Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          UeePVmrzymvBVX96wULOoRKlHw9+x55lD01aqsShZjY=
Subject key identifier:   43:52:AE:A0:67:1C:71:BE:35:23:42:2B:70:DC:A0:56:67:A3:67:C5
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       0198D5BBF1A3BC4F9A2F097799B95AEACD5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0CB9
Signing time:             Sat 23 Aug 2025 07:02:00 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:00 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:00 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: /LoIZKAXdhE3EZv0PPqVUlGq6G8IwJj2tJZXUVuVv7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:f1:a3:bc:4f:9a:2f:09:77:99:b9:5a:ea:cd:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Aug 23 07:02:00 2025 GMT
            Not After : Aug 24 07:02:00 2025 GMT
        Subject: CN=4352aea0671c71be3523422b70dca05667a367c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c6:a5:ca:cc:94:b7:22:2b:9a:df:f9:11:8c:
                    3e:97:91:ca:8a:20:f0:c6:c1:8d:ab:2b:20:62:80:
                    2b:7a:bd:60:70:61:65:1a:f9:3e:a7:c3:fa:22:5f:
                    45:4e:12:48:f2:cd:8e:8c:e4:c2:b0:6b:1d:d8:7f:
                    8c:cb:03:2e:be:dd:a4:d9:76:a0:a0:da:11:ae:6f:
                    30:0a:06:a6:a0:48:7a:2a:45:9e:34:9a:c2:1b:33:
                    10:ee:cb:ae:43:f0:22:96:e7:9a:c7:1f:d1:26:83:
                    ba:44:9c:ae:39:7c:93:0b:67:a0:47:e8:cc:97:37:
                    59:fc:42:a8:ff:c7:ec:ee:93:49:d9:c8:ae:a6:cf:
                    b6:a8:bf:6d:39:42:f0:e0:ac:8a:7b:e1:88:24:e9:
                    a4:e3:41:af:e3:85:ca:9b:fd:a4:18:bf:17:d9:c3:
                    63:1f:c7:82:32:65:c0:f4:e2:b6:4c:d8:84:f5:1b:
                    b9:ac:a3:62:15:d3:1c:3b:61:67:a2:9f:7f:94:1e:
                    5e:6f:37:db:c9:12:99:1c:df:f6:80:d6:15:68:0e:
                    67:e9:05:fc:a8:bf:2f:3e:2a:29:f9:2a:48:d1:81:
                    42:29:f0:df:3c:d4:80:da:56:f1:51:28:9c:ce:97:
                    76:ce:fe:0a:8c:52:45:78:4d:27:53:09:7c:95:9c:
                    fb:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:52:AE:A0:67:1C:71:BE:35:23:42:2B:70:DC:A0:56:67:A3:67:C5
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:68:3b:44:0c:32:37:99:96:9c:fe:18:9f:eb:f2:9f:d4:1f:
         05:26:2a:89:cf:d4:01:70:45:1d:10:e3:42:ee:03:07:45:14:
         40:de:c8:6b:e7:77:74:c5:da:de:a4:a6:6e:e4:06:32:61:0c:
         34:01:5c:50:72:18:ba:cd:32:85:86:72:b7:7b:3a:4b:68:45:
         77:80:bf:4a:b3:6b:43:96:fb:95:90:52:f9:46:dd:d4:a5:cb:
         57:4e:b5:a4:71:54:24:9f:3c:31:ad:77:d8:43:a7:f9:8e:b7:
         db:27:7b:f9:4f:6e:06:70:88:85:ea:f8:25:02:ee:fc:63:c8:
         fe:6a:74:7d:cb:87:ec:3a:77:1c:01:2f:77:6d:5e:ee:df:10:
         5d:d5:fd:4d:39:24:3b:fd:7d:fa:01:f5:66:c7:45:60:90:9e:
         06:a4:1d:17:41:f6:d5:0a:4c:75:63:2a:23:64:dc:e7:64:ef:
         0b:0c:1b:f0:6c:26:1b:b4:7c:2c:75:b8:b7:f4:4d:55:21:7a:
         78:7b:1d:8b:0a:72:3d:3c:11:b9:fe:03:b0:40:5f:98:77:67:
         a9:c2:53:25:aa:60:e0:e4:b0:06:0b:a3:fe:49:ae:05:1e:f6:
         87:78:78:b7:5c:36:63:2e:ef:c9:74:36:09:de:b4:9e:21:8e:
         07:18:da:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/GjvE+aLwl3mbla6s1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUwODIzMDcwMjAwWhcNMjUwODI0MDcwMjAwWjAzMTEwLwYDVQQD
Eyg0MzUyYWVhMDY3MWM3MWJlMzUyMzQyMmI3MGRjYTA1NjY3YTM2N2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMalysyUtyIrmt/5EYw+l5HKiiDw
xsGNqysgYoArer1gcGFlGvk+p8P6Il9FThJI8s2OjOTCsGsd2H+MywMuvt2k2Xag
oNoRrm8wCgamoEh6KkWeNJrCGzMQ7suuQ/Ailueaxx/RJoO6RJyuOXyTC2egR+jM
lzdZ/EKo/8fs7pNJ2ciups+2qL9tOULw4KyKe+GIJOmk40Gv44XKm/2kGL8X2cNj
H8eCMmXA9OK2TNiE9Ru5rKNiFdMcO2Fnop9/lB5ebzfbyRKZHN/2gNYVaA5n6QX8
qL8vPiop+SpI0YFCKfDfPNSA2lbxUSiczpd2zv4KjFJFeE0nUwl8lZz7FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENSrqBnHHG+NSNCK3DcoFZno2fFMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADmg7RAwy
N5mWnP4Yn+vyn9QfBSYqic/UAXBFHRDjQu4DB0UUQN7Ia+d3dMXa3qSmbuQGMmEM
NAFcUHIYus0yhYZyt3s6S2hFd4C/SrNrQ5b7lZBS+Ubd1KXLV061pHFUJJ88Ma13
2EOn+Y632yd7+U9uBnCIher4JQLu/GPI/mp0fcuH7Dp3HAEvd21e7t8QXdX9TTkk
O/19+gH1ZsdFYJCeBqQdF0H21QpMdWMqI2Tc52TvCwwb8GwmG7R8LHW4t/RNVSF6
eHsdiwpyPTwRuf4DsEBfmHdnqcJTJapg4OSwBguj/kmuBR72h3h4t1w2Yy7vyXQ2
Cd60niGOBxjaVg==
-----END CERTIFICATE-----