Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          eX1+wLdLXY5avh2EFCxop5aDwR1tGPtTfRRqBqdAKf8=
Subject key identifier:   A9:A3:2C:8F:AE:66:24:AD:A9:FC:00:9A:CB:35:D7:21:EB:83:7D:46
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       0197673B9821BB07C699120E42010A498A17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          40
Signing time:             Fri 13 Jun 2025 03:00:48 +0000
Manifest this update:     Fri 13 Jun 2025 03:00:48 +0000
Manifest next update:     Sat 14 Jun 2025 03:00:48 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: H66htaR7SMkBep1iD/CrPSfl9OKsvMlVSOeENxTL6E8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:3b:98:21:bb:07:c6:99:12:0e:42:01:0a:49:8a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Jun 13 03:00:48 2025 GMT
            Not After : Jun 14 03:00:48 2025 GMT
        Subject: CN=a9a32c8fae6624ada9fc009acb35d721eb837d46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:20:c4:59:d2:bc:6a:92:4f:15:61:01:41:c4:
                    ea:e3:c5:ac:74:ca:63:71:6a:bd:7f:1d:d0:aa:a0:
                    ec:f8:1f:6b:58:f9:35:ae:35:4a:58:b5:18:7a:60:
                    25:f9:f3:32:85:70:ee:58:5c:88:7b:50:87:d6:47:
                    34:10:ec:f3:b9:1f:1c:5b:23:99:45:1a:86:39:e5:
                    a5:22:19:cc:e3:a2:1f:67:44:24:6b:df:3c:e7:2f:
                    19:56:d3:39:fa:2d:81:aa:7b:f6:12:fc:4a:4d:90:
                    d3:fc:b8:af:90:75:a2:17:2d:c9:9f:64:c7:10:37:
                    40:f6:ee:f3:54:f0:f8:89:bc:5b:39:d0:a9:94:05:
                    c9:d9:f9:9a:9b:2e:46:e2:50:c3:a2:18:10:59:59:
                    4e:bb:83:c9:5e:a1:68:75:d8:a0:f3:4a:16:93:c3:
                    97:97:20:05:4d:91:58:bd:a4:09:69:86:70:2b:23:
                    d6:03:51:2e:b1:dc:24:c9:d5:d8:e5:a2:e9:c2:f8:
                    bc:64:72:e1:7d:a8:86:0a:d1:23:7a:58:c5:2c:58:
                    bc:bd:fd:2d:e4:8e:f1:eb:cf:78:c6:d2:16:51:51:
                    29:a8:07:4b:3c:0d:1b:e9:97:b3:75:dc:b6:7d:94:
                    1a:c4:7a:a0:7a:5c:57:c9:82:96:c4:77:35:dd:a1:
                    4e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:A3:2C:8F:AE:66:24:AD:A9:FC:00:9A:CB:35:D7:21:EB:83:7D:46
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:b9:b9:b5:3d:1d:77:2c:db:61:ba:14:ac:3a:4e:14:fd:f1:
         ed:d5:18:62:8d:e6:4e:8b:7c:08:cd:35:19:83:fa:80:92:58:
         18:7c:5c:3b:4c:b9:02:3e:5f:36:16:35:3b:7a:29:9d:49:e8:
         20:8c:ae:e0:8c:7e:3d:20:7f:a2:7a:e0:d2:e2:6f:cc:6b:f0:
         ad:ec:a8:49:99:59:91:33:2d:a5:c7:84:0f:14:65:5c:ce:d0:
         dc:3d:e1:b7:9a:23:6c:6c:95:cd:89:18:81:b7:88:9e:32:3d:
         bf:ae:a9:0c:25:8d:1c:b3:d1:74:a7:1d:3e:fb:4f:42:d7:f8:
         3b:02:7e:1c:45:8c:94:dd:d0:5b:b6:e6:f8:ce:19:53:5e:35:
         ca:1c:dd:67:89:e8:43:cf:28:49:37:9e:97:1f:3b:b2:8a:0d:
         99:57:50:06:4b:0a:07:04:37:8b:6f:c4:04:07:4a:57:27:6a:
         01:b1:52:d6:16:a3:e0:e5:e0:c3:df:ef:e7:be:b5:7f:5f:06:
         2d:26:98:07:5d:e0:ce:22:1e:4b:47:dd:ca:1a:23:ae:fc:69:
         26:b7:33:d5:77:32:51:c0:45:95:b9:98:f3:c7:51:7b:3c:eb:
         97:72:1e:86:fa:ed:e0:21:0d:ff:15:40:f6:f7:44:a8:fb:93:
         c6:63:7f:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnO5ghuwfGmRIOQgEKSYoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwNjEzMDMwMDQ4WhcNMjUwNjE0MDMwMDQ4WjAzMTEwLwYDVQQD
EyhhOWEzMmM4ZmFlNjYyNGFkYTlmYzAwOWFjYjM1ZDcyMWViODM3ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyDEWdK8apJPFWEBQcTq48WsdMpj
cWq9fx3QqqDs+B9rWPk1rjVKWLUYemAl+fMyhXDuWFyIe1CH1kc0EOzzuR8cWyOZ
RRqGOeWlIhnM46IfZ0Qka9885y8ZVtM5+i2Bqnv2EvxKTZDT/LivkHWiFy3Jn2TH
EDdA9u7zVPD4ibxbOdCplAXJ2fmamy5G4lDDohgQWVlOu4PJXqFoddig80oWk8OX
lyAFTZFYvaQJaYZwKyPWA1EusdwkydXY5aLpwvi8ZHLhfaiGCtEjeljFLFi8vf0t
5I7x6894xtIWUVEpqAdLPA0b6Zezddy2fZQaxHqgelxXyYKWxHc13aFOjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmjLI+uZiStqfwAmss11yHrg31GMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADLm5tT0d
dyzbYboUrDpOFP3x7dUYYo3mTot8CM01GYP6gJJYGHxcO0y5Aj5fNhY1O3opnUno
IIyu4Ix+PSB/onrg0uJvzGvwreyoSZlZkTMtpceEDxRlXM7Q3D3ht5ojbGyVzYkY
gbeInjI9v66pDCWNHLPRdKcdPvtPQtf4OwJ+HEWMlN3QW7bm+M4ZU141yhzdZ4no
Q88oSTeelx87sooNmVdQBksKBwQ3i2/EBAdKVydqAbFS1haj4OXgw9/v5761f18G
LSaYB13gziIeS0fdyhojrvxpJrcz1XcyUcBFlbmY88dRezzrl3Iehvrt4CEN/xVA
9vdEqPuTxmN/Vg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 05:36:43 2025 by rpki-client