Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          GVIaSTtAJfKrjLucsjF5aHFQmTD2ZgwTgQdCWyBWuuA=
Subject key identifier:   7B:6E:C4:D8:C8:3C:75:AA:6B:EF:31:E0:FF:BC:82:0C:9C:3F:55:95
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       01965537B83C10656B520CA3BDE89CB4AE6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          0EF8
Signing time:             Sun 20 Apr 2025 22:00:37 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:37 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:37 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: 2ZKIRXMB9ei+++4Ouh9FNiqh4kSKDAeMxtgSK/8q13w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:b8:3c:10:65:6b:52:0c:a3:bd:e8:9c:b4:ae:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Apr 20 22:00:37 2025 GMT
            Not After : Apr 21 22:00:37 2025 GMT
        Subject: CN=7b6ec4d8c83c75aa6bef31e0ffbc820c9c3f5595
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:77:ef:44:7e:5a:28:0f:e1:ed:60:fb:22:b7:
                    ab:e2:12:26:68:c2:e8:e6:ef:34:a8:e4:17:7d:23:
                    1e:02:2c:e7:ac:32:b5:bf:29:d9:41:fa:89:bc:94:
                    2e:fd:a7:d1:f0:b9:82:b4:3f:de:7d:65:0e:07:c3:
                    c8:fa:9f:97:d5:0e:ea:c6:21:a9:0d:79:0d:18:a9:
                    75:fc:26:28:11:3b:d7:5a:d4:d5:a4:df:3e:8d:f5:
                    36:a9:7e:be:3e:20:01:63:29:b9:c7:ed:1b:ec:59:
                    56:54:46:62:1a:06:57:39:15:74:28:12:24:11:bf:
                    32:c7:68:4a:6d:08:63:f0:6d:26:d6:a7:89:70:df:
                    fc:9e:2f:63:76:ff:bb:7e:6f:d7:a0:56:28:1f:d5:
                    df:62:7c:cc:9c:83:01:e6:02:84:3d:9a:8a:d4:00:
                    87:52:c5:8c:78:0a:28:bd:f6:5e:5a:49:df:56:c4:
                    72:d0:fe:28:97:d3:a4:45:de:33:da:1f:73:ae:01:
                    a7:db:5a:14:12:c1:4d:8a:ea:4d:02:b1:fa:93:c1:
                    25:58:31:2e:52:42:5d:aa:52:ec:48:f7:90:00:99:
                    9a:1b:93:8f:7b:b3:70:fa:89:68:b8:c6:18:b3:21:
                    73:c8:2e:c6:b2:b0:ca:c5:4c:be:c6:8d:c5:0d:54:
                    4a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:6E:C4:D8:C8:3C:75:AA:6B:EF:31:E0:FF:BC:82:0C:9C:3F:55:95
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:fa:98:51:17:3b:0d:bd:52:5a:5a:d3:53:46:7a:85:43:b7:
         1a:27:f3:8c:ff:2b:5e:13:39:61:16:bb:97:75:70:2a:23:f0:
         e3:55:aa:91:29:8b:df:99:c9:03:aa:35:00:2c:28:b1:de:c1:
         5d:18:67:25:e0:8e:83:89:7e:c9:fb:85:5c:1d:90:22:ea:90:
         54:35:96:bc:d4:9c:7f:a4:eb:c7:99:e7:76:42:78:61:15:b3:
         f4:0e:35:6e:63:77:da:49:f6:f8:fc:ff:56:27:c9:a5:ed:41:
         b2:1c:03:65:81:4a:1d:10:37:95:22:f6:5f:a8:ce:2d:60:4c:
         d9:f8:68:bc:92:9b:b1:e7:9f:32:d3:e2:7a:5f:71:26:50:0e:
         03:f0:29:0b:37:c8:37:72:15:19:b9:a1:ce:13:f3:ba:41:dd:
         e8:fa:e1:9a:f3:65:b2:96:a9:fe:81:3e:14:e7:fe:e7:b6:d6:
         df:fa:64:a3:a5:39:6e:8d:90:8c:1c:2d:a7:4c:ff:cf:22:9e:
         b9:fc:60:62:8c:0c:e9:0a:d4:00:2d:ca:8e:b0:f3:91:c7:54:
         cc:26:34:c9:f4:f3:dc:30:33:e8:c6:65:24:db:8e:18:af:5b:
         b8:e8:21:12:4c:84:f2:f2:a6:5f:7b:5d:ea:da:c1:06:4d:c9:
         c3:42:15:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN7g8EGVrUgyjveictK5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwNDIwMjIwMDM3WhcNMjUwNDIxMjIwMDM3WjAzMTEwLwYDVQQD
Eyg3YjZlYzRkOGM4M2M3NWFhNmJlZjMxZTBmZmJjODIwYzljM2Y1NTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3fvRH5aKA/h7WD7Irer4hImaMLo
5u80qOQXfSMeAiznrDK1vynZQfqJvJQu/afR8LmCtD/efWUOB8PI+p+X1Q7qxiGp
DXkNGKl1/CYoETvXWtTVpN8+jfU2qX6+PiABYym5x+0b7FlWVEZiGgZXORV0KBIk
Eb8yx2hKbQhj8G0m1qeJcN/8ni9jdv+7fm/XoFYoH9XfYnzMnIMB5gKEPZqK1ACH
UsWMeAoovfZeWknfVsRy0P4ol9OkRd4z2h9zrgGn21oUEsFNiupNArH6k8ElWDEu
UkJdqlLsSPeQAJmaG5OPe7Nw+olouMYYsyFzyC7GsrDKxUy+xo3FDVRK/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtuxNjIPHWqa+8x4P+8ggycP1WVMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPPqYURc7
Db1SWlrTU0Z6hUO3GifzjP8rXhM5YRa7l3VwKiPw41WqkSmL35nJA6o1ACwosd7B
XRhnJeCOg4l+yfuFXB2QIuqQVDWWvNScf6Trx5nndkJ4YRWz9A41bmN32kn2+Pz/
VifJpe1BshwDZYFKHRA3lSL2X6jOLWBM2fhovJKbseefMtPiel9xJlAOA/ApCzfI
N3IVGbmhzhPzukHd6PrhmvNlspap/oE+FOf+57bW3/pko6U5bo2QjBwtp0z/zyKe
ufxgYowM6QrUAC3KjrDzkcdUzCY0yfTz3DAz6MZlJNuOGK9buOghEkyE8vKmX3td
6trBBk3Jw0IVzQ==
-----END CERTIFICATE-----