Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
File:                     OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json)
Hash identifier:          ZaJIK0gv0T8tVOOs43SSY+KF0s2gyzn7XCW5KNli8nM=
Subject key identifier:   53:79:DC:5A:14:1C:A7:C8:04:EE:BE:E7:12:04:8B:B4:AC:F7:5E:71
Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0
Certificate issuer:       /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
Certificate serial:       01965BDF52B9457A40ED4BD7E87704BF1B22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
Manifest number:          1032
Signing time:             Tue 22 Apr 2025 05:01:24 +0000
Manifest this update:     Tue 22 Apr 2025 05:01:24 +0000
Manifest next update:     Wed 23 Apr 2025 05:01:24 +0000
Files and hashes:         1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: SlfU6FHMY4mSgY8TLIaku9TIslQ2wnRKbmh6qC5m8wM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:df:52:b9:45:7a:40:ed:4b:d7:e8:77:04:bf:1b:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0
        Validity
            Not Before: Apr 22 05:01:24 2025 GMT
            Not After : Apr 23 05:01:24 2025 GMT
        Subject: CN=5379dc5a141ca7c804eebee712048bb4acf75e71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:16:e5:4d:00:58:ae:54:77:44:de:8c:95:a6:
                    b7:d8:6c:52:0d:05:a6:e1:0c:e9:3f:f7:58:69:81:
                    fc:9f:d0:00:27:db:f8:19:97:f6:25:df:2b:a1:db:
                    00:d6:4e:3d:12:fc:c0:c0:37:a4:b4:da:bc:c6:40:
                    71:72:22:21:cc:08:31:33:3d:49:77:8c:28:e6:46:
                    a7:72:93:28:60:f6:c7:17:d9:91:76:b2:70:c6:46:
                    90:88:7b:8f:fc:4b:e8:29:19:9c:a8:73:ae:2d:5f:
                    3a:89:b7:db:c4:b0:d9:41:25:74:fc:7f:51:b0:cf:
                    bf:f1:de:28:ba:11:67:86:d3:6b:76:7c:28:e3:05:
                    f7:86:e9:d1:bb:fa:02:4d:00:7a:e0:aa:f8:9f:8b:
                    59:89:d4:af:30:7b:ff:c7:f2:09:c4:5b:9a:22:c3:
                    28:46:d4:d1:a8:f3:79:09:f1:50:9f:17:a2:7d:e8:
                    6d:d1:56:8b:4f:6b:b9:85:d9:16:07:14:af:6f:3c:
                    70:d9:0c:3c:9d:79:10:41:38:0b:84:e5:c2:52:80:
                    cf:42:dd:5a:76:0b:1f:c0:5a:63:10:53:8b:a8:d0:
                    26:ae:77:69:c3:c8:77:ae:72:1e:24:96:2e:0c:57:
                    5d:ee:db:02:59:fc:d0:5f:2d:fb:9e:0f:e2:81:06:
                    10:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:79:DC:5A:14:1C:A7:C8:04:EE:BE:E7:12:04:8B:B4:AC:F7:5E:71
            X509v3 Authority Key Identifier:
                keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:e6:46:4f:5e:91:38:dd:15:5e:be:24:61:6e:35:66:a0:f0:
         f8:72:20:6e:67:db:64:06:f4:0d:75:57:c1:67:4a:ba:2f:87:
         23:a0:22:eb:3e:45:9e:df:d9:f8:f3:e4:2b:d5:a2:40:4b:d0:
         f4:43:a4:74:76:fe:35:5a:1d:c7:2a:c1:50:57:87:9e:2c:e2:
         31:4b:3a:ec:3f:2c:59:39:9c:46:00:86:91:26:d7:2a:93:41:
         80:a9:22:8f:1e:d2:8f:d6:d7:e6:10:d4:a6:86:fc:24:63:7f:
         0e:bb:5b:c5:79:df:c9:1a:73:2a:54:6a:b1:34:87:56:45:5b:
         fc:e0:89:b1:62:74:f2:ec:39:76:31:bd:10:a5:6a:62:b5:f2:
         81:87:27:2a:dd:19:fd:72:7a:1d:12:85:3d:d6:22:84:12:09:
         3f:15:38:01:77:32:82:91:7f:cd:28:9f:9b:b1:58:8d:59:91:
         f3:0e:0d:ac:40:0e:62:ab:5a:1d:3d:36:6f:75:d0:0a:91:f9:
         f7:a0:5e:df:aa:d6:9c:d6:5a:f5:ca:c9:42:d8:f9:cc:ab:4c:
         bc:87:ae:e4:62:b0:8a:fd:32:cf:87:02:dd:2a:ba:cc:8d:db:
         98:67:6b:13:89:e3:ce:da:03:96:8a:93:18:b6:73:8c:04:21:
         f3:f5:d6:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZb31K5RXpA7UvX6HcEvxsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3
Y2E3YTAwHhcNMjUwNDIyMDUwMTI0WhcNMjUwNDIzMDUwMTI0WjAzMTEwLwYDVQQD
Eyg1Mzc5ZGM1YTE0MWNhN2M4MDRlZWJlZTcxMjA0OGJiNGFjZjc1ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghblTQBYrlR3RN6Mlaa32GxSDQWm
4QzpP/dYaYH8n9AAJ9v4GZf2Jd8rodsA1k49EvzAwDektNq8xkBxciIhzAgxMz1J
d4wo5kancpMoYPbHF9mRdrJwxkaQiHuP/EvoKRmcqHOuLV86ibfbxLDZQSV0/H9R
sM+/8d4ouhFnhtNrdnwo4wX3hunRu/oCTQB64Kr4n4tZidSvMHv/x/IJxFuaIsMo
RtTRqPN5CfFQnxeifeht0VaLT2u5hdkWBxSvbzxw2Qw8nXkQQTgLhOXCUoDPQt1a
dgsfwFpjEFOLqNAmrndpw8h3rnIeJJYuDFdd7tsCWfzQXy37ng/igQYQpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFN53FoUHKfIBO6+5xIEi7Ss915xMB8GA1UdIwQY
MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt
MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj
LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuZGT16R
ON0VXr4kYW41ZqDw+HIgbmfbZAb0DXVXwWdKui+HI6Ai6z5Fnt/Z+PPkK9WiQEvQ
9EOkdHb+NVodxyrBUFeHniziMUs67D8sWTmcRgCGkSbXKpNBgKkijx7Sj9bX5hDU
pob8JGN/DrtbxXnfyRpzKlRqsTSHVkVb/OCJsWJ08uw5djG9EKVqYrXygYcnKt0Z
/XJ6HRKFPdYihBIJPxU4AXcygpF/zSifm7FYjVmR8w4NrEAOYqtaHT02b3XQCpH5
96Be36rWnNZa9crJQtj5zKtMvIeu5GKwiv0yz4cC3Sq6zI3bmGdrE4njztoDloqT
GLZzjAQh8/XW4Q==
-----END CERTIFICATE-----