Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          YgC80ERlV8Mb+F8ID3Fa5u+8yxr1Jw3xEkFh+W/OfvI=
Subject key identifier:   F9:83:E2:A5:33:D2:3D:56:5C:BE:78:05:F7:89:8E:D5:3E:EA:C7:34
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       019CAB6B9C47A906D7908414D9A7EA0FD8D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          1240
Signing time:             Sun 01 Mar 2026 22:01:22 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:22 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:22 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: mhmUe15ukC6rz7VDnZYrVUm+8XXitZPQrMTEU2x7KGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:9c:47:a9:06:d7:90:84:14:d9:a7:ea:0f:d8:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Mar  1 22:01:22 2026 GMT
            Not After : Mar  2 22:01:22 2026 GMT
        Subject: CN=f983e2a533d23d565cbe7805f7898ed53eeac734
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:15:03:05:f0:1b:ef:32:dd:64:08:3f:ce:eb:
                    06:1a:ee:52:f2:97:01:aa:e8:7e:fd:be:75:04:41:
                    73:48:68:67:29:93:2b:ea:0e:39:7d:5b:84:99:5a:
                    11:2a:91:9b:69:74:c5:27:96:d2:d1:8f:c2:0b:2e:
                    d0:95:f5:f4:87:0b:76:b9:a2:1b:f5:a6:fb:19:74:
                    15:e3:d4:93:4a:f6:c1:d5:3b:94:2a:22:35:3c:e5:
                    b8:e5:43:58:a9:bc:8b:38:18:5b:13:a5:1b:6f:b1:
                    6e:81:b3:ce:1e:80:c2:e6:8a:63:1c:be:3c:3f:a1:
                    79:f6:90:23:4d:70:07:22:1e:e0:5d:20:52:b8:47:
                    16:53:4b:83:3a:27:b3:66:90:6c:80:cd:a4:0d:cd:
                    3b:f7:ba:81:dc:12:f0:b6:0f:4c:86:9c:c6:c5:e3:
                    1d:ff:89:ad:2c:4a:94:01:3c:9d:f1:66:61:a2:e6:
                    56:11:6b:ae:be:5a:3c:f0:01:9b:8b:b3:b0:a4:de:
                    44:b1:cf:95:84:74:98:b6:98:f2:18:8f:a7:0f:74:
                    f9:fc:ca:d1:c5:70:c7:2a:16:c2:a8:6f:ee:45:fc:
                    fc:9a:ca:05:ed:e7:d4:0a:88:fb:56:5b:de:c6:67:
                    9e:db:3a:54:af:93:f6:5c:38:ca:6f:52:a0:41:a2:
                    46:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:83:E2:A5:33:D2:3D:56:5C:BE:78:05:F7:89:8E:D5:3E:EA:C7:34
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:55:ff:14:5d:d6:2e:87:af:a4:54:9e:a2:26:0f:fd:b9:66:
         21:a2:3b:79:ec:76:01:44:96:2b:fb:66:77:8c:85:a2:af:9f:
         70:f2:5a:35:b3:c3:4a:76:cb:e3:e5:af:2b:0a:aa:7d:71:b5:
         f9:94:da:fa:a3:22:64:bf:16:c5:88:61:8d:79:8c:1b:e5:3f:
         74:bf:79:3b:a2:d9:dd:0f:fe:bc:8e:a0:bf:d9:73:8a:47:d0:
         79:13:59:64:de:9f:f4:4f:72:80:2c:0c:6e:bc:fe:17:5c:10:
         0f:a2:9d:ac:1a:ba:8c:91:06:e7:5a:ba:0c:e8:25:b5:da:77:
         b4:65:f2:bb:42:3b:72:ae:a4:d9:3b:9f:52:79:4c:a1:3f:db:
         cb:86:49:dc:ac:65:86:48:a1:78:e2:98:f2:b3:09:b0:00:6b:
         26:73:33:98:d8:4c:06:9c:e7:cc:5f:9e:08:c9:50:e6:37:3b:
         28:4a:31:b8:b1:12:96:2c:4a:b1:b4:87:45:04:e3:03:da:e5:
         34:88:68:25:d1:a8:c2:01:1d:e0:77:78:35:98:fa:c9:49:81:
         5a:68:b9:5a:90:9f:a7:72:7d:c0:7b:1e:10:81:4a:51:71:90:
         66:8b:dc:c1:2f:6c:4e:6b:3f:03:70:78:d9:f7:cc:0a:d7:53:
         01:6c:5d:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5xHqQbXkIQU2afqD9jTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjYwMzAxMjIwMTIyWhcNMjYwMzAyMjIwMTIyWjAzMTEwLwYDVQQD
EyhmOTgzZTJhNTMzZDIzZDU2NWNiZTc4MDVmNzg5OGVkNTNlZWFjNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxUDBfAb7zLdZAg/zusGGu5S8pcB
quh+/b51BEFzSGhnKZMr6g45fVuEmVoRKpGbaXTFJ5bS0Y/CCy7QlfX0hwt2uaIb
9ab7GXQV49STSvbB1TuUKiI1POW45UNYqbyLOBhbE6Ubb7FugbPOHoDC5opjHL48
P6F59pAjTXAHIh7gXSBSuEcWU0uDOiezZpBsgM2kDc0797qB3BLwtg9MhpzGxeMd
/4mtLEqUATyd8WZhouZWEWuuvlo88AGbi7OwpN5Esc+VhHSYtpjyGI+nD3T5/MrR
xXDHKhbCqG/uRfz8msoF7efUCoj7Vlvexmee2zpUr5P2XDjKb1KgQaJGeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmD4qUz0j1WXL54BfeJjtU+6sc0MB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYlX/FF3W
LoevpFSeoiYP/blmIaI7eex2AUSWK/tmd4yFoq+fcPJaNbPDSnbL4+WvKwqqfXG1
+ZTa+qMiZL8WxYhhjXmMG+U/dL95O6LZ3Q/+vI6gv9lzikfQeRNZZN6f9E9ygCwM
brz+F1wQD6KdrBq6jJEG51q6DOgltdp3tGXyu0I7cq6k2TufUnlMoT/by4ZJ3Kxl
hkiheOKY8rMJsABrJnMzmNhMBpznzF+eCMlQ5jc7KEoxuLESlixKsbSHRQTjA9rl
NIhoJdGowgEd4Hd4NZj6yUmBWmi5WpCfp3J9wHseEIFKUXGQZovcwS9sTms/A3B4
2ffMCtdTAWxd3w==
-----END CERTIFICATE-----