Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          MyJcJZDUgnQB6QZCvIhNY8NCBa3gHGuWQ3rpVJMYjSU=
Subject key identifier:   BE:EE:DA:53:41:EA:0A:9E:17:8C:02:42:C6:19:73:2D:14:5D:30:D5
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       01984776B2F1DDD84A2095E715768621D3E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          11CD
Signing time:             Sat 26 Jul 2025 16:00:18 +0000
Manifest this update:     Sat 26 Jul 2025 16:00:18 +0000
Manifest next update:     Sun 27 Jul 2025 16:00:18 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: nZzkPyBQ2eczUsIgWD9YvapOs3vWfwzZ4zRfNAT+93E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:76:b2:f1:dd:d8:4a:20:95:e7:15:76:86:21:d3:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Jul 26 16:00:18 2025 GMT
            Not After : Jul 27 16:00:18 2025 GMT
        Subject: CN=beeeda5341ea0a9e178c0242c619732d145d30d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e6:3e:65:f1:c4:b9:a6:0f:a2:aa:7b:a1:a1:
                    c3:77:7b:10:68:35:e7:d5:f5:a2:88:0d:fc:ce:fe:
                    85:5a:22:9b:98:33:68:55:32:20:70:42:a7:f6:ea:
                    c1:6b:79:e9:d9:df:49:41:8d:b7:a7:98:e5:45:b4:
                    e8:58:d9:2f:5d:9b:91:80:11:c2:18:a6:8d:60:ff:
                    63:e8:e7:04:3a:eb:d1:71:14:0d:7f:0e:f1:f5:5b:
                    17:98:b0:51:c2:4e:1a:05:8b:1d:10:96:56:e6:ff:
                    46:78:89:97:81:47:27:63:f8:48:54:d4:75:10:f1:
                    d2:2e:87:40:a3:ab:f3:32:03:21:0b:fe:8e:09:92:
                    d7:11:ad:a8:82:11:3e:b1:2e:fc:d5:d5:21:7e:df:
                    dd:08:f1:6c:58:d5:b3:21:cf:95:71:c8:3e:5a:ae:
                    11:7e:5f:44:fd:31:57:af:9c:3b:d2:55:54:b4:76:
                    01:b0:c5:89:ee:0e:ea:dc:45:0c:5d:3b:00:70:2d:
                    46:b1:74:ee:3d:e4:96:ca:1a:98:6d:60:89:70:28:
                    4b:07:8e:7f:12:42:08:fb:37:bb:39:5e:0c:69:8f:
                    9c:19:4b:04:e4:bc:be:27:36:33:3b:eb:0a:13:1e:
                    b2:e7:14:2d:c9:d9:47:cc:db:1a:92:0a:3b:fc:f6:
                    57:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:EE:DA:53:41:EA:0A:9E:17:8C:02:42:C6:19:73:2D:14:5D:30:D5
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:85:85:b4:e5:55:7b:75:ec:09:95:9b:9a:2c:04:07:64:6a:
         59:9e:4e:1c:03:c8:d8:9b:7b:36:fd:4a:00:61:14:e5:17:cd:
         e9:93:f4:23:35:fd:89:0a:bb:73:ba:27:9d:e9:5f:52:6f:81:
         5b:ba:99:88:fd:f1:59:56:d0:bc:2d:cb:28:05:dd:95:1f:34:
         cc:2e:23:62:51:6f:64:99:68:8b:47:19:5b:80:c0:30:41:00:
         2c:da:7e:c1:9c:ee:9d:1d:b8:79:58:12:70:0a:e3:09:ca:3d:
         11:85:1e:22:e0:b7:21:a4:39:37:28:e1:48:4d:90:5c:ca:e5:
         18:a8:bf:da:dc:f1:7c:de:c8:b7:4e:3f:75:b7:5a:74:b4:cf:
         93:24:e1:88:8d:34:27:13:a8:32:9e:a2:88:69:49:1c:12:09:
         7a:41:8e:65:79:04:b5:51:b2:13:1d:e0:9e:1c:0c:0b:d6:86:
         56:c0:c0:96:63:55:6a:d0:fa:17:b3:33:5e:3b:e1:2a:be:c3:
         2a:b9:ea:e4:11:2f:ae:8b:41:be:cd:11:5c:08:12:e0:4d:a1:
         f4:5a:ed:66:2a:9b:82:5d:6e:92:c6:65:3e:47:13:9b:91:7a:
         9a:e9:d1:dc:41:a5:2d:bd:68:be:bc:fa:32:99:1c:5d:67:ee:
         e8:9d:fc:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHdrLx3dhKIJXnFXaGIdPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjUwNzI2MTYwMDE4WhcNMjUwNzI3MTYwMDE4WjAzMTEwLwYDVQQD
EyhiZWVlZGE1MzQxZWEwYTllMTc4YzAyNDJjNjE5NzMyZDE0NWQzMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eY+ZfHEuaYPoqp7oaHDd3sQaDXn
1fWiiA38zv6FWiKbmDNoVTIgcEKn9urBa3np2d9JQY23p5jlRbToWNkvXZuRgBHC
GKaNYP9j6OcEOuvRcRQNfw7x9VsXmLBRwk4aBYsdEJZW5v9GeImXgUcnY/hIVNR1
EPHSLodAo6vzMgMhC/6OCZLXEa2oghE+sS781dUhft/dCPFsWNWzIc+Vccg+Wq4R
fl9E/TFXr5w70lVUtHYBsMWJ7g7q3EUMXTsAcC1GsXTuPeSWyhqYbWCJcChLB45/
EkII+ze7OV4MaY+cGUsE5Ly+JzYzO+sKEx6y5xQtydlHzNsakgo7/PZXgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7u2lNB6gqeF4wCQsYZcy0UXTDVMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmYWFtOVV
e3XsCZWbmiwEB2RqWZ5OHAPI2Jt7Nv1KAGEU5RfN6ZP0IzX9iQq7c7onnelfUm+B
W7qZiP3xWVbQvC3LKAXdlR80zC4jYlFvZJloi0cZW4DAMEEALNp+wZzunR24eVgS
cArjCco9EYUeIuC3IaQ5NyjhSE2QXMrlGKi/2tzxfN7It04/dbdadLTPkyThiI00
JxOoMp6iiGlJHBIJekGOZXkEtVGyEx3gnhwMC9aGVsDAlmNVatD6F7MzXjvhKr7D
Krnq5BEvrotBvs0RXAgS4E2h9FrtZiqbgl1uksZlPkcTm5F6munR3EGlLb1ovrz6
MpkcXWfu6J38Qg==
-----END CERTIFICATE-----