Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          v1c2X2XFSAlubkq6CLw9Uoe/aWYW7ady+OiBVvbFmr0=
Subject key identifier:   4F:A1:AD:45:40:F9:B3:BB:A1:53:6F:97:25:18:FE:BA:13:24:DD:1E
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       0197711A80595B15FC0FCC52112F934AAE0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0D8F
Signing time:             Sun 15 Jun 2025 01:00:51 +0000
Manifest this update:     Sun 15 Jun 2025 01:00:51 +0000
Manifest next update:     Mon 16 Jun 2025 01:00:51 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: 30Zcp3lLsNUOPFXQUJJG9C4/EoeOlmyxFJEF/wZLY68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:80:59:5b:15:fc:0f:cc:52:11:2f:93:4a:ae:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Jun 15 01:00:51 2025 GMT
            Not After : Jun 16 01:00:51 2025 GMT
        Subject: CN=4fa1ad4540f9b3bba1536f972518feba1324dd1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ae:14:36:91:8b:95:fe:09:0c:d2:a8:cc:cf:
                    f3:ab:e4:44:3d:54:f5:66:b3:f3:7e:cb:e4:de:43:
                    34:96:02:bc:83:d3:f9:1b:4d:88:d7:90:01:68:0a:
                    e2:12:73:b3:2a:1f:b9:fc:01:69:e6:ed:fe:92:72:
                    cc:c3:78:a8:cd:7e:08:64:8b:c2:b1:90:70:c0:04:
                    0b:c0:83:0e:cd:05:ab:03:fd:9f:85:bc:23:83:da:
                    31:cc:1e:e6:1a:98:88:fc:7e:58:40:39:8d:3a:75:
                    13:07:b4:8d:4c:a4:f5:d4:6f:19:b7:20:a5:a0:98:
                    22:ce:66:0e:08:ae:c5:d9:ed:78:ee:ba:f8:47:fa:
                    48:e7:ee:4c:09:b9:a2:65:46:3e:02:dc:7b:b8:70:
                    1b:12:4d:25:7b:e0:4f:f1:83:1b:d5:95:b0:40:3a:
                    7f:b6:1c:d6:81:3b:49:9b:eb:02:26:21:23:07:c3:
                    bd:d1:bd:df:b8:5b:60:6b:74:83:9d:c0:f8:95:79:
                    6e:23:e8:38:86:e3:d4:d0:9e:99:75:44:89:bf:97:
                    26:1f:35:8c:f7:73:70:d6:72:16:9b:22:5d:59:ab:
                    de:14:9c:72:70:5d:80:ee:51:16:1f:7e:18:3b:19:
                    7d:91:2c:f9:61:08:8e:c1:bd:66:8a:de:15:e1:67:
                    26:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:A1:AD:45:40:F9:B3:BB:A1:53:6F:97:25:18:FE:BA:13:24:DD:1E
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:94:47:46:9b:99:db:8e:50:2b:69:ef:d4:3c:fc:e1:11:1d:
         dc:89:f5:f5:fc:4c:e4:73:7f:4d:7d:9f:cd:44:df:c9:37:01:
         d9:9c:31:5b:10:02:5d:fa:cd:fa:0e:b2:b6:5c:37:73:90:19:
         f0:31:83:c1:72:95:0f:c2:f2:4f:6f:6f:67:08:30:c3:dd:f4:
         98:d9:84:29:29:7e:85:74:ad:e8:08:54:69:7f:e8:d6:cc:e7:
         18:eb:10:15:3b:07:6e:a9:01:c9:b8:4f:70:4c:6e:2a:ef:db:
         31:9e:58:f6:4e:72:01:7f:81:ab:f4:5e:dc:7f:27:66:b4:0f:
         90:30:c0:f7:e9:1f:78:6d:04:bc:7f:42:5d:d5:3a:6b:a9:9a:
         8d:93:bb:f0:01:73:14:80:80:a3:02:d1:06:8e:12:a5:38:1a:
         a5:f3:78:68:ea:30:13:4a:04:cf:2a:33:8c:b7:e9:54:1d:83:
         25:70:ad:f4:a6:dd:9e:68:a1:33:68:b8:6e:72:2d:dc:2c:88:
         7f:7a:a7:60:04:be:42:eb:03:8f:2e:c9:da:35:70:d2:0f:69:
         b5:65:f0:ef:73:10:97:06:bb:16:cb:f1:8a:33:30:52:72:5a:
         d7:00:c5:48:ef:d2:06:23:b5:5a:45:17:48:97:69:5d:24:d7:
         92:d6:ac:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGoBZWxX8D8xSES+TSq4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUwNjE1MDEwMDUxWhcNMjUwNjE2MDEwMDUxWjAzMTEwLwYDVQQD
Eyg0ZmExYWQ0NTQwZjliM2JiYTE1MzZmOTcyNTE4ZmViYTEzMjRkZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq4UNpGLlf4JDNKozM/zq+REPVT1
ZrPzfsvk3kM0lgK8g9P5G02I15ABaAriEnOzKh+5/AFp5u3+knLMw3iozX4IZIvC
sZBwwAQLwIMOzQWrA/2fhbwjg9oxzB7mGpiI/H5YQDmNOnUTB7SNTKT11G8ZtyCl
oJgizmYOCK7F2e147rr4R/pI5+5MCbmiZUY+Atx7uHAbEk0le+BP8YMb1ZWwQDp/
thzWgTtJm+sCJiEjB8O90b3fuFtga3SDncD4lXluI+g4huPU0J6ZdUSJv5cmHzWM
93Nw1nIWmyJdWaveFJxycF2A7lEWH34YOxl9kSz5YQiOwb1mit4V4WcmqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+hrUVA+bO7oVNvlyUY/roTJN0eMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArpRHRpuZ
245QK2nv1Dz84REd3In19fxM5HN/TX2fzUTfyTcB2ZwxWxACXfrN+g6ytlw3c5AZ
8DGDwXKVD8LyT29vZwgww930mNmEKSl+hXSt6AhUaX/o1sznGOsQFTsHbqkBybhP
cExuKu/bMZ5Y9k5yAX+Bq/Re3H8nZrQPkDDA9+kfeG0EvH9CXdU6a6majZO78AFz
FICAowLRBo4SpTgapfN4aOowE0oEzyozjLfpVB2DJXCt9KbdnmihM2i4bnIt3CyI
f3qnYAS+QusDjy7J2jVw0g9ptWXw73MQlwa7FsvxijMwUnJa1wDFSO/SBiO1WkUX
SJdpXSTXktasgw==
-----END CERTIFICATE-----