Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          g978O7UE/x+AFtm/sOd0huLYUaASUc9qIZXzKwur0NI=
Subject key identifier:   D0:F9:0E:E7:B7:54:64:45:EE:33:17:76:A5:66:12:11:F2:6C:26:A2
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019880C22BED5736DFC7A165DA9DA48BFA34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          12AF
Signing time:             Wed 06 Aug 2025 19:01:05 +0000
Manifest this update:     Wed 06 Aug 2025 19:01:05 +0000
Manifest next update:     Thu 07 Aug 2025 19:01:05 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: HmfHz1tTTn9FYm9tGHLLyp9OgkPu1mb1Xk6hcU9ihTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c2:2b:ed:57:36:df:c7:a1:65:da:9d:a4:8b:fa:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Aug  6 19:01:05 2025 GMT
            Not After : Aug  7 19:01:05 2025 GMT
        Subject: CN=d0f90ee7b7546445ee331776a5661211f26c26a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e0:55:10:53:7b:57:96:e8:ce:53:11:7c:e6:
                    35:39:db:b7:b5:20:30:39:a1:f0:81:b4:54:cb:44:
                    33:d7:f1:92:03:7b:d0:c0:50:70:83:dd:7b:08:99:
                    6b:a9:b3:37:81:0d:c1:25:93:60:30:c5:44:d6:a0:
                    fd:2b:78:4b:55:a2:af:15:5e:7c:c6:e5:77:ae:28:
                    fa:72:1e:44:d9:1c:6b:d4:91:07:e0:bc:95:28:e6:
                    e3:ce:d4:a8:0e:2a:f9:b9:ca:60:ee:6b:f6:f4:34:
                    36:b9:73:99:34:b5:2f:d1:7c:30:7d:63:aa:63:48:
                    49:71:4e:3c:70:8f:4c:4d:43:89:3d:f4:5e:47:c1:
                    4e:d5:f3:b3:e0:da:bd:5d:85:36:d7:d5:c0:86:96:
                    6c:71:99:54:eb:c9:14:33:b2:ef:be:58:bf:8b:3e:
                    2b:80:6e:b9:a7:80:05:de:f7:f6:ef:52:8c:46:05:
                    b8:16:b6:20:1b:c1:3a:35:74:f9:79:f9:7c:0f:8e:
                    0d:41:b3:1c:fc:1c:bb:b5:ce:67:53:f5:4e:5b:f0:
                    5a:81:f6:5a:eb:1a:ab:6d:36:ca:8e:6b:7d:a3:38:
                    b4:88:76:10:83:09:01:a3:27:3a:e7:d5:63:2f:11:
                    e2:79:87:14:d5:a3:5b:c7:d9:c9:25:84:38:21:d8:
                    2d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F9:0E:E7:B7:54:64:45:EE:33:17:76:A5:66:12:11:F2:6C:26:A2
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:39:f7:a0:cd:60:d6:81:52:9a:c6:fc:0e:5b:78:6e:61:9e:
         f6:92:d1:04:74:b3:a6:a2:f9:e7:fb:f8:d0:3d:df:1b:82:99:
         9d:9a:c4:f9:e0:5e:27:82:15:3b:ad:72:ac:cb:58:06:d6:11:
         fc:0b:00:45:e7:7f:ea:51:ae:05:69:b5:d5:70:47:e0:90:94:
         9f:55:71:07:0a:f9:c9:59:29:52:fe:f0:65:90:fb:92:82:e2:
         fd:9d:4d:15:24:f8:82:46:42:75:31:da:83:fa:3b:a1:d0:4a:
         35:59:9b:f6:10:a9:57:0c:06:90:ba:8e:68:3a:9e:7a:48:a4:
         04:2d:1f:6b:b8:33:22:dc:f8:d7:47:df:16:07:26:c4:2d:ef:
         37:a2:12:31:cc:cd:00:db:55:34:d3:96:ec:81:04:93:db:c8:
         e5:52:4f:c3:7f:c4:b8:56:fa:ee:b0:5e:c6:48:33:2f:bb:4b:
         cf:53:53:24:cf:b2:aa:52:94:74:ca:ec:b5:c0:77:38:59:c1:
         43:12:53:1b:0a:f9:7a:ff:a2:3e:9d:5e:1d:bf:7f:e6:c0:04:
         b5:e4:97:b4:3d:cc:32:02:1f:22:2c:5a:03:20:2f:40:01:1c:
         db:06:3d:d1:37:14:8b:ce:d7:84:51:ca:e3:c8:64:a2:a8:d9:
         b5:8c:61:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwivtVzbfx6Fl2p2ki/o0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUwODA2MTkwMTA1WhcNMjUwODA3MTkwMTA1WjAzMTEwLwYDVQQD
EyhkMGY5MGVlN2I3NTQ2NDQ1ZWUzMzE3NzZhNTY2MTIxMWYyNmMyNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+BVEFN7V5bozlMRfOY1Odu3tSAw
OaHwgbRUy0Qz1/GSA3vQwFBwg917CJlrqbM3gQ3BJZNgMMVE1qD9K3hLVaKvFV58
xuV3rij6ch5E2Rxr1JEH4LyVKObjztSoDir5ucpg7mv29DQ2uXOZNLUv0XwwfWOq
Y0hJcU48cI9MTUOJPfReR8FO1fOz4Nq9XYU219XAhpZscZlU68kUM7Lvvli/iz4r
gG65p4AF3vf271KMRgW4FrYgG8E6NXT5efl8D44NQbMc/By7tc5nU/VOW/BagfZa
6xqrbTbKjmt9ozi0iHYQgwkBoyc659VjLxHieYcU1aNbx9nJJYQ4Idgt6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFND5Due3VGRF7jMXdqVmEhHybCaiMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAazn3oM1g
1oFSmsb8Dlt4bmGe9pLRBHSzpqL55/v40D3fG4KZnZrE+eBeJ4IVO61yrMtYBtYR
/AsARed/6lGuBWm11XBH4JCUn1VxBwr5yVkpUv7wZZD7koLi/Z1NFST4gkZCdTHa
g/o7odBKNVmb9hCpVwwGkLqOaDqeekikBC0fa7gzItz410ffFgcmxC3vN6ISMczN
ANtVNNOW7IEEk9vI5VJPw3/EuFb67rBexkgzL7tLz1NTJM+yqlKUdMrstcB3OFnB
QxJTGwr5ev+iPp1eHb9/5sAEteSXtD3MMgIfIixaAyAvQAEc2wY90TcUi87XhFHK
48hkoqjZtYxhFg==
-----END CERTIFICATE-----