Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
File:                     HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json)
Hash identifier:          o5QHYrTV/uQDuENxjrYYF1bWGEES1IcCStmCGLhYyJI=
Subject key identifier:   E7:99:BF:EA:2C:A2:1F:BF:8D:C5:64:B7:2C:18:B2:EA:14:6F:A3:E9
Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A
Certificate issuer:       /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
Certificate serial:       01976C9896FFEE96D9552A178AF45CC3D281
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
Manifest number:          0BFE
Signing time:             Sat 14 Jun 2025 04:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:28 +0000
Files and hashes:         1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: 2CQxtYiYzpDYpiDqkzxupMPwJ+EFgJ4SaPRgfyFAJQo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:96:ff:ee:96:d9:55:2a:17:8a:f4:5c:c3:d2:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a
        Validity
            Not Before: Jun 14 04:00:28 2025 GMT
            Not After : Jun 15 04:00:28 2025 GMT
        Subject: CN=e799bfea2ca21fbf8dc564b72c18b2ea146fa3e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0c:fe:41:aa:27:d4:fe:27:53:da:c0:2e:b2:
                    8d:22:97:fb:8e:39:1f:22:63:8b:fa:af:5a:33:13:
                    80:5a:71:ee:08:10:d5:1b:91:6a:d0:49:5d:52:96:
                    fe:4f:fd:8d:cd:b3:e4:49:7f:00:79:f1:8b:c2:11:
                    87:04:51:20:bd:b6:de:e2:85:1d:4c:ea:ff:82:48:
                    e1:40:68:e9:61:bb:24:06:0f:f9:a2:7c:ef:49:ae:
                    d6:40:1f:82:ee:cc:d2:06:f5:d7:10:25:7e:a2:4e:
                    8f:68:69:22:30:7f:af:b6:65:ba:ca:cb:53:b6:c6:
                    d9:37:89:99:18:5f:e1:44:82:2e:df:61:97:60:10:
                    17:b4:35:93:e3:7b:0c:62:bb:c4:c5:b3:8d:5e:2e:
                    f2:65:b8:e7:ce:cc:a6:d5:65:e4:56:88:38:77:07:
                    29:d9:c9:ce:ca:20:23:e4:b6:6a:0a:45:33:aa:07:
                    fd:cf:54:ca:ff:c2:c8:96:ad:93:cb:cc:89:d1:2c:
                    48:3c:97:55:d9:1c:68:fd:41:df:e2:3b:c0:e5:28:
                    c8:5b:e2:e9:42:11:c9:9e:51:28:1c:ef:bc:9b:fa:
                    41:2f:5a:e9:f4:ad:5c:0c:56:d3:56:b7:b9:bf:65:
                    fc:10:1f:a7:dc:6a:c6:f4:40:ac:53:f3:2e:47:d7:
                    45:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:99:BF:EA:2C:A2:1F:BF:8D:C5:64:B7:2C:18:B2:EA:14:6F:A3:E9
            X509v3 Authority Key Identifier:
                keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:ed:ec:1f:43:e6:c9:7c:f3:b1:72:83:3d:75:bc:86:b1:99:
         a0:ca:23:49:cc:8c:63:50:de:49:0b:c5:92:57:41:65:b6:47:
         17:96:86:18:d0:25:f6:78:60:af:a8:82:28:86:ba:9a:dc:30:
         d2:b0:ab:f3:98:1d:54:99:90:32:a5:f2:34:14:c4:78:ae:45:
         e4:3c:99:2e:6b:04:8c:16:b9:8d:1c:3e:80:9c:1c:b8:ce:a0:
         b1:1b:33:48:3b:ce:32:32:af:cd:33:ff:63:89:2a:f3:be:5b:
         15:d7:b8:0b:34:79:6a:de:7d:e2:65:9d:39:ef:49:e8:04:20:
         72:fc:e1:c7:10:aa:4c:8d:a3:bc:bf:cc:cb:30:26:f7:00:a7:
         d6:ef:b9:ae:7f:0e:93:0e:eb:0e:4b:03:50:71:b4:03:a0:68:
         8d:86:8f:c7:c6:df:86:5d:be:63:04:d1:9f:ba:82:63:e3:4c:
         17:28:11:03:ec:9c:b5:33:60:37:89:b6:e0:64:19:07:d5:52:
         e2:21:f6:09:cd:18:c5:56:1f:f7:67:06:90:5f:53:36:8a:da:
         80:db:bb:99:0a:8b:8b:73:2f:98:7d:cb:95:f2:c0:29:85:e6:
         8d:13:f8:f0:4d:88:cb:fb:93:8d:40:f0:b5:b6:14:e4:a0:8d:
         08:84:b1:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmJb/7pbZVSoXivRcw9KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3
MjgyOWEwHhcNMjUwNjE0MDQwMDI4WhcNMjUwNjE1MDQwMDI4WjAzMTEwLwYDVQQD
EyhlNzk5YmZlYTJjYTIxZmJmOGRjNTY0YjcyYzE4YjJlYTE0NmZhM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgz+Qaon1P4nU9rALrKNIpf7jjkf
ImOL+q9aMxOAWnHuCBDVG5Fq0EldUpb+T/2NzbPkSX8AefGLwhGHBFEgvbbe4oUd
TOr/gkjhQGjpYbskBg/5onzvSa7WQB+C7szSBvXXECV+ok6PaGkiMH+vtmW6ystT
tsbZN4mZGF/hRIIu32GXYBAXtDWT43sMYrvExbONXi7yZbjnzsym1WXkVog4dwcp
2cnOyiAj5LZqCkUzqgf9z1TK/8LIlq2Ty8yJ0SxIPJdV2Rxo/UHf4jvA5SjIW+Lp
QhHJnlEoHO+8m/pBL1rp9K1cDFbTVre5v2X8EB+n3GrG9ECsU/MuR9dFQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOeZv+osoh+/jcVktywYsuoUb6PpMB8GA1UdIwQY
MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt
NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0
LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqu3sH0Pm
yXzzsXKDPXW8hrGZoMojScyMY1DeSQvFkldBZbZHF5aGGNAl9nhgr6iCKIa6mtww
0rCr85gdVJmQMqXyNBTEeK5F5DyZLmsEjBa5jRw+gJwcuM6gsRszSDvOMjKvzTP/
Y4kq875bFde4CzR5at594mWdOe9J6AQgcvzhxxCqTI2jvL/MyzAm9wCn1u+5rn8O
kw7rDksDUHG0A6BojYaPx8bfhl2+YwTRn7qCY+NMFygRA+yctTNgN4m24GQZB9VS
4iH2Cc0YxVYf92cGkF9TNoragNu7mQqLi3MvmH3LlfLAKYXmjRP48E2Iy/uTjUDw
tbYU5KCNCISxJQ==
-----END CERTIFICATE-----