Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          YojXwb7hxd8HrKCTKC9skvHJz4e7AUQG7rjxa8HBWJU=
Subject key identifier:   5E:4F:8C:11:D3:B8:EB:9F:D4:63:3D:30:E7:5B:3C:49:C8:AD:0E:5E
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       0196C53A8695AB62C614A17EAA9FA52DBAA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0D36
Signing time:             Mon 12 May 2025 16:01:09 +0000
Manifest this update:     Mon 12 May 2025 16:01:09 +0000
Manifest next update:     Tue 13 May 2025 16:01:09 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: tKl8VXKR5Yey3qLkaU2StwH1ysPnG/NNM2/li1x3kMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:3a:86:95:ab:62:c6:14:a1:7e:aa:9f:a5:2d:ba:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: May 12 16:01:09 2025 GMT
            Not After : May 13 16:01:09 2025 GMT
        Subject: CN=5e4f8c11d3b8eb9fd4633d30e75b3c49c8ad0e5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:0d:2b:ae:18:c4:4c:8b:5b:ef:cf:a3:a4:a5:
                    8d:4e:e6:b6:a0:3d:f2:64:ca:88:55:2b:fd:82:6c:
                    8e:e3:23:3b:e7:30:98:07:37:11:56:73:e7:7c:3d:
                    d6:79:78:6a:57:f2:fd:6c:d5:81:d7:00:ca:0e:54:
                    1c:42:48:3c:37:3f:2b:be:43:f1:91:90:29:b4:a9:
                    9c:99:63:b2:e9:b1:04:3e:55:83:f8:95:e8:25:05:
                    dc:50:a3:a2:c3:6f:64:25:02:e8:68:36:c3:dc:8b:
                    ef:6c:cd:a3:ed:9f:fc:22:61:e7:10:b1:9b:4f:23:
                    f2:87:9e:d0:d0:cd:a9:46:11:c7:05:d9:b9:a7:37:
                    bd:25:00:d7:7b:19:e1:03:57:8e:95:8f:25:d5:b3:
                    6f:3b:4e:8b:2b:88:e9:c0:41:4c:6b:c3:db:82:63:
                    de:ef:c2:6a:28:3a:21:52:c3:22:0b:6f:fb:f5:fb:
                    a8:1a:0f:1f:a9:b8:50:36:27:89:f7:37:bc:fb:0f:
                    7a:9d:3d:a6:aa:41:21:76:fc:01:b4:a7:7e:79:c4:
                    17:74:59:de:23:ac:86:42:76:e4:26:7a:89:01:d5:
                    d4:86:e6:4e:a4:4d:25:0f:e8:48:85:a4:71:77:3e:
                    3d:3d:ae:df:b0:ed:14:ea:7a:5b:e7:32:83:46:af:
                    6e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:4F:8C:11:D3:B8:EB:9F:D4:63:3D:30:E7:5B:3C:49:C8:AD:0E:5E
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:25:11:2b:62:5d:94:1a:99:f2:19:64:5f:2b:5f:3b:ad:5a:
         6c:08:12:48:71:a8:9b:8f:9f:d4:59:b9:3f:97:72:e2:61:63:
         f9:fa:48:fe:91:df:a8:d2:0e:3d:84:b9:c2:39:4f:b0:06:e0:
         cb:59:71:70:3a:aa:a6:db:75:18:c8:4b:ff:7c:21:6e:09:7f:
         dd:39:7c:53:29:f0:04:d9:3d:5c:34:d4:8d:2b:ee:6c:f5:9c:
         d8:bb:a8:c4:aa:f9:e5:c9:70:b6:19:b5:30:ca:4b:da:a5:dd:
         60:ab:59:c5:80:39:ae:11:06:80:f8:64:77:6f:55:d1:d5:03:
         62:69:58:53:36:64:95:23:9e:64:47:70:5d:67:b8:0e:34:cc:
         d6:97:46:db:b3:dc:3e:6e:f3:5f:a3:0a:ac:65:bb:01:dd:81:
         bb:54:7c:dd:22:df:d2:39:3a:52:90:c6:35:e7:30:21:a7:40:
         6a:cc:2c:a9:f1:34:2f:51:74:3f:6e:5c:69:3b:2a:fb:07:a2:
         a5:55:1d:4e:77:74:c6:fa:18:2f:36:70:be:12:7a:5d:bf:51:
         77:ec:77:00:39:39:8c:b5:de:a2:58:5d:00:c9:81:c6:c6:76:
         fd:24:27:ae:43:d1:68:ab:34:70:ca:82:f0:5a:9f:57:a8:be:
         87:e0:75:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOoaVq2LGFKF+qp+lLbqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUwNTEyMTYwMTA5WhcNMjUwNTEzMTYwMTA5WjAzMTEwLwYDVQQD
Eyg1ZTRmOGMxMWQzYjhlYjlmZDQ2MzNkMzBlNzViM2M0OWM4YWQwZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw0rrhjETItb78+jpKWNTua2oD3y
ZMqIVSv9gmyO4yM75zCYBzcRVnPnfD3WeXhqV/L9bNWB1wDKDlQcQkg8Nz8rvkPx
kZAptKmcmWOy6bEEPlWD+JXoJQXcUKOiw29kJQLoaDbD3IvvbM2j7Z/8ImHnELGb
TyPyh57Q0M2pRhHHBdm5pze9JQDXexnhA1eOlY8l1bNvO06LK4jpwEFMa8PbgmPe
78JqKDohUsMiC2/79fuoGg8fqbhQNieJ9ze8+w96nT2mqkEhdvwBtKd+ecQXdFne
I6yGQnbkJnqJAdXUhuZOpE0lD+hIhaRxdz49Pa7fsO0U6npb5zKDRq9u+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF5PjBHTuOuf1GM9MOdbPEnIrQ5eMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnSURK2Jd
lBqZ8hlkXytfO61abAgSSHGom4+f1Fm5P5dy4mFj+fpI/pHfqNIOPYS5wjlPsAbg
y1lxcDqqptt1GMhL/3whbgl/3Tl8UynwBNk9XDTUjSvubPWc2LuoxKr55clwthm1
MMpL2qXdYKtZxYA5rhEGgPhkd29V0dUDYmlYUzZklSOeZEdwXWe4DjTM1pdG27Pc
Pm7zX6MKrGW7Ad2Bu1R83SLf0jk6UpDGNecwIadAaswsqfE0L1F0P25caTsq+wei
pVUdTnd0xvoYLzZwvhJ6Xb9Rd+x3ADk5jLXeolhdAMmBxsZ2/SQnrkPRaKs0cMqC
8FqfV6i+h+B1Qg==
-----END CERTIFICATE-----