Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          Y8p793W/giAgxe3ZkM2qfqr/Y26c2ol/y7clueZaGIg=
Subject key identifier:   68:4E:65:96:64:36:52:8D:E0:CB:35:B7:08:DB:F3:C9:81:2D:F1:FE
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       0199FD3464E5FB6D44D12B2E258B317DE6BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          1374
Signing time:             Sun 19 Oct 2025 16:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:33 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: L9grxWcct1oafrJj07UPTSmK/WqVTLlXe7L8KlCmXZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:64:e5:fb:6d:44:d1:2b:2e:25:8b:31:7d:e6:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Oct 19 16:01:33 2025 GMT
            Not After : Oct 20 16:01:33 2025 GMT
        Subject: CN=684e65966436528de0cb35b708dbf3c9812df1fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:01:ed:3d:56:ee:ae:d7:8e:89:73:12:de:41:
                    6b:b2:31:95:68:57:03:c1:fa:1e:83:7e:d0:57:b3:
                    41:33:aa:e9:bb:55:5d:83:4c:16:11:d4:6f:e4:11:
                    bd:62:bf:3b:76:78:87:c8:46:4e:ef:bc:be:49:1e:
                    da:61:ea:ab:50:4e:cf:0e:38:f7:0e:21:43:d3:0d:
                    c3:3c:02:5e:41:7e:98:2a:72:c7:f0:ed:c5:22:b3:
                    4e:ef:a8:4f:d8:5d:5c:26:4d:a4:94:89:52:d6:34:
                    7b:f7:0f:43:a3:ab:6b:f2:7d:fc:6f:50:ef:38:2e:
                    54:19:12:d3:66:f7:cd:6f:52:89:be:37:0d:32:ce:
                    dd:17:36:a9:f6:40:8d:2e:81:f2:e1:7d:bd:8a:52:
                    b9:f8:55:19:23:6c:55:c8:e3:d3:8a:32:50:03:89:
                    ca:5b:42:ce:35:05:9c:7c:eb:73:1a:a4:08:bf:31:
                    45:f3:45:ea:81:6d:89:bb:0d:b1:3d:5b:20:08:61:
                    c2:3a:21:54:bb:ae:ab:33:f3:05:a4:aa:43:aa:3b:
                    b3:86:42:68:32:8c:59:78:71:04:20:09:06:6a:0b:
                    7b:c4:84:f3:60:ae:93:33:9f:ea:5b:d8:94:6f:79:
                    42:a3:92:cb:17:c2:52:19:72:6c:fa:d8:e6:e9:36:
                    11:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:4E:65:96:64:36:52:8D:E0:CB:35:B7:08:DB:F3:C9:81:2D:F1:FE
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:e9:5c:12:83:2f:92:c8:1c:63:ed:dc:52:92:a0:1e:10:db:
         52:9e:80:71:da:74:dd:7b:c1:ab:18:38:54:3f:85:90:72:72:
         7e:38:d1:d9:86:2f:b9:03:b3:0b:83:c3:ed:f4:0e:d6:4b:f6:
         5f:94:72:56:6e:b3:32:25:11:c2:e4:3f:53:99:84:dc:3f:f1:
         e9:2a:39:20:95:52:20:1e:14:73:55:46:c1:a4:c5:5a:f7:e3:
         e7:9d:e1:3b:a8:3f:47:f7:36:16:be:d1:53:3d:81:5a:a7:c1:
         73:48:95:32:11:76:8a:d4:d3:71:e6:dd:a6:83:0f:c2:b9:b4:
         3c:b2:7f:8b:2e:ef:d6:27:46:38:0c:b6:6e:8d:13:e2:dd:14:
         db:7f:41:45:30:e7:46:fa:38:02:1d:95:da:4e:ca:d2:88:2f:
         63:ad:96:03:24:e2:cb:20:1c:19:33:81:69:04:3e:b6:31:5d:
         42:ab:fe:3a:04:49:f7:01:9b:e2:c1:bd:85:ca:75:78:de:85:
         08:14:ce:ff:48:f0:d6:8d:c8:a2:98:cb:ed:1b:3b:25:08:48:
         b1:b7:27:3f:ea:94:e8:c8:0f:b6:3f:0e:1e:97:b0:fb:f0:72:
         10:ff:3e:89:fe:54:f8:2a:8e:40:7b:af:f7:1e:ce:6d:0f:b7:
         76:b3:be:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NGTl+21E0SsuJYsxfea9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUxMDE5MTYwMTMzWhcNMjUxMDIwMTYwMTMzWjAzMTEwLwYDVQQD
Eyg2ODRlNjU5NjY0MzY1MjhkZTBjYjM1YjcwOGRiZjNjOTgxMmRmMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgHtPVburteOiXMS3kFrsjGVaFcD
wfoeg37QV7NBM6rpu1Vdg0wWEdRv5BG9Yr87dniHyEZO77y+SR7aYeqrUE7PDjj3
DiFD0w3DPAJeQX6YKnLH8O3FIrNO76hP2F1cJk2klIlS1jR79w9Do6tr8n38b1Dv
OC5UGRLTZvfNb1KJvjcNMs7dFzap9kCNLoHy4X29ilK5+FUZI2xVyOPTijJQA4nK
W0LONQWcfOtzGqQIvzFF80XqgW2Juw2xPVsgCGHCOiFUu66rM/MFpKpDqjuzhkJo
MoxZeHEEIAkGagt7xITzYK6TM5/qW9iUb3lCo5LLF8JSGXJs+tjm6TYRCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhOZZZkNlKN4Ms1twjb88mBLfH+MB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALOlcEoMv
ksgcY+3cUpKgHhDbUp6Acdp03XvBqxg4VD+FkHJyfjjR2YYvuQOzC4PD7fQO1kv2
X5RyVm6zMiURwuQ/U5mE3D/x6So5IJVSIB4Uc1VGwaTFWvfj553hO6g/R/c2Fr7R
Uz2BWqfBc0iVMhF2itTTcebdpoMPwrm0PLJ/iy7v1idGOAy2bo0T4t0U239BRTDn
Rvo4Ah2V2k7K0ogvY62WAyTiyyAcGTOBaQQ+tjFdQqv+OgRJ9wGb4sG9hcp1eN6F
CBTO/0jw1o3IopjL7Rs7JQhIsbcnP+qU6MgPtj8OHpew+/ByEP8+if5U+CqOQHuv
9x7ObQ+3drO+fA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:48 2025 by rpki-client