Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
File:                     dlOpinSeVpdEoe3iyUDy5DPEQIo.mft (raw, json)
Hash identifier:          jme5TY5EK5bxuK6b+5qQRZ7nsK0zfy6qABIy3/auUE0=
Subject key identifier:   F2:5A:1E:40:1E:81:4F:53:4D:74:8B:3B:46:28:00:E1:E5:C6:3C:23
Authority key identifier: 76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A
Certificate issuer:       /CN=7653a98a749e569744a1ede2c940f2e433c4408a
Certificate serial:       0197B6A1153411CBFCCAA4623D0C87E61303
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
Manifest number:          0945
Signing time:             Sat 28 Jun 2025 13:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:39 +0000
Files and hashes:         1: dlOpinSeVpdEoe3iyUDy5DPEQIo.crl (hash: qO3KoeMKlYboZU3gjUDoIpxIRVRNbsEZKWzFYsKGuxo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:15:34:11:cb:fc:ca:a4:62:3d:0c:87:e6:13:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7653a98a749e569744a1ede2c940f2e433c4408a
        Validity
            Not Before: Jun 28 13:01:39 2025 GMT
            Not After : Jun 29 13:01:39 2025 GMT
        Subject: CN=f25a1e401e814f534d748b3b462800e1e5c63c23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e4:ed:b8:e3:9f:fb:54:48:41:2d:87:d1:01:
                    08:0d:ee:44:89:3d:3d:e3:79:87:fd:35:c7:5d:31:
                    ed:b7:fc:5f:e9:ba:cd:5f:2a:36:42:5a:e1:c6:1f:
                    9f:54:34:e5:2f:9b:5d:b5:e5:c1:13:be:bd:31:c4:
                    a2:06:60:4b:b7:e5:38:35:49:56:73:6d:a2:15:a4:
                    14:66:8f:69:f3:e5:65:a7:30:34:3c:df:5a:2d:7d:
                    ac:7a:8e:ff:cf:47:de:aa:a7:d8:ac:cb:52:ab:2b:
                    2d:15:0b:d9:cf:c7:7a:c4:34:38:36:f8:e0:ab:85:
                    42:a7:19:77:c0:c5:97:7d:6d:e7:a8:37:8a:fe:18:
                    58:8a:66:fe:be:2a:78:9c:fd:4c:d6:47:a7:23:e8:
                    e2:3d:d8:1b:6d:ff:3b:26:53:4f:6d:75:a1:ef:b5:
                    d6:34:b3:b9:ef:be:6b:8d:2a:98:d9:d1:43:45:d5:
                    c9:fc:e5:7b:98:99:fb:f2:2e:08:65:d9:d0:e3:f5:
                    2f:57:24:db:27:c7:ce:2b:37:b4:a3:9a:48:e0:20:
                    cc:10:83:76:28:b2:38:f5:d6:1e:bd:ee:4d:3a:78:
                    c1:21:17:72:fb:cb:c1:0e:ca:a9:19:f5:76:8b:72:
                    e9:74:a5:4d:94:0f:14:77:a1:24:2e:e5:e1:65:b2:
                    7b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:5A:1E:40:1E:81:4F:53:4D:74:8B:3B:46:28:00:E1:E5:C6:3C:23
            X509v3 Authority Key Identifier:
                keyid:76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:ec:57:03:4d:bb:d0:5c:09:0a:0c:b2:0c:61:e5:a5:b7:8e:
         42:c7:9b:b7:c6:d0:6e:de:3d:03:25:95:06:59:fc:65:1f:96:
         7f:e3:b6:b3:37:6a:4a:3b:79:28:3d:b0:66:bd:99:b7:7d:56:
         f0:36:75:3d:39:d6:87:27:b8:2e:a5:78:41:5f:e8:52:46:ac:
         bd:c7:0f:cd:ae:c6:51:cb:96:e9:77:f7:4f:e0:f3:90:86:3e:
         e3:c3:3a:f5:43:ce:b7:87:c2:fc:ae:6a:3e:70:18:3d:05:b0:
         f7:b3:3c:83:34:0d:ac:a0:a7:49:3d:21:26:26:1f:91:fa:68:
         8e:fa:52:45:63:b3:b5:7a:b6:f9:f7:96:d2:aa:34:38:7a:87:
         2c:ad:af:18:a1:e3:49:8b:6c:6f:10:63:71:16:3e:2f:08:d5:
         f3:20:f3:89:83:53:aa:ce:5a:31:8d:a3:3b:ba:ed:b1:6f:34:
         9b:a7:3c:84:7b:d7:07:07:c2:1b:2d:f8:1c:31:84:bc:5e:5d:
         e4:3d:02:59:cf:99:5b:0d:85:00:8f:68:d8:20:ee:07:ec:a0:
         79:ef:eb:76:24:52:73:5f:69:23:bd:cf:8d:24:c0:a0:fe:f1:
         53:d9:6b:49:f8:f5:6c:f1:05:96:e7:3b:e4:fd:24:99:e0:18:
         c5:9d:1c:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oRU0Ecv8yqRiPQyH5hMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NTNhOThhNzQ5ZTU2OTc0NGExZWRlMmM5NDBmMmU0MzNj
NDQwOGEwHhcNMjUwNjI4MTMwMTM5WhcNMjUwNjI5MTMwMTM5WjAzMTEwLwYDVQQD
EyhmMjVhMWU0MDFlODE0ZjUzNGQ3NDhiM2I0NjI4MDBlMWU1YzYzYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveTtuOOf+1RIQS2H0QEIDe5EiT09
43mH/TXHXTHtt/xf6brNXyo2Qlrhxh+fVDTlL5tdteXBE769McSiBmBLt+U4NUlW
c22iFaQUZo9p8+VlpzA0PN9aLX2seo7/z0feqqfYrMtSqystFQvZz8d6xDQ4Nvjg
q4VCpxl3wMWXfW3nqDeK/hhYimb+vip4nP1M1kenI+jiPdgbbf87JlNPbXWh77XW
NLO5775rjSqY2dFDRdXJ/OV7mJn78i4IZdnQ4/UvVyTbJ8fOKze0o5pI4CDMEIN2
KLI49dYeve5NOnjBIRdy+8vBDsqpGfV2i3LpdKVNlA8Ud6EkLuXhZbJ7/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJaHkAegU9TTXSLO0YoAOHlxjwjMB8GA1UdIwQY
MBaAFHZTqYp0nlaXRKHt4slA8uQzxECKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEt
YjlkYzJmMmIwMDJjLzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEtYjlkYzJmMmIwMDJj
LzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+xXA027
0FwJCgyyDGHlpbeOQsebt8bQbt49AyWVBln8ZR+Wf+O2szdqSjt5KD2wZr2Zt31W
8DZ1PTnWhye4LqV4QV/oUkasvccPza7GUcuW6Xf3T+DzkIY+48M69UPOt4fC/K5q
PnAYPQWw97M8gzQNrKCnST0hJiYfkfpojvpSRWOztXq2+feW0qo0OHqHLK2vGKHj
SYtsbxBjcRY+LwjV8yDziYNTqs5aMY2jO7rtsW80m6c8hHvXBwfCGy34HDGEvF5d
5D0CWc+ZWw2FAI9o2CDuB+ygee/rdiRSc19pI73PjSTAoP7xU9lrSfj1bPEFluc7
5P0kmeAYxZ0cow==
-----END CERTIFICATE-----