Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          DKzSEvO2HrzNWGZinsrth2zv1zCXwDPYLDxkJxsHKV0=
Subject key identifier:   57:5F:2F:F4:42:79:48:CD:AA:40:29:D2:4B:82:4F:3F:80:C1:5F:68
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       0198D5BBEDD34EAC8D7E09F86B6050D1599C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          12DB
Signing time:             Sat 23 Aug 2025 07:01:59 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:59 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:59 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: PRD0uE9gayCmf8rm4Yzoarkecyb//aFLDFA6gbTQ7cg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ed:d3:4e:ac:8d:7e:09:f8:6b:60:50:d1:59:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Aug 23 07:01:59 2025 GMT
            Not After : Aug 24 07:01:59 2025 GMT
        Subject: CN=575f2ff4427948cdaa4029d24b824f3f80c15f68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:93:6a:9b:63:ae:b6:65:5a:0b:45:53:a4:f1:
                    86:93:04:e7:7d:39:5c:78:0d:c4:7c:bf:8e:fb:ce:
                    9d:b6:2f:0e:1c:3b:8f:79:a1:87:30:61:8c:2a:09:
                    9d:be:5e:7a:24:4c:42:20:50:49:cf:80:47:ac:4c:
                    14:0e:99:db:2f:e9:56:41:fb:0e:02:fd:f6:26:b4:
                    5e:02:1c:8a:4a:91:0b:00:74:8e:8c:9c:7c:e0:92:
                    d1:b1:a0:38:0a:03:f5:58:7c:ae:22:a3:cc:46:84:
                    05:26:e9:fb:0c:a8:45:41:ed:e4:19:0b:31:17:ac:
                    09:5a:ff:25:47:6f:e6:75:ff:18:23:04:86:d8:52:
                    2f:34:07:6d:86:cb:5e:88:24:8d:f5:21:9c:be:06:
                    85:06:90:33:08:46:2c:bb:8f:06:a0:80:a6:f9:35:
                    52:d0:5f:86:e5:65:84:01:fc:90:79:df:0f:2f:f7:
                    9a:2b:d7:b8:2a:e8:76:e3:40:f9:91:0a:0a:96:df:
                    fa:b2:bf:40:33:05:e2:5b:54:56:55:7b:e6:a0:bc:
                    f6:83:d2:e3:63:5f:36:95:fb:ca:df:70:cf:e4:47:
                    35:67:24:ab:91:2e:79:53:e8:99:e3:6f:93:96:81:
                    77:a1:65:83:23:e6:0c:d6:5f:b6:c7:3f:c7:7a:53:
                    f7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:5F:2F:F4:42:79:48:CD:AA:40:29:D2:4B:82:4F:3F:80:C1:5F:68
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:e5:a3:19:e4:7a:1c:4c:71:b3:42:8b:2d:86:7d:d6:d9:e7:
         e9:c1:f1:7c:9e:fb:23:c2:80:76:5e:94:ef:1d:0d:fa:96:4a:
         b3:c0:d2:f2:e9:f3:3b:b2:51:3c:e7:f3:90:fc:1f:f6:d9:39:
         92:e5:a1:8e:bd:91:b9:49:0e:a0:98:88:c2:b5:91:bb:45:22:
         4f:26:fc:a5:1e:52:87:ea:c0:c1:79:dc:5d:67:c0:af:ac:14:
         68:b3:54:1e:27:d8:1d:0e:12:45:05:e8:50:22:af:27:e2:e1:
         3a:23:7d:f2:29:c0:7b:b5:95:e0:17:66:59:e0:ec:9f:e8:5e:
         16:31:5a:84:9b:1f:7e:80:5a:26:a7:a5:ab:c2:5e:62:2c:af:
         f1:61:79:5b:56:34:5e:56:0b:70:91:01:a8:77:43:b1:3a:d4:
         58:31:f1:33:3c:26:f7:e4:04:d2:69:bd:d3:0f:d5:23:1c:39:
         e9:6b:c3:1f:53:57:a8:5f:e3:5f:e2:a5:f7:97:c8:90:58:73:
         29:90:b4:74:b9:79:73:04:b2:e1:57:cb:34:35:bb:47:85:66:
         2f:7b:7a:59:e3:9f:69:98:9b:b9:16:1f:15:6c:cc:42:bc:40:
         c5:c1:63:3d:cc:5c:5a:72:71:60:6f:11:77:09:56:00:a7:22:
         84:1c:e1:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu+3TTqyNfgn4a2BQ0VmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjUwODIzMDcwMTU5WhcNMjUwODI0MDcwMTU5WjAzMTEwLwYDVQQD
Eyg1NzVmMmZmNDQyNzk0OGNkYWE0MDI5ZDI0YjgyNGYzZjgwYzE1ZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpNqm2OutmVaC0VTpPGGkwTnfTlc
eA3EfL+O+86dti8OHDuPeaGHMGGMKgmdvl56JExCIFBJz4BHrEwUDpnbL+lWQfsO
Av32JrReAhyKSpELAHSOjJx84JLRsaA4CgP1WHyuIqPMRoQFJun7DKhFQe3kGQsx
F6wJWv8lR2/mdf8YIwSG2FIvNAdthsteiCSN9SGcvgaFBpAzCEYsu48GoICm+TVS
0F+G5WWEAfyQed8PL/eaK9e4Kuh240D5kQoKlt/6sr9AMwXiW1RWVXvmoLz2g9Lj
Y182lfvK33DP5Ec1ZySrkS55U+iZ42+TloF3oWWDI+YM1l+2xz/HelP3CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdfL/RCeUjNqkAp0kuCTz+AwV9oMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAheWjGeR6
HExxs0KLLYZ91tnn6cHxfJ77I8KAdl6U7x0N+pZKs8DS8unzO7JRPOfzkPwf9tk5
kuWhjr2RuUkOoJiIwrWRu0UiTyb8pR5Sh+rAwXncXWfAr6wUaLNUHifYHQ4SRQXo
UCKvJ+LhOiN98inAe7WV4BdmWeDsn+heFjFahJsffoBaJqelq8JeYiyv8WF5W1Y0
XlYLcJEBqHdDsTrUWDHxMzwm9+QE0mm90w/VIxw56WvDH1NXqF/jX+Kl95fIkFhz
KZC0dLl5cwSy4VfLNDW7R4VmL3t6WeOfaZibuRYfFWzMQrxAxcFjPcxcWnJxYG8R
dwlWAKcihBzhpg==
-----END CERTIFICATE-----