Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
File:                     UPX-mbwiMohxFv2sgtQIKtvGrLc.mft (raw, json)
Hash identifier:          ggKQ5CcDEgN+KrgHGL75K6WxRawCjHg9x/CKN4ln1qQ=
Subject key identifier:   C8:D7:3D:2B:FD:A7:00:2C:31:1F:6C:91:98:1A:6B:AD:EE:62:4B:18
Authority key identifier: 50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7
Certificate issuer:       /CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
Certificate serial:       019A71B8174E101A65FD6EED1FDE8A2C3458
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
Manifest number:          05A8
Signing time:             Tue 11 Nov 2025 07:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:21 +0000
Files and hashes:         1: UPX-mbwiMohxFv2sgtQIKtvGrLc.crl (hash: KuUWAnswXK0GhSr9pw4qmwCAuRMfYxHglM3LGb1Ypow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:17:4e:10:1a:65:fd:6e:ed:1f:de:8a:2c:34:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
        Validity
            Not Before: Nov 11 07:01:21 2025 GMT
            Not After : Nov 12 07:01:21 2025 GMT
        Subject: CN=c8d73d2bfda7002c311f6c91981a6badee624b18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:14:b0:54:87:2a:a8:cf:cb:0d:bb:10:08:47:
                    c0:f2:16:8d:f9:84:07:bd:eb:97:c8:04:b0:17:70:
                    51:e6:e1:2d:66:3c:08:5c:13:5b:c0:7b:57:09:99:
                    d0:69:32:01:3c:0a:c4:96:fb:15:bc:9c:bf:2f:5d:
                    cf:f6:2b:c0:fd:4a:ba:f3:0b:2e:4f:87:5c:72:a6:
                    c9:cc:62:89:06:90:73:cc:01:92:7a:f3:d6:06:92:
                    73:c2:e6:2a:54:ae:d9:d9:88:be:b8:03:76:f9:72:
                    95:37:d8:33:cd:36:ca:e2:5e:cc:d6:f6:8f:31:8f:
                    d6:f3:4b:04:c0:82:6a:c9:30:12:bc:69:35:db:c3:
                    bd:1d:db:eb:14:8d:73:0d:8c:fb:28:c1:94:4c:99:
                    a4:5d:6d:ca:34:dd:ea:64:a5:f4:e7:41:2e:c1:fa:
                    62:a3:cc:a2:a3:0c:fd:69:b8:11:96:d4:1b:4f:cf:
                    66:67:2a:e2:09:af:cc:ba:f3:4f:26:f4:5e:89:1f:
                    fb:40:04:b2:18:a0:da:25:50:60:ec:61:22:bf:26:
                    13:1a:26:f5:5a:fe:1e:7e:a2:58:15:60:64:93:bd:
                    40:45:78:85:c1:f8:6a:e5:4f:33:ff:b2:10:35:2a:
                    a1:a6:27:b0:17:0c:94:38:09:a7:bb:bf:8d:45:5e:
                    70:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:D7:3D:2B:FD:A7:00:2C:31:1F:6C:91:98:1A:6B:AD:EE:62:4B:18
            X509v3 Authority Key Identifier:
                keyid:50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:55:6f:a0:a3:cf:d0:d1:3f:63:06:05:dd:a9:94:fd:6a:50:
         96:95:e4:bd:ca:7f:13:57:e3:9a:6a:9f:d6:c6:66:23:b0:43:
         e7:73:3f:b3:f4:25:97:a2:d6:b0:a5:3b:29:6c:23:bb:64:16:
         a7:dc:94:d6:15:a1:bb:95:36:37:49:4d:20:f7:96:2f:4b:cd:
         2b:9d:58:3e:ed:78:96:f4:90:f9:22:c9:5d:4e:64:0c:fb:2a:
         84:0c:27:ed:53:0d:a8:ec:cb:67:60:91:e9:74:e8:da:60:bd:
         86:68:53:ef:8e:c3:8a:d3:57:52:8e:c2:87:1b:33:d4:b7:4a:
         df:ce:d1:c9:70:34:cd:b5:85:3d:64:87:7c:d1:61:6b:96:11:
         ea:e8:06:b4:dc:93:3f:01:62:53:54:13:ee:5c:01:17:fd:0e:
         5b:98:38:f5:ec:c8:17:ae:7b:3e:1a:e0:2b:c7:41:9e:ac:a1:
         7c:dc:8a:be:1c:f7:a0:4e:36:77:f6:87:3c:c4:af:63:93:1f:
         d1:e7:86:e8:8d:77:f6:dc:78:41:34:ad:99:1a:5b:7c:e1:7a:
         13:27:37:df:19:88:1c:d0:b3:00:dc:6d:d0:2d:aa:ae:bf:b3:
         21:aa:41:ec:2d:fb:07:e0:2f:0c:86:66:6a:8a:8a:78:7c:e7:
         16:b9:85:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBdOEBpl/W7tH96KLDRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjVmZTk5YmMyMjMyODg3MTE2ZmRhYzgyZDQwODJhZGJj
NmFjYjcwHhcNMjUxMTExMDcwMTIxWhcNMjUxMTEyMDcwMTIxWjAzMTEwLwYDVQQD
EyhjOGQ3M2QyYmZkYTcwMDJjMzExZjZjOTE5ODFhNmJhZGVlNjI0YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRSwVIcqqM/LDbsQCEfA8haN+YQH
veuXyASwF3BR5uEtZjwIXBNbwHtXCZnQaTIBPArElvsVvJy/L13P9ivA/Uq68wsu
T4dccqbJzGKJBpBzzAGSevPWBpJzwuYqVK7Z2Yi+uAN2+XKVN9gzzTbK4l7M1vaP
MY/W80sEwIJqyTASvGk128O9HdvrFI1zDYz7KMGUTJmkXW3KNN3qZKX050Euwfpi
o8yiowz9abgRltQbT89mZyriCa/MuvNPJvReiR/7QASyGKDaJVBg7GEivyYTGib1
Wv4efqJYFWBkk71ARXiFwfhq5U8z/7IQNSqhpiewFwyUOAmnu7+NRV5wTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjXPSv9pwAsMR9skZgaa63uYksYMB8GA1UdIwQY
MBaAFFD1/pm8IjKIcRb9rILUCCrbxqy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmIt
NzQ1NmY0MzBjM2YxLzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmItNzQ1NmY0MzBjM2Yx
LzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhlVvoKPP
0NE/YwYF3amU/WpQlpXkvcp/E1fjmmqf1sZmI7BD53M/s/Qll6LWsKU7KWwju2QW
p9yU1hWhu5U2N0lNIPeWL0vNK51YPu14lvSQ+SLJXU5kDPsqhAwn7VMNqOzLZ2CR
6XTo2mC9hmhT747DitNXUo7Chxsz1LdK387RyXA0zbWFPWSHfNFha5YR6ugGtNyT
PwFiU1QT7lwBF/0OW5g49ezIF657PhrgK8dBnqyhfNyKvhz3oE42d/aHPMSvY5Mf
0eeG6I139tx4QTStmRpbfOF6Eyc33xmIHNCzANxt0C2qrr+zIapB7C37B+AvDIZm
aoqKeHznFrmFPA==
-----END CERTIFICATE-----