Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          EMcyjWjAv7wA8kzr/1pXWPTT+diRfcM+ZhXG9f1niaQ=
Subject key identifier:   C5:FB:0F:93:1B:37:35:3A:B0:3A:38:00:91:00:ED:7B:B3:97:60:03
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       018F86A3FBDEE18FC8CCB8CF657B82CAEE2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          0E09
Signing time:             Fri 17 May 2024 13:00:44 +0000
Manifest this update:     Fri 17 May 2024 13:00:44 +0000
Manifest next update:     Sat 18 May 2024 13:00:44 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: jYdnbeL1vjKPZavgJWudyhvi+ZP42BR5D+TlzckoiNI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:fb:de:e1:8f:c8:cc:b8:cf:65:7b:82:ca:ee:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: May 17 13:00:44 2024 GMT
            Not After : May 18 13:00:44 2024 GMT
        Subject: CN=c5fb0f931b37353ab03a38009100ed7bb3976003
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:48:61:d1:b2:e3:19:e2:28:30:ed:9f:82:22:
                    06:30:72:4b:ee:c6:93:b6:63:ef:03:25:c3:a6:17:
                    4b:ed:e2:79:44:c9:50:ab:3a:50:86:87:c3:60:dd:
                    a9:92:18:9f:8b:ce:76:20:57:de:b1:82:61:fe:b8:
                    cc:37:d6:89:ff:96:cd:c1:cd:53:35:3a:b4:c0:9a:
                    13:0e:4c:ff:dc:d1:08:d2:fc:25:11:af:22:57:4c:
                    8f:7a:fd:e6:2f:3d:fa:68:bc:7c:c4:c7:10:66:e8:
                    0f:72:23:11:02:6b:3b:8e:fe:05:20:a6:ed:3f:33:
                    c4:e0:4e:87:98:ff:5b:23:34:29:e9:65:3d:ca:99:
                    29:03:5c:7f:d7:af:b8:53:04:47:76:8c:f5:54:72:
                    e8:7b:47:d7:c0:6f:d7:ab:9f:db:4f:b9:4e:4e:51:
                    af:b0:57:87:a9:75:77:bc:3e:3f:c5:9a:de:c8:20:
                    8a:ab:1d:f0:41:28:91:56:f1:47:fb:12:39:15:8b:
                    5f:10:44:92:9b:02:56:19:de:8c:87:31:f4:e2:ab:
                    7c:23:74:a3:b8:2e:31:2a:22:ef:1d:ff:cf:d3:e1:
                    05:2b:a2:3a:ef:c6:37:0d:16:23:ef:af:9c:2b:26:
                    26:62:c7:06:93:4e:54:99:60:b0:df:48:1f:2d:43:
                    ec:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:FB:0F:93:1B:37:35:3A:B0:3A:38:00:91:00:ED:7B:B3:97:60:03
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:52:f6:ab:6a:44:49:ac:9e:f7:db:aa:a2:d7:63:cd:fc:c5:
         b7:67:1c:d8:cc:0d:61:d2:50:d5:0a:ce:64:e6:60:ca:d6:6e:
         3d:c2:f0:6a:54:09:9b:1b:3c:c1:49:e8:da:13:70:68:2f:36:
         d7:77:df:6b:33:6c:d0:c9:7d:6b:f6:b5:c7:d6:a4:55:dc:61:
         1b:8e:19:d2:23:00:ac:af:4f:8d:d0:5f:46:a9:5a:8d:70:19:
         aa:21:f0:bb:0f:80:3d:df:70:2c:4d:19:fa:81:fc:20:6e:a2:
         7f:d3:99:f9:b9:54:c7:84:3d:39:f5:50:34:42:22:07:ef:a6:
         c6:3f:2d:2c:b5:8b:06:86:07:6a:a3:8b:d5:93:5d:36:0c:cf:
         c8:d3:e8:16:a7:87:fa:42:ce:da:b2:c6:01:de:e1:92:ff:3e:
         b1:74:c1:e3:61:4b:44:a2:68:51:46:7a:7b:0e:2b:fc:b5:67:
         8c:80:bd:04:82:75:4f:0d:ff:36:cb:1f:af:d1:97:9b:f1:4b:
         51:a5:d6:4a:02:bb:71:0d:9a:44:6f:f8:0a:96:15:59:b3:67:
         f5:70:4e:1f:a1:c5:76:71:c8:fc:63:e2:5e:0e:27:cb:7d:fb:
         85:7e:34:6a:34:f3:20:0a:00:67:9c:9a:d6:4a:44:a7:d1:a3:
         14:d5:ab:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go/ve4Y/IzLjPZXuCyu4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjQwNTE3MTMwMDQ0WhcNMjQwNTE4MTMwMDQ0WjAzMTEwLwYDVQQD
EyhjNWZiMGY5MzFiMzczNTNhYjAzYTM4MDA5MTAwZWQ3YmIzOTc2MDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Ehh0bLjGeIoMO2fgiIGMHJL7saT
tmPvAyXDphdL7eJ5RMlQqzpQhofDYN2pkhifi852IFfesYJh/rjMN9aJ/5bNwc1T
NTq0wJoTDkz/3NEI0vwlEa8iV0yPev3mLz36aLx8xMcQZugPciMRAms7jv4FIKbt
PzPE4E6HmP9bIzQp6WU9ypkpA1x/16+4UwRHdoz1VHLoe0fXwG/Xq5/bT7lOTlGv
sFeHqXV3vD4/xZreyCCKqx3wQSiRVvFH+xI5FYtfEESSmwJWGd6MhzH04qt8I3Sj
uC4xKiLvHf/P0+EFK6I678Y3DRYj76+cKyYmYscGk05UmWCw30gfLUPspwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMX7D5MbNzU6sDo4AJEA7Xuzl2ADMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAalL2q2pE
Saye99uqotdjzfzFt2cc2MwNYdJQ1QrOZOZgytZuPcLwalQJmxs8wUno2hNwaC82
13ffazNs0Ml9a/a1x9akVdxhG44Z0iMArK9PjdBfRqlajXAZqiHwuw+APd9wLE0Z
+oH8IG6if9OZ+blUx4Q9OfVQNEIiB++mxj8tLLWLBoYHaqOL1ZNdNgzPyNPoFqeH
+kLO2rLGAd7hkv8+sXTB42FLRKJoUUZ6ew4r/LVnjIC9BIJ1Tw3/Nssfr9GXm/FL
UaXWSgK7cQ2aRG/4CpYVWbNn9XBOH6HFdnHI/GPiXg4ny337hX40ajTzIAoAZ5ya
1kpEp9GjFNWrqw==
-----END CERTIFICATE-----