Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.mft
File:                     KvXkhmugmCASSm5REQT8QfpUGZU.mft (raw, json)
Hash identifier:          QCAP3/Guv207xv5wPmAyhPJ5QgFjtnW5OJA+MzOM8Jo=
Subject key identifier:   51:58:34:05:43:63:53:6A:7C:C7:A4:1E:DB:18:C0:36:28:82:3A:03
Authority key identifier: 2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
Certificate issuer:       /CN=2af5e4866ba09820124a6e511104fc41fa541995
Certificate serial:       0195E0466F606D709FCC260D4BF6003DF83A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.mft
Manifest number:          1201
Signing time:             Sat 29 Mar 2025 05:01:07 +0000
Manifest this update:     Sat 29 Mar 2025 05:01:07 +0000
Manifest next update:     Sun 30 Mar 2025 05:01:07 +0000
Files and hashes:         1: 5r4roNSh8TWW8XLP5gLpTUYEtC8.roa (hash: AktxI+V17na/V+Hz9k9ha+hVm279Tijdqa0CvwmI/7Q=)
                          2: Gxhnb8KOTrVvxDF8yuKOv2GjqtU.roa (hash: QO/QE2IRS/pPOvcN+3PpcsYmJwErYvPF742Zst4rEP8=)
                          3: KvXkhmugmCASSm5REQT8QfpUGZU.crl (hash: K3WU49PjpfC0lp+1GPRFIm4TQNlQ+ub8kFBAY2IEMSo=)
                          4: TtvNTrhsW3wjOkk9eOHVRXZxsEg.roa (hash: gPmUeUcfbob5JNxYnTxCOkrudyCPlteleGt+PSj2/00=)
                          5: ekdDszvqGt_eJ_hGO_xIWYzbzAA.roa (hash: zqr+o3bWODGGGIrhIMHHh91Y/JEASXYkOBODwzmfRz8=)
                          6: iIQaeGWo37d4w_fiU_R29carNk8.roa (hash: FbNS7L7XPQULlvHXJ6Yq35UuABtJRjSmhRiCGjDk29Q=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:46:6f:60:6d:70:9f:cc:26:0d:4b:f6:00:3d:f8:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2af5e4866ba09820124a6e511104fc41fa541995
        Validity
            Not Before: Mar 29 05:01:07 2025 GMT
            Not After : Mar 30 05:01:07 2025 GMT
        Subject: CN=515834054363536a7cc7a41edb18c03628823a03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:57:eb:50:94:74:43:81:5c:e7:1c:77:d9:ca:
                    bd:e5:b6:0b:e8:9c:b7:ea:5d:a3:65:63:7d:f0:59:
                    e0:96:b1:ff:c5:05:86:50:0e:1f:47:66:77:71:5f:
                    ef:7f:d4:be:ca:52:2c:9f:25:92:de:97:64:c1:34:
                    8b:8b:29:8e:37:6b:2b:dc:23:f6:3c:a9:2b:dc:18:
                    8f:7d:c3:62:4a:2f:c3:81:3d:4f:9f:96:a0:7a:60:
                    4b:ab:2c:b3:04:39:d4:50:73:1c:b3:76:ee:c1:04:
                    be:1a:4d:d5:01:71:0c:5f:7b:1d:fe:c3:ab:da:be:
                    bb:3e:70:fc:27:39:a6:d9:ac:41:f6:e9:3f:d7:eb:
                    b5:31:33:7b:7e:20:4b:23:9f:b0:dd:c9:38:cf:82:
                    07:1d:e4:25:73:9b:5d:1d:4c:91:aa:73:2b:6c:9c:
                    ee:8c:ea:14:b6:b1:48:50:ed:a8:5f:60:f0:9d:84:
                    1d:19:a5:46:5e:80:ba:bf:e2:86:40:3d:94:58:80:
                    c2:1e:6c:62:22:c5:2a:30:ea:79:69:52:96:34:58:
                    39:5f:9a:a2:86:cc:0b:5a:3f:c0:c2:e8:92:db:17:
                    a8:d5:bc:c7:ac:b5:81:b1:24:7e:c4:c1:4e:d1:08:
                    e0:f4:e3:7e:88:92:cc:96:3a:4a:a0:95:6f:b5:83:
                    35:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:58:34:05:43:63:53:6A:7C:C7:A4:1E:DB:18:C0:36:28:82:3A:03
            X509v3 Authority Key Identifier:
                keyid:2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:7b:df:00:77:98:c5:c4:d4:7d:40:0b:df:ee:c1:77:92:6f:
         90:57:cb:7e:6f:45:87:03:ad:3e:52:73:ac:16:c7:98:c9:1d:
         35:5b:a1:6e:71:c5:13:48:ed:ea:c2:25:7c:e8:96:95:d6:bd:
         8b:57:3d:2a:2a:08:8d:a4:04:93:99:c5:cd:33:bf:f9:eb:53:
         8a:67:d3:94:27:78:96:c9:d4:b3:d4:48:4a:5d:74:c3:04:20:
         89:84:f3:65:4b:8c:41:02:30:ed:98:de:4d:a1:2d:d8:3e:51:
         be:9c:c7:5a:16:83:d4:0b:d6:1d:c2:58:98:f2:d6:68:9d:43:
         01:72:df:77:69:7e:85:c1:d0:ba:9c:b3:d5:82:45:1a:71:74:
         eb:20:ff:a5:4b:04:8f:e2:24:f3:33:89:cd:53:f0:dd:89:d1:
         5b:68:2f:de:71:69:b4:fd:da:34:fd:c2:09:64:b8:fe:83:48:
         02:1e:c4:08:47:b3:51:48:a0:c7:7e:bd:68:22:c8:a6:3e:3f:
         b9:4f:74:63:ed:08:35:2f:dc:b8:d0:9d:ea:18:56:c4:67:f4:
         d0:25:38:1f:76:74:ca:ed:e4:e8:21:34:88:6f:98:1a:18:8f:
         1c:f4:58:3c:1e:f4:2c:60:ef:dd:18:f0:0b:48:8e:6b:43:47:
         71:3b:87:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgRm9gbXCfzCYNS/YAPfg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZjVlNDg2NmJhMDk4MjAxMjRhNmU1MTExMDRmYzQxZmE1
NDE5OTUwHhcNMjUwMzI5MDUwMTA3WhcNMjUwMzMwMDUwMTA3WjAzMTEwLwYDVQQD
Eyg1MTU4MzQwNTQzNjM1MzZhN2NjN2E0MWVkYjE4YzAzNjI4ODIzYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVfrUJR0Q4Fc5xx32cq95bYL6Jy3
6l2jZWN98FnglrH/xQWGUA4fR2Z3cV/vf9S+ylIsnyWS3pdkwTSLiymON2sr3CP2
PKkr3BiPfcNiSi/DgT1Pn5agemBLqyyzBDnUUHMcs3buwQS+Gk3VAXEMX3sd/sOr
2r67PnD8Jzmm2axB9uk/1+u1MTN7fiBLI5+w3ck4z4IHHeQlc5tdHUyRqnMrbJzu
jOoUtrFIUO2oX2DwnYQdGaVGXoC6v+KGQD2UWIDCHmxiIsUqMOp5aVKWNFg5X5qi
hswLWj/AwuiS2xeo1bzHrLWBsSR+xMFO0Qjg9ON+iJLMljpKoJVvtYM1rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFFYNAVDY1NqfMekHtsYwDYogjoDMB8GA1UdIwQY
MBaAFCr15IZroJggEkpuUREE/EH6VBmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2Qt
YzMyMGU1MGEzYzc5LzEvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2QtYzMyMGU1MGEzYzc5
LzEvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp3vfAHeY
xcTUfUAL3+7Bd5JvkFfLfm9FhwOtPlJzrBbHmMkdNVuhbnHFE0jt6sIlfOiWlda9
i1c9KioIjaQEk5nFzTO/+etTimfTlCd4lsnUs9RISl10wwQgiYTzZUuMQQIw7Zje
TaEt2D5RvpzHWhaD1AvWHcJYmPLWaJ1DAXLfd2l+hcHQupyz1YJFGnF06yD/pUsE
j+Ik8zOJzVPw3YnRW2gv3nFptP3aNP3CCWS4/oNIAh7ECEezUUigx369aCLIpj4/
uU90Y+0INS/cuNCd6hhWxGf00CU4H3Z0yu3k6CE0iG+YGhiPHPRYPB70LGDv3Rjw
C0iOa0NHcTuHFQ==
-----END CERTIFICATE-----