Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          XhY1C38hA39mM72rvnAjdwYUolnfyozcUJPlkJX9e8c=
Subject key identifier:   2F:69:EF:77:32:F7:EF:EB:C4:2C:01:68:08:78:98:92:EE:2E:01:1A
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       019749682526DB6C999C2F6A07818F495C65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          10AD
Signing time:             Sat 07 Jun 2025 08:00:51 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:51 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:51 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: eZQlykai4jJqT1Rt5mbsQ3lBCX09s9OIyEJLYI8cpng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:25:26:db:6c:99:9c:2f:6a:07:81:8f:49:5c:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: Jun  7 08:00:51 2025 GMT
            Not After : Jun  8 08:00:51 2025 GMT
        Subject: CN=2f69ef7732f7efebc42c016808789892ee2e011a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:db:56:c8:a7:75:8a:0f:56:3e:7b:b8:72:da:
                    61:be:20:93:89:e6:51:81:9f:f2:b2:e3:a5:20:9e:
                    e0:8c:21:d1:cb:cc:eb:8d:ec:c4:7c:dc:ce:da:bd:
                    26:61:8e:94:1b:7b:65:db:86:42:ee:53:95:03:96:
                    c9:27:4a:52:61:0c:94:c2:15:a7:84:ec:fb:71:ec:
                    be:4f:b0:55:d6:19:c6:81:d6:f7:d1:92:d2:29:78:
                    0e:2a:83:3a:f3:97:66:f3:b0:4a:07:30:2d:66:90:
                    b2:9e:19:31:02:17:5f:33:28:71:8a:f2:26:c7:3f:
                    51:33:13:a0:41:d6:e7:04:6c:9e:3c:04:35:b8:4e:
                    ae:e6:57:6b:48:49:a8:bc:f9:18:79:0b:e5:e8:ce:
                    f6:13:e6:1e:6c:3b:ed:4d:25:ea:f4:0a:0c:23:32:
                    8d:b4:a8:b6:90:eb:8a:a5:c9:b9:80:57:b4:9f:8f:
                    86:aa:46:8b:b4:75:29:0d:3f:cb:c8:89:da:4c:02:
                    9b:da:36:23:ec:d1:4a:fb:a1:4e:62:4d:97:0a:2d:
                    49:89:e7:6b:b8:aa:d2:3c:66:47:6b:fa:1b:c9:63:
                    98:18:6e:71:38:e5:75:63:8d:de:06:30:ff:59:1c:
                    36:01:6c:cc:d0:22:ad:04:c3:07:24:41:fa:a4:6c:
                    ae:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:69:EF:77:32:F7:EF:EB:C4:2C:01:68:08:78:98:92:EE:2E:01:1A
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:28:09:c6:0d:c3:64:39:44:af:12:f3:b7:87:de:17:d0:f8:
         14:4e:74:a4:ba:7b:97:34:e3:f6:42:a7:3f:2c:73:42:f0:e2:
         79:09:b9:3d:8b:0f:fb:c9:df:b3:c8:89:09:97:98:db:fd:83:
         39:be:1c:40:99:f8:c0:21:66:63:4b:c6:ae:ee:1c:80:16:1a:
         31:9f:4b:0c:f5:41:1b:59:ef:49:5e:cc:10:95:5d:84:a6:92:
         e8:f2:43:7d:6c:f3:e1:af:09:45:78:49:7e:9c:38:e0:3c:83:
         81:89:f8:05:16:aa:06:3b:ed:59:f6:c5:90:ce:2b:c7:91:00:
         81:e5:34:ef:d0:20:e3:ea:27:40:cf:e4:29:bb:5d:fa:e7:4a:
         6c:b4:13:d3:7d:bf:6d:50:f1:47:22:06:37:70:3d:7d:61:16:
         f7:75:e3:23:f3:9b:a8:01:7a:75:ca:21:59:69:91:b2:36:83:
         05:cc:ee:64:a9:f2:26:8f:91:e0:1a:45:ee:ff:ab:49:dd:0c:
         b0:0e:f2:5a:84:2e:b6:8b:84:d0:41:d1:05:a0:a8:f1:7c:03:
         03:d8:23:91:06:6f:d1:59:36:8c:89:7b:5e:3e:88:74:93:b8:
         81:df:c1:f4:c3:bb:ce:34:98:ed:d4:11:21:d4:02:74:df:b7:
         65:78:b0:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaCUm22yZnC9qB4GPSVxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjUwNjA3MDgwMDUxWhcNMjUwNjA4MDgwMDUxWjAzMTEwLwYDVQQD
EygyZjY5ZWY3NzMyZjdlZmViYzQyYzAxNjgwODc4OTg5MmVlMmUwMTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9tWyKd1ig9WPnu4ctphviCTieZR
gZ/ysuOlIJ7gjCHRy8zrjezEfNzO2r0mYY6UG3tl24ZC7lOVA5bJJ0pSYQyUwhWn
hOz7cey+T7BV1hnGgdb30ZLSKXgOKoM685dm87BKBzAtZpCynhkxAhdfMyhxivIm
xz9RMxOgQdbnBGyePAQ1uE6u5ldrSEmovPkYeQvl6M72E+YebDvtTSXq9AoMIzKN
tKi2kOuKpcm5gFe0n4+GqkaLtHUpDT/LyInaTAKb2jYj7NFK+6FOYk2XCi1Jiedr
uKrSPGZHa/obyWOYGG5xOOV1Y43eBjD/WRw2AWzM0CKtBMMHJEH6pGyuWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9p73cy9+/rxCwBaAh4mJLuLgEaMB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfigJxg3D
ZDlErxLzt4feF9D4FE50pLp7lzTj9kKnPyxzQvDieQm5PYsP+8nfs8iJCZeY2/2D
Ob4cQJn4wCFmY0vGru4cgBYaMZ9LDPVBG1nvSV7MEJVdhKaS6PJDfWzz4a8JRXhJ
fpw44DyDgYn4BRaqBjvtWfbFkM4rx5EAgeU079Ag4+onQM/kKbtd+udKbLQT032/
bVDxRyIGN3A9fWEW93XjI/ObqAF6dcohWWmRsjaDBczuZKnyJo+R4BpF7v+rSd0M
sA7yWoQutouE0EHRBaCo8XwDA9gjkQZv0Vk2jIl7Xj6IdJO4gd/B9MO7zjSY7dQR
IdQCdN+3ZXiw1A==
-----END CERTIFICATE-----