Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          3YbP6+k/wNGOhqCRYjE1pp0BaW5XCb0Gs4T/rYd6XQE=
Subject key identifier:   27:36:6C:E3:96:8B:D9:9F:6E:69:81:63:AF:9E:80:03:D8:4A:DE:5F
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       0198D6606677AC572F9028A50316ADB9BD07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0E48
Signing time:             Sat 23 Aug 2025 10:01:38 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:38 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:38 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: 2aVpjJpvFxudDTzDhFiQhmPl0vKNWnwDQYajTEeEsp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:66:77:ac:57:2f:90:28:a5:03:16:ad:b9:bd:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Aug 23 10:01:38 2025 GMT
            Not After : Aug 24 10:01:38 2025 GMT
        Subject: CN=27366ce3968bd99f6e698163af9e8003d84ade5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f9:0d:09:cc:25:00:52:e2:f7:55:64:bc:de:
                    33:41:21:35:de:cc:97:3d:7f:ef:e0:5c:45:64:11:
                    ec:38:5c:33:98:d3:c7:4d:85:54:04:c1:17:c8:4f:
                    c4:65:61:a6:14:f1:e1:e0:e9:96:73:77:46:fc:22:
                    d6:aa:dd:8b:d8:01:75:03:67:9a:a3:ff:3c:6e:3c:
                    15:87:9b:b7:92:27:aa:79:7f:3a:3e:c8:ac:92:b8:
                    4b:6f:98:83:a2:b2:30:b9:6b:a8:20:e4:76:23:9c:
                    82:5e:9e:d3:1f:85:af:6b:08:0e:bd:26:7c:3e:98:
                    68:bb:21:42:7e:ff:48:49:88:b0:59:5e:7e:b7:57:
                    b5:fa:e5:bd:1d:b2:c9:75:7c:f9:fe:15:e5:20:bf:
                    ca:be:ac:fc:a1:32:5c:0c:63:05:eb:1e:90:96:2a:
                    7c:db:4f:2f:47:fb:03:da:02:a3:32:94:19:e3:f1:
                    12:ef:da:f3:17:64:06:f8:e0:f3:42:63:4f:1c:a7:
                    9d:24:e5:7f:0a:80:2d:af:83:bc:c9:bd:39:86:a2:
                    e4:55:35:63:64:7f:bb:82:28:e9:0a:ee:3f:c2:7c:
                    80:1c:7c:d8:92:06:07:0f:f1:2a:38:89:58:c7:a9:
                    ca:7c:9a:71:5b:cd:5c:fc:85:ef:e1:d9:ad:59:44:
                    b1:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:36:6C:E3:96:8B:D9:9F:6E:69:81:63:AF:9E:80:03:D8:4A:DE:5F
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:a4:a8:2e:6b:29:e5:46:21:e6:d3:94:eb:64:e1:20:ef:23:
         fb:fb:c8:9c:c1:f8:14:44:66:6f:20:f1:45:14:31:47:d8:f2:
         59:2b:65:eb:29:7c:57:64:2e:12:bb:e8:2a:79:54:90:21:fa:
         8e:17:c6:f6:7a:fc:f0:92:f9:3b:1a:87:fc:5f:57:b5:e3:8e:
         1e:f4:57:29:38:01:8f:9c:c6:e6:49:95:e9:d6:a7:c2:60:ea:
         f7:52:7b:8c:9e:9d:0b:a8:a7:31:3d:2f:1c:bf:b2:78:55:06:
         0c:e0:bc:18:a2:0f:60:9c:72:c8:65:9a:61:59:61:ea:ef:a0:
         f4:60:21:57:ed:26:3d:5e:5a:74:b2:07:90:75:56:cf:88:55:
         85:1c:d3:df:4e:14:87:da:68:30:8e:4f:53:5e:48:42:75:bb:
         aa:5e:e2:9c:35:c1:6d:5c:25:8b:31:ba:9b:ab:35:3a:02:9e:
         52:42:63:3c:80:34:13:a0:b8:f3:12:d1:07:a5:e0:c0:ff:42:
         ef:2f:49:ed:4d:3a:12:b8:84:13:42:91:03:c0:1f:67:b5:35:
         1b:63:bb:4c:eb:23:8e:38:9f:2a:b6:ce:71:e0:8d:97:59:df:
         ca:d5:7f:a7:91:6e:da:c2:47:0b:7c:ee:0c:36:20:7a:dd:11:
         8c:33:e7:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYGZ3rFcvkCilAxatub0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUwODIzMTAwMTM4WhcNMjUwODI0MTAwMTM4WjAzMTEwLwYDVQQD
EygyNzM2NmNlMzk2OGJkOTlmNmU2OTgxNjNhZjllODAwM2Q4NGFkZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfkNCcwlAFLi91VkvN4zQSE13syX
PX/v4FxFZBHsOFwzmNPHTYVUBMEXyE/EZWGmFPHh4OmWc3dG/CLWqt2L2AF1A2ea
o/88bjwVh5u3kieqeX86PsiskrhLb5iDorIwuWuoIOR2I5yCXp7TH4WvawgOvSZ8
PphouyFCfv9ISYiwWV5+t1e1+uW9HbLJdXz5/hXlIL/Kvqz8oTJcDGMF6x6Qlip8
208vR/sD2gKjMpQZ4/ES79rzF2QG+ODzQmNPHKedJOV/CoAtr4O8yb05hqLkVTVj
ZH+7gijpCu4/wnyAHHzYkgYHD/EqOIlYx6nKfJpxW81c/IXv4dmtWUSx5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCc2bOOWi9mfbmmBY6+egAPYSt5fMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGqSoLmsp
5UYh5tOU62ThIO8j+/vInMH4FERmbyDxRRQxR9jyWStl6yl8V2QuErvoKnlUkCH6
jhfG9nr88JL5OxqH/F9XteOOHvRXKTgBj5zG5kmV6danwmDq91J7jJ6dC6inMT0v
HL+yeFUGDOC8GKIPYJxyyGWaYVlh6u+g9GAhV+0mPV5adLIHkHVWz4hVhRzT304U
h9poMI5PU15IQnW7ql7inDXBbVwlizG6m6s1OgKeUkJjPIA0E6C48xLRB6XgwP9C
7y9J7U06EriEE0KRA8AfZ7U1G2O7TOsjjjifKrbOceCNl1nfytV/p5Fu2sJHC3zu
DDYget0RjDPnIg==
-----END CERTIFICATE-----