Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
File:                     KQhfxTTBPgiC4mColfPPDFVD7wg.mft (raw, json)
Hash identifier:          rtpI4dq9pMCsemh/lgaZkfIgFAGiijDrkXXRzFzQsYU=
Subject key identifier:   71:DE:4B:49:74:0F:BB:CC:AD:2D:97:00:90:65:5D:A8:48:54:EA:1D
Authority key identifier: 29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08
Certificate issuer:       /CN=29085fc534c13e0882e260a895f3cf0c5543ef08
Certificate serial:       0195E046F15D78DF017082CC2F0CD9768C59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
Manifest number:          0437
Signing time:             Sat 29 Mar 2025 05:01:40 +0000
Manifest this update:     Sat 29 Mar 2025 05:01:40 +0000
Manifest next update:     Sun 30 Mar 2025 05:01:40 +0000
Files and hashes:         1: 7maLWxU6IkDM2FmAqNdy7l2m8vA.roa (hash: hXSJo4W1y0TIt55yVm6o0sEdz9TFsi3M02ghZ52Dqcs=)
                          2: KQhfxTTBPgiC4mColfPPDFVD7wg.crl (hash: eclc43eGgWsafv9DA3Lh29oKclPcs7ia4MHlFcZczNQ=)
                          3: qf1_Wz1js3xh5T6fOQssL748W8Y.roa (hash: LIiJDjtWI/OSM/oOUeypQGPeFD9dNyCQffUSuaGgb/s=)
                          4: uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa (hash: ABkAtvRZwRy7ibQa3d8iTzWCloU1O/vDLYDZwO5edyc=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:46:f1:5d:78:df:01:70:82:cc:2f:0c:d9:76:8c:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29085fc534c13e0882e260a895f3cf0c5543ef08
        Validity
            Not Before: Mar 29 05:01:40 2025 GMT
            Not After : Mar 30 05:01:40 2025 GMT
        Subject: CN=71de4b49740fbbccad2d970090655da84854ea1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:02:a8:17:e8:3f:52:7d:fc:db:cb:fe:30:ec:
                    8a:2c:cd:d7:51:13:07:ae:43:06:34:dd:54:2c:64:
                    4b:f2:8f:6e:00:4c:b1:0a:b9:72:87:a4:46:f4:13:
                    1f:63:ed:86:52:d7:95:0a:16:f2:ee:b7:2e:de:5f:
                    e0:c2:ce:00:78:86:1a:ac:d1:f6:05:87:71:52:9e:
                    73:5e:de:9f:4b:00:21:4e:ed:44:85:8b:db:28:57:
                    20:3f:d9:79:8e:f8:d3:88:b1:91:ae:d3:3c:ed:2e:
                    52:c4:33:5f:df:2d:29:64:9c:63:74:c6:ca:8b:de:
                    82:41:0e:3d:e8:f5:ab:d8:55:94:ef:45:6f:ba:72:
                    0f:7a:ec:22:ec:82:3d:76:f1:a9:62:19:a1:d6:6a:
                    b2:33:3e:fd:98:79:3c:d7:61:9b:2d:e2:8f:4b:9e:
                    ac:ed:7b:a4:1e:57:62:0c:c3:a7:ba:25:6c:7d:eb:
                    3b:2c:5a:d0:ff:07:b4:67:fe:9a:36:3e:63:49:04:
                    ad:ca:25:4a:43:97:a4:56:cb:28:0e:1c:64:99:1c:
                    e9:28:f7:c3:66:1d:79:a5:8b:37:2d:56:3f:9e:46:
                    ab:34:1d:73:45:68:69:9b:e0:ad:d5:9f:30:43:2d:
                    08:31:3f:27:16:5d:e9:3e:ec:66:75:73:a4:1c:51:
                    4c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:DE:4B:49:74:0F:BB:CC:AD:2D:97:00:90:65:5D:A8:48:54:EA:1D
            X509v3 Authority Key Identifier:
                keyid:29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:b2:8d:61:3e:c2:cd:5a:81:69:94:c3:c4:bd:d6:00:01:d5:
         14:59:5f:9f:f1:fd:68:aa:da:55:86:2c:30:6e:da:36:d0:b7:
         f1:d3:c3:0a:46:1c:55:e1:ee:fa:e9:65:7b:f7:6b:0c:46:cd:
         5c:9d:3c:1f:d9:92:e6:3e:a0:58:39:a0:10:e8:d7:ee:b5:5e:
         af:99:4f:e7:ba:ac:75:1e:c4:09:c4:e2:15:e3:73:9f:55:37:
         78:82:a6:2d:fa:71:11:4a:1a:0f:f7:7d:52:89:b3:ad:d9:ab:
         be:99:aa:ec:38:78:cd:74:ac:c4:57:36:5f:2f:e8:79:10:d3:
         a8:a7:03:b4:69:18:46:f1:7b:de:92:73:01:a8:a0:d7:e0:3e:
         79:82:d1:86:1c:7c:61:ec:c1:ce:57:58:ce:e4:33:5c:bc:2c:
         f8:78:c1:f2:45:52:8d:ac:44:ac:50:76:e6:9c:c0:04:e3:1a:
         fd:94:bd:2b:ec:05:b1:fc:df:8b:d4:6c:94:31:ef:7a:f7:9b:
         b3:ed:d1:99:f9:1d:a3:58:29:cd:cc:fb:15:d9:16:5c:9b:97:
         b6:76:80:8a:b5:c0:9f:54:f8:90:c5:ac:48:b4:f1:37:33:5c:
         82:14:e7:85:32:a0:cb:12:d9:d1:b3:c8:83:1f:f5:d3:be:e0:
         d0:68:f0:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgRvFdeN8BcILMLwzZdoxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDg1ZmM1MzRjMTNlMDg4MmUyNjBhODk1ZjNjZjBjNTU0
M2VmMDgwHhcNMjUwMzI5MDUwMTQwWhcNMjUwMzMwMDUwMTQwWjAzMTEwLwYDVQQD
Eyg3MWRlNGI0OTc0MGZiYmNjYWQyZDk3MDA5MDY1NWRhODQ4NTRlYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgKoF+g/Un3828v+MOyKLM3XURMH
rkMGNN1ULGRL8o9uAEyxCrlyh6RG9BMfY+2GUteVChby7rcu3l/gws4AeIYarNH2
BYdxUp5zXt6fSwAhTu1EhYvbKFcgP9l5jvjTiLGRrtM87S5SxDNf3y0pZJxjdMbK
i96CQQ496PWr2FWU70VvunIPeuwi7II9dvGpYhmh1mqyMz79mHk812GbLeKPS56s
7XukHldiDMOnuiVsfes7LFrQ/we0Z/6aNj5jSQStyiVKQ5ekVssoDhxkmRzpKPfD
Zh15pYs3LVY/nkarNB1zRWhpm+Ct1Z8wQy0IMT8nFl3pPuxmdXOkHFFMRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHeS0l0D7vMrS2XAJBlXahIVOodMB8GA1UdIwQY
MBaAFCkIX8U0wT4IguJgqJXzzwxVQ+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWIt
YzMyOTcxMjllNGQzLzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWItYzMyOTcxMjllNGQz
LzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLKNYT7C
zVqBaZTDxL3WAAHVFFlfn/H9aKraVYYsMG7aNtC38dPDCkYcVeHu+ulle/drDEbN
XJ08H9mS5j6gWDmgEOjX7rVer5lP57qsdR7ECcTiFeNzn1U3eIKmLfpxEUoaD/d9
Uomzrdmrvpmq7Dh4zXSsxFc2Xy/oeRDTqKcDtGkYRvF73pJzAaig1+A+eYLRhhx8
YezBzldYzuQzXLws+HjB8kVSjaxErFB25pzABOMa/ZS9K+wFsfzfi9RslDHveveb
s+3Rmfkdo1gpzcz7FdkWXJuXtnaAirXAn1T4kMWsSLTxNzNcghTnhTKgyxLZ0bPI
gx/1077g0GjwlA==
-----END CERTIFICATE-----