Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          hePhGa6UvX/9DvlgSh2/b1jCMUROaaObYHTq4iJxXVA=
Subject key identifier:   AC:C7:A0:2D:86:33:2E:C0:F4:73:FB:F1:9E:BB:29:F5:69:DF:DD:8F
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       0197488C187726F3773686FD68AB3277FA33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          0F76
Signing time:             Sat 07 Jun 2025 04:00:30 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:30 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:30 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: oImAkt9BZUnZD4U6xuDibmHhyvA1qNErh+ShiBiF/JM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:18:77:26:f3:77:36:86:fd:68:ab:32:77:fa:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Jun  7 04:00:30 2025 GMT
            Not After : Jun  8 04:00:30 2025 GMT
        Subject: CN=acc7a02d86332ec0f473fbf19ebb29f569dfdd8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:21:7b:38:42:49:d0:ca:16:f6:27:64:e5:ff:
                    4c:6e:24:84:4d:eb:53:c7:98:80:4f:3c:a1:1b:39:
                    38:93:f6:8a:56:c5:d6:22:75:d7:c0:35:f3:b6:55:
                    79:80:a2:dc:c6:09:af:1d:79:63:d4:5d:0a:4e:b4:
                    80:7c:ef:00:0c:bb:20:83:3f:1a:24:47:f1:e6:ac:
                    3e:61:61:89:fa:67:74:9a:76:af:10:d2:69:3a:6d:
                    5e:0b:7e:22:d4:b7:d1:39:73:3c:ae:1e:f1:8c:20:
                    3b:75:c8:3b:78:dc:6c:62:39:c9:04:06:f4:2b:3a:
                    a3:2d:54:4f:ca:e5:6e:9b:06:85:59:50:7c:c2:f2:
                    e3:2d:79:6e:8d:9e:51:b3:bb:ab:fc:04:23:86:47:
                    95:6c:61:dc:a8:5c:1d:cd:58:2a:1c:59:9e:c9:4c:
                    d5:ed:5e:10:67:1c:09:cb:9e:5d:ad:33:a0:fe:93:
                    34:25:ad:0b:5c:28:35:93:cc:36:e7:f4:60:e5:2c:
                    98:d4:1f:14:48:72:ed:81:6f:39:86:eb:e4:f2:f8:
                    d9:d3:31:61:79:06:28:a6:81:e7:11:3d:51:3a:2f:
                    a7:b5:8a:67:f0:f1:0f:0d:1c:8b:c2:1b:a8:ea:7a:
                    07:06:81:d8:9a:6e:19:d3:b2:f7:6e:1c:ba:bc:1f:
                    cb:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:C7:A0:2D:86:33:2E:C0:F4:73:FB:F1:9E:BB:29:F5:69:DF:DD:8F
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:0e:59:1b:32:ca:b8:ea:44:e0:0e:22:21:82:76:34:1e:d6:
         dd:54:11:0b:19:92:78:4e:cf:11:38:77:78:82:35:2d:7a:51:
         0b:9c:d6:30:ea:76:69:67:b8:0b:47:59:65:73:18:a8:20:cd:
         20:40:b4:14:17:f0:45:77:4d:f6:a4:83:19:12:b3:47:de:ba:
         81:27:7f:3f:78:6d:3a:dc:3c:a3:17:e1:cb:ed:f6:49:06:d1:
         ad:4e:e5:e5:70:c3:5e:9f:42:6a:56:4c:c5:a7:08:1a:68:47:
         89:79:e4:31:a8:42:19:02:97:3a:e1:31:b2:78:c9:29:f3:60:
         a4:25:f0:f5:1f:58:19:38:68:cc:58:b6:4d:98:e6:ac:6e:f5:
         fb:37:f1:ba:f1:68:63:0f:94:9f:64:f3:e7:69:02:98:b6:44:
         e2:9f:e9:33:5b:f2:15:c4:c2:24:43:36:ff:10:60:2c:e0:d6:
         8b:ae:7c:af:22:27:c2:32:9d:d7:b2:1c:ac:cd:32:44:d9:04:
         2b:a0:27:76:2f:6e:0b:44:25:59:b9:3c:79:cc:12:92:63:0a:
         0a:d3:ee:6c:14:d7:a7:ce:48:ff:19:13:b3:5d:7d:68:57:c7:
         ab:a4:b9:33:40:c5:3f:67:b0:63:5c:9c:66:b4:3d:bf:ff:29:
         58:d8:71:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjBh3JvN3Nob9aKsyd/ozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwNjA3MDQwMDMwWhcNMjUwNjA4MDQwMDMwWjAzMTEwLwYDVQQD
EyhhY2M3YTAyZDg2MzMyZWMwZjQ3M2ZiZjE5ZWJiMjlmNTY5ZGZkZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriF7OEJJ0MoW9idk5f9MbiSETetT
x5iATzyhGzk4k/aKVsXWInXXwDXztlV5gKLcxgmvHXlj1F0KTrSAfO8ADLsggz8a
JEfx5qw+YWGJ+md0mnavENJpOm1eC34i1LfROXM8rh7xjCA7dcg7eNxsYjnJBAb0
KzqjLVRPyuVumwaFWVB8wvLjLXlujZ5Rs7ur/AQjhkeVbGHcqFwdzVgqHFmeyUzV
7V4QZxwJy55drTOg/pM0Ja0LXCg1k8w25/Rg5SyY1B8USHLtgW85huvk8vjZ0zFh
eQYopoHnET1ROi+ntYpn8PEPDRyLwhuo6noHBoHYmm4Z07L3bhy6vB/LbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzHoC2GMy7A9HP78Z67KfVp392PMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQA5ZGzLK
uOpE4A4iIYJ2NB7W3VQRCxmSeE7PETh3eII1LXpRC5zWMOp2aWe4C0dZZXMYqCDN
IEC0FBfwRXdN9qSDGRKzR966gSd/P3htOtw8oxfhy+32SQbRrU7l5XDDXp9CalZM
xacIGmhHiXnkMahCGQKXOuExsnjJKfNgpCXw9R9YGThozFi2TZjmrG71+zfxuvFo
Yw+Un2Tz52kCmLZE4p/pM1vyFcTCJEM2/xBgLODWi658ryInwjKd17IcrM0yRNkE
K6Andi9uC0QlWbk8ecwSkmMKCtPubBTXp85I/xkTs119aFfHq6S5M0DFP2ewY1yc
ZrQ9v/8pWNhxZw==
-----END CERTIFICATE-----