Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
File:                     pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json)
Hash identifier:          a6i19dwLwkrJnsC2MTglc1PT2UICH7dP+EVoaZ9VdYU=
Subject key identifier:   2B:D3:A1:C0:CF:AC:D1:5E:FE:67:7C:3B:38:03:2E:C3:E8:9B:52:96
Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46
Certificate issuer:       /CN=a737e290169cfce6a338a66bca45cfe635d15446
Certificate serial:       019D996203564C5600CFD2D8B9B5DAA80AB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 03:00:30 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:30 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:30 +0000
Files and hashes:         1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: R/sjKTl4zglMXV5sV2D0PplQrueeFDti9J2Ce1dnO6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:03:56:4c:56:00:cf:d2:d8:b9:b5:da:a8:0a:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446
        Validity
            Not Before: Apr 17 03:00:30 2026 GMT
            Not After : Apr 18 03:00:30 2026 GMT
        Subject: CN=2bd3a1c0cfacd15efe677c3b38032ec3e89b5296
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:54:ff:c0:e1:b0:04:ad:89:d2:1f:59:0f:0e:
                    55:23:46:7c:2c:60:28:14:a4:d5:01:a1:de:ba:54:
                    7f:44:f9:c2:ef:59:cf:27:59:c3:c2:55:af:c2:93:
                    c2:27:02:0c:bf:c4:e2:08:f4:35:7f:ab:2f:f7:e1:
                    76:e8:59:85:93:a5:94:4a:35:b1:ed:ca:3c:fc:b0:
                    67:0f:42:6d:d6:06:5f:bd:e1:fb:1a:c8:fd:2c:3f:
                    af:7f:9e:c8:4f:bf:01:c8:25:64:7c:0b:eb:b4:19:
                    03:06:e6:6d:4c:7e:cc:23:d7:bf:96:e1:6e:98:69:
                    6e:96:8f:61:57:ea:33:e7:c9:0a:31:51:fc:a1:34:
                    20:db:7e:70:f7:88:8c:f8:00:d6:1a:72:10:91:9a:
                    bf:a0:c6:ae:fa:d4:df:73:b1:3b:33:81:37:38:69:
                    8b:ee:3b:99:90:1f:8d:85:28:13:04:9b:51:85:16:
                    e5:d7:a0:42:39:f6:17:1a:e7:9f:37:cc:77:73:ae:
                    d6:f2:3c:1b:53:ed:44:4e:43:d8:6b:32:c3:04:3d:
                    71:30:fa:bd:78:3d:b3:39:be:e3:3b:fa:98:bf:e2:
                    a0:a7:72:89:83:0f:8a:54:d8:a0:8c:35:7f:24:27:
                    84:02:49:e0:d3:cf:3b:3d:4e:b4:fb:9c:88:4c:c5:
                    2e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:D3:A1:C0:CF:AC:D1:5E:FE:67:7C:3B:38:03:2E:C3:E8:9B:52:96
            X509v3 Authority Key Identifier:
                keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:24:4d:80:03:38:1c:49:3a:57:47:6d:da:52:77:af:ad:93:
         0d:4c:a5:24:0a:f9:be:92:8a:a8:e3:6d:6e:a9:53:b6:dc:a8:
         67:43:31:cb:6b:26:d5:41:b6:a3:8d:c1:1a:2b:6a:b1:8d:08:
         7f:00:e9:28:4e:52:90:c3:6c:78:f3:30:e4:74:9b:f8:08:19:
         9f:5c:38:6b:b5:cc:5f:73:3f:58:bb:a9:64:d4:aa:a6:82:74:
         dc:13:ee:ea:61:1a:3d:f1:e1:0f:76:73:3b:fe:11:0a:5e:c8:
         01:81:05:a7:30:8a:fe:ae:db:53:86:3f:7d:a1:9f:ca:de:98:
         62:ae:74:d4:d7:14:41:83:1f:21:a6:cd:69:b0:99:81:32:76:
         76:11:42:5d:1d:04:52:d7:fc:19:aa:12:88:45:fe:d9:8b:43:
         16:db:65:ef:df:d6:54:60:ef:52:f6:91:99:f5:ee:8f:fe:13:
         95:3f:25:d0:17:e4:fb:85:b9:20:9c:a6:b6:85:3e:bd:6d:6f:
         71:84:ad:cb:6b:55:19:b5:6d:a5:d7:92:28:eb:65:4d:3b:54:
         90:29:86:53:b2:20:0e:5f:dc:4d:45:e2:1a:7f:67:f6:0e:25:
         46:fd:f6:4f:cc:9f:7a:9c:cf:5d:b1:4a:a7:47:90:9f:bd:f7:
         00:5b:18:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYgNWTFYAz9LYubXaqAqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk
MTU0NDYwHhcNMjYwNDE3MDMwMDMwWhcNMjYwNDE4MDMwMDMwWjAzMTEwLwYDVQQD
EygyYmQzYTFjMGNmYWNkMTVlZmU2NzdjM2IzODAzMmVjM2U4OWI1Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FT/wOGwBK2J0h9ZDw5VI0Z8LGAo
FKTVAaHeulR/RPnC71nPJ1nDwlWvwpPCJwIMv8TiCPQ1f6sv9+F26FmFk6WUSjWx
7co8/LBnD0Jt1gZfveH7Gsj9LD+vf57IT78ByCVkfAvrtBkDBuZtTH7MI9e/luFu
mGlulo9hV+oz58kKMVH8oTQg235w94iM+ADWGnIQkZq/oMau+tTfc7E7M4E3OGmL
7juZkB+NhSgTBJtRhRbl16BCOfYXGuefN8x3c67W8jwbU+1ETkPYazLDBD1xMPq9
eD2zOb7jO/qYv+Kgp3KJgw+KVNigjDV/JCeEAkng0887PU60+5yITMUumwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvTocDPrNFe/md8OzgDLsPom1KWMB8GA1UdIwQY
MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt
NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk
LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSRNgAM4
HEk6V0dt2lJ3r62TDUylJAr5vpKKqONtbqlTttyoZ0Mxy2sm1UG2o43BGitqsY0I
fwDpKE5SkMNsePMw5HSb+AgZn1w4a7XMX3M/WLupZNSqpoJ03BPu6mEaPfHhD3Zz
O/4RCl7IAYEFpzCK/q7bU4Y/faGfyt6YYq501NcUQYMfIabNabCZgTJ2dhFCXR0E
Utf8GaoSiEX+2YtDFttl79/WVGDvUvaRmfXuj/4TlT8l0Bfk+4W5IJymtoU+vW1v
cYSty2tVGbVtpdeSKOtlTTtUkCmGU7IgDl/cTUXiGn9n9g4lRv32T8yfepzPXbFK
p0eQn733AFsY8A==
-----END CERTIFICATE-----