Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          Hbjjz5XKzuWVqT5Oijn5oaUxaUHZWju6K59xxTuZ/9Y=
Subject key identifier:   FC:FD:48:6D:EA:61:A8:70:53:39:27:A3:5C:E3:09:95:0C:E6:C2:1D
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       019A4EF53C615D796F865BBB0A3E59DF283F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0F0B
Signing time:             Tue 04 Nov 2025 13:01:25 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:25 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:25 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: 170oEuEiQCOlt0hb+QMS35nwfMTIr0R7EQJ74FHwkBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:3c:61:5d:79:6f:86:5b:bb:0a:3e:59:df:28:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Nov  4 13:01:25 2025 GMT
            Not After : Nov  5 13:01:25 2025 GMT
        Subject: CN=fcfd486dea61a870533927a35ce309950ce6c21d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:59:21:f2:71:14:d9:6a:54:c9:74:70:a5:b5:
                    de:3e:88:49:01:b7:1c:9f:f6:e5:73:63:cc:4e:d4:
                    10:fd:09:98:ba:d2:00:45:56:48:05:0c:1b:00:61:
                    80:9b:98:42:3c:c8:67:25:70:32:11:97:dd:c8:e7:
                    21:18:35:71:2e:d6:89:b1:27:4e:33:56:c3:06:97:
                    da:8c:0a:f9:f3:6b:f9:1b:8a:c4:92:8f:bd:1a:22:
                    18:e0:49:e5:e1:93:98:a8:14:5d:9b:17:64:3a:de:
                    b2:4a:e5:91:11:e3:32:bf:f1:3e:4e:1b:c4:72:74:
                    7e:17:2f:f7:40:87:ca:5b:86:87:53:75:c8:65:eb:
                    ca:f4:8b:46:f3:e1:ea:b6:27:ac:6b:ea:70:a0:23:
                    d8:44:b8:74:90:5e:be:f8:55:ea:1c:77:d6:dc:63:
                    ae:a9:a5:4a:c6:29:05:b6:82:3a:b5:70:e1:c0:51:
                    76:6f:16:8b:fc:57:49:fb:c4:ee:70:97:17:ad:22:
                    d9:8b:39:2f:b0:c4:a8:d8:38:74:88:11:4e:4b:32:
                    b2:9b:8c:1c:76:c0:f6:24:64:bd:30:56:6c:95:a2:
                    16:e4:6b:c9:07:bc:d0:e6:eb:70:23:11:9d:40:69:
                    93:db:bf:1b:cc:b7:7e:88:57:c6:7b:69:fd:a4:94:
                    9c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:FD:48:6D:EA:61:A8:70:53:39:27:A3:5C:E3:09:95:0C:E6:C2:1D
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:83:14:ef:77:81:6d:23:13:c7:f3:86:d4:b4:f5:b2:d5:08:
         cf:06:b9:f7:c3:c0:a4:33:ce:42:aa:58:44:33:7a:d3:5a:3a:
         8d:ee:a5:73:67:54:36:f0:da:d9:24:e0:6c:0d:14:ae:64:30:
         2f:9c:75:52:b4:1c:84:8f:9a:1c:9d:4a:6a:da:18:37:8d:66:
         03:52:86:d9:ec:29:80:58:b2:73:b9:b9:95:d1:86:85:17:50:
         1a:6a:43:8d:8e:ec:75:8f:96:c5:09:41:eb:12:ee:dc:db:2f:
         f3:c4:7b:e6:ca:7b:2d:80:2d:64:fd:b0:87:73:99:b6:b6:e9:
         19:2b:73:bb:9a:be:aa:d5:a6:1f:f6:57:14:5d:29:b4:39:ed:
         cc:39:22:65:97:68:ff:ee:a9:81:4e:07:ad:fb:5c:fc:70:cf:
         a9:ab:58:da:12:8b:e0:e7:ec:9c:76:de:62:6d:b8:cc:c6:73:
         32:43:07:6d:dc:a9:8a:f3:96:9e:ef:5a:03:64:73:26:f5:68:
         ad:73:91:04:c8:5b:31:68:71:d0:9e:bd:3b:81:06:b1:10:d8:
         93:33:1e:de:6f:8a:83:e3:f9:39:37:3f:8b:f6:aa:a8:96:86:
         2f:fc:03:8f:44:b6:fe:00:95:c0:4f:93:82:1e:1b:bf:a9:1e:
         40:fa:e0:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9TxhXXlvhlu7Cj5Z3yg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUxMTA0MTMwMTI1WhcNMjUxMTA1MTMwMTI1WjAzMTEwLwYDVQQD
EyhmY2ZkNDg2ZGVhNjFhODcwNTMzOTI3YTM1Y2UzMDk5NTBjZTZjMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1kh8nEU2WpUyXRwpbXePohJAbcc
n/blc2PMTtQQ/QmYutIARVZIBQwbAGGAm5hCPMhnJXAyEZfdyOchGDVxLtaJsSdO
M1bDBpfajAr582v5G4rEko+9GiIY4Enl4ZOYqBRdmxdkOt6ySuWREeMyv/E+ThvE
cnR+Fy/3QIfKW4aHU3XIZevK9ItG8+Hqtiesa+pwoCPYRLh0kF6++FXqHHfW3GOu
qaVKxikFtoI6tXDhwFF2bxaL/FdJ+8TucJcXrSLZizkvsMSo2Dh0iBFOSzKym4wc
dsD2JGS9MFZslaIW5GvJB7zQ5utwIxGdQGmT278bzLd+iFfGe2n9pJScmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPz9SG3qYahwUzkno1zjCZUM5sIdMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkoMU73eB
bSMTx/OG1LT1stUIzwa598PApDPOQqpYRDN601o6je6lc2dUNvDa2STgbA0UrmQw
L5x1UrQchI+aHJ1KatoYN41mA1KG2ewpgFiyc7m5ldGGhRdQGmpDjY7sdY+WxQlB
6xLu3Nsv88R75sp7LYAtZP2wh3OZtrbpGStzu5q+qtWmH/ZXFF0ptDntzDkiZZdo
/+6pgU4Hrftc/HDPqatY2hKL4OfsnHbeYm24zMZzMkMHbdypivOWnu9aA2RzJvVo
rXORBMhbMWhx0J69O4EGsRDYkzMe3m+Kg+P5OTc/i/aqqJaGL/wDj0S2/gCVwE+T
gh4bv6keQPrg0A==
-----END CERTIFICATE-----