Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft
File:                     lBZrcEhD09l1QJXIOpG0k4KCAKI.mft (raw, json)
Hash identifier:          8HnFcxyR/xN+Xrh3/F87KP1kOtgCB6xSvgSaXX0pg70=
Subject key identifier:   B0:83:07:C0:F9:F1:54:C4:B3:99:56:1C:6D:79:49:55:88:E8:02:52
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       0195E00FBB66CBC1CD623DE56751F8662CA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft
Manifest number:          156E
Signing time:             Sat 29 Mar 2025 04:01:22 +0000
Manifest this update:     Sat 29 Mar 2025 04:01:22 +0000
Manifest next update:     Sun 30 Mar 2025 04:01:22 +0000
Files and hashes:         1: 7NOWSwr6Ix9WqMtFCauUoXq2B4E.roa (hash: 71eyC9fYC2VExHc19u8sJwP29ASsjLuAVH+CBPHOF2M=)
                          2: DrZpY6t_Z34aPnka8mlfxbcLul4.roa (hash: ArUDkHPBl4MihbzSvZGcRbPkxSIlgTU5MGX9tL6hwUo=)
                          3: Z7uuC5XE4-fMCsGBtqQw7mSeH9U.roa (hash: W7maKhHagBpEQgNK15fnWc66E1ZuDuwRIn7gOriSZAo=)
                          4: h9d0ktI5MHIktnWrhY2zneTKIew.roa (hash: 9qkOa4Wd+V/Z+xQC2CIhkz1VoRa5qCsYXEwwfKMwhGQ=)
                          5: lBZrcEhD09l1QJXIOpG0k4KCAKI.crl (hash: nLqw+ZwJwyFLueQMVCQbShZlXOK/b8VmD50a8HhWEMo=)
                          6: zIA6BDrr_xrDLDlzAGpw_9P6klo.roa (hash: pfzDsna4zGoCQX7v3ji49EBWdSr9XYlq27X+4n1BNgY=)
                          7: zRIEfiHVhkzqHiYdm3McIGPDP2Q.roa (hash: 32bioXyHcsiw84uow4i7c6KhRJSD3457u6OM44k/3vM=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:0f:bb:66:cb:c1:cd:62:3d:e5:67:51:f8:66:2c:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Mar 29 04:01:22 2025 GMT
            Not After : Mar 30 04:01:22 2025 GMT
        Subject: CN=b08307c0f9f154c4b399561c6d79495588e80252
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f5:de:7b:91:26:5b:dc:16:8f:4f:92:b2:b0:
                    56:97:b0:a0:07:1b:f3:6c:c5:ac:69:cd:28:2c:13:
                    c2:cb:66:83:22:66:4c:94:2b:d7:a1:c0:ce:30:10:
                    dd:5d:a3:8f:bf:f8:54:c4:fe:31:f7:7e:46:70:3f:
                    be:fe:67:1d:be:43:38:8b:96:b1:55:5d:48:54:fa:
                    10:e9:ad:54:00:4e:a9:71:ff:98:86:ad:43:7e:d1:
                    aa:97:c2:4c:3f:90:54:e5:f5:a2:85:62:06:29:7c:
                    51:48:99:ec:2d:0e:be:4d:22:14:ac:ad:c0:47:26:
                    77:74:d6:39:70:06:10:bb:56:77:5f:0e:63:b1:d8:
                    ed:96:ab:35:fb:70:c6:a4:cd:32:6a:82:83:65:fb:
                    25:bf:1d:ad:36:95:58:c6:06:f5:c1:17:d5:91:f0:
                    9d:40:39:b4:89:03:ef:81:1a:36:6d:27:b8:a5:c7:
                    5e:15:88:47:9b:05:1e:bd:b5:57:db:ad:3e:d0:6f:
                    e1:7d:e7:4f:df:83:00:f9:10:88:3f:b5:99:95:a4:
                    c8:f3:ce:59:64:c1:06:76:1d:17:49:dc:8d:a1:83:
                    bf:1c:ac:e8:6a:28:87:d2:fb:3e:1a:ce:b9:ac:30:
                    09:45:90:de:9b:1e:86:a1:17:27:52:5a:ec:37:35:
                    c9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:83:07:C0:F9:F1:54:C4:B3:99:56:1C:6D:79:49:55:88:E8:02:52
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:2c:ab:94:d8:67:95:db:71:79:14:c2:ff:83:76:81:d3:dc:
         bc:20:d7:fe:ce:7c:50:8f:5a:df:e5:d5:e2:2b:c7:64:7d:fe:
         fa:00:4b:de:96:9c:7b:b2:2c:b8:b3:cf:d0:1d:9b:ee:86:ba:
         8b:10:7c:e0:f4:36:8b:d5:8f:9a:63:a1:2d:b7:71:97:a5:22:
         32:68:65:5e:ed:07:9e:79:46:23:16:6d:7a:7b:0d:ad:59:60:
         82:2a:54:ae:11:9c:34:ab:65:c7:8a:fc:78:49:39:b6:13:a3:
         1d:e6:6e:0f:a7:9b:81:9a:6a:c2:c4:fd:cc:7e:9d:03:06:83:
         cc:85:b8:92:1c:11:5b:ae:69:a7:62:de:37:c5:1d:7b:90:75:
         ff:b5:75:67:bd:68:7e:fd:c8:48:05:b5:d7:16:70:f2:b4:8e:
         b7:5f:bc:b0:a2:07:89:30:26:80:02:68:3e:29:f7:43:0e:15:
         a6:c2:21:c6:6e:d5:cb:f6:05:55:8c:d6:f2:74:02:48:78:44:
         d8:a6:4a:0a:83:f5:d8:54:dd:dc:16:0a:c3:7b:a8:db:ed:0f:
         38:53:7a:5c:65:06:9a:52:c1:60:83:d5:be:b2:c1:0c:d7:b8:
         9e:7e:bb:12:f3:6e:62:47:f1:41:72:a9:84:10:e8:c2:ca:fa:
         3a:ee:29:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgD7tmy8HNYj3lZ1H4ZiypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjUwMzI5MDQwMTIyWhcNMjUwMzMwMDQwMTIyWjAzMTEwLwYDVQQD
EyhiMDgzMDdjMGY5ZjE1NGM0YjM5OTU2MWM2ZDc5NDk1NTg4ZTgwMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPXee5EmW9wWj0+SsrBWl7CgBxvz
bMWsac0oLBPCy2aDImZMlCvXocDOMBDdXaOPv/hUxP4x935GcD++/mcdvkM4i5ax
VV1IVPoQ6a1UAE6pcf+Yhq1DftGql8JMP5BU5fWihWIGKXxRSJnsLQ6+TSIUrK3A
RyZ3dNY5cAYQu1Z3Xw5jsdjtlqs1+3DGpM0yaoKDZfslvx2tNpVYxgb1wRfVkfCd
QDm0iQPvgRo2bSe4pcdeFYhHmwUevbVX260+0G/hfedP34MA+RCIP7WZlaTI885Z
ZMEGdh0XSdyNoYO/HKzoaiiH0vs+Gs65rDAJRZDemx6GoRcnUlrsNzXJUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCDB8D58VTEs5lWHG15SVWI6AJSMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPCyrlNhn
ldtxeRTC/4N2gdPcvCDX/s58UI9a3+XV4ivHZH3++gBL3pace7IsuLPP0B2b7oa6
ixB84PQ2i9WPmmOhLbdxl6UiMmhlXu0HnnlGIxZtensNrVlggipUrhGcNKtlx4r8
eEk5thOjHeZuD6ebgZpqwsT9zH6dAwaDzIW4khwRW65pp2LeN8Ude5B1/7V1Z71o
fv3ISAW11xZw8rSOt1+8sKIHiTAmgAJoPin3Qw4VpsIhxm7Vy/YFVYzW8nQCSHhE
2KZKCoP12FTd3BYKw3uo2+0POFN6XGUGmlLBYIPVvrLBDNe4nn67EvNuYkfxQXKp
hBDowsr6Ou4pfg==
-----END CERTIFICATE-----