Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          LdN2ZAglLPQndmzKT1scoNrjPTLqRR1sDOolm9hxeeg=
Subject key identifier:   76:4A:F1:4F:4E:1F:14:F5:20:96:12:10:D9:EB:97:58:C9:73:D6:9E
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       0197CBE011E57F5AF07ED6A4313B33D90601
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          74
Signing time:             Wed 02 Jul 2025 16:02:28 +0000
Manifest this update:     Wed 02 Jul 2025 16:02:28 +0000
Manifest next update:     Thu 03 Jul 2025 16:02:28 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: DbeHIr7ykeIE/iBtVXZ9z1/CXpLgTG/Ycm1UusGfdg0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 16:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:e0:11:e5:7f:5a:f0:7e:d6:a4:31:3b:33:d9:06:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Jul  2 16:02:28 2025 GMT
            Not After : Jul  3 16:02:28 2025 GMT
        Subject: CN=764af14f4e1f14f520961210d9eb9758c973d69e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:44:a3:4e:34:a7:dc:fe:50:ac:ca:dd:55:f4:
                    b3:f1:46:44:57:e6:b0:00:09:d4:5c:9c:85:60:18:
                    75:df:e5:1d:58:19:c6:a4:b6:f0:51:39:42:af:54:
                    55:5a:85:12:8c:fb:a5:14:10:6d:5f:6a:0f:2f:70:
                    32:cb:2d:a1:62:f7:4c:a2:d2:38:20:10:c3:f8:75:
                    66:74:46:d7:b0:25:24:df:b6:b6:2d:e0:54:aa:8d:
                    82:d6:ad:b8:ec:7b:41:dc:9b:0d:b0:b4:4a:54:c0:
                    92:d6:e1:36:eb:96:2e:37:6d:a2:08:da:ea:69:2c:
                    b6:a0:a0:4f:16:d9:b5:35:bc:b2:27:58:9f:f5:78:
                    42:f9:f8:2d:56:f4:f2:a9:fc:27:82:d5:d7:61:93:
                    56:d8:14:7b:0a:47:78:bd:f0:5e:1e:7d:09:ce:b9:
                    60:45:fb:b0:8e:65:d6:63:cd:0a:4f:a1:10:da:ad:
                    d5:31:b7:d3:df:80:a7:65:11:0e:40:5b:a1:56:18:
                    08:f2:8e:bd:49:54:8f:c0:df:60:56:f9:ba:1c:5f:
                    24:07:40:37:21:2f:fe:8c:50:21:a3:49:24:80:ca:
                    d7:39:c3:b6:37:74:ad:0c:38:f8:08:79:08:59:62:
                    9a:f0:45:03:83:33:1f:c4:10:2c:0f:2b:4f:3c:f5:
                    73:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:4A:F1:4F:4E:1F:14:F5:20:96:12:10:D9:EB:97:58:C9:73:D6:9E
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:fb:57:23:97:24:36:63:99:bf:a1:16:21:58:22:07:75:7b:
         f7:49:da:b3:39:1e:98:56:1e:52:8d:29:f6:f4:e5:1b:0d:ea:
         fd:0c:1c:52:7f:bb:19:48:c8:99:ef:c2:e5:ff:b8:15:c7:c4:
         10:fa:18:fa:cc:5a:15:f0:59:17:b0:41:07:0b:e9:10:d6:99:
         1b:63:9c:7d:9e:ce:68:a7:48:cf:60:17:22:8a:5d:83:5d:40:
         3c:d1:6d:6e:3b:06:21:75:e0:c2:23:86:44:05:ec:ea:fb:b6:
         bf:e7:d5:cd:98:a3:65:21:ca:9f:70:fd:40:ef:40:04:1f:b9:
         ea:df:6f:d3:3d:9f:ee:24:62:af:c0:40:4e:de:33:c9:25:4a:
         98:82:54:82:bf:83:8e:47:a7:9a:59:8a:28:81:67:b9:94:de:
         d4:62:cd:75:3f:6d:26:8e:7d:be:91:be:6b:cc:27:ef:54:9a:
         24:5f:94:01:ae:fd:71:7e:6e:2d:c5:56:7c:31:f0:77:2d:98:
         21:7a:fe:fe:c2:2d:ef:3a:9b:d3:1f:87:76:c9:5d:e2:50:2a:
         a5:39:5f:9a:11:81:05:04:eb:40:2f:2a:12:22:84:41:1c:74:
         b9:91:6f:e0:43:9c:72:89:50:5d:70:32:3a:a4:6e:52:93:05:
         92:3d:71:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL4BHlf1rwftakMTsz2QYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwNzAyMTYwMjI4WhcNMjUwNzAzMTYwMjI4WjAzMTEwLwYDVQQD
Eyg3NjRhZjE0ZjRlMWYxNGY1MjA5NjEyMTBkOWViOTc1OGM5NzNkNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkSjTjSn3P5QrMrdVfSz8UZEV+aw
AAnUXJyFYBh13+UdWBnGpLbwUTlCr1RVWoUSjPulFBBtX2oPL3Ayyy2hYvdMotI4
IBDD+HVmdEbXsCUk37a2LeBUqo2C1q247HtB3JsNsLRKVMCS1uE265YuN22iCNrq
aSy2oKBPFtm1NbyyJ1if9XhC+fgtVvTyqfwngtXXYZNW2BR7Ckd4vfBeHn0Jzrlg
RfuwjmXWY80KT6EQ2q3VMbfT34CnZREOQFuhVhgI8o69SVSPwN9gVvm6HF8kB0A3
IS/+jFAho0kkgMrXOcO2N3StDDj4CHkIWWKa8EUDgzMfxBAsDytPPPVzXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZK8U9OHxT1IJYSENnrl1jJc9aeMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/tXI5ck
NmOZv6EWIVgiB3V790naszkemFYeUo0p9vTlGw3q/QwcUn+7GUjIme/C5f+4FcfE
EPoY+sxaFfBZF7BBBwvpENaZG2OcfZ7OaKdIz2AXIopdg11APNFtbjsGIXXgwiOG
RAXs6vu2v+fVzZijZSHKn3D9QO9ABB+56t9v0z2f7iRir8BATt4zySVKmIJUgr+D
jkenmlmKKIFnuZTe1GLNdT9tJo59vpG+a8wn71SaJF+UAa79cX5uLcVWfDHwdy2Y
IXr+/sIt7zqb0x+Hdsld4lAqpTlfmhGBBQTrQC8qEiKEQRx0uZFv4EOccolQXXAy
OqRuUpMFkj1xlg==
-----END CERTIFICATE-----