Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          th2+TPbu2PzERmoZ39Ne6Eh17PZb7zVfzKLEBNGHa6Q=
Subject key identifier:   D2:BA:96:37:6A:49:20:D7:65:CC:60:07:11:EC:3A:37:F8:C3:1F:35
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       019761709271FA457B0463E5E4A5CD579A8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          3D
Signing time:             Thu 12 Jun 2025 00:00:56 +0000
Manifest this update:     Thu 12 Jun 2025 00:00:56 +0000
Manifest next update:     Fri 13 Jun 2025 00:00:56 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: CvKwfp/fw+N3jo3NQqVGAL5js1iHOm4FcVn64TtjeKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:70:92:71:fa:45:7b:04:63:e5:e4:a5:cd:57:9a:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Jun 12 00:00:56 2025 GMT
            Not After : Jun 13 00:00:56 2025 GMT
        Subject: CN=d2ba96376a4920d765cc600711ec3a37f8c31f35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a7:19:07:ea:c3:07:e7:17:78:bf:07:4d:ec:
                    2b:4e:31:1d:a5:1a:95:34:a0:93:48:b5:10:90:2b:
                    c8:05:38:fa:e6:ab:3f:0b:f1:40:0a:96:b2:99:18:
                    71:e4:b6:16:d9:ac:5d:20:a4:c9:3c:5c:ef:19:cf:
                    0a:8e:d8:95:54:ab:16:4b:e5:b0:d6:50:65:5c:4d:
                    7f:6a:75:76:b1:28:9b:11:a0:0d:f0:d4:a3:52:f5:
                    5a:d5:98:d6:2a:07:e8:ad:ea:20:e4:5e:4b:9d:a8:
                    08:05:d1:74:f0:d4:f9:14:6a:6b:ec:07:71:5a:d8:
                    33:a5:7e:85:e9:21:9a:4e:f1:5e:b8:49:d4:18:60:
                    fb:5d:b7:f5:81:be:e2:0d:28:1e:ee:1f:09:53:ad:
                    cb:58:10:f5:8f:50:50:0d:42:b6:00:0c:cb:be:81:
                    1b:63:38:58:7c:57:93:c7:9d:ee:9d:b1:7b:5f:92:
                    c3:ea:45:53:4a:66:58:eb:cd:a4:1f:20:b4:04:b3:
                    f3:e2:7f:15:03:69:73:b1:63:66:7e:17:c3:2d:52:
                    e2:55:e2:3b:0c:02:c8:8d:0e:04:1a:44:49:a9:f1:
                    34:90:04:d1:c5:38:3f:cf:ec:68:f6:ae:59:ae:15:
                    c0:50:20:45:17:a8:20:d8:41:64:74:a3:ae:5d:ea:
                    a9:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:BA:96:37:6A:49:20:D7:65:CC:60:07:11:EC:3A:37:F8:C3:1F:35
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:39:ad:f7:87:92:d0:bf:60:9e:a6:ab:e5:47:fc:4a:13:1e:
         99:ec:9b:a9:34:80:06:4a:52:8c:00:49:82:e2:e9:f6:ba:0d:
         fb:ad:52:26:af:e1:9e:31:90:5b:0d:c4:e2:17:7c:9b:2b:9a:
         5a:8b:47:dd:ad:d1:d9:11:8d:18:5c:33:a4:b1:6c:2c:ee:de:
         89:9d:dc:67:db:51:1b:58:11:e0:1e:5f:18:c9:74:ef:37:be:
         1e:8f:69:77:aa:a5:c0:49:d8:95:1c:33:f3:c5:3d:b4:35:c6:
         53:63:25:d1:42:8c:a7:c1:f1:0d:2e:20:5d:52:c9:60:df:28:
         db:78:59:b9:e8:63:6a:1c:18:87:71:3f:52:59:01:cc:b2:c0:
         b5:f6:70:fa:07:2d:1c:57:5b:da:2a:57:00:9b:01:c0:6a:a2:
         02:d4:fe:2c:11:fb:05:e2:8b:a2:c1:4b:fb:46:ee:0d:8f:7d:
         ac:90:25:29:6f:f4:a2:61:ad:c7:e1:90:64:1a:85:53:b7:76:
         a5:c2:5c:90:3a:ae:95:1a:8d:6a:ae:e3:af:77:02:ad:62:95:
         5b:c4:0a:ab:c7:0a:86:b1:aa:d7:fe:10:2c:54:b6:14:cc:3c:
         a6:ec:de:4e:53:ff:63:78:bd:61:4e:9b:6e:ec:53:d3:22:7c:
         33:5a:1e:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhcJJx+kV7BGPl5KXNV5qMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwNjEyMDAwMDU2WhcNMjUwNjEzMDAwMDU2WjAzMTEwLwYDVQQD
EyhkMmJhOTYzNzZhNDkyMGQ3NjVjYzYwMDcxMWVjM2EzN2Y4YzMxZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16cZB+rDB+cXeL8HTewrTjEdpRqV
NKCTSLUQkCvIBTj65qs/C/FACpaymRhx5LYW2axdIKTJPFzvGc8KjtiVVKsWS+Ww
1lBlXE1/anV2sSibEaAN8NSjUvVa1ZjWKgforeog5F5LnagIBdF08NT5FGpr7Adx
WtgzpX6F6SGaTvFeuEnUGGD7Xbf1gb7iDSge7h8JU63LWBD1j1BQDUK2AAzLvoEb
YzhYfFeTx53unbF7X5LD6kVTSmZY682kHyC0BLPz4n8VA2lzsWNmfhfDLVLiVeI7
DALIjQ4EGkRJqfE0kATRxTg/z+xo9q5ZrhXAUCBFF6gg2EFkdKOuXeqpTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNK6ljdqSSDXZcxgBxHsOjf4wx81MB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTmt94eS
0L9gnqar5Uf8ShMemeybqTSABkpSjABJguLp9roN+61SJq/hnjGQWw3E4hd8myua
WotH3a3R2RGNGFwzpLFsLO7eiZ3cZ9tRG1gR4B5fGMl07ze+Ho9pd6qlwEnYlRwz
88U9tDXGU2Ml0UKMp8HxDS4gXVLJYN8o23hZuehjahwYh3E/UlkBzLLAtfZw+gct
HFdb2ipXAJsBwGqiAtT+LBH7BeKLosFL+0buDY99rJAlKW/0omGtx+GQZBqFU7d2
pcJckDqulRqNaq7jr3cCrWKVW8QKq8cKhrGq1/4QLFS2FMw8puzeTlP/Y3i9YU6b
buxT0yJ8M1oeEg==
-----END CERTIFICATE-----