Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          PjtDZa7gWy9YTzGp1p8ofWa46GuTyyVVET4Uh6CVNKE=
Subject key identifier:   C3:00:EC:08:CB:65:0B:58:7C:FF:D0:37:18:C6:C4:81:B8:BA:83:48
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       019CADFE9D62AB5F0DD44BAE4906D99072D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          1378
Signing time:             Mon 02 Mar 2026 10:01:10 +0000
Manifest this update:     Mon 02 Mar 2026 10:01:10 +0000
Manifest next update:     Tue 03 Mar 2026 10:01:10 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: HK/CC+bHkrIpTMdreIyoyymw0atpkJprILlsj7RZIyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:9d:62:ab:5f:0d:d4:4b:ae:49:06:d9:90:72:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: Mar  2 10:01:10 2026 GMT
            Not After : Mar  3 10:01:10 2026 GMT
        Subject: CN=c300ec08cb650b587cffd03718c6c481b8ba8348
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:94:85:39:78:32:40:b4:37:55:54:6e:16:1f:
                    ff:50:2f:18:4e:eb:2d:b9:45:48:01:40:1a:4b:a5:
                    aa:c2:19:32:d7:4f:f2:02:02:b5:43:dc:ad:01:e2:
                    c2:6c:3f:2d:94:9a:74:67:5f:38:ca:0c:be:0f:32:
                    3b:e9:c9:85:a6:e4:a6:31:5e:30:a4:02:02:93:5b:
                    26:ca:50:da:bc:c9:61:7a:98:e8:c7:0d:68:17:4c:
                    77:ae:e9:6e:93:4a:c2:3e:7e:f3:13:f0:3f:99:78:
                    48:72:06:96:c3:08:91:9e:7c:b6:ee:62:42:c4:7b:
                    e3:85:80:d9:30:0a:b5:3c:e9:7e:77:8a:ea:5e:36:
                    74:c5:55:e6:92:e2:19:e4:b9:f9:25:bf:b2:92:4a:
                    e3:88:6b:61:fb:0d:6c:ae:1e:28:85:1b:70:79:70:
                    48:ca:55:6f:ad:77:41:9c:30:f3:0a:8f:33:82:85:
                    cb:bb:42:8d:af:36:d6:47:bc:87:38:21:1c:93:34:
                    63:b1:f2:30:46:7c:53:38:c7:b9:73:2f:84:9f:1a:
                    0d:a6:1e:f5:30:68:b4:56:c6:28:4b:60:5e:37:9c:
                    cf:6a:02:e0:92:17:dd:04:ab:c9:2a:01:64:33:5e:
                    c8:2a:19:b5:6e:3f:2b:ca:f8:1f:3e:4f:cf:4f:e4:
                    3a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:00:EC:08:CB:65:0B:58:7C:FF:D0:37:18:C6:C4:81:B8:BA:83:48
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:e8:cc:ac:1c:80:49:99:c3:59:96:5e:b5:ae:d5:39:49:8e:
         b2:34:7b:d6:3d:80:ad:8d:98:fc:c1:91:19:a4:7d:10:1a:1d:
         0d:2f:0f:69:79:62:7a:f5:31:47:88:6a:d1:53:4f:0e:98:06:
         d0:1f:67:b9:2d:90:d3:5b:c6:c0:98:b7:6f:78:92:f6:fe:82:
         7c:14:32:73:d5:93:3d:65:ab:f6:50:aa:97:65:ad:a2:28:87:
         63:c4:47:21:73:11:80:4c:a8:07:fc:27:d4:f0:a5:51:3f:f9:
         fe:9e:cb:d2:aa:d1:81:76:e4:11:b2:4f:fe:17:d4:d3:f3:ed:
         f3:a4:27:7f:c4:dc:07:7b:76:ac:bc:18:c9:13:32:ac:ea:e3:
         35:74:79:3e:77:ca:99:f1:61:c6:7b:99:4b:64:25:9a:30:d6:
         b9:c5:1b:50:13:46:ad:65:3a:35:8f:86:a3:6a:bd:2e:17:f5:
         eb:c9:33:a5:98:63:e9:24:88:a5:cf:7f:30:01:0c:ee:98:85:
         97:10:9b:ae:0a:17:ae:6c:8d:05:29:fb:ad:bc:06:c5:86:41:
         bc:92:0a:98:47:9d:eb:39:3c:ab:6b:10:0e:8e:c5:c3:d3:65:
         9a:31:1d:2e:a4:4b:76:54:49:97:40:25:9a:fe:ef:3e:62:df:
         c9:04:c1:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/p1iq18N1EuuSQbZkHLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjYwMzAyMTAwMTEwWhcNMjYwMzAzMTAwMTEwWjAzMTEwLwYDVQQD
EyhjMzAwZWMwOGNiNjUwYjU4N2NmZmQwMzcxOGM2YzQ4MWI4YmE4MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5SFOXgyQLQ3VVRuFh//UC8YTust
uUVIAUAaS6Wqwhky10/yAgK1Q9ytAeLCbD8tlJp0Z184ygy+DzI76cmFpuSmMV4w
pAICk1smylDavMlhepjoxw1oF0x3ruluk0rCPn7zE/A/mXhIcgaWwwiRnny27mJC
xHvjhYDZMAq1POl+d4rqXjZ0xVXmkuIZ5Ln5Jb+ykkrjiGth+w1srh4ohRtweXBI
ylVvrXdBnDDzCo8zgoXLu0KNrzbWR7yHOCEckzRjsfIwRnxTOMe5cy+EnxoNph71
MGi0VsYoS2BeN5zPagLgkhfdBKvJKgFkM17IKhm1bj8ryvgfPk/PT+Q6hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMA7AjLZQtYfP/QNxjGxIG4uoNIMB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcOjMrByA
SZnDWZZeta7VOUmOsjR71j2ArY2Y/MGRGaR9EBodDS8PaXlievUxR4hq0VNPDpgG
0B9nuS2Q01vGwJi3b3iS9v6CfBQyc9WTPWWr9lCql2WtoiiHY8RHIXMRgEyoB/wn
1PClUT/5/p7L0qrRgXbkEbJP/hfU0/Pt86Qnf8TcB3t2rLwYyRMyrOrjNXR5PnfK
mfFhxnuZS2QlmjDWucUbUBNGrWU6NY+Go2q9Lhf168kzpZhj6SSIpc9/MAEM7piF
lxCbrgoXrmyNBSn7rbwGxYZBvJIKmEed6zk8q2sQDo7Fw9NlmjEdLqRLdlRJl0Al
mv7vPmLfyQTB1g==
-----END CERTIFICATE-----