Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
File:                     pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json)
Hash identifier:          PfUfxjqBe6D9PpyhTBtzSdLgZmy96B/nhHYy0+0GJhE=
Subject key identifier:   F5:47:7D:69:B5:95:CB:0A:83:40:52:15:01:F2:E4:E3:6F:30:A5:49
Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46
Certificate issuer:       /CN=a737e290169cfce6a338a66bca45cfe635d15446
Certificate serial:       019356F6B8B7D5EC15594B8BF365CC361DB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
Manifest number:          136E
Signing time:             Sat 23 Nov 2024 03:00:29 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:29 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:29 +0000
Files and hashes:         1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: I3vbNmmF2Sms7z9fQ8KyHUiFtXKcVnfrIgBWDvAArog=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:b8:b7:d5:ec:15:59:4b:8b:f3:65:cc:36:1d:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446
        Validity
            Not Before: Nov 23 03:00:29 2024 GMT
            Not After : Nov 24 03:00:29 2024 GMT
        Subject: CN=f5477d69b595cb0a8340521501f2e4e36f30a549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:48:36:69:df:a4:2a:97:8c:c2:43:d0:9e:53:
                    7e:94:2b:3d:21:81:a0:e2:c6:2d:d6:c2:b0:32:6c:
                    a7:b9:92:24:e2:50:d7:04:1b:54:00:74:01:34:77:
                    4c:95:2b:91:6c:78:9c:df:6a:23:f0:83:fe:3d:96:
                    79:db:a5:c5:7f:ec:7e:9c:73:17:48:4f:1b:94:7b:
                    dc:4a:7f:8e:d6:79:d9:e6:7e:95:df:ea:65:f0:3d:
                    21:57:08:ae:c1:50:87:c5:da:69:a5:87:e6:d9:20:
                    b3:67:e4:1a:f4:47:fa:17:12:b3:cf:4d:a3:ec:a8:
                    4e:f6:b8:80:ff:64:d8:c1:3f:5a:88:3f:15:d2:e8:
                    cf:14:ca:f9:07:6f:2a:93:8f:dd:94:ae:92:a1:0b:
                    b1:45:1c:ad:61:27:a5:9c:b7:5a:dc:2b:b4:0e:4c:
                    fb:37:f5:ad:21:c1:19:05:af:2d:3f:5e:2a:b1:c5:
                    80:3d:f2:0f:89:f0:d4:53:71:e9:bb:ac:28:f0:8b:
                    91:0a:87:44:3c:5c:0e:d2:be:c7:75:d9:ac:a1:e8:
                    e8:59:c3:e5:fe:45:0c:6e:eb:35:b9:79:5a:78:60:
                    a8:ba:3b:a0:a3:8e:c8:83:dd:43:af:9f:2a:a7:f1:
                    03:b4:0e:b0:0b:16:47:77:42:27:6a:12:2c:23:e1:
                    a3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:47:7D:69:B5:95:CB:0A:83:40:52:15:01:F2:E4:E3:6F:30:A5:49
            X509v3 Authority Key Identifier:
                keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:95:48:a0:b4:87:c9:95:79:59:1b:da:a7:43:ed:2c:9f:55:
         79:be:41:f9:e4:a3:5f:9c:8a:09:c7:f4:c8:d0:8e:46:7c:dc:
         7a:a6:8b:95:10:36:09:2b:be:71:dc:2e:db:f6:54:fd:d8:2b:
         66:be:3c:b4:05:d3:bd:a9:5a:79:1a:67:3c:21:b6:fd:37:25:
         4a:c5:cd:52:eb:0e:80:b9:61:bd:f9:9c:68:c7:20:a2:ad:bb:
         f6:15:95:b1:3d:eb:ee:e9:7d:84:5e:3f:19:4f:bd:3b:d3:dd:
         72:c0:40:03:b6:54:78:24:8d:68:64:58:e3:df:f1:a8:09:d2:
         7e:b6:a9:1d:bd:85:51:bb:4e:21:97:ae:49:b3:3c:f2:80:9a:
         37:8d:59:7f:84:4d:41:44:ea:1b:b9:db:de:e0:ae:b4:28:17:
         dd:05:ad:20:ed:0b:bc:1b:af:f2:03:3d:64:1b:93:a5:8e:fe:
         d5:a6:84:ae:19:d1:62:a7:ef:a4:3e:86:17:dd:10:18:f2:27:
         97:9e:84:5c:b6:b7:c3:8e:e8:ee:cc:76:10:3c:b4:f9:a6:cd:
         9d:53:e2:de:ea:cb:90:60:4a:8d:9d:a7:08:56:a5:93:10:c5:
         15:dc:7d:af:52:99:3e:21:50:ac:a0:7a:05:4d:49:06:c1:56:
         89:47:2c:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9ri31ewVWUuL82XMNh23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk
MTU0NDYwHhcNMjQxMTIzMDMwMDI5WhcNMjQxMTI0MDMwMDI5WjAzMTEwLwYDVQQD
EyhmNTQ3N2Q2OWI1OTVjYjBhODM0MDUyMTUwMWYyZTRlMzZmMzBhNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskg2ad+kKpeMwkPQnlN+lCs9IYGg
4sYt1sKwMmynuZIk4lDXBBtUAHQBNHdMlSuRbHic32oj8IP+PZZ526XFf+x+nHMX
SE8blHvcSn+O1nnZ5n6V3+pl8D0hVwiuwVCHxdpppYfm2SCzZ+Qa9Ef6FxKzz02j
7KhO9riA/2TYwT9aiD8V0ujPFMr5B28qk4/dlK6SoQuxRRytYSelnLda3Cu0Dkz7
N/WtIcEZBa8tP14qscWAPfIPifDUU3Hpu6wo8IuRCodEPFwO0r7HddmsoejoWcPl
/kUMbus1uXlaeGCoujugo47Ig91Dr58qp/EDtA6wCxZHd0InahIsI+Gj8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVHfWm1lcsKg0BSFQHy5ONvMKVJMB8GA1UdIwQY
MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt
NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk
LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbJVIoLSH
yZV5WRvap0PtLJ9Veb5B+eSjX5yKCcf0yNCORnzceqaLlRA2CSu+cdwu2/ZU/dgr
Zr48tAXTvalaeRpnPCG2/TclSsXNUusOgLlhvfmcaMcgoq279hWVsT3r7ul9hF4/
GU+9O9PdcsBAA7ZUeCSNaGRY49/xqAnSfrapHb2FUbtOIZeuSbM88oCaN41Zf4RN
QUTqG7nb3uCutCgX3QWtIO0LvBuv8gM9ZBuTpY7+1aaErhnRYqfvpD6GF90QGPIn
l56EXLa3w47o7sx2EDy0+abNnVPi3urLkGBKjZ2nCFalkxDFFdx9r1KZPiFQrKB6
BU1JBsFWiUcsdg==
-----END CERTIFICATE-----