Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          dvg4xErLUXhdbRgAf0b1tVB+NHoVr/Nl6ta5fG3ticg=
Subject key identifier:   E9:00:43:9F:46:C7:50:65:31:EB:48:23:C5:9D:A1:1B:61:17:C6:8C
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       019A71B861FF22FC0838FD43010546E05D66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:01:40 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:40 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:40 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: /hu8Ia1w/lIvq3ENFo3Dujef66z2M5JJ2P94flHad9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:61:ff:22:fc:08:38:fd:43:01:05:46:e0:5d:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Nov 11 07:01:40 2025 GMT
            Not After : Nov 12 07:01:40 2025 GMT
        Subject: CN=e900439f46c7506531eb4823c59da11b6117c68c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fa:df:9f:b3:00:7c:2b:5f:bb:2e:52:68:da:
                    77:1e:db:11:03:79:ae:20:78:de:a9:d7:dd:3c:20:
                    e2:ea:de:9d:7a:1b:2c:2a:31:b0:c1:c8:ad:07:aa:
                    fa:20:62:10:83:ad:02:26:52:44:4b:7d:fd:9a:5b:
                    5f:ff:51:65:eb:57:49:a9:ae:cd:d6:98:12:33:0d:
                    05:5d:05:a8:8c:60:40:f0:e2:10:be:a5:56:ee:89:
                    10:84:45:fb:70:8f:48:08:34:37:96:12:6e:c9:89:
                    0a:1a:23:cd:65:ee:bd:72:7e:57:9f:cc:32:03:7a:
                    47:0a:73:52:23:87:94:a0:94:39:94:1f:45:3c:22:
                    1b:84:32:eb:14:06:dd:68:40:8c:67:7c:56:ca:8f:
                    d6:a5:b5:0f:46:00:cf:d9:8d:88:40:98:05:d5:bf:
                    e8:74:a4:65:9e:4e:e8:ef:73:1a:a8:19:50:21:89:
                    db:19:fd:e6:8e:69:f5:62:9d:78:14:bf:72:ab:6c:
                    25:72:dc:b2:77:e4:37:29:2b:0b:b0:fb:39:41:8a:
                    1a:71:83:57:bd:e3:65:d9:64:d1:9b:af:cb:82:e6:
                    ae:95:e3:08:08:87:06:93:c6:69:68:4f:2b:ac:40:
                    c4:48:89:ff:49:e3:29:7f:59:60:42:52:89:62:fb:
                    99:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:00:43:9F:46:C7:50:65:31:EB:48:23:C5:9D:A1:1B:61:17:C6:8C
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:91:1f:12:6f:7b:0f:d6:42:e4:18:93:4b:7a:e4:e4:d5:3d:
         2a:4d:b9:a6:3f:75:ef:f7:3d:38:80:63:26:7e:a2:18:17:23:
         f8:9e:95:97:f1:84:39:ee:b0:6b:11:3d:36:e2:c6:77:7f:b1:
         78:f1:b7:8c:16:53:bf:97:a7:ea:bf:2f:7e:90:d9:4b:37:0b:
         35:67:5f:50:cc:c6:3a:4f:2c:c2:1f:b3:99:e6:8a:70:10:fb:
         26:f2:c7:fe:b6:63:78:1b:5a:a7:ec:05:08:8a:c6:f4:92:bb:
         a4:e3:4b:8b:f3:2c:82:28:04:fa:a5:54:dd:b3:3e:44:05:9f:
         5d:36:24:f5:66:d8:61:bf:09:07:1a:d6:82:f4:1d:9a:a5:2e:
         00:bb:a5:10:e2:c2:d9:7b:6c:cb:49:16:3e:58:2c:bf:e8:d9:
         0a:de:88:33:5a:0d:85:60:99:4a:4c:9b:70:ee:4d:36:71:b5:
         11:c6:29:b2:ef:61:39:59:72:fb:73:60:70:ea:61:97:bf:87:
         fe:80:b8:51:e9:e0:a7:ef:13:c7:78:c6:74:b6:04:5f:e3:13:
         98:1d:8d:7a:61:91:92:26:e7:c7:59:36:5b:1f:ae:4e:ac:c2:
         44:3c:25:3e:27:e7:f7:12:50:87:2c:c9:e6:9d:b8:16:e0:d5:
         23:47:fd:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGH/IvwIOP1DAQVG4F1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUxMTExMDcwMTQwWhcNMjUxMTEyMDcwMTQwWjAzMTEwLwYDVQQD
EyhlOTAwNDM5ZjQ2Yzc1MDY1MzFlYjQ4MjNjNTlkYTExYjYxMTdjNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvrfn7MAfCtfuy5SaNp3HtsRA3mu
IHjeqdfdPCDi6t6dehssKjGwwcitB6r6IGIQg60CJlJES339mltf/1Fl61dJqa7N
1pgSMw0FXQWojGBA8OIQvqVW7okQhEX7cI9ICDQ3lhJuyYkKGiPNZe69cn5Xn8wy
A3pHCnNSI4eUoJQ5lB9FPCIbhDLrFAbdaECMZ3xWyo/WpbUPRgDP2Y2IQJgF1b/o
dKRlnk7o73MaqBlQIYnbGf3mjmn1Yp14FL9yq2wlctyyd+Q3KSsLsPs5QYoacYNX
veNl2WTRm6/LguauleMICIcGk8ZpaE8rrEDESIn/SeMpf1lgQlKJYvuZAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkAQ59Gx1BlMetII8WdoRthF8aMMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE5EfEm97
D9ZC5BiTS3rk5NU9Kk25pj917/c9OIBjJn6iGBcj+J6Vl/GEOe6waxE9NuLGd3+x
ePG3jBZTv5en6r8vfpDZSzcLNWdfUMzGOk8swh+zmeaKcBD7JvLH/rZjeBtap+wF
CIrG9JK7pONLi/MsgigE+qVU3bM+RAWfXTYk9WbYYb8JBxrWgvQdmqUuALulEOLC
2Xtsy0kWPlgsv+jZCt6IM1oNhWCZSkybcO5NNnG1EcYpsu9hOVly+3NgcOphl7+H
/oC4Uengp+8Tx3jGdLYEX+MTmB2NemGRkibnx1k2Wx+uTqzCRDwlPifn9xJQhyzJ
5p24FuDVI0f9MQ==
-----END CERTIFICATE-----