Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft
File:                     ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft (raw, json)
Hash identifier:          Jb5EQ6nFJibv1MQIu2paczX6eRXWUSshogQzROLQHt4=
Subject key identifier:   B3:2F:C5:38:7B:3A:7A:5E:C9:64:E5:2F:02:77:A8:67:BC:64:F5:3A
Authority key identifier: B5:AD:09:67:CA:00:02:DD:9C:E4:5B:C4:3B:B7:01:B4:17:3D:79:BD
Certificate issuer:       /CN=b5ad0967ca0002dd9ce45bc43bb701b4173d79bd
Certificate serial:       0198752B7D8A2CF97702A7FEED0C1170A46D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft
Manifest number:          0C3C
Signing time:             Mon 04 Aug 2025 13:00:41 +0000
Manifest this update:     Mon 04 Aug 2025 13:00:41 +0000
Manifest next update:     Tue 05 Aug 2025 13:00:41 +0000
Files and hashes:         1: ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl (hash: eyJCJS9XVRm0YXQ8q8qHmyrtz9BAED1bOlupQUCYj6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2b:7d:8a:2c:f9:77:02:a7:fe:ed:0c:11:70:a4:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5ad0967ca0002dd9ce45bc43bb701b4173d79bd
        Validity
            Not Before: Aug  4 13:00:41 2025 GMT
            Not After : Aug  5 13:00:41 2025 GMT
        Subject: CN=b32fc5387b3a7a5ec964e52f0277a867bc64f53a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:b1:df:69:5f:94:cc:b8:a2:91:85:78:a8:b8:
                    0e:15:1d:f2:ec:3c:7b:28:3f:18:23:83:68:49:b9:
                    a5:1f:0c:9a:ea:6d:21:37:b1:a4:a2:e5:09:7f:a9:
                    82:e5:55:8e:75:fa:bd:8d:6b:5c:85:2e:12:6c:fc:
                    8b:3e:28:f5:aa:87:f6:51:49:45:eb:f4:3d:d0:19:
                    a7:67:5f:b8:d5:b5:21:9d:02:04:41:2a:1b:24:99:
                    63:2b:b9:f0:d1:26:81:6a:90:a9:10:82:11:8e:7b:
                    2b:d9:69:ef:d3:8e:f8:be:e5:71:fa:a9:fd:3e:44:
                    56:70:b6:9b:00:b5:ab:eb:df:d2:00:3d:9d:a2:b4:
                    f1:47:ba:12:9d:7d:a4:75:44:1c:c9:18:79:f8:d0:
                    80:03:de:f7:88:2d:bb:ec:94:83:87:e3:b4:fc:19:
                    12:91:ee:f9:fe:32:03:14:b6:d7:ac:5f:fb:c7:35:
                    1c:36:eb:b0:b6:fd:15:d4:cd:cb:b7:89:03:7d:cb:
                    78:e3:e0:77:3e:1a:f1:07:ab:82:83:9d:6b:f6:1e:
                    6c:35:65:6f:b4:64:e0:19:41:c3:f5:c3:19:e5:bd:
                    75:ab:6e:bd:10:89:b3:97:04:de:04:55:50:aa:77:
                    93:b9:01:4c:e5:96:fa:c1:a0:3e:84:34:8a:b5:99:
                    28:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:2F:C5:38:7B:3A:7A:5E:C9:64:E5:2F:02:77:A8:67:BC:64:F5:3A
            X509v3 Authority Key Identifier:
                keyid:B5:AD:09:67:CA:00:02:DD:9C:E4:5B:C4:3B:B7:01:B4:17:3D:79:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:eb:d2:0b:09:46:38:94:df:e0:56:86:7f:33:08:a3:5f:b1:
         df:95:6e:ac:c6:f2:0c:83:3f:2b:a2:93:59:95:ec:6d:4d:a5:
         d2:06:55:7b:f7:50:aa:d8:fa:41:9b:d1:c2:52:08:a4:47:e2:
         13:26:5d:9e:b7:5c:97:97:22:1d:51:cd:fa:33:16:f2:e9:99:
         07:c6:06:2a:05:ce:52:af:dc:dd:5f:6b:91:9f:8f:51:f9:5d:
         86:56:3d:58:f5:61:d6:96:71:1b:1f:53:67:44:1e:64:e9:44:
         85:99:bd:08:d7:a7:df:79:46:4e:32:c8:19:6c:18:04:97:68:
         c0:6b:b1:58:34:37:48:26:52:f7:a0:fc:d5:67:6d:4f:11:cc:
         40:5e:de:a8:ed:dd:89:e9:4b:6a:ec:59:fd:c4:bd:96:00:01:
         a8:79:94:62:30:04:24:9a:11:ad:09:14:94:7c:11:63:99:4f:
         20:44:5a:63:90:ec:0a:48:6b:12:c1:43:cd:2f:2b:6e:6f:18:
         0f:ce:12:2b:33:66:3b:59:85:71:90:af:bd:29:5f:1c:05:8c:
         32:de:d5:20:95:73:fe:a3:74:c3:24:f3:86:18:6d:6a:5d:71:
         43:ae:3a:f7:2f:f7:ca:26:c8:88:75:11:18:7f:c8:b6:70:4a:
         a5:f2:01:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1K32KLPl3Aqf+7QwRcKRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWQwOTY3Y2EwMDAyZGQ5Y2U0NWJjNDNiYjcwMWI0MTcz
ZDc5YmQwHhcNMjUwODA0MTMwMDQxWhcNMjUwODA1MTMwMDQxWjAzMTEwLwYDVQQD
EyhiMzJmYzUzODdiM2E3YTVlYzk2NGU1MmYwMjc3YTg2N2JjNjRmNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9LHfaV+UzLiikYV4qLgOFR3y7Dx7
KD8YI4NoSbmlHwya6m0hN7GkouUJf6mC5VWOdfq9jWtchS4SbPyLPij1qof2UUlF
6/Q90BmnZ1+41bUhnQIEQSobJJljK7nw0SaBapCpEIIRjnsr2Wnv0474vuVx+qn9
PkRWcLabALWr69/SAD2dorTxR7oSnX2kdUQcyRh5+NCAA973iC277JSDh+O0/BkS
ke75/jIDFLbXrF/7xzUcNuuwtv0V1M3Lt4kDfct44+B3PhrxB6uCg51r9h5sNWVv
tGTgGUHD9cMZ5b11q269EImzlwTeBFVQqneTuQFM5Zb6waA+hDSKtZkorwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMvxTh7OnpeyWTlLwJ3qGe8ZPU6MB8GA1UdIwQY
MBaAFLWtCWfKAALdnORbxDu3AbQXPXm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDgxOWQtZTIzMS00MDYwLTlmMTIt
N2MzNmVmNjEzYThmLzEvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zNDgxOWQtZTIzMS00MDYwLTlmMTItN2MzNmVmNjEzYThm
LzEvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAruvSCwlG
OJTf4FaGfzMIo1+x35VurMbyDIM/K6KTWZXsbU2l0gZVe/dQqtj6QZvRwlIIpEfi
EyZdnrdcl5ciHVHN+jMW8umZB8YGKgXOUq/c3V9rkZ+PUfldhlY9WPVh1pZxGx9T
Z0QeZOlEhZm9CNen33lGTjLIGWwYBJdowGuxWDQ3SCZS96D81WdtTxHMQF7eqO3d
ielLauxZ/cS9lgABqHmUYjAEJJoRrQkUlHwRY5lPIERaY5DsCkhrEsFDzS8rbm8Y
D84SKzNmO1mFcZCvvSlfHAWMMt7VIJVz/qN0wyTzhhhtal1xQ6469y/3yibIiHUR
GH/ItnBKpfIB3Q==
-----END CERTIFICATE-----