Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
File:                     ta_Rv-OIQKaf9WcdWb89siuY3eI.mft (raw, json)
Hash identifier:          G91GOlUGlTgFFxDw4hx0byoELzV09bAdhk5AhInq1c0=
Subject key identifier:   D6:1B:0C:B6:BF:C9:EC:25:6E:28:F4:48:AD:E8:F4:88:97:4E:B0:01
Authority key identifier: B5:AF:D1:BF:E3:88:40:A6:9F:F5:67:1D:59:BF:3D:B2:2B:98:DD:E2
Certificate issuer:       /CN=b5afd1bfe38840a69ff5671d59bf3db22b98dde2
Certificate serial:       0196767AC152CD7F713948540B81F0A9FBA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
Manifest number:          0252
Signing time:             Sun 27 Apr 2025 09:01:18 +0000
Manifest this update:     Sun 27 Apr 2025 09:01:18 +0000
Manifest next update:     Mon 28 Apr 2025 09:01:18 +0000
Files and hashes:         1: ta_Rv-OIQKaf9WcdWb89siuY3eI.crl (hash: mLFyAen5I29u/vez9F5UDfY/jbjuHPvvRxGmAT0mj5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:c1:52:cd:7f:71:39:48:54:0b:81:f0:a9:fb:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5afd1bfe38840a69ff5671d59bf3db22b98dde2
        Validity
            Not Before: Apr 27 09:01:18 2025 GMT
            Not After : Apr 28 09:01:18 2025 GMT
        Subject: CN=d61b0cb6bfc9ec256e28f448ade8f488974eb001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:dd:6a:53:ce:95:9d:06:27:18:cf:94:12:1a:
                    dd:99:59:a1:04:18:7a:78:57:83:75:5b:f6:23:f3:
                    06:72:7a:41:64:2a:b5:cc:97:27:61:69:be:5f:d4:
                    6f:d5:d7:31:2d:6c:a8:ee:14:05:07:91:45:ff:d7:
                    4f:64:95:89:05:59:bf:83:3f:29:18:09:97:8a:89:
                    f4:a9:72:25:a7:67:9f:07:9e:f6:1a:37:99:f2:aa:
                    f1:64:7d:89:11:95:d2:14:38:20:c2:04:42:7c:af:
                    3b:da:85:65:a5:71:fd:03:36:42:73:a6:4e:3a:ff:
                    8c:1b:8d:bc:25:51:44:a3:20:ed:e6:bb:df:09:ac:
                    22:52:9e:0d:64:59:63:43:a3:c1:2e:4f:8b:17:e6:
                    95:9e:cc:68:82:1b:81:d3:54:34:26:6c:b8:be:41:
                    b1:9a:0f:4d:b9:9b:b8:ec:e5:61:95:47:3a:bf:5b:
                    8f:b3:04:7b:86:28:da:6b:fe:0f:3d:a8:e7:13:ee:
                    26:ce:0b:73:23:b3:b2:4b:9c:b3:ea:1c:34:0b:b9:
                    ad:92:02:e1:88:22:be:a6:92:ad:c4:7e:37:ec:20:
                    d5:f6:c6:dc:8a:30:0b:15:37:90:5d:1e:7d:33:dd:
                    bf:48:a4:f8:56:97:ee:60:aa:b0:8c:3f:46:45:b9:
                    f1:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:1B:0C:B6:BF:C9:EC:25:6E:28:F4:48:AD:E8:F4:88:97:4E:B0:01
            X509v3 Authority Key Identifier:
                keyid:B5:AF:D1:BF:E3:88:40:A6:9F:F5:67:1D:59:BF:3D:B2:2B:98:DD:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:b5:3a:3d:36:f7:d8:4b:71:b4:7d:6b:19:73:ef:a5:2f:47:
         9f:76:92:ac:42:c2:c2:5c:e8:93:50:8c:bd:63:a2:2f:2a:10:
         2f:c4:f5:3b:b9:f9:45:33:41:b0:ad:b0:ba:7c:d3:02:ef:57:
         56:91:94:c9:90:a3:98:0a:7d:6b:f2:35:9a:a4:80:5d:17:45:
         48:bc:38:6d:47:61:1e:7f:97:4f:7c:fe:53:28:d2:66:78:d3:
         0f:35:d2:b3:fa:e3:94:a9:87:aa:a8:20:9a:58:0d:4a:af:ef:
         8e:28:6b:b7:fb:8e:67:8c:63:24:43:a3:b2:53:1d:fa:cb:be:
         db:e9:d4:c4:43:93:da:81:ff:ed:f8:b1:4a:70:d8:54:85:0f:
         65:a0:0e:a7:a3:2a:92:5a:ae:87:f5:e0:55:2d:56:aa:bb:e5:
         81:b9:b7:69:ab:ce:b6:e1:5b:75:5a:e2:4f:f5:47:90:16:13:
         53:2d:df:75:89:ea:58:93:0c:de:c0:7b:aa:93:63:28:0c:4a:
         b8:64:5e:75:8c:3e:90:08:71:f2:5e:fe:c1:a0:f1:4a:2a:16:
         13:d0:27:df:c4:90:fc:f5:ec:ab:c0:fa:b4:6c:17:3d:d5:28:
         c0:2f:25:f2:41:d8:ec:3c:b1:fc:47:3e:73:78:3b:b2:89:ab:
         51:1b:a7:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2esFSzX9xOUhUC4HwqfuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWZkMWJmZTM4ODQwYTY5ZmY1NjcxZDU5YmYzZGIyMmI5
OGRkZTIwHhcNMjUwNDI3MDkwMTE4WhcNMjUwNDI4MDkwMTE4WjAzMTEwLwYDVQQD
EyhkNjFiMGNiNmJmYzllYzI1NmUyOGY0NDhhZGU4ZjQ4ODk3NGViMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj91qU86VnQYnGM+UEhrdmVmhBBh6
eFeDdVv2I/MGcnpBZCq1zJcnYWm+X9Rv1dcxLWyo7hQFB5FF/9dPZJWJBVm/gz8p
GAmXion0qXIlp2efB572GjeZ8qrxZH2JEZXSFDggwgRCfK872oVlpXH9AzZCc6ZO
Ov+MG428JVFEoyDt5rvfCawiUp4NZFljQ6PBLk+LF+aVnsxoghuB01Q0Jmy4vkGx
mg9NuZu47OVhlUc6v1uPswR7hijaa/4PPajnE+4mzgtzI7OyS5yz6hw0C7mtkgLh
iCK+ppKtxH437CDV9sbcijALFTeQXR59M92/SKT4VpfuYKqwjD9GRbnxIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYbDLa/yewlbij0SK3o9IiXTrABMB8GA1UdIwQY
MBaAFLWv0b/jiECmn/VnHVm/PbIrmN3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lNzQ4NDgtOWM4Mi00ODU1LWE4YTkt
MzdlZjkyZDA3MTIzLzEvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lNzQ4NDgtOWM4Mi00ODU1LWE4YTktMzdlZjkyZDA3MTIz
LzEvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk7U6PTb3
2EtxtH1rGXPvpS9Hn3aSrELCwlzok1CMvWOiLyoQL8T1O7n5RTNBsK2wunzTAu9X
VpGUyZCjmAp9a/I1mqSAXRdFSLw4bUdhHn+XT3z+UyjSZnjTDzXSs/rjlKmHqqgg
mlgNSq/vjihrt/uOZ4xjJEOjslMd+su+2+nUxEOT2oH/7fixSnDYVIUPZaAOp6Mq
klquh/XgVS1Wqrvlgbm3aavOtuFbdVriT/VHkBYTUy3fdYnqWJMM3sB7qpNjKAxK
uGRedYw+kAhx8l7+waDxSioWE9An38SQ/PXsq8D6tGwXPdUowC8l8kHY7Dyx/Ec+
c3g7somrURunqA==
-----END CERTIFICATE-----