Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          zF4F9vIuDCNwRZ6RJP02HCzcrWPrCymCNZQwiOKG9SY=
Subject key identifier:   B8:02:0C:4D:BA:E5:6C:AB:FC:DD:21:C5:0A:78:04:76:A0:C0:81:46
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       019923A0221513BC672DA9DF719AD6D4588B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          0126
Signing time:             Sun 07 Sep 2025 10:02:01 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:01 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:01 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: Nb+k7kp1oUmCKouA/vhW3pWfqczcbXEuj/Hjg70yKtI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:22:15:13:bc:67:2d:a9:df:71:9a:d6:d4:58:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Sep  7 10:02:01 2025 GMT
            Not After : Sep  8 10:02:01 2025 GMT
        Subject: CN=b8020c4dbae56cabfcdd21c50a780476a0c08146
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a1:1f:a1:44:ec:96:81:39:3b:8a:82:ba:14:
                    00:e7:85:b2:b7:a4:f7:a6:45:e4:ba:4c:ca:57:5e:
                    22:b0:5b:d5:25:56:93:92:46:19:d1:21:5a:23:f9:
                    2d:b7:4f:f5:11:c1:4d:3c:f2:79:20:c9:51:d2:ee:
                    0c:70:52:95:f9:07:93:09:a5:f6:51:ba:6f:aa:7f:
                    f3:c8:f2:9c:59:14:8a:03:04:cd:8b:6b:ef:7c:d2:
                    d0:cf:ec:54:52:3c:40:24:fd:40:bb:37:c7:48:34:
                    46:ce:bb:2f:7d:3c:1c:db:fb:63:32:fe:16:b1:25:
                    e2:f7:2b:20:f4:97:13:ac:67:0b:f9:e2:f0:9d:54:
                    dc:4d:0c:6a:f7:07:09:3d:19:87:91:73:bb:cd:b6:
                    07:02:9c:ff:3d:ee:66:f1:e6:b0:0b:f2:c2:5b:26:
                    29:d5:bf:46:0d:66:5e:61:f8:14:36:05:0e:9c:26:
                    48:bb:3a:0b:ab:d0:bb:33:dc:f5:f7:7b:b8:ad:04:
                    71:c0:ac:eb:70:fb:71:d5:66:ae:4b:4b:d9:18:80:
                    be:01:63:9e:65:41:97:0f:d8:99:2b:6a:6d:60:12:
                    16:5b:5a:3f:52:82:bb:94:06:a1:0a:5d:e3:df:12:
                    05:34:3d:49:5a:60:dd:2f:d7:30:55:30:22:34:6a:
                    85:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:02:0C:4D:BA:E5:6C:AB:FC:DD:21:C5:0A:78:04:76:A0:C0:81:46
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:cc:b7:ae:94:8b:69:a5:b5:76:df:f2:ac:8f:52:df:75:30:
         bd:42:0f:5e:4a:8b:63:17:5c:ae:77:a9:7e:bb:95:15:85:6d:
         25:34:1e:52:7b:ce:2a:36:f6:44:d4:26:d1:03:d0:41:79:ec:
         71:30:5c:a5:8e:e4:3a:d5:7a:20:9c:11:63:a1:b6:4b:ed:bd:
         77:7b:c3:b8:5b:7f:75:bc:f4:3b:6c:87:52:02:41:15:8e:33:
         cf:52:19:4f:02:b5:95:84:b5:12:e3:1c:80:95:68:d7:24:a0:
         f6:38:41:d7:1e:7c:b6:23:52:bc:ff:a0:27:99:4e:d9:8b:d5:
         37:18:6e:d1:97:a3:87:0c:b6:3e:01:92:43:e3:5e:15:af:c4:
         06:42:01:96:87:84:4f:f9:44:27:0a:ae:33:28:8b:69:86:19:
         12:07:f7:51:b5:44:fc:06:21:00:24:d6:88:ad:59:fb:3f:29:
         9f:62:1e:7e:65:be:46:89:f5:ff:95:c8:e5:09:58:f8:27:56:
         6c:cb:d4:67:65:e5:a6:28:a1:0d:a0:e3:99:c8:38:45:3b:69:
         d4:76:b7:d5:06:75:17:4c:8d:95:2f:04:1c:f0:87:bc:37:57:
         3a:41:42:6e:7b:ce:62:47:c1:57:6b:5b:6f:5c:eb:04:e1:a4:
         00:05:7b:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoCIVE7xnLanfcZrW1FiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwOTA3MTAwMjAxWhcNMjUwOTA4MTAwMjAxWjAzMTEwLwYDVQQD
EyhiODAyMGM0ZGJhZTU2Y2FiZmNkZDIxYzUwYTc4MDQ3NmEwYzA4MTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6EfoUTsloE5O4qCuhQA54Wyt6T3
pkXkukzKV14isFvVJVaTkkYZ0SFaI/ktt0/1EcFNPPJ5IMlR0u4McFKV+QeTCaX2
Ubpvqn/zyPKcWRSKAwTNi2vvfNLQz+xUUjxAJP1AuzfHSDRGzrsvfTwc2/tjMv4W
sSXi9ysg9JcTrGcL+eLwnVTcTQxq9wcJPRmHkXO7zbYHApz/Pe5m8eawC/LCWyYp
1b9GDWZeYfgUNgUOnCZIuzoLq9C7M9z193u4rQRxwKzrcPtx1WauS0vZGIC+AWOe
ZUGXD9iZK2ptYBIWW1o/UoK7lAahCl3j3xIFND1JWmDdL9cwVTAiNGqFTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgCDE265Wyr/N0hxQp4BHagwIFGMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK8y3rpSL
aaW1dt/yrI9S33UwvUIPXkqLYxdcrnepfruVFYVtJTQeUnvOKjb2RNQm0QPQQXns
cTBcpY7kOtV6IJwRY6G2S+29d3vDuFt/dbz0O2yHUgJBFY4zz1IZTwK1lYS1EuMc
gJVo1ySg9jhB1x58tiNSvP+gJ5lO2YvVNxhu0Zejhwy2PgGSQ+NeFa/EBkIBloeE
T/lEJwquMyiLaYYZEgf3UbVE/AYhACTWiK1Z+z8pn2IefmW+Ron1/5XI5QlY+CdW
bMvUZ2XlpiihDaDjmcg4RTtp1Ha31QZ1F0yNlS8EHPCHvDdXOkFCbnvOYkfBV2tb
b1zrBOGkAAV7Qg==
-----END CERTIFICATE-----