Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          6InshVY516r50v+vtzb7l4whjev+CZVs88UL6h3T+ak=
Subject key identifier:   78:69:DA:76:BD:7C:A9:E4:13:1C:A2:34:C7:FE:A7:23:9A:98:E7:B3
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       019675678E860E5108ED5C5764A217DB5F13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0B7E
Signing time:             Sun 27 Apr 2025 04:00:43 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:43 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:43 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: udsYNPwRkJjcnU5iaMrLaPwvg4l+K88OmLbwFJqxLCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 04:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:8e:86:0e:51:08:ed:5c:57:64:a2:17:db:5f:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Apr 27 04:00:43 2025 GMT
            Not After : Apr 28 04:00:43 2025 GMT
        Subject: CN=7869da76bd7ca9e4131ca234c7fea7239a98e7b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ce:17:eb:ee:79:dd:69:0a:4a:22:ea:ce:96:
                    d4:50:23:02:b4:9a:0d:84:ec:42:8c:70:90:1e:6d:
                    77:2d:80:b4:3d:9d:43:50:b9:4b:1a:da:f8:7d:58:
                    29:48:c6:8d:cd:92:e3:00:b5:e1:5c:46:8e:fb:c3:
                    16:e3:84:46:73:0a:22:a6:8b:68:96:75:78:05:9f:
                    36:01:b3:46:1d:81:ad:11:5b:e9:16:d3:3f:68:34:
                    8f:3a:c0:65:b8:d1:a8:41:e1:09:06:c7:24:1c:63:
                    e7:a1:2d:d1:d2:4d:cb:bb:a2:74:e3:2a:94:d4:27:
                    24:77:ae:93:d7:2e:32:32:dd:f5:10:ea:7a:d2:63:
                    40:18:11:1b:10:a3:66:9f:db:cb:ca:db:22:b0:35:
                    1d:2c:13:4b:a9:c2:83:f0:8b:d9:ff:7c:88:7f:f4:
                    65:be:c8:02:9f:70:ff:b7:5d:2a:34:62:1e:d5:dc:
                    57:6d:18:b0:7c:7e:62:db:61:d1:e8:1e:d0:13:97:
                    53:4d:e8:ed:48:6e:b2:fb:d9:88:5e:6d:d0:fe:3f:
                    3e:c3:0b:92:31:95:b5:69:a1:12:e0:5e:68:d3:86:
                    2c:25:f4:46:4a:48:b5:d8:0a:9f:19:1f:ae:bf:bb:
                    6f:67:d8:98:cd:c6:92:c6:86:01:76:08:f8:d0:16:
                    e3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:69:DA:76:BD:7C:A9:E4:13:1C:A2:34:C7:FE:A7:23:9A:98:E7:B3
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:22:37:0e:ea:1d:da:1f:ab:92:17:e9:b8:d2:36:cb:35:85:
         d1:ac:b1:d9:81:46:18:9b:c6:99:73:44:7e:9d:6c:59:78:95:
         f4:c4:fe:ea:59:40:a7:1a:eb:16:a0:a9:0a:38:82:d6:6b:d3:
         e3:fd:08:84:fc:e8:61:21:d5:e0:f7:20:fd:53:45:fa:cf:7a:
         7b:df:5a:66:19:81:21:8c:f2:7a:0c:ae:29:83:3c:f5:ea:86:
         1d:5c:db:53:78:a4:4f:89:07:e9:57:53:ab:5b:5e:6d:bc:81:
         26:f7:ce:71:8e:72:1f:16:f5:ac:85:13:f7:64:f3:b2:1e:fb:
         ed:7d:c4:ee:36:95:56:9e:ed:49:61:22:7d:58:fa:5b:42:26:
         41:27:cb:fc:d6:b9:2c:a7:ac:83:ca:ea:ae:9d:63:77:f8:31:
         74:0e:c8:44:c9:ff:f1:da:c1:fe:43:18:80:c4:56:a2:b9:67:
         27:1e:4a:f5:3e:ad:b6:b9:bc:75:d1:a5:b1:c9:db:ed:cd:cb:
         84:a6:2f:61:54:a6:8c:ef:82:fa:3a:6f:e8:8b:a5:92:52:b1:
         1b:23:a1:a9:39:15:e8:d6:57:1e:cd:4f:02:57:a0:ee:66:08:
         64:e5:b6:12:cc:ad:f4:04:2f:87:66:be:2e:84:ec:86:30:31:
         71:c8:88:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z46GDlEI7VxXZKIX218TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUwNDI3MDQwMDQzWhcNMjUwNDI4MDQwMDQzWjAzMTEwLwYDVQQD
Eyg3ODY5ZGE3NmJkN2NhOWU0MTMxY2EyMzRjN2ZlYTcyMzlhOThlN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns4X6+553WkKSiLqzpbUUCMCtJoN
hOxCjHCQHm13LYC0PZ1DULlLGtr4fVgpSMaNzZLjALXhXEaO+8MW44RGcwoipoto
lnV4BZ82AbNGHYGtEVvpFtM/aDSPOsBluNGoQeEJBsckHGPnoS3R0k3Lu6J04yqU
1Cckd66T1y4yMt31EOp60mNAGBEbEKNmn9vLytsisDUdLBNLqcKD8IvZ/3yIf/Rl
vsgCn3D/t10qNGIe1dxXbRiwfH5i22HR6B7QE5dTTejtSG6y+9mIXm3Q/j8+wwuS
MZW1aaES4F5o04YsJfRGSki12AqfGR+uv7tvZ9iYzcaSxoYBdgj40BbjZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhp2na9fKnkExyiNMf+pyOamOezMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHyI3Duod
2h+rkhfpuNI2yzWF0ayx2YFGGJvGmXNEfp1sWXiV9MT+6llApxrrFqCpCjiC1mvT
4/0IhPzoYSHV4Pcg/VNF+s96e99aZhmBIYzyegyuKYM89eqGHVzbU3ikT4kH6VdT
q1tebbyBJvfOcY5yHxb1rIUT92Tzsh777X3E7jaVVp7tSWEifVj6W0ImQSfL/Na5
LKesg8rqrp1jd/gxdA7IRMn/8drB/kMYgMRWorlnJx5K9T6ttrm8ddGlscnb7c3L
hKYvYVSmjO+C+jpv6IulklKxGyOhqTkV6NZXHs1PAleg7mYIZOW2Esyt9AQvh2a+
LoTshjAxcciINA==
-----END CERTIFICATE-----