Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          nkhx94XeQhAwNivFIERva1o5L+vPCC8eSpeilb+Sp7s=
Subject key identifier:   53:AF:FD:DF:E9:30:56:72:EC:99:A1:18:EF:56:F5:04:26:A0:07:97
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       01976B18815382F28427F8CADB7B16B64A9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          42
Signing time:             Fri 13 Jun 2025 21:00:57 +0000
Manifest this update:     Fri 13 Jun 2025 21:00:57 +0000
Manifest next update:     Sat 14 Jun 2025 21:00:57 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: 3swEH8Po6kOr+3JV/K3L5f16YUU33nTC14Geol3zTpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:18:81:53:82:f2:84:27:f8:ca:db:7b:16:b6:4a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Jun 13 21:00:57 2025 GMT
            Not After : Jun 14 21:00:57 2025 GMT
        Subject: CN=53affddfe9305672ec99a118ef56f50426a00797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:1b:65:b7:17:62:8d:3c:0d:80:b4:50:6c:df:
                    96:36:34:b1:44:96:8a:9a:65:1b:1a:7b:68:9c:f2:
                    16:65:a3:ba:9f:db:c3:e1:84:36:a2:6f:81:04:6d:
                    14:6b:73:5b:7b:29:99:f8:4d:61:13:96:6e:b3:a8:
                    b5:c0:ce:12:e7:64:c2:cb:6a:20:fe:b9:82:1b:34:
                    9b:92:4e:8b:70:3f:2f:46:d4:f8:29:ea:1c:c6:0e:
                    eb:83:be:66:8e:83:2c:42:60:5e:74:ca:38:f2:e2:
                    35:7f:66:28:cc:b1:cf:b3:3a:ac:45:3c:cb:4b:4a:
                    f8:3f:d5:fa:c9:1a:4a:b4:a8:e0:e9:28:84:4d:63:
                    53:aa:2b:21:c1:16:55:c8:79:e6:6a:eb:18:74:99:
                    52:78:ec:be:f6:e5:68:7f:42:f9:bd:f1:47:48:0e:
                    6c:12:aa:b7:ed:4d:8e:eb:ce:cc:04:bc:e7:26:f4:
                    e8:75:ed:c9:8c:f7:2a:cf:0c:7d:fe:28:68:47:d6:
                    c2:62:9e:38:99:a1:7c:7b:50:d5:19:ed:09:8a:98:
                    02:f7:08:e5:ca:bf:63:0b:c2:b1:c7:43:01:a6:3b:
                    9b:6d:15:64:ca:a2:d9:3d:1c:08:73:ed:a3:7c:4f:
                    f8:87:10:3b:41:fc:24:28:68:bf:96:9a:ea:19:cd:
                    31:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:AF:FD:DF:E9:30:56:72:EC:99:A1:18:EF:56:F5:04:26:A0:07:97
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:60:65:8c:f6:34:b2:fc:a5:8f:5e:42:95:13:c4:45:34:f6:
         88:d1:e8:a1:c8:eb:2d:bb:0a:55:be:a8:25:9c:77:ce:3f:dd:
         85:15:c1:24:6a:90:5f:27:4b:ad:f9:4f:cc:cd:83:0b:ef:44:
         7d:0b:8a:51:9e:3e:86:2b:c2:7a:ef:22:26:c3:1e:41:35:e2:
         13:f6:05:d6:6d:98:a5:9f:27:c5:83:32:b8:98:73:9f:f1:2e:
         cc:05:99:fc:cf:c4:bc:d7:ac:f3:27:b6:12:6b:16:98:2a:06:
         f4:23:bf:0e:1d:ea:2e:c9:c6:0b:6a:b0:4b:5b:0d:8f:08:39:
         ca:bc:fa:79:b6:37:3d:79:c0:89:3c:13:91:77:ae:b9:54:4d:
         3a:ca:ac:ee:ca:94:91:a4:dc:af:42:03:6b:f4:cf:1c:a2:1a:
         e1:92:fd:de:28:35:f4:74:d3:97:b5:e0:7f:cf:08:ce:39:20:
         e5:72:40:c5:62:82:3f:8b:a3:19:dd:44:0e:69:f1:af:74:32:
         b1:4c:96:5d:06:60:ae:59:71:0c:c6:a6:9d:36:cd:52:1e:dc:
         c7:ee:09:16:94:fb:b4:7d:d6:53:9b:56:3b:1a:47:f3:90:95:
         80:7b:a8:08:c1:ff:d9:b8:ab:ea:69:de:0b:5c:d8:b3:aa:cd:
         92:95:ad:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrGIFTgvKEJ/jK23sWtkqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwNjEzMjEwMDU3WhcNMjUwNjE0MjEwMDU3WjAzMTEwLwYDVQQD
Eyg1M2FmZmRkZmU5MzA1NjcyZWM5OWExMThlZjU2ZjUwNDI2YTAwNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRtltxdijTwNgLRQbN+WNjSxRJaK
mmUbGntonPIWZaO6n9vD4YQ2om+BBG0Ua3NbeymZ+E1hE5Zus6i1wM4S52TCy2og
/rmCGzSbkk6LcD8vRtT4Keocxg7rg75mjoMsQmBedMo48uI1f2YozLHPszqsRTzL
S0r4P9X6yRpKtKjg6SiETWNTqishwRZVyHnmausYdJlSeOy+9uVof0L5vfFHSA5s
Eqq37U2O687MBLznJvTode3JjPcqzwx9/ihoR9bCYp44maF8e1DVGe0JipgC9wjl
yr9jC8Kxx0MBpjubbRVkyqLZPRwIc+2jfE/4hxA7QfwkKGi/lprqGc0xTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOv/d/pMFZy7JmhGO9W9QQmoAeXMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU2BljPY0
svylj15ClRPERTT2iNHoocjrLbsKVb6oJZx3zj/dhRXBJGqQXydLrflPzM2DC+9E
fQuKUZ4+hivCeu8iJsMeQTXiE/YF1m2YpZ8nxYMyuJhzn/EuzAWZ/M/EvNes8ye2
EmsWmCoG9CO/Dh3qLsnGC2qwS1sNjwg5yrz6ebY3PXnAiTwTkXeuuVRNOsqs7sqU
kaTcr0IDa/TPHKIa4ZL93ig19HTTl7Xgf88Izjkg5XJAxWKCP4ujGd1EDmnxr3Qy
sUyWXQZgrllxDMamnTbNUh7cx+4JFpT7tH3WU5tWOxpH85CVgHuoCMH/2bir6mne
C1zYs6rNkpWtaA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 23:57:06 2025 by rpki-client