Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          aXs12FGl3YvJrFwtsk/3FtKjPz3vS75KyyWZgtw+uc0=
Subject key identifier:   37:A5:91:29:0D:1A:4E:EA:00:F6:46:65:9E:16:68:43:90:DC:96:07
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       0197C9F088CA87A9145FDC3E27B14FD82DF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0DBD
Signing time:             Wed 02 Jul 2025 07:01:13 +0000
Manifest this update:     Wed 02 Jul 2025 07:01:13 +0000
Manifest next update:     Thu 03 Jul 2025 07:01:13 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: ZIwV1zjk8GoCop1oh1xgyZQKMBpO+HY6LDk9F3XwWTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f0:88:ca:87:a9:14:5f:dc:3e:27:b1:4f:d8:2d:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Jul  2 07:01:13 2025 GMT
            Not After : Jul  3 07:01:13 2025 GMT
        Subject: CN=37a591290d1a4eea00f646659e16684390dc9607
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:53:f3:6b:61:df:6c:32:0f:a7:32:13:f0:a3:
                    8c:47:ed:4a:8c:18:4a:1d:aa:23:95:02:55:6b:09:
                    89:cf:f8:d0:ac:0f:01:54:f5:ec:d0:0d:16:ca:ff:
                    ce:91:37:da:0d:96:2c:3c:a2:96:d3:63:cd:0d:d9:
                    ab:c9:9a:a3:97:cc:e3:6b:6d:1f:7e:49:c8:a9:14:
                    f6:0f:df:df:24:d4:35:aa:9f:a5:70:4d:7c:eb:69:
                    89:33:e6:f1:72:c7:4f:8c:1f:87:bc:81:3a:44:80:
                    e9:d9:fc:56:a2:fd:fe:b0:cf:92:67:91:36:7c:b9:
                    9e:4f:cc:a5:54:ae:73:fb:cd:ac:a9:2e:d6:2c:4a:
                    26:ed:3f:9a:2d:e9:a0:d6:83:df:47:3b:2a:1e:be:
                    ef:e6:ca:8e:c8:c5:7f:d8:02:51:69:3f:1f:15:c1:
                    a8:40:3a:79:73:89:7d:33:49:9e:c4:9c:ca:37:55:
                    27:d6:27:de:e0:65:e4:f7:75:9a:c2:3c:c6:7a:b7:
                    b5:a6:2a:58:68:28:f6:24:f8:00:9d:f1:69:5f:cc:
                    be:d0:71:ad:bb:6d:d0:9f:4a:e3:e4:d2:50:09:40:
                    2f:cf:5b:5d:67:eb:29:26:c3:25:c8:ba:80:f2:f3:
                    4d:e3:d3:2b:eb:ad:8f:4c:36:64:59:46:30:c3:34:
                    48:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:A5:91:29:0D:1A:4E:EA:00:F6:46:65:9E:16:68:43:90:DC:96:07
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:8d:fd:8d:38:db:3d:c0:ef:0a:b1:8e:5b:28:0a:d8:0f:e6:
         14:94:29:3a:1e:80:9b:25:73:49:0b:0e:28:a2:50:a8:d9:3b:
         2f:35:a4:33:f2:da:14:35:19:2e:b3:93:a2:bd:0f:1f:03:a7:
         02:7e:78:60:c4:05:3b:d4:af:d9:4f:df:18:7a:73:e0:a5:4a:
         e7:38:fa:64:09:32:10:63:48:a4:ad:a8:c1:fc:6b:cb:a8:af:
         0d:3c:41:7b:8b:8d:d1:f8:79:9a:fb:04:e9:8d:e3:02:4d:2b:
         21:71:61:3b:76:25:6c:e2:c5:2d:dd:02:00:a9:ba:47:87:39:
         05:12:7a:f0:ef:71:47:94:f9:56:78:20:02:a0:7a:cc:2d:c1:
         65:fa:eb:39:dc:26:30:3b:ee:3b:2c:c2:f5:d2:9b:96:df:f9:
         c5:63:f4:8c:e7:30:b2:b0:0c:19:f0:69:e8:04:dc:f7:69:bf:
         c6:43:f9:df:60:13:22:86:8c:ea:a4:75:8c:09:95:8b:5f:21:
         84:ee:a2:61:49:1a:4a:90:5f:28:2c:28:1f:c2:e0:eb:71:bd:
         64:06:aa:23:29:c2:b3:f9:96:c9:7e:bc:6f:ac:01:2a:53:8f:
         b9:81:9a:7b:91:4f:51:79:55:61:a5:88:1b:78:22:6f:13:ff:
         92:cc:07:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8IjKh6kUX9w+J7FP2C3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUwNzAyMDcwMTEzWhcNMjUwNzAzMDcwMTEzWjAzMTEwLwYDVQQD
EygzN2E1OTEyOTBkMWE0ZWVhMDBmNjQ2NjU5ZTE2Njg0MzkwZGM5NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lPza2HfbDIPpzIT8KOMR+1KjBhK
HaojlQJVawmJz/jQrA8BVPXs0A0Wyv/OkTfaDZYsPKKW02PNDdmryZqjl8zja20f
fknIqRT2D9/fJNQ1qp+lcE1862mJM+bxcsdPjB+HvIE6RIDp2fxWov3+sM+SZ5E2
fLmeT8ylVK5z+82sqS7WLEom7T+aLemg1oPfRzsqHr7v5sqOyMV/2AJRaT8fFcGo
QDp5c4l9M0mexJzKN1Un1ife4GXk93WawjzGere1pipYaCj2JPgAnfFpX8y+0HGt
u23Qn0rj5NJQCUAvz1tdZ+spJsMlyLqA8vNN49Mr662PTDZkWUYwwzRIcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDelkSkNGk7qAPZGZZ4WaEOQ3JYHMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFY39jTjb
PcDvCrGOWygK2A/mFJQpOh6AmyVzSQsOKKJQqNk7LzWkM/LaFDUZLrOTor0PHwOn
An54YMQFO9Sv2U/fGHpz4KVK5zj6ZAkyEGNIpK2owfxry6ivDTxBe4uN0fh5mvsE
6Y3jAk0rIXFhO3YlbOLFLd0CAKm6R4c5BRJ68O9xR5T5VnggAqB6zC3BZfrrOdwm
MDvuOyzC9dKblt/5xWP0jOcwsrAMGfBp6ATc92m/xkP532ATIoaM6qR1jAmVi18h
hO6iYUkaSpBfKCwoH8Lg63G9ZAaqIynCs/mWyX68b6wBKlOPuYGae5FPUXlVYaWI
G3gibxP/kswHvg==
-----END CERTIFICATE-----