Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          n2xZPjbVQKFo27gsE8i3HKBo7r3xFgwHJRfFr+YYcy8=
Subject key identifier:   B7:27:FB:B7:B1:FE:67:B7:9D:81:D1:04:42:DF:B1:1A:F9:19:4A:58
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       0196BD80771BC2B90AEAB797DBB73DAEE1DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          0F2E
Signing time:             Sun 11 May 2025 04:00:34 +0000
Manifest this update:     Sun 11 May 2025 04:00:34 +0000
Manifest next update:     Mon 12 May 2025 04:00:34 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: kz36dHaeGX1F9K0uj4uZ7UJSucbVh8OiexCRYycDAug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:80:77:1b:c2:b9:0a:ea:b7:97:db:b7:3d:ae:e1:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: May 11 04:00:34 2025 GMT
            Not After : May 12 04:00:34 2025 GMT
        Subject: CN=b727fbb7b1fe67b79d81d10442dfb11af9194a58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f1:83:df:b9:83:16:33:62:05:b2:8e:f0:30:
                    d6:49:da:94:57:7e:03:90:89:84:94:33:2d:fe:d1:
                    a3:fe:09:c1:92:27:13:82:10:d2:4d:2b:af:97:25:
                    f3:d1:c2:20:24:41:d3:28:07:66:09:f0:ce:fe:b8:
                    c0:80:38:3c:a0:f8:1a:91:dd:fc:2f:27:3b:e0:b6:
                    0d:6b:24:32:93:e0:00:ee:51:6f:bb:4d:7e:a4:44:
                    2a:45:f7:e0:71:9c:24:fe:ff:6e:1d:29:69:db:4f:
                    de:01:c1:66:98:a0:ab:a7:97:45:6d:45:2d:9b:17:
                    4e:e4:09:3a:ac:07:e6:99:f0:45:fb:f3:cf:ac:ea:
                    fe:e0:a7:94:cd:2c:91:dc:c3:f5:02:d9:02:ba:38:
                    59:2a:2b:f9:0c:c7:c9:9d:69:87:21:69:57:d5:ac:
                    98:e3:03:b2:17:fe:2e:90:f2:b4:08:16:2e:87:34:
                    fa:ec:f4:a8:81:0c:bf:1a:f0:9e:b2:10:20:3a:5d:
                    11:7e:ac:e1:22:6b:32:d5:5b:44:c5:b0:03:6f:7e:
                    25:4a:24:75:95:23:a1:b6:cc:58:5e:6e:ce:c6:18:
                    30:25:a4:ea:66:53:f3:1c:4e:04:c0:ef:0e:e7:56:
                    95:a5:53:ad:68:63:56:1a:9f:2a:48:31:e6:77:6f:
                    a1:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:27:FB:B7:B1:FE:67:B7:9D:81:D1:04:42:DF:B1:1A:F9:19:4A:58
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:69:f3:82:7d:db:10:81:26:6b:80:83:01:36:5d:64:09:7d:
         0a:f9:47:a7:80:b4:6c:a5:23:a6:16:ce:d5:b6:86:af:c5:4a:
         df:07:20:8f:28:6c:46:26:f9:19:f2:26:79:7a:7b:81:21:8d:
         f8:19:86:7d:56:f0:db:fa:fd:a1:19:2a:fb:a4:1d:b3:06:ae:
         28:0a:9d:70:9c:1d:6a:7e:bb:5e:4c:45:58:34:62:b0:d3:23:
         0c:d8:01:25:7f:d7:13:0b:6f:c4:c5:a3:37:01:56:9f:a2:0e:
         ee:6e:d5:24:38:a7:2c:21:b4:cf:a8:a4:d7:30:20:8e:be:3b:
         89:bb:5b:b6:fe:90:f1:08:b1:5c:b3:05:ac:ed:01:d1:0f:8e:
         18:e7:b6:2d:aa:e2:ca:75:f6:49:e7:87:ba:24:8d:fb:f3:e5:
         8a:e7:17:c1:1e:ea:0a:18:29:cb:e2:85:45:5c:af:12:2c:9b:
         da:87:4b:ee:af:df:7b:be:08:60:30:e5:2c:8f:f3:ba:04:76:
         93:d6:02:40:1d:34:df:d2:c1:ba:a0:83:ad:72:6e:d0:61:1f:
         fd:fc:11:da:17:b6:88:21:c3:17:04:7d:60:82:50:1c:c4:b8:
         58:54:d9:04:5a:5a:2d:9c:20:66:dd:fa:90:9f:0c:3e:e0:a6:
         fa:3e:62:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gHcbwrkK6reX27c9ruHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwNTExMDQwMDM0WhcNMjUwNTEyMDQwMDM0WjAzMTEwLwYDVQQD
EyhiNzI3ZmJiN2IxZmU2N2I3OWQ4MWQxMDQ0MmRmYjExYWY5MTk0YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fGD37mDFjNiBbKO8DDWSdqUV34D
kImElDMt/tGj/gnBkicTghDSTSuvlyXz0cIgJEHTKAdmCfDO/rjAgDg8oPgakd38
Lyc74LYNayQyk+AA7lFvu01+pEQqRffgcZwk/v9uHSlp20/eAcFmmKCrp5dFbUUt
mxdO5Ak6rAfmmfBF+/PPrOr+4KeUzSyR3MP1AtkCujhZKiv5DMfJnWmHIWlX1ayY
4wOyF/4ukPK0CBYuhzT67PSogQy/GvCeshAgOl0RfqzhImsy1VtExbADb34lSiR1
lSOhtsxYXm7OxhgwJaTqZlPzHE4EwO8O51aVpVOtaGNWGp8qSDHmd2+hCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcn+7ex/me3nYHRBELfsRr5GUpYMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArWnzgn3b
EIEma4CDATZdZAl9CvlHp4C0bKUjphbO1baGr8VK3wcgjyhsRib5GfImeXp7gSGN
+BmGfVbw2/r9oRkq+6QdswauKAqdcJwdan67XkxFWDRisNMjDNgBJX/XEwtvxMWj
NwFWn6IO7m7VJDinLCG0z6ik1zAgjr47ibtbtv6Q8QixXLMFrO0B0Q+OGOe2Lari
ynX2SeeHuiSN+/PliucXwR7qChgpy+KFRVyvEiyb2odL7q/fe74IYDDlLI/zugR2
k9YCQB0039LBuqCDrXJu0GEf/fwR2he2iCHDFwR9YIJQHMS4WFTZBFpaLZwgZt36
kJ8MPuCm+j5iig==
-----END CERTIFICATE-----