Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
File:                     h9mQExRnt30RFit5--OwbKirLTk.mft (raw, json)
Hash identifier:          f9RyruTvXHhkBZuIpmMSEtPPWOyynE6LJXo00IxoSFo=
Subject key identifier:   02:84:CA:2D:E3:53:61:92:CF:46:B3:41:14:68:0F:B2:69:53:31:C8
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Certificate issuer:       /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial:       0195E0464557F226E4E80B06AF469F006B67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
Manifest number:          14D2
Signing time:             Sat 29 Mar 2025 05:00:56 +0000
Manifest this update:     Sat 29 Mar 2025 05:00:56 +0000
Manifest next update:     Sun 30 Mar 2025 05:00:56 +0000
Files and hashes:         1: BpGdK4vNgugH_zIwdKpTLTonzFI.roa (hash: XCtnPAQsPAejFAsLvLkAMfASQaAA0TQU3hCkuPs7vLM=)
                          2: XOmOBh50cvCvJmnFjaJhaHYW2sE.roa (hash: 6F6wNjub6rC7wNAaFOeBE6JJ3w2cU7C6GJM4bNB9ZQQ=)
                          3: h9mQExRnt30RFit5--OwbKirLTk.crl (hash: kjqTjPSYO1TWvvW0LpTvKQ3Ev1HjCxnoKUKVsFOyyvU=)
                          4: viZJ1ILrK-Lhvo6EpJnhGu2o9Q4.roa (hash: VBEvk2C209Y5tb0FL9tK/NrEWGQ6MCpm2RIBK/aQkDU=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:46:45:57:f2:26:e4:e8:0b:06:af:46:9f:00:6b:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
        Validity
            Not Before: Mar 29 05:00:56 2025 GMT
            Not After : Mar 30 05:00:56 2025 GMT
        Subject: CN=0284ca2de3536192cf46b34114680fb2695331c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2c:6c:c4:3c:ec:bc:08:2b:41:e5:96:76:14:
                    5c:57:7a:cb:72:86:cc:13:13:95:86:e4:63:50:86:
                    43:40:1e:b5:d4:a2:a8:fa:e9:05:49:99:82:2f:a5:
                    1b:21:04:e9:f5:c6:21:1e:0f:0f:8d:48:d7:b9:3a:
                    ca:4b:de:5b:22:5e:e6:f3:ff:27:58:45:a8:d8:0b:
                    1f:59:e7:c4:ee:29:8e:c9:ab:85:39:44:b8:38:7f:
                    94:65:f2:f1:43:6d:20:c8:aa:d2:16:8d:fc:4e:82:
                    ea:8b:92:06:3b:22:5c:4c:34:78:6f:6b:75:16:3e:
                    94:85:e7:dc:7d:49:65:d2:45:c5:9b:b6:3d:31:1f:
                    a2:99:d9:98:f1:44:73:84:1f:54:48:97:e9:d4:2d:
                    93:fd:09:47:5f:94:71:0a:73:69:ab:6e:ea:ad:7c:
                    a8:7b:ac:cd:55:f1:ff:38:1d:5e:52:c3:01:c1:78:
                    7d:55:8b:2a:94:3e:22:1f:15:47:ec:6d:a1:ed:74:
                    63:21:26:36:96:9f:e2:24:8c:6e:71:85:c7:cb:5f:
                    a3:f2:c8:24:a2:da:68:83:41:fc:78:ad:09:01:32:
                    ad:b0:e6:3f:f8:91:b6:12:99:e4:0b:ee:63:06:03:
                    52:97:5a:1d:13:ae:a5:4d:d3:f3:d2:ac:aa:32:4d:
                    3d:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:84:CA:2D:E3:53:61:92:CF:46:B3:41:14:68:0F:B2:69:53:31:C8
            X509v3 Authority Key Identifier:
                keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:9d:15:c9:9a:04:67:7a:c1:1c:df:df:a6:38:8d:4f:bc:c6:
         b9:40:15:ac:6a:7f:45:aa:4e:59:71:c0:95:f5:76:25:b5:7d:
         b3:78:82:47:06:ce:37:f1:4b:04:0b:51:82:96:c7:3f:0a:09:
         2b:e6:1f:7c:4f:57:af:ce:67:7d:3f:f0:30:6d:bc:9c:e8:c9:
         95:1a:9b:c4:6a:70:10:4b:58:38:01:0b:84:3c:ca:3a:e2:be:
         79:81:b7:28:41:41:e9:6f:62:c2:bf:06:1c:d0:06:cd:f8:90:
         24:a7:8e:15:71:08:08:b5:1b:76:a8:d7:59:e0:e3:c6:a3:dd:
         f6:91:dc:75:cd:e5:e8:23:5e:79:17:2e:eb:b3:e9:51:21:6a:
         21:6f:70:25:93:c6:c9:6e:1f:b8:63:98:56:65:2f:39:aa:b4:
         35:b6:4f:f6:78:a4:98:d1:50:5c:41:fa:ee:10:7e:e0:82:8b:
         7d:41:69:45:1d:af:20:ec:6b:01:80:ed:3a:7a:9f:27:d4:c8:
         e1:c0:3b:5f:49:29:12:50:68:79:90:f5:18:20:a2:6e:1b:82:
         44:fd:d3:16:0c:00:e9:f4:bb:70:dc:ae:2e:3f:c8:9f:34:52:
         93:a9:ea:c9:2a:1c:7f:c9:f2:1f:13:f1:e9:0d:18:f4:32:b1:
         93:20:fc:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgRkVX8ibk6AsGr0afAGtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjUwMzI5MDUwMDU2WhcNMjUwMzMwMDUwMDU2WjAzMTEwLwYDVQQD
EygwMjg0Y2EyZGUzNTM2MTkyY2Y0NmIzNDExNDY4MGZiMjY5NTMzMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyxsxDzsvAgrQeWWdhRcV3rLcobM
ExOVhuRjUIZDQB611KKo+ukFSZmCL6UbIQTp9cYhHg8PjUjXuTrKS95bIl7m8/8n
WEWo2AsfWefE7imOyauFOUS4OH+UZfLxQ20gyKrSFo38ToLqi5IGOyJcTDR4b2t1
Fj6UhefcfUll0kXFm7Y9MR+imdmY8URzhB9USJfp1C2T/QlHX5RxCnNpq27qrXyo
e6zNVfH/OB1eUsMBwXh9VYsqlD4iHxVH7G2h7XRjISY2lp/iJIxucYXHy1+j8sgk
otpog0H8eK0JATKtsOY/+JG2EpnkC+5jBgNSl1odE66lTdPz0qyqMk099wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKEyi3jU2GSz0azQRRoD7JpUzHIMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV50VyZoE
Z3rBHN/fpjiNT7zGuUAVrGp/RapOWXHAlfV2JbV9s3iCRwbON/FLBAtRgpbHPwoJ
K+YffE9Xr85nfT/wMG28nOjJlRqbxGpwEEtYOAELhDzKOuK+eYG3KEFB6W9iwr8G
HNAGzfiQJKeOFXEICLUbdqjXWeDjxqPd9pHcdc3l6CNeeRcu67PpUSFqIW9wJZPG
yW4fuGOYVmUvOaq0NbZP9nikmNFQXEH67hB+4IKLfUFpRR2vIOxrAYDtOnqfJ9TI
4cA7X0kpElBoeZD1GCCibhuCRP3TFgwA6fS7cNyuLj/InzRSk6nqySocf8nyHxPx
6Q0Y9DKxkyD86w==
-----END CERTIFICATE-----