Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          1ECcLkMOLi8XIxDZ7BOpqt3/BvMFPk0VKXPOGhJ/9f8=
Subject key identifier:   8A:99:40:60:EA:22:82:51:7D:33:BF:54:B9:12:EE:84:00:5C:ED:F3
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       0199FFC8183821F2150C2525C5500D78810A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0EE2
Signing time:             Mon 20 Oct 2025 04:02:07 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:07 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:07 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: nXyE6GRcmLUirEsHldW9CF6DgAyqZbtys7UbzqkcnHA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:18:38:21:f2:15:0c:25:25:c5:50:0d:78:81:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Oct 20 04:02:07 2025 GMT
            Not After : Oct 21 04:02:07 2025 GMT
        Subject: CN=8a994060ea2282517d33bf54b912ee84005cedf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c3:b0:fd:d6:6d:96:86:2b:5e:fd:9f:28:dc:
                    00:84:11:e0:e6:c6:3b:1b:c6:58:a3:7c:f4:67:1e:
                    bb:68:2a:80:c7:fc:d0:33:97:21:90:1c:5e:a4:e6:
                    56:32:83:33:b0:e6:3e:b9:be:2d:91:f0:b0:11:8c:
                    de:92:9d:d3:d4:c3:f2:f0:79:99:52:ed:cb:9d:89:
                    c6:0b:ef:73:11:9e:9b:6f:9e:da:d2:d2:1c:ae:f3:
                    68:79:64:a5:74:09:8f:4e:f9:92:0d:2b:b8:27:f8:
                    a7:ed:a8:a2:eb:85:e6:18:d4:31:84:1a:5e:38:f4:
                    47:ef:8e:9b:e4:a3:c4:64:6e:95:fd:77:18:b0:84:
                    f6:9c:84:4e:84:ff:13:e8:e4:78:c1:84:7b:df:a2:
                    c8:82:80:f6:02:b1:bb:71:41:c4:4c:44:3f:c4:6d:
                    44:9c:87:7f:12:46:d7:40:5a:13:4a:97:40:69:3a:
                    c3:a5:44:47:87:dd:ed:5e:91:66:43:89:da:1c:05:
                    a1:73:59:ba:ff:18:16:04:db:2f:55:da:ee:ca:c6:
                    91:00:e7:20:78:63:2a:36:63:39:65:ca:d7:a6:6a:
                    a3:7d:48:d9:8a:b1:ed:e9:6a:8a:d9:c6:05:f2:1c:
                    b3:80:0d:12:6e:f9:b9:54:82:19:02:1f:4a:32:01:
                    9c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:99:40:60:EA:22:82:51:7D:33:BF:54:B9:12:EE:84:00:5C:ED:F3
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:fb:de:cf:09:5b:79:e0:9b:94:84:94:99:06:e3:60:42:4d:
         7b:90:43:7f:e5:04:ea:3f:1d:bd:c6:ce:d6:35:dd:91:79:f7:
         10:60:b8:72:1b:a6:36:da:d4:d9:a5:61:13:71:49:c2:2c:b6:
         e1:82:b7:c2:b3:fa:94:a4:98:4b:a1:ae:7f:96:c3:9c:b7:ea:
         8e:62:dd:bb:7e:36:e4:0d:77:1f:26:a2:36:34:56:e5:b8:f6:
         c4:14:9e:ae:11:2a:d6:24:1e:6f:2d:46:03:03:50:7c:fa:f0:
         fe:f8:b6:b8:23:eb:f1:1b:68:6f:6c:24:e1:42:94:30:72:13:
         98:92:3b:d7:ea:8e:6d:02:81:12:ff:d6:ab:c5:54:f6:53:fb:
         ae:fe:ad:30:86:c1:8d:2b:61:a1:a4:d6:7f:f5:2b:73:4b:f6:
         5e:32:08:c4:7c:09:65:47:d7:31:85:bb:f3:26:c6:3a:aa:84:
         83:9f:3d:cf:b8:19:99:7f:9b:d1:a5:13:fa:89:c5:24:42:fc:
         59:41:f8:5e:98:df:d7:de:e1:55:01:8b:67:a1:9d:60:c4:e6:
         04:63:d7:63:26:c6:e8:72:c3:24:42:17:c6:20:bf:7b:31:57:
         eb:90:ad:c0:66:e4:9b:df:f5:5e:1d:77:a2:d7:60:ea:55:22:
         0f:e4:24:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yBg4IfIVDCUlxVANeIEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUxMDIwMDQwMjA3WhcNMjUxMDIxMDQwMjA3WjAzMTEwLwYDVQQD
Eyg4YTk5NDA2MGVhMjI4MjUxN2QzM2JmNTRiOTEyZWU4NDAwNWNlZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucOw/dZtloYrXv2fKNwAhBHg5sY7
G8ZYo3z0Zx67aCqAx/zQM5chkBxepOZWMoMzsOY+ub4tkfCwEYzekp3T1MPy8HmZ
Uu3LnYnGC+9zEZ6bb57a0tIcrvNoeWSldAmPTvmSDSu4J/in7aii64XmGNQxhBpe
OPRH746b5KPEZG6V/XcYsIT2nIROhP8T6OR4wYR736LIgoD2ArG7cUHETEQ/xG1E
nId/EkbXQFoTSpdAaTrDpURHh93tXpFmQ4naHAWhc1m6/xgWBNsvVdruysaRAOcg
eGMqNmM5ZcrXpmqjfUjZirHt6WqK2cYF8hyzgA0Sbvm5VIIZAh9KMgGc5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqZQGDqIoJRfTO/VLkS7oQAXO3zMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVPvezwlb
eeCblISUmQbjYEJNe5BDf+UE6j8dvcbO1jXdkXn3EGC4chumNtrU2aVhE3FJwiy2
4YK3wrP6lKSYS6Guf5bDnLfqjmLdu3425A13HyaiNjRW5bj2xBSerhEq1iQeby1G
AwNQfPrw/vi2uCPr8Rtob2wk4UKUMHITmJI71+qObQKBEv/Wq8VU9lP7rv6tMIbB
jSthoaTWf/Urc0v2XjIIxHwJZUfXMYW78ybGOqqEg589z7gZmX+b0aUT+onFJEL8
WUH4Xpjf197hVQGLZ6GdYMTmBGPXYybG6HLDJEIXxiC/ezFX65CtwGbkm9/1Xh13
otdg6lUiD+Qkmw==
-----END CERTIFICATE-----