Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          umOLi3LS0HTNNRnYtUGcoTebMI8r0nz+TpM0+41v/UU=
Subject key identifier:   2C:CE:BD:15:9B:99:09:94:FE:D1:2C:5B:96:E3:13:F0:52:8C:A8:B8
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       0198D4739507AE5753FBC47DE77317CC8BED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          1043
Signing time:             Sat 23 Aug 2025 01:03:21 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:21 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:21 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: dsPG5H1jGEhuSJgHeWKD+1UXvmFJ51y9OgKpswXkvm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:95:07:ae:57:53:fb:c4:7d:e7:73:17:cc:8b:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Aug 23 01:03:21 2025 GMT
            Not After : Aug 24 01:03:21 2025 GMT
        Subject: CN=2ccebd159b990994fed12c5b96e313f0528ca8b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:64:ed:10:24:c3:56:72:e2:c1:81:eb:3c:d8:
                    6b:ab:f9:83:1f:72:7a:06:30:21:8b:66:7f:ed:76:
                    95:13:f5:b6:76:8c:e8:6b:5d:4d:73:cb:11:07:6f:
                    fa:fc:30:4c:a6:da:15:ec:35:a3:b3:7c:b4:54:93:
                    71:c0:3d:e3:89:f7:c9:7f:b9:3b:ab:ee:0e:86:f0:
                    d3:09:c0:af:59:51:1d:8d:12:52:37:42:c3:ef:35:
                    54:01:5c:54:48:5d:1e:66:87:dd:5f:7e:f4:a4:a2:
                    00:89:8f:2e:b9:57:ef:68:68:01:e3:05:b2:3b:81:
                    b6:56:63:af:9d:35:3d:af:ff:17:ad:dd:eb:4e:73:
                    cc:65:81:e6:c4:19:d6:7e:88:38:1b:80:f4:a0:dc:
                    31:4a:c3:61:d9:19:34:b4:1f:3e:c1:f5:38:64:45:
                    0d:63:31:46:16:a8:14:8a:0d:8d:d0:4f:d6:13:91:
                    cc:f2:e8:68:a0:61:69:1f:bc:35:73:9c:f9:36:a1:
                    dd:ed:9c:7a:bf:0d:19:9e:90:f4:51:eb:11:47:7c:
                    45:37:97:d0:35:73:41:fb:04:36:3f:59:e5:d8:72:
                    55:6a:d2:c8:37:47:6d:58:87:d1:b4:4f:0c:07:e0:
                    2d:4d:00:28:a3:5e:34:1b:2e:d2:58:72:cd:8a:26:
                    93:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:CE:BD:15:9B:99:09:94:FE:D1:2C:5B:96:E3:13:F0:52:8C:A8:B8
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:3d:95:a7:e8:0d:b4:27:d0:4f:2c:6e:e6:f1:0c:9f:d7:7d:
         e7:3f:54:ad:35:9d:3d:d2:b7:5e:55:12:d8:a6:06:25:b6:1e:
         52:28:51:8a:89:bf:fc:1a:84:c8:7d:52:5c:a6:15:65:04:3c:
         7a:45:4f:00:cc:f4:ce:be:5b:74:15:fe:53:e1:60:17:4a:41:
         2f:4b:84:bf:ef:6d:31:74:6c:b6:4a:30:e0:00:2d:8d:cd:0c:
         44:e9:f2:14:52:4c:0d:b6:5f:fb:43:e7:4b:d8:be:97:3a:da:
         c2:49:1c:a6:ad:97:97:a5:c7:d5:75:f2:eb:f9:9d:52:34:d5:
         d2:b1:6c:3d:96:74:1d:19:27:cf:dc:53:6a:d0:c1:8a:95:fe:
         b1:45:c6:ea:7e:16:c0:17:a4:e7:df:e9:8d:6e:21:01:04:ae:
         64:40:01:3f:00:83:b6:2b:7b:ae:db:aa:b8:5b:ab:f7:cf:19:
         94:4c:47:bb:88:19:eb:51:7d:30:a7:3d:31:ed:19:7a:2e:69:
         81:12:1c:5e:77:60:53:60:4c:9f:be:f0:82:30:02:ae:a3:8e:
         22:16:b0:93:62:f4:a5:94:b1:17:bd:ef:57:6f:7a:6e:c3:d5:
         9e:ff:1b:41:58:7f:55:f6:2c:ec:1c:77:9d:66:18:94:12:b1:
         b1:60:41:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc5UHrldT+8R953MXzIvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwODIzMDEwMzIxWhcNMjUwODI0MDEwMzIxWjAzMTEwLwYDVQQD
EygyY2NlYmQxNTliOTkwOTk0ZmVkMTJjNWI5NmUzMTNmMDUyOGNhOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmTtECTDVnLiwYHrPNhrq/mDH3J6
BjAhi2Z/7XaVE/W2dozoa11Nc8sRB2/6/DBMptoV7DWjs3y0VJNxwD3jiffJf7k7
q+4OhvDTCcCvWVEdjRJSN0LD7zVUAVxUSF0eZofdX370pKIAiY8uuVfvaGgB4wWy
O4G2VmOvnTU9r/8Xrd3rTnPMZYHmxBnWfog4G4D0oNwxSsNh2Rk0tB8+wfU4ZEUN
YzFGFqgUig2N0E/WE5HM8uhooGFpH7w1c5z5NqHd7Zx6vw0ZnpD0UesRR3xFN5fQ
NXNB+wQ2P1nl2HJVatLIN0dtWIfRtE8MB+AtTQAoo140Gy7SWHLNiiaTEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzOvRWbmQmU/tEsW5bjE/BSjKi4MB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmj2Vp+gN
tCfQTyxu5vEMn9d95z9UrTWdPdK3XlUS2KYGJbYeUihRiom//BqEyH1SXKYVZQQ8
ekVPAMz0zr5bdBX+U+FgF0pBL0uEv+9tMXRstkow4AAtjc0MROnyFFJMDbZf+0Pn
S9i+lzrawkkcpq2Xl6XH1XXy6/mdUjTV0rFsPZZ0HRknz9xTatDBipX+sUXG6n4W
wBek59/pjW4hAQSuZEABPwCDtit7rtuquFur988ZlExHu4gZ61F9MKc9Me0Zei5p
gRIcXndgU2BMn77wgjACrqOOIhawk2L0pZSxF73vV296bsPVnv8bQVh/VfYs7Bx3
nWYYlBKxsWBB9Q==
-----END CERTIFICATE-----