Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
File:                     pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json)
Hash identifier:          iT9NVl7DYew8flcuUmthcWf1kTvrnppKXYf2Tc8NllA=
Subject key identifier:   B3:AB:FC:06:C3:A3:2C:AA:42:2F:BC:CA:45:F0:F6:04:AC:47:49:03
Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46
Certificate issuer:       /CN=a737e290169cfce6a338a66bca45cfe635d15446
Certificate serial:       0197470BCDBA39D45D0967CBD4BEAD9EA87B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
Manifest number:          1578
Signing time:             Fri 06 Jun 2025 21:00:45 +0000
Manifest this update:     Fri 06 Jun 2025 21:00:45 +0000
Manifest next update:     Sat 07 Jun 2025 21:00:45 +0000
Files and hashes:         1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: fuC2NiefSp9stMDnsyvtf9MT72xaP/Z3teNA0oLtP38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0b:cd:ba:39:d4:5d:09:67:cb:d4:be:ad:9e:a8:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446
        Validity
            Not Before: Jun  6 21:00:45 2025 GMT
            Not After : Jun  7 21:00:45 2025 GMT
        Subject: CN=b3abfc06c3a32caa422fbcca45f0f604ac474903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d9:df:16:df:4d:0a:d2:dc:21:18:57:ae:82:
                    91:3c:35:0f:06:c7:07:75:b0:86:89:3a:eb:a0:72:
                    17:89:68:46:a5:d7:0c:a2:72:ec:64:05:71:45:1a:
                    2e:3d:24:19:e6:3f:c8:ad:c0:85:15:88:de:bc:f0:
                    53:40:a4:4b:04:c7:8a:44:2f:7a:f6:4f:55:79:6a:
                    29:c9:9d:21:a5:0d:f3:85:1e:26:03:7f:49:be:6b:
                    6d:e4:cb:c2:68:02:58:56:c7:fe:2c:92:0f:e4:07:
                    9c:1e:2e:d0:13:56:86:e8:6e:71:74:6d:3c:2e:c3:
                    e5:dc:5d:24:82:12:70:75:e8:8d:4e:8a:1a:e4:d3:
                    aa:ef:d8:75:c5:d4:e1:67:53:ef:72:5a:bc:9b:eb:
                    5b:e8:81:9f:17:3d:51:34:2d:34:c6:f0:d0:60:21:
                    5c:44:7f:9d:da:51:bc:03:a9:d1:00:62:eb:54:45:
                    8e:8d:ee:31:2f:db:76:20:cc:cd:ef:db:24:2b:c4:
                    ac:65:b8:e5:8d:35:08:80:2d:62:c3:3d:45:ec:ad:
                    22:e0:94:04:2f:f5:06:cf:b6:4a:30:85:c4:2f:26:
                    cc:b3:35:25:bc:0c:7e:cf:7f:01:85:51:be:ae:48:
                    d0:02:1b:c3:fa:39:a4:f8:3d:f1:9c:53:7f:9a:1b:
                    16:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:AB:FC:06:C3:A3:2C:AA:42:2F:BC:CA:45:F0:F6:04:AC:47:49:03
            X509v3 Authority Key Identifier:
                keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:a2:2b:96:6b:c5:de:64:be:19:e7:91:8b:26:d6:27:6a:d1:
         26:2d:58:b7:43:ee:69:2d:58:8d:78:95:cf:3f:1d:28:cb:83:
         d5:6a:7e:7f:d9:97:15:56:da:25:ba:5a:3a:5d:9c:ec:a7:3f:
         da:0e:df:c5:d5:72:36:dc:d4:4f:4a:cd:bf:f3:5e:6d:1a:f7:
         e2:9e:bb:21:49:e4:74:eb:53:57:40:e8:58:03:3f:1f:55:5b:
         cb:05:95:c4:ea:9b:46:72:e8:8e:7a:62:74:70:82:c4:4c:86:
         0a:98:eb:4e:ad:ab:85:66:b6:94:d4:1b:57:86:97:34:df:6d:
         e2:db:ce:b3:b2:3d:78:53:c2:75:45:dd:60:20:77:4a:92:f0:
         22:33:57:4b:61:0c:dd:f2:07:af:2f:e5:9f:b4:fa:a1:a1:55:
         bf:7b:5e:43:ac:ed:ca:11:a6:ee:98:89:0e:85:b6:42:e9:45:
         da:3f:10:d7:62:13:2e:26:d9:b1:67:09:11:af:c9:43:e2:70:
         40:47:8d:6a:1e:73:f9:f6:0c:6a:9e:f0:50:72:0f:6c:ff:e6:
         ba:ec:ab:f1:da:07:22:b1:ef:7c:37:39:df:32:c7:2f:29:0e:
         e0:c7:d0:e9:4d:ae:43:f1:55:c8:22:b6:54:0b:5a:3d:5d:1a:
         64:b5:65:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC826OdRdCWfL1L6tnqh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk
MTU0NDYwHhcNMjUwNjA2MjEwMDQ1WhcNMjUwNjA3MjEwMDQ1WjAzMTEwLwYDVQQD
EyhiM2FiZmMwNmMzYTMyY2FhNDIyZmJjY2E0NWYwZjYwNGFjNDc0OTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9nfFt9NCtLcIRhXroKRPDUPBscH
dbCGiTrroHIXiWhGpdcMonLsZAVxRRouPSQZ5j/IrcCFFYjevPBTQKRLBMeKRC96
9k9VeWopyZ0hpQ3zhR4mA39Jvmtt5MvCaAJYVsf+LJIP5AecHi7QE1aG6G5xdG08
LsPl3F0kghJwdeiNTooa5NOq79h1xdThZ1Pvclq8m+tb6IGfFz1RNC00xvDQYCFc
RH+d2lG8A6nRAGLrVEWOje4xL9t2IMzN79skK8SsZbjljTUIgC1iwz1F7K0i4JQE
L/UGz7ZKMIXELybMszUlvAx+z38BhVG+rkjQAhvD+jmk+D3xnFN/mhsWDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOr/AbDoyyqQi+8ykXw9gSsR0kDMB8GA1UdIwQY
MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt
NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk
LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQqIrlmvF
3mS+GeeRiybWJ2rRJi1Yt0PuaS1YjXiVzz8dKMuD1Wp+f9mXFVbaJbpaOl2c7Kc/
2g7fxdVyNtzUT0rNv/NebRr34p67IUnkdOtTV0DoWAM/H1VbywWVxOqbRnLojnpi
dHCCxEyGCpjrTq2rhWa2lNQbV4aXNN9t4tvOs7I9eFPCdUXdYCB3SpLwIjNXS2EM
3fIHry/ln7T6oaFVv3teQ6ztyhGm7piJDoW2QulF2j8Q12ITLibZsWcJEa/JQ+Jw
QEeNah5z+fYMap7wUHIPbP/muuyr8doHIrHvfDc53zLHLykO4MfQ6U2uQ/FVyCK2
VAtaPV0aZLVltw==
-----END CERTIFICATE-----