Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          ZAJz4nTXcS46MDxLj6bByWFqI0txPBbuNvKahf2yyng=
Subject key identifier:   6D:60:D7:A4:B9:29:44:9D:AC:A2:E8:DC:3E:28:13:0A:F2:AD:AB:DF
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       019D28F2488B511EC76A43BF1748F01C22A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          033B
Signing time:             Thu 26 Mar 2026 07:01:00 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:00 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:00 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: ExdDVeeqiIxS2YGGGt+Iw6dL3iXvSLmheKEUEqYluZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:48:8b:51:1e:c7:6a:43:bf:17:48:f0:1c:22:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Mar 26 07:01:00 2026 GMT
            Not After : Mar 27 07:01:00 2026 GMT
        Subject: CN=6d60d7a4b929449daca2e8dc3e28130af2adabdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ab:ee:1c:27:63:28:eb:0c:b1:84:ac:ab:5f:
                    a4:d8:e6:c4:88:51:27:9c:8b:96:0a:8e:bf:b3:82:
                    10:8e:3a:2c:19:1d:17:54:ec:42:40:49:a2:a9:3f:
                    b3:07:57:da:47:b2:a1:c7:5f:6b:33:48:12:96:03:
                    fb:ac:47:3d:14:ba:b3:4a:55:02:5e:5b:dd:09:a0:
                    ef:05:34:af:12:bb:39:87:81:4b:cf:73:52:fe:d6:
                    32:2e:30:d5:ae:35:c3:44:d4:4c:fa:e8:55:db:71:
                    e9:78:71:7b:26:3d:d0:9e:ee:8b:fd:56:82:30:12:
                    01:5f:e7:d8:1a:00:fd:df:29:45:0d:7f:2b:0c:36:
                    b2:1b:22:1b:95:5e:70:0a:18:ec:d2:aa:e0:d5:96:
                    8e:9d:56:27:ad:e3:0d:58:5d:4d:c1:39:b3:94:ee:
                    53:20:e8:e0:20:90:f5:55:25:8a:15:f1:95:82:b6:
                    81:15:ff:a5:4d:b1:3f:86:bd:4b:fc:9f:dc:83:48:
                    ef:5b:0e:fd:1c:76:a6:3b:5b:e9:a7:0f:42:89:ad:
                    72:75:59:ea:78:bf:1a:1b:78:8e:39:78:48:bd:63:
                    39:a5:8f:e3:a4:a4:17:83:9c:51:0f:d9:33:ef:42:
                    eb:bd:fb:94:ff:ba:25:57:60:7e:f4:05:49:e2:e8:
                    7a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:60:D7:A4:B9:29:44:9D:AC:A2:E8:DC:3E:28:13:0A:F2:AD:AB:DF
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:a4:06:1b:49:37:bb:5d:9a:ba:09:c4:5b:88:3a:b5:7e:92:
         0f:49:5a:3d:d1:23:e0:95:39:26:7d:93:3e:f1:af:55:8f:f9:
         80:ed:e6:70:de:b1:dd:75:a2:84:29:7e:4d:95:c5:4b:92:c5:
         a1:45:d5:1b:0c:41:bf:47:a0:ee:6c:f4:8a:66:a9:ba:ca:04:
         1a:90:ff:c4:ec:d3:a9:07:c5:86:56:79:4f:52:10:c1:b6:9d:
         36:c4:e0:6f:38:cf:4b:a0:5d:41:5e:b3:04:a8:70:f0:6c:b1:
         ba:90:da:b4:0d:b3:71:b0:6c:11:40:54:16:2d:ff:46:fa:94:
         41:85:53:7f:88:9c:d8:fb:2c:d9:ef:d7:42:48:fc:47:e5:66:
         12:41:a2:8d:8b:be:e5:57:09:36:09:c8:cd:9f:cc:75:60:91:
         52:99:e2:8d:b5:8d:d7:bb:5c:18:fb:3b:94:48:44:bd:1a:2d:
         e8:54:64:22:18:36:ca:32:a2:fc:15:20:e0:65:d0:b6:de:d4:
         d6:1e:4a:4f:a3:7a:d1:3e:13:a7:67:fe:63:be:84:ef:cf:f0:
         8f:e9:f8:3b:ae:5f:4b:f9:98:e3:26:ce:de:dd:d8:69:38:11:
         84:98:5b:de:e1:a3:67:b1:7a:ea:2b:43:a4:65:b9:25:32:e8:
         0c:d8:10:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8kiLUR7HakO/F0jwHCKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjYwMzI2MDcwMTAwWhcNMjYwMzI3MDcwMTAwWjAzMTEwLwYDVQQD
Eyg2ZDYwZDdhNGI5Mjk0NDlkYWNhMmU4ZGMzZTI4MTMwYWYyYWRhYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKvuHCdjKOsMsYSsq1+k2ObEiFEn
nIuWCo6/s4IQjjosGR0XVOxCQEmiqT+zB1faR7Khx19rM0gSlgP7rEc9FLqzSlUC
XlvdCaDvBTSvErs5h4FLz3NS/tYyLjDVrjXDRNRM+uhV23HpeHF7Jj3Qnu6L/VaC
MBIBX+fYGgD93ylFDX8rDDayGyIblV5wChjs0qrg1ZaOnVYnreMNWF1NwTmzlO5T
IOjgIJD1VSWKFfGVgraBFf+lTbE/hr1L/J/cg0jvWw79HHamO1vppw9Cia1ydVnq
eL8aG3iOOXhIvWM5pY/jpKQXg5xRD9kz70LrvfuU/7olV2B+9AVJ4uh6FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1g16S5KUSdrKLo3D4oEwryravfMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXaQGG0k3
u12augnEW4g6tX6SD0laPdEj4JU5Jn2TPvGvVY/5gO3mcN6x3XWihCl+TZXFS5LF
oUXVGwxBv0eg7mz0imapusoEGpD/xOzTqQfFhlZ5T1IQwbadNsTgbzjPS6BdQV6z
BKhw8GyxupDatA2zcbBsEUBUFi3/RvqUQYVTf4ic2Pss2e/XQkj8R+VmEkGijYu+
5VcJNgnIzZ/MdWCRUpnijbWN17tcGPs7lEhEvRot6FRkIhg2yjKi/BUg4GXQtt7U
1h5KT6N60T4Tp2f+Y76E78/wj+n4O65fS/mY4ybO3t3YaTgRhJhb3uGjZ7F66itD
pGW5JTLoDNgQDA==
-----END CERTIFICATE-----