Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          bNEugQZc67IrAYm2cdZ1U2SykE559VrLMYUqTdpJDX0=
Subject key identifier:   EE:B0:37:F4:01:1B:60:FD:4B:D0:81:E2:9F:E7:D0:7A:9B:0B:91:59
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019768BC04A1A5B6F776D291C5C1BBA3EBA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          121E
Signing time:             Fri 13 Jun 2025 10:00:41 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:41 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:41 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: //S0wWHA5kodGOA+qnwKWD4xSysOaTQjctmNLftGPso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bc:04:a1:a5:b6:f7:76:d2:91:c5:c1:bb:a3:eb:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Jun 13 10:00:41 2025 GMT
            Not After : Jun 14 10:00:41 2025 GMT
        Subject: CN=eeb037f4011b60fd4bd081e29fe7d07a9b0b9159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:d0:13:7c:e4:20:27:58:96:f5:c6:05:6b:0c:
                    f3:87:18:bf:46:1c:73:7a:c9:28:22:b4:fd:86:7d:
                    ca:73:60:9a:9e:6d:20:a0:8b:6a:04:87:55:c2:1e:
                    a6:03:04:73:1a:f1:66:34:2c:40:1e:ed:19:0e:d9:
                    fd:76:3e:71:66:b3:e1:e5:fa:68:10:bc:10:ea:90:
                    48:ce:de:85:64:46:5b:62:d6:92:cc:2b:40:b5:40:
                    50:40:77:0f:c0:b0:76:e4:9b:59:a9:bc:ff:b3:1f:
                    c9:b8:1d:01:50:5a:81:6a:14:d6:e5:86:f6:33:de:
                    25:68:65:1c:95:9d:f8:84:3a:67:d2:1e:a8:7e:92:
                    50:4f:8a:5c:98:69:c8:28:9b:ac:18:7a:c1:a4:4a:
                    94:e2:b6:a7:ae:2d:62:94:2a:96:57:c7:f9:4e:75:
                    10:37:b2:9c:44:47:ae:d0:f3:73:37:6f:e8:9e:08:
                    90:58:4e:34:4a:a0:df:3d:f1:c4:60:74:0b:63:8f:
                    8f:bc:00:33:c8:1b:af:34:df:fe:6f:72:e6:fa:5d:
                    f2:06:b1:ce:52:42:d5:53:43:41:2b:6a:1e:09:15:
                    cb:49:f2:ca:18:88:28:e4:53:c2:b0:ac:f3:5d:81:
                    2d:0b:e3:9d:ef:51:66:b1:87:37:25:e2:9d:1f:55:
                    d5:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B0:37:F4:01:1B:60:FD:4B:D0:81:E2:9F:E7:D0:7A:9B:0B:91:59
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:e9:99:60:d5:71:af:e7:4d:44:77:8b:5e:19:ea:6d:e0:58:
         6a:6f:24:be:24:14:5a:0e:fd:87:01:6c:17:c0:e6:23:5c:07:
         e7:9c:24:2d:e6:5f:03:c5:13:b9:d6:7f:5a:18:f3:39:74:20:
         82:3f:38:b7:03:e3:2c:63:ca:99:21:88:5b:f1:cd:86:ca:f4:
         00:4f:d9:f8:59:34:b7:3f:50:87:55:8b:16:38:cf:ea:ce:70:
         7d:50:50:68:81:27:f8:8b:c7:cf:35:0c:51:24:4a:a4:0a:26:
         44:8d:9b:eb:fe:d9:af:9e:34:3a:ca:41:e2:1b:50:7f:9a:4c:
         c4:cd:52:ee:66:e1:64:eb:c4:6e:1b:ea:67:de:d7:07:3b:55:
         af:74:73:a4:1d:96:1c:07:73:49:00:45:52:08:d2:95:cd:cd:
         92:c4:26:2e:b5:e3:3e:07:8b:bd:2e:66:cb:1f:d5:ba:d2:14:
         9b:8d:e2:b6:b4:0d:ea:c1:76:15:09:8f:cf:0f:77:4f:98:fa:
         6f:48:92:35:6b:8c:3f:53:9e:ae:74:8d:c3:36:da:e5:e4:1a:
         fc:ac:d5:0b:e9:e3:27:91:fe:27:3f:f7:5b:09:6a:6b:da:0c:
         a0:69:aa:9a:8c:84:69:2e:05:7a:ab:66:93:a8:80:10:92:b7:
         da:7d:cf:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdovAShpbb3dtKRxcG7o+ukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUwNjEzMTAwMDQxWhcNMjUwNjE0MTAwMDQxWjAzMTEwLwYDVQQD
EyhlZWIwMzdmNDAxMWI2MGZkNGJkMDgxZTI5ZmU3ZDA3YTliMGI5MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdATfOQgJ1iW9cYFawzzhxi/Rhxz
eskoIrT9hn3Kc2Canm0goItqBIdVwh6mAwRzGvFmNCxAHu0ZDtn9dj5xZrPh5fpo
ELwQ6pBIzt6FZEZbYtaSzCtAtUBQQHcPwLB25JtZqbz/sx/JuB0BUFqBahTW5Yb2
M94laGUclZ34hDpn0h6ofpJQT4pcmGnIKJusGHrBpEqU4ranri1ilCqWV8f5TnUQ
N7KcREeu0PNzN2/ongiQWE40SqDfPfHEYHQLY4+PvAAzyBuvNN/+b3Lm+l3yBrHO
UkLVU0NBK2oeCRXLSfLKGIgo5FPCsKzzXYEtC+Od71FmsYc3JeKdH1XVawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6wN/QBG2D9S9CB4p/n0HqbC5FZMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYumZYNVx
r+dNRHeLXhnqbeBYam8kviQUWg79hwFsF8DmI1wH55wkLeZfA8UTudZ/WhjzOXQg
gj84twPjLGPKmSGIW/HNhsr0AE/Z+Fk0tz9Qh1WLFjjP6s5wfVBQaIEn+IvHzzUM
USRKpAomRI2b6/7Zr540OspB4htQf5pMxM1S7mbhZOvEbhvqZ97XBztVr3RzpB2W
HAdzSQBFUgjSlc3NksQmLrXjPgeLvS5myx/VutIUm43itrQN6sF2FQmPzw93T5j6
b0iSNWuMP1OernSNwzba5eQa/KzVC+njJ5H+Jz/3Wwlqa9oMoGmqmoyEaS4Feqtm
k6iAEJK32n3PdQ==
-----END CERTIFICATE-----