Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File:                     hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier:          dg7ANsIrJMXQ1RWbVQmVpOSuCfI7vePplU890UKeJr0=
Subject key identifier:   C2:7B:B3:CF:AD:9F:6A:F5:2C:2F:20:35:C1:27:84:0D:44:37:86:64
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer:       /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial:       019A4EF4ADEF20B5FBE61E89C1E96EACA559
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number:          1107
Signing time:             Tue 04 Nov 2025 13:00:49 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:49 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:49 +0000
Files and hashes:         1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: aJ0F0LzUv5HYfI9yJ/fmp2iurpvprSwfvmCIMY4t4co=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:ad:ef:20:b5:fb:e6:1e:89:c1:e9:6e:ac:a5:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
        Validity
            Not Before: Nov  4 13:00:49 2025 GMT
            Not After : Nov  5 13:00:49 2025 GMT
        Subject: CN=c27bb3cfad9f6af52c2f2035c127840d44378664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:07:db:01:26:e1:fd:be:b2:16:7d:95:ad:7a:
                    a2:04:c5:2a:41:92:e5:5f:fb:92:34:bc:8f:d4:55:
                    3a:9d:d5:d8:65:fa:88:a5:94:05:1b:ed:9d:69:bc:
                    c2:95:39:82:65:2a:a8:4b:ee:c5:64:94:a6:d3:af:
                    ce:04:7d:22:4a:18:c5:67:90:55:61:78:e9:ea:f8:
                    e9:32:12:dc:ce:71:8d:63:57:fe:0b:c4:cd:87:dd:
                    e7:53:78:7a:44:29:16:9f:31:32:cf:3f:b5:13:07:
                    f7:4a:18:fa:ab:4f:93:44:ac:2f:6c:ad:15:7e:76:
                    91:1a:c1:98:25:8f:a1:a5:a0:54:35:46:b8:7a:48:
                    96:4a:51:9c:ef:b1:d7:a8:ab:f0:87:b6:cb:18:8d:
                    11:75:b6:9b:24:f0:56:7c:64:52:d5:a9:7d:c1:22:
                    54:d6:72:b9:6e:2f:d3:6f:fc:95:a4:40:7c:3f:95:
                    de:a0:3f:1c:de:66:6c:6e:7d:ae:d7:81:db:22:87:
                    e1:da:16:88:ca:c8:22:54:84:90:ba:fe:05:50:92:
                    75:59:a5:dd:1d:08:7f:b4:86:ee:d3:db:91:7e:da:
                    0a:fd:28:7e:dd:37:da:63:31:27:b1:e1:36:d4:0d:
                    bc:57:41:7d:76:4a:fe:15:9b:d3:73:c1:7e:5b:72:
                    6e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:7B:B3:CF:AD:9F:6A:F5:2C:2F:20:35:C1:27:84:0D:44:37:86:64
            X509v3 Authority Key Identifier:
                keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:35:1f:51:a0:8e:b8:1a:34:fa:46:da:f6:6b:c3:db:3e:c2:
         bc:05:29:10:da:87:d2:ae:49:83:7a:06:32:60:d2:30:5a:4e:
         0a:d7:73:9b:e6:47:0c:d7:31:ab:a6:01:dd:7b:25:45:3b:34:
         a6:67:e5:f0:7e:63:59:e3:57:1c:e8:72:cc:29:86:de:07:94:
         d2:99:b1:68:2a:66:ba:67:b0:9d:a6:64:61:cb:14:56:61:f9:
         46:94:9f:94:c6:db:f5:d7:93:ae:45:b5:10:88:9b:30:05:d3:
         9b:05:d5:d8:ec:72:f6:1e:0a:a2:87:ad:94:97:33:6f:0f:b8:
         29:62:44:e3:93:c0:92:72:33:e8:03:23:dc:de:d2:d0:60:ca:
         6f:fa:d2:69:f6:f5:0f:b6:b2:e8:e7:6e:6d:1c:28:54:2a:e7:
         5e:3b:d3:15:b7:de:9a:d3:96:af:98:4b:97:c3:f4:24:eb:ec:
         f0:31:96:8a:56:e6:da:c0:b8:f9:db:b3:9d:99:a2:db:1d:46:
         9e:40:e8:4c:ee:48:84:1e:65:b4:35:6e:ad:6d:ad:21:51:69:
         cf:05:71:c6:62:cd:85:6c:ba:f2:4f:c3:ea:3c:1e:73:cd:0c:
         a7:a2:4a:0f:55:0a:e6:ca:3f:58:a2:bb:62:5b:97:d0:fc:7e:
         fd:1a:44:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9K3vILX75h6JwelurKVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUxMTA0MTMwMDQ5WhcNMjUxMTA1MTMwMDQ5WjAzMTEwLwYDVQQD
EyhjMjdiYjNjZmFkOWY2YWY1MmMyZjIwMzVjMTI3ODQwZDQ0Mzc4NjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgfbASbh/b6yFn2VrXqiBMUqQZLl
X/uSNLyP1FU6ndXYZfqIpZQFG+2dabzClTmCZSqoS+7FZJSm06/OBH0iShjFZ5BV
YXjp6vjpMhLcznGNY1f+C8TNh93nU3h6RCkWnzEyzz+1Ewf3Shj6q0+TRKwvbK0V
fnaRGsGYJY+hpaBUNUa4ekiWSlGc77HXqKvwh7bLGI0RdbabJPBWfGRS1al9wSJU
1nK5bi/Tb/yVpEB8P5XeoD8c3mZsbn2u14HbIofh2haIysgiVISQuv4FUJJ1WaXd
HQh/tIbu09uRftoK/Sh+3TfaYzEnseE21A28V0F9dkr+FZvTc8F+W3JuswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJ7s8+tn2r1LC8gNcEnhA1EN4ZkMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbjUfUaCO
uBo0+kba9mvD2z7CvAUpENqH0q5Jg3oGMmDSMFpOCtdzm+ZHDNcxq6YB3XslRTs0
pmfl8H5jWeNXHOhyzCmG3geU0pmxaCpmumewnaZkYcsUVmH5RpSflMbb9deTrkW1
EIibMAXTmwXV2Oxy9h4KooetlJczbw+4KWJE45PAknIz6AMj3N7S0GDKb/rSafb1
D7ay6OdubRwoVCrnXjvTFbfemtOWr5hLl8P0JOvs8DGWilbm2sC4+duznZmi2x1G
nkDoTO5IhB5ltDVurW2tIVFpzwVxxmLNhWy68k/D6jwec80Mp6JKD1UK5so/WKK7
YluX0Px+/RpEnA==
-----END CERTIFICATE-----