Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          +zj+lJWmdeyaAEcdq0TnjEJt9XDegtAwbwN4WjLgI1s=
Subject key identifier:   85:B5:48:9E:69:71:7F:46:22:5C:4A:3F:D4:57:CB:AE:A8:3D:6B:10
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       0198D73AF13E82F4C8A8EDE50D7FFBCFFE68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          117B
Signing time:             Sat 23 Aug 2025 14:00:20 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:20 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:20 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: /8D0QSP0lLwjzjAYL2igt21qBOqWCcVliAoFqoRRhMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3a:f1:3e:82:f4:c8:a8:ed:e5:0d:7f:fb:cf:fe:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: Aug 23 14:00:20 2025 GMT
            Not After : Aug 24 14:00:20 2025 GMT
        Subject: CN=85b5489e69717f46225c4a3fd457cbaea83d6b10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:dd:b1:67:56:23:37:02:6e:e9:88:35:f0:92:
                    b0:11:b0:5b:a7:4a:e5:de:cc:fc:e5:51:47:5a:f5:
                    01:a3:46:57:b4:e4:ba:e1:da:9d:2c:97:c9:94:a5:
                    fe:a1:28:b7:86:55:b8:f9:14:04:8a:9a:e4:6d:2c:
                    6c:e4:ae:ba:b8:69:2d:0a:17:56:e0:d7:17:13:b1:
                    ae:bd:49:14:91:13:5a:cf:76:32:2f:a9:e5:68:8e:
                    d9:6c:28:3d:72:58:51:af:88:ba:a2:68:b8:5a:a3:
                    1a:12:99:e8:de:66:c3:3e:71:62:b7:5f:e1:1f:1f:
                    d8:4f:f9:c1:f0:f7:2e:54:31:b4:35:8a:8d:88:3b:
                    ff:7a:5a:95:95:25:8b:4f:12:14:a7:1b:70:28:1a:
                    aa:b3:35:5f:7e:cb:f9:80:23:84:76:db:12:5a:76:
                    1f:27:31:4d:ab:37:04:f3:d2:93:dd:c2:87:65:e5:
                    57:2c:80:20:59:5f:46:6e:2e:58:61:3c:a8:2a:39:
                    c0:74:ee:fb:bf:6f:e4:7b:9c:d8:0e:5d:db:29:44:
                    70:ec:23:66:3a:68:d6:f9:b3:f7:4a:e6:20:48:9d:
                    fa:e0:4f:dd:db:99:fc:e6:bc:d0:43:e9:78:28:33:
                    09:cf:29:00:cb:c9:10:8b:77:ff:23:9d:f5:c8:f4:
                    b5:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:B5:48:9E:69:71:7F:46:22:5C:4A:3F:D4:57:CB:AE:A8:3D:6B:10
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:58:82:36:46:b2:e4:88:80:b4:5d:35:98:c9:1b:d5:3b:b7:
         4c:cc:43:2b:ea:53:a1:20:78:f4:16:dd:6d:38:35:4d:c8:f9:
         36:6f:68:9b:ae:ef:24:49:ca:f0:c8:81:dc:15:57:be:3e:ca:
         5f:9f:ae:21:30:88:a2:1e:dd:ea:6e:de:41:37:ee:dc:12:bf:
         80:50:74:b0:95:cf:3c:e8:40:5a:ca:b1:68:c3:e3:e4:d5:22:
         ad:4e:48:cf:87:3c:d2:4b:ce:37:3f:4a:ee:fd:e5:6f:b1:df:
         f3:2c:b2:b3:0d:28:23:95:ae:19:70:a9:84:92:0b:26:5b:0c:
         06:88:20:a5:79:7c:53:fb:ae:30:b0:d1:ab:64:73:bb:d0:cb:
         c4:6a:75:1b:92:33:18:89:31:8d:2b:66:cb:f3:cc:a8:bc:4e:
         ab:da:fd:b3:03:ae:fe:cd:f7:c2:cc:76:5f:8a:b9:39:f6:ad:
         94:67:3c:96:5a:5b:a0:5c:3a:60:dd:16:c3:b0:64:28:95:08:
         c6:42:83:8f:ac:19:99:1a:05:41:da:b1:de:b3:14:6c:35:f1:
         9c:08:f8:33:77:13:4c:91:1f:0f:7d:1a:8f:0e:ab:e9:90:55:
         04:e0:d7:51:5f:64:3b:8a:8c:7c:4d:8b:08:8e:b5:2c:9d:88:
         57:84:b3:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOvE+gvTIqO3lDX/7z/5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjUwODIzMTQwMDIwWhcNMjUwODI0MTQwMDIwWjAzMTEwLwYDVQQD
Eyg4NWI1NDg5ZTY5NzE3ZjQ2MjI1YzRhM2ZkNDU3Y2JhZWE4M2Q2YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t2xZ1YjNwJu6Yg18JKwEbBbp0rl
3sz85VFHWvUBo0ZXtOS64dqdLJfJlKX+oSi3hlW4+RQEiprkbSxs5K66uGktChdW
4NcXE7GuvUkUkRNaz3YyL6nlaI7ZbCg9clhRr4i6omi4WqMaEpno3mbDPnFit1/h
Hx/YT/nB8PcuVDG0NYqNiDv/elqVlSWLTxIUpxtwKBqqszVffsv5gCOEdtsSWnYf
JzFNqzcE89KT3cKHZeVXLIAgWV9Gbi5YYTyoKjnAdO77v2/ke5zYDl3bKURw7CNm
OmjW+bP3SuYgSJ364E/d25n85rzQQ+l4KDMJzykAy8kQi3f/I531yPS1KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIW1SJ5pcX9GIlxKP9RXy66oPWsQMB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMliCNkay
5IiAtF01mMkb1Tu3TMxDK+pToSB49BbdbTg1Tcj5Nm9om67vJEnK8MiB3BVXvj7K
X5+uITCIoh7d6m7eQTfu3BK/gFB0sJXPPOhAWsqxaMPj5NUirU5Iz4c80kvONz9K
7v3lb7Hf8yyysw0oI5WuGXCphJILJlsMBoggpXl8U/uuMLDRq2Rzu9DLxGp1G5Iz
GIkxjStmy/PMqLxOq9r9swOu/s33wsx2X4q5OfatlGc8llpboFw6YN0Ww7BkKJUI
xkKDj6wZmRoFQdqx3rMUbDXxnAj4M3cTTJEfD30ajw6r6ZBVBODXUV9kO4qMfE2L
CI61LJ2IV4SzNA==
-----END CERTIFICATE-----