Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          0k9H6TurueqdYKv95U/93TnJVnncoQC4Wdbb0QTm1ls=
Subject key identifier:   2C:63:CF:CC:57:C5:CB:C8:02:63:3A:1D:92:AF:E2:69:0E:4E:ED:E3
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       019D28F228FE216B227973283D6702637742
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          1281
Signing time:             Thu 26 Mar 2026 07:00:51 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:51 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:51 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: A7gV4YhtGClkuFxqbNVkU31zIGcUJqmovIvCKXt+ZcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:28:fe:21:6b:22:79:73:28:3d:67:02:63:77:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Mar 26 07:00:51 2026 GMT
            Not After : Mar 27 07:00:51 2026 GMT
        Subject: CN=2c63cfcc57c5cbc802633a1d92afe2690e4eede3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f8:b4:f9:b5:cb:5a:e5:32:31:c2:59:89:43:
                    93:17:10:4f:d5:28:ff:3f:ee:c4:61:54:c8:2a:0c:
                    97:36:d1:5f:f3:ce:0f:61:3a:d9:c4:73:dc:39:9b:
                    a8:b9:c2:95:22:e2:de:0b:02:17:79:fa:1d:11:28:
                    b5:a3:20:5d:8b:ec:1c:b6:93:78:8c:ef:90:45:fb:
                    42:91:56:67:83:ef:56:87:a8:b8:97:88:48:91:22:
                    1d:c3:59:d4:d8:15:e5:48:f1:2c:41:5c:98:98:73:
                    f1:b2:bf:ac:6b:ce:c8:f6:15:17:cf:50:3a:e3:f1:
                    46:4a:1f:9d:70:91:7e:a0:2c:75:83:17:13:bd:d4:
                    0e:a4:25:82:e6:fd:ba:15:19:9e:7b:b1:e7:e0:62:
                    19:0a:2c:4a:74:49:3e:5f:8b:1c:7b:28:94:90:85:
                    12:1b:4c:a0:ee:28:27:73:de:ba:55:d0:c1:41:30:
                    d0:e7:ea:25:0b:7d:56:c8:e9:ab:5b:5f:32:79:24:
                    ab:a5:69:2a:4b:ab:93:2f:9c:c0:27:a2:92:8b:34:
                    10:26:e5:a7:66:d4:44:55:5f:df:dc:de:ab:fd:fd:
                    22:a4:81:73:b6:51:67:9c:39:01:d8:d8:6c:2d:0e:
                    86:96:fd:ca:c2:71:59:3a:20:74:7f:db:06:b3:4a:
                    56:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:63:CF:CC:57:C5:CB:C8:02:63:3A:1D:92:AF:E2:69:0E:4E:ED:E3
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:37:12:0b:26:5c:e2:4a:e7:e9:75:b5:16:8d:a0:e6:f6:8f:
         c8:b3:42:f7:8e:31:64:10:f6:5a:57:fc:b3:e9:65:d6:93:73:
         34:89:c2:ee:f2:f1:49:4d:9e:05:06:3e:ef:a7:04:8f:25:20:
         14:88:f1:a7:9a:e2:12:35:5a:bd:9d:22:35:e9:b7:bd:b2:d9:
         29:50:83:8c:bb:73:27:bf:1b:b3:bb:bf:ff:48:8c:d3:3b:46:
         4d:51:b4:a3:a7:6c:a7:93:90:e2:de:e8:75:c7:b2:23:d3:df:
         c3:11:31:f0:20:ee:43:01:e2:87:27:bc:14:f0:66:2e:19:b2:
         4f:40:4a:8f:66:b0:95:a1:3a:45:e6:f3:9d:d0:db:f9:48:f1:
         8c:20:f8:94:51:de:d4:4c:f9:95:a1:f2:99:0d:31:92:68:16:
         c7:0b:c2:be:44:65:a7:d1:ca:c5:70:2b:bf:57:1f:ad:38:60:
         27:0b:14:a0:ce:e5:a6:cc:24:e2:92:61:ca:06:ff:94:b3:4d:
         07:f9:62:16:1f:fa:09:c8:0a:11:f0:06:98:fe:de:95:64:f5:
         77:bb:cc:bb:6c:3f:0e:18:cb:14:76:d1:31:5e:b4:63:ee:85:
         76:c0:9a:5b:61:67:6d:f8:0f:25:86:35:af:08:0c:2b:ca:e1:
         79:7b:cd:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8ij+IWsieXMoPWcCY3dCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjYwMzI2MDcwMDUxWhcNMjYwMzI3MDcwMDUxWjAzMTEwLwYDVQQD
EygyYzYzY2ZjYzU3YzVjYmM4MDI2MzNhMWQ5MmFmZTI2OTBlNGVlZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvi0+bXLWuUyMcJZiUOTFxBP1Sj/
P+7EYVTIKgyXNtFf884PYTrZxHPcOZuoucKVIuLeCwIXefodESi1oyBdi+wctpN4
jO+QRftCkVZng+9Wh6i4l4hIkSIdw1nU2BXlSPEsQVyYmHPxsr+sa87I9hUXz1A6
4/FGSh+dcJF+oCx1gxcTvdQOpCWC5v26FRmee7Hn4GIZCixKdEk+X4sceyiUkIUS
G0yg7ignc966VdDBQTDQ5+olC31WyOmrW18yeSSrpWkqS6uTL5zAJ6KSizQQJuWn
ZtREVV/f3N6r/f0ipIFztlFnnDkB2NhsLQ6Glv3KwnFZOiB0f9sGs0pWQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxjz8xXxcvIAmM6HZKv4mkOTu3jMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqTcSCyZc
4krn6XW1Fo2g5vaPyLNC944xZBD2Wlf8s+ll1pNzNInC7vLxSU2eBQY+76cEjyUg
FIjxp5riEjVavZ0iNem3vbLZKVCDjLtzJ78bs7u//0iM0ztGTVG0o6dsp5OQ4t7o
dceyI9PfwxEx8CDuQwHihye8FPBmLhmyT0BKj2awlaE6RebzndDb+UjxjCD4lFHe
1Ez5laHymQ0xkmgWxwvCvkRlp9HKxXArv1cfrThgJwsUoM7lpswk4pJhygb/lLNN
B/liFh/6CcgKEfAGmP7elWT1d7vMu2w/DhjLFHbRMV60Y+6FdsCaW2FnbfgPJYY1
rwgMK8rheXvN9A==
-----END CERTIFICATE-----