Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
File:                     dlOpinSeVpdEoe3iyUDy5DPEQIo.mft (raw, json)
Hash identifier:          QuuQyfRVJk+fXQyzS++QnM0sa7Md2kk2Md9/k2idAzk=
Subject key identifier:   EA:77:44:5E:8F:43:98:27:3D:9D:67:F8:4A:A9:EB:82:2F:FF:00:BA
Authority key identifier: 76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A
Certificate issuer:       /CN=7653a98a749e569744a1ede2c940f2e433c4408a
Certificate serial:       01976F2B9E45FDA6980B9EA8FDC49C0E2A8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
Manifest number:          0920
Signing time:             Sat 14 Jun 2025 16:00:18 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:18 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:18 +0000
Files and hashes:         1: dlOpinSeVpdEoe3iyUDy5DPEQIo.crl (hash: RCo5e6g+5mLC5SBa7nlfmT9qqc/deKYVfQpyMoQTVLY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:9e:45:fd:a6:98:0b:9e:a8:fd:c4:9c:0e:2a:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7653a98a749e569744a1ede2c940f2e433c4408a
        Validity
            Not Before: Jun 14 16:00:18 2025 GMT
            Not After : Jun 15 16:00:18 2025 GMT
        Subject: CN=ea77445e8f4398273d9d67f84aa9eb822fff00ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:53:46:4c:ff:a2:b0:1d:a5:c7:7b:61:52:db:
                    fb:db:c9:d8:2e:ac:b4:ce:1b:a2:43:99:50:19:54:
                    b7:87:3d:3f:4c:a1:21:c7:ec:89:df:c1:0a:bf:e6:
                    35:b8:03:4e:10:b6:4a:bf:bc:dc:9b:8e:14:12:30:
                    88:26:62:a9:90:52:90:91:6e:ca:6a:4b:34:c7:a0:
                    eb:5b:f7:08:09:e7:bc:97:ec:2f:09:03:6e:2b:74:
                    f2:ef:7a:1a:d8:14:6c:96:8c:2e:07:77:fb:b0:a9:
                    ca:45:4c:15:ca:36:06:88:e4:61:44:f8:d1:73:4a:
                    91:54:dc:1a:ea:0c:d4:78:fe:7b:f7:1e:05:05:aa:
                    ee:5b:f9:2b:97:c6:24:1d:e4:8c:72:c7:bc:56:07:
                    3c:c6:53:a5:f6:d8:25:56:62:f0:76:08:88:d2:04:
                    5e:da:54:91:19:e1:8c:ca:c1:f4:ff:09:9f:19:64:
                    ca:2e:8c:76:ea:67:e9:f7:b6:69:6d:92:12:cb:ba:
                    c5:7d:de:b8:11:2d:74:7e:56:a1:37:63:4d:a0:69:
                    08:f0:7d:1e:c9:e9:06:c3:16:8c:ae:e5:34:6e:06:
                    fa:53:d8:c8:af:76:6d:c7:23:ef:80:fc:9e:ae:d2:
                    d4:4b:08:0a:a0:5b:83:d9:5e:24:0d:dc:c1:25:c3:
                    ad:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:77:44:5E:8F:43:98:27:3D:9D:67:F8:4A:A9:EB:82:2F:FF:00:BA
            X509v3 Authority Key Identifier:
                keyid:76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:77:a3:0b:33:46:3b:14:90:d7:8b:f1:1a:26:7e:02:91:e5:
         9b:8e:df:e0:2f:55:7a:20:34:64:81:92:7e:a5:c1:79:a2:ed:
         04:76:61:9c:f2:98:93:ac:08:3e:ad:6b:2a:e4:93:5e:99:6d:
         4f:c4:e5:a3:17:e8:5f:7c:6e:4f:4e:aa:51:97:ee:26:a9:bd:
         a2:04:71:c3:e9:b2:1e:c8:ef:b2:80:f4:dd:a0:6c:82:7c:28:
         d1:75:3b:89:3d:7c:dc:fc:1f:7f:b8:e1:0b:9a:6f:43:3e:6a:
         57:05:be:1a:36:63:1a:54:12:55:6e:a5:cf:d6:5c:e3:88:59:
         4c:54:56:cf:98:1d:77:b2:63:ff:79:f7:8e:9e:91:ac:60:b2:
         96:94:1c:74:d1:10:35:77:64:4a:10:73:e0:b3:19:78:1e:26:
         40:a3:ab:38:16:ac:19:3d:4d:50:1e:23:3a:17:80:23:f1:0e:
         56:e0:4a:f7:1e:db:d9:d4:0d:f9:bd:8f:3a:39:6b:be:b0:2b:
         9a:5d:5e:2d:f3:9c:94:b0:9c:e7:e2:f7:35:86:52:47:10:f0:
         50:fd:3f:c5:39:af:54:1e:b2:6b:2f:72:18:a1:3d:a7:c6:c5:
         7e:d4:5e:37:1f:28:09:95:50:53:83:c5:f3:8c:fa:7d:9f:89:
         1a:dd:36:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK55F/aaYC56o/cScDiqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NTNhOThhNzQ5ZTU2OTc0NGExZWRlMmM5NDBmMmU0MzNj
NDQwOGEwHhcNMjUwNjE0MTYwMDE4WhcNMjUwNjE1MTYwMDE4WjAzMTEwLwYDVQQD
EyhlYTc3NDQ1ZThmNDM5ODI3M2Q5ZDY3Zjg0YWE5ZWI4MjJmZmYwMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1NGTP+isB2lx3thUtv728nYLqy0
zhuiQ5lQGVS3hz0/TKEhx+yJ38EKv+Y1uANOELZKv7zcm44UEjCIJmKpkFKQkW7K
aks0x6DrW/cICee8l+wvCQNuK3Ty73oa2BRslowuB3f7sKnKRUwVyjYGiORhRPjR
c0qRVNwa6gzUeP579x4FBaruW/krl8YkHeSMcse8Vgc8xlOl9tglVmLwdgiI0gRe
2lSRGeGMysH0/wmfGWTKLox26mfp97ZpbZISy7rFfd64ES10flahN2NNoGkI8H0e
yekGwxaMruU0bgb6U9jIr3ZtxyPvgPyertLUSwgKoFuD2V4kDdzBJcOtfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOp3RF6PQ5gnPZ1n+Eqp64Iv/wC6MB8GA1UdIwQY
MBaAFHZTqYp0nlaXRKHt4slA8uQzxECKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEt
YjlkYzJmMmIwMDJjLzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEtYjlkYzJmMmIwMDJj
LzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3ejCzNG
OxSQ14vxGiZ+ApHlm47f4C9VeiA0ZIGSfqXBeaLtBHZhnPKYk6wIPq1rKuSTXplt
T8TloxfoX3xuT06qUZfuJqm9ogRxw+myHsjvsoD03aBsgnwo0XU7iT183Pwff7jh
C5pvQz5qVwW+GjZjGlQSVW6lz9Zc44hZTFRWz5gdd7Jj/3n3jp6RrGCylpQcdNEQ
NXdkShBz4LMZeB4mQKOrOBasGT1NUB4jOheAI/EOVuBK9x7b2dQN+b2POjlrvrAr
ml1eLfOclLCc5+L3NYZSRxDwUP0/xTmvVB6yay9yGKE9p8bFftReNx8oCZVQU4PF
84z6fZ+JGt02NQ==
-----END CERTIFICATE-----