Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
File:                     ta_Rv-OIQKaf9WcdWb89siuY3eI.mft (raw, json)
Hash identifier:          3f7eUrlzU2WodlXUlmnoOvVNTZGaa158LswTccaoYOk=
Subject key identifier:   A0:53:DA:6C:DA:54:A1:03:D6:41:23:CF:47:7B:4D:66:A0:A2:E1:EE
Authority key identifier: B5:AF:D1:BF:E3:88:40:A6:9F:F5:67:1D:59:BF:3D:B2:2B:98:DD:E2
Certificate issuer:       /CN=b5afd1bfe38840a69ff5671d59bf3db22b98dde2
Certificate serial:       01976BBD148BC262B65E172569F940EB742C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
Manifest number:          02D1
Signing time:             Sat 14 Jun 2025 00:00:43 +0000
Manifest this update:     Sat 14 Jun 2025 00:00:43 +0000
Manifest next update:     Sun 15 Jun 2025 00:00:43 +0000
Files and hashes:         1: ta_Rv-OIQKaf9WcdWb89siuY3eI.crl (hash: bKS7JarCPtBQVsRxKzKIYX//rYpaGnyYGTQyethx+Ok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:14:8b:c2:62:b6:5e:17:25:69:f9:40:eb:74:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5afd1bfe38840a69ff5671d59bf3db22b98dde2
        Validity
            Not Before: Jun 14 00:00:43 2025 GMT
            Not After : Jun 15 00:00:43 2025 GMT
        Subject: CN=a053da6cda54a103d64123cf477b4d66a0a2e1ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:0b:f1:bc:d7:ba:51:42:24:f7:b1:fc:ee:52:
                    40:d4:d5:de:0c:1e:c2:22:cd:e2:a8:24:b9:b7:79:
                    8b:2f:d8:94:f5:c0:60:11:e2:6d:49:f6:10:81:f9:
                    a9:8b:be:77:36:0d:96:54:1c:49:ea:21:aa:da:a8:
                    7d:f1:f1:cc:57:ac:3b:0f:af:be:13:b6:21:34:21:
                    c4:44:65:5f:ad:88:e2:73:16:17:fe:95:b1:85:75:
                    04:bc:ab:50:e0:d2:bf:ac:67:49:98:9a:2c:4f:75:
                    33:85:d5:6f:05:6a:82:23:e8:ed:5f:39:19:fe:e6:
                    0b:70:ae:56:0b:95:dc:79:b1:1b:17:2f:21:aa:10:
                    f6:a5:fd:f6:53:83:62:4f:f9:13:40:68:63:a9:90:
                    f4:ad:be:b6:cd:99:5b:1c:51:3e:59:ad:a0:8d:32:
                    41:c4:b8:9d:72:9b:5a:0b:c8:e0:cc:3b:81:6b:82:
                    71:25:50:1f:33:d7:16:c6:0a:28:8c:e5:47:ad:91:
                    e8:18:35:b7:f0:c8:57:28:ea:f8:ab:b4:a3:75:18:
                    53:35:13:98:34:69:76:f3:b6:97:24:3e:98:f6:66:
                    13:1d:bc:eb:6f:89:e7:2f:ee:4a:28:8b:a6:5b:0e:
                    cb:fa:dc:a6:96:4a:ef:34:19:ea:b5:27:48:50:6a:
                    93:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:53:DA:6C:DA:54:A1:03:D6:41:23:CF:47:7B:4D:66:A0:A2:E1:EE
            X509v3 Authority Key Identifier:
                keyid:B5:AF:D1:BF:E3:88:40:A6:9F:F5:67:1D:59:BF:3D:B2:2B:98:DD:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta_Rv-OIQKaf9WcdWb89siuY3eI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e74848-9c82-4855-a8a9-37ef92d07123/1/ta_Rv-OIQKaf9WcdWb89siuY3eI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:1e:b1:99:18:fa:ec:3e:c1:5d:49:3e:35:10:d7:df:ad:5f:
         97:7b:82:b3:da:7d:27:c1:0c:d5:97:29:1d:3d:91:4c:ef:c4:
         40:f6:8d:0b:96:f1:e9:a0:9b:6f:df:8d:ca:4f:62:4f:2c:56:
         18:cb:6c:00:66:07:10:b9:fc:45:6b:13:ee:d8:65:c6:02:6e:
         01:f2:ba:57:c5:14:f9:14:d4:ab:3e:e7:7f:36:99:70:fe:0c:
         a9:fc:60:16:1c:63:ad:2e:6d:5a:41:ef:c6:41:c0:31:06:d3:
         37:f3:d1:bf:7b:59:ad:ef:d0:e8:5f:53:7e:bc:37:87:9a:d3:
         ea:2e:9e:70:11:36:d0:0a:31:50:35:2f:71:d2:d7:17:74:78:
         a9:8f:b6:00:3e:6e:04:26:d4:b5:65:a7:3d:a3:89:1e:ec:08:
         69:5f:6d:a2:11:0e:1c:88:02:35:9b:0c:72:cc:c4:ae:18:87:
         6e:68:ea:70:47:97:db:a0:39:83:6c:30:ea:0e:cd:26:7e:8d:
         a2:23:60:2f:a5:3e:c5:0a:8b:34:f3:cd:57:33:7a:75:96:52:
         22:f1:42:e3:6b:da:e0:cc:65:e1:60:05:4e:6c:ac:99:a6:e0:
         fe:47:f9:7c:cb:96:b8:66:d6:ab:7e:01:4f:e1:a4:93:1c:bb:
         24:e9:ef:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvRSLwmK2XhclaflA63QsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWZkMWJmZTM4ODQwYTY5ZmY1NjcxZDU5YmYzZGIyMmI5
OGRkZTIwHhcNMjUwNjE0MDAwMDQzWhcNMjUwNjE1MDAwMDQzWjAzMTEwLwYDVQQD
EyhhMDUzZGE2Y2RhNTRhMTAzZDY0MTIzY2Y0NzdiNGQ2NmEwYTJlMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgvxvNe6UUIk97H87lJA1NXeDB7C
Is3iqCS5t3mLL9iU9cBgEeJtSfYQgfmpi753Ng2WVBxJ6iGq2qh98fHMV6w7D6++
E7YhNCHERGVfrYjicxYX/pWxhXUEvKtQ4NK/rGdJmJosT3UzhdVvBWqCI+jtXzkZ
/uYLcK5WC5XcebEbFy8hqhD2pf32U4NiT/kTQGhjqZD0rb62zZlbHFE+Wa2gjTJB
xLidcptaC8jgzDuBa4JxJVAfM9cWxgoojOVHrZHoGDW38MhXKOr4q7SjdRhTNROY
NGl287aXJD6Y9mYTHbzrb4nnL+5KKIumWw7L+tymlkrvNBnqtSdIUGqTVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBT2mzaVKED1kEjz0d7TWagouHuMB8GA1UdIwQY
MBaAFLWv0b/jiECmn/VnHVm/PbIrmN3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lNzQ4NDgtOWM4Mi00ODU1LWE4YTkt
MzdlZjkyZDA3MTIzLzEvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lNzQ4NDgtOWM4Mi00ODU1LWE4YTktMzdlZjkyZDA3MTIz
LzEvdGFfUnYtT0lRS2FmOVdjZFdiODlzaXVZM2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQx6xmRj6
7D7BXUk+NRDX361fl3uCs9p9J8EM1ZcpHT2RTO/EQPaNC5bx6aCbb9+Nyk9iTyxW
GMtsAGYHELn8RWsT7thlxgJuAfK6V8UU+RTUqz7nfzaZcP4MqfxgFhxjrS5tWkHv
xkHAMQbTN/PRv3tZre/Q6F9Tfrw3h5rT6i6ecBE20AoxUDUvcdLXF3R4qY+2AD5u
BCbUtWWnPaOJHuwIaV9tohEOHIgCNZsMcszErhiHbmjqcEeX26A5g2ww6g7NJn6N
oiNgL6U+xQqLNPPNVzN6dZZSIvFC42va4Mxl4WAFTmysmabg/kf5fMuWuGbWq34B
T+Gkkxy7JOnvbA==
-----END CERTIFICATE-----