Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
File:                     dlOpinSeVpdEoe3iyUDy5DPEQIo.mft (raw, json)
Hash identifier:          pjS2T2PeGDWFAz+AxVu4SEJHVUa+PsxclpwGPA16HDo=
Subject key identifier:   58:10:D9:D9:01:CE:E2:DC:BF:F1:05:ED:3A:7E:D7:AD:18:06:02:F9
Authority key identifier: 76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A
Certificate issuer:       /CN=7653a98a749e569744a1ede2c940f2e433c4408a
Certificate serial:       0196741DDC10824AA7E59C33F96CFF02D67A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
Manifest number:          089E
Signing time:             Sat 26 Apr 2025 22:00:35 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:35 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:35 +0000
Files and hashes:         1: dlOpinSeVpdEoe3iyUDy5DPEQIo.crl (hash: uxVWZbJPGqwF7GqZJUbtjpbWRWooFJBDIM6qZ/8EGvs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1d:dc:10:82:4a:a7:e5:9c:33:f9:6c:ff:02:d6:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7653a98a749e569744a1ede2c940f2e433c4408a
        Validity
            Not Before: Apr 26 22:00:35 2025 GMT
            Not After : Apr 27 22:00:35 2025 GMT
        Subject: CN=5810d9d901cee2dcbff105ed3a7ed7ad180602f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:35:fc:16:fb:44:ac:6d:d9:eb:71:03:0d:18:
                    59:bb:8b:08:b8:a1:ca:94:53:ee:ad:0d:c2:44:11:
                    7c:85:d3:f1:48:3c:83:64:bf:06:bb:56:66:57:55:
                    42:c3:c1:88:3b:b9:e5:cf:f0:49:27:0c:e6:bf:66:
                    2a:fd:2b:af:22:c7:66:9b:bd:07:a4:39:f4:b2:42:
                    3f:5b:5a:e0:ee:7f:5f:7f:b1:4c:94:c6:91:85:e7:
                    5c:ee:33:41:17:d3:21:5c:30:3a:8b:43:a2:49:87:
                    8f:8d:b1:31:14:08:b9:35:52:b6:10:8f:e9:c2:f5:
                    7a:52:23:8a:6d:24:b1:f1:d3:ce:d5:63:ad:da:3f:
                    d3:66:c4:e2:b6:b3:1c:0b:0d:57:7c:a3:c5:9d:88:
                    60:da:e4:6b:3a:61:92:7f:bf:bd:55:15:e2:3a:36:
                    3f:b8:03:8e:31:fc:3a:22:18:49:25:24:14:98:ae:
                    f2:89:9a:8d:ff:19:58:00:10:3d:8c:4b:ae:4c:8a:
                    a5:aa:75:5b:4d:15:9e:69:17:de:7b:e3:7b:65:13:
                    98:0f:73:11:31:c9:51:c0:c9:77:fe:62:b7:5c:07:
                    e2:42:cf:1d:8c:b0:6e:9e:48:95:cb:9f:84:cf:ac:
                    d3:a9:e9:f1:ce:4b:b0:ca:b1:78:cb:8e:c5:d9:16:
                    e6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:10:D9:D9:01:CE:E2:DC:BF:F1:05:ED:3A:7E:D7:AD:18:06:02:F9
            X509v3 Authority Key Identifier:
                keyid:76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:9f:70:9c:fd:22:a1:28:7b:31:cc:3f:82:0c:f5:ec:f6:3a:
         22:d1:15:e5:f0:67:4c:e6:9e:dd:69:fa:8f:a0:f1:7c:58:88:
         11:f6:88:82:86:bf:0c:50:a0:d4:e1:ac:cf:1f:2f:10:6e:9d:
         16:74:db:b0:33:9d:e0:06:20:7e:ac:d0:13:9c:a5:e3:92:23:
         59:ad:0d:0e:8a:fa:38:f2:65:d2:8f:80:38:be:b0:2d:76:0f:
         09:a0:02:31:e5:b8:ed:07:55:08:bf:a3:6e:1c:ff:f8:2d:84:
         fe:de:a6:b5:b9:01:47:10:01:0d:fb:9b:54:03:5a:8a:04:24:
         b7:3d:11:16:08:78:bf:cb:ac:e7:a2:97:61:b2:67:b4:f0:54:
         84:7a:62:61:12:3f:38:83:7e:a5:26:39:f0:46:57:98:13:30:
         7b:0f:58:75:33:f5:a3:ed:34:6d:ef:47:d9:34:5b:da:8c:3f:
         76:aa:46:9b:ba:a9:8b:fc:0a:36:24:5b:f1:ee:26:2a:db:92:
         38:4b:8c:08:c2:93:ea:6e:b0:99:19:a3:2f:6d:ed:f4:9e:5c:
         47:32:0b:ef:e4:fc:b9:c7:cf:8c:1e:f9:6d:57:66:39:b1:3b:
         90:de:f0:7b:40:c3:f5:f7:ce:dc:0c:bf:2d:63:e8:ee:2d:41:
         7b:30:dc:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HdwQgkqn5Zwz+Wz/AtZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NTNhOThhNzQ5ZTU2OTc0NGExZWRlMmM5NDBmMmU0MzNj
NDQwOGEwHhcNMjUwNDI2MjIwMDM1WhcNMjUwNDI3MjIwMDM1WjAzMTEwLwYDVQQD
Eyg1ODEwZDlkOTAxY2VlMmRjYmZmMTA1ZWQzYTdlZDdhZDE4MDYwMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzX8FvtErG3Z63EDDRhZu4sIuKHK
lFPurQ3CRBF8hdPxSDyDZL8Gu1ZmV1VCw8GIO7nlz/BJJwzmv2Yq/SuvIsdmm70H
pDn0skI/W1rg7n9ff7FMlMaRhedc7jNBF9MhXDA6i0OiSYePjbExFAi5NVK2EI/p
wvV6UiOKbSSx8dPO1WOt2j/TZsTitrMcCw1XfKPFnYhg2uRrOmGSf7+9VRXiOjY/
uAOOMfw6IhhJJSQUmK7yiZqN/xlYABA9jEuuTIqlqnVbTRWeaRfee+N7ZROYD3MR
MclRwMl3/mK3XAfiQs8djLBunkiVy5+Ez6zTqenxzkuwyrF4y47F2RbmGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgQ2dkBzuLcv/EF7Tp+160YBgL5MB8GA1UdIwQY
MBaAFHZTqYp0nlaXRKHt4slA8uQzxECKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEt
YjlkYzJmMmIwMDJjLzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEtYjlkYzJmMmIwMDJj
LzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQp9wnP0i
oSh7Mcw/ggz17PY6ItEV5fBnTOae3Wn6j6DxfFiIEfaIgoa/DFCg1OGszx8vEG6d
FnTbsDOd4AYgfqzQE5yl45IjWa0NDor6OPJl0o+AOL6wLXYPCaACMeW47QdVCL+j
bhz/+C2E/t6mtbkBRxABDfubVANaigQktz0RFgh4v8us56KXYbJntPBUhHpiYRI/
OIN+pSY58EZXmBMwew9YdTP1o+00be9H2TRb2ow/dqpGm7qpi/wKNiRb8e4mKtuS
OEuMCMKT6m6wmRmjL23t9J5cRzIL7+T8ucfPjB75bVdmObE7kN7we0DD9ffO3Ay/
LWPo7i1BezDcWQ==
-----END CERTIFICATE-----