Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          WXHo0aU05tIpB4fdj+0I8fKZrV7faWRkjS0iNWrSEyg=
Subject key identifier:   5A:C9:E8:44:8F:E0:57:99:4B:02:E4:6F:A0:1D:58:DF:BA:C2:36:7E
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       0197B5FBD9B6C1C65544A019C65118AE2B5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0C24
Signing time:             Sat 28 Jun 2025 10:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:10 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: yA0Cih+7AxkR/FGuu6CQlpXJr9uQd5OTPXiBPKdLsMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fb:d9:b6:c1:c6:55:44:a0:19:c6:51:18:ae:2b:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Jun 28 10:01:10 2025 GMT
            Not After : Jun 29 10:01:10 2025 GMT
        Subject: CN=5ac9e8448fe057994b02e46fa01d58dfbac2367e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:7a:2d:18:22:7f:b6:f6:ca:70:8f:25:4b:aa:
                    35:be:bf:15:f8:4b:68:2e:fb:f6:fe:f3:c9:c3:15:
                    f3:e1:a9:f4:94:ad:ba:95:a8:99:10:84:f7:a7:7b:
                    66:16:13:d0:cf:7f:49:98:d1:5c:b2:14:16:66:d0:
                    1f:d9:3e:d9:ed:7c:f3:d1:18:88:f8:12:f7:94:40:
                    4c:ef:b9:08:58:97:f2:be:9c:73:4b:f0:ed:34:f7:
                    31:77:ea:83:d8:b8:08:6d:88:dc:94:f9:9e:5a:18:
                    26:53:30:12:2d:5d:2c:29:05:bc:1b:bc:5f:c0:de:
                    d5:80:89:23:0e:bf:e8:2e:0c:00:ce:b4:48:1e:bc:
                    a4:4c:ea:81:67:67:8e:d8:0e:b0:dc:12:84:d1:10:
                    37:52:ff:47:e1:b5:86:db:a8:44:f5:e7:d7:c7:7c:
                    c2:fb:b3:5c:0c:a9:39:99:92:24:bd:bc:99:f0:8a:
                    a5:02:70:c2:bc:4e:f5:fa:3f:8b:05:24:bd:50:e5:
                    40:30:bb:58:a8:8d:78:48:d1:80:35:f6:a3:74:76:
                    ce:2a:1a:de:82:19:77:af:22:4c:7a:41:a1:fc:ea:
                    17:cb:af:b7:91:76:90:db:42:c3:49:33:65:0a:4e:
                    b0:c3:ab:27:60:6d:75:84:85:e5:2a:58:7b:a2:3f:
                    bd:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:C9:E8:44:8F:E0:57:99:4B:02:E4:6F:A0:1D:58:DF:BA:C2:36:7E
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:ba:b6:53:ae:c1:1b:0a:e9:f0:c1:5c:b1:b0:c6:3a:07:84:
         8a:dd:4a:97:f5:e8:4e:f4:d1:b8:8c:aa:a2:a7:66:7a:38:41:
         ca:27:3b:88:59:5d:46:32:47:8a:94:8f:b6:c1:84:38:25:31:
         a7:23:e9:62:60:3c:76:98:a0:f0:2c:77:4e:85:99:9d:d2:aa:
         e5:77:24:76:b9:bd:b5:c2:d4:fe:fc:51:cc:c2:f7:da:30:bf:
         fe:e8:63:95:d1:13:cf:96:a1:57:6c:2e:66:69:5d:b8:aa:62:
         26:60:a8:74:88:c0:a9:77:eb:dc:c6:da:ea:b2:a1:1b:87:94:
         98:a6:cf:81:7a:ee:c2:74:f0:bb:92:53:98:7e:20:af:04:62:
         9e:b2:3a:8b:fa:57:79:4c:01:45:b2:84:32:88:93:18:26:c2:
         6f:12:bd:6f:c5:2f:2e:88:55:32:c8:e5:ae:3b:5e:d6:b1:38:
         1c:c5:1c:af:06:70:4e:da:06:7a:79:2d:6e:ec:78:f8:f2:2a:
         d6:86:55:da:f5:a7:53:43:54:72:a2:a6:fd:b1:7c:90:6f:dc:
         36:7a:3e:e2:49:42:bf:6c:91:b8:69:b3:74:d1:3f:72:ef:36:
         0a:c6:5b:56:48:61:66:2d:59:1f:7f:8f:d8:8d:02:8c:53:5a:
         6d:05:69:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1+9m2wcZVRKAZxlEYriteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUwNjI4MTAwMTEwWhcNMjUwNjI5MTAwMTEwWjAzMTEwLwYDVQQD
Eyg1YWM5ZTg0NDhmZTA1Nzk5NGIwMmU0NmZhMDFkNThkZmJhYzIzNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnotGCJ/tvbKcI8lS6o1vr8V+Eto
Lvv2/vPJwxXz4an0lK26laiZEIT3p3tmFhPQz39JmNFcshQWZtAf2T7Z7Xzz0RiI
+BL3lEBM77kIWJfyvpxzS/DtNPcxd+qD2LgIbYjclPmeWhgmUzASLV0sKQW8G7xf
wN7VgIkjDr/oLgwAzrRIHrykTOqBZ2eO2A6w3BKE0RA3Uv9H4bWG26hE9efXx3zC
+7NcDKk5mZIkvbyZ8IqlAnDCvE71+j+LBSS9UOVAMLtYqI14SNGANfajdHbOKhre
ghl3ryJMekGh/OoXy6+3kXaQ20LDSTNlCk6ww6snYG11hIXlKlh7oj+9YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrJ6ESP4FeZSwLkb6AdWN+6wjZ+MB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV7q2U67B
Gwrp8MFcsbDGOgeEit1Kl/XoTvTRuIyqoqdmejhByic7iFldRjJHipSPtsGEOCUx
pyPpYmA8dpig8Cx3ToWZndKq5Xckdrm9tcLU/vxRzML32jC//uhjldETz5ahV2wu
ZmlduKpiJmCodIjAqXfr3Mba6rKhG4eUmKbPgXruwnTwu5JTmH4grwRinrI6i/pX
eUwBRbKEMoiTGCbCbxK9b8UvLohVMsjlrjte1rE4HMUcrwZwTtoGenktbux4+PIq
1oZV2vWnU0NUcqKm/bF8kG/cNno+4klCv2yRuGmzdNE/cu82CsZbVkhhZi1ZH3+P
2I0CjFNabQVpqQ==
-----END CERTIFICATE-----