Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          PhkPuBDT0vIRX8XchW0HS4WeY2HrhejBsTboTJDijgE=
Subject key identifier:   A6:35:6F:A9:CB:ED:B7:0A:FD:2F:61:2B:09:02:78:21:59:0E:FE:4B
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       0196CDCFC709AAD76A8E0EBB040725BEB0E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          106D
Signing time:             Wed 14 May 2025 08:01:08 +0000
Manifest this update:     Wed 14 May 2025 08:01:08 +0000
Manifest next update:     Thu 15 May 2025 08:01:08 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: S/LEJq2Ft+BOQTq6lfn3CaLsNoVZsPULt5/pbVGLpTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cd:cf:c7:09:aa:d7:6a:8e:0e:bb:04:07:25:be:b0:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: May 14 08:01:08 2025 GMT
            Not After : May 15 08:01:08 2025 GMT
        Subject: CN=a6356fa9cbedb70afd2f612b09027821590efe4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:62:ad:3a:c7:3e:c7:a2:6a:8c:35:ef:56:69:
                    db:03:29:6b:1d:bb:14:40:a8:fb:65:7f:53:81:92:
                    fe:f5:45:24:6e:eb:2a:41:f5:c4:26:10:14:8c:a9:
                    d3:06:2d:29:4b:ec:6d:98:4f:59:21:42:ce:b4:48:
                    0a:8b:d2:00:eb:f0:8c:14:5e:31:cd:f4:70:91:ff:
                    64:ee:4e:ab:c2:01:61:92:0e:65:5e:3d:8c:ac:73:
                    f5:36:76:50:b3:5d:8a:af:bc:cb:00:f9:41:fc:6a:
                    11:0f:3e:e4:8b:8a:df:31:51:05:b8:61:6c:56:b6:
                    bf:38:34:a6:2c:4c:a7:86:87:62:0c:97:e9:86:14:
                    a3:3a:16:25:b6:63:c6:2d:02:e2:60:14:2a:4f:84:
                    d5:d8:5b:8b:30:d6:b6:bb:f0:b3:65:22:df:dd:7b:
                    b4:0d:97:ba:05:d9:40:32:ea:d8:b8:ac:56:eb:f3:
                    ce:fd:e7:65:92:00:50:e6:43:74:95:68:81:8f:ec:
                    83:fe:a4:04:c6:ad:8e:8e:93:52:d8:a4:12:57:76:
                    ba:c6:32:0d:94:7d:1f:60:ae:03:e3:5a:67:cb:e5:
                    58:8f:8f:51:16:30:cd:3c:08:95:e3:d7:b7:43:ae:
                    60:5b:ec:43:ba:b8:34:b9:55:ce:53:6f:09:c4:f2:
                    77:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:35:6F:A9:CB:ED:B7:0A:FD:2F:61:2B:09:02:78:21:59:0E:FE:4B
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:c3:97:88:df:be:27:a5:03:2f:0d:58:6e:10:ab:e8:bc:47:
         96:99:65:59:0b:7f:64:68:7c:c0:b5:df:24:3c:5a:ed:6e:f4:
         88:30:1a:9d:08:45:94:de:8c:bf:7d:2c:0c:59:f8:54:f7:ff:
         19:67:90:63:9d:4e:15:07:b5:a2:35:40:91:5c:52:8f:c5:74:
         2e:8f:80:3c:e2:35:00:ad:c5:96:d2:e0:8c:a8:d6:19:c4:30:
         f8:ce:ee:f9:26:37:29:13:d5:3c:74:db:63:84:67:59:7f:32:
         03:19:fc:fb:70:87:38:f2:dc:27:45:df:b7:6b:de:84:79:c9:
         ba:65:63:39:dc:0f:26:d3:e2:c9:09:ca:3e:dd:0f:83:9f:7c:
         71:c6:3d:3f:ae:52:c9:9e:14:cd:42:04:0a:20:10:65:3c:f3:
         8a:17:62:1d:60:00:74:86:31:cd:5f:75:58:be:98:f8:91:4d:
         de:d8:b8:a0:85:1e:b4:3b:66:2a:00:1f:91:de:2f:7b:ae:43:
         44:cd:27:a6:4c:61:f2:1a:c3:49:e0:85:c4:98:ce:a0:09:12:
         1b:96:55:1d:ad:9e:c0:eb:dc:67:6e:04:db:9b:98:56:c3:bc:
         0c:06:ff:24:f5:04:03:6b:98:4f:90:84:ce:7a:14:5c:9f:c2:
         34:95:4c:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbNz8cJqtdqjg67BAclvrDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjUwNTE0MDgwMTA4WhcNMjUwNTE1MDgwMTA4WjAzMTEwLwYDVQQD
EyhhNjM1NmZhOWNiZWRiNzBhZmQyZjYxMmIwOTAyNzgyMTU5MGVmZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2KtOsc+x6JqjDXvVmnbAylrHbsU
QKj7ZX9TgZL+9UUkbusqQfXEJhAUjKnTBi0pS+xtmE9ZIULOtEgKi9IA6/CMFF4x
zfRwkf9k7k6rwgFhkg5lXj2MrHP1NnZQs12Kr7zLAPlB/GoRDz7ki4rfMVEFuGFs
Vra/ODSmLEynhodiDJfphhSjOhYltmPGLQLiYBQqT4TV2FuLMNa2u/CzZSLf3Xu0
DZe6BdlAMurYuKxW6/PO/edlkgBQ5kN0lWiBj+yD/qQExq2OjpNS2KQSV3a6xjIN
lH0fYK4D41pny+VYj49RFjDNPAiV49e3Q65gW+xDurg0uVXOU28JxPJ3zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKY1b6nL7bcK/S9hKwkCeCFZDv5LMB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJsOXiN++
J6UDLw1YbhCr6LxHlpllWQt/ZGh8wLXfJDxa7W70iDAanQhFlN6Mv30sDFn4VPf/
GWeQY51OFQe1ojVAkVxSj8V0Lo+APOI1AK3FltLgjKjWGcQw+M7u+SY3KRPVPHTb
Y4RnWX8yAxn8+3CHOPLcJ0Xft2vehHnJumVjOdwPJtPiyQnKPt0Pg598ccY9P65S
yZ4UzUIECiAQZTzzihdiHWAAdIYxzV91WL6Y+JFN3ti4oIUetDtmKgAfkd4ve65D
RM0npkxh8hrDSeCFxJjOoAkSG5ZVHa2ewOvcZ24E25uYVsO8DAb/JPUEA2uYT5CE
znoUXJ/CNJVMrw==
-----END CERTIFICATE-----