Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          /wMmtCtPaGcW4koWkqoM/895zWMhrgKrDs0F+Np5VH4=
Subject key identifier:   8D:92:53:AA:F5:65:D1:68:1B:56:40:5E:35:34:8D:AE:70:31:AC:EA
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       0197B6A1C8A4957EB42685E0F2B65FA3FCF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          1182
Signing time:             Sat 28 Jun 2025 13:02:25 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:25 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:25 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: qlVhngDofkKfrjVDzchYWhOeiNU+I1SoAJwG1QZBN3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:c8:a4:95:7e:b4:26:85:e0:f2:b6:5f:a3:fc:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Jun 28 13:02:25 2025 GMT
            Not After : Jun 29 13:02:25 2025 GMT
        Subject: CN=8d9253aaf565d1681b56405e35348dae7031acea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:86:a6:74:dc:89:de:ad:47:b2:70:5a:3f:c1:
                    fe:db:58:78:05:05:50:e2:04:ef:ef:e8:48:84:8b:
                    c5:ab:72:ea:0e:32:b7:37:71:d2:d7:cd:95:8c:7d:
                    43:21:19:28:68:f2:d0:21:b2:94:49:47:69:83:c2:
                    41:17:fc:03:1a:b3:08:41:74:90:69:24:05:db:24:
                    28:cd:bf:d6:b7:87:46:a7:67:51:e4:1e:12:2f:44:
                    65:d3:74:1e:48:a8:9f:3b:af:2b:6c:9f:fc:91:19:
                    b6:18:7b:af:1d:b8:a4:a7:93:4c:75:ce:17:2f:78:
                    ce:6b:92:e2:60:94:ea:75:91:16:8b:64:52:4a:f0:
                    c5:f5:46:b9:b9:32:32:81:ef:4b:02:3e:de:4e:f4:
                    99:54:91:42:a7:05:2a:d9:73:68:9d:4c:21:3d:28:
                    b6:e0:05:18:1d:cc:3d:2f:0e:be:87:e3:07:ea:08:
                    c0:d4:97:e3:d8:c0:7a:ee:20:a2:ff:59:45:59:05:
                    04:c3:79:d7:8e:c0:2e:71:ae:fc:55:6b:6d:70:fb:
                    48:d0:01:f4:ca:c3:5d:38:a8:5f:26:6c:95:11:95:
                    e9:59:60:6a:43:38:f5:cd:10:dc:d7:a0:02:f1:ca:
                    23:f3:2f:59:d4:a8:c8:0a:c3:fd:37:a7:b3:54:37:
                    14:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:92:53:AA:F5:65:D1:68:1B:56:40:5E:35:34:8D:AE:70:31:AC:EA
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:f7:a6:af:d6:29:7b:5a:bd:fa:4c:72:52:d3:ff:ca:93:8e:
         90:27:b5:86:fa:d6:ec:08:34:35:12:c2:70:b8:6b:d7:72:85:
         90:54:0c:de:9f:22:82:46:b8:81:16:56:36:b4:d6:bd:fb:4f:
         af:af:ae:f2:09:a4:3c:ec:93:d2:f9:b6:dc:8b:52:05:03:c7:
         86:94:20:c1:cd:e8:f4:3c:aa:2e:68:bf:59:e7:65:5a:db:38:
         6b:5d:9f:28:39:de:fd:a1:8c:b8:c2:74:4b:ad:fc:49:1c:3b:
         bf:dd:b3:7c:27:16:a5:1b:bf:11:33:e5:de:5c:37:33:e3:7a:
         5d:81:2f:b8:7a:cc:7b:07:3e:f6:cf:a7:30:42:ab:2e:aa:f6:
         1a:e3:73:f4:ca:ac:48:ec:7d:97:a3:ce:26:5f:0c:00:74:a6:
         51:12:a1:15:24:b3:87:14:b2:f2:6a:f3:a8:e8:a9:b5:30:f6:
         d5:fe:d1:d3:94:ef:13:b5:4a:aa:ce:36:8c:55:6d:e1:be:09:
         02:12:04:27:8f:64:5b:3d:88:7d:33:ce:ad:f4:01:af:5e:bc:
         40:5c:9a:5b:e2:03:d6:13:9c:5e:71:f2:f6:d3:8a:2a:d8:ef:
         b6:33:56:77:08:d4:1a:b9:97:74:71:57:9f:b8:a8:fb:10:63:
         95:9d:a3:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ociklX60JoXg8rZfo/z4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjUwNjI4MTMwMjI1WhcNMjUwNjI5MTMwMjI1WjAzMTEwLwYDVQQD
Eyg4ZDkyNTNhYWY1NjVkMTY4MWI1NjQwNWUzNTM0OGRhZTcwMzFhY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04amdNyJ3q1HsnBaP8H+21h4BQVQ
4gTv7+hIhIvFq3LqDjK3N3HS182VjH1DIRkoaPLQIbKUSUdpg8JBF/wDGrMIQXSQ
aSQF2yQozb/Wt4dGp2dR5B4SL0Rl03QeSKifO68rbJ/8kRm2GHuvHbikp5NMdc4X
L3jOa5LiYJTqdZEWi2RSSvDF9Ua5uTIyge9LAj7eTvSZVJFCpwUq2XNonUwhPSi2
4AUYHcw9Lw6+h+MH6gjA1Jfj2MB67iCi/1lFWQUEw3nXjsAuca78VWttcPtI0AH0
ysNdOKhfJmyVEZXpWWBqQzj1zRDc16AC8coj8y9Z1KjICsP9N6ezVDcUAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2SU6r1ZdFoG1ZAXjU0ja5wMazqMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEvemr9Yp
e1q9+kxyUtP/ypOOkCe1hvrW7Ag0NRLCcLhr13KFkFQM3p8igka4gRZWNrTWvftP
r6+u8gmkPOyT0vm23ItSBQPHhpQgwc3o9DyqLmi/WedlWts4a12fKDne/aGMuMJ0
S638SRw7v92zfCcWpRu/ETPl3lw3M+N6XYEvuHrMewc+9s+nMEKrLqr2GuNz9Mqs
SOx9l6POJl8MAHSmURKhFSSzhxSy8mrzqOiptTD21f7R05TvE7VKqs42jFVt4b4J
AhIEJ49kWz2IfTPOrfQBr168QFyaW+ID1hOcXnHy9tOKKtjvtjNWdwjUGrmXdHFX
n7io+xBjlZ2jeA==
-----END CERTIFICATE-----