Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
File:                     nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json)
Hash identifier:          uQfmYU6GMxV6+10zVVf22yx+yuRsSmH3BFZ6OMLqHno=
Subject key identifier:   FA:F7:A0:6F:22:74:28:D5:C8:28:D1:69:21:13:69:05:0E:6C:28:46
Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B
Certificate issuer:       /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
Certificate serial:       0198D4733A009F3BAE481622CC763D66CBC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
Manifest number:          FD
Signing time:             Sat 23 Aug 2025 01:02:57 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:57 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:57 +0000
Files and hashes:         1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: bVluW2XD2shQ0PgKkDYtPHgl1eJ2QwkNI3GZY4CJ6Qg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:3a:00:9f:3b:ae:48:16:22:cc:76:3d:66:cb:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b
        Validity
            Not Before: Aug 23 01:02:57 2025 GMT
            Not After : Aug 24 01:02:57 2025 GMT
        Subject: CN=faf7a06f227428d5c828d169211369050e6c2846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:21:c1:93:a3:84:da:79:0e:5a:e4:51:63:57:
                    4c:25:13:47:dd:3d:2b:62:4d:57:65:08:8a:b3:c0:
                    f3:c4:e0:43:21:c7:5c:66:b1:0b:88:50:50:2b:5c:
                    0f:c2:c6:a2:7f:ac:20:f0:87:e9:93:d5:0a:f8:eb:
                    55:5c:13:6b:1a:85:71:4d:1d:a0:56:26:f9:57:4f:
                    01:4a:65:50:fc:9b:b4:dc:51:6c:e9:73:46:9a:4c:
                    79:0b:63:29:e8:6c:22:2f:ac:3f:6e:e4:2e:86:b2:
                    d1:c5:fc:26:21:53:48:9a:37:a3:26:eb:65:17:2c:
                    2e:c1:fa:4f:5c:bd:e7:cc:3d:e4:70:22:8c:ab:77:
                    8d:e8:c2:3d:23:ea:d7:6a:b8:cc:74:e9:f6:58:ab:
                    90:1f:6d:c6:d8:75:7a:b5:ab:69:3c:60:0d:1b:8e:
                    a7:8d:0f:32:25:1a:33:81:c3:4e:86:74:66:cf:07:
                    0b:0c:df:df:b4:78:65:87:b0:ea:6e:56:6c:5a:df:
                    db:d4:c8:82:3b:06:11:fe:4a:df:22:e0:d3:34:2d:
                    19:0a:d2:00:6e:9d:f7:ed:96:a6:52:2e:8c:09:0f:
                    cf:9e:1d:f3:03:1e:79:fb:e7:30:d2:84:39:6b:ff:
                    a8:6f:3a:8a:9e:21:64:00:14:e9:44:74:18:e3:c1:
                    eb:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:F7:A0:6F:22:74:28:D5:C8:28:D1:69:21:13:69:05:0E:6C:28:46
            X509v3 Authority Key Identifier:
                keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:23:a7:66:5e:19:ff:11:67:7d:91:47:3d:b7:b6:6b:7c:fd:
         8a:35:43:64:da:db:22:67:18:98:cf:40:6d:fb:42:90:46:78:
         ee:31:f7:38:5a:ce:08:30:ad:81:12:c2:01:94:c2:8f:31:ad:
         37:04:00:0a:6b:03:b4:a9:43:c0:71:4b:2e:2f:ec:3c:43:2f:
         fb:3c:e3:e3:f9:25:22:4b:ce:8f:8b:b2:03:e0:91:25:6b:fa:
         ea:cf:9c:ae:5a:9e:37:20:65:1e:41:10:de:47:84:3b:f4:80:
         33:8b:4d:b2:d4:70:d0:fe:f2:05:eb:90:79:e6:cd:f6:d2:ce:
         70:24:d0:78:34:f8:c7:5f:d7:57:ab:c8:18:96:f0:bd:c5:71:
         3d:30:93:de:e2:e5:29:19:8f:73:a7:be:1a:6f:f4:d5:9d:f2:
         05:f3:e8:20:a1:6b:c5:5d:3f:f2:52:95:81:d3:f9:b7:0f:1d:
         5e:6f:66:54:80:d3:1b:70:a1:cb:8e:c0:cf:53:c1:71:02:08:
         dd:bc:06:cb:32:23:f4:45:0b:1f:b4:fb:39:d9:f0:67:b9:8b:
         27:07:c0:3f:49:ee:ba:da:eb:5b:24:da:44:64:5b:fb:39:a0:
         12:4f:2d:92:ed:2a:f9:12:f0:f4:64:7c:17:58:be:ef:30:c4:
         6d:9f:9a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUczoAnzuuSBYizHY9ZsvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj
ZjZhMmIwHhcNMjUwODIzMDEwMjU3WhcNMjUwODI0MDEwMjU3WjAzMTEwLwYDVQQD
EyhmYWY3YTA2ZjIyNzQyOGQ1YzgyOGQxNjkyMTEzNjkwNTBlNmMyODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CHBk6OE2nkOWuRRY1dMJRNH3T0r
Yk1XZQiKs8DzxOBDIcdcZrELiFBQK1wPwsaif6wg8Ifpk9UK+OtVXBNrGoVxTR2g
Vib5V08BSmVQ/Ju03FFs6XNGmkx5C2Mp6GwiL6w/buQuhrLRxfwmIVNImjejJutl
FywuwfpPXL3nzD3kcCKMq3eN6MI9I+rXarjMdOn2WKuQH23G2HV6tatpPGANG46n
jQ8yJRozgcNOhnRmzwcLDN/ftHhlh7DqblZsWt/b1MiCOwYR/krfIuDTNC0ZCtIA
bp337ZamUi6MCQ/Pnh3zAx55++cw0oQ5a/+obzqKniFkABTpRHQY48HrEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPr3oG8idCjVyCjRaSETaQUObChGMB8GA1UdIwQY
MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt
NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy
LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHSOnZl4Z
/xFnfZFHPbe2a3z9ijVDZNrbImcYmM9AbftCkEZ47jH3OFrOCDCtgRLCAZTCjzGt
NwQACmsDtKlDwHFLLi/sPEMv+zzj4/klIkvOj4uyA+CRJWv66s+crlqeNyBlHkEQ
3keEO/SAM4tNstRw0P7yBeuQeebN9tLOcCTQeDT4x1/XV6vIGJbwvcVxPTCT3uLl
KRmPc6e+Gm/01Z3yBfPoIKFrxV0/8lKVgdP5tw8dXm9mVIDTG3Chy47Az1PBcQII
3bwGyzIj9EULH7T7OdnwZ7mLJwfAP0nuutrrWyTaRGRb+zmgEk8tku0q+RLw9GR8
F1i+7zDEbZ+aIw==
-----END CERTIFICATE-----