxUfI8KK+m3y5GpjdrZUHa/xglpBsE6yMzjoVoDjt6I4I7c4DfIq
D+/28d5MNMcXunGydcgDhSslZm3XnEmKaL+rqeMDjhkkgrMrMVV24cQQtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxpChWKGZNjZsSZfIl1nwAl8R7RMB8GA1UdIwQY
MBaAFLqckQCzL89i1d/YIcvQVqtz0uRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQt
OTJkMGQwMTEzOWY5LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQtOTJkMGQwMTEzOWY5
LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnHFtMLBa
TD6Zhye7xCentJP5NJvoU4II0bJ2KDDhVLqDHsfSgl2JTwDye3gvivMiFcMtS3m0
3SbqEb82TYfFFV8jEBCpyFcFgSjY1LLSOIPo8Do+NVQ4WvSqSE9TlfEnU/YHl2+k
HEBcDX9Oqpk6AZcdeCUHkrwjKAEwbWbBB7k+kfAfYYJaSrghTRWRFrMTm1wUp/Uh
2+s+cb4qtwKmmkPOcCx6NtYGtdm7ytVqneRgRyYhbwSB14M2CWRMQzAy4urAEH0p
OopQttxGzawRAgQi6MeoV0yO/LO6s1/epzqjb+JK2XMaLYvGYrql6Ap/qIFe/SPq
2L3gzRAHtEPuQQ==
-----END CERTIFICATE-----