Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          5yV5bHtcr4WvKvXr7q6i6gZbNMp5DByDKWsqkNV/AaE=
Subject key identifier:   33:1E:F2:6C:37:EA:1E:06:5A:6F:A0:72:DA:11:6B:84:4F:D5:6F:EE
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       0199FE7D7D634FA06FD364D8BC55D52796E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          1214
Signing time:             Sun 19 Oct 2025 22:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:00 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: yaH//ZaA5bpyi1n4RuLBMPm2eoDDBWUxuhz8ZlY90DE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7d:7d:63:4f:a0:6f:d3:64:d8:bc:55:d5:27:96:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: Oct 19 22:01:00 2025 GMT
            Not After : Oct 20 22:01:00 2025 GMT
        Subject: CN=331ef26c37ea1e065a6fa072da116b844fd56fee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:ea:1e:44:18:b5:46:60:f1:ea:74:23:56:c6:
                    13:60:e1:42:36:57:af:70:47:43:03:57:3a:d5:f4:
                    27:df:b5:76:f0:b1:62:30:b9:bb:d2:3d:66:d3:19:
                    56:5f:5a:7f:0c:09:cf:10:e3:b6:be:42:25:17:8d:
                    5b:7b:c6:13:4a:16:20:3b:e5:ec:1e:f3:55:58:fd:
                    fa:09:aa:7f:94:c8:07:7e:30:96:b4:1d:6d:e9:fe:
                    ca:4c:3b:17:96:34:6d:79:59:5e:f7:4c:ca:9b:54:
                    26:1c:19:1e:59:98:13:2a:bf:38:05:a5:a4:4f:03:
                    17:c8:57:0d:3a:31:25:23:f2:e9:f7:bb:85:40:76:
                    95:dc:17:9c:75:ea:1f:f1:fb:e5:ea:ff:b8:44:4e:
                    1e:0c:1b:cd:d2:f0:cd:5d:1b:9b:58:42:75:57:c6:
                    17:b4:59:2e:66:58:76:f7:c6:54:22:9d:4f:d6:63:
                    31:4e:07:ba:8e:88:00:6c:d7:46:b0:83:88:38:57:
                    2b:ac:3f:dc:7a:65:75:8c:03:fb:85:fd:dd:d3:49:
                    3a:de:a8:85:cf:9a:75:32:e1:5f:01:84:f3:94:32:
                    8b:9a:f7:5b:d6:28:2b:60:a2:9b:e4:06:c2:1f:c5:
                    13:02:63:e4:05:03:25:8e:ea:b7:2c:e6:d1:01:1f:
                    86:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:1E:F2:6C:37:EA:1E:06:5A:6F:A0:72:DA:11:6B:84:4F:D5:6F:EE
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:2f:b8:3b:17:a4:95:86:02:da:ff:c1:29:67:20:e9:91:a7:
         e4:86:68:66:44:92:ff:b5:bb:8a:c9:8e:2e:a9:49:a6:62:5f:
         80:ac:3b:64:5c:96:eb:dd:4d:fa:ec:64:61:1a:da:ef:63:39:
         ef:43:0d:5b:78:c3:84:d7:bd:96:0a:52:0b:9f:6b:67:b0:16:
         72:99:7d:4d:33:40:11:b8:58:f2:83:e6:59:a1:d4:b2:3a:a1:
         ba:a0:2b:24:13:87:2d:e9:ed:57:d5:94:02:60:8e:70:7f:f4:
         2f:f4:2c:0b:4b:7a:8d:6f:67:f7:a9:80:44:fb:26:26:57:11:
         64:8b:72:17:cf:20:d9:e0:53:9b:8f:25:e4:1f:9e:73:7a:33:
         d7:93:8d:b5:49:e9:a0:20:03:d3:89:f2:77:55:2b:b3:68:f4:
         37:00:61:3a:0a:c3:3e:74:08:a4:23:07:fc:ef:a8:2b:60:29:
         68:1b:3a:ae:4a:4d:bb:f5:bd:a2:e9:0c:4a:4f:d3:17:3c:24:
         2c:6c:bc:49:d8:75:d6:90:07:7e:55:6d:6a:e2:14:cb:fe:3c:
         aa:be:93:9d:b8:5f:b9:f5:04:b8:ec:ac:13:74:c9:88:16:6c:
         c6:cf:09:ef:a0:88:f7:e4:31:f3:0b:ea:a4:22:97:20:3a:e4:
         b3:dc:5b:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fX1jT6Bv02TYvFXVJ5boMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjUxMDE5MjIwMTAwWhcNMjUxMDIwMjIwMTAwWjAzMTEwLwYDVQQD
EygzMzFlZjI2YzM3ZWExZTA2NWE2ZmEwNzJkYTExNmI4NDRmZDU2ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eoeRBi1RmDx6nQjVsYTYOFCNlev
cEdDA1c61fQn37V28LFiMLm70j1m0xlWX1p/DAnPEOO2vkIlF41be8YTShYgO+Xs
HvNVWP36Cap/lMgHfjCWtB1t6f7KTDsXljRteVle90zKm1QmHBkeWZgTKr84BaWk
TwMXyFcNOjElI/Lp97uFQHaV3Becdeof8fvl6v+4RE4eDBvN0vDNXRubWEJ1V8YX
tFkuZlh298ZUIp1P1mMxTge6jogAbNdGsIOIOFcrrD/cemV1jAP7hf3d00k63qiF
z5p1MuFfAYTzlDKLmvdb1igrYKKb5AbCH8UTAmPkBQMljuq3LObRAR+GmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMe8mw36h4GWm+gctoRa4RP1W/uMB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVS+4Oxek
lYYC2v/BKWcg6ZGn5IZoZkSS/7W7ismOLqlJpmJfgKw7ZFyW691N+uxkYRra72M5
70MNW3jDhNe9lgpSC59rZ7AWcpl9TTNAEbhY8oPmWaHUsjqhuqArJBOHLentV9WU
AmCOcH/0L/QsC0t6jW9n96mARPsmJlcRZItyF88g2eBTm48l5B+ec3oz15ONtUnp
oCAD04nyd1Urs2j0NwBhOgrDPnQIpCMH/O+oK2ApaBs6rkpNu/W9oukMSk/TFzwk
LGy8Sdh11pAHflVtauIUy/48qr6TnbhfufUEuOysE3TJiBZsxs8J76CI9+Qx8wvq
pCKXIDrks9xbmg==
-----END CERTIFICATE-----