Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          nihiwF3nJQZud5V1md83rDVyKTeFyJBgJqREXUjXXSg=
Subject key identifier:   29:13:95:36:C3:3B:F6:8E:B8:DE:05:D5:4E:2D:99:A4:62:C1:9E:57
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019A71132CBAF47D2D4B553B4A5AA84E3782
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          13B0
Signing time:             Tue 11 Nov 2025 04:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:13 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: Qk/O3WJnZiiEXTGXSRywJ4E3KfY/D08nhJ3/maWjjyQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:2c:ba:f4:7d:2d:4b:55:3b:4a:5a:a8:4e:37:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Nov 11 04:01:13 2025 GMT
            Not After : Nov 12 04:01:13 2025 GMT
        Subject: CN=29139536c33bf68eb8de05d54e2d99a462c19e57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:20:9a:8a:2a:2e:9c:c5:c2:8f:9d:c5:74:8c:
                    51:ad:ea:c9:e2:7b:5b:36:8a:32:5d:db:99:94:88:
                    60:a4:de:04:d9:b3:3d:c0:ee:fc:e9:4e:72:b3:89:
                    43:c8:51:68:8d:fb:9f:13:c2:d6:c9:ac:e0:d7:8b:
                    76:d0:f2:89:b9:5f:83:d9:81:d0:61:3a:0b:4e:d2:
                    20:05:ef:61:46:54:9d:69:57:3a:4c:ad:81:37:b2:
                    d5:2b:c5:32:e0:f1:7e:b7:08:3f:22:00:0f:d1:68:
                    6e:ad:c3:50:6d:8d:ed:be:d7:80:19:e2:20:71:47:
                    e3:9f:dc:01:7e:0b:32:be:27:61:a6:73:aa:f6:33:
                    98:08:aa:f5:72:ac:31:9a:33:fe:63:b9:c8:46:55:
                    e3:3a:71:9c:e9:1e:90:11:4f:98:0c:b4:24:2a:9b:
                    c1:fa:f6:9e:4f:60:bc:9d:1c:b0:3c:65:e8:fc:63:
                    27:a7:63:0d:6e:cc:8d:db:9d:48:6c:8b:cc:99:14:
                    35:45:17:91:cd:ff:33:1f:79:74:27:49:2f:ad:25:
                    6e:99:f4:c3:da:35:86:23:ba:f4:1f:9c:b4:1f:c1:
                    fc:b6:37:8f:49:ee:33:a5:e8:3d:8c:7c:ff:7a:08:
                    bb:fa:88:1d:3f:5d:8a:d2:b3:8b:fb:29:a2:18:1c:
                    79:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:13:95:36:C3:3B:F6:8E:B8:DE:05:D5:4E:2D:99:A4:62:C1:9E:57
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:7b:ae:aa:60:31:ed:98:ca:22:a3:83:39:53:93:00:46:ca:
         61:9c:c7:11:53:e7:8c:37:ed:7a:85:f7:d1:99:28:3a:4b:bd:
         1d:79:af:2f:2f:28:fe:bc:a0:ae:b1:52:21:9c:26:49:b9:61:
         98:cb:0d:91:e3:93:dd:f4:16:e2:50:26:30:93:ef:b1:16:ba:
         04:94:6d:39:cd:6b:b3:fa:34:d8:11:65:1c:d0:ab:2e:1b:fe:
         aa:12:03:6e:8f:e0:81:32:3e:a7:8b:45:ef:95:2e:a4:73:9d:
         77:25:2d:5b:02:19:57:b4:f2:63:16:6d:dd:2f:97:00:90:47:
         86:c4:4d:23:f9:33:f3:64:f3:15:4d:e9:28:c9:ac:47:6c:47:
         57:56:11:a4:70:56:ab:f1:ca:5e:7c:d3:f0:23:6f:ce:a2:ef:
         d6:0a:1e:77:1e:63:d8:76:a2:70:49:c4:7f:5e:cf:aa:00:31:
         4f:51:80:a6:39:65:73:91:1f:ef:78:8b:7d:00:d9:49:94:9b:
         12:d5:00:f9:bc:57:8b:84:6a:9f:9b:cf:75:1e:83:d4:e1:23:
         cb:2c:fe:89:16:54:5c:62:b0:d6:5c:99:57:78:9e:af:18:35:
         03:53:cf:17:52:be:40:27:50:ef:9c:47:98:63:7c:02:c7:58:
         8a:12:51:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyy69H0tS1U7SlqoTjeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUxMTExMDQwMTEzWhcNMjUxMTEyMDQwMTEzWjAzMTEwLwYDVQQD
EygyOTEzOTUzNmMzM2JmNjhlYjhkZTA1ZDU0ZTJkOTlhNDYyYzE5ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCCaiiounMXCj53FdIxRrerJ4ntb
NooyXduZlIhgpN4E2bM9wO786U5ys4lDyFFojfufE8LWyazg14t20PKJuV+D2YHQ
YToLTtIgBe9hRlSdaVc6TK2BN7LVK8Uy4PF+twg/IgAP0WhurcNQbY3tvteAGeIg
cUfjn9wBfgsyvidhpnOq9jOYCKr1cqwxmjP+Y7nIRlXjOnGc6R6QEU+YDLQkKpvB
+vaeT2C8nRywPGXo/GMnp2MNbsyN251IbIvMmRQ1RReRzf8zH3l0J0kvrSVumfTD
2jWGI7r0H5y0H8H8tjePSe4zpeg9jHz/egi7+ogdP12K0rOL+ymiGBx5lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkTlTbDO/aOuN4F1U4tmaRiwZ5XMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdHuuqmAx
7ZjKIqODOVOTAEbKYZzHEVPnjDfteoX30ZkoOku9HXmvLy8o/rygrrFSIZwmSblh
mMsNkeOT3fQW4lAmMJPvsRa6BJRtOc1rs/o02BFlHNCrLhv+qhIDbo/ggTI+p4tF
75UupHOddyUtWwIZV7TyYxZt3S+XAJBHhsRNI/kz82TzFU3pKMmsR2xHV1YRpHBW
q/HKXnzT8CNvzqLv1goedx5j2HaicEnEf17PqgAxT1GApjllc5Ef73iLfQDZSZSb
EtUA+bxXi4Rqn5vPdR6D1OEjyyz+iRZUXGKw1lyZV3ierxg1A1PPF1K+QCdQ75xH
mGN8AsdYihJRFA==
-----END CERTIFICATE-----