Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          akTEbgQ/klVI+CL8rAOmrG2b1bNEjzcEuhXgtii/AsM=
Subject key identifier:   6D:39:C6:F9:BE:85:B2:64:69:88:2E:FD:6B:AE:73:86:E1:99:EE:90
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       01988CFCE06DA986272204C4E708DCD987E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0E22
Signing time:             Sat 09 Aug 2025 04:00:39 +0000
Manifest this update:     Sat 09 Aug 2025 04:00:39 +0000
Manifest next update:     Sun 10 Aug 2025 04:00:39 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: ZhfFVFgqRZsYiLgP1kd1bf3gJHitDZ2Dl0D+RTFNVok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 04:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:fc:e0:6d:a9:86:27:22:04:c4:e7:08:dc:d9:87:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Aug  9 04:00:39 2025 GMT
            Not After : Aug 10 04:00:39 2025 GMT
        Subject: CN=6d39c6f9be85b26469882efd6bae7386e199ee90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:3e:15:01:1c:f7:15:a4:cc:a0:eb:58:93:10:
                    ed:82:48:fb:d7:d1:c1:e8:24:c9:f7:42:1d:1c:0a:
                    5b:e0:22:81:a3:9a:dc:a7:34:83:d0:55:b5:9a:2f:
                    e3:6e:a5:2f:95:68:27:a5:13:2e:bd:7b:50:1e:12:
                    f5:1b:e7:27:bc:18:d1:04:63:65:8e:76:9d:91:60:
                    8c:75:c4:f2:42:7e:75:39:1d:a8:f8:e0:f5:2f:30:
                    ba:60:c2:cc:cb:6c:3c:fb:88:52:db:81:3b:4e:c5:
                    17:1d:9c:75:05:87:c2:29:54:dc:d0:aa:aa:66:0d:
                    56:38:77:2c:b0:9a:b5:d1:bd:99:95:3b:48:b5:0e:
                    da:92:52:dc:bf:99:dd:20:5b:f1:14:50:9f:3f:dc:
                    bf:e4:b9:0b:06:1f:5a:08:04:63:88:8a:d4:96:56:
                    76:b8:04:be:45:dd:34:6c:00:05:4e:65:ea:82:75:
                    96:c2:7e:6b:a0:f4:a5:bd:eb:44:07:af:7a:79:15:
                    59:b3:21:f5:dc:02:e9:15:c7:3b:dc:68:7e:92:57:
                    56:aa:31:76:88:0d:b6:56:ae:22:4e:fb:aa:73:50:
                    6d:08:bc:1d:5f:fd:76:58:38:1f:40:ab:d6:28:df:
                    f1:b3:fc:1f:28:e7:e6:23:b8:e2:5a:b0:ee:6c:97:
                    63:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:39:C6:F9:BE:85:B2:64:69:88:2E:FD:6B:AE:73:86:E1:99:EE:90
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:01:a2:9a:83:40:ba:b2:42:d8:4c:7a:23:2e:a9:71:44:99:
         43:af:83:9c:76:7b:e9:e7:5f:c9:37:91:59:b9:51:78:57:39:
         45:e4:a2:77:e4:05:99:f5:3c:d8:b2:45:22:78:c5:73:17:19:
         a7:a3:a2:8b:23:57:77:cd:a4:60:db:ae:f0:17:8c:c9:ac:35:
         ae:94:84:05:45:ba:32:cc:db:f2:00:28:ee:56:88:df:3b:5f:
         3e:f1:4a:59:26:6d:a3:56:f5:d8:b7:bc:9f:0f:f9:36:22:f3:
         b1:58:2a:87:b5:de:c4:ba:b7:7c:55:8d:b9:14:ae:95:b5:6e:
         a3:04:dc:8c:68:7b:b8:06:8e:75:bc:a5:68:87:76:4c:2e:97:
         93:ca:08:3e:31:e2:4f:34:00:94:ed:2c:e1:06:48:47:7b:e1:
         68:2d:52:aa:bf:30:bd:a3:0b:b8:8a:58:f8:7b:e3:f6:e2:ce:
         da:b6:2f:05:84:9f:17:8d:14:32:65:72:4e:ce:c0:78:40:47:
         9f:d6:be:ea:83:e3:23:86:fc:77:b9:ef:ed:7b:2c:e3:40:0c:
         68:a9:77:85:4b:d1:f1:76:a5:c1:38:90:17:04:f7:a1:5d:b5:
         96:5a:95:ed:97:ce:76:72:a6:f6:61:a0:66:bf:c0:46:17:0c:
         fb:37:ff:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiM/OBtqYYnIgTE5wjc2YflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUwODA5MDQwMDM5WhcNMjUwODEwMDQwMDM5WjAzMTEwLwYDVQQD
Eyg2ZDM5YzZmOWJlODViMjY0Njk4ODJlZmQ2YmFlNzM4NmUxOTllZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8D4VARz3FaTMoOtYkxDtgkj719HB
6CTJ90IdHApb4CKBo5rcpzSD0FW1mi/jbqUvlWgnpRMuvXtQHhL1G+cnvBjRBGNl
jnadkWCMdcTyQn51OR2o+OD1LzC6YMLMy2w8+4hS24E7TsUXHZx1BYfCKVTc0Kqq
Zg1WOHcssJq10b2ZlTtItQ7aklLcv5ndIFvxFFCfP9y/5LkLBh9aCARjiIrUllZ2
uAS+Rd00bAAFTmXqgnWWwn5roPSlvetEB696eRVZsyH13ALpFcc73Gh+kldWqjF2
iA22Vq4iTvuqc1BtCLwdX/12WDgfQKvWKN/xs/wfKOfmI7jiWrDubJdjfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG05xvm+hbJkaYgu/Wuuc4bhme6QMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIAGimoNA
urJC2Ex6Iy6pcUSZQ6+DnHZ76edfyTeRWblReFc5ReSid+QFmfU82LJFInjFcxcZ
p6OiiyNXd82kYNuu8BeMyaw1rpSEBUW6Mszb8gAo7laI3ztfPvFKWSZto1b12Le8
nw/5NiLzsVgqh7XexLq3fFWNuRSulbVuowTcjGh7uAaOdbylaId2TC6Xk8oIPjHi
TzQAlO0s4QZIR3vhaC1Sqr8wvaMLuIpY+Hvj9uLO2rYvBYSfF40UMmVyTs7AeEBH
n9a+6oPjI4b8d7nv7Xss40AMaKl3hUvR8XalwTiQFwT3oV21llqV7ZfOdnKm9mGg
Zr/ARhcM+zf/3w==
-----END CERTIFICATE-----