Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
File:                     UPX-mbwiMohxFv2sgtQIKtvGrLc.mft (raw, json)
Hash identifier:          PSIW9fQgsYUrO8mwkYLduW5IXNeAR4ngMFoPiIOcDEQ=
Subject key identifier:   B0:D8:CA:DD:3A:8B:7F:3E:31:D4:92:98:1C:64:3A:BC:94:80:FB:87
Authority key identifier: 50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7
Certificate issuer:       /CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
Certificate serial:       019D9B876B08DD9F221C63AFB5036DADB511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
Manifest number:          074D
Signing time:             Fri 17 Apr 2026 13:00:36 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:36 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:36 +0000
Files and hashes:         1: UPX-mbwiMohxFv2sgtQIKtvGrLc.crl (hash: VjSEJUCfxuamyUB8hvDF8HMG6IadvfL/XaRAc8549bI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:6b:08:dd:9f:22:1c:63:af:b5:03:6d:ad:b5:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
        Validity
            Not Before: Apr 17 13:00:36 2026 GMT
            Not After : Apr 18 13:00:36 2026 GMT
        Subject: CN=b0d8cadd3a8b7f3e31d492981c643abc9480fb87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:38:ba:7f:92:b4:17:ff:3d:fe:d1:df:6e:89:
                    71:5c:96:42:ab:dd:5b:ee:12:34:c4:eb:c5:4c:01:
                    65:89:2f:cf:da:08:66:bb:ac:b8:89:be:0a:6e:2a:
                    8b:ab:b5:21:5f:ad:de:86:05:58:89:33:cc:60:d5:
                    0a:84:8d:f8:f3:61:4e:cf:e0:2b:8b:f7:a4:63:37:
                    92:6a:80:b8:c4:be:a2:aa:25:14:e7:35:2a:89:6b:
                    f8:61:bb:af:d9:39:72:a3:57:f3:4b:66:4d:2a:a9:
                    92:a5:31:d7:98:ae:e2:b9:68:13:ac:33:58:ea:6c:
                    81:bd:71:bc:3a:9c:d2:b5:55:91:67:3f:8e:23:af:
                    20:12:05:b4:2c:a7:a7:55:28:a3:4f:7b:35:80:29:
                    d8:fb:d6:62:16:c7:d0:ac:38:3d:28:bd:34:85:a7:
                    ec:8b:07:85:ca:7b:6d:4b:84:7a:53:f7:1e:35:2d:
                    0a:59:ec:5b:8f:b7:ba:00:62:7f:30:49:eb:43:1d:
                    ca:6d:72:51:fc:a8:e5:93:ee:8d:24:b6:b6:f0:af:
                    1b:70:ec:d1:4b:91:d4:b5:7a:1d:3b:c9:13:e0:7a:
                    9f:e0:be:7f:23:47:bb:8e:f5:f9:66:cf:4f:cf:75:
                    e4:8c:2e:94:ea:8c:f2:e8:39:31:f9:b1:d8:a5:28:
                    1b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D8:CA:DD:3A:8B:7F:3E:31:D4:92:98:1C:64:3A:BC:94:80:FB:87
            X509v3 Authority Key Identifier:
                keyid:50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:33:5c:52:b9:8a:f1:dc:a4:22:c2:82:bc:4c:8a:c0:df:64:
         84:22:36:ec:7c:7d:7d:33:65:a3:08:5b:6f:29:7e:bd:30:b2:
         df:2c:92:2c:0b:d9:16:35:f8:55:4e:de:ee:d9:0c:22:cd:3a:
         58:69:f2:1a:b2:00:41:8b:3f:18:eb:c3:a3:e1:b1:7a:e6:e0:
         cd:a6:42:85:d8:82:b4:9d:45:c0:b7:d6:63:d3:67:a7:9f:13:
         52:5b:de:57:48:f3:dc:1e:e1:51:71:cb:6b:bb:46:bd:10:94:
         28:bd:36:e8:92:36:aa:f4:a0:20:9f:5a:a4:aa:5b:66:7e:23:
         f2:01:69:b0:aa:ac:23:48:26:86:a3:e6:68:ac:2e:ef:d4:c8:
         16:51:8c:0a:ab:c4:15:40:7d:28:98:48:4d:90:37:19:4a:76:
         c6:22:83:16:35:a0:9e:a6:1e:3c:c6:b2:70:f9:39:de:23:cf:
         d6:48:ff:42:cf:48:db:8b:19:f4:35:60:14:09:22:79:dd:0f:
         8e:79:a4:16:92:98:a0:7a:09:48:79:a3:39:aa:d3:ce:38:0c:
         cf:09:44:f1:4a:d6:aa:ac:af:9d:8d:58:e3:3a:7f:93:e1:8d:
         56:26:b3:a7:29:62:67:84:93:c9:39:96:de:bf:d6:bd:4f:f1:
         6c:f4:ea:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh2sI3Z8iHGOvtQNtrbURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjVmZTk5YmMyMjMyODg3MTE2ZmRhYzgyZDQwODJhZGJj
NmFjYjcwHhcNMjYwNDE3MTMwMDM2WhcNMjYwNDE4MTMwMDM2WjAzMTEwLwYDVQQD
EyhiMGQ4Y2FkZDNhOGI3ZjNlMzFkNDkyOTgxYzY0M2FiYzk0ODBmYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkji6f5K0F/89/tHfbolxXJZCq91b
7hI0xOvFTAFliS/P2ghmu6y4ib4KbiqLq7UhX63ehgVYiTPMYNUKhI3482FOz+Ar
i/ekYzeSaoC4xL6iqiUU5zUqiWv4Ybuv2Tlyo1fzS2ZNKqmSpTHXmK7iuWgTrDNY
6myBvXG8OpzStVWRZz+OI68gEgW0LKenVSijT3s1gCnY+9ZiFsfQrDg9KL00hafs
iweFynttS4R6U/ceNS0KWexbj7e6AGJ/MEnrQx3KbXJR/Kjlk+6NJLa28K8bcOzR
S5HUtXodO8kT4Hqf4L5/I0e7jvX5Zs9Pz3XkjC6U6ozy6Dkx+bHYpSgbMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDYyt06i38+MdSSmBxkOryUgPuHMB8GA1UdIwQY
MBaAFFD1/pm8IjKIcRb9rILUCCrbxqy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmIt
NzQ1NmY0MzBjM2YxLzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmItNzQ1NmY0MzBjM2Yx
LzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXTNcUrmK
8dykIsKCvEyKwN9khCI27Hx9fTNlowhbbyl+vTCy3yySLAvZFjX4VU7e7tkMIs06
WGnyGrIAQYs/GOvDo+GxeubgzaZChdiCtJ1FwLfWY9Nnp58TUlveV0jz3B7hUXHL
a7tGvRCUKL026JI2qvSgIJ9apKpbZn4j8gFpsKqsI0gmhqPmaKwu79TIFlGMCqvE
FUB9KJhITZA3GUp2xiKDFjWgnqYePMaycPk53iPP1kj/Qs9I24sZ9DVgFAkied0P
jnmkFpKYoHoJSHmjOarTzjgMzwlE8UrWqqyvnY1Y4zp/k+GNViazpyliZ4STyTmW
3r/WvU/xbPTqoQ==
-----END CERTIFICATE-----