Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          rzeNk4+7it9bnOZdv2TmwNAmDRHmAChRNM4LDE/h6qQ=
Subject key identifier:   39:15:6F:8E:9C:F8:3C:A8:FB:D6:BA:7F:60:72:49:6B:D4:E2:8D:26
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       0198D660A6900881E603B3F71ACFCB636174
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          1217
Signing time:             Sat 23 Aug 2025 10:01:54 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:54 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:54 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: pBLIPYOzn2l6yN7ofBWU2w5ty/1op42R0Qz3DMec2m8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:a6:90:08:81:e6:03:b3:f7:1a:cf:cb:63:61:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Aug 23 10:01:54 2025 GMT
            Not After : Aug 24 10:01:54 2025 GMT
        Subject: CN=39156f8e9cf83ca8fbd6ba7f6072496bd4e28d26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:69:af:8c:02:3b:1d:c8:3a:fe:4e:eb:8c:88:
                    73:6e:cc:b4:72:bf:33:70:12:91:94:fb:81:56:af:
                    59:39:35:a7:96:8e:25:1f:be:d6:8f:61:27:eb:ea:
                    7b:2b:03:ba:23:01:24:35:c7:58:4a:f6:55:6f:47:
                    51:b6:70:56:b2:dc:03:6c:dd:53:d5:02:b8:cf:10:
                    3a:96:96:57:1b:9c:51:87:6a:5d:27:32:99:00:3d:
                    d5:5f:6b:03:d2:8b:1a:2f:4b:19:6c:d5:e9:92:3f:
                    f8:ed:e7:88:ca:d6:20:70:0d:12:0c:ee:97:1c:bf:
                    70:cd:1d:dc:99:66:94:5a:f0:5a:25:91:12:7d:4a:
                    8d:30:92:2d:a1:ef:cd:39:42:3e:32:18:24:f5:a6:
                    78:c4:93:56:93:17:ba:2b:20:73:22:14:f6:28:2f:
                    39:2c:37:0f:1a:b9:18:cb:4a:a1:22:e7:ae:d7:da:
                    6b:ac:b4:8e:7f:ac:78:92:03:30:bb:1e:3e:ba:90:
                    9f:f9:68:1a:f6:d5:26:d8:b6:48:a2:c5:5e:b8:95:
                    18:a1:1d:26:9f:b6:39:a9:17:62:6d:cf:6d:8c:17:
                    f4:ba:7d:ae:a6:8d:51:92:27:b7:b5:1a:8a:bd:a2:
                    6e:95:a7:61:bb:4a:86:a5:97:d8:6e:84:f9:30:5b:
                    14:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:15:6F:8E:9C:F8:3C:A8:FB:D6:BA:7F:60:72:49:6B:D4:E2:8D:26
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:8c:07:06:2c:c4:46:ac:91:be:c6:c6:33:51:41:0d:85:c7:
         d1:f9:5a:63:21:16:da:4d:f9:72:cf:75:b9:9d:1c:38:d1:87:
         a2:f4:fa:e3:58:1f:47:83:ad:92:25:b1:10:41:a6:e6:31:3f:
         e4:d3:40:e6:f3:03:05:25:8e:31:a8:f0:95:3b:89:b4:44:1d:
         05:ec:bd:d7:ce:97:96:a1:9b:5c:d8:2e:2b:36:13:8a:aa:c6:
         de:27:16:a0:10:91:9b:7b:2d:e1:75:90:ef:8b:f8:c5:9a:e7:
         69:b2:25:07:e5:42:f9:7f:2f:77:69:01:7f:d5:05:01:20:57:
         f5:da:67:f3:3c:ac:42:a7:b3:29:0d:d6:f9:cb:99:7e:fe:8f:
         31:aa:a6:b8:80:38:22:69:df:7f:d1:73:45:a1:64:08:49:ca:
         b3:c2:b5:a7:0e:5b:d9:63:58:d4:91:8d:96:9f:c7:2e:b2:ce:
         19:0d:fd:f2:f6:b9:cb:16:98:8e:13:aa:f6:28:85:8c:e8:bc:
         a3:7b:c4:a2:10:22:79:a7:70:d5:ff:69:d0:3f:a6:6b:25:e2:
         4b:e5:52:f5:38:34:30:89:95:8e:98:23:d4:34:20:b8:22:98:
         47:29:07:be:02:4f:45:d9:b1:e3:c0:75:b3:e2:5f:80:8e:7c:
         d9:60:31:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYKaQCIHmA7P3Gs/LY2F0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjUwODIzMTAwMTU0WhcNMjUwODI0MTAwMTU0WjAzMTEwLwYDVQQD
EygzOTE1NmY4ZTljZjgzY2E4ZmJkNmJhN2Y2MDcyNDk2YmQ0ZTI4ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGmvjAI7Hcg6/k7rjIhzbsy0cr8z
cBKRlPuBVq9ZOTWnlo4lH77Wj2En6+p7KwO6IwEkNcdYSvZVb0dRtnBWstwDbN1T
1QK4zxA6lpZXG5xRh2pdJzKZAD3VX2sD0osaL0sZbNXpkj/47eeIytYgcA0SDO6X
HL9wzR3cmWaUWvBaJZESfUqNMJItoe/NOUI+Mhgk9aZ4xJNWkxe6KyBzIhT2KC85
LDcPGrkYy0qhIueu19prrLSOf6x4kgMwux4+upCf+Wga9tUm2LZIosVeuJUYoR0m
n7Y5qRdibc9tjBf0un2upo1Rkie3tRqKvaJuladhu0qGpZfYboT5MFsUKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkVb46c+Dyo+9a6f2BySWvU4o0mMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEowHBizE
RqyRvsbGM1FBDYXH0flaYyEW2k35cs91uZ0cONGHovT641gfR4OtkiWxEEGm5jE/
5NNA5vMDBSWOMajwlTuJtEQdBey9186XlqGbXNguKzYTiqrG3icWoBCRm3st4XWQ
74v4xZrnabIlB+VC+X8vd2kBf9UFASBX9dpn8zysQqezKQ3W+cuZfv6PMaqmuIA4
Imnff9FzRaFkCEnKs8K1pw5b2WNY1JGNlp/HLrLOGQ398va5yxaYjhOq9iiFjOi8
o3vEohAieadw1f9p0D+mayXiS+VS9Tg0MImVjpgj1DQguCKYRykHvgJPRdmx48B1
s+JfgI582WAx4A==
-----END CERTIFICATE-----