Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
File:                     pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json)
Hash identifier:          Ix181jQhOlsyD6urhgYSlRdXX1wsMMedPX1gvx3Mguc=
Subject key identifier:   1E:92:4D:6A:C1:39:AB:47:11:2F:C4:BE:FF:6F:CC:18:25:29:C3:3D
Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46
Certificate issuer:       /CN=a737e290169cfce6a338a66bca45cfe635d15446
Certificate serial:       019883C37C9FDC9C907A79752571B13D3F58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
Manifest number:          161C
Signing time:             Thu 07 Aug 2025 09:01:23 +0000
Manifest this update:     Thu 07 Aug 2025 09:01:23 +0000
Manifest next update:     Fri 08 Aug 2025 09:01:23 +0000
Files and hashes:         1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: WzDpaW6vQRPbey3ae7b1faUJxy2jPKohp8qcypZHTgQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 08:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:83:c3:7c:9f:dc:9c:90:7a:79:75:25:71:b1:3d:3f:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446
        Validity
            Not Before: Aug  7 09:01:23 2025 GMT
            Not After : Aug  8 09:01:23 2025 GMT
        Subject: CN=1e924d6ac139ab47112fc4beff6fcc182529c33d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c3:af:0f:f0:10:d9:43:97:5c:e5:bd:f4:6e:
                    5f:76:27:b9:91:68:58:d0:c7:5f:15:a4:53:7c:60:
                    31:1c:3b:d8:f2:04:b9:47:9c:07:0c:b5:5a:e9:52:
                    3f:cf:95:c2:64:fd:83:22:b6:8e:7c:f6:88:41:68:
                    01:fa:83:57:d9:c2:8f:03:73:a2:f5:ea:7d:3a:53:
                    89:73:9d:7e:a6:25:1f:8f:ef:c0:64:e6:55:66:24:
                    3d:c1:dd:8b:3f:58:94:11:b8:66:ea:0b:34:60:84:
                    ec:86:dd:58:e9:e7:2a:16:2e:1b:60:ea:dc:0c:88:
                    62:b4:b4:08:2e:2d:01:9d:ed:b2:9d:4b:4a:9b:d4:
                    4b:a1:39:07:0b:80:79:6c:20:7c:e7:cd:c3:e3:65:
                    91:bb:2f:95:b1:e2:04:43:39:fb:4a:d7:c4:c8:12:
                    b0:d0:c1:3a:97:ff:80:d2:7e:04:8b:dc:bf:fe:74:
                    08:5e:3a:b0:99:f0:db:ac:2e:45:fd:60:e3:17:72:
                    da:ec:44:62:83:28:a2:62:ab:d7:84:b9:b1:c4:1f:
                    63:23:67:e9:a2:57:61:8e:3d:3a:94:dc:e5:40:79:
                    79:c8:44:48:9d:d8:97:60:bf:1e:55:85:09:50:4e:
                    8c:1c:06:17:d1:03:28:a7:b4:7b:70:d3:7f:95:7d:
                    27:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:92:4D:6A:C1:39:AB:47:11:2F:C4:BE:FF:6F:CC:18:25:29:C3:3D
            X509v3 Authority Key Identifier:
                keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:d6:92:67:7f:ca:78:f4:6a:40:79:ae:01:d4:45:8e:f2:42:
         b0:58:38:aa:cc:f1:f5:02:ec:04:9e:c4:93:3b:24:76:59:94:
         c8:48:02:5c:bd:73:ae:11:9b:3c:fb:b9:0c:f4:64:af:21:f1:
         a6:3a:c7:46:bc:fe:01:58:9a:bd:24:0e:c6:bb:2f:a5:d8:a8:
         38:a4:06:85:ed:6f:ac:0b:82:ab:65:28:9a:02:1a:b9:88:7a:
         d6:65:96:ce:35:89:dd:00:b9:14:26:e7:13:49:60:ab:86:98:
         3e:54:09:0c:d6:6a:62:e5:29:eb:68:7f:5b:c7:a8:fb:f2:cf:
         82:23:ba:33:36:f8:5e:ee:fd:79:65:88:ee:c1:88:7c:a2:3e:
         75:32:0a:1d:c6:99:75:16:7c:95:a0:48:e0:27:ce:51:f9:22:
         1e:f9:80:75:9c:a4:95:5e:7d:cd:e0:b7:39:1a:13:b4:36:81:
         9a:26:a3:3e:5e:8d:a9:c0:03:9e:48:33:29:f5:c0:d7:a1:c3:
         da:43:a5:14:66:da:62:5a:d8:df:49:f3:50:2e:39:53:8f:38:
         7c:d0:21:e3:49:9c:fd:73:01:4d:4a:d4:67:6e:ba:72:09:6f:
         8e:f6:99:b1:e0:01:1f:92:d8:fc:8b:d1:52:c7:25:1e:13:14:
         8c:6f:c2:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiDw3yf3JyQenl1JXGxPT9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk
MTU0NDYwHhcNMjUwODA3MDkwMTIzWhcNMjUwODA4MDkwMTIzWjAzMTEwLwYDVQQD
EygxZTkyNGQ2YWMxMzlhYjQ3MTEyZmM0YmVmZjZmY2MxODI1MjljMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsOvD/AQ2UOXXOW99G5fdie5kWhY
0MdfFaRTfGAxHDvY8gS5R5wHDLVa6VI/z5XCZP2DIraOfPaIQWgB+oNX2cKPA3Oi
9ep9OlOJc51+piUfj+/AZOZVZiQ9wd2LP1iUEbhm6gs0YITsht1Y6ecqFi4bYOrc
DIhitLQILi0Bne2ynUtKm9RLoTkHC4B5bCB8583D42WRuy+VseIEQzn7StfEyBKw
0ME6l/+A0n4Ei9y//nQIXjqwmfDbrC5F/WDjF3La7ERigyiiYqvXhLmxxB9jI2fp
oldhjj06lNzlQHl5yERIndiXYL8eVYUJUE6MHAYX0QMop7R7cNN/lX0nvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6STWrBOatHES/Evv9vzBglKcM9MB8GA1UdIwQY
MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt
NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk
LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaNaSZ3/K
ePRqQHmuAdRFjvJCsFg4qszx9QLsBJ7EkzskdlmUyEgCXL1zrhGbPPu5DPRkryHx
pjrHRrz+AViavSQOxrsvpdioOKQGhe1vrAuCq2UomgIauYh61mWWzjWJ3QC5FCbn
E0lgq4aYPlQJDNZqYuUp62h/W8eo+/LPgiO6Mzb4Xu79eWWI7sGIfKI+dTIKHcaZ
dRZ8laBI4CfOUfkiHvmAdZyklV59zeC3ORoTtDaBmiajPl6NqcADnkgzKfXA16HD
2kOlFGbaYlrY30nzUC45U484fNAh40mc/XMBTUrUZ266cglvjvaZseABH5LY/IvR
UsclHhMUjG/Cdw==
-----END CERTIFICATE-----