Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
File:                     jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json)
Hash identifier:          qK/ZjeqabEir4QW4NITSvuTaIUg1KkQYNrpyuvBIyck=
Subject key identifier:   06:69:9E:92:77:A5:29:50:0C:1B:4C:FD:E6:D9:D0:DA:2B:E0:30:9E
Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE
Certificate issuer:       /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
Certificate serial:       019D265F94523E2885EF9E00F23B893119B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
Manifest number:          1517
Signing time:             Wed 25 Mar 2026 19:01:30 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:30 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:30 +0000
Files and hashes:         1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: Il23UQl70MCT+r5kyMp+VBiu35JyiuV5VBjtTYgoMK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:94:52:3e:28:85:ef:9e:00:f2:3b:89:31:19:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce
        Validity
            Not Before: Mar 25 19:01:30 2026 GMT
            Not After : Mar 26 19:01:30 2026 GMT
        Subject: CN=06699e9277a529500c1b4cfde6d9d0da2be0309e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:28:54:9a:15:9c:b2:c6:27:1e:dc:4d:68:72:
                    ab:a6:29:88:83:94:c8:34:50:e7:b9:f9:b1:83:0f:
                    32:be:78:4d:d7:b4:09:bc:20:2e:c9:89:10:94:c3:
                    4f:e5:27:c3:7b:e7:e4:0f:f3:cb:3f:2f:d6:d5:20:
                    a2:97:fe:62:fa:58:46:8e:78:80:fb:38:c6:97:00:
                    93:d6:89:e6:0d:e2:75:e0:c4:3b:22:87:3c:fb:34:
                    58:ac:28:9e:6f:be:51:3c:14:8a:8e:fa:aa:08:00:
                    9b:7d:3c:b9:1b:64:e3:dc:b5:2d:33:a5:ce:c1:52:
                    15:8f:11:b4:34:a0:5b:56:cb:c0:61:1f:b5:94:1c:
                    59:75:99:50:30:eb:67:64:30:81:ba:26:9c:f2:9a:
                    bc:cc:f6:50:47:51:f3:7f:6c:2e:7c:f4:db:d9:71:
                    19:61:07:17:6f:63:cb:9f:4b:6d:4c:f5:68:8e:c6:
                    fc:db:19:47:9f:86:37:28:a7:fd:1b:2d:c8:d1:d1:
                    c5:b3:8d:6f:f9:63:9e:42:8a:b9:e7:b0:d6:6b:e6:
                    8d:b7:20:36:22:a4:b7:5e:2a:f4:cd:d5:32:6a:c0:
                    4a:86:fc:91:a0:d4:2b:59:74:34:8c:3c:25:b0:32:
                    48:7e:31:83:54:d4:05:40:54:72:43:7e:e4:05:e3:
                    6b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:69:9E:92:77:A5:29:50:0C:1B:4C:FD:E6:D9:D0:DA:2B:E0:30:9E
            X509v3 Authority Key Identifier:
                keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:9b:db:db:12:0e:12:ea:2a:0e:40:bf:07:fe:2d:26:39:bf:
         ee:59:38:c5:0d:76:0a:6f:be:1e:25:3b:43:be:a1:ee:d7:58:
         ec:66:9d:4f:93:72:b2:67:db:8e:81:1c:db:b2:86:a3:b3:fa:
         bc:b6:14:90:fb:a7:65:a3:21:a3:67:57:0a:1b:bd:62:0f:47:
         4f:03:92:e4:4d:f5:69:54:1f:38:af:49:a5:6f:ef:c5:1e:3b:
         93:6a:0f:71:aa:f9:a1:6e:d5:93:bc:61:63:1b:c7:46:ff:f8:
         8f:c9:36:e2:09:df:5a:f5:78:b5:ef:1d:78:9d:8d:3b:2d:4d:
         82:b3:44:e4:ec:08:b4:9c:32:aa:81:5e:e4:49:7a:9b:bf:14:
         57:6a:00:2a:d2:04:53:de:00:b0:dd:18:e1:96:cf:2c:dd:4f:
         ec:e6:1f:3e:13:ba:c4:c4:66:fb:34:97:1f:90:6c:ce:f8:86:
         69:ca:90:cd:3c:cf:03:22:fd:00:09:ce:f8:9c:8c:00:be:a3:
         3d:96:fc:df:a7:24:78:d5:02:20:ed:99:d9:f4:91:20:86:e2:
         5f:a9:dd:31:bc:0c:58:8c:fb:13:17:14:a0:6e:20:30:8d:d4:
         bf:3c:1c:d1:f1:12:8b:2e:0f:87:29:39:54:df:8c:f3:75:48:
         a4:00:6c:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX5RSPiiF754A8juJMRm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl
MDBiY2UwHhcNMjYwMzI1MTkwMTMwWhcNMjYwMzI2MTkwMTMwWjAzMTEwLwYDVQQD
EygwNjY5OWU5Mjc3YTUyOTUwMGMxYjRjZmRlNmQ5ZDBkYTJiZTAzMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtShUmhWcssYnHtxNaHKrpimIg5TI
NFDnufmxgw8yvnhN17QJvCAuyYkQlMNP5SfDe+fkD/PLPy/W1SCil/5i+lhGjniA
+zjGlwCT1onmDeJ14MQ7Ioc8+zRYrCieb75RPBSKjvqqCACbfTy5G2Tj3LUtM6XO
wVIVjxG0NKBbVsvAYR+1lBxZdZlQMOtnZDCBuiac8pq8zPZQR1Hzf2wufPTb2XEZ
YQcXb2PLn0ttTPVojsb82xlHn4Y3KKf9Gy3I0dHFs41v+WOeQoq557DWa+aNtyA2
IqS3Xir0zdUyasBKhvyRoNQrWXQ0jDwlsDJIfjGDVNQFQFRyQ37kBeNrWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZpnpJ3pSlQDBtM/ebZ0Nor4DCeMB8GA1UdIwQY
MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct
ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3
LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALpvb2xIO
EuoqDkC/B/4tJjm/7lk4xQ12Cm++HiU7Q76h7tdY7GadT5NysmfbjoEc27KGo7P6
vLYUkPunZaMho2dXChu9Yg9HTwOS5E31aVQfOK9JpW/vxR47k2oPcar5oW7Vk7xh
YxvHRv/4j8k24gnfWvV4te8deJ2NOy1NgrNE5OwItJwyqoFe5El6m78UV2oAKtIE
U94AsN0Y4ZbPLN1P7OYfPhO6xMRm+zSXH5BszviGacqQzTzPAyL9AAnO+JyMAL6j
PZb836ckeNUCIO2Z2fSRIIbiX6ndMbwMWIz7ExcUoG4gMI3Uvzwc0fESiy4Phyk5
VN+M83VIpABsgw==
-----END CERTIFICATE-----