Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          agJE9CnpCDARHRtjgpx44LXtLNNx2c/Q4QKPQsxOnL4=
Subject key identifier:   1D:84:AA:47:6F:97:59:0E:D9:A0:A8:51:49:69:00:74:69:62:5C:3D
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       019D29974639C24E1EEED4DD06B8F03516AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          13B8
Signing time:             Thu 26 Mar 2026 10:01:12 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:12 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:12 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: yLU7QQMukYcl+i8ZjOqAAD9mlSBE1hOmLhDSghTnmVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:46:39:c2:4e:1e:ee:d4:dd:06:b8:f0:35:16:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: Mar 26 10:01:12 2026 GMT
            Not After : Mar 27 10:01:12 2026 GMT
        Subject: CN=1d84aa476f97590ed9a0a8514969007469625c3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5c:ec:e2:40:27:a7:49:e0:d7:eb:52:63:d5:
                    32:13:ad:d8:3a:e4:5f:34:d7:72:8f:40:68:02:d4:
                    4a:23:96:63:84:47:58:7f:a5:59:97:23:af:f9:06:
                    5f:48:2a:f8:74:84:66:e2:86:19:bc:09:c6:6e:c0:
                    9e:4c:da:78:f6:2e:d9:e5:92:97:54:d2:d8:bc:5c:
                    1c:b0:8d:e8:ef:62:a5:1b:bb:35:7c:21:87:cc:d1:
                    06:df:b3:41:5c:fc:fb:6f:ed:64:9d:65:21:53:52:
                    8f:00:8b:e1:c6:a2:c2:8b:59:1b:eb:e2:8c:68:d2:
                    e2:6b:64:cd:63:62:11:6f:5f:34:e1:63:73:cd:32:
                    db:d6:cf:c2:e7:f9:ba:63:2a:f3:9c:dc:86:b8:64:
                    16:e5:bd:bf:cd:28:f7:4f:d5:31:9c:11:8f:df:ce:
                    57:59:d3:4c:a0:22:06:37:78:51:e4:a9:54:ca:7b:
                    e5:f1:27:b7:f5:6e:cd:b1:5e:31:f5:cb:a5:36:59:
                    c9:8a:a1:4b:46:a6:54:68:21:3a:0d:29:13:eb:62:
                    9c:96:23:10:24:77:66:64:fe:44:a0:b4:28:65:0a:
                    aa:d3:9a:57:5c:96:ac:c6:32:81:cb:71:cd:4c:86:
                    9c:8f:e9:e0:57:20:90:5f:66:bd:cf:17:e5:bf:8f:
                    24:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:84:AA:47:6F:97:59:0E:D9:A0:A8:51:49:69:00:74:69:62:5C:3D
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:80:15:06:90:08:a0:9c:a3:6c:7e:fe:9f:94:72:a4:01:b8:
         5d:a2:7e:32:2c:81:3c:9e:c7:e1:ab:a2:89:02:d3:5e:c9:a3:
         86:5f:e6:fc:ad:37:e2:92:ef:03:7e:bf:23:31:92:24:8b:a0:
         fa:8c:24:5d:d9:42:d6:e5:27:a5:47:2b:1c:ea:fc:54:a4:4b:
         33:cc:fb:d2:15:ef:9a:8c:fd:05:a2:cb:be:41:5c:c6:74:07:
         0b:8e:d9:54:41:6e:1e:0d:64:a7:a1:23:b6:d4:03:b7:92:b7:
         09:1f:4f:6a:09:b7:5a:b8:a0:e9:2c:a3:d2:4c:b0:48:c7:1d:
         04:d8:83:2b:cb:8b:9c:dc:06:96:1e:df:7c:84:6d:fd:11:a4:
         a0:d2:19:c2:37:cd:7a:81:a9:92:32:c2:38:d5:86:d9:0c:47:
         39:5c:05:ce:17:4f:44:0c:13:2a:be:46:44:30:0f:c8:53:a1:
         a0:d1:e0:4f:07:dd:ed:9e:af:5e:ba:85:84:ac:5f:49:f8:ec:
         05:a1:d3:85:26:fd:d5:c9:2b:30:ba:e8:bf:ec:78:e7:15:fc:
         4d:84:2a:a4:56:96:4c:db:5d:b5:14:51:b6:a0:e6:5d:94:75:
         86:c5:56:2f:64:e4:04:17:e6:71:f1:c2:0b:01:f8:9d:30:3e:
         c2:fb:40:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl0Y5wk4e7tTdBrjwNRasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjYwMzI2MTAwMTEyWhcNMjYwMzI3MTAwMTEyWjAzMTEwLwYDVQQD
EygxZDg0YWE0NzZmOTc1OTBlZDlhMGE4NTE0OTY5MDA3NDY5NjI1YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVzs4kAnp0ng1+tSY9UyE63YOuRf
NNdyj0BoAtRKI5ZjhEdYf6VZlyOv+QZfSCr4dIRm4oYZvAnGbsCeTNp49i7Z5ZKX
VNLYvFwcsI3o72KlG7s1fCGHzNEG37NBXPz7b+1knWUhU1KPAIvhxqLCi1kb6+KM
aNLia2TNY2IRb1804WNzzTLb1s/C5/m6YyrznNyGuGQW5b2/zSj3T9UxnBGP385X
WdNMoCIGN3hR5KlUynvl8Se39W7NsV4x9culNlnJiqFLRqZUaCE6DSkT62KcliMQ
JHdmZP5EoLQoZQqq05pXXJasxjKBy3HNTIacj+ngVyCQX2a9zxflv48kTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2Eqkdvl1kO2aCoUUlpAHRpYlw9MB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP4AVBpAI
oJyjbH7+n5RypAG4XaJ+MiyBPJ7H4auiiQLTXsmjhl/m/K034pLvA36/IzGSJIug
+owkXdlC1uUnpUcrHOr8VKRLM8z70hXvmoz9BaLLvkFcxnQHC47ZVEFuHg1kp6Ej
ttQDt5K3CR9Pagm3Wrig6Syj0kywSMcdBNiDK8uLnNwGlh7ffIRt/RGkoNIZwjfN
eoGpkjLCONWG2QxHOVwFzhdPRAwTKr5GRDAPyFOhoNHgTwfd7Z6vXrqFhKxfSfjs
BaHThSb91ckrMLrov+x45xX8TYQqpFaWTNtdtRRRtqDmXZR1hsVWL2TkBBfmcfHC
CwH4nTA+wvtA7Q==
-----END CERTIFICATE-----