Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          w22e++Z9iEdxrwxqQ7KQVIcvDvE8dO3Ch3o+Bc8lYrI=
Subject key identifier:   63:19:FE:7F:C4:D0:C3:45:45:C6:C3:F9:29:5C:B2:BD:A6:87:09:46
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       019D98F49A6D567F736FDF0B7E84B122526A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          10BF
Signing time:             Fri 17 Apr 2026 01:01:00 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:00 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:00 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: MCVsM+L/GvD/DbKWDSSFI3Rf3ScZZr52SrCKcT7Upp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:9a:6d:56:7f:73:6f:df:0b:7e:84:b1:22:52:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Apr 17 01:01:00 2026 GMT
            Not After : Apr 18 01:01:00 2026 GMT
        Subject: CN=6319fe7fc4d0c34545c6c3f9295cb2bda6870946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ec:36:be:d6:c3:49:60:e5:f3:fb:b4:d4:4d:
                    8d:73:7c:52:15:9b:0c:c6:b0:4c:1d:5a:12:54:84:
                    20:5a:b3:1a:d4:b9:25:76:20:b9:16:76:ae:a4:f9:
                    61:36:f5:91:60:9d:ba:90:99:9a:0f:24:76:cf:27:
                    b3:b7:fe:db:9e:d0:c7:89:34:e1:c0:11:41:ac:c5:
                    68:a1:3e:53:57:5d:14:7c:3b:e2:b3:26:f3:86:e4:
                    fc:8a:c6:2c:02:cf:d4:b4:34:41:0f:d3:96:05:f8:
                    ed:9b:1e:4b:2c:12:6f:31:c5:da:c5:74:7b:ff:65:
                    3c:fb:bb:be:bb:99:bc:e2:c5:65:65:64:94:8f:f5:
                    bf:fe:3f:1d:d9:69:3e:e1:be:0d:a3:4f:94:90:95:
                    6c:fa:0c:15:b9:41:cd:73:e9:b1:00:5a:87:f7:f7:
                    02:81:e8:81:31:72:d8:8c:67:74:8e:ac:a4:3c:0c:
                    23:25:da:af:60:88:9a:ef:13:1c:e1:37:31:3b:90:
                    b0:85:29:dc:92:3d:77:fb:0d:ec:71:c2:dc:de:e1:
                    25:15:8d:06:0d:49:17:e1:7c:4d:22:f4:6e:73:20:
                    e9:da:0c:60:13:c8:a0:06:4c:5a:ea:80:05:b3:48:
                    02:16:16:cb:3c:c3:5d:97:81:48:83:e5:34:77:49:
                    58:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:19:FE:7F:C4:D0:C3:45:45:C6:C3:F9:29:5C:B2:BD:A6:87:09:46
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:68:83:6e:eb:aa:9e:5e:90:2f:ea:db:a0:96:74:26:be:be:
         9d:b6:a1:be:e5:73:bd:10:76:99:65:68:51:6e:a8:29:f2:4d:
         97:cc:5c:99:0d:e2:db:6a:59:81:b7:b4:d2:0a:bf:88:13:7d:
         5b:71:e5:83:86:14:a1:bd:eb:b9:be:ee:58:78:b5:ee:c9:fd:
         38:35:f6:0f:fa:78:b9:85:49:d8:8e:c1:c7:cd:3f:4a:74:20:
         ef:3c:0e:3a:98:36:80:4d:33:3b:d6:5a:5b:44:1f:ad:37:39:
         3b:32:56:b0:97:8b:e3:ef:b1:3b:2d:ba:62:ac:e8:75:f3:d3:
         71:b0:3e:16:46:43:3e:a7:4c:9c:0a:8f:95:79:33:97:98:10:
         da:03:5c:a2:cf:72:34:37:87:14:29:40:49:60:d8:8e:f8:b4:
         91:70:7e:2c:63:44:27:13:b3:e0:50:58:f7:10:62:e7:64:59:
         22:bd:0c:9d:2e:d0:a7:9e:c9:b2:7d:2e:f7:c3:38:19:25:69:
         22:2a:34:65:2b:47:62:94:61:94:bf:f2:d7:d6:ac:7e:c1:1e:
         ed:e7:cf:94:be:a3:78:16:af:b5:16:20:8a:da:7f:8c:43:5e:
         74:84:ac:ef:0a:6f:3d:e1:b3:b1:a8:45:1f:a6:1e:8d:e7:93:
         c6:9e:05:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9JptVn9zb98LfoSxIlJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjYwNDE3MDEwMTAwWhcNMjYwNDE4MDEwMTAwWjAzMTEwLwYDVQQD
Eyg2MzE5ZmU3ZmM0ZDBjMzQ1NDVjNmMzZjkyOTVjYjJiZGE2ODcwOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+w2vtbDSWDl8/u01E2Nc3xSFZsM
xrBMHVoSVIQgWrMa1LkldiC5FnaupPlhNvWRYJ26kJmaDyR2zyezt/7bntDHiTTh
wBFBrMVooT5TV10UfDvisybzhuT8isYsAs/UtDRBD9OWBfjtmx5LLBJvMcXaxXR7
/2U8+7u+u5m84sVlZWSUj/W//j8d2Wk+4b4No0+UkJVs+gwVuUHNc+mxAFqH9/cC
geiBMXLYjGd0jqykPAwjJdqvYIia7xMc4TcxO5CwhSnckj13+w3sccLc3uElFY0G
DUkX4XxNIvRucyDp2gxgE8igBkxa6oAFs0gCFhbLPMNdl4FIg+U0d0lYCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMZ/n/E0MNFRcbD+Slcsr2mhwlGMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc2iDbuuq
nl6QL+rboJZ0Jr6+nbahvuVzvRB2mWVoUW6oKfJNl8xcmQ3i22pZgbe00gq/iBN9
W3Hlg4YUob3rub7uWHi17sn9ODX2D/p4uYVJ2I7Bx80/SnQg7zwOOpg2gE0zO9Za
W0QfrTc5OzJWsJeL4++xOy26YqzodfPTcbA+FkZDPqdMnAqPlXkzl5gQ2gNcos9y
NDeHFClASWDYjvi0kXB+LGNEJxOz4FBY9xBi52RZIr0MnS7Qp57Jsn0u98M4GSVp
Iio0ZStHYpRhlL/y19asfsEe7efPlL6jeBavtRYgitp/jENedISs7wpvPeGzsahF
H6YejeeTxp4FRQ==
-----END CERTIFICATE-----