Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
File:                     UPX-mbwiMohxFv2sgtQIKtvGrLc.mft (raw, json)
Hash identifier:          pwXTloUkXHW69jMKyQfjpOxOYSTvKt3Mnjz5asnN/cY=
Subject key identifier:   B6:38:FD:BB:B4:60:09:40:DE:4C:68:E2:72:95:FC:63:F4:FE:58:D6
Authority key identifier: 50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7
Certificate issuer:       /CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
Certificate serial:       019A50E2E8F4476844AC84ABEDD5FE362536
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
Manifest number:          0597
Signing time:             Tue 04 Nov 2025 22:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:39 +0000
Files and hashes:         1: UPX-mbwiMohxFv2sgtQIKtvGrLc.crl (hash: gueVzI11WANSbLwB/m2InMhV4ojP+N2Dfv6bqh1rfZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:e8:f4:47:68:44:ac:84:ab:ed:d5:fe:36:25:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
        Validity
            Not Before: Nov  4 22:00:39 2025 GMT
            Not After : Nov  5 22:00:39 2025 GMT
        Subject: CN=b638fdbbb4600940de4c68e27295fc63f4fe58d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f0:3c:56:80:a8:75:1c:4c:68:12:2e:b3:a7:
                    de:05:65:cb:40:67:8f:64:e6:20:17:17:b0:51:f3:
                    88:4c:ab:00:49:9a:84:a6:29:d0:59:53:3c:0c:42:
                    6e:fb:43:92:d2:5b:ae:9b:7c:14:3f:36:d0:fb:7e:
                    14:3d:ce:2c:35:6d:70:f9:2c:49:d5:00:2f:5d:e2:
                    ba:d0:a4:58:43:a3:21:38:12:6f:ca:8c:bb:78:fd:
                    08:68:cd:6c:e3:6b:b3:34:2e:4c:6d:af:f8:11:b6:
                    3b:80:dd:67:b6:e9:bd:e6:04:ea:14:99:bd:35:0e:
                    ce:a5:d1:3d:55:bf:3b:7b:e5:0f:15:55:95:30:fe:
                    51:9c:f8:98:ab:c4:a9:1b:04:f9:42:5a:70:4b:d8:
                    6c:3f:8a:b2:7d:df:c6:fa:f7:28:17:d7:c2:17:e2:
                    97:94:8f:f8:36:35:b7:e8:6a:44:5b:60:f1:e0:49:
                    20:7d:8b:39:ce:57:f2:d5:ff:26:0f:d1:b6:d2:e9:
                    6a:26:01:7c:60:91:12:5e:a0:a1:04:58:46:67:36:
                    7c:e4:62:91:2e:88:65:f6:db:20:a5:0d:c3:aa:31:
                    85:ee:9a:b7:86:e5:22:aa:1d:3c:5c:e4:73:04:e3:
                    56:bc:15:d9:2e:8a:1a:b5:89:5a:d2:22:f6:bf:41:
                    13:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:38:FD:BB:B4:60:09:40:DE:4C:68:E2:72:95:FC:63:F4:FE:58:D6
            X509v3 Authority Key Identifier:
                keyid:50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:2a:40:89:84:b3:c1:8a:aa:be:90:36:33:89:e3:d2:c4:55:
         40:57:c2:9a:2e:f3:44:e6:4d:65:df:68:c6:2b:19:7d:4a:48:
         e0:1b:53:67:4c:98:9e:85:6a:2d:61:27:d0:3e:05:03:0a:e8:
         34:ba:cb:71:ee:39:dc:34:9a:67:e6:0a:74:03:69:ab:26:f5:
         98:7a:08:f2:d2:0a:aa:a7:25:4d:76:0b:ed:f8:d5:64:57:14:
         9c:f6:21:e8:b8:4b:56:ab:05:4f:83:18:f3:de:10:f7:24:90:
         e5:69:2c:6b:57:87:a9:4d:d2:fd:0b:5a:0a:c1:bd:fa:1e:82:
         31:0b:d0:4c:d5:91:b2:88:c8:82:d6:4b:ad:f8:da:c2:fa:d0:
         27:6f:0f:e0:8c:8b:d0:ed:03:44:d7:19:74:fe:e5:67:6a:d6:
         71:a0:12:04:1f:7f:c8:87:2a:ac:a9:e3:8e:b0:35:85:57:b4:
         12:b0:64:f3:b2:0a:1a:92:c1:fa:15:c8:96:d5:a5:64:ec:67:
         7c:9b:46:88:11:a0:74:80:87:47:84:b0:11:1f:e2:e2:e4:26:
         c0:fc:a6:4a:c3:54:57:a3:e2:6f:9b:b3:bf:d3:4d:26:7a:d1:
         c8:30:f6:fc:6e:d8:5b:bc:ae:b4:4c:b9:d6:00:d3:1d:73:fd:
         4e:94:49:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4uj0R2hErISr7dX+NiU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjVmZTk5YmMyMjMyODg3MTE2ZmRhYzgyZDQwODJhZGJj
NmFjYjcwHhcNMjUxMTA0MjIwMDM5WhcNMjUxMTA1MjIwMDM5WjAzMTEwLwYDVQQD
EyhiNjM4ZmRiYmI0NjAwOTQwZGU0YzY4ZTI3Mjk1ZmM2M2Y0ZmU1OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/A8VoCodRxMaBIus6feBWXLQGeP
ZOYgFxewUfOITKsASZqEpinQWVM8DEJu+0OS0luum3wUPzbQ+34UPc4sNW1w+SxJ
1QAvXeK60KRYQ6MhOBJvyoy7eP0IaM1s42uzNC5Mba/4EbY7gN1ntum95gTqFJm9
NQ7OpdE9Vb87e+UPFVWVMP5RnPiYq8SpGwT5QlpwS9hsP4qyfd/G+vcoF9fCF+KX
lI/4NjW36GpEW2Dx4EkgfYs5zlfy1f8mD9G20ulqJgF8YJESXqChBFhGZzZ85GKR
Lohl9tsgpQ3DqjGF7pq3huUiqh08XORzBONWvBXZLooatYla0iL2v0ETIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLY4/bu0YAlA3kxo4nKV/GP0/ljWMB8GA1UdIwQY
MBaAFFD1/pm8IjKIcRb9rILUCCrbxqy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmIt
NzQ1NmY0MzBjM2YxLzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmItNzQ1NmY0MzBjM2Yx
LzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAASpAiYSz
wYqqvpA2M4nj0sRVQFfCmi7zROZNZd9oxisZfUpI4BtTZ0yYnoVqLWEn0D4FAwro
NLrLce453DSaZ+YKdANpqyb1mHoI8tIKqqclTXYL7fjVZFcUnPYh6LhLVqsFT4MY
894Q9ySQ5Wksa1eHqU3S/QtaCsG9+h6CMQvQTNWRsojIgtZLrfjawvrQJ28P4IyL
0O0DRNcZdP7lZ2rWcaASBB9/yIcqrKnjjrA1hVe0ErBk87IKGpLB+hXIltWlZOxn
fJtGiBGgdICHR4SwER/i4uQmwPymSsNUV6Pib5uzv9NNJnrRyDD2/G7YW7yutEy5
1gDTHXP9TpRJjQ==
-----END CERTIFICATE-----