Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          kqANaEcROGX6ZeKJUb9Nj/OLf5Cl6s4rpkyr3c+voXY=
Subject key identifier:   4F:BD:85:59:32:40:11:87:03:79:98:29:4F:C1:F7:06:CC:BF:47:C9
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       019CAB6B0EF0B1780B93A1A5EC71ED4F5B9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          1044
Signing time:             Sun 01 Mar 2026 22:00:45 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:45 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:45 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: QAE5jO8XtuGZBI8ucuYWWdnfciYtjSOqMHnDu/nG/7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:0e:f0:b1:78:0b:93:a1:a5:ec:71:ed:4f:5b:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Mar  1 22:00:45 2026 GMT
            Not After : Mar  2 22:00:45 2026 GMT
        Subject: CN=4fbd855932401187037998294fc1f706ccbf47c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cb:00:9e:ba:f8:87:9d:af:ef:08:33:28:43:
                    d9:8d:89:59:8b:89:31:a3:53:ab:8b:5c:04:4f:54:
                    bc:34:51:7c:a2:ce:7c:b2:2f:2d:e0:2d:0c:18:70:
                    12:ec:22:71:7e:33:4f:26:c9:27:7e:20:fc:3e:b2:
                    80:f2:69:1c:21:bd:90:25:64:fc:29:f5:ea:84:a6:
                    8f:88:00:68:84:2d:e3:e4:c9:d6:8e:64:1b:bf:f6:
                    15:5b:ac:8f:78:c1:a1:52:90:cb:00:52:2a:44:3f:
                    26:e0:39:49:59:67:3b:78:66:30:fe:2c:68:ef:ab:
                    99:67:72:94:91:90:83:ef:97:c6:5f:a2:25:60:7d:
                    de:36:f5:1c:e2:3f:e2:e3:0d:3a:ac:ea:27:9a:83:
                    3c:8a:4a:59:b6:6e:c3:44:a9:49:e4:4d:77:72:c5:
                    04:cf:24:53:bf:a2:1c:5b:1e:fc:6a:3b:dc:d0:37:
                    7b:ff:76:4a:71:67:cb:e9:0c:e2:73:95:6c:ee:13:
                    3c:3c:9d:b5:2e:0a:8e:96:02:06:3d:69:2e:ff:13:
                    d9:7e:f1:62:a1:f6:98:16:c3:94:9e:77:75:9a:fa:
                    1b:36:0f:31:e2:d0:19:58:19:79:80:47:ab:09:d2:
                    be:61:60:7a:5f:8d:5f:36:ad:5e:c5:35:88:71:88:
                    59:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:BD:85:59:32:40:11:87:03:79:98:29:4F:C1:F7:06:CC:BF:47:C9
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:de:ab:82:c7:be:61:b8:cf:b1:73:38:bd:60:0c:07:bf:bc:
         2c:e9:fc:de:27:ad:d4:65:7b:9e:f2:83:2c:5c:a1:f1:38:a8:
         4e:f8:5f:e3:9c:75:62:69:25:8f:b4:c5:e3:d8:e4:d6:28:ff:
         c9:39:50:08:0d:c0:b2:a4:c3:99:87:98:16:5f:de:04:9a:59:
         e7:08:07:3e:6d:94:f4:33:43:ac:d7:20:4a:90:09:5f:06:dc:
         0f:0d:72:e7:a8:05:37:77:33:5d:4d:79:7e:8a:d6:0f:25:5d:
         fb:48:56:84:2e:32:78:72:ff:73:78:d2:e1:e4:cc:47:17:84:
         96:74:c9:99:7a:a5:b9:86:8e:d8:04:e7:38:89:79:8d:59:e1:
         64:99:28:1a:99:b8:3b:b2:36:4b:d3:f2:bb:76:f1:fa:e0:4d:
         0b:32:93:b8:3a:b1:13:b8:74:2e:68:bd:b7:ac:5a:da:36:0a:
         78:34:ee:c8:66:aa:68:13:d3:ab:d8:20:c1:b2:64:b7:cf:33:
         06:47:57:2a:db:9c:b8:3b:d7:03:71:b1:22:68:88:e4:56:cf:
         09:2b:11:38:94:54:f2:5c:3b:44:66:8c:a1:74:a4:f3:7d:3c:
         89:b7:98:a5:46:92:a2:44:aa:07:45:98:7b:19:94:61:b7:75:
         a6:86:53:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraw7wsXgLk6Gl7HHtT1ubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjYwMzAxMjIwMDQ1WhcNMjYwMzAyMjIwMDQ1WjAzMTEwLwYDVQQD
Eyg0ZmJkODU1OTMyNDAxMTg3MDM3OTk4Mjk0ZmMxZjcwNmNjYmY0N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwssAnrr4h52v7wgzKEPZjYlZi4kx
o1Ori1wET1S8NFF8os58si8t4C0MGHAS7CJxfjNPJsknfiD8PrKA8mkcIb2QJWT8
KfXqhKaPiABohC3j5MnWjmQbv/YVW6yPeMGhUpDLAFIqRD8m4DlJWWc7eGYw/ixo
76uZZ3KUkZCD75fGX6IlYH3eNvUc4j/i4w06rOonmoM8ikpZtm7DRKlJ5E13csUE
zyRTv6IcWx78ajvc0Dd7/3ZKcWfL6Qzic5Vs7hM8PJ21LgqOlgIGPWku/xPZfvFi
ofaYFsOUnnd1mvobNg8x4tAZWBl5gEerCdK+YWB6X41fNq1exTWIcYhZjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+9hVkyQBGHA3mYKU/B9wbMv0fJMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKN6rgse+
YbjPsXM4vWAMB7+8LOn83iet1GV7nvKDLFyh8TioTvhf45x1Ymklj7TF49jk1ij/
yTlQCA3AsqTDmYeYFl/eBJpZ5wgHPm2U9DNDrNcgSpAJXwbcDw1y56gFN3czXU15
forWDyVd+0hWhC4yeHL/c3jS4eTMRxeElnTJmXqluYaO2ATnOIl5jVnhZJkoGpm4
O7I2S9Pyu3bx+uBNCzKTuDqxE7h0Lmi9t6xa2jYKeDTuyGaqaBPTq9ggwbJkt88z
BkdXKtucuDvXA3GxImiI5FbPCSsROJRU8lw7RGaMoXSk8308ibeYpUaSokSqB0WY
exmUYbd1poZTCA==
-----END CERTIFICATE-----