Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
File:                     ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json)
Hash identifier:          8z7K8zuOM5GS/noxnoFvkUCa148T6Af7Z/U50hV2I1Q=
Subject key identifier:   30:6A:E2:DD:BA:83:FA:51:32:5B:D1:46:41:4B:B2:3F:7C:CF:21:51
Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9
Certificate issuer:       /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
Certificate serial:       019657267F7A3648A4B236EF91605556A58B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
Manifest number:          0CFD
Signing time:             Mon 21 Apr 2025 07:01:02 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:02 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:02 +0000
Files and hashes:         1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: 4VUdZb2wSpm6TRjEobpLUu+kwwUQiV2f4FHCJv8mwWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:7f:7a:36:48:a4:b2:36:ef:91:60:55:56:a5:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9
        Validity
            Not Before: Apr 21 07:01:02 2025 GMT
            Not After : Apr 22 07:01:02 2025 GMT
        Subject: CN=306ae2ddba83fa51325bd146414bb23f7ccf2151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:df:22:f8:f6:41:cd:47:1a:c7:57:c1:87:f4:
                    8d:da:c0:7d:7e:54:37:4f:87:97:86:3a:fe:d3:05:
                    ff:8d:eb:fa:a6:4d:1e:71:a5:ab:1f:d2:8a:9c:0a:
                    5f:04:6f:9d:f2:70:5f:b7:42:ed:5d:bb:a5:5e:13:
                    95:03:0e:c2:97:c6:e2:c4:a7:aa:dd:bc:4e:75:c7:
                    18:06:ed:85:58:f8:20:42:f5:b0:2e:ee:03:ca:df:
                    33:1e:4f:66:8c:b8:11:b6:4b:5a:5a:75:70:99:21:
                    9d:b6:30:77:fb:b5:fd:ee:26:ee:5c:7b:f4:45:2c:
                    60:c6:59:2f:ab:95:b1:e2:16:1e:df:39:26:1c:61:
                    ad:5e:d9:5e:9d:68:7e:7d:8f:f4:b9:51:77:8b:ca:
                    69:0d:2e:c6:15:10:3f:df:66:d4:a4:16:6c:bd:a7:
                    0b:73:20:e3:7f:bf:92:01:d4:41:fa:53:0a:34:21:
                    62:14:d1:bb:bd:17:b3:73:33:26:fe:32:bc:29:7f:
                    23:db:17:c6:39:19:37:b7:9e:77:c4:5a:fa:46:28:
                    73:e4:55:45:5e:de:ca:be:fd:ad:e5:9a:a5:28:d8:
                    34:be:e9:07:07:c6:b1:23:c8:d3:0c:8e:76:3f:b6:
                    ba:da:78:ea:9a:da:c9:4e:e7:bf:94:92:70:60:e7:
                    27:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:6A:E2:DD:BA:83:FA:51:32:5B:D1:46:41:4B:B2:3F:7C:CF:21:51
            X509v3 Authority Key Identifier:
                keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:fb:57:e4:29:10:69:93:1e:40:b0:d9:7d:1a:8d:7e:69:c2:
         68:f4:be:d6:d7:59:1e:c7:dd:82:5a:f7:1c:6e:14:7c:5a:35:
         ab:6b:8f:76:d1:11:72:e5:4f:b3:46:0e:b7:da:13:9c:8b:bd:
         c8:2f:e2:14:9a:e7:13:24:ec:cd:85:15:a7:3d:d3:64:9b:f7:
         8b:a4:a6:af:72:c1:83:de:81:d0:e0:0b:85:44:b6:83:84:49:
         f7:ce:38:4b:4d:e1:c9:c2:a9:bc:7a:6d:9b:31:07:ff:9a:20:
         a2:8d:0b:1d:a8:3d:bf:16:5e:3b:14:0a:55:ab:3f:e4:2b:b9:
         69:4e:b1:4f:65:29:22:80:02:32:7f:67:33:48:b0:0e:33:2a:
         8a:64:94:8d:de:1b:9e:d8:03:1e:20:11:d1:ca:2e:1d:ee:ea:
         5a:bc:dc:b1:95:8c:2e:4d:b2:22:7f:56:e8:cc:93:b7:14:83:
         83:5b:95:da:bd:10:5f:c8:7b:0d:75:33:66:e9:fe:da:29:e9:
         2a:00:08:00:de:9f:13:32:e5:f6:f8:0e:74:ba:70:38:ec:51:
         ad:d0:9b:e7:47:08:5b:e3:34:bd:e5:7c:ab:3f:6a:e9:b0:6b:
         37:b1:5d:44:5b:ac:92:0d:4a:58:db:d1:7b:39:1f:4d:6f:0d:
         db:cd:9b:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJn96NkiksjbvkWBVVqWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1
ZmM2ZTkwHhcNMjUwNDIxMDcwMTAyWhcNMjUwNDIyMDcwMTAyWjAzMTEwLwYDVQQD
EygzMDZhZTJkZGJhODNmYTUxMzI1YmQxNDY0MTRiYjIzZjdjY2YyMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs98i+PZBzUcax1fBh/SN2sB9flQ3
T4eXhjr+0wX/jev6pk0ecaWrH9KKnApfBG+d8nBft0LtXbulXhOVAw7Cl8bixKeq
3bxOdccYBu2FWPggQvWwLu4Dyt8zHk9mjLgRtktaWnVwmSGdtjB3+7X97ibuXHv0
RSxgxlkvq5Wx4hYe3zkmHGGtXtlenWh+fY/0uVF3i8ppDS7GFRA/32bUpBZsvacL
cyDjf7+SAdRB+lMKNCFiFNG7vRezczMm/jK8KX8j2xfGORk3t553xFr6Rihz5FVF
Xt7Kvv2t5ZqlKNg0vukHB8axI8jTDI52P7a62njqmtrJTue/lJJwYOcnnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBq4t26g/pRMlvRRkFLsj98zyFRMB8GA1UdIwQY
MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt
MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3
LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivtX5CkQ
aZMeQLDZfRqNfmnCaPS+1tdZHsfdglr3HG4UfFo1q2uPdtERcuVPs0YOt9oTnIu9
yC/iFJrnEyTszYUVpz3TZJv3i6Smr3LBg96B0OALhUS2g4RJ9844S03hycKpvHpt
mzEH/5ogoo0LHag9vxZeOxQKVas/5Cu5aU6xT2UpIoACMn9nM0iwDjMqimSUjd4b
ntgDHiAR0couHe7qWrzcsZWMLk2yIn9W6MyTtxSDg1uV2r0QX8h7DXUzZun+2inp
KgAIAN6fEzLl9vgOdLpwOOxRrdCb50cIW+M0veV8qz9q6bBrN7FdRFuskg1KWNvR
ezkfTW8N282bJg==
-----END CERTIFICATE-----