Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          +SZlb4YQfae1IzWtGRL/5zU10h7F0NheYyVWQo94xeQ=
Subject key identifier:   C5:EB:85:F4:DF:34:86:8B:A3:2B:9B:42:AC:8F:A0:3F:02:A3:55:33
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       0199FBEB7787FBE7B2D263235B377A2CF835
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          0196
Signing time:             Sun 19 Oct 2025 10:02:16 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:16 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:16 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: FZF1XkJaxZJcUZ1NfD0Lq5yzLch57artrunndFXgP1g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:77:87:fb:e7:b2:d2:63:23:5b:37:7a:2c:f8:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Oct 19 10:02:16 2025 GMT
            Not After : Oct 20 10:02:16 2025 GMT
        Subject: CN=c5eb85f4df34868ba32b9b42ac8fa03f02a35533
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d4:e8:5f:c5:5a:46:3b:c1:96:64:c7:1f:67:
                    16:9c:5a:12:66:21:ec:36:85:87:ef:f1:7f:d8:02:
                    13:ef:85:2b:72:f0:65:13:a6:ee:a7:ea:6b:ee:f4:
                    98:e4:d1:c7:ab:3f:7b:c7:45:7e:0a:4b:c4:1d:bc:
                    1b:b0:26:82:53:cf:88:f0:0a:8f:61:98:2d:a5:b9:
                    28:b7:a8:ab:29:af:5d:b1:f6:6e:da:19:eb:3a:98:
                    a9:94:08:08:03:8a:e5:fc:cc:c5:53:eb:1d:bf:23:
                    a1:9c:87:0c:33:44:3a:3a:5b:25:6a:72:cb:10:b4:
                    50:4c:9e:fb:a3:37:84:f8:90:6d:97:0b:4b:90:c5:
                    33:ab:d1:99:e7:62:be:2b:48:63:08:f8:fa:ee:6a:
                    98:b1:20:e9:71:7c:18:ca:d8:5a:c0:13:e7:68:dd:
                    f9:f8:b3:78:91:a2:97:cd:c7:f4:e1:60:22:19:d5:
                    df:4e:b9:9c:a2:93:d3:f3:73:36:96:b5:56:56:fd:
                    70:a9:61:5f:15:e2:e6:6a:e5:b5:b4:26:10:c4:47:
                    b2:8b:44:34:02:c6:9e:1d:97:0d:f4:75:d5:bb:c4:
                    7e:30:cb:0e:a8:42:c0:74:91:9e:44:22:98:42:36:
                    da:de:44:35:cb:23:7e:e3:a1:e4:39:e4:7d:32:77:
                    51:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:EB:85:F4:DF:34:86:8B:A3:2B:9B:42:AC:8F:A0:3F:02:A3:55:33
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:f2:76:39:fe:7f:a1:cf:e4:28:ee:9c:1d:bd:17:c0:80:9e:
         7a:1a:96:9f:1d:a3:26:58:f1:b2:56:ee:72:a7:6e:ee:2f:a5:
         43:22:36:a7:3a:15:54:43:a9:1d:21:9e:04:b1:7c:cf:18:5b:
         fe:44:fa:7a:4f:ac:c3:1f:b9:63:09:bc:25:99:52:6e:b4:27:
         aa:8d:20:6b:ca:0f:62:d8:34:f9:5f:ed:22:02:a1:9a:ff:fb:
         95:67:22:e4:38:56:dc:66:77:b2:8f:1d:0b:b0:49:e0:bf:8a:
         d3:2f:05:cb:13:ac:3a:b0:3f:65:3f:fc:64:7d:c2:8f:5b:c9:
         ee:9f:dc:42:59:7f:1f:c4:db:e1:72:9a:25:3f:d0:9b:dc:db:
         30:b4:b4:6a:85:a6:69:c3:4e:c3:e2:33:b6:17:64:86:94:71:
         26:03:94:21:85:18:31:05:e8:03:82:6c:8f:28:bf:49:40:b5:
         e4:ad:ae:82:7b:39:96:d6:6f:1d:10:5a:1c:26:f0:fc:d4:da:
         d1:50:85:b7:16:d2:e9:98:b6:17:be:78:c9:ac:c4:7f:ec:f2:
         51:d5:1b:e0:36:63:1d:6d:da:50:c1:c2:9f:fd:7b:64:6c:0d:
         50:b0:f8:9e:d5:05:05:79:08:79:20:ed:66:33:ff:05:35:67:
         c1:08:98:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763eH++ey0mMjWzd6LPg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUxMDE5MTAwMjE2WhcNMjUxMDIwMTAwMjE2WjAzMTEwLwYDVQQD
EyhjNWViODVmNGRmMzQ4NjhiYTMyYjliNDJhYzhmYTAzZjAyYTM1NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdToX8VaRjvBlmTHH2cWnFoSZiHs
NoWH7/F/2AIT74UrcvBlE6bup+pr7vSY5NHHqz97x0V+CkvEHbwbsCaCU8+I8AqP
YZgtpbkot6irKa9dsfZu2hnrOpiplAgIA4rl/MzFU+sdvyOhnIcMM0Q6OlslanLL
ELRQTJ77ozeE+JBtlwtLkMUzq9GZ52K+K0hjCPj67mqYsSDpcXwYythawBPnaN35
+LN4kaKXzcf04WAiGdXfTrmcopPT83M2lrVWVv1wqWFfFeLmauW1tCYQxEeyi0Q0
AsaeHZcN9HXVu8R+MMsOqELAdJGeRCKYQjba3kQ1yyN+46HkOeR9MndRcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXrhfTfNIaLoyubQqyPoD8Co1UzMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArfJ2Of5/
oc/kKO6cHb0XwICeehqWnx2jJljxslbucqdu7i+lQyI2pzoVVEOpHSGeBLF8zxhb
/kT6ek+swx+5Ywm8JZlSbrQnqo0ga8oPYtg0+V/tIgKhmv/7lWci5DhW3GZ3so8d
C7BJ4L+K0y8FyxOsOrA/ZT/8ZH3Cj1vJ7p/cQll/H8Tb4XKaJT/Qm9zbMLS0aoWm
acNOw+IzthdkhpRxJgOUIYUYMQXoA4Jsjyi/SUC15K2ugns5ltZvHRBaHCbw/NTa
0VCFtxbS6Zi2F754yazEf+zyUdUb4DZjHW3aUMHCn/17ZGwNULD4ntUFBXkIeSDt
ZjP/BTVnwQiYVw==
-----END CERTIFICATE-----