Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          hD8QNiOrvgxEqgCwbVwAVU7Jka+WCGCM9j22yuYlu1g=
Subject key identifier:   4A:1E:B5:FE:FF:AF:49:06:1B:E2:8A:23:A2:DE:E2:5B:37:26:3F:E7
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019D37C0CE94905DEB05655D615BEED1EDF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          1520
Signing time:             Sun 29 Mar 2026 04:01:15 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:15 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:15 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: 8JIXxvhUDKxg+JXrrkvnSZFBrvZG6YWc69UDbH8N8yI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:ce:94:90:5d:eb:05:65:5d:61:5b:ee:d1:ed:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Mar 29 04:01:15 2026 GMT
            Not After : Mar 30 04:01:15 2026 GMT
        Subject: CN=4a1eb5feffaf49061be28a23a2dee25b37263fe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:03:1b:d5:57:fd:ab:c0:37:ab:57:90:7e:36:
                    53:47:4e:a5:fe:4c:ff:b2:10:4d:ce:56:35:2f:be:
                    a2:09:b7:41:72:84:21:4e:03:d9:cf:9b:fd:7e:f0:
                    5f:b6:a4:8d:90:b5:ea:46:aa:de:2b:97:d0:60:4e:
                    37:78:f7:31:5b:b8:e2:b6:a4:82:d4:db:18:b5:4c:
                    bc:89:80:e4:42:33:cb:d1:ac:b4:31:cf:dd:f6:bf:
                    81:e9:71:aa:da:65:6e:c4:87:5d:c4:7a:98:ee:1a:
                    bd:ce:1a:db:06:9f:0c:61:13:ad:1a:35:77:54:dc:
                    8a:df:b4:28:51:02:77:f3:19:62:9a:94:ca:b5:c1:
                    d7:17:f5:50:24:78:2a:98:83:bf:0a:19:62:eb:7f:
                    53:b6:e4:64:38:06:19:ef:89:be:7f:3c:93:c7:dd:
                    54:5a:8d:9f:89:24:8e:a4:91:41:3d:51:1d:09:5d:
                    88:06:24:49:13:cd:3d:a9:65:08:77:43:9b:d0:5c:
                    61:5c:d2:8a:81:fc:08:b1:d2:0e:a0:91:45:cd:de:
                    e2:6c:f7:c3:a3:4b:23:ed:bf:f9:be:b6:87:c0:13:
                    7c:01:f6:bb:78:ee:56:0d:b8:e3:1a:e5:ca:9c:9c:
                    e4:3d:58:12:6b:9b:18:5f:15:3e:aa:b2:d7:65:a1:
                    f7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:1E:B5:FE:FF:AF:49:06:1B:E2:8A:23:A2:DE:E2:5B:37:26:3F:E7
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:97:4b:c5:43:a6:43:0e:e7:be:a4:75:9c:ca:d0:25:28:6b:
         97:14:1c:cc:59:c5:d2:b8:7a:c9:2b:e7:73:f9:a5:1c:39:ca:
         4b:01:c3:a4:6d:d3:6b:2a:f3:7e:9f:f5:4d:c3:a0:c2:3d:66:
         94:01:ee:e6:6d:9f:51:e7:15:22:e7:3b:e8:7a:40:7d:ef:0b:
         78:04:67:39:d8:d3:e8:58:fa:66:95:91:26:a0:d6:9b:51:66:
         89:65:f4:f6:b9:67:2e:97:40:d9:53:56:25:68:1e:e2:cb:14:
         0e:f2:d4:f1:41:4f:37:62:4d:2b:69:c1:39:61:38:09:4a:9e:
         3c:b9:36:db:5d:c1:f5:fe:53:91:e7:ec:3b:4b:37:3c:54:53:
         3b:d2:de:3f:6b:71:5f:b6:b0:de:4d:39:25:3e:a6:a7:0e:8a:
         86:53:c7:cb:7a:b5:c6:99:e0:36:f9:0a:7f:ca:6e:e6:04:5e:
         b0:26:83:ea:9e:86:f4:01:9c:ca:7f:87:5a:e6:5d:a7:a3:18:
         49:d1:54:18:46:d2:fc:6a:21:c7:98:30:5b:8c:44:f9:f1:44:
         27:2b:1a:f7:3f:a2:6a:60:f1:86:a7:b9:bf:22:0c:1e:7e:c9:
         c2:6a:6a:01:95:79:dc:2f:3c:f5:ca:79:27:f7:92:c1:dd:c5:
         fe:e3:7f:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wM6UkF3rBWVdYVvu0e3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjYwMzI5MDQwMTE1WhcNMjYwMzMwMDQwMTE1WjAzMTEwLwYDVQQD
Eyg0YTFlYjVmZWZmYWY0OTA2MWJlMjhhMjNhMmRlZTI1YjM3MjYzZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQMb1Vf9q8A3q1eQfjZTR06l/kz/
shBNzlY1L76iCbdBcoQhTgPZz5v9fvBftqSNkLXqRqreK5fQYE43ePcxW7jitqSC
1NsYtUy8iYDkQjPL0ay0Mc/d9r+B6XGq2mVuxIddxHqY7hq9zhrbBp8MYROtGjV3
VNyK37QoUQJ38xlimpTKtcHXF/VQJHgqmIO/Chli639TtuRkOAYZ74m+fzyTx91U
Wo2fiSSOpJFBPVEdCV2IBiRJE809qWUId0Ob0FxhXNKKgfwIsdIOoJFFzd7ibPfD
o0sj7b/5vraHwBN8Afa7eO5WDbjjGuXKnJzkPVgSa5sYXxU+qrLXZaH3/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoetf7/r0kGG+KKI6Le4ls3Jj/nMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZdLxUOm
Qw7nvqR1nMrQJShrlxQczFnF0rh6ySvnc/mlHDnKSwHDpG3Tayrzfp/1TcOgwj1m
lAHu5m2fUecVIuc76HpAfe8LeARnOdjT6Fj6ZpWRJqDWm1FmiWX09rlnLpdA2VNW
JWge4ssUDvLU8UFPN2JNK2nBOWE4CUqePLk2213B9f5TkefsO0s3PFRTO9LeP2tx
X7aw3k05JT6mpw6KhlPHy3q1xpngNvkKf8pu5gResCaD6p6G9AGcyn+HWuZdp6MY
SdFUGEbS/Gohx5gwW4xE+fFEJysa9z+iamDxhqe5vyIMHn7JwmpqAZV53C889cp5
J/eSwd3F/uN/dg==
-----END CERTIFICATE-----