Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          4GYjZRCh5Ws667SgTv6iT/u8r0CBsBKLZ+as/nKSVfM=
Subject key identifier:   20:34:49:62:CA:1F:26:77:2F:AC:77:97:2C:8B:CA:7B:E6:5F:0C:98
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019CAAC6B636FD5724FCB883765369A67D48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          14D7
Signing time:             Sun 01 Mar 2026 19:01:15 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:15 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:15 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: reNBXLZumRi4b96yghDIPw9+vt1WRDk74KEfQzSot1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:b6:36:fd:57:24:fc:b8:83:76:53:69:a6:7d:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Mar  1 19:01:15 2026 GMT
            Not After : Mar  2 19:01:15 2026 GMT
        Subject: CN=20344962ca1f26772fac77972c8bca7be65f0c98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:14:92:ce:f9:c3:43:c5:e0:3b:10:fd:f8:e0:
                    e9:58:65:ab:77:46:4e:d3:23:68:c5:a6:75:db:ec:
                    7e:cf:02:2a:61:61:8d:83:76:ee:49:30:50:2b:b1:
                    37:02:69:a0:10:e3:f9:ca:92:10:43:a4:f3:e4:b1:
                    5e:1f:14:74:2a:b6:97:39:08:d1:10:e5:20:e9:be:
                    59:02:5a:ca:d8:55:48:10:17:a5:2f:69:c5:26:fa:
                    98:be:ea:34:81:ee:37:29:01:db:ad:c6:83:62:4f:
                    7d:c7:01:1d:49:9e:cd:d1:2c:f3:09:38:1d:24:bf:
                    24:c0:f9:03:3b:0d:0b:72:7d:f6:db:f2:12:19:61:
                    68:2b:58:c9:01:c1:22:d8:65:7e:87:18:5e:da:1b:
                    54:34:ec:2c:26:93:a3:79:f8:8e:39:a4:d6:c0:7d:
                    21:cd:7f:b8:76:dc:a4:1b:a1:09:e6:11:df:97:ca:
                    ba:c2:47:16:c6:5f:f3:f7:13:47:b8:cc:e7:37:45:
                    1a:45:94:ac:34:b9:86:5e:77:25:57:fd:cc:bf:3a:
                    85:68:b0:c8:d9:29:94:e8:a9:b4:d9:a8:e5:2e:4e:
                    8d:83:f1:54:ac:6e:10:57:c5:f0:79:70:0e:ac:44:
                    64:91:70:53:28:78:cc:20:2d:32:97:53:dc:cc:a1:
                    90:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:34:49:62:CA:1F:26:77:2F:AC:77:97:2C:8B:CA:7B:E6:5F:0C:98
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:91:e8:35:20:8c:f9:a9:12:a3:02:f2:b5:4b:dd:25:ff:28:
         91:9b:c9:da:43:b8:f8:0b:60:ff:de:63:16:e2:eb:5d:b3:10:
         ba:97:19:6c:03:15:01:25:9a:50:7a:9c:2f:d0:62:3d:ca:7c:
         5c:d7:07:d5:b2:e1:ff:2a:f2:ef:dd:63:b2:3c:2b:bd:a3:6a:
         cf:fc:2b:af:4f:cf:fe:e4:0b:ee:6c:28:06:f4:72:40:90:1c:
         da:88:76:9b:66:11:f3:86:5d:99:71:d9:f3:57:ea:ee:39:ff:
         96:c5:ad:24:6f:af:6e:11:17:a6:26:b0:c4:2d:5b:cb:2e:10:
         6d:53:7d:c0:fe:b6:38:78:17:3c:ec:37:ea:0f:0f:4f:17:d5:
         7e:40:e8:97:c8:ad:ed:24:de:54:ef:3d:65:18:d6:5b:b4:a0:
         04:85:07:ad:da:c1:1d:36:89:c2:7b:6a:09:14:65:6f:fb:de:
         06:8a:a5:45:be:75:18:c9:30:53:59:44:5c:37:33:43:24:34:
         8e:39:e1:11:55:14:b9:5c:78:a4:22:b1:29:f9:a2:ac:d2:9c:
         4f:d7:65:a5:01:22:3b:db:ab:10:ba:1e:82:6e:45:69:7f:39:
         5c:41:2e:a2:a6:65:b6:6d:db:57:cc:8e:79:96:9a:16:00:cf:
         4b:c7:9d:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxrY2/Vck/LiDdlNppn1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjYwMzAxMTkwMTE1WhcNMjYwMzAyMTkwMTE1WjAzMTEwLwYDVQQD
EygyMDM0NDk2MmNhMWYyNjc3MmZhYzc3OTcyYzhiY2E3YmU2NWYwYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBSSzvnDQ8XgOxD9+ODpWGWrd0ZO
0yNoxaZ12+x+zwIqYWGNg3buSTBQK7E3AmmgEOP5ypIQQ6Tz5LFeHxR0KraXOQjR
EOUg6b5ZAlrK2FVIEBelL2nFJvqYvuo0ge43KQHbrcaDYk99xwEdSZ7N0SzzCTgd
JL8kwPkDOw0Lcn322/ISGWFoK1jJAcEi2GV+hxhe2htUNOwsJpOjefiOOaTWwH0h
zX+4dtykG6EJ5hHfl8q6wkcWxl/z9xNHuMznN0UaRZSsNLmGXnclV/3MvzqFaLDI
2SmU6Km02ajlLk6Ng/FUrG4QV8XweXAOrERkkXBTKHjMIC0yl1PczKGQTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCA0SWLKHyZ3L6x3lyyLynvmXwyYMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJHoNSCM
+akSowLytUvdJf8okZvJ2kO4+Atg/95jFuLrXbMQupcZbAMVASWaUHqcL9BiPcp8
XNcH1bLh/yry791jsjwrvaNqz/wrr0/P/uQL7mwoBvRyQJAc2oh2m2YR84ZdmXHZ
81fq7jn/lsWtJG+vbhEXpiawxC1byy4QbVN9wP62OHgXPOw36g8PTxfVfkDol8it
7STeVO89ZRjWW7SgBIUHrdrBHTaJwntqCRRlb/veBoqlRb51GMkwU1lEXDczQyQ0
jjnhEVUUuVx4pCKxKfmirNKcT9dlpQEiO9urELoegm5FaX85XEEuoqZltm3bV8yO
eZaaFgDPS8edJw==
-----END CERTIFICATE-----