Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          wFNBSd2y96I2EbMo1Aaw78QdwVprReoVodzcBTtND2k=
Subject key identifier:   51:C8:14:A1:98:CF:30:28:34:A4:8F:AB:1A:1B:57:61:E9:3E:67:F8
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       01975F821726EC69490AB8DF6120184147AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          3C
Signing time:             Wed 11 Jun 2025 15:00:50 +0000
Manifest this update:     Wed 11 Jun 2025 15:00:50 +0000
Manifest next update:     Thu 12 Jun 2025 15:00:50 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: 3hdUieiuXOcH+3WBxMHlzV97UVxD7iUH/4jyUaZnLjw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:82:17:26:ec:69:49:0a:b8:df:61:20:18:41:47:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Jun 11 15:00:50 2025 GMT
            Not After : Jun 12 15:00:50 2025 GMT
        Subject: CN=51c814a198cf302834a48fab1a1b5761e93e67f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2d:10:83:b6:ff:31:11:af:c4:a2:e5:d0:85:
                    7f:51:54:f6:e4:54:11:e9:b3:2f:84:4d:1c:ed:a7:
                    3f:eb:cd:24:2d:43:57:ad:cd:25:6a:94:cd:a7:42:
                    c5:1a:05:cd:fe:39:b1:70:69:a7:6b:c3:87:8e:5e:
                    cf:a5:66:5b:de:49:74:54:5a:76:ae:56:c9:37:f7:
                    60:36:3b:78:86:bb:1c:8a:b7:4f:1c:25:98:d0:c4:
                    a1:ad:b1:a6:f0:29:09:46:0e:65:c7:9b:4a:6b:66:
                    1b:42:11:e8:93:ef:be:a9:c9:34:e6:3e:45:d9:b4:
                    02:07:ee:2e:26:8f:e5:57:7b:ae:7f:27:97:51:32:
                    2d:9c:fd:05:8c:da:b7:a1:16:69:6d:12:ed:be:e3:
                    05:a8:d1:7e:de:32:47:ee:09:b2:20:62:0a:7d:1d:
                    f0:55:c4:ec:47:43:44:99:17:ce:55:8e:87:ac:8d:
                    8e:7a:ed:c2:85:dd:55:e1:14:9f:cb:69:40:dc:45:
                    b5:d7:8e:f5:f8:fa:07:10:d3:fb:8f:fc:a6:4d:11:
                    9c:7c:19:3c:56:ea:06:ee:e4:80:ac:9d:dd:3a:dd:
                    7b:81:cd:b1:0f:c0:b4:86:76:02:1d:5a:5f:83:ac:
                    e8:02:61:fc:fb:7b:c3:6e:f5:06:06:24:25:6a:cb:
                    73:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:C8:14:A1:98:CF:30:28:34:A4:8F:AB:1A:1B:57:61:E9:3E:67:F8
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:d8:11:06:b3:b2:5d:9b:17:54:03:c0:37:7b:d0:a9:99:13:
         3d:db:dd:ee:b2:b0:e6:c5:46:8d:f6:52:9a:b3:0f:ed:22:26:
         6a:2f:e4:fb:50:14:73:53:ca:a4:fd:09:4c:11:0c:6c:a0:0a:
         3d:0e:6f:b3:7d:4b:60:68:fe:5a:13:c2:8e:58:97:9a:8d:7a:
         49:34:1d:dd:5c:bd:ff:4f:23:b0:70:cd:35:25:65:99:96:04:
         22:c8:7e:47:7c:4b:99:3e:24:80:36:db:94:a7:a1:04:77:18:
         db:5c:4d:b1:11:9c:9e:58:de:87:90:47:53:b6:c7:7f:14:2b:
         ab:02:e9:97:c3:ed:73:18:91:72:09:73:ca:23:6a:4a:76:35:
         fe:f4:24:02:fc:2f:40:8c:79:fd:e5:a5:87:35:47:a2:08:dd:
         de:5e:67:23:de:44:20:ca:10:95:0f:94:3b:79:9d:c1:ad:62:
         3f:1e:9b:1a:e1:c8:31:f2:78:c4:c0:54:9d:c4:a4:a0:c3:77:
         a6:82:3d:2f:0a:8a:22:7d:f3:33:48:e4:5c:88:40:24:ff:c2:
         fa:bd:9f:5d:fd:40:0f:dd:b3:6b:3c:6a:ab:63:42:79:d4:bb:
         f3:80:51:15:5a:ca:03:1d:7b:04:38:ab:20:6f:91:cb:d1:48:
         70:67:73:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfghcm7GlJCrjfYSAYQUesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwNjExMTUwMDUwWhcNMjUwNjEyMTUwMDUwWjAzMTEwLwYDVQQD
Eyg1MWM4MTRhMTk4Y2YzMDI4MzRhNDhmYWIxYTFiNTc2MWU5M2U2N2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC0Qg7b/MRGvxKLl0IV/UVT25FQR
6bMvhE0c7ac/680kLUNXrc0lapTNp0LFGgXN/jmxcGmna8OHjl7PpWZb3kl0VFp2
rlbJN/dgNjt4hrscirdPHCWY0MShrbGm8CkJRg5lx5tKa2YbQhHok+++qck05j5F
2bQCB+4uJo/lV3uufyeXUTItnP0FjNq3oRZpbRLtvuMFqNF+3jJH7gmyIGIKfR3w
VcTsR0NEmRfOVY6HrI2Oeu3Chd1V4RSfy2lA3EW11471+PoHENP7j/ymTRGcfBk8
VuoG7uSArJ3dOt17gc2xD8C0hnYCHVpfg6zoAmH8+3vDbvUGBiQlastzKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHIFKGYzzAoNKSPqxobV2HpPmf4MB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQtgRBrOy
XZsXVAPAN3vQqZkTPdvd7rKw5sVGjfZSmrMP7SImai/k+1AUc1PKpP0JTBEMbKAK
PQ5vs31LYGj+WhPCjliXmo16STQd3Vy9/08jsHDNNSVlmZYEIsh+R3xLmT4kgDbb
lKehBHcY21xNsRGcnljeh5BHU7bHfxQrqwLpl8PtcxiRcglzyiNqSnY1/vQkAvwv
QIx5/eWlhzVHogjd3l5nI95EIMoQlQ+UO3mdwa1iPx6bGuHIMfJ4xMBUncSkoMN3
poI9LwqKIn3zM0jkXIhAJP/C+r2fXf1AD92zazxqq2NCedS784BRFVrKAx17BDir
IG+Ry9FIcGdzBw==
-----END CERTIFICATE-----