Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          elFVGHZEW3JFgV+GFkP5hvpfCMj3ygHMhAVIht+95OI=
Subject key identifier:   75:CD:CD:CE:77:13:C1:2A:02:B1:D3:31:6F:C9:56:49:40:34:44:D1
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       018F8749C02335200C2237A9B624B16CE01B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          0B72
Signing time:             Fri 17 May 2024 16:01:48 +0000
Manifest this update:     Fri 17 May 2024 16:01:48 +0000
Manifest next update:     Sat 18 May 2024 16:01:48 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: uDuu7LCNDO356UkMIhHWFjuNZlJMR24iGU0OQZ4f5VM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:c0:23:35:20:0c:22:37:a9:b6:24:b1:6c:e0:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: May 17 16:01:48 2024 GMT
            Not After : May 18 16:01:48 2024 GMT
        Subject: CN=75cdcdce7713c12a02b1d3316fc95649403444d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:87:a9:46:46:96:9a:63:49:ce:c1:48:7c:e7:
                    30:6e:cd:3b:27:86:46:22:de:74:63:e9:6e:ea:43:
                    e6:00:68:e7:b1:68:54:2d:80:10:76:3f:b3:f8:4f:
                    19:32:99:7d:6f:da:4a:cf:b2:8e:ae:3d:1f:0f:c6:
                    a8:ab:68:15:6c:f7:59:5c:88:9d:2c:c6:d8:7e:b8:
                    3d:5c:33:5e:50:6b:4e:87:49:32:e1:5d:e4:12:0e:
                    fc:d9:1e:c2:19:26:d9:0b:36:7b:69:8b:a6:e6:e1:
                    3e:20:a3:96:c6:45:31:df:47:42:ed:b6:c7:46:5f:
                    07:21:20:c2:6a:3f:91:3e:21:24:ad:89:73:f5:f5:
                    29:c3:bd:61:8e:6a:3a:69:84:78:9d:c3:85:69:db:
                    7a:b0:6c:d7:d0:ab:35:17:85:2d:1a:ad:af:be:d2:
                    b4:67:af:08:c6:b9:31:1e:cc:60:e1:16:f7:ca:2b:
                    d6:f5:b1:3c:26:56:67:41:08:59:0f:4e:d1:b5:50:
                    05:ad:26:60:68:fc:cb:ea:0e:7d:5c:04:24:63:aa:
                    ac:b8:c5:3c:6b:51:1d:fb:e2:03:34:e8:a1:07:a1:
                    14:79:2a:b6:1a:94:5e:9c:f8:c5:30:01:c9:ac:02:
                    d3:68:35:99:29:59:48:6c:f4:4b:5d:97:e8:a3:15:
                    bb:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:CD:CD:CE:77:13:C1:2A:02:B1:D3:31:6F:C9:56:49:40:34:44:D1
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:9e:3d:aa:ce:6b:79:a7:9a:a3:c8:4e:3d:25:28:b5:a3:2d:
         12:21:95:9b:ad:44:06:e9:79:0b:3e:4b:c2:f2:85:ad:33:be:
         2c:9d:7a:66:c3:07:06:0f:40:d2:f2:2a:29:c0:63:73:14:8b:
         d7:d0:f6:53:20:5d:3d:c8:8a:cb:b9:a8:77:ca:90:27:0f:e6:
         94:c7:3f:5c:eb:80:6f:60:09:a6:82:5f:8e:2a:18:f8:a3:f5:
         92:12:13:40:d8:0d:7f:10:df:c3:f0:71:3b:de:15:aa:15:93:
         2c:49:15:98:01:35:47:1b:d4:25:17:9a:6b:d9:70:1f:ff:b9:
         36:3c:58:ec:01:c1:3f:29:51:05:0f:63:bc:7e:2a:2a:1d:05:
         58:6c:ff:18:4f:d2:b8:16:47:46:f8:2a:a8:43:b1:49:38:8c:
         c1:c7:47:bf:73:41:29:20:d5:4e:92:78:68:ba:21:41:25:5f:
         f7:8f:ae:d8:f2:bc:15:29:7e:31:da:38:a2:e3:38:c3:07:95:
         f8:a7:60:8b:89:cd:cc:e3:5a:09:81:7b:f0:c0:1b:08:a0:6f:
         4c:ce:20:04:a4:e6:35:52:eb:5f:78:79:2d:0b:fa:5f:15:c4:
         9d:04:f3:80:20:bd:25:a8:b9:06:42:59:7a:37:69:b6:71:fb:
         f7:87:bc:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HScAjNSAMIjeptiSxbOAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjQwNTE3MTYwMTQ4WhcNMjQwNTE4MTYwMTQ4WjAzMTEwLwYDVQQD
Eyg3NWNkY2RjZTc3MTNjMTJhMDJiMWQzMzE2ZmM5NTY0OTQwMzQ0NGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oepRkaWmmNJzsFIfOcwbs07J4ZG
It50Y+lu6kPmAGjnsWhULYAQdj+z+E8ZMpl9b9pKz7KOrj0fD8aoq2gVbPdZXIid
LMbYfrg9XDNeUGtOh0ky4V3kEg782R7CGSbZCzZ7aYum5uE+IKOWxkUx30dC7bbH
Rl8HISDCaj+RPiEkrYlz9fUpw71hjmo6aYR4ncOFadt6sGzX0Ks1F4UtGq2vvtK0
Z68IxrkxHsxg4Rb3yivW9bE8JlZnQQhZD07RtVAFrSZgaPzL6g59XAQkY6qsuMU8
a1Ed++IDNOihB6EUeSq2GpRenPjFMAHJrALTaDWZKVlIbPRLXZfooxW7oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXNzc53E8EqArHTMW/JVklANETRMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALp49qs5r
eaeao8hOPSUotaMtEiGVm61EBul5Cz5LwvKFrTO+LJ16ZsMHBg9A0vIqKcBjcxSL
19D2UyBdPciKy7mod8qQJw/mlMc/XOuAb2AJpoJfjioY+KP1khITQNgNfxDfw/Bx
O94VqhWTLEkVmAE1RxvUJReaa9lwH/+5NjxY7AHBPylRBQ9jvH4qKh0FWGz/GE/S
uBZHRvgqqEOxSTiMwcdHv3NBKSDVTpJ4aLohQSVf94+u2PK8FSl+Mdo4ouM4wweV
+Kdgi4nNzONaCYF78MAbCKBvTM4gBKTmNVLrX3h5LQv6XxXEnQTzgCC9Jai5BkJZ
ejdptnH794e8cQ==
-----END CERTIFICATE-----