Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          ejtBRmrkylb/RN6EqN8ip8ZCkUkw/ABv4Ut4intKjmo=
Subject key identifier:   67:66:94:82:FA:A4:6D:34:86:93:85:CA:1D:96:42:9A:23:FB:3E:3C
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       01985456CFCA95540D8EAEE99756DBE0C840
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0C76
Signing time:             Tue 29 Jul 2025 04:00:32 +0000
Manifest this update:     Tue 29 Jul 2025 04:00:32 +0000
Manifest next update:     Wed 30 Jul 2025 04:00:32 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: Kqiv3FBj9iy3Fei1K7kKLLRgYdkDrhZxIXQySsSrNRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:54:56:cf:ca:95:54:0d:8e:ae:e9:97:56:db:e0:c8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Jul 29 04:00:32 2025 GMT
            Not After : Jul 30 04:00:32 2025 GMT
        Subject: CN=67669482faa46d34869385ca1d96429a23fb3e3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b7:11:d9:7d:03:de:12:cc:c1:94:63:91:8f:
                    db:cb:bb:b2:99:9c:fc:7e:35:a4:e0:4b:e2:d4:70:
                    89:b3:ae:49:ee:ec:52:d5:61:3d:7e:92:b4:d7:2b:
                    15:92:93:d1:1f:ff:53:7c:85:e7:d9:1d:bb:65:ee:
                    07:a4:44:a0:8d:db:3b:4f:6f:8f:26:a6:e6:3c:e9:
                    88:c6:0b:04:92:69:81:42:89:db:51:c8:ec:41:fb:
                    be:2b:0a:3c:5d:da:45:6b:59:6b:23:8e:89:50:14:
                    63:d0:71:da:d9:8e:44:84:23:a6:76:ef:fc:be:32:
                    e0:f8:e7:b5:ac:31:ce:7f:db:82:15:b6:2a:ee:6b:
                    e6:d5:6d:da:0a:b2:0a:4c:89:b0:52:78:33:0e:90:
                    ae:8b:eb:7c:7c:35:ea:09:d2:88:d7:94:cf:7b:86:
                    b0:68:9c:66:03:6d:22:45:63:c5:6f:69:d8:f8:0f:
                    d9:e7:88:61:52:47:8c:e7:d3:14:b8:1c:a5:09:37:
                    7a:3c:e1:95:46:f7:77:30:d7:a2:5e:14:86:35:32:
                    95:7d:05:87:b9:d5:bf:99:f6:0d:ca:65:41:9f:d3:
                    3a:c5:ea:b7:f6:8d:a6:55:a8:85:97:40:66:41:ab:
                    58:d6:fb:0d:91:ea:18:70:61:da:7e:0e:f3:b6:40:
                    31:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:66:94:82:FA:A4:6D:34:86:93:85:CA:1D:96:42:9A:23:FB:3E:3C
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:62:b8:f6:d9:f9:7b:ab:fd:d9:ad:e4:8e:e7:f0:fe:1f:bf:
         9b:48:a9:04:53:74:3b:56:1b:12:a0:c1:36:28:b0:70:86:d0:
         9c:69:74:74:3c:b4:b1:c0:e6:4c:bd:27:84:70:d5:cc:fc:db:
         e6:a4:a3:a9:e5:c9:ec:48:b5:81:3a:e6:c7:d6:c1:e8:62:5f:
         02:cd:08:41:b2:4c:bd:0c:f6:5e:47:3f:bc:b6:59:a5:9b:1a:
         f7:e5:69:2a:19:7e:19:d4:15:c7:33:51:f4:f4:d8:f0:69:eb:
         ea:4e:6a:ed:97:fe:26:86:d3:c0:7d:f0:e5:9c:d7:51:4a:4e:
         99:06:6a:a0:9e:f5:12:89:38:4c:2f:e4:91:b1:ca:2f:7c:ef:
         9d:7a:77:bf:57:37:44:33:07:62:b7:d7:a7:4a:7e:fa:77:5c:
         7a:4c:de:9c:7a:c0:5c:47:66:70:40:9a:81:dc:05:34:50:ea:
         ec:9c:2c:52:28:ea:4b:67:91:3f:7b:a0:01:c1:20:fa:0e:68:
         e2:41:50:2c:39:e6:3b:c5:99:a7:2f:d9:67:7a:ae:fd:0b:3d:
         58:f4:dc:1d:61:e8:0e:5d:7d:93:e4:7f:1b:43:71:27:55:cc:
         bb:0f:70:05:45:df:79:40:5c:29:e0:0e:22:62:8a:f7:c8:d9:
         2d:fc:d4:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhUVs/KlVQNjq7pl1bb4MhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUwNzI5MDQwMDMyWhcNMjUwNzMwMDQwMDMyWjAzMTEwLwYDVQQD
Eyg2NzY2OTQ4MmZhYTQ2ZDM0ODY5Mzg1Y2ExZDk2NDI5YTIzZmIzZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLcR2X0D3hLMwZRjkY/by7uymZz8
fjWk4Evi1HCJs65J7uxS1WE9fpK01ysVkpPRH/9TfIXn2R27Ze4HpESgjds7T2+P
JqbmPOmIxgsEkmmBQonbUcjsQfu+Kwo8XdpFa1lrI46JUBRj0HHa2Y5EhCOmdu/8
vjLg+Oe1rDHOf9uCFbYq7mvm1W3aCrIKTImwUngzDpCui+t8fDXqCdKI15TPe4aw
aJxmA20iRWPFb2nY+A/Z54hhUkeM59MUuBylCTd6POGVRvd3MNeiXhSGNTKVfQWH
udW/mfYNymVBn9M6xeq39o2mVaiFl0BmQatY1vsNkeoYcGHafg7ztkAx2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdmlIL6pG00hpOFyh2WQpoj+z48MB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm2K49tn5
e6v92a3kjufw/h+/m0ipBFN0O1YbEqDBNiiwcIbQnGl0dDy0scDmTL0nhHDVzPzb
5qSjqeXJ7Ei1gTrmx9bB6GJfAs0IQbJMvQz2Xkc/vLZZpZsa9+VpKhl+GdQVxzNR
9PTY8Gnr6k5q7Zf+JobTwH3w5ZzXUUpOmQZqoJ71Eok4TC/kkbHKL3zvnXp3v1c3
RDMHYrfXp0p++ndcekzenHrAXEdmcECagdwFNFDq7JwsUijqS2eRP3ugAcEg+g5o
4kFQLDnmO8WZpy/ZZ3qu/Qs9WPTcHWHoDl19k+R/G0NxJ1XMuw9wBUXfeUBcKeAO
ImKK98jZLfzUsw==
-----END CERTIFICATE-----