Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          lYqg61BNMslun3BurIBfPWteQPWH0lYfdTMdmTRweAc=
Subject key identifier:   FA:9F:C2:6C:FA:BF:46:A9:A8:6F:CB:FE:10:88:41:F1:5F:2A:BA:6C
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       0196A3C0D037EC18CC0AC5B2EEFE42F28621
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0B96
Signing time:             Tue 06 May 2025 04:00:44 +0000
Manifest this update:     Tue 06 May 2025 04:00:44 +0000
Manifest next update:     Wed 07 May 2025 04:00:44 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: qtacjKC2hZRCXLHLNF8saX3KR9q1WE0otetS1Jn9KMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:c0:d0:37:ec:18:cc:0a:c5:b2:ee:fe:42:f2:86:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: May  6 04:00:44 2025 GMT
            Not After : May  7 04:00:44 2025 GMT
        Subject: CN=fa9fc26cfabf46a9a86fcbfe108841f15f2aba6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3a:fe:71:79:b5:41:d5:6f:e2:eb:21:97:2e:
                    06:a9:12:41:d1:ae:13:21:45:46:7e:0f:60:19:77:
                    37:88:13:24:5e:bf:8e:ae:5a:80:5c:45:f9:d5:fd:
                    59:0b:b4:92:d5:51:bc:78:50:de:80:d9:7e:1f:bb:
                    7b:d8:13:1d:4f:52:6d:c4:33:c9:fc:30:96:50:be:
                    f3:67:eb:55:b6:b1:7a:11:a7:02:94:2d:10:f4:a7:
                    3d:01:d1:24:1f:b2:6e:e2:76:6b:30:14:01:1a:f9:
                    ca:1a:d9:4d:6f:45:7a:36:d6:e5:73:91:bc:c6:5c:
                    c7:eb:6e:d0:36:92:c1:eb:e6:b3:7c:0e:d4:fe:35:
                    71:57:6c:2d:c1:73:12:8c:fe:48:31:b8:cb:82:ad:
                    1d:1e:e9:15:4f:24:b3:32:1e:5b:fa:1a:6f:da:41:
                    8b:fc:94:4c:aa:80:69:27:22:44:8e:11:a2:ac:1a:
                    45:8e:b7:62:92:c8:02:66:f6:af:84:bb:16:b7:63:
                    93:93:b1:65:91:02:b7:a6:2a:4c:58:5a:be:c2:e3:
                    31:ab:d4:ed:ba:11:72:d6:fe:64:a6:74:49:95:c1:
                    56:8c:40:7e:87:b8:7c:23:d9:9d:4c:a8:b2:9d:b0:
                    e5:ad:58:89:fc:25:a2:68:23:18:06:3e:b2:1f:84:
                    ac:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:9F:C2:6C:FA:BF:46:A9:A8:6F:CB:FE:10:88:41:F1:5F:2A:BA:6C
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:04:c8:25:48:c3:0b:ed:ca:fb:11:0a:6b:3f:8e:dc:4e:86:
         74:03:a5:12:bc:fb:d3:d7:d1:29:5f:04:16:55:28:d5:c7:34:
         84:97:51:66:34:86:b2:dc:49:0c:32:b7:e9:94:60:ec:c1:ae:
         79:26:49:5f:29:74:4d:60:e0:b3:f3:d3:dc:0b:5d:04:c9:05:
         4b:31:a2:39:f6:9f:5c:dc:e3:42:7d:ea:f3:ef:bc:72:a8:51:
         97:58:b8:83:8d:70:ea:57:9a:90:a0:31:a4:08:8c:d9:a8:ba:
         da:8d:88:9e:5f:08:18:a2:f6:9d:25:8a:e9:0c:a7:c4:1b:30:
         76:88:d0:f8:45:a6:6c:0e:26:ef:0f:d4:e4:c6:94:75:05:56:
         ff:8c:f2:83:9e:18:98:ce:cf:22:d1:52:65:04:73:aa:5b:23:
         cb:7b:b1:b4:89:26:3d:88:ed:9c:15:9e:24:d0:7d:81:c3:af:
         32:a9:46:4d:48:f2:a1:87:c3:3e:e1:19:08:ed:92:2c:b3:e9:
         9e:51:11:d2:3d:ef:4a:7a:b2:af:0d:5f:ac:c4:ab:df:ec:5f:
         51:e3:34:f9:e3:c0:fc:8e:a8:d7:71:38:25:f4:27:9d:4c:cb:
         37:8b:2e:34:e1:d3:74:74:4b:18:8b:b2:2a:08:c5:38:f3:86:
         c3:e5:7d:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajwNA37BjMCsWy7v5C8oYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUwNTA2MDQwMDQ0WhcNMjUwNTA3MDQwMDQ0WjAzMTEwLwYDVQQD
EyhmYTlmYzI2Y2ZhYmY0NmE5YTg2ZmNiZmUxMDg4NDFmMTVmMmFiYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTr+cXm1QdVv4ushly4GqRJB0a4T
IUVGfg9gGXc3iBMkXr+OrlqAXEX51f1ZC7SS1VG8eFDegNl+H7t72BMdT1JtxDPJ
/DCWUL7zZ+tVtrF6EacClC0Q9Kc9AdEkH7Ju4nZrMBQBGvnKGtlNb0V6Ntblc5G8
xlzH627QNpLB6+azfA7U/jVxV2wtwXMSjP5IMbjLgq0dHukVTySzMh5b+hpv2kGL
/JRMqoBpJyJEjhGirBpFjrdiksgCZvavhLsWt2OTk7FlkQK3pipMWFq+wuMxq9Tt
uhFy1v5kpnRJlcFWjEB+h7h8I9mdTKiynbDlrViJ/CWiaCMYBj6yH4SsowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqfwmz6v0apqG/L/hCIQfFfKrpsMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArQTIJUjD
C+3K+xEKaz+O3E6GdAOlErz709fRKV8EFlUo1cc0hJdRZjSGstxJDDK36ZRg7MGu
eSZJXyl0TWDgs/PT3AtdBMkFSzGiOfafXNzjQn3q8++8cqhRl1i4g41w6leakKAx
pAiM2ai62o2Inl8IGKL2nSWK6QynxBswdojQ+EWmbA4m7w/U5MaUdQVW/4zyg54Y
mM7PItFSZQRzqlsjy3uxtIkmPYjtnBWeJNB9gcOvMqlGTUjyoYfDPuEZCO2SLLPp
nlER0j3vSnqyrw1frMSr3+xfUeM0+ePA/I6o13E4JfQnnUzLN4suNOHTdHRLGIuy
KgjFOPOGw+V9Pg==
-----END CERTIFICATE-----