Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          0GF3jD9e/QuBoppZzWwZFpfE54Ixf0HnAXbYiBQRaik=
Subject key identifier:   20:8D:79:AA:67:D1:42:99:0F:96:FE:EA:42:CE:73:21:BF:9B:89:54
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       01975BA545A5AA17C6DC3CB8AEDE9A4C7E47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          3A
Signing time:             Tue 10 Jun 2025 21:00:47 +0000
Manifest this update:     Tue 10 Jun 2025 21:00:47 +0000
Manifest next update:     Wed 11 Jun 2025 21:00:47 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: by3Vo8CAFWEtbL6q3FPfM4s1Ur9xUSucHnhCcJQn+oE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:a5:45:a5:aa:17:c6:dc:3c:b8:ae:de:9a:4c:7e:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Jun 10 21:00:47 2025 GMT
            Not After : Jun 11 21:00:47 2025 GMT
        Subject: CN=208d79aa67d142990f96feea42ce7321bf9b8954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:61:81:5b:58:1e:2e:85:a6:62:9b:bc:cc:12:
                    a9:70:89:39:45:b9:5b:37:7e:d2:c4:67:ba:09:7e:
                    3b:52:6e:15:c8:fd:da:da:f6:ff:0f:a3:47:50:29:
                    ea:a5:b6:26:8b:2c:59:10:5f:b8:e3:1c:6d:5f:72:
                    16:c7:5a:90:a8:e2:50:ac:f0:ff:aa:68:69:e4:95:
                    2b:0f:03:46:e3:07:20:af:2b:82:00:96:82:08:f8:
                    6b:f5:0c:9c:2f:c2:19:03:3e:97:d4:c0:5f:35:05:
                    e1:1c:31:e9:ae:c2:d2:05:3a:30:59:7a:8c:01:f0:
                    82:c6:4d:d0:1c:8e:35:b4:be:84:a1:99:dc:16:45:
                    24:e5:e1:aa:b6:3d:b0:3a:9d:74:f8:19:5b:04:2d:
                    8c:c9:39:32:fa:10:45:45:48:bf:e4:d5:75:ce:b7:
                    3a:92:8b:2c:73:32:4e:ea:2e:9e:4f:d0:a5:e6:a7:
                    ed:34:b8:fd:fb:65:52:f2:68:53:7b:ce:a5:d8:eb:
                    f6:0b:b0:0b:88:75:f1:cb:75:08:11:a6:ce:1d:41:
                    f9:0a:04:c8:7a:e7:8c:a3:74:ea:8e:4d:a0:b2:60:
                    5c:07:a2:cb:68:a7:ac:9e:30:f7:5e:b4:8b:85:a0:
                    5d:f8:bd:ac:2f:e1:11:29:5b:0a:8d:80:49:94:40:
                    9f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:8D:79:AA:67:D1:42:99:0F:96:FE:EA:42:CE:73:21:BF:9B:89:54
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:1d:aa:be:40:2e:c6:44:9a:c6:82:f6:7b:a1:96:b1:80:04:
         99:7f:fc:64:6d:95:fd:7d:9f:e1:d2:1a:b7:76:da:02:39:31:
         b1:59:24:47:11:c9:a2:1a:50:90:eb:ba:95:8e:6f:0c:c1:c2:
         80:22:b9:bc:4a:9b:da:93:e8:ba:0a:f4:e8:b7:1e:0e:bf:20:
         53:30:4d:5f:77:3b:11:1d:f9:01:c9:b3:7c:71:a8:0a:a0:14:
         d7:50:52:0c:19:e7:55:4c:88:e0:e3:18:c4:c5:ca:63:00:02:
         5e:38:f2:cb:1d:65:00:cf:6a:e3:9a:b4:59:13:fb:3a:8a:fd:
         40:57:dd:e5:bb:cc:e4:b6:55:b7:eb:31:c2:d7:03:42:21:9e:
         b1:8d:67:b9:f6:1a:51:0a:c7:29:53:24:ad:6b:c7:f0:d9:81:
         8d:59:a7:7e:e6:07:4b:ed:95:2a:e4:e8:18:8d:68:f4:75:67:
         ff:41:75:9e:93:95:a0:90:89:7a:02:fd:b2:5c:ec:39:bb:b9:
         71:20:42:f9:b1:fe:60:10:2f:32:a5:36:94:0f:08:9b:10:c3:
         ce:aa:d1:f1:f1:f6:72:19:6e:9b:12:7a:e5:ef:f1:c7:78:f9:
         0f:f3:76:d6:da:00:50:b8:4b:89:4f:47:6b:01:96:2b:95:81:
         f0:57:40:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbpUWlqhfG3Dy4rt6aTH5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwNjEwMjEwMDQ3WhcNMjUwNjExMjEwMDQ3WjAzMTEwLwYDVQQD
EygyMDhkNzlhYTY3ZDE0Mjk5MGY5NmZlZWE0MmNlNzMyMWJmOWI4OTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGGBW1geLoWmYpu8zBKpcIk5Rblb
N37SxGe6CX47Um4VyP3a2vb/D6NHUCnqpbYmiyxZEF+44xxtX3IWx1qQqOJQrPD/
qmhp5JUrDwNG4wcgryuCAJaCCPhr9QycL8IZAz6X1MBfNQXhHDHprsLSBTowWXqM
AfCCxk3QHI41tL6EoZncFkUk5eGqtj2wOp10+BlbBC2MyTky+hBFRUi/5NV1zrc6
kossczJO6i6eT9Cl5qftNLj9+2VS8mhTe86l2Ov2C7ALiHXxy3UIEabOHUH5CgTI
eueMo3Tqjk2gsmBcB6LLaKesnjD3XrSLhaBd+L2sL+ERKVsKjYBJlECftwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCNeapn0UKZD5b+6kLOcyG/m4lUMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARB2qvkAu
xkSaxoL2e6GWsYAEmX/8ZG2V/X2f4dIat3baAjkxsVkkRxHJohpQkOu6lY5vDMHC
gCK5vEqb2pPougr06LceDr8gUzBNX3c7ER35AcmzfHGoCqAU11BSDBnnVUyI4OMY
xMXKYwACXjjyyx1lAM9q45q0WRP7Oor9QFfd5bvM5LZVt+sxwtcDQiGesY1nufYa
UQrHKVMkrWvH8NmBjVmnfuYHS+2VKuToGI1o9HVn/0F1npOVoJCJegL9slzsObu5
cSBC+bH+YBAvMqU2lA8ImxDDzqrR8fH2chlumxJ65e/xx3j5D/N21toAULhLiU9H
awGWK5WB8FdAxw==
-----END CERTIFICATE-----