Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          EzcgrDz+jQrxWle+doF/4nWVCA5C2Hl7IQq/DOUCtyk=
Subject key identifier:   D6:D4:A2:9B:49:C5:04:E3:6F:21:0F:53:69:7F:88:26:CE:3E:02:A1
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       019A5609067A94CB784796516B758A5D7591
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0D80
Signing time:             Wed 05 Nov 2025 22:00:23 +0000
Manifest this update:     Wed 05 Nov 2025 22:00:23 +0000
Manifest next update:     Thu 06 Nov 2025 22:00:23 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: 6detrqd3BFCRTBNyUkTo25pO92eEMJjvFE3ZZP2+xFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 21:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:56:09:06:7a:94:cb:78:47:96:51:6b:75:8a:5d:75:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Nov  5 22:00:23 2025 GMT
            Not After : Nov  6 22:00:23 2025 GMT
        Subject: CN=d6d4a29b49c504e36f210f53697f8826ce3e02a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:b3:55:2f:b9:bd:1b:58:22:aa:e0:5c:c0:5d:
                    92:5d:6a:ba:ec:1c:11:30:e1:4d:36:a7:98:d8:7c:
                    12:d9:5e:aa:f7:40:3b:22:0f:4c:3b:10:a0:ae:df:
                    9e:d5:38:35:56:82:f4:bd:26:ef:62:a8:b0:b9:05:
                    56:e5:1d:fa:ec:50:e6:30:5e:5d:06:39:96:5f:ae:
                    0e:bf:c8:97:69:77:04:ae:7a:dc:7f:5d:2f:ad:03:
                    a3:b8:dd:78:a7:12:ca:fa:48:35:a2:93:ab:76:da:
                    17:57:4d:e0:20:0a:08:2a:9a:5f:3b:ef:a7:27:8d:
                    94:29:ee:87:c7:19:fd:12:50:ca:c1:65:3a:93:f4:
                    9d:9b:a9:83:a4:c0:92:b5:b2:2d:5f:c6:64:99:f0:
                    23:a0:e9:5b:5a:96:fd:a4:4a:1b:a4:b8:5e:b7:9c:
                    c5:54:d5:b6:d3:77:59:20:36:b2:71:16:b1:e6:c5:
                    0d:eb:f6:82:29:7e:39:da:24:2a:ca:95:59:6f:2d:
                    89:06:32:00:ef:05:09:a2:23:70:e8:19:52:9e:89:
                    1f:ba:f1:0c:dc:fb:95:52:0a:87:5f:f8:7e:5a:7e:
                    4d:ab:a8:fb:18:d0:71:3b:8e:97:55:52:0f:bc:f1:
                    e4:7b:de:a5:2f:f8:c4:79:2b:a8:40:0d:12:b1:1a:
                    41:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:D4:A2:9B:49:C5:04:E3:6F:21:0F:53:69:7F:88:26:CE:3E:02:A1
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:03:93:1a:d6:95:06:23:f3:56:f3:41:3a:9f:a9:44:c2:0f:
         1c:8f:aa:ed:84:05:55:b6:4f:74:1a:2c:63:ba:86:47:2e:42:
         b1:87:05:01:e4:17:fd:78:e2:72:4b:71:5c:8e:75:4e:ef:d3:
         79:63:b2:26:59:4f:68:e2:ff:a6:91:72:92:ce:5a:d8:35:d8:
         48:f8:28:26:e4:50:7a:83:32:5e:6f:bc:b6:0e:dd:02:45:fd:
         f5:bf:eb:f3:ba:fa:85:3b:75:7f:47:d7:cb:42:e3:7a:54:5b:
         eb:d2:41:b2:69:59:9a:79:b4:a4:08:55:34:7c:f2:9c:8d:f5:
         75:84:26:a9:f0:c7:75:88:a0:2d:f6:4d:5f:a4:60:1d:99:e4:
         60:2e:6a:57:67:17:ca:69:79:cc:94:08:53:e6:a8:00:f2:34:
         c3:0c:2f:76:08:2a:96:79:9e:ce:f6:6f:21:c1:67:9d:74:93:
         6f:68:f8:c1:8e:8c:bb:02:1b:85:63:89:ef:ad:6f:b3:6a:ac:
         fa:29:f6:0a:d1:61:c0:4b:f2:ab:ca:50:46:61:b4:61:51:b8:
         85:a4:25:d3:ae:33:bc:9a:8f:bd:29:19:7e:73:5a:1c:af:11:
         5a:18:9f:91:de:2b:e8:e8:68:a5:70:e5:9e:05:00:77:75:2a:
         6c:b3:1c:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpWCQZ6lMt4R5ZRa3WKXXWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUxMTA1MjIwMDIzWhcNMjUxMTA2MjIwMDIzWjAzMTEwLwYDVQQD
EyhkNmQ0YTI5YjQ5YzUwNGUzNmYyMTBmNTM2OTdmODgyNmNlM2UwMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rNVL7m9G1giquBcwF2SXWq67BwR
MOFNNqeY2HwS2V6q90A7Ig9MOxCgrt+e1Tg1VoL0vSbvYqiwuQVW5R367FDmMF5d
BjmWX64Ov8iXaXcErnrcf10vrQOjuN14pxLK+kg1opOrdtoXV03gIAoIKppfO++n
J42UKe6Hxxn9ElDKwWU6k/Sdm6mDpMCStbItX8ZkmfAjoOlbWpb9pEobpLhet5zF
VNW203dZIDaycRax5sUN6/aCKX452iQqypVZby2JBjIA7wUJoiNw6BlSnokfuvEM
3PuVUgqHX/h+Wn5Nq6j7GNBxO46XVVIPvPHke96lL/jEeSuoQA0SsRpBuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbUoptJxQTjbyEPU2l/iCbOPgKhMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMwOTGtaV
BiPzVvNBOp+pRMIPHI+q7YQFVbZPdBosY7qGRy5CsYcFAeQX/XjicktxXI51Tu/T
eWOyJllPaOL/ppFyks5a2DXYSPgoJuRQeoMyXm+8tg7dAkX99b/r87r6hTt1f0fX
y0LjelRb69JBsmlZmnm0pAhVNHzynI31dYQmqfDHdYigLfZNX6RgHZnkYC5qV2cX
yml5zJQIU+aoAPI0wwwvdggqlnmezvZvIcFnnXSTb2j4wY6MuwIbhWOJ761vs2qs
+in2CtFhwEvyq8pQRmG0YVG4haQl064zvJqPvSkZfnNaHK8RWhifkd4r6OhopXDl
ngUAd3UqbLMcFg==
-----END CERTIFICATE-----