Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          FKgEtRMFRFjTOb6NWb7r1faAr2YJmspivbRUP+oZRSI=
Subject key identifier:   5C:8C:F1:B1:E3:37:BA:02:D4:2E:87:4A:00:64:5A:1E:19:6F:5C:3A
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       019873E1CE5882F4902D79686E6F4922699B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          11E4
Signing time:             Mon 04 Aug 2025 07:00:34 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:34 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:34 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: OrtN4CQJu1fZJUG0XzOjh3KhVIFsrZSKouoJx+mFVko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:ce:58:82:f4:90:2d:79:68:6e:6f:49:22:69:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Aug  4 07:00:34 2025 GMT
            Not After : Aug  5 07:00:34 2025 GMT
        Subject: CN=5c8cf1b1e337ba02d42e874a00645a1e196f5c3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:5f:4f:71:cf:af:f7:70:31:e0:1d:2c:05:fb:
                    2a:39:ec:10:a4:ca:22:53:5e:02:bc:81:90:46:c9:
                    e0:ae:99:21:ef:2c:f3:02:85:d8:7e:d3:4c:f0:6c:
                    d2:12:2c:3d:44:6a:57:6c:d5:50:45:80:dc:fc:11:
                    13:49:82:9f:d3:ff:76:fe:34:00:25:1a:e3:06:0a:
                    c1:cc:a6:c4:99:a6:f2:bf:fc:7b:e1:19:3b:8e:53:
                    00:3c:fd:5e:d1:2f:91:f5:dd:8e:9f:d7:85:96:c3:
                    a8:00:a2:f7:4d:58:99:c1:bc:24:cb:a9:a0:91:52:
                    49:72:34:24:e4:dd:54:88:50:8f:9a:78:cb:90:b6:
                    1f:4c:be:ba:b1:a5:31:d6:98:52:83:29:05:cc:fe:
                    d0:f3:77:ce:04:fb:b1:0c:e0:ca:da:65:1a:b3:a6:
                    a5:1d:d5:4f:01:1d:8a:96:9e:c7:8c:2e:a8:9c:83:
                    1c:e1:f5:6e:15:83:9a:07:8a:48:b7:7e:45:2c:34:
                    f1:c7:bf:3a:5c:1a:69:d9:bf:05:ef:7d:47:0f:d5:
                    f7:e0:3c:f8:9c:84:3c:ef:8a:ca:70:9e:40:79:43:
                    59:a5:16:e5:57:71:da:74:5e:ae:e8:f5:d5:85:4d:
                    0b:cc:1c:64:a5:eb:25:8e:ac:a3:fe:12:d5:6b:ab:
                    35:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:8C:F1:B1:E3:37:BA:02:D4:2E:87:4A:00:64:5A:1E:19:6F:5C:3A
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:03:b2:66:d5:61:1d:88:67:c1:c1:82:a1:55:e7:ec:33:38:
         7d:4f:2a:10:54:49:ee:c4:67:73:1c:01:5a:e1:5d:2d:1f:a3:
         20:dd:15:3b:3a:b5:91:14:47:02:72:f6:a6:7b:72:51:9f:b0:
         df:95:f6:85:04:ef:8e:86:30:96:59:77:ed:71:e2:9a:9f:16:
         ef:51:9a:b0:c2:e7:8d:66:c3:7a:59:ae:44:af:7f:5d:13:5a:
         d8:47:64:57:be:9a:54:b5:e3:30:08:b1:b9:d2:0c:d9:84:77:
         c9:37:72:43:46:06:46:b1:65:45:52:68:cc:1d:11:af:7a:c3:
         e3:f2:6e:39:c3:98:0a:99:71:f4:93:86:f4:e8:d8:13:1d:87:
         40:5c:4d:c2:36:55:f1:6f:1c:7d:82:0b:5f:71:8b:6d:4a:58:
         56:80:05:01:e7:12:38:bf:c7:28:8f:e0:41:ae:f3:2f:7c:cd:
         ab:e8:50:86:a1:8d:f1:d8:75:b8:2c:4e:30:cb:cf:e9:ab:8c:
         b6:1b:70:1e:ed:ee:b2:17:70:17:be:0e:e4:53:f7:90:2d:91:
         d7:c0:db:d7:98:46:2e:30:50:71:f8:93:ce:3a:ab:03:dc:e4:
         93:2c:cb:35:f8:bb:38:e9:b5:aa:0f:22:de:9e:c1:0e:6c:6c:
         26:e8:65:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4c5YgvSQLXlobm9JImmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjUwODA0MDcwMDM0WhcNMjUwODA1MDcwMDM0WjAzMTEwLwYDVQQD
Eyg1YzhjZjFiMWUzMzdiYTAyZDQyZTg3NGEwMDY0NWExZTE5NmY1YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4F9Pcc+v93Ax4B0sBfsqOewQpMoi
U14CvIGQRsngrpkh7yzzAoXYftNM8GzSEiw9RGpXbNVQRYDc/BETSYKf0/92/jQA
JRrjBgrBzKbEmabyv/x74Rk7jlMAPP1e0S+R9d2On9eFlsOoAKL3TViZwbwky6mg
kVJJcjQk5N1UiFCPmnjLkLYfTL66saUx1phSgykFzP7Q83fOBPuxDODK2mUas6al
HdVPAR2Klp7HjC6onIMc4fVuFYOaB4pIt35FLDTxx786XBpp2b8F731HD9X34Dz4
nIQ874rKcJ5AeUNZpRblV3HadF6u6PXVhU0LzBxkpesljqyj/hLVa6s1mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyM8bHjN7oC1C6HSgBkWh4Zb1w6MB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQOyZtVh
HYhnwcGCoVXn7DM4fU8qEFRJ7sRncxwBWuFdLR+jIN0VOzq1kRRHAnL2pntyUZ+w
35X2hQTvjoYwlll37XHimp8W71GasMLnjWbDelmuRK9/XRNa2EdkV76aVLXjMAix
udIM2YR3yTdyQ0YGRrFlRVJozB0Rr3rD4/JuOcOYCplx9JOG9OjYEx2HQFxNwjZV
8W8cfYILX3GLbUpYVoAFAecSOL/HKI/gQa7zL3zNq+hQhqGN8dh1uCxOMMvP6auM
thtwHu3ushdwF74O5FP3kC2R18Db15hGLjBQcfiTzjqrA9zkkyzLNfi7OOm1qg8i
3p7BDmxsJuhlHA==
-----END CERTIFICATE-----