Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          YVwOK+U0TI2Qs2+Y+hcLI9D2WtvoI9/7B4rvRqsvnoY=
Subject key identifier:   5C:AA:90:69:E9:AA:09:6C:44:3C:9F:51:0B:EF:F7:3D:69:E3:93:32
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       0197B6A1507840F796E0177CAD3EC9D28CBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          0FAF
Signing time:             Sat 28 Jun 2025 13:01:54 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:54 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:54 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: 3T/BHEDJK1KI2uVLyFOKExvETsedMuxK9F9UY6FhjBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:50:78:40:f7:96:e0:17:7c:ad:3e:c9:d2:8c:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Jun 28 13:01:54 2025 GMT
            Not After : Jun 29 13:01:54 2025 GMT
        Subject: CN=5caa9069e9aa096c443c9f510beff73d69e39332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:83:b5:c4:34:56:e1:36:52:da:fd:6d:39:96:
                    a5:54:c2:fe:c8:f4:4d:3e:f0:15:56:58:97:35:64:
                    75:57:7a:9e:81:4f:12:cd:fb:c6:40:10:d2:f1:a6:
                    6e:75:9b:ff:83:3b:08:ec:9a:0c:e0:99:7c:37:f2:
                    8d:d1:b4:ed:43:d3:e6:19:9e:0b:75:66:e7:d1:fc:
                    c9:bb:88:e9:8f:a2:e9:3b:09:ad:3d:5f:7d:48:10:
                    5b:f1:d8:06:0c:cc:44:6e:1c:de:b7:d0:ca:5c:94:
                    3c:72:84:c9:32:d0:a6:4d:4b:3f:20:98:03:de:8f:
                    57:9c:ec:69:15:ac:e0:65:45:8b:97:09:47:0f:21:
                    e7:dd:92:c5:79:01:56:e9:be:ab:5b:06:d5:73:0f:
                    a1:49:30:ce:05:c8:3f:f5:31:1b:1b:2c:96:eb:c2:
                    8e:f2:88:11:ec:cf:80:59:67:ad:74:6d:95:1e:b0:
                    d9:15:de:05:39:d6:9f:d8:b6:ad:ac:94:11:72:8b:
                    4a:2c:a5:a0:f1:17:8e:3a:cb:38:14:8f:c7:9d:62:
                    4e:8f:b3:1b:24:3e:f0:cb:39:11:55:3d:19:14:fe:
                    70:a2:db:9a:bf:46:42:24:d8:bd:27:8d:ee:26:e4:
                    bd:47:da:b2:2c:21:4e:96:14:6d:65:08:e9:0b:76:
                    e2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:AA:90:69:E9:AA:09:6C:44:3C:9F:51:0B:EF:F7:3D:69:E3:93:32
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:49:f2:ca:83:6f:87:ec:c1:2c:1b:27:24:4c:80:f5:78:69:
         b9:34:72:9f:d1:17:ee:e6:4f:9e:f0:e5:5b:45:a5:58:dd:f4:
         09:de:6f:b4:3c:03:87:48:37:4b:11:1b:31:fd:13:9c:c6:43:
         72:13:31:6e:7b:ea:f1:05:52:d6:55:b4:dd:0d:51:6b:cc:eb:
         d8:7d:29:67:dc:a8:e3:2b:1f:b9:85:0b:82:aa:3a:fe:4d:ae:
         2c:b9:b0:b3:c4:f4:de:48:9c:69:bf:50:2d:36:eb:0d:92:7c:
         15:90:5e:e1:72:44:94:ca:59:92:dc:dc:57:b0:f8:68:d1:fa:
         4b:e7:cf:ac:38:a8:67:fb:be:21:ac:70:b2:86:6f:71:a6:e8:
         94:c8:d7:89:05:0f:b8:34:cd:3f:2b:44:05:1a:02:8b:f1:e0:
         97:4f:af:b3:ac:6c:33:f1:96:89:dc:12:15:b1:50:c3:93:aa:
         b6:85:58:b8:65:cd:63:c4:c4:45:3c:09:9c:76:ea:6b:b7:fb:
         7f:fa:8d:d6:d0:95:53:05:9a:ff:f7:25:68:6d:dd:c8:d3:2a:
         f4:ff:8a:57:fc:be:d8:34:df:f8:80:7d:1f:32:64:93:5b:ea:
         3f:21:40:2b:9a:79:da:02:fa:45:85:97:b9:14:2a:c3:99:7d:
         d7:06:57:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oVB4QPeW4Bd8rT7J0oy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwNjI4MTMwMTU0WhcNMjUwNjI5MTMwMTU0WjAzMTEwLwYDVQQD
Eyg1Y2FhOTA2OWU5YWEwOTZjNDQzYzlmNTEwYmVmZjczZDY5ZTM5MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIO1xDRW4TZS2v1tOZalVML+yPRN
PvAVVliXNWR1V3qegU8SzfvGQBDS8aZudZv/gzsI7JoM4Jl8N/KN0bTtQ9PmGZ4L
dWbn0fzJu4jpj6LpOwmtPV99SBBb8dgGDMxEbhzet9DKXJQ8coTJMtCmTUs/IJgD
3o9XnOxpFazgZUWLlwlHDyHn3ZLFeQFW6b6rWwbVcw+hSTDOBcg/9TEbGyyW68KO
8ogR7M+AWWetdG2VHrDZFd4FOdaf2LatrJQRcotKLKWg8ReOOss4FI/HnWJOj7Mb
JD7wyzkRVT0ZFP5wotuav0ZCJNi9J43uJuS9R9qyLCFOlhRtZQjpC3biLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyqkGnpqglsRDyfUQvv9z1p45MyMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANEnyyoNv
h+zBLBsnJEyA9XhpuTRyn9EX7uZPnvDlW0WlWN30Cd5vtDwDh0g3SxEbMf0TnMZD
chMxbnvq8QVS1lW03Q1Ra8zr2H0pZ9yo4ysfuYULgqo6/k2uLLmws8T03kicab9Q
LTbrDZJ8FZBe4XJElMpZktzcV7D4aNH6S+fPrDioZ/u+IaxwsoZvcabolMjXiQUP
uDTNPytEBRoCi/Hgl0+vs6xsM/GWidwSFbFQw5OqtoVYuGXNY8TERTwJnHbqa7f7
f/qN1tCVUwWa//claG3dyNMq9P+KV/y+2DTf+IB9HzJkk1vqPyFAK5p52gL6RYWX
uRQqw5l91wZXcA==
-----END CERTIFICATE-----