Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
File:                     aOi66pXUBANI8KiexOS9FSdfbDk.mft (raw, json)
Hash identifier:          DZ4Cn2zUjJIhZp/KrlMHRluu4Ue95khFPRex32mIdTU=
Subject key identifier:   97:26:3F:19:4A:88:5B:68:E7:10:39:49:3E:26:5C:82:5E:9D:B7:95
Authority key identifier: 68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
Certificate issuer:       /CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Certificate serial:       0195E0B41056C8B599F833E5F765578B2380
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
Manifest number:          14C1
Signing time:             Sat 29 Mar 2025 07:00:51 +0000
Manifest this update:     Sat 29 Mar 2025 07:00:51 +0000
Manifest next update:     Sun 30 Mar 2025 07:00:51 +0000
Files and hashes:         1: G3jkppDUZ7UShIbg3wj67wwITjQ.roa (hash: IM9aMDCOjn2pDhh5r2plZvteAbzhdwZ0L/lTf4RJayk=)
                          2: Tz1CIM1JoghruWTN6nGpazj8zTs.roa (hash: VV/wpFoAA0PEYjeaECSEYgoe19Q1uDYWZTbwDnhLY+0=)
                          3: aOi66pXUBANI8KiexOS9FSdfbDk.crl (hash: hqJp1FkAK7MXS1Y0KeWwzALbiTjmg1luHRGbt5t7mko=)
                          4: qOyspdHf0vEJQuyvIz0XkgRHk_0.roa (hash: yR7LTFxNYmFcq/nxWYOH7mZupl2rRRW8SrPwUWcJB0k=)
                          5: uiGdfZv36ngdlEPtH0Dctu5_0kI.roa (hash: kwlBzu/ziaLKG7neS7FV84L3FCZ7YdUCR1fgHvPBMoI=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:b4:10:56:c8:b5:99:f8:33:e5:f7:65:57:8b:23:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
        Validity
            Not Before: Mar 29 07:00:51 2025 GMT
            Not After : Mar 30 07:00:51 2025 GMT
        Subject: CN=97263f194a885b68e71039493e265c825e9db795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:bd:8a:1d:ec:c0:bd:8a:bb:35:1e:4f:ab:f0:
                    00:0a:fd:af:a6:31:dc:d1:c1:df:e9:a5:8b:0b:6b:
                    47:02:31:77:c0:af:e9:40:4b:d5:71:74:5f:d8:64:
                    81:52:53:e8:67:bb:a0:83:19:c6:f6:bf:b7:a2:63:
                    89:81:5c:7d:22:91:09:3a:e1:f2:72:d9:b7:f4:0a:
                    37:aa:ab:6f:2e:4b:94:cd:c0:f6:19:4e:7d:84:4b:
                    ba:f5:8c:a7:2f:ca:a9:93:63:f0:a6:e9:bd:f2:52:
                    81:6f:01:9c:3d:9a:b7:d0:51:d5:26:48:c6:d7:40:
                    0e:e7:33:a2:5b:ab:9c:6d:8b:1b:14:8f:3f:df:d8:
                    0b:3e:52:21:7d:86:5b:51:9a:6e:46:f6:43:9a:30:
                    9b:83:f4:63:ae:0c:a3:20:91:8c:68:11:e2:b9:77:
                    7b:1a:c0:81:83:d2:cd:46:60:63:89:51:35:53:b4:
                    d5:c7:05:67:e2:59:e3:fb:68:22:0a:53:ce:6a:83:
                    6d:d0:d7:cf:c2:02:d9:4e:d4:34:57:ac:12:3c:2f:
                    67:d3:90:9e:25:d7:e8:85:be:10:aa:e1:63:5c:d9:
                    5b:80:e7:c3:c7:7a:b5:14:d7:a7:a7:96:88:ad:21:
                    f8:80:af:54:97:e8:c8:b3:cd:9c:1c:16:51:1c:af:
                    9d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:26:3F:19:4A:88:5B:68:E7:10:39:49:3E:26:5C:82:5E:9D:B7:95
            X509v3 Authority Key Identifier:
                keyid:68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:9d:d0:07:61:27:27:0c:d8:c4:2c:20:62:ec:c8:c4:73:a2:
         3d:b7:cd:32:0e:a1:76:79:56:98:eb:c8:66:89:57:2d:7f:ff:
         2b:17:69:cf:4d:ff:35:4b:29:54:cb:c7:b6:37:15:6a:4e:94:
         88:0c:08:66:03:03:28:c1:a5:d8:ab:12:5f:43:9a:24:51:86:
         f2:36:db:aa:e3:94:c4:e7:29:68:aa:79:b7:44:29:dd:9f:6d:
         56:51:b9:7f:7d:ea:72:c3:87:47:71:9f:fe:c6:07:ff:68:7d:
         8d:bc:6b:30:5f:dc:db:d5:de:00:a4:0b:d9:37:52:b2:9c:30:
         e8:44:67:2b:9c:17:ef:76:b0:0d:2d:0a:6d:c6:a0:e8:54:d1:
         a4:49:99:aa:67:28:72:bf:08:15:62:0f:0f:5a:40:c8:8c:e4:
         7e:58:79:6a:ec:98:3e:3d:a2:aa:d1:8b:0e:65:c3:0e:c3:96:
         93:f2:92:f7:1b:8f:16:d0:88:db:cf:d1:d0:8f:a1:d8:fa:f5:
         62:2a:0d:97:18:0e:90:3d:1b:66:00:eb:8e:df:a7:94:88:71:
         48:87:29:73:2b:b7:6d:4d:f3:5b:6c:9e:dd:8b:d3:a3:17:1a:
         01:b9:25:52:f4:2b:71:1a:b2:af:56:10:1c:3e:c9:64:96:83:
         41:6a:71:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgtBBWyLWZ+DPl92VXiyOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZThiYWVhOTVkNDA0MDM0OGYwYTg5ZWM0ZTRiZDE1Mjc1
ZjZjMzkwHhcNMjUwMzI5MDcwMDUxWhcNMjUwMzMwMDcwMDUxWjAzMTEwLwYDVQQD
Eyg5NzI2M2YxOTRhODg1YjY4ZTcxMDM5NDkzZTI2NWM4MjVlOWRiNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL2KHezAvYq7NR5Pq/AACv2vpjHc
0cHf6aWLC2tHAjF3wK/pQEvVcXRf2GSBUlPoZ7uggxnG9r+3omOJgVx9IpEJOuHy
ctm39Ao3qqtvLkuUzcD2GU59hEu69YynL8qpk2Pwpum98lKBbwGcPZq30FHVJkjG
10AO5zOiW6ucbYsbFI8/39gLPlIhfYZbUZpuRvZDmjCbg/RjrgyjIJGMaBHiuXd7
GsCBg9LNRmBjiVE1U7TVxwVn4lnj+2giClPOaoNt0NfPwgLZTtQ0V6wSPC9n05Ce
Jdfohb4QquFjXNlbgOfDx3q1FNenp5aIrSH4gK9Ul+jIs82cHBZRHK+dQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcmPxlKiFto5xA5ST4mXIJenbeVMB8GA1UdIwQY
MBaAFGjouuqV1AQDSPConsTkvRUnX2w5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2Ut
MzcxMWZhZThjYTc3LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2UtMzcxMWZhZThjYTc3
LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZ3QB2En
JwzYxCwgYuzIxHOiPbfNMg6hdnlWmOvIZolXLX//Kxdpz03/NUspVMvHtjcVak6U
iAwIZgMDKMGl2KsSX0OaJFGG8jbbquOUxOcpaKp5t0Qp3Z9tVlG5f33qcsOHR3Gf
/sYH/2h9jbxrMF/c29XeAKQL2TdSspww6ERnK5wX73awDS0Kbcag6FTRpEmZqmco
cr8IFWIPD1pAyIzkflh5auyYPj2iqtGLDmXDDsOWk/KS9xuPFtCI28/R0I+h2Pr1
YioNlxgOkD0bZgDrjt+nlIhxSIcpcyu3bU3zW2ye3YvToxcaAbklUvQrcRqyr1YQ
HD7JZJaDQWpxmQ==
-----END CERTIFICATE-----