Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
File:                     ta_Rv-OIQKaf9WcdWb89siuY3eI.mft (raw, json)
Hash identifier:          uXnvwlZGjj2fHNiZm2vla0Ypm/qdiSdYq6ck9nfG9dw=
Subject key identifier:   5D:D0:64:3F:E6:89:60:52:61:E9:E6:1E:D9:15:68:E6:AB:39:97:E2
Authority key identifier: B5:AF:D1:BF:E3:88:40:A6:9F:F5:67:1D:59:BF:3D:B2:2B:98:DD:E2
Certificate issuer:       /CN=b5afd1bfe38840a69ff5671d59bf3db22b98dde2
Certificate serial:       01987450AAB20D5C319B76EA5967207AAAC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
Manifest number:          035A
Signing time:             Mon 04 Aug 2025 09:01:40 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:40 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:40 +0000
Files and hashes:         1: ta_Rv-OIQKaf9WcdWb89siuY3eI.crl (hash: d6EIlZqNqWMtH7tPxWh5ToVme4LZLDp9KpP4Qrc9BdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:aa:b2:0d:5c:31:9b:76:ea:59:67:20:7a:aa:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5afd1bfe38840a69ff5671d59bf3db22b98dde2
        Validity
            Not Before: Aug  4 09:01:40 2025 GMT
            Not After : Aug  5 09:01:40 2025 GMT
        Subject: CN=5dd0643fe689605261e9e61ed91568e6ab3997e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ac:44:78:08:3a:50:6a:a2:5e:6f:dc:6f:5f:
                    ff:cc:d2:f1:25:d2:33:b0:b2:2f:53:99:09:57:aa:
                    82:65:46:d9:78:3c:d0:57:d9:8f:30:05:52:31:bd:
                    5a:30:1d:be:47:fd:45:a2:7e:27:56:ea:b7:a0:4e:
                    89:61:c4:91:6d:3e:a7:57:76:be:66:70:ed:18:f6:
                    23:9a:70:e9:3b:cb:93:25:eb:bb:3f:5f:b7:26:49:
                    dc:64:0d:f3:b1:ac:aa:de:8f:2e:9d:9a:7e:13:f6:
                    e1:39:20:cb:4e:46:8a:7d:d1:25:5a:9b:88:ea:c4:
                    e0:8c:99:5e:e9:4c:9e:3c:59:09:7f:d7:07:05:88:
                    91:42:4a:3c:94:9c:77:7e:d5:9e:ab:0e:91:bc:73:
                    4b:fb:1c:43:7d:54:05:72:a7:8c:69:a1:b6:ff:2c:
                    1b:b4:12:86:d2:8a:62:39:2e:cf:15:97:47:65:cb:
                    e6:6c:55:95:2f:65:9b:11:00:f1:c4:e6:b0:01:68:
                    c3:1d:58:d3:55:76:db:16:d9:a1:b7:05:97:42:d9:
                    25:4e:d0:a0:3c:d4:30:d4:41:07:2b:b4:b5:a2:a3:
                    a8:ef:95:bb:37:10:a1:f3:fa:6b:c9:da:93:43:5a:
                    2c:90:65:30:be:6b:a7:2a:c3:03:13:a3:e7:b4:90:
                    c3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D0:64:3F:E6:89:60:52:61:E9:E6:1E:D9:15:68:E6:AB:39:97:E2
            X509v3 Authority Key Identifier:
                keyid:B5:AF:D1:BF:E3:88:40:A6:9F:F5:67:1D:59:BF:3D:B2:2B:98:DD:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:dc:e2:58:f0:ff:a4:2e:2d:70:a6:9c:21:34:67:a5:5f:42:
         4a:67:55:8f:29:80:52:60:de:c5:24:4c:a6:49:71:1a:f6:c6:
         6f:f1:e2:cf:cd:ee:d2:a8:c2:97:a2:58:5d:b0:6b:86:c5:17:
         69:fd:ac:47:ff:31:ee:c3:45:68:1d:b8:92:2b:ba:5d:f3:85:
         cd:9f:5b:5b:04:da:b2:19:0a:d1:20:3a:0d:76:08:03:02:b0:
         1e:00:da:db:e1:0f:8a:71:4f:bc:6d:7c:cc:a5:b6:e7:ec:50:
         24:74:c3:91:20:0f:39:a7:fb:d1:30:8a:e1:0e:0e:41:18:07:
         fe:6d:85:91:77:44:45:fe:65:69:09:90:ea:0e:d5:7e:dd:9a:
         09:14:36:26:b2:93:6b:10:4b:db:9e:8a:fb:76:95:3d:ef:1e:
         b7:fb:81:3e:28:c8:37:bc:79:56:5d:57:8d:c9:4f:4c:e9:6a:
         05:b2:8c:cc:7f:4a:aa:b7:73:91:92:6d:f9:21:6b:01:80:c2:
         30:d6:ca:59:28:b1:e4:f9:30:c7:56:3f:18:6d:98:1e:d6:89:
         ac:b3:2d:f4:a3:1a:18:37:99:7b:4a:56:88:45:c8:24:56:13:
         62:58:d9:a4:0a:b2:b5:c4:38:ff:f4:45:b3:88:41:9a:d7:13:
         7e:b1:1b:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UKqyDVwxm3bqWWcgeqrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWZkMWJmZTM4ODQwYTY5ZmY1NjcxZDU5YmYzZGIyMmI5
OGRkZTIwHhcNMjUwODA0MDkwMTQwWhcNMjUwODA1MDkwMTQwWjAzMTEwLwYDVQQD
Eyg1ZGQwNjQzZmU2ODk2MDUyNjFlOWU2MWVkOTE1NjhlNmFiMzk5N2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaxEeAg6UGqiXm/cb1//zNLxJdIz
sLIvU5kJV6qCZUbZeDzQV9mPMAVSMb1aMB2+R/1Fon4nVuq3oE6JYcSRbT6nV3a+
ZnDtGPYjmnDpO8uTJeu7P1+3JkncZA3zsayq3o8unZp+E/bhOSDLTkaKfdElWpuI
6sTgjJle6UyePFkJf9cHBYiRQko8lJx3ftWeqw6RvHNL+xxDfVQFcqeMaaG2/ywb
tBKG0opiOS7PFZdHZcvmbFWVL2WbEQDxxOawAWjDHVjTVXbbFtmhtwWXQtklTtCg
PNQw1EEHK7S1oqOo75W7NxCh8/prydqTQ1oskGUwvmunKsMDE6PntJDDWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3QZD/miWBSYenmHtkVaOarOZfiMB8GA1UdIwQY
MBaAFLWv0b/jiECmn/VnHVm/PbIrmN3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lNzQ4NDgtOWM4Mi00ODU1LWE4YTkt
MzdlZjkyZDA3MTIzLzEvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lNzQ4NDgtOWM4Mi00ODU1LWE4YTktMzdlZjkyZDA3MTIz
LzEvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkNziWPD/
pC4tcKacITRnpV9CSmdVjymAUmDexSRMpklxGvbGb/Hiz83u0qjCl6JYXbBrhsUX
af2sR/8x7sNFaB24kiu6XfOFzZ9bWwTashkK0SA6DXYIAwKwHgDa2+EPinFPvG18
zKW25+xQJHTDkSAPOaf70TCK4Q4OQRgH/m2FkXdERf5laQmQ6g7Vft2aCRQ2JrKT
axBL256K+3aVPe8et/uBPijIN7x5Vl1XjclPTOlqBbKMzH9KqrdzkZJt+SFrAYDC
MNbKWSix5Pkwx1Y/GG2YHtaJrLMt9KMaGDeZe0pWiEXIJFYTYljZpAqytcQ4//RF
s4hBmtcTfrEbww==
-----END CERTIFICATE-----