Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          AH0f21Ys9kLNcZaEHk230berdTfa64OuLAsKsvuisHE=
Subject key identifier:   3E:57:88:16:8E:88:3B:B7:82:F7:33:DA:30:E9:F7:E5:E3:6A:68:64
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       019D9B87971C17617BAED4B5829B59315AA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          13F3
Signing time:             Fri 17 Apr 2026 13:00:47 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:47 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:47 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: k5Nac6tPCv9ewQd3QgNNh0FZx0QDKAyuezUg58y2inw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:97:1c:17:61:7b:ae:d4:b5:82:9b:59:31:5a:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: Apr 17 13:00:47 2026 GMT
            Not After : Apr 18 13:00:47 2026 GMT
        Subject: CN=3e5788168e883bb782f733da30e9f7e5e36a6864
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:dd:1d:85:ee:5c:0f:ad:a9:0b:de:88:c7:69:
                    15:25:af:0d:50:01:95:4b:a0:5d:1f:79:87:9c:71:
                    96:ec:15:ab:c4:ee:1c:c3:1d:04:60:ce:95:77:f2:
                    c7:56:f1:5f:de:be:6b:82:59:1b:17:19:14:e8:f0:
                    85:e1:58:a4:7e:72:99:f0:c5:46:cf:de:23:d7:78:
                    84:25:cd:2f:b8:bc:0d:6b:05:a3:a6:20:fe:dd:41:
                    8f:c7:d5:4f:9f:f5:70:b4:e5:32:fe:4c:ed:a0:3e:
                    23:d8:b5:77:90:9c:7f:14:fe:cc:4b:9f:6d:ce:35:
                    f0:04:0f:81:44:cf:ba:4d:d4:58:d0:54:d9:74:3f:
                    72:41:5e:aa:66:a6:f1:d5:38:97:84:c5:b8:b8:da:
                    ef:18:b4:12:c1:bc:b0:d1:96:e5:5d:2c:ee:1b:48:
                    c7:0b:1b:52:24:17:24:8d:ec:71:14:30:7f:a8:33:
                    93:10:35:16:4a:ef:67:ac:af:a9:47:d8:e7:9c:2a:
                    53:0c:06:55:da:4b:bd:e3:fa:5f:d5:9f:86:ae:35:
                    38:59:8e:48:c6:8d:0e:7a:b3:d2:a4:4e:55:1b:32:
                    c2:0a:8b:26:2d:3f:f3:5a:ae:7c:0a:9a:56:73:98:
                    fc:c2:d3:ab:70:c2:7d:ca:ea:3d:b1:b1:97:d8:a5:
                    30:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:57:88:16:8E:88:3B:B7:82:F7:33:DA:30:E9:F7:E5:E3:6A:68:64
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:33:8b:47:0f:a1:20:82:33:e7:c8:e7:a3:90:47:c4:85:96:
         39:25:05:38:80:96:c2:2f:6c:9c:f6:f3:95:24:b5:14:58:0e:
         d2:8f:4e:e2:56:6b:4d:58:bb:74:fa:c9:9e:c7:fe:e1:af:6f:
         48:20:0f:4b:53:29:b5:0d:16:df:03:05:dc:4d:fa:d7:e1:2a:
         c6:51:e4:19:9b:be:f3:17:7a:23:ca:54:d2:14:c2:85:5b:09:
         e6:26:a7:32:89:05:8c:ab:71:bf:3c:46:2f:3e:fc:c5:c2:d4:
         d2:8e:b0:ec:b9:43:a4:e2:20:65:4d:e1:e3:20:ca:20:66:2c:
         91:4f:d6:18:8d:4b:b4:63:b9:16:05:ba:82:76:02:3e:05:32:
         31:88:be:6f:44:92:99:53:fb:bc:d6:c0:80:ac:ee:14:53:9d:
         1b:eb:4a:66:63:02:3c:77:dc:91:df:c5:88:ea:c7:c6:4c:90:
         50:30:68:bb:d7:6e:a7:0c:76:7a:30:37:7d:44:a4:7b:7e:bb:
         d7:91:38:1e:f6:55:37:82:fa:a0:00:27:cb:18:f4:dc:11:b9:
         72:cc:c0:f2:63:81:f9:68:a3:c1:37:f7:93:8a:8b:29:dc:5d:
         0d:b9:dc:4c:5b:84:cd:9e:ab:1d:cd:2b:35:38:33:3d:b4:33:
         82:c2:d7:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh5ccF2F7rtS1gptZMVqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjYwNDE3MTMwMDQ3WhcNMjYwNDE4MTMwMDQ3WjAzMTEwLwYDVQQD
EygzZTU3ODgxNjhlODgzYmI3ODJmNzMzZGEzMGU5ZjdlNWUzNmE2ODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd0dhe5cD62pC96Ix2kVJa8NUAGV
S6BdH3mHnHGW7BWrxO4cwx0EYM6Vd/LHVvFf3r5rglkbFxkU6PCF4VikfnKZ8MVG
z94j13iEJc0vuLwNawWjpiD+3UGPx9VPn/VwtOUy/kztoD4j2LV3kJx/FP7MS59t
zjXwBA+BRM+6TdRY0FTZdD9yQV6qZqbx1TiXhMW4uNrvGLQSwbyw0ZblXSzuG0jH
CxtSJBckjexxFDB/qDOTEDUWSu9nrK+pR9jnnCpTDAZV2ku94/pf1Z+GrjU4WY5I
xo0OerPSpE5VGzLCCosmLT/zWq58CppWc5j8wtOrcMJ9yuo9sbGX2KUwOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5XiBaOiDu3gvcz2jDp9+XjamhkMB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKzOLRw+h
IIIz58jno5BHxIWWOSUFOICWwi9snPbzlSS1FFgO0o9O4lZrTVi7dPrJnsf+4a9v
SCAPS1MptQ0W3wMF3E361+EqxlHkGZu+8xd6I8pU0hTChVsJ5ianMokFjKtxvzxG
Lz78xcLU0o6w7LlDpOIgZU3h4yDKIGYskU/WGI1LtGO5FgW6gnYCPgUyMYi+b0SS
mVP7vNbAgKzuFFOdG+tKZmMCPHfckd/FiOrHxkyQUDBou9dupwx2ejA3fUSke367
15E4HvZVN4L6oAAnyxj03BG5cszA8mOB+WijwTf3k4qLKdxdDbncTFuEzZ6rHc0r
NTgzPbQzgsLXDA==
-----END CERTIFICATE-----