Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          a5X4q8I5SKnO5oDl+RI9zzMjrgQdcZDeygq0DZRC+ts=
Subject key identifier:   7F:1D:B7:D7:C0:E8:29:8F:E2:CD:4D:41:57:4A:4E:EB:E3:42:9A:31
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       01967DC6C0376B01D39AEF287148B4273F04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          0F0D
Signing time:             Mon 28 Apr 2025 19:01:39 +0000
Manifest this update:     Mon 28 Apr 2025 19:01:39 +0000
Manifest next update:     Tue 29 Apr 2025 19:01:39 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: IILlvMrVj1vRiqbAGDsIrkfKE2pb/RF+VEx3LLucyM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c6:c0:37:6b:01:d3:9a:ef:28:71:48:b4:27:3f:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Apr 28 19:01:39 2025 GMT
            Not After : Apr 29 19:01:39 2025 GMT
        Subject: CN=7f1db7d7c0e8298fe2cd4d41574a4eebe3429a31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:03:7b:39:df:77:40:05:22:0e:97:f8:6a:c2:
                    09:d7:b4:dd:72:43:f7:69:26:80:15:04:f9:e6:9d:
                    d8:62:b5:4a:c7:92:ee:26:62:de:f8:09:de:68:d2:
                    a2:f0:f6:11:5e:c3:67:23:e3:54:8f:1f:71:1a:57:
                    b8:36:4f:4d:ad:90:41:e4:cb:fe:00:cd:7b:92:3c:
                    f8:0d:1b:6f:50:8d:df:4b:51:72:7f:4d:ba:88:91:
                    17:90:bd:36:ac:25:0e:b4:bb:6a:6e:03:7d:b1:8e:
                    c1:2a:e6:c2:f6:0b:e6:df:a7:de:22:d0:34:20:eb:
                    15:ce:ca:d1:7f:15:b4:8e:f6:e5:6b:16:6d:24:9f:
                    8e:d5:81:52:c8:ef:fd:96:7a:17:f0:c1:42:7a:a3:
                    f1:4e:e0:57:74:3d:19:d9:01:93:11:99:33:e6:66:
                    ce:8f:a9:c2:d8:a7:78:9a:d2:3e:cb:b9:72:83:7f:
                    9f:e3:80:fc:17:bd:b3:af:2e:7f:95:0b:92:e9:eb:
                    78:5b:d3:fa:21:da:ce:ea:56:92:39:46:23:e3:2d:
                    f5:b3:08:d8:66:3d:08:1b:19:9b:25:62:31:8d:5d:
                    25:4f:dd:4c:33:f8:b1:bc:e5:29:fb:fe:60:56:72:
                    5a:46:a9:8f:ae:2f:c2:5b:58:f6:10:c3:74:05:3b:
                    59:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:1D:B7:D7:C0:E8:29:8F:E2:CD:4D:41:57:4A:4E:EB:E3:42:9A:31
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:8a:6f:23:31:24:d2:b6:53:b8:e2:92:1f:fb:6e:f2:84:b9:
         5b:67:69:77:31:01:c6:04:82:27:57:35:2e:2c:97:a5:1b:fd:
         f5:92:f6:ae:15:10:8e:c8:06:e8:30:b5:c7:7a:93:22:97:b7:
         ce:6a:d6:fe:a4:99:c1:71:f8:21:04:66:1d:92:80:71:9e:1d:
         eb:d7:f5:a3:46:5f:94:5d:34:99:f2:e3:45:40:f0:38:4a:63:
         6e:d3:61:69:52:f1:75:9c:d2:ab:99:d1:36:1a:71:53:e0:63:
         9e:fb:4a:90:6f:49:85:be:2a:ef:55:30:c3:6b:5e:30:5c:1b:
         6c:37:16:6c:a6:c1:18:00:a9:c8:e2:ef:72:40:1f:3c:59:34:
         5c:68:b3:19:c6:c6:d2:93:67:21:59:63:9e:ed:e0:32:17:40:
         0f:24:e7:e5:50:d0:28:a3:8c:0b:fc:03:b8:5f:49:63:0a:3d:
         9d:7a:19:51:3a:e9:e1:bd:1e:c2:a8:f4:b9:41:9f:ce:07:be:
         7a:44:99:af:af:b9:76:7a:57:44:f7:af:4b:4c:de:30:d9:f4:
         e9:97:69:7f:09:c0:a0:e6:e4:2b:b4:bd:53:bb:8b:bc:50:4c:
         d8:e7:1a:0f:f3:78:5e:24:b5:f2:5f:45:fc:52:57:18:2a:21:
         5d:0b:6e:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xsA3awHTmu8ocUi0Jz8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwNDI4MTkwMTM5WhcNMjUwNDI5MTkwMTM5WjAzMTEwLwYDVQQD
Eyg3ZjFkYjdkN2MwZTgyOThmZTJjZDRkNDE1NzRhNGVlYmUzNDI5YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQN7Od93QAUiDpf4asIJ17TdckP3
aSaAFQT55p3YYrVKx5LuJmLe+AneaNKi8PYRXsNnI+NUjx9xGle4Nk9NrZBB5Mv+
AM17kjz4DRtvUI3fS1Fyf026iJEXkL02rCUOtLtqbgN9sY7BKubC9gvm36feItA0
IOsVzsrRfxW0jvblaxZtJJ+O1YFSyO/9lnoX8MFCeqPxTuBXdD0Z2QGTEZkz5mbO
j6nC2Kd4mtI+y7lyg3+f44D8F72zry5/lQuS6et4W9P6IdrO6laSOUYj4y31swjY
Zj0IGxmbJWIxjV0lT91MM/ixvOUp+/5gVnJaRqmPri/CW1j2EMN0BTtZbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8dt9fA6CmP4s1NQVdKTuvjQpoxMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiYpvIzEk
0rZTuOKSH/tu8oS5W2dpdzEBxgSCJ1c1LiyXpRv99ZL2rhUQjsgG6DC1x3qTIpe3
zmrW/qSZwXH4IQRmHZKAcZ4d69f1o0ZflF00mfLjRUDwOEpjbtNhaVLxdZzSq5nR
NhpxU+BjnvtKkG9Jhb4q71Uww2teMFwbbDcWbKbBGACpyOLvckAfPFk0XGizGcbG
0pNnIVljnu3gMhdADyTn5VDQKKOMC/wDuF9JYwo9nXoZUTrp4b0ewqj0uUGfzge+
ekSZr6+5dnpXRPevS0zeMNn06ZdpfwnAoObkK7S9U7uLvFBM2OcaD/N4XiS18l9F
/FJXGCohXQtuVg==
-----END CERTIFICATE-----