Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          GGOonpSj+ajzwZBC2bLQH/ua5WUQ3m2Ee2c3yrXwsvs=
Subject key identifier:   4E:80:9D:0A:38:FB:20:E8:1F:D5:F3:47:43:EB:AC:19:D9:D8:A3:26
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       0194C387A8520E29E4409F6B9A4F0933FA10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          0E28
Signing time:             Sat 01 Feb 2025 22:00:34 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:34 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:34 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: UUKut9wbZNRQmjFaG8vzxomR0gtroTnHqGHPp2VfSq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:a8:52:0e:29:e4:40:9f:6b:9a:4f:09:33:fa:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Feb  1 22:00:34 2025 GMT
            Not After : Feb  2 22:00:34 2025 GMT
        Subject: CN=4e809d0a38fb20e81fd5f34743ebac19d9d8a326
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e2:42:c3:df:80:0b:d3:bb:32:ab:5e:60:cc:
                    86:79:87:51:55:6b:47:35:a7:f2:4b:7f:7a:6f:ef:
                    2f:04:a3:0e:54:e6:a5:ea:11:44:00:0a:ef:ef:4c:
                    2b:c2:31:b6:b6:76:bc:fa:19:de:55:63:5b:a3:d8:
                    46:1e:20:e8:72:8c:22:d7:bf:44:35:81:4f:82:fe:
                    e3:a8:c1:87:dc:5d:e0:ef:dd:95:7f:20:54:b8:b7:
                    59:57:f6:f7:0a:12:9f:f1:45:2e:0c:4e:f9:ce:de:
                    cd:6d:12:19:7d:ed:8b:ab:1c:26:50:e2:68:25:01:
                    9a:86:bc:9e:29:dc:52:82:a4:b0:67:1f:04:87:7d:
                    d3:da:ff:5f:41:2e:c1:c4:20:1c:b7:c5:53:63:06:
                    74:24:48:d4:29:00:8c:3a:54:96:56:af:28:1e:96:
                    b4:c8:63:36:46:f9:e9:78:22:a6:b8:8f:4a:cb:7f:
                    e8:1c:35:1b:d3:c1:49:01:27:b1:44:a8:27:0a:54:
                    0e:d1:0d:5a:17:af:b8:1b:fa:14:e9:a4:2f:70:09:
                    d5:eb:f8:76:7e:5a:d1:1d:f2:01:e1:70:66:97:e3:
                    60:58:e1:ef:04:ff:17:1d:9e:64:e0:64:75:2a:e8:
                    89:88:1d:9b:ec:b5:d4:33:bb:c9:c0:74:d8:f6:03:
                    22:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:80:9D:0A:38:FB:20:E8:1F:D5:F3:47:43:EB:AC:19:D9:D8:A3:26
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:9e:ef:56:be:9a:9a:33:2d:1e:26:30:67:7e:51:c6:58:1a:
         96:90:3a:03:f7:5d:a6:83:a5:c4:f6:b1:ec:8d:93:38:11:e1:
         e5:f2:a0:e8:3c:1b:46:34:bc:b5:0d:d7:e5:60:b2:db:17:31:
         e3:39:47:81:88:de:02:a1:9a:f6:09:f9:65:24:95:3c:f2:8c:
         7a:f8:13:9b:3e:83:57:6b:73:1c:b9:f0:17:85:40:26:3f:f5:
         be:3f:8e:b5:35:0b:ae:40:ab:51:20:44:ee:d9:91:42:16:28:
         32:05:06:c8:e7:42:4b:1d:2e:1f:f8:6f:7d:1f:a1:fc:24:b3:
         88:d1:a6:76:33:45:d0:7d:fb:f5:a0:de:94:4b:77:eb:cc:66:
         5f:b7:92:73:e3:e4:a3:fe:9f:0f:4d:26:0c:86:a7:a7:43:3b:
         77:12:21:3b:b5:7b:ac:4c:99:b1:90:d4:d1:80:b9:48:14:ad:
         4d:12:37:bf:56:c1:42:5a:0f:40:d0:4a:fc:e8:66:1f:5e:9a:
         35:de:ef:93:40:d4:28:a4:9a:0c:96:0c:c7:d1:23:16:d1:30:
         ea:13:6b:69:46:9c:4d:c7:fd:b3:fc:f4:cb:a0:03:93:d0:f1:
         fd:67:57:44:55:bc:40:44:e9:38:b3:68:88:b3:01:7a:6f:44:
         0c:b7:a7:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh6hSDinkQJ9rmk8JM/oQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwMjAxMjIwMDM0WhcNMjUwMjAyMjIwMDM0WjAzMTEwLwYDVQQD
Eyg0ZTgwOWQwYTM4ZmIyMGU4MWZkNWYzNDc0M2ViYWMxOWQ5ZDhhMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OJCw9+AC9O7MqteYMyGeYdRVWtH
NafyS396b+8vBKMOVOal6hFEAArv70wrwjG2tna8+hneVWNbo9hGHiDocowi179E
NYFPgv7jqMGH3F3g792VfyBUuLdZV/b3ChKf8UUuDE75zt7NbRIZfe2LqxwmUOJo
JQGahryeKdxSgqSwZx8Eh33T2v9fQS7BxCAct8VTYwZ0JEjUKQCMOlSWVq8oHpa0
yGM2RvnpeCKmuI9Ky3/oHDUb08FJASexRKgnClQO0Q1aF6+4G/oU6aQvcAnV6/h2
flrRHfIB4XBml+NgWOHvBP8XHZ5k4GR1KuiJiB2b7LXUM7vJwHTY9gMiHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6AnQo4+yDoH9XzR0PrrBnZ2KMmMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJ7vVr6a
mjMtHiYwZ35RxlgalpA6A/ddpoOlxPax7I2TOBHh5fKg6DwbRjS8tQ3X5WCy2xcx
4zlHgYjeAqGa9gn5ZSSVPPKMevgTmz6DV2tzHLnwF4VAJj/1vj+OtTULrkCrUSBE
7tmRQhYoMgUGyOdCSx0uH/hvfR+h/CSziNGmdjNF0H379aDelEt368xmX7eSc+Pk
o/6fD00mDIanp0M7dxIhO7V7rEyZsZDU0YC5SBStTRI3v1bBQloPQNBK/OhmH16a
Nd7vk0DUKKSaDJYMx9EjFtEw6hNraUacTcf9s/z0y6ADk9Dx/WdXRFW8QETpOLNo
iLMBem9EDLenRA==
-----END CERTIFICATE-----