Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
File:                     dlOpinSeVpdEoe3iyUDy5DPEQIo.mft (raw, json)
Hash identifier:          57+yJe7SVRCzUPV4WPxer8UP7tDPLHIFlOvWOiH5Ajc=
Subject key identifier:   23:82:E0:E0:3E:4F:79:0D:83:BB:5E:FE:CE:3A:63:6F:6A:5B:F4:15
Authority key identifier: 76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A
Certificate issuer:       /CN=7653a98a749e569744a1ede2c940f2e433c4408a
Certificate serial:       0196B9A41FC7F55DD7231458C11718ADE3C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
Manifest number:          08C2
Signing time:             Sat 10 May 2025 10:01:03 +0000
Manifest this update:     Sat 10 May 2025 10:01:03 +0000
Manifest next update:     Sun 11 May 2025 10:01:03 +0000
Files and hashes:         1: dlOpinSeVpdEoe3iyUDy5DPEQIo.crl (hash: SzZIgRLZ8aeRWfpgKszkzmzzZTtzSA13CDanYj6eDv0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 10:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a4:1f:c7:f5:5d:d7:23:14:58:c1:17:18:ad:e3:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7653a98a749e569744a1ede2c940f2e433c4408a
        Validity
            Not Before: May 10 10:01:03 2025 GMT
            Not After : May 11 10:01:03 2025 GMT
        Subject: CN=2382e0e03e4f790d83bb5efece3a636f6a5bf415
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4b:e8:dc:0d:a4:04:bf:1a:d3:00:45:b7:c5:
                    93:3d:7c:5d:96:2b:b8:26:12:b6:6a:67:c6:78:ce:
                    f2:4c:6c:d6:c2:20:8b:5c:44:a5:e7:bd:61:45:84:
                    f8:a0:78:e6:b5:c9:aa:bd:8d:09:e6:04:83:ac:50:
                    06:50:7f:e1:09:39:42:19:cd:9a:99:38:a3:16:65:
                    70:d4:71:84:2f:81:14:eb:de:a1:51:e9:17:c4:be:
                    ad:ce:82:81:b8:10:50:0e:73:fd:d0:8c:ee:42:24:
                    f2:b2:53:f3:f0:24:80:0d:1d:1b:bb:49:b1:69:88:
                    6d:04:65:89:91:4a:58:ed:c8:a9:e5:c8:3d:06:31:
                    85:c6:d7:ea:8f:77:a3:d0:4c:78:48:3e:a9:66:5f:
                    0f:59:1c:97:69:e2:5d:fa:ae:42:ac:c8:c2:8d:4e:
                    ec:dd:52:e7:0c:85:75:9e:09:f8:73:36:fd:aa:76:
                    85:11:44:d3:49:19:d8:12:4a:10:28:62:f8:44:02:
                    1e:19:a5:29:f3:4f:ea:5a:6b:09:1f:cc:a2:4d:77:
                    23:5e:c4:04:50:fc:c5:69:2a:33:e9:a9:f7:63:77:
                    38:0b:ce:d7:42:c3:87:e9:c2:35:95:17:7f:30:79:
                    62:78:2e:17:a4:34:3c:d8:40:49:b1:bc:56:a6:90:
                    54:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:82:E0:E0:3E:4F:79:0D:83:BB:5E:FE:CE:3A:63:6F:6A:5B:F4:15
            X509v3 Authority Key Identifier:
                keyid:76:53:A9:8A:74:9E:56:97:44:A1:ED:E2:C9:40:F2:E4:33:C4:40:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlOpinSeVpdEoe3iyUDy5DPEQIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/861592-b1c2-495f-b5a1-b9dc2f2b002c/1/dlOpinSeVpdEoe3iyUDy5DPEQIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:95:9f:7d:76:f3:ac:43:87:57:30:61:f2:14:f4:f0:5c:17:
         17:89:f2:1d:03:62:cf:39:64:e0:0e:58:da:25:8f:4e:51:89:
         19:62:20:c9:c2:9d:a2:08:f7:38:b1:5e:34:c8:39:ff:2c:77:
         4c:fc:d7:99:a6:84:cd:78:e7:80:ec:ab:fd:e1:17:c2:a3:ab:
         2d:55:37:2f:82:1d:a2:79:4e:fb:2d:1a:e9:3a:7c:6f:95:9c:
         dc:1c:d1:da:5b:c8:27:ce:7c:78:0a:7a:cd:d9:88:5f:53:66:
         28:78:ba:92:a2:bd:aa:4c:93:de:5c:de:48:13:fa:1f:8e:d6:
         db:fc:61:0d:0a:ae:95:34:91:13:9f:24:a6:d2:ba:c8:dc:23:
         e1:f4:ee:a2:3d:e4:65:e9:c9:01:4c:76:eb:39:a2:95:94:e0:
         e3:5a:dd:16:40:b9:e7:e9:00:81:ad:9e:00:50:3d:81:93:4e:
         90:7c:08:40:b1:a1:b5:42:58:73:1d:fe:9e:04:9b:6d:4a:bb:
         99:24:33:5f:f5:78:b3:9a:a6:f9:1f:b6:3b:8b:a2:06:38:9c:
         e9:6e:74:48:0a:d7:99:ff:bf:ea:57:83:2d:15:56:10:71:9d:
         59:df:6d:f0:62:2a:1d:07:56:a5:1c:d8:62:ac:27:47:c5:f5:
         01:c3:fc:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5pB/H9V3XIxRYwRcYrePFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NTNhOThhNzQ5ZTU2OTc0NGExZWRlMmM5NDBmMmU0MzNj
NDQwOGEwHhcNMjUwNTEwMTAwMTAzWhcNMjUwNTExMTAwMTAzWjAzMTEwLwYDVQQD
EygyMzgyZTBlMDNlNGY3OTBkODNiYjVlZmVjZTNhNjM2ZjZhNWJmNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUvo3A2kBL8a0wBFt8WTPXxdliu4
JhK2amfGeM7yTGzWwiCLXESl571hRYT4oHjmtcmqvY0J5gSDrFAGUH/hCTlCGc2a
mTijFmVw1HGEL4EU696hUekXxL6tzoKBuBBQDnP90IzuQiTyslPz8CSADR0bu0mx
aYhtBGWJkUpY7cip5cg9BjGFxtfqj3ej0Ex4SD6pZl8PWRyXaeJd+q5CrMjCjU7s
3VLnDIV1ngn4czb9qnaFEUTTSRnYEkoQKGL4RAIeGaUp80/qWmsJH8yiTXcjXsQE
UPzFaSoz6an3Y3c4C87XQsOH6cI1lRd/MHlieC4XpDQ82EBJsbxWppBUUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOC4OA+T3kNg7te/s46Y29qW/QVMB8GA1UdIwQY
MBaAFHZTqYp0nlaXRKHt4slA8uQzxECKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEt
YjlkYzJmMmIwMDJjLzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS84NjE1OTItYjFjMi00OTVmLWI1YTEtYjlkYzJmMmIwMDJj
LzEvZGxPcGluU2VWcGRFb2UzaXlVRHk1RFBFUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJWffXbz
rEOHVzBh8hT08FwXF4nyHQNizzlk4A5Y2iWPTlGJGWIgycKdogj3OLFeNMg5/yx3
TPzXmaaEzXjngOyr/eEXwqOrLVU3L4IdonlO+y0a6Tp8b5Wc3BzR2lvIJ858eAp6
zdmIX1NmKHi6kqK9qkyT3lzeSBP6H47W2/xhDQqulTSRE58kptK6yNwj4fTuoj3k
ZenJAUx26zmilZTg41rdFkC55+kAga2eAFA9gZNOkHwIQLGhtUJYcx3+ngSbbUq7
mSQzX/V4s5qm+R+2O4uiBjic6W50SArXmf+/6leDLRVWEHGdWd9t8GIqHQdWpRzY
YqwnR8X1AcP8gQ==
-----END CERTIFICATE-----