Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          eOUzjHvEbEH4zmgslSAogzCcQBRZWjBC5XrzndEetqw=
Subject key identifier:   A5:8A:1C:F7:6D:ED:B3:F9:5F:69:15:4D:3C:5C:33:B1:C5:2B:54:E0
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       0198733DBFDC31C94B9A51D8094A6BEF045E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0C86
Signing time:             Mon 04 Aug 2025 04:01:23 +0000
Manifest this update:     Mon 04 Aug 2025 04:01:23 +0000
Manifest next update:     Tue 05 Aug 2025 04:01:23 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: 7FGy752KJW2hx7mxgvPDGW/OQQRPhTv/RELYhcTACJA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:bf:dc:31:c9:4b:9a:51:d8:09:4a:6b:ef:04:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Aug  4 04:01:23 2025 GMT
            Not After : Aug  5 04:01:23 2025 GMT
        Subject: CN=a58a1cf76dedb3f95f69154d3c5c33b1c52b54e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:0d:72:81:64:56:00:f9:78:9d:55:05:b4:75:
                    b9:61:54:bb:88:27:3b:61:eb:39:c7:e9:69:cc:b2:
                    0e:49:a1:46:67:9c:e3:c0:8d:32:64:68:90:72:3b:
                    98:f7:c9:af:d4:cc:f2:03:e4:8f:24:94:58:0b:25:
                    0d:c8:34:5a:4b:cb:f4:96:8e:20:fd:fc:79:b6:d1:
                    bb:a7:e6:59:93:81:98:a1:b7:a7:73:1f:d6:55:90:
                    bd:45:05:59:22:83:ab:8a:3d:40:22:0a:92:67:14:
                    e3:8b:6e:93:e3:b5:20:a0:bd:a7:28:fb:02:f2:13:
                    c9:a5:29:34:f1:3b:53:f1:20:03:a3:1f:a2:9b:e6:
                    9b:91:fa:72:bd:0e:e5:17:94:a9:b0:21:fa:5a:ec:
                    f0:cb:a7:57:f1:94:64:16:d3:02:7e:a3:65:59:2f:
                    3a:1d:bd:16:94:40:13:83:5a:cf:db:2a:3c:14:52:
                    77:d6:07:a2:66:88:ee:f0:6e:e6:43:11:fd:f9:d4:
                    53:f6:ec:c4:b2:57:95:c2:00:77:b4:6e:77:d5:96:
                    08:fc:3b:89:fe:ec:02:ae:e3:a9:45:1d:6e:04:39:
                    3d:73:2f:c2:41:f1:22:b4:2d:a7:02:38:01:8a:8a:
                    6f:4f:8c:76:aa:40:a0:b8:a6:8d:53:72:3e:60:f9:
                    2e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:8A:1C:F7:6D:ED:B3:F9:5F:69:15:4D:3C:5C:33:B1:C5:2B:54:E0
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:84:1c:17:8a:0a:70:fd:94:4b:e4:c1:6d:31:82:55:90:c3:
         95:f7:22:6e:77:f8:dd:43:85:67:ea:60:9c:24:1e:18:98:be:
         fb:c4:06:c8:6d:e3:33:63:a6:60:d7:f2:35:f3:22:21:94:8f:
         3c:fd:86:cd:2b:49:58:65:86:4f:0f:cd:9c:c3:c8:4e:84:72:
         9a:3e:00:c6:65:62:f0:5f:48:f3:85:91:19:17:ba:6c:b0:6b:
         f3:ce:f1:49:ed:6b:0f:0c:51:ee:94:91:3b:b7:ed:0e:2d:85:
         42:a4:1f:34:fd:20:3b:2a:96:9b:df:a1:52:da:7e:05:76:e8:
         a6:17:d7:d4:3c:b6:b4:46:8a:8f:3d:41:ce:76:49:87:31:98:
         eb:c8:fc:8a:f2:dd:3c:13:2a:b5:6a:7a:6a:d1:1d:66:1e:54:
         96:59:2f:da:e9:ce:5f:32:3f:98:e7:82:c3:09:3f:4f:76:fb:
         d7:46:02:0a:4c:3b:92:fc:af:ff:04:1a:d7:9e:e8:78:d9:4c:
         28:a3:76:a6:91:c2:a4:2d:9f:8f:26:4f:68:54:35:28:14:68:
         d4:88:46:fa:30:f2:b9:af:60:7e:f0:6c:66:5b:13:c1:5b:7d:
         42:56:4c:09:82:ac:5b:67:14:6c:cb:84:96:4b:40:c3:f0:3e:
         8e:7e:60:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPb/cMclLmlHYCUpr7wReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUwODA0MDQwMTIzWhcNMjUwODA1MDQwMTIzWjAzMTEwLwYDVQQD
EyhhNThhMWNmNzZkZWRiM2Y5NWY2OTE1NGQzYzVjMzNiMWM1MmI1NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg1ygWRWAPl4nVUFtHW5YVS7iCc7
Yes5x+lpzLIOSaFGZ5zjwI0yZGiQcjuY98mv1MzyA+SPJJRYCyUNyDRaS8v0lo4g
/fx5ttG7p+ZZk4GYobencx/WVZC9RQVZIoOrij1AIgqSZxTji26T47UgoL2nKPsC
8hPJpSk08TtT8SADox+im+abkfpyvQ7lF5SpsCH6Wuzwy6dX8ZRkFtMCfqNlWS86
Hb0WlEATg1rP2yo8FFJ31geiZoju8G7mQxH9+dRT9uzEsleVwgB3tG531ZYI/DuJ
/uwCruOpRR1uBDk9cy/CQfEitC2nAjgBiopvT4x2qkCguKaNU3I+YPkuJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWKHPdt7bP5X2kVTTxcM7HFK1TgMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr4QcF4oK
cP2US+TBbTGCVZDDlfcibnf43UOFZ+pgnCQeGJi++8QGyG3jM2OmYNfyNfMiIZSP
PP2GzStJWGWGTw/NnMPIToRymj4AxmVi8F9I84WRGRe6bLBr887xSe1rDwxR7pSR
O7ftDi2FQqQfNP0gOyqWm9+hUtp+BXbophfX1Dy2tEaKjz1BznZJhzGY68j8ivLd
PBMqtWp6atEdZh5Ullkv2unOXzI/mOeCwwk/T3b710YCCkw7kvyv/wQa157oeNlM
KKN2ppHCpC2fjyZPaFQ1KBRo1IhG+jDyua9gfvBsZlsTwVt9QlZMCYKsW2cUbMuE
lktAw/A+jn5glQ==
-----END CERTIFICATE-----