Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          L5IqYwo1OMI/E1koRMppez9NkxWJKodDZ7o4UiU/GSg=
Subject key identifier:   55:13:F8:28:75:00:5C:D0:1A:79:40:34:F2:31:F2:9F:9A:C9:61:14
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       019A71B919446239B476E9F1B61BCBDE32A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          1119
Signing time:             Tue 11 Nov 2025 07:02:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:27 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: RKB9mwC2O2TiDUxKokju9R0SUWqARXbw98HapVeG6Yc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:19:44:62:39:b4:76:e9:f1:b6:1b:cb:de:32:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Nov 11 07:02:27 2025 GMT
            Not After : Nov 12 07:02:27 2025 GMT
        Subject: CN=5513f82875005cd01a794034f231f29f9ac96114
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4f:f7:fc:29:22:af:3b:78:04:f5:c8:85:57:
                    50:52:b9:f7:bb:68:fd:55:41:77:9b:9f:db:c7:e8:
                    b5:72:0b:26:0b:68:21:c8:9b:fa:d9:19:43:17:40:
                    db:00:09:f3:bb:dc:df:0a:27:bb:91:53:7c:3e:7c:
                    79:93:32:11:c3:ee:ff:c1:95:87:52:e4:42:77:97:
                    61:4b:c5:7a:2c:38:0a:3d:7d:4e:d4:dd:1c:49:4a:
                    48:d1:8b:c7:e8:a5:5f:40:f6:8c:fc:4a:48:5d:97:
                    e3:e2:cd:98:8e:15:6a:75:92:6c:c7:50:9f:40:0a:
                    09:58:0a:ee:7a:52:35:5a:7b:c5:20:86:30:af:f1:
                    0a:79:6a:91:39:28:12:0a:2b:37:86:d0:3c:b7:1c:
                    e0:33:93:d6:31:87:80:9f:f0:f1:e2:12:d0:8c:5e:
                    a4:88:6d:c8:ca:c6:01:e5:d4:c6:0a:07:f7:0a:ac:
                    30:d3:96:9b:ef:05:20:3f:01:dd:04:8f:c8:51:2e:
                    7f:e6:fd:20:94:d4:7b:13:f5:c8:18:4c:0c:81:64:
                    e7:df:8c:40:bf:63:f4:9c:c9:1e:93:24:9e:d4:33:
                    e0:ac:1a:93:8c:db:2c:cd:34:99:06:e6:91:fb:cc:
                    c2:84:63:38:97:b7:14:9f:00:4e:38:cc:fd:18:df:
                    fe:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:13:F8:28:75:00:5C:D0:1A:79:40:34:F2:31:F2:9F:9A:C9:61:14
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:6c:08:b6:c4:ba:76:09:a8:8e:c8:c6:ad:74:c0:63:f9:64:
         2a:8d:35:db:8e:b0:bd:f5:7a:29:0b:95:30:77:85:b4:e6:d3:
         28:c2:6c:a9:82:84:5e:cc:3b:70:56:88:8a:c8:63:1e:a3:53:
         df:4d:ed:0f:22:11:15:82:31:83:05:3a:de:df:96:e1:88:9e:
         67:df:80:cc:ee:c3:56:93:1e:d1:10:fa:55:6f:01:ed:e1:1e:
         f0:06:31:29:1e:dc:59:1f:9c:8c:05:83:87:c5:e1:c4:68:a9:
         32:98:fe:3d:df:fb:81:08:5d:bc:15:d6:81:8b:2a:ff:b1:4d:
         3f:61:c2:10:56:48:12:c4:4e:28:9a:39:15:13:85:72:16:73:
         b5:f2:92:b3:c5:d3:1d:4a:34:39:00:f1:f1:56:6f:ea:35:ba:
         5f:9a:80:49:29:56:be:5f:cc:0a:84:c5:8f:eb:f5:46:99:49:
         2c:8a:29:78:74:c8:c7:02:fd:1e:2a:68:00:66:1b:8c:82:9e:
         c2:b0:16:9a:ce:52:e2:2c:54:8c:a1:8e:48:2b:90:3c:93:53:
         1c:0c:fb:a2:e2:63:95:eb:04:fe:28:35:18:0c:be:14:ab:61:
         99:17:72:07:95:e0:d7:7c:5f:ef:40:43:fc:7b:0c:20:30:af:
         50:a5:43:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRlEYjm0dunxthvL3jKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUxMTExMDcwMjI3WhcNMjUxMTEyMDcwMjI3WjAzMTEwLwYDVQQD
Eyg1NTEzZjgyODc1MDA1Y2QwMWE3OTQwMzRmMjMxZjI5ZjlhYzk2MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE/3/Ckirzt4BPXIhVdQUrn3u2j9
VUF3m5/bx+i1cgsmC2ghyJv62RlDF0DbAAnzu9zfCie7kVN8Pnx5kzIRw+7/wZWH
UuRCd5dhS8V6LDgKPX1O1N0cSUpI0YvH6KVfQPaM/EpIXZfj4s2YjhVqdZJsx1Cf
QAoJWAruelI1WnvFIIYwr/EKeWqROSgSCis3htA8txzgM5PWMYeAn/Dx4hLQjF6k
iG3IysYB5dTGCgf3Cqww05ab7wUgPwHdBI/IUS5/5v0glNR7E/XIGEwMgWTn34xA
v2P0nMkekySe1DPgrBqTjNsszTSZBuaR+8zChGM4l7cUnwBOOMz9GN/+uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUT+Ch1AFzQGnlANPIx8p+ayWEUMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArGwItsS6
dgmojsjGrXTAY/lkKo01246wvfV6KQuVMHeFtObTKMJsqYKEXsw7cFaIishjHqNT
303tDyIRFYIxgwU63t+W4YieZ9+AzO7DVpMe0RD6VW8B7eEe8AYxKR7cWR+cjAWD
h8XhxGipMpj+Pd/7gQhdvBXWgYsq/7FNP2HCEFZIEsROKJo5FROFchZztfKSs8XT
HUo0OQDx8VZv6jW6X5qASSlWvl/MCoTFj+v1RplJLIopeHTIxwL9HipoAGYbjIKe
wrAWms5S4ixUjKGOSCuQPJNTHAz7ouJjlesE/ig1GAy+FKthmRdyB5Xg13xf70BD
/HsMIDCvUKVDcA==
-----END CERTIFICATE-----