Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
File:                     pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json)
Hash identifier:          YWdNBs0f+27VBu5YaEfphWcBEO8JFZwi48i15oxdbgM=
Subject key identifier:   59:DD:EF:DA:D9:E9:17:AA:44:C0:5A:85:B8:18:0C:B6:80:15:F9:D4
Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46
Certificate issuer:       /CN=a737e290169cfce6a338a66bca45cfe635d15446
Certificate serial:       019CABD8E75FC128CA5EAE0EF10662052AAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 00:00:44 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:44 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:44 +0000
Files and hashes:         1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: yw5SiJK/zR1JY7mGKFelfpukejW9YDKNCNlT6SrRs4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d8:e7:5f:c1:28:ca:5e:ae:0e:f1:06:62:05:2a:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446
        Validity
            Not Before: Mar  2 00:00:44 2026 GMT
            Not After : Mar  3 00:00:44 2026 GMT
        Subject: CN=59ddefdad9e917aa44c05a85b8180cb68015f9d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b5:46:bd:70:b8:51:04:2d:e0:b3:01:4f:f2:
                    b0:71:2d:a3:75:d1:6c:a4:7a:f8:d9:9b:b7:26:2d:
                    29:a9:9a:de:cb:14:6d:40:f3:77:a6:dc:60:64:93:
                    94:df:8b:79:e8:63:59:2d:a4:dd:6b:15:49:25:25:
                    82:df:f3:67:3f:3d:dc:fa:d9:e5:20:ef:ba:3b:89:
                    87:1c:09:62:e6:ab:8f:48:b6:35:09:68:92:87:9b:
                    32:94:08:e7:34:e5:14:6a:31:1a:2d:2c:cf:50:68:
                    37:77:f3:5e:c3:48:47:4b:40:18:29:10:1e:40:39:
                    1e:4c:b5:8a:5a:b2:87:ed:6c:48:1b:9a:b9:86:fb:
                    2a:a0:51:18:0b:a0:9b:eb:f5:4f:ce:3d:4e:1f:d6:
                    6f:5d:4c:02:81:a9:32:34:f3:51:2c:da:04:1d:62:
                    07:2c:9c:30:3b:df:7f:d4:29:98:d6:9f:9e:38:c6:
                    2f:a5:05:ee:f9:77:47:e7:2f:da:de:81:01:ae:2f:
                    cd:7d:54:a4:b3:19:3f:a2:19:73:94:41:91:20:90:
                    a6:98:b2:c5:28:fa:a3:3d:3a:63:57:6f:a4:ec:d3:
                    15:60:28:b0:69:7e:9e:7c:3d:87:35:ff:e5:c4:56:
                    16:2d:64:6f:64:91:00:2d:31:3a:a4:35:61:6f:25:
                    e3:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:DD:EF:DA:D9:E9:17:AA:44:C0:5A:85:B8:18:0C:B6:80:15:F9:D4
            X509v3 Authority Key Identifier:
                keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:38:a1:23:90:7d:75:3c:3c:a7:2d:9b:ca:64:15:45:a5:42:
         81:dc:c1:e7:65:f5:a6:08:7c:83:db:04:e3:f3:6c:45:e9:2b:
         c0:ed:c0:ad:e1:9e:e9:fb:98:a9:d4:c8:02:b8:3d:18:1c:64:
         dc:b3:48:58:c7:2f:03:9f:b9:ea:72:36:67:4c:70:8a:11:e6:
         1e:13:d3:b7:da:77:81:76:29:c7:4d:ec:99:ac:18:26:2d:44:
         f6:b9:c7:1d:dd:6b:ce:b9:9c:d2:e9:d0:72:ea:54:18:49:c2:
         5e:eb:76:d6:0b:41:9b:5f:d5:1a:d2:0d:ee:55:b6:e0:d7:67:
         97:dd:20:ef:c3:23:34:4b:b0:9d:7b:e3:28:4e:ea:58:4a:64:
         e7:42:f3:3e:a4:68:f5:12:14:1a:8a:8b:1d:9f:32:b2:51:18:
         f1:5d:33:2b:05:99:3b:ed:a6:d2:81:88:31:2b:e2:c2:84:f0:
         2c:c3:24:e5:74:2e:0f:0b:8a:52:40:4c:dd:e4:e8:0c:7a:a6:
         40:a9:1a:57:1f:ca:e9:8a:db:b0:88:4f:6a:02:c7:54:41:be:
         88:1a:d0:35:bb:08:b2:13:8a:48:55:d2:96:a5:48:9f:60:21:
         94:2f:d7:4d:3c:03:9c:1e:9a:64:68:ef:64:0b:6e:ff:d9:23:
         e0:82:ef:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2OdfwSjKXq4O8QZiBSqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk
MTU0NDYwHhcNMjYwMzAyMDAwMDQ0WhcNMjYwMzAzMDAwMDQ0WjAzMTEwLwYDVQQD
Eyg1OWRkZWZkYWQ5ZTkxN2FhNDRjMDVhODViODE4MGNiNjgwMTVmOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7VGvXC4UQQt4LMBT/KwcS2jddFs
pHr42Zu3Ji0pqZreyxRtQPN3ptxgZJOU34t56GNZLaTdaxVJJSWC3/NnPz3c+tnl
IO+6O4mHHAli5quPSLY1CWiSh5sylAjnNOUUajEaLSzPUGg3d/New0hHS0AYKRAe
QDkeTLWKWrKH7WxIG5q5hvsqoFEYC6Cb6/VPzj1OH9ZvXUwCgakyNPNRLNoEHWIH
LJwwO99/1CmY1p+eOMYvpQXu+XdH5y/a3oEBri/NfVSksxk/ohlzlEGRIJCmmLLF
KPqjPTpjV2+k7NMVYCiwaX6efD2HNf/lxFYWLWRvZJEALTE6pDVhbyXjmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnd79rZ6ReqRMBahbgYDLaAFfnUMB8GA1UdIwQY
MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt
NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk
LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATihI5B9
dTw8py2bymQVRaVCgdzB52X1pgh8g9sE4/NsRekrwO3AreGe6fuYqdTIArg9GBxk
3LNIWMcvA5+56nI2Z0xwihHmHhPTt9p3gXYpx03smawYJi1E9rnHHd1rzrmc0unQ
cupUGEnCXut21gtBm1/VGtIN7lW24Ndnl90g78MjNEuwnXvjKE7qWEpk50LzPqRo
9RIUGoqLHZ8yslEY8V0zKwWZO+2m0oGIMSviwoTwLMMk5XQuDwuKUkBM3eToDHqm
QKkaVx/K6YrbsIhPagLHVEG+iBrQNbsIshOKSFXSlqVIn2AhlC/XTTwDnB6aZGjv
ZAtu/9kj4ILvfQ==
-----END CERTIFICATE-----