Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          CDn+dTOcuR9cAOwQEaxDMKMUxkrJC2TkEVE9icuHbZk=
Subject key identifier:   B8:B7:9E:6B:F2:15:58:3D:8C:68:9A:1F:A7:45:93:3C:4F:68:08:96
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       01974E57742DA07C156FC5149F22BD60CDB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0D7D
Signing time:             Sun 08 Jun 2025 07:00:43 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:43 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:43 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: JUF8BooK34bruYr66zb78vioE45OpcpoyotCuk5931A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:74:2d:a0:7c:15:6f:c5:14:9f:22:bd:60:cd:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Jun  8 07:00:43 2025 GMT
            Not After : Jun  9 07:00:43 2025 GMT
        Subject: CN=b8b79e6bf215583d8c689a1fa745933c4f680896
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fd:05:2f:c3:7f:4e:92:8d:b9:a4:f5:62:2d:
                    81:bd:5e:aa:8d:1c:4f:d1:c7:b5:a6:8f:26:8a:60:
                    66:a2:45:c8:51:01:1b:0f:6c:cb:97:96:fc:73:c8:
                    f9:20:8e:0d:13:ce:ce:81:ac:a2:70:62:ee:7e:69:
                    65:88:03:ba:13:1e:37:20:d7:e4:ca:17:6d:b1:26:
                    02:c1:88:9c:6a:d4:b2:83:1e:77:39:08:4c:72:94:
                    2b:32:6f:40:03:74:93:85:73:fb:c8:b0:8b:71:c4:
                    11:f0:cf:28:ed:c7:b8:ca:15:23:c1:15:45:54:a2:
                    31:1a:aa:a6:7e:1d:56:ae:22:57:a5:9f:cc:45:85:
                    59:b4:f6:52:73:b2:d6:41:c2:4d:5f:3d:4d:6d:14:
                    95:39:28:cb:cc:5e:1a:06:c6:00:0b:09:2a:8c:d4:
                    d8:c4:07:28:e3:4f:bc:4b:3b:c4:15:84:36:e1:e4:
                    da:14:d2:9b:ae:7a:72:10:a9:67:4a:c3:41:a3:cd:
                    3b:ea:6d:31:0d:cc:0d:22:aa:ed:4b:d1:cb:e2:69:
                    60:ad:f8:85:9c:d5:f5:fa:0d:48:2a:7f:fe:dc:44:
                    3b:c0:65:fc:c3:07:b9:a6:ea:67:3a:5c:07:cd:6e:
                    8c:86:d2:01:8e:c8:7f:4d:30:46:16:75:e9:ac:c3:
                    91:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:B7:9E:6B:F2:15:58:3D:8C:68:9A:1F:A7:45:93:3C:4F:68:08:96
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:7f:fe:88:b6:08:0c:21:d0:bd:3e:bb:b7:77:f5:51:82:60:
         e1:31:66:71:d3:7f:d5:a8:b8:d0:d6:e3:a6:73:44:12:f6:e3:
         14:33:41:19:d8:53:97:4b:a4:1c:23:97:60:f2:49:df:b6:8f:
         0e:9b:c8:db:d2:5e:60:1d:0c:df:f2:1e:77:c3:29:b3:21:e0:
         54:10:58:77:42:ce:d2:13:49:49:74:0d:11:1f:12:d1:f4:fa:
         65:0c:20:d3:fb:b4:70:26:07:18:d8:05:48:7c:ac:2c:4a:d7:
         1e:cc:a8:74:f7:6b:ef:76:43:8f:7f:0b:77:5f:45:56:9e:28:
         70:f6:8b:4f:48:09:6b:fe:02:86:e6:db:1b:97:21:5d:5d:68:
         78:a6:ba:5e:42:28:a4:3a:93:c1:e3:1d:37:68:67:43:24:a6:
         79:aa:4f:a2:f7:84:8d:50:29:9a:bd:be:fb:42:a4:90:81:49:
         33:3a:dc:5c:0a:1a:27:6d:77:bf:2f:8f:b4:ea:96:2d:f1:2a:
         a8:9b:95:45:4d:75:fc:28:66:d1:51:53:83:88:c0:9b:f5:7f:
         9e:07:88:f6:06:4a:46:a6:d5:f3:6b:f9:9f:2e:67:94:5d:96:
         3b:51:05:52:da:c0:44:99:23:a5:be:f1:c3:64:2d:42:c3:a2:
         80:36:11:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV3QtoHwVb8UUnyK9YM25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUwNjA4MDcwMDQzWhcNMjUwNjA5MDcwMDQzWjAzMTEwLwYDVQQD
EyhiOGI3OWU2YmYyMTU1ODNkOGM2ODlhMWZhNzQ1OTMzYzRmNjgwODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv0FL8N/TpKNuaT1Yi2BvV6qjRxP
0ce1po8mimBmokXIUQEbD2zLl5b8c8j5II4NE87OgayicGLufmlliAO6Ex43INfk
yhdtsSYCwYicatSygx53OQhMcpQrMm9AA3SThXP7yLCLccQR8M8o7ce4yhUjwRVF
VKIxGqqmfh1WriJXpZ/MRYVZtPZSc7LWQcJNXz1NbRSVOSjLzF4aBsYACwkqjNTY
xAco40+8SzvEFYQ24eTaFNKbrnpyEKlnSsNBo8076m0xDcwNIqrtS9HL4mlgrfiF
nNX1+g1IKn/+3EQ7wGX8wwe5pupnOlwHzW6MhtIBjsh/TTBGFnXprMORlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLi3nmvyFVg9jGiaH6dFkzxPaAiWMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALn/+iLYI
DCHQvT67t3f1UYJg4TFmcdN/1ai40NbjpnNEEvbjFDNBGdhTl0ukHCOXYPJJ37aP
DpvI29JeYB0M3/Ied8MpsyHgVBBYd0LO0hNJSXQNER8S0fT6ZQwg0/u0cCYHGNgF
SHysLErXHsyodPdr73ZDj38Ld19FVp4ocPaLT0gJa/4ChubbG5chXV1oeKa6XkIo
pDqTweMdN2hnQySmeapPoveEjVApmr2++0KkkIFJMzrcXAoaJ213vy+PtOqWLfEq
qJuVRU11/Chm0VFTg4jAm/V/ngeI9gZKRqbV82v5ny5nlF2WO1EFUtrARJkjpb7x
w2QtQsOigDYRqg==
-----END CERTIFICATE-----