Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
File:                     pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json)
Hash identifier:          ZZ8JmFMOqJVglseMXtAutji3Cer7/aQIm1PI0+j51Fk=
Subject key identifier:   F5:BA:85:1F:3A:C6:4E:E0:5F:98:85:5E:88:D5:3D:36:B5:2F:B7:7B
Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46
Certificate issuer:       /CN=a737e290169cfce6a338a66bca45cfe635d15446
Certificate serial:       019651C8A7FF613318E4280FEF1E19C2DE4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 06:00:26 +0000
Manifest this update:     Sun 20 Apr 2025 06:00:26 +0000
Manifest next update:     Mon 21 Apr 2025 06:00:26 +0000
Files and hashes:         1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: QkCjAPDs21+CljlBlClnkj1VX38pLCxldZDK7wOnBco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 06:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:c8:a7:ff:61:33:18:e4:28:0f:ef:1e:19:c2:de:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446
        Validity
            Not Before: Apr 20 06:00:26 2025 GMT
            Not After : Apr 21 06:00:26 2025 GMT
        Subject: CN=f5ba851f3ac64ee05f98855e88d53d36b52fb77b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:21:a5:91:22:96:bd:85:75:c4:15:e7:5e:6c:
                    1f:dc:bd:ae:c6:c9:79:29:76:6b:4e:2a:fc:df:c0:
                    9f:ca:35:25:fc:fc:7e:b3:51:3b:85:f4:8d:5e:ef:
                    0b:61:40:0a:59:08:26:17:81:25:48:0f:6e:7d:00:
                    e3:5f:7c:d3:63:3a:9e:95:64:ec:57:65:48:b5:65:
                    1b:5c:ea:80:0b:6e:18:78:e7:ed:df:20:ac:fe:00:
                    8c:86:c0:20:7f:89:69:9a:1c:c3:ef:18:00:c1:74:
                    b0:67:04:00:0f:db:0a:d3:ae:2a:8c:73:54:c1:69:
                    a8:9a:d2:6f:d9:4f:79:c4:62:f5:93:d4:36:75:89:
                    81:d5:27:eb:7d:c5:29:c5:a9:16:e6:12:8c:9f:32:
                    3f:03:eb:55:c7:ea:b4:4a:e4:aa:32:cc:83:95:b8:
                    bb:53:a5:8e:31:d3:c1:f7:ca:3a:68:45:86:fc:c2:
                    20:fc:7b:31:14:3b:51:45:12:ea:20:44:95:3a:5b:
                    88:6f:68:39:28:7e:97:0f:b9:ba:0c:08:48:a7:a1:
                    6f:a7:2e:6d:81:61:80:3e:b6:c8:2c:90:b9:98:a1:
                    a2:fb:be:6f:f5:d3:86:f7:55:db:47:dd:e1:dc:ee:
                    ed:9e:8c:1d:a0:a6:5d:12:35:ef:e2:14:34:18:79:
                    d1:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:BA:85:1F:3A:C6:4E:E0:5F:98:85:5E:88:D5:3D:36:B5:2F:B7:7B
            X509v3 Authority Key Identifier:
                keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:5e:9e:3c:17:1a:ff:eb:32:4d:2e:3a:74:f3:d7:a2:03:72:
         3b:ed:21:2d:1d:a6:c3:46:3f:7a:a7:70:18:ec:8b:7f:4a:6d:
         91:7a:a7:97:92:0c:42:3d:1d:3a:2c:e7:94:ab:e5:18:d2:83:
         75:a1:46:7f:2d:e3:ff:76:d9:2a:8c:0f:b0:09:2d:1d:85:8e:
         dd:b6:45:71:51:96:a1:54:f2:c8:9b:bc:76:c2:8f:7d:9d:b4:
         0e:89:71:f4:c6:dc:e4:e9:60:a6:c3:82:aa:ab:1d:11:27:23:
         16:17:13:e5:7e:ce:30:3d:ec:15:b4:92:74:e7:ce:1c:03:65:
         b0:d0:b7:61:7b:48:ac:33:8f:70:7a:49:82:9a:8f:6a:6c:45:
         5c:16:fb:c0:98:ed:be:39:3c:ae:3b:cd:b7:b9:cd:87:2a:39:
         9a:c1:47:80:df:a3:fc:11:fa:cc:a1:5f:34:e5:21:d7:a3:4d:
         60:f0:c6:23:03:76:85:0c:b9:71:55:0a:25:08:02:78:68:55:
         ba:79:eb:1d:c0:7a:f7:c9:6d:ae:ee:a3:27:b4:a1:9d:8d:17:
         28:0a:9f:1b:04:d1:43:87:ec:19:4c:8f:5f:55:d8:b4:e0:03:
         49:4b:55:f5:90:fd:44:15:df:74:03:18:6f:44:77:29:55:53:
         7d:b9:5a:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRyKf/YTMY5CgP7x4Zwt5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk
MTU0NDYwHhcNMjUwNDIwMDYwMDI2WhcNMjUwNDIxMDYwMDI2WjAzMTEwLwYDVQQD
EyhmNWJhODUxZjNhYzY0ZWUwNWY5ODg1NWU4OGQ1M2QzNmI1MmZiNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CGlkSKWvYV1xBXnXmwf3L2uxsl5
KXZrTir838CfyjUl/Px+s1E7hfSNXu8LYUAKWQgmF4ElSA9ufQDjX3zTYzqelWTs
V2VItWUbXOqAC24YeOft3yCs/gCMhsAgf4lpmhzD7xgAwXSwZwQAD9sK064qjHNU
wWmomtJv2U95xGL1k9Q2dYmB1SfrfcUpxakW5hKMnzI/A+tVx+q0SuSqMsyDlbi7
U6WOMdPB98o6aEWG/MIg/HsxFDtRRRLqIESVOluIb2g5KH6XD7m6DAhIp6Fvpy5t
gWGAPrbILJC5mKGi+75v9dOG91XbR93h3O7tnowdoKZdEjXv4hQ0GHnRVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPW6hR86xk7gX5iFXojVPTa1L7d7MB8GA1UdIwQY
MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt
NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk
LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFl6ePBca
/+syTS46dPPXogNyO+0hLR2mw0Y/eqdwGOyLf0ptkXqnl5IMQj0dOiznlKvlGNKD
daFGfy3j/3bZKowPsAktHYWO3bZFcVGWoVTyyJu8dsKPfZ20Dolx9Mbc5OlgpsOC
qqsdEScjFhcT5X7OMD3sFbSSdOfOHANlsNC3YXtIrDOPcHpJgpqPamxFXBb7wJjt
vjk8rjvNt7nNhyo5msFHgN+j/BH6zKFfNOUh16NNYPDGIwN2hQy5cVUKJQgCeGhV
unnrHcB698ltru6jJ7ShnY0XKAqfGwTRQ4fsGUyPX1XYtOADSUtV9ZD9RBXfdAMY
b0R3KVVTfblaUA==
-----END CERTIFICATE-----