Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          WBaq342gg2wuHyOtHUmbjoE5a4Fw/bdCmXWaluLKF8w=
Subject key identifier:   8A:9D:01:AC:D3:1D:1F:01:B5:D0:28:55:18:63:B8:86:7B:3D:61:FC
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       019D270405E3FEEFDE795F77D5E376F465DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          1084
Signing time:             Wed 25 Mar 2026 22:01:08 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:08 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:08 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: +wLGaVvQV1DjRekuwzX1zaBh9wULVdTQfWwG7DHH0kY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:05:e3:fe:ef:de:79:5f:77:d5:e3:76:f4:65:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Mar 25 22:01:08 2026 GMT
            Not After : Mar 26 22:01:08 2026 GMT
        Subject: CN=8a9d01acd31d1f01b5d028551863b8867b3d61fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:2d:25:00:da:e6:bf:d7:92:3e:20:35:39:01:
                    a1:a8:cf:98:0c:ca:be:ef:56:36:0a:bc:06:ba:f8:
                    4f:ca:0a:99:76:1f:2d:05:b9:d1:c4:85:1d:db:7d:
                    4c:29:c8:7e:0b:52:2d:78:89:26:02:86:1c:52:84:
                    a8:12:e6:d3:c4:20:97:96:5b:85:93:88:5c:45:2e:
                    6d:ba:7f:fc:29:b5:e8:e2:cf:fd:83:e2:91:c7:fb:
                    8d:bd:17:5d:6b:59:c5:38:f6:f3:a1:55:46:a9:13:
                    9d:29:bb:c4:5f:8b:0a:71:66:dd:3b:46:31:8f:64:
                    d2:53:b1:55:5b:34:66:ac:02:9b:ba:ae:ac:8c:9b:
                    a7:5d:25:0b:fc:a0:01:4d:88:d6:ad:e1:67:9f:1d:
                    78:64:74:5c:96:a6:9d:9d:24:12:a3:2b:35:9c:b7:
                    16:92:65:89:1b:e8:d8:9f:45:d2:7a:e7:05:6d:ba:
                    40:b7:83:36:9b:4d:4d:07:e7:1c:b2:f3:c6:a9:5d:
                    97:d5:86:5c:cc:da:9d:5e:d7:28:3a:6d:15:13:c0:
                    65:03:72:cb:08:f1:d8:46:80:c6:07:ba:af:9b:c3:
                    82:a2:2f:71:25:89:02:27:0e:28:73:27:51:89:fd:
                    c6:5b:fc:03:f3:5a:56:da:b2:1d:d9:a5:d7:2b:99:
                    19:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:9D:01:AC:D3:1D:1F:01:B5:D0:28:55:18:63:B8:86:7B:3D:61:FC
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:42:20:8a:d4:34:24:c3:13:fb:dc:93:ed:df:b8:ee:6c:33:
         ed:09:49:4c:4a:bc:74:a1:62:22:35:1f:6c:4a:2a:14:b0:18:
         2f:2e:b0:14:0b:22:17:cf:cc:5c:8b:13:88:ec:a0:69:0f:f2:
         6a:37:61:ee:96:fe:c5:05:ef:a3:13:66:84:b8:0c:2f:09:e9:
         25:79:a7:f2:af:67:68:53:cc:34:ce:27:19:d9:40:b1:62:a4:
         ac:cf:8e:4d:6f:05:1b:90:58:35:00:21:df:38:6a:27:2a:b2:
         09:8b:61:82:0f:cd:93:c0:d2:e9:ce:a7:0d:76:24:ea:e9:7a:
         d2:d2:9e:8d:45:59:0c:27:30:59:e9:4d:49:c4:13:69:05:f3:
         6a:96:6e:43:a3:93:bc:e3:d1:3a:a4:03:84:82:1c:7e:79:08:
         70:75:2c:a9:2e:f3:fc:22:73:9a:c1:d3:49:b7:e8:48:7b:da:
         bd:c9:e2:e3:e1:e6:ec:31:56:a2:af:df:0a:dd:f8:d7:82:df:
         7e:3e:da:4a:c1:9b:32:e8:f0:35:9b:8f:9d:91:8f:7e:03:11:
         4c:ae:1f:20:5e:c3:57:fe:40:26:a5:d9:48:f2:33:e1:25:5c:
         b7:b7:a6:70:ac:f0:e3:03:f0:a8:16:74:69:2a:21:67:d4:21:
         37:01:9f:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBAXj/u/eeV931eN29GXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjYwMzI1MjIwMTA4WhcNMjYwMzI2MjIwMTA4WjAzMTEwLwYDVQQD
Eyg4YTlkMDFhY2QzMWQxZjAxYjVkMDI4NTUxODYzYjg4NjdiM2Q2MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui0lANrmv9eSPiA1OQGhqM+YDMq+
71Y2CrwGuvhPygqZdh8tBbnRxIUd231MKch+C1IteIkmAoYcUoSoEubTxCCXlluF
k4hcRS5tun/8KbXo4s/9g+KRx/uNvRdda1nFOPbzoVVGqROdKbvEX4sKcWbdO0Yx
j2TSU7FVWzRmrAKbuq6sjJunXSUL/KABTYjWreFnnx14ZHRclqadnSQSoys1nLcW
kmWJG+jYn0XSeucFbbpAt4M2m01NB+ccsvPGqV2X1YZczNqdXtcoOm0VE8BlA3LL
CPHYRoDGB7qvm8OCoi9xJYkCJw4ocydRif3GW/wD81pW2rId2aXXK5kZrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqdAazTHR8BtdAoVRhjuIZ7PWH8MB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbUIgitQ0
JMMT+9yT7d+47mwz7QlJTEq8dKFiIjUfbEoqFLAYLy6wFAsiF8/MXIsTiOygaQ/y
ajdh7pb+xQXvoxNmhLgMLwnpJXmn8q9naFPMNM4nGdlAsWKkrM+OTW8FG5BYNQAh
3zhqJyqyCYthgg/Nk8DS6c6nDXYk6ul60tKejUVZDCcwWelNScQTaQXzapZuQ6OT
vOPROqQDhIIcfnkIcHUsqS7z/CJzmsHTSbfoSHvavcni4+Hm7DFWoq/fCt3414Lf
fj7aSsGbMujwNZuPnZGPfgMRTK4fIF7DV/5AJqXZSPIz4SVct7emcKzw4wPwqBZ0
aSohZ9QhNwGfsw==
-----END CERTIFICATE-----