Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          r8b4r9kk1CTH9LuBigSgcJNtmgBvUHpiJbRzfbbeiDI=
Subject key identifier:   B6:FA:3A:2A:AD:03:59:B3:B5:FF:1F:B3:A1:9E:2B:E7:40:0B:12:91
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019747E7D00887CA1579529CB21135F93F10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          120D
Signing time:             Sat 07 Jun 2025 01:01:03 +0000
Manifest this update:     Sat 07 Jun 2025 01:01:03 +0000
Manifest next update:     Sun 08 Jun 2025 01:01:03 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: o2QkuBu64PCU+HyzHoPaoiqliYr/UVzxdukWtXUttZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:e7:d0:08:87:ca:15:79:52:9c:b2:11:35:f9:3f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Jun  7 01:01:03 2025 GMT
            Not After : Jun  8 01:01:03 2025 GMT
        Subject: CN=b6fa3a2aad0359b3b5ff1fb3a19e2be7400b1291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:13:be:6d:3b:ab:ef:b0:37:9b:aa:31:cc:6a:
                    b2:30:76:7c:52:1e:9e:73:71:d4:e1:18:79:24:74:
                    aa:24:3a:22:f2:09:c9:f3:66:f8:21:77:96:67:cf:
                    c0:aa:8d:b0:b3:cc:16:00:60:05:70:02:c0:b7:98:
                    f5:95:b5:67:d6:c3:f6:12:bb:61:58:23:6f:d7:81:
                    04:a9:54:11:fb:49:cc:2e:0c:5a:42:95:21:64:c2:
                    0c:7f:6c:14:c3:b1:e6:95:46:33:61:ea:67:01:a1:
                    4a:ee:b4:0b:ec:8e:3b:44:c3:1a:43:c4:55:b0:58:
                    e2:f2:75:cb:8a:4e:ed:ba:54:d3:49:77:4c:22:7d:
                    df:e8:bd:cc:24:e6:f1:f3:64:27:bd:4c:3c:1f:a4:
                    9f:3a:87:a5:69:b4:81:51:3b:ba:7d:40:59:1a:de:
                    85:be:2f:c9:f5:28:7d:19:3d:c0:6b:0f:b3:a2:62:
                    49:03:14:03:ad:f1:47:7f:2f:8f:8e:78:66:4b:2a:
                    81:7c:5b:3e:c9:40:5a:be:b0:bc:ca:a0:82:4d:16:
                    3c:66:45:a1:d2:15:ef:5e:18:54:22:63:22:fa:0c:
                    06:7a:c3:14:20:71:ad:d4:bf:1c:ed:16:1b:44:70:
                    03:81:bf:7f:83:63:9f:3e:0a:a3:99:ee:b8:49:c4:
                    6e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:FA:3A:2A:AD:03:59:B3:B5:FF:1F:B3:A1:9E:2B:E7:40:0B:12:91
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:e8:28:03:51:9b:f8:62:4f:1c:8f:58:dd:23:89:f4:bc:04:
         97:ad:0c:28:a1:ea:78:6d:ba:48:c9:2f:bf:39:e5:3b:11:6b:
         94:f1:31:41:6e:0b:5b:22:85:79:37:c9:1f:be:4a:5b:ed:15:
         00:61:57:2e:b0:0e:55:a0:8b:5c:08:14:f3:5a:4c:61:2c:96:
         29:78:ab:2b:72:02:7e:78:a9:e6:f8:a6:88:0b:74:48:ba:de:
         65:38:56:dc:c6:ff:93:82:b0:bd:96:f8:5d:80:19:df:52:c8:
         fe:4e:4f:10:00:2b:47:16:33:5b:22:9b:c8:88:cd:25:4d:63:
         87:bb:8c:fc:2a:83:bc:26:21:38:fd:64:c2:85:0b:4f:aa:b6:
         e5:88:92:c1:8e:2f:f8:50:20:84:ad:3d:b6:da:88:71:6c:06:
         90:00:73:94:8c:89:5a:09:0c:cb:44:6a:09:d4:bd:db:aa:0b:
         6c:64:dc:4c:86:56:0d:0f:ee:75:a3:62:1b:6b:9e:f0:cc:33:
         8a:8b:7e:cf:19:5a:b5:e3:76:1a:aa:44:c8:8c:37:07:35:d1:
         82:0e:18:e8:bd:88:f8:8e:54:4b:97:e3:56:1b:89:b6:97:7a:
         fe:2b:d3:a9:b9:20:44:8e:b3:74:9a:17:6e:f9:ad:52:a7:1b:
         7f:2d:c9:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH59AIh8oVeVKcshE1+T8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUwNjA3MDEwMTAzWhcNMjUwNjA4MDEwMTAzWjAzMTEwLwYDVQQD
EyhiNmZhM2EyYWFkMDM1OWIzYjVmZjFmYjNhMTllMmJlNzQwMGIxMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hO+bTur77A3m6oxzGqyMHZ8Uh6e
c3HU4Rh5JHSqJDoi8gnJ82b4IXeWZ8/Aqo2ws8wWAGAFcALAt5j1lbVn1sP2Erth
WCNv14EEqVQR+0nMLgxaQpUhZMIMf2wUw7HmlUYzYepnAaFK7rQL7I47RMMaQ8RV
sFji8nXLik7tulTTSXdMIn3f6L3MJObx82QnvUw8H6SfOoelabSBUTu6fUBZGt6F
vi/J9Sh9GT3Aaw+zomJJAxQDrfFHfy+PjnhmSyqBfFs+yUBavrC8yqCCTRY8ZkWh
0hXvXhhUImMi+gwGesMUIHGt1L8c7RYbRHADgb9/g2OfPgqjme64ScRugQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLb6OiqtA1mztf8fs6GeK+dACxKRMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjegoA1Gb
+GJPHI9Y3SOJ9LwEl60MKKHqeG26SMkvvznlOxFrlPExQW4LWyKFeTfJH75KW+0V
AGFXLrAOVaCLXAgU81pMYSyWKXirK3ICfnip5vimiAt0SLreZThW3Mb/k4KwvZb4
XYAZ31LI/k5PEAArRxYzWyKbyIjNJU1jh7uM/CqDvCYhOP1kwoULT6q25YiSwY4v
+FAghK09ttqIcWwGkABzlIyJWgkMy0RqCdS926oLbGTcTIZWDQ/udaNiG2ue8Mwz
iot+zxlateN2GqpEyIw3BzXRgg4Y6L2I+I5US5fjVhuJtpd6/ivTqbkgRI6zdJoX
bvmtUqcbfy3Jdw==
-----END CERTIFICATE-----