Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          UpdKKPIYFpwH/K/h/5P8F7h3NjRii9QzA9uLmS82kaA=
Subject key identifier:   E4:FE:8F:A8:89:5A:4E:F9:60:BC:87:87:96:35:99:0C:50:B9:87:D5
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019D98508895907D3E5A6B5E2A747919A2B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          1552
Signing time:             Thu 16 Apr 2026 22:01:47 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:47 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:47 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: xpQgaP/ACFyjDrlQw5wj2cmxEvJo2NuCuS2BwsVowmk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:88:95:90:7d:3e:5a:6b:5e:2a:74:79:19:a2:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Apr 16 22:01:47 2026 GMT
            Not After : Apr 17 22:01:47 2026 GMT
        Subject: CN=e4fe8fa8895a4ef960bc87879635990c50b987d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:fd:af:6e:03:30:bb:32:ce:0f:78:88:63:33:
                    05:01:91:82:20:e0:b5:e0:5c:d2:41:aa:73:49:e9:
                    d2:0d:ed:7e:2d:36:01:d0:2e:0f:2b:ce:32:a0:42:
                    70:10:02:27:21:f5:17:8b:da:96:17:12:d4:1b:b5:
                    81:c2:f8:20:93:98:57:84:d1:6c:dc:f6:19:5a:d7:
                    de:67:c7:3c:f1:4b:4d:f7:64:bd:a7:6a:02:b9:14:
                    ad:d9:b3:b2:e7:7f:2a:29:4e:d7:cf:d2:47:ba:eb:
                    04:5a:73:15:1e:06:92:1c:83:e7:45:bb:b1:a8:05:
                    f2:3b:9b:3b:c0:c8:a0:3a:09:3a:d2:a8:49:9a:c6:
                    57:dc:3a:59:a1:eb:fd:78:d0:03:29:4b:6c:69:62:
                    70:7c:34:d3:04:01:44:fa:f8:41:68:2b:94:36:d6:
                    77:79:07:d7:bf:94:2c:e4:46:20:6a:87:c1:9b:80:
                    93:30:4d:a0:d5:65:12:f9:ef:77:7c:a1:0b:2c:48:
                    98:8f:1f:3c:2a:09:1b:bc:7d:ac:12:5d:30:55:fc:
                    26:a7:0e:03:fd:30:29:30:f9:92:65:95:d9:11:40:
                    44:f3:08:aa:ed:aa:bd:be:21:82:9a:a5:49:66:89:
                    9d:5e:f9:86:5e:82:6d:aa:08:e7:14:9c:0e:3a:8d:
                    e6:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:FE:8F:A8:89:5A:4E:F9:60:BC:87:87:96:35:99:0C:50:B9:87:D5
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:20:e3:80:51:ba:78:01:d2:7e:11:fc:cc:33:13:1f:64:3b:
         59:af:f7:aa:4f:aa:04:04:7c:c8:4f:66:44:65:8b:35:72:e5:
         33:b2:82:56:2c:55:69:4c:5f:02:30:59:76:6e:75:5d:0d:ab:
         28:c3:f8:00:28:9d:18:ff:7f:a3:1e:c9:15:d7:e4:12:15:d3:
         89:72:4f:9a:c7:1f:6c:1f:1a:be:4f:b4:9b:1d:2b:6b:ac:a1:
         0a:d3:de:ca:16:7e:6f:9a:e7:a3:e4:e8:86:10:dd:c2:17:d4:
         41:15:3b:60:08:d9:b5:7f:84:b2:75:9b:88:06:ff:01:27:1d:
         96:1b:a5:7b:36:d1:61:50:2c:ca:6e:14:f8:a4:35:40:6f:49:
         e6:bf:9a:f6:4d:cf:ac:ea:52:bb:e5:78:1f:77:0f:9d:19:4b:
         30:2a:2d:e5:81:07:ac:8f:82:e2:61:d7:7d:00:65:28:78:99:
         7c:27:bb:cf:63:39:6e:6d:06:6b:68:31:5d:1b:8b:97:3e:25:
         01:35:8b:7e:36:64:44:b5:6f:4e:5c:47:d5:e5:00:00:6f:3a:
         55:12:39:3e:55:1d:90:2d:62:ea:31:32:0c:30:10:f0:bc:80:
         65:fa:3e:ec:c7:94:f5:51:83:1d:86:18:68:88:e2:1e:a2:70:
         84:82:1b:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUIiVkH0+WmteKnR5GaKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjYwNDE2MjIwMTQ3WhcNMjYwNDE3MjIwMTQ3WjAzMTEwLwYDVQQD
EyhlNGZlOGZhODg5NWE0ZWY5NjBiYzg3ODc5NjM1OTkwYzUwYjk4N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv2vbgMwuzLOD3iIYzMFAZGCIOC1
4FzSQapzSenSDe1+LTYB0C4PK84yoEJwEAInIfUXi9qWFxLUG7WBwvggk5hXhNFs
3PYZWtfeZ8c88UtN92S9p2oCuRSt2bOy538qKU7Xz9JHuusEWnMVHgaSHIPnRbux
qAXyO5s7wMigOgk60qhJmsZX3DpZoev9eNADKUtsaWJwfDTTBAFE+vhBaCuUNtZ3
eQfXv5Qs5EYgaofBm4CTME2g1WUS+e93fKELLEiYjx88KgkbvH2sEl0wVfwmpw4D
/TApMPmSZZXZEUBE8wiq7aq9viGCmqVJZomdXvmGXoJtqgjnFJwOOo3mNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOT+j6iJWk75YLyHh5Y1mQxQuYfVMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMyDjgFG6
eAHSfhH8zDMTH2Q7Wa/3qk+qBAR8yE9mRGWLNXLlM7KCVixVaUxfAjBZdm51XQ2r
KMP4ACidGP9/ox7JFdfkEhXTiXJPmscfbB8avk+0mx0ra6yhCtPeyhZ+b5rno+To
hhDdwhfUQRU7YAjZtX+EsnWbiAb/AScdlhulezbRYVAsym4U+KQ1QG9J5r+a9k3P
rOpSu+V4H3cPnRlLMCot5YEHrI+C4mHXfQBlKHiZfCe7z2M5bm0Ga2gxXRuLlz4l
ATWLfjZkRLVvTlxH1eUAAG86VRI5PlUdkC1i6jEyDDAQ8LyAZfo+7MeU9VGDHYYY
aIjiHqJwhIIb3A==
-----END CERTIFICATE-----