Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          Q106Qy8s3T1+G1hNtkI6I00Jn026ItbqmVLAtoo9yyo=
Subject key identifier:   CE:E1:51:4E:18:39:53:7E:A0:07:CD:66:84:2B:00:A8:87:D2:D1:84
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       0199FB45CE680F54B53F222DF554910EE518
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0D51
Signing time:             Sun 19 Oct 2025 07:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:19 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: uGKAPAgn6XILGzQa11yEapv74hpvk0ei1wXpFFj9xg4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:ce:68:0f:54:b5:3f:22:2d:f5:54:91:0e:e5:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Oct 19 07:01:19 2025 GMT
            Not After : Oct 20 07:01:19 2025 GMT
        Subject: CN=cee1514e1839537ea007cd66842b00a887d2d184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:04:9f:df:e5:4c:47:2b:cb:e5:d8:d3:93:c4:
                    9b:46:3d:e1:88:50:96:f3:9b:83:dc:46:c6:bf:94:
                    65:55:03:c0:6e:c5:c4:b9:2c:bc:5e:3a:3f:66:bc:
                    4e:a0:c2:a7:fe:40:e8:b8:cb:71:38:3d:27:9e:bc:
                    a0:f8:e1:60:2d:a2:2c:fb:a9:1e:e7:f7:ce:c1:2a:
                    dd:be:76:be:0f:46:1d:43:c6:86:35:b1:7f:14:a8:
                    17:38:ac:42:ed:55:bd:07:69:77:17:da:d8:db:81:
                    66:3d:59:40:3c:d0:ea:d6:28:a2:a3:5c:30:b5:72:
                    61:d2:df:36:c4:85:e4:ba:7b:c5:b7:e6:d3:dd:09:
                    dd:12:1a:26:c0:45:01:2f:4f:fb:1e:d7:10:21:cb:
                    a2:da:f3:53:0a:a3:ae:5c:d1:fd:36:c2:43:21:a7:
                    aa:cc:49:80:d8:fc:c4:41:21:d3:82:80:a2:f9:50:
                    25:91:0e:00:8d:98:df:20:1a:63:d4:fd:56:05:70:
                    6f:b9:c1:21:e0:b0:1f:42:ba:44:53:76:63:b0:3c:
                    f2:2e:90:8e:fb:fb:44:58:fa:27:ea:2d:7f:b8:67:
                    e0:c7:88:ad:31:de:19:77:80:cb:13:27:7f:a5:60:
                    47:76:18:ca:46:9a:d1:0c:ce:0a:8b:9e:64:94:f1:
                    18:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:E1:51:4E:18:39:53:7E:A0:07:CD:66:84:2B:00:A8:87:D2:D1:84
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:14:c3:a0:ea:3c:8a:78:46:dd:05:04:43:9b:91:7e:2f:7e:
         19:4c:d7:74:49:98:8e:0b:a2:f4:95:b4:65:26:e8:28:88:9d:
         0d:fa:af:7d:71:0d:79:4c:ca:f8:0d:f2:14:14:58:d2:6d:43:
         2d:aa:f4:2b:9f:0b:4a:70:64:c3:d9:74:3a:37:55:9a:d2:58:
         f2:98:b6:79:d0:ae:79:cf:d6:45:d2:91:ac:3c:1a:d3:81:8c:
         ff:46:c4:18:8e:ef:19:0c:a1:1d:a1:44:7b:c4:e2:aa:3d:86:
         79:ad:23:1d:cb:6b:77:b1:70:76:13:99:c4:aa:bf:8f:ce:0b:
         71:75:bd:73:32:db:51:de:9d:c2:df:da:a5:d2:10:74:76:75:
         40:49:3d:15:c3:ba:4f:9b:7a:9c:e1:d0:23:39:f5:20:7c:67:
         e4:42:8b:2c:4c:99:8c:eb:cd:c4:27:e6:52:9c:6a:d8:c3:ba:
         1e:f9:7a:5a:f7:46:ad:79:3f:8a:cc:2c:28:a1:e4:6f:4e:c1:
         b7:20:32:ab:c5:1d:2d:9a:00:0c:da:05:4d:02:e3:86:7b:86:
         61:cc:0d:f4:a6:6c:c5:fd:46:21:7e:83:30:65:a6:20:1d:60:
         9f:ae:c4:4f:84:e1:c8:b7:fd:9c:88:91:45:04:8c:b3:e6:18:
         b7:d0:b5:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Rc5oD1S1PyIt9VSRDuUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUxMDE5MDcwMTE5WhcNMjUxMDIwMDcwMTE5WjAzMTEwLwYDVQQD
EyhjZWUxNTE0ZTE4Mzk1MzdlYTAwN2NkNjY4NDJiMDBhODg3ZDJkMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwSf3+VMRyvL5djTk8SbRj3hiFCW
85uD3EbGv5RlVQPAbsXEuSy8Xjo/ZrxOoMKn/kDouMtxOD0nnryg+OFgLaIs+6ke
5/fOwSrdvna+D0YdQ8aGNbF/FKgXOKxC7VW9B2l3F9rY24FmPVlAPNDq1iiio1ww
tXJh0t82xIXkunvFt+bT3QndEhomwEUBL0/7HtcQIcui2vNTCqOuXNH9NsJDIaeq
zEmA2PzEQSHTgoCi+VAlkQ4AjZjfIBpj1P1WBXBvucEh4LAfQrpEU3ZjsDzyLpCO
+/tEWPon6i1/uGfgx4itMd4Zd4DLEyd/pWBHdhjKRprRDM4Ki55klPEYRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7hUU4YOVN+oAfNZoQrAKiH0tGEMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPxTDoOo8
inhG3QUEQ5uRfi9+GUzXdEmYjgui9JW0ZSboKIidDfqvfXENeUzK+A3yFBRY0m1D
Lar0K58LSnBkw9l0OjdVmtJY8pi2edCuec/WRdKRrDwa04GM/0bEGI7vGQyhHaFE
e8Tiqj2Gea0jHctrd7FwdhOZxKq/j84LcXW9czLbUd6dwt/apdIQdHZ1QEk9FcO6
T5t6nOHQIzn1IHxn5EKLLEyZjOvNxCfmUpxq2MO6Hvl6WvdGrXk/iswsKKHkb07B
tyAyq8UdLZoADNoFTQLjhnuGYcwN9KZsxf1GIX6DMGWmIB1gn67ET4ThyLf9nIiR
RQSMs+YYt9C10g==
-----END CERTIFICATE-----