Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          wE38fDATWXetSIThKuDPZc6DsGuUhfKXT/8qE99KDPA=
Subject key identifier:   A0:67:D8:84:39:00:49:F1:4A:EF:5D:36:DF:61:FC:32:A4:0F:96:A4
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       019D3A536843EE08BF13BCEB87B7D470926E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          108E
Signing time:             Sun 29 Mar 2026 16:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:37 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: mcBszmi/H+fAql5GRGE6XiIfj7EhSsfYfM9+p5me2rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:68:43:ee:08:bf:13:bc:eb:87:b7:d4:70:92:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Mar 29 16:00:37 2026 GMT
            Not After : Mar 30 16:00:37 2026 GMT
        Subject: CN=a067d884390049f14aef5d36df61fc32a40f96a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:0b:ad:4e:23:d2:0c:d1:4a:bc:a5:7d:a8:85:
                    45:50:64:2c:e7:92:6d:5f:bd:4b:d6:0e:a7:0c:aa:
                    9d:ee:8b:45:1f:25:71:d7:90:a3:79:93:09:0a:e6:
                    e5:ca:be:0a:77:44:f5:f9:cc:d7:e0:e9:7c:b0:84:
                    00:f9:8b:85:21:87:4f:64:b4:91:cb:63:e2:02:32:
                    51:53:db:69:91:17:05:c6:b3:48:46:d8:50:2e:83:
                    6d:36:56:a4:91:9a:cf:ed:3c:20:c6:55:f7:4d:88:
                    f4:cd:1d:cc:6c:3b:a1:8a:10:e9:f3:8c:0e:b2:a1:
                    80:81:0b:8f:ed:9e:57:1e:64:f5:98:4e:cb:3c:dc:
                    ac:b5:f5:4e:7f:b8:30:35:6d:50:6f:a4:2f:19:99:
                    8f:9d:db:c4:c4:6c:5e:25:09:cf:58:8e:f0:f3:c1:
                    df:8f:a9:2c:4e:3a:74:e2:18:a9:b7:a4:a1:f3:eb:
                    0d:97:73:b4:8a:68:89:b1:4a:7a:56:50:da:c6:61:
                    14:01:39:99:06:cf:5f:73:8f:53:b9:da:23:fe:84:
                    b9:2c:74:93:6f:50:5c:1d:0a:76:b6:35:fa:d6:c5:
                    ef:45:13:c1:47:8e:95:37:81:1b:32:ec:60:f8:9a:
                    0f:03:bd:25:cf:a6:ee:3e:7c:39:57:10:f5:bb:6d:
                    5c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:67:D8:84:39:00:49:F1:4A:EF:5D:36:DF:61:FC:32:A4:0F:96:A4
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:03:bd:6d:7d:ae:b6:fa:b7:e1:00:77:99:cb:53:39:74:b6:
         22:40:ea:62:a8:ac:de:6c:19:da:97:3f:d8:4c:88:19:35:cc:
         b4:c5:45:5a:27:12:fb:92:ba:2a:2a:8e:39:92:00:00:ac:8d:
         b5:de:8e:fa:b7:88:57:93:d3:ec:d6:e8:d0:c7:2a:87:bf:2f:
         39:44:38:2d:da:38:07:4b:f3:60:ab:48:ea:0c:8c:bd:ed:1a:
         f6:79:b4:77:dc:e3:b2:cc:da:82:35:bd:86:3f:7d:ba:9a:50:
         9b:1f:27:8c:e2:86:5c:b9:38:db:29:3f:9b:02:14:9f:55:39:
         83:ee:b0:c4:03:60:2a:69:e7:cc:f9:7c:f6:fb:58:61:de:87:
         7c:a8:52:0c:c8:ec:a8:af:d7:7e:54:58:0b:5b:3d:ed:ba:05:
         b0:4b:b5:2e:8c:28:44:3b:8f:bb:db:1d:3d:4c:8b:59:55:f6:
         60:ea:2c:32:0a:c1:99:d1:56:72:31:fc:c6:6c:77:bf:98:9f:
         a9:b6:51:82:22:4e:ac:14:e5:7e:d6:38:81:61:4e:99:75:f1:
         5c:ce:c0:6e:f6:80:4c:5a:1d:5a:c2:9a:47:3d:d6:e6:f3:31:
         75:f7:4a:db:fe:9a:f4:e4:b8:77:90:3b:d4:39:df:f7:1b:ad:
         47:4f:1c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U2hD7gi/E7zrh7fUcJJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjYwMzI5MTYwMDM3WhcNMjYwMzMwMTYwMDM3WjAzMTEwLwYDVQQD
EyhhMDY3ZDg4NDM5MDA0OWYxNGFlZjVkMzZkZjYxZmMzMmE0MGY5NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AutTiPSDNFKvKV9qIVFUGQs55Jt
X71L1g6nDKqd7otFHyVx15CjeZMJCublyr4Kd0T1+czX4Ol8sIQA+YuFIYdPZLSR
y2PiAjJRU9tpkRcFxrNIRthQLoNtNlakkZrP7TwgxlX3TYj0zR3MbDuhihDp84wO
sqGAgQuP7Z5XHmT1mE7LPNystfVOf7gwNW1Qb6QvGZmPndvExGxeJQnPWI7w88Hf
j6ksTjp04hipt6Sh8+sNl3O0imiJsUp6VlDaxmEUATmZBs9fc49Tudoj/oS5LHST
b1BcHQp2tjX61sXvRRPBR46VN4EbMuxg+JoPA70lz6buPnw5VxD1u21cAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBn2IQ5AEnxSu9dNt9h/DKkD5akMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfwO9bX2u
tvq34QB3mctTOXS2IkDqYqis3mwZ2pc/2EyIGTXMtMVFWicS+5K6KiqOOZIAAKyN
td6O+reIV5PT7Nbo0Mcqh78vOUQ4Ldo4B0vzYKtI6gyMve0a9nm0d9zjsszagjW9
hj99uppQmx8njOKGXLk42yk/mwIUn1U5g+6wxANgKmnnzPl89vtYYd6HfKhSDMjs
qK/XflRYC1s97boFsEu1LowoRDuPu9sdPUyLWVX2YOosMgrBmdFWcjH8xmx3v5if
qbZRgiJOrBTlftY4gWFOmXXxXM7AbvaATFodWsKaRz3W5vMxdfdK2/6a9OS4d5A7
1Dnf9xutR08cyQ==
-----END CERTIFICATE-----