Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
File:                     pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json)
Hash identifier:          /Ruuh+CGs0q8+Ui5qqGufd94GXmMM/nEL0K2X8vDYwQ=
Subject key identifier:   2B:29:68:3D:1D:9A:6C:56:E2:3C:2A:1C:18:BF:F0:06:8D:55:8C:75
Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46
Certificate issuer:       /CN=a737e290169cfce6a338a66bca45cfe635d15446
Certificate serial:       019D38D2A6E369F6035DBA37047E46E41871
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:22 +0000
Files and hashes:         1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: o9MaKQ0sDf7tPjznUq8/ONQ2UCtor9y4jOTfnOOar50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:a6:e3:69:f6:03:5d:ba:37:04:7e:46:e4:18:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446
        Validity
            Not Before: Mar 29 09:00:22 2026 GMT
            Not After : Mar 30 09:00:22 2026 GMT
        Subject: CN=2b29683d1d9a6c56e23c2a1c18bff0068d558c75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6f:45:c6:28:7d:fe:74:3f:f4:1e:84:3b:ee:
                    b0:cb:12:0b:80:e7:78:06:8a:32:5b:d7:75:64:33:
                    6e:39:fd:ed:de:99:83:61:42:61:32:c8:4b:8a:aa:
                    c3:3c:d1:b5:54:e4:3f:55:c5:ca:9e:61:63:3b:7a:
                    43:58:ba:b4:aa:55:38:28:80:17:1b:d7:2d:e0:29:
                    53:2d:1c:6e:5e:14:42:c4:40:d5:af:34:e6:33:00:
                    13:0c:2d:bb:de:1b:f2:5a:c9:8a:e5:f6:d5:42:da:
                    50:d6:87:c0:65:e6:45:64:f5:0a:93:78:45:ae:54:
                    88:d7:ec:c6:b3:47:56:f5:84:54:27:1a:7d:8c:2e:
                    02:0b:ae:77:27:a1:12:4f:57:3f:68:cf:57:a2:12:
                    5c:c9:af:6e:b4:0c:89:4c:b6:be:08:8c:ac:0a:a5:
                    f1:9e:bf:09:91:a9:3a:e6:3b:64:74:9c:8a:08:d3:
                    00:34:b1:9d:23:82:b0:36:52:92:57:c6:28:77:f8:
                    07:36:56:90:da:ea:bf:8a:ad:5e:c9:db:5b:fe:b6:
                    09:70:aa:9f:bf:64:96:ee:d3:04:bc:ff:b5:77:f8:
                    77:b6:22:13:48:a6:7b:5e:0a:47:8d:61:f6:dc:90:
                    f3:dd:8e:59:cd:28:62:4c:bc:19:85:9f:bd:42:10:
                    12:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:29:68:3D:1D:9A:6C:56:E2:3C:2A:1C:18:BF:F0:06:8D:55:8C:75
            X509v3 Authority Key Identifier:
                keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:f9:10:07:18:80:86:e2:f8:62:2d:48:6e:ff:20:b0:a2:ce:
         54:a9:9f:28:24:52:2f:65:32:3a:50:3d:e9:27:cf:4e:71:02:
         ea:06:e2:13:84:88:de:87:05:bf:96:63:18:63:6a:be:34:d4:
         4c:f4:51:70:e3:18:a7:3e:ac:c0:b4:bc:c6:01:6c:bb:4f:ec:
         71:8c:ef:80:8a:33:c0:37:b2:62:a3:cd:af:4a:10:c9:d5:79:
         6f:76:10:cc:6c:da:c2:9c:92:a0:64:4a:8d:f2:df:21:f4:5f:
         05:ae:82:92:61:2e:b9:36:23:f2:f7:45:ef:b1:01:f9:69:11:
         3f:21:5c:79:06:b7:73:c4:46:dc:8d:6d:4c:64:9c:57:d9:50:
         0a:42:be:56:68:72:3f:0e:a9:39:d4:23:76:cf:15:74:6f:7c:
         cd:49:68:10:0d:e3:7b:8e:60:e0:d4:5b:91:24:5c:b9:79:ae:
         0a:9c:4b:4a:19:56:71:e3:68:66:f1:63:fa:c0:0a:10:a2:93:
         6c:44:b4:f0:8a:fb:94:6c:13:fb:2a:ae:f9:64:a0:60:ef:3b:
         84:2b:d1:01:b1:66:d8:58:81:c1:bc:38:41:f1:ff:91:33:2b:
         60:00:20:d7:b3:79:ec:6f:cc:a3:d5:8f:9f:17:fa:04:66:ca:
         60:35:97:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040qbjafYDXbo3BH5G5BhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk
MTU0NDYwHhcNMjYwMzI5MDkwMDIyWhcNMjYwMzMwMDkwMDIyWjAzMTEwLwYDVQQD
EygyYjI5NjgzZDFkOWE2YzU2ZTIzYzJhMWMxOGJmZjAwNjhkNTU4Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm9Fxih9/nQ/9B6EO+6wyxILgOd4
BooyW9d1ZDNuOf3t3pmDYUJhMshLiqrDPNG1VOQ/VcXKnmFjO3pDWLq0qlU4KIAX
G9ct4ClTLRxuXhRCxEDVrzTmMwATDC273hvyWsmK5fbVQtpQ1ofAZeZFZPUKk3hF
rlSI1+zGs0dW9YRUJxp9jC4CC653J6EST1c/aM9XohJcya9utAyJTLa+CIysCqXx
nr8Jkak65jtkdJyKCNMANLGdI4KwNlKSV8Yod/gHNlaQ2uq/iq1eydtb/rYJcKqf
v2SW7tMEvP+1d/h3tiITSKZ7XgpHjWH23JDz3Y5ZzShiTLwZhZ+9QhAS0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCspaD0dmmxW4jwqHBi/8AaNVYx1MB8GA1UdIwQY
MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt
NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk
LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWvkQBxiA
huL4Yi1Ibv8gsKLOVKmfKCRSL2UyOlA96SfPTnEC6gbiE4SI3ocFv5ZjGGNqvjTU
TPRRcOMYpz6swLS8xgFsu0/scYzvgIozwDeyYqPNr0oQydV5b3YQzGzawpySoGRK
jfLfIfRfBa6CkmEuuTYj8vdF77EB+WkRPyFceQa3c8RG3I1tTGScV9lQCkK+Vmhy
Pw6pOdQjds8VdG98zUloEA3je45g4NRbkSRcuXmuCpxLShlWceNoZvFj+sAKEKKT
bES08Ir7lGwT+yqu+WSgYO87hCvRAbFm2FiBwbw4QfH/kTMrYAAg17N57G/Mo9WP
nxf6BGbKYDWXjA==
-----END CERTIFICATE-----