Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          He4jXuEaMImFLPzlvMZSDdtDZxEH7OFGekIWkWlQGwE=
Subject key identifier:   9E:15:F4:8D:68:3D:1B:45:25:DC:61:41:90:95:DF:56:26:C7:39:8C
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       0193568A2A1419B1E36A679344163F5AA393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0B6F
Signing time:             Sat 23 Nov 2024 01:01:55 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:55 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:55 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: JntDgg9f3dp+pysbCSz8MdpRAI8ThEVcyq5i/JAlN9U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:2a:14:19:b1:e3:6a:67:93:44:16:3f:5a:a3:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Nov 23 01:01:55 2024 GMT
            Not After : Nov 24 01:01:55 2024 GMT
        Subject: CN=9e15f48d683d1b4525dc61419095df5626c7398c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:92:85:9b:3b:3b:3a:f6:59:b7:aa:db:e2:bd:
                    1b:35:b5:a4:f3:aa:99:c9:2c:06:82:28:9d:72:ed:
                    cf:09:30:d0:13:a6:0b:ac:b8:83:5e:a8:a3:1a:31:
                    13:20:7a:ae:08:42:66:bb:94:a6:75:2e:ac:ae:bb:
                    db:44:67:35:37:66:ac:c7:a6:b8:98:04:df:db:9e:
                    25:d7:2d:2d:40:ad:8f:52:24:24:ce:c4:e3:ac:0e:
                    49:65:19:97:4f:39:cc:13:34:c2:6c:0d:c9:74:99:
                    ba:ea:91:22:39:39:b5:d2:7a:8b:1b:3d:40:80:68:
                    3d:85:6a:6d:a0:db:69:a8:79:60:d4:e8:b3:65:00:
                    70:b5:18:41:8c:42:75:84:e9:e8:02:c0:dd:be:63:
                    64:52:49:50:0e:6a:5c:b3:10:b9:13:ee:d4:81:e2:
                    87:cf:33:ed:f5:d4:69:57:1e:04:6f:2e:99:0c:56:
                    7b:eb:e7:da:f9:40:ac:be:fb:58:ab:cb:bd:70:3e:
                    f0:f5:ab:0c:36:df:91:00:ab:dc:91:4a:b3:e1:26:
                    24:b2:e3:e6:19:43:94:7e:6d:43:d6:61:f1:4e:d1:
                    30:a4:3e:63:96:8a:2d:db:cc:aa:e9:bf:34:97:99:
                    24:13:70:e8:17:54:b5:bc:bf:34:4a:f8:87:33:d8:
                    cb:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:15:F4:8D:68:3D:1B:45:25:DC:61:41:90:95:DF:56:26:C7:39:8C
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:25:92:4e:a1:b0:80:78:4c:4f:5b:0d:17:e3:10:f0:2e:b2:
         42:1a:de:58:0a:b2:fc:93:69:ce:98:2f:5e:06:f9:8d:82:0a:
         23:ca:6f:d2:46:51:e6:83:d9:59:2f:d9:9e:2a:e5:ef:a8:d3:
         e9:41:38:07:be:39:b7:8a:f1:10:66:82:5d:9b:8d:eb:78:dc:
         53:ef:ce:de:6c:fe:d0:1f:5b:bf:4d:74:cb:27:d9:0b:c7:f6:
         68:68:9d:06:a2:ea:07:b6:30:c6:e8:45:9e:85:05:2f:61:e1:
         0d:d6:dc:7b:10:c9:81:cb:e4:5a:47:1b:d9:78:e3:77:4a:98:
         75:00:9d:59:57:e2:bc:5a:8c:2a:fa:b8:3b:c3:6c:81:e1:04:
         6e:67:fe:98:b6:2f:af:30:b7:ca:60:c9:5a:47:5e:8d:43:c0:
         eb:7f:af:76:7b:09:44:40:17:4a:f0:ea:ee:b0:b4:0e:f0:a9:
         1b:f1:b2:d2:37:b3:47:cf:ca:01:cb:33:a8:86:d4:3d:0b:e5:
         10:c3:d6:09:85:6c:d5:76:38:23:86:2a:75:e1:61:88:59:81:
         9f:eb:d6:a0:68:24:21:29:ce:a8:5f:41:0e:83:b6:c0:e8:09:
         6d:d2:16:6a:11:6e:6c:c9:a0:29:3c:36:e0:d3:4a:61:88:d0:
         28:a7:5a:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiioUGbHjameTRBY/WqOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjQxMTIzMDEwMTU1WhcNMjQxMTI0MDEwMTU1WjAzMTEwLwYDVQQD
Eyg5ZTE1ZjQ4ZDY4M2QxYjQ1MjVkYzYxNDE5MDk1ZGY1NjI2YzczOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZKFmzs7OvZZt6rb4r0bNbWk86qZ
ySwGgiidcu3PCTDQE6YLrLiDXqijGjETIHquCEJmu5SmdS6srrvbRGc1N2asx6a4
mATf254l1y0tQK2PUiQkzsTjrA5JZRmXTznMEzTCbA3JdJm66pEiOTm10nqLGz1A
gGg9hWptoNtpqHlg1OizZQBwtRhBjEJ1hOnoAsDdvmNkUklQDmpcsxC5E+7UgeKH
zzPt9dRpVx4Eby6ZDFZ76+fa+UCsvvtYq8u9cD7w9asMNt+RAKvckUqz4SYksuPm
GUOUfm1D1mHxTtEwpD5jloot28yq6b80l5kkE3DoF1S1vL80SviHM9jL/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4V9I1oPRtFJdxhQZCV31YmxzmMMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyWSTqGw
gHhMT1sNF+MQ8C6yQhreWAqy/JNpzpgvXgb5jYIKI8pv0kZR5oPZWS/Znirl76jT
6UE4B745t4rxEGaCXZuN63jcU+/O3mz+0B9bv010yyfZC8f2aGidBqLqB7YwxuhF
noUFL2HhDdbcexDJgcvkWkcb2Xjjd0qYdQCdWVfivFqMKvq4O8NsgeEEbmf+mLYv
rzC3ymDJWkdejUPA63+vdnsJREAXSvDq7rC0DvCpG/Gy0jezR8/KAcszqIbUPQvl
EMPWCYVs1XY4I4YqdeFhiFmBn+vWoGgkISnOqF9BDoO2wOgJbdIWahFubMmgKTw2
4NNKYYjQKKdalw==
-----END CERTIFICATE-----