Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          C8X2lsbQDsmHKtq2no/INz53H86jR2BD25BIqg+1AvE=
Subject key identifier:   54:1B:73:DA:84:A3:1D:56:00:06:C4:FC:76:B3:42:A5:08:46:4D:BF
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019922FA4A435E42D097319CFEE7C10ECE3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          1303
Signing time:             Sun 07 Sep 2025 07:00:52 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:52 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:52 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: O4hZkt8HnHZvWfMqrUE5agZw399sj0lX8Y1tmqUKbGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:4a:43:5e:42:d0:97:31:9c:fe:e7:c1:0e:ce:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Sep  7 07:00:52 2025 GMT
            Not After : Sep  8 07:00:52 2025 GMT
        Subject: CN=541b73da84a31d560006c4fc76b342a508464dbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:c7:e6:db:d8:e8:66:73:a1:0f:7e:07:dd:72:
                    fc:d8:dc:a0:d3:6a:a3:0c:b5:32:53:2e:95:e3:8e:
                    c3:43:f8:54:5b:b4:45:8e:88:fa:be:8b:df:2d:9e:
                    06:ab:ee:9a:5d:57:34:75:b7:0f:03:0c:90:4c:d2:
                    9d:8f:84:33:1e:a4:ff:9b:a7:aa:cc:04:b5:4c:71:
                    fc:30:a9:19:6b:ef:94:bd:aa:51:f6:69:21:87:d3:
                    c0:49:f4:b6:92:4e:08:5b:02:51:2b:5c:d7:ea:7d:
                    0c:e4:95:45:e0:15:f5:ad:9d:95:3b:8e:46:1b:41:
                    fb:34:e8:9e:21:4b:48:0a:36:52:4f:ba:1d:65:b0:
                    b2:98:f3:34:96:84:64:29:d1:0b:6a:d7:cc:8b:c3:
                    29:e7:27:a1:8a:bd:b2:a9:f9:35:d3:34:89:9a:a7:
                    8a:36:98:87:4e:4a:4c:c2:e9:36:4d:b2:f9:06:ea:
                    55:30:db:6b:64:42:20:17:71:0e:b4:30:92:be:54:
                    8b:88:5e:af:23:e1:44:2c:d7:e2:e7:d8:aa:a8:f2:
                    ea:51:57:03:b7:fa:aa:55:ae:8e:41:1c:a7:df:6b:
                    1e:a4:09:6d:c2:27:a5:12:dc:db:f2:6e:e1:d9:b2:
                    f1:79:93:e8:02:35:05:50:03:95:ec:6a:29:97:b8:
                    98:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:1B:73:DA:84:A3:1D:56:00:06:C4:FC:76:B3:42:A5:08:46:4D:BF
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:62:97:6b:03:92:95:01:16:5a:68:a2:4a:c5:dd:c5:8e:b3:
         da:a3:ba:e4:cd:11:40:31:4b:75:e9:8b:52:ac:9f:fe:f3:35:
         90:d0:fb:47:f5:a6:c7:e9:d0:52:44:37:ed:77:60:4c:4d:e1:
         fc:e0:74:24:cd:7d:bb:7b:a5:f9:34:13:c1:8d:e3:93:90:cb:
         af:12:e3:77:f2:16:d2:0b:a1:51:99:0b:6d:46:0d:2d:a8:91:
         96:be:99:72:6c:c9:d9:c3:a3:b6:32:ca:8d:e0:20:d2:97:c3:
         e9:5f:03:47:f1:e5:54:56:b2:fe:51:11:73:f6:a7:64:f8:f6:
         89:82:6e:9c:c6:ed:d5:5f:0e:e8:b4:76:e8:1a:e3:1d:29:2e:
         e7:1e:af:ff:31:04:23:2e:dc:e6:82:6f:51:67:3a:2f:dd:dc:
         ad:81:5b:7c:b8:77:ea:4a:f2:19:67:e9:56:6e:cb:d3:75:46:
         86:5a:3d:12:65:3a:ab:d5:f1:3a:6a:11:ce:16:1e:e8:e3:f7:
         0f:a1:59:24:0b:fd:75:96:43:34:7a:d3:c2:d9:d6:bd:57:dd:
         92:5f:b4:56:73:1a:6d:23:e7:7e:c6:66:26:6e:b5:09:75:a9:
         93:0f:b6:4f:ea:19:cc:f4:39:00:32:79:7b:76:16:f6:8c:07:
         65:e5:2d:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+kpDXkLQlzGc/ufBDs48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUwOTA3MDcwMDUyWhcNMjUwOTA4MDcwMDUyWjAzMTEwLwYDVQQD
Eyg1NDFiNzNkYTg0YTMxZDU2MDAwNmM0ZmM3NmIzNDJhNTA4NDY0ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sfm29joZnOhD34H3XL82Nyg02qj
DLUyUy6V447DQ/hUW7RFjoj6vovfLZ4Gq+6aXVc0dbcPAwyQTNKdj4QzHqT/m6eq
zAS1THH8MKkZa++UvapR9mkhh9PASfS2kk4IWwJRK1zX6n0M5JVF4BX1rZ2VO45G
G0H7NOieIUtICjZST7odZbCymPM0loRkKdELatfMi8Mp5yehir2yqfk10zSJmqeK
NpiHTkpMwuk2TbL5BupVMNtrZEIgF3EOtDCSvlSLiF6vI+FELNfi59iqqPLqUVcD
t/qqVa6OQRyn32sepAltwielEtzb8m7h2bLxeZPoAjUFUAOV7Gopl7iYrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQbc9qEox1WAAbE/HazQqUIRk2/MB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ2KXawOS
lQEWWmiiSsXdxY6z2qO65M0RQDFLdemLUqyf/vM1kND7R/Wmx+nQUkQ37XdgTE3h
/OB0JM19u3ul+TQTwY3jk5DLrxLjd/IW0guhUZkLbUYNLaiRlr6ZcmzJ2cOjtjLK
jeAg0pfD6V8DR/HlVFay/lERc/anZPj2iYJunMbt1V8O6LR26BrjHSku5x6v/zEE
Iy7c5oJvUWc6L93crYFbfLh36kryGWfpVm7L03VGhlo9EmU6q9XxOmoRzhYe6OP3
D6FZJAv9dZZDNHrTwtnWvVfdkl+0VnMabSPnfsZmJm61CXWpkw+2T+oZzPQ5ADJ5
e3YW9owHZeUtaQ==
-----END CERTIFICATE-----