Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          y5F0MgNA/esGbEn893asUaHmGp5CoKc+EES4v2vmTNc=
Subject key identifier:   E3:D3:A5:48:A2:51:81:5F:66:86:6D:2F:6B:D7:A5:59:5E:31:FD:56
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       019D984FF93C473C1A714F2DD788B34BD8B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0F30
Signing time:             Thu 16 Apr 2026 22:01:11 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:11 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:11 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: zGKZD8+I4RZS2arR94ErXhCLU16jU3ajlVyo2l4wLCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:f9:3c:47:3c:1a:71:4f:2d:d7:88:b3:4b:d8:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Apr 16 22:01:11 2026 GMT
            Not After : Apr 17 22:01:11 2026 GMT
        Subject: CN=e3d3a548a251815f66866d2f6bd7a5595e31fd56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:2d:80:f1:9b:72:87:08:ea:ad:35:5d:1d:dc:
                    29:0f:cd:d1:9d:57:33:41:56:66:f8:0a:8c:b0:31:
                    de:9c:52:ee:c4:a1:6f:b1:3a:68:74:49:dd:63:84:
                    f3:9e:ec:05:df:77:6d:e1:9e:6e:1d:a2:7c:09:8d:
                    ce:68:24:d1:aa:59:37:24:22:70:3e:cd:c4:a7:c9:
                    71:cb:cb:55:76:f8:9c:86:84:fb:08:55:fa:39:5e:
                    5a:35:bb:0c:cb:66:05:5e:fc:fd:37:a5:56:65:f4:
                    3e:86:83:51:de:d9:ac:67:04:b7:34:dc:c6:58:27:
                    f9:74:b0:64:45:f9:a7:72:fb:15:99:d0:b4:68:28:
                    dd:60:3b:51:8f:dc:d4:57:99:e3:bf:d4:d2:05:e1:
                    68:ba:74:62:cf:0b:58:e9:d9:ec:d5:8d:70:1c:9d:
                    39:87:3e:32:39:65:51:63:26:75:c6:21:f0:d5:9a:
                    4a:7c:45:e2:de:89:dc:f8:10:89:ad:29:aa:ca:9d:
                    a8:56:e2:16:57:ee:5a:b4:80:70:0b:31:0d:b3:69:
                    45:98:bf:f4:b2:41:7f:7f:6d:b5:8d:d6:88:40:c3:
                    b9:af:17:73:0f:6c:a7:a5:f3:88:87:27:53:e1:82:
                    7c:d0:d0:3f:a7:a3:91:03:06:6f:8a:a4:7a:86:f9:
                    12:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:D3:A5:48:A2:51:81:5F:66:86:6D:2F:6B:D7:A5:59:5E:31:FD:56
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:1c:51:66:35:8b:9c:07:05:76:a5:dc:93:92:45:6b:c9:92:
         96:2a:8c:12:1b:54:53:46:25:28:fd:3d:00:79:b0:cd:19:50:
         05:75:0f:ca:ea:7d:30:86:eb:9a:33:a9:ea:f3:1a:23:65:95:
         e1:34:39:56:31:ad:72:a0:69:d7:84:66:e0:97:5c:a3:81:6e:
         7d:84:df:98:2b:fd:b2:8b:73:65:02:23:90:86:da:8f:54:6e:
         65:78:6a:65:07:70:10:32:9a:31:1e:2c:c5:bc:1e:1e:47:23:
         2a:a3:66:d0:c4:60:93:6d:91:4b:94:46:03:c4:26:e8:6f:1c:
         df:31:52:f9:5d:8c:1e:34:4e:a5:3b:ba:76:9e:99:2b:33:94:
         fb:9f:5c:9a:96:80:aa:47:f4:69:a0:d4:b5:95:7f:13:0a:da:
         40:54:09:09:24:5d:63:f6:65:ce:5b:d6:ca:72:78:63:81:29:
         1c:4b:76:52:95:44:1a:0b:3a:3a:b5:65:86:80:84:6c:82:1d:
         18:f8:ea:81:1f:a4:2c:23:ab:83:53:bf:d8:39:04:ee:4c:ee:
         91:20:df:f3:8a:b4:c7:fe:b2:31:60:d3:2d:2a:39:9e:ed:76:
         28:ff:e5:80:45:dc:74:38:1e:d9:c2:de:2c:cd:bf:c1:82:56:
         0e:70:67:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT/k8RzwacU8t14izS9i2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjYwNDE2MjIwMTExWhcNMjYwNDE3MjIwMTExWjAzMTEwLwYDVQQD
EyhlM2QzYTU0OGEyNTE4MTVmNjY4NjZkMmY2YmQ3YTU1OTVlMzFmZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC2A8ZtyhwjqrTVdHdwpD83RnVcz
QVZm+AqMsDHenFLuxKFvsTpodEndY4TznuwF33dt4Z5uHaJ8CY3OaCTRqlk3JCJw
Ps3Ep8lxy8tVdvichoT7CFX6OV5aNbsMy2YFXvz9N6VWZfQ+hoNR3tmsZwS3NNzG
WCf5dLBkRfmncvsVmdC0aCjdYDtRj9zUV5njv9TSBeFounRizwtY6dns1Y1wHJ05
hz4yOWVRYyZ1xiHw1ZpKfEXi3onc+BCJrSmqyp2oVuIWV+5atIBwCzENs2lFmL/0
skF/f221jdaIQMO5rxdzD2ynpfOIhydT4YJ80NA/p6ORAwZviqR6hvkSmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOPTpUiiUYFfZoZtL2vXpVleMf1WMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAhxRZjWL
nAcFdqXck5JFa8mSliqMEhtUU0YlKP09AHmwzRlQBXUPyup9MIbrmjOp6vMaI2WV
4TQ5VjGtcqBp14Rm4Jdco4FufYTfmCv9sotzZQIjkIbaj1RuZXhqZQdwEDKaMR4s
xbweHkcjKqNm0MRgk22RS5RGA8Qm6G8c3zFS+V2MHjROpTu6dp6ZKzOU+59cmpaA
qkf0aaDUtZV/EwraQFQJCSRdY/ZlzlvWynJ4Y4EpHEt2UpVEGgs6OrVlhoCEbIId
GPjqgR+kLCOrg1O/2DkE7kzukSDf84q0x/6yMWDTLSo5nu12KP/lgEXcdDge2cLe
LM2/wYJWDnBnlw==
-----END CERTIFICATE-----