Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          hn57RnRybtj7zbP6pL8vc9yxpjVzKRBUEjBLZYkS9KQ=
Subject key identifier:   C4:D1:B6:0F:B7:08:06:0C:42:4B:78:08:81:C3:D4:4E:10:13:83:57
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       0197B7EABC17A52E85A82515501BC4565302
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          1247
Signing time:             Sat 28 Jun 2025 19:01:43 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:43 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:43 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: BGDxdlbn2eHadfunwtnt3RZW+ekeZ2kTrDQgxzXkAbE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:bc:17:a5:2e:85:a8:25:15:50:1b:c4:56:53:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Jun 28 19:01:43 2025 GMT
            Not After : Jun 29 19:01:43 2025 GMT
        Subject: CN=c4d1b60fb708060c424b780881c3d44e10138357
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:71:6a:e2:3e:77:24:7f:3d:a6:15:53:57:e2:
                    77:8e:2a:81:88:1b:da:84:21:10:a0:f1:70:2b:fb:
                    63:cc:8e:8b:fd:af:9c:ea:a3:41:25:e8:88:67:e3:
                    6e:eb:ef:f0:5f:d3:49:74:d8:b6:c7:81:5a:b8:84:
                    59:34:e6:7c:e7:d6:89:99:11:e4:18:dc:d8:9d:c8:
                    48:b4:57:a0:85:5a:5d:dc:0f:f3:e1:af:b8:57:55:
                    4a:b0:17:72:65:31:22:c7:bc:01:a2:26:54:26:9b:
                    d7:30:b3:a1:9b:57:bd:b0:8e:bc:e1:c9:63:f6:22:
                    db:2c:e4:38:ad:26:79:69:a9:6d:cf:9e:5d:dd:68:
                    f7:40:8a:3f:4e:76:24:6b:e8:29:36:d1:53:7c:67:
                    67:62:e8:fa:9a:f9:85:aa:b8:e5:37:41:f1:5a:07:
                    98:c8:49:ff:14:62:01:07:0d:60:59:62:ca:3a:ae:
                    22:57:75:0e:b0:da:05:5c:39:cc:f9:36:74:1a:4e:
                    a9:de:85:e7:7b:e5:7b:1d:59:3c:5f:75:50:8d:19:
                    ca:e1:1f:77:53:fe:25:31:3d:a0:83:c1:86:fb:72:
                    b4:2c:80:12:d7:bc:52:e0:e8:1f:ab:41:d8:a6:64:
                    93:0c:cd:0c:40:f6:a5:d2:bd:d3:36:7f:b5:12:ee:
                    95:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:D1:B6:0F:B7:08:06:0C:42:4B:78:08:81:C3:D4:4E:10:13:83:57
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:b0:01:4f:88:f9:fa:f8:f5:28:dc:7f:58:23:30:1f:d8:db:
         ed:93:57:7f:f2:d9:f2:1a:50:49:7a:b5:bc:bc:a6:9d:83:54:
         e8:54:94:03:86:6e:47:e1:2f:54:b6:a7:c2:ed:51:71:78:c0:
         dc:ef:cc:91:ee:1f:a4:3b:a1:7c:2e:0f:5f:4c:a4:0b:c6:25:
         4a:69:ad:6c:4a:d7:f9:35:e7:9a:9b:28:3c:e0:e2:1c:35:bf:
         bd:cc:ac:b5:f8:da:d1:83:7f:a9:85:61:7d:e6:7f:e2:0b:8b:
         5a:ad:1c:5b:a8:ce:a8:ca:55:0d:c6:2e:48:27:cc:a6:75:58:
         3d:f0:52:aa:9c:76:bc:94:f5:80:d8:aa:16:0a:c7:0b:85:68:
         30:dc:36:0c:ad:7c:46:86:d8:d8:9f:83:ab:d8:f6:45:93:ed:
         c4:0d:58:6c:78:76:9b:e5:a5:23:36:ab:da:52:4e:2f:b9:a0:
         df:83:38:b0:e0:02:60:96:48:5d:f0:92:d9:73:3f:fc:f7:8e:
         c2:6e:44:a8:4d:c1:4a:07:e9:82:61:af:a7:8d:e1:ac:b9:63:
         1c:78:96:36:40:f5:48:f4:5e:9c:f4:30:0d:59:25:72:b3:c3:
         91:42:9c:ab:d3:27:8a:8f:9c:0b:e7:ef:c6:dc:f6:65:a1:f5:
         16:5e:1b:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36rwXpS6FqCUVUBvEVlMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUwNjI4MTkwMTQzWhcNMjUwNjI5MTkwMTQzWjAzMTEwLwYDVQQD
EyhjNGQxYjYwZmI3MDgwNjBjNDI0Yjc4MDg4MWMzZDQ0ZTEwMTM4MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnFq4j53JH89phVTV+J3jiqBiBva
hCEQoPFwK/tjzI6L/a+c6qNBJeiIZ+Nu6+/wX9NJdNi2x4FauIRZNOZ859aJmRHk
GNzYnchItFeghVpd3A/z4a+4V1VKsBdyZTEix7wBoiZUJpvXMLOhm1e9sI684clj
9iLbLOQ4rSZ5aaltz55d3Wj3QIo/TnYka+gpNtFTfGdnYuj6mvmFqrjlN0HxWgeY
yEn/FGIBBw1gWWLKOq4iV3UOsNoFXDnM+TZ0Gk6p3oXne+V7HVk8X3VQjRnK4R93
U/4lMT2gg8GG+3K0LIAS17xS4Ogfq0HYpmSTDM0MQPal0r3TNn+1Eu6V4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTRtg+3CAYMQkt4CIHD1E4QE4NXMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkLABT4j5
+vj1KNx/WCMwH9jb7ZNXf/LZ8hpQSXq1vLymnYNU6FSUA4ZuR+EvVLanwu1RcXjA
3O/Mke4fpDuhfC4PX0ykC8YlSmmtbErX+TXnmpsoPODiHDW/vcystfja0YN/qYVh
feZ/4guLWq0cW6jOqMpVDcYuSCfMpnVYPfBSqpx2vJT1gNiqFgrHC4VoMNw2DK18
RobY2J+Dq9j2RZPtxA1YbHh2m+WlIzar2lJOL7mg34M4sOACYJZIXfCS2XM//PeO
wm5EqE3BSgfpgmGvp43hrLljHHiWNkD1SPRenPQwDVklcrPDkUKcq9Mnio+cC+fv
xtz2ZaH1Fl4btQ==
-----END CERTIFICATE-----