Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
File:                     lNmOj-xoB3WhVyZuDGt4sUGjT14.mft (raw, json)
Hash identifier:          g2sd+1lgdbHgCl/i+gRPRwC/jyKmoEPuXE3wAscjvbI=
Subject key identifier:   F2:DB:1E:27:30:71:3C:50:2A:1D:6D:5F:FB:FF:FA:27:71:B7:DA:34
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Certificate issuer:       /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial:       0195E1902565DC060F3DEFB4F0F85093294F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
Manifest number:          0D9F
Signing time:             Sat 29 Mar 2025 11:01:15 +0000
Manifest this update:     Sat 29 Mar 2025 11:01:15 +0000
Manifest next update:     Sun 30 Mar 2025 11:01:15 +0000
Files and hashes:         1: 0YppZtvRSXBHB8NFrLn_rzdM4Wg.roa (hash: AIX2Owt5viXo6Wp2eQTWR2x2rHaX/2g8xn17pbf1zi4=)
                          2: EKnIHBjVrQVGKttI-rFo2gf2VFc.roa (hash: J3kh1NFjTixOap26aJDcz17JVV8gbZy6u7PZjGr/JnE=)
                          3: H0U-Km3rz_YtidSX7xAdJ-A_RzA.roa (hash: L4ck5kUvwk5NkXR5fk3e/8692feGx3cZZTXMDkDHo6o=)
                          4: LaP9yZWFLbz-vA6yy7WQjmvmnXk.roa (hash: dSsBDcLcDlWyNXwHKuTffodeoLPC9SNQ0Byy4wB2Z1w=)
                          5: LbH9hJaSL1GOYzLXqD3Awd_qjoA.roa (hash: 3C2M+kU6uA2Qd0GYC2WkAPgI2BlaHp4MqS4lT08EAiA=)
                          6: PbarvFD-DfboyTwmYNWYW4W2R9w.roa (hash: x10XcqhvaDHkUVsBFH7jM56sVdDbvr2ZFm9l+eYW+G4=)
                          7: lNmOj-xoB3WhVyZuDGt4sUGjT14.crl (hash: z6aUKhzRBBAupcj/PviLvv9oVbxkD/vSpetWnvwcX8g=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e1:90:25:65:dc:06:0f:3d:ef:b4:f0:f8:50:93:29:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
        Validity
            Not Before: Mar 29 11:01:15 2025 GMT
            Not After : Mar 30 11:01:15 2025 GMT
        Subject: CN=f2db1e2730713c502a1d6d5ffbfffa2771b7da34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c0:b6:7e:3e:45:8c:0d:da:2b:8f:0c:39:59:
                    ea:c4:cf:d3:7b:6e:b5:4d:26:20:5d:2d:96:f1:67:
                    36:23:2b:ad:12:a5:96:a7:cf:16:79:1c:41:d1:f4:
                    00:c7:1e:d2:7d:c1:3b:b3:40:8d:3e:a0:9b:9a:95:
                    ed:74:ed:61:40:49:c3:ff:5f:9f:24:b7:fd:a6:26:
                    c6:58:f7:82:03:7c:4d:c0:03:4e:3f:81:70:ab:0a:
                    b9:6b:a7:79:50:07:e0:83:42:bb:64:54:57:0c:ac:
                    12:58:3a:56:86:5e:64:61:cc:de:f3:34:5b:4f:4e:
                    54:06:79:9e:ce:7e:43:59:ab:44:8c:60:62:20:ff:
                    6c:d9:27:ad:9b:8e:b3:bf:ac:8d:14:05:39:9f:77:
                    5d:b2:8d:fd:21:69:81:ed:9d:f9:80:07:d0:68:13:
                    17:21:a6:03:39:b3:8c:e4:f3:c7:6d:47:24:bc:76:
                    dc:45:35:65:58:af:45:82:ef:c1:ca:5c:9e:f9:03:
                    7c:78:5a:e7:a7:a5:d9:c7:54:44:18:56:e2:00:7c:
                    da:77:8a:47:f6:bf:06:b9:8a:cb:ca:30:0e:ed:91:
                    d7:14:a5:84:8c:12:46:82:88:13:a1:5f:18:5e:ec:
                    e6:4e:b4:44:a0:76:6f:37:38:f0:3b:03:3a:ad:62:
                    80:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:DB:1E:27:30:71:3C:50:2A:1D:6D:5F:FB:FF:FA:27:71:B7:DA:34
            X509v3 Authority Key Identifier:
                keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:9d:39:5b:78:53:75:81:8a:12:eb:e2:60:da:09:bb:4f:cd:
         17:a0:8a:8d:e0:08:3f:63:32:78:18:36:c6:fd:95:0e:f4:3e:
         1a:a0:8b:84:92:1f:00:f5:1e:db:b4:6a:97:ad:c2:79:07:c2:
         18:81:60:9a:5a:3c:0c:e7:0f:fa:1d:de:bc:cb:ec:20:6a:1b:
         ff:ec:ab:61:16:b0:6a:e3:16:62:17:33:ba:95:90:bc:da:ff:
         22:b7:93:ce:e6:80:29:1c:6e:1e:e7:58:bf:27:0b:e7:36:df:
         59:ae:6a:42:f2:df:12:4f:aa:fe:81:6e:ce:cf:ac:64:4d:9b:
         94:9d:ac:6d:54:bf:b1:0d:37:7a:26:b8:28:3e:0c:bd:77:0c:
         6c:dd:e3:56:57:b9:21:c7:2f:37:8e:3c:86:cc:33:eb:1b:fe:
         5d:1e:65:14:60:ad:32:6b:4b:b1:8b:9e:4d:30:76:66:cb:fd:
         15:f9:a9:b3:fb:be:db:dd:6c:86:48:c8:69:d6:d4:84:63:b9:
         c3:cc:16:2e:92:5d:7b:cd:55:e5:c5:64:a4:f9:ce:88:77:a6:
         7f:3c:95:71:56:b0:9f:e8:34:cb:93:f7:d2:4c:12:d8:0d:54:
         9c:91:0d:06:79:ea:61:e4:66:63:20:d1:48:e7:b5:e5:1d:ec:
         88:2a:a6:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXhkCVl3AYPPe+08PhQkylPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwMzI5MTEwMTE1WhcNMjUwMzMwMTEwMTE1WjAzMTEwLwYDVQQD
EyhmMmRiMWUyNzMwNzEzYzUwMmExZDZkNWZmYmZmZmEyNzcxYjdkYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sC2fj5FjA3aK48MOVnqxM/Te261
TSYgXS2W8Wc2IyutEqWWp88WeRxB0fQAxx7SfcE7s0CNPqCbmpXtdO1hQEnD/1+f
JLf9pibGWPeCA3xNwANOP4Fwqwq5a6d5UAfgg0K7ZFRXDKwSWDpWhl5kYcze8zRb
T05UBnmezn5DWatEjGBiIP9s2Setm46zv6yNFAU5n3ddso39IWmB7Z35gAfQaBMX
IaYDObOM5PPHbUckvHbcRTVlWK9Fgu/Bylye+QN8eFrnp6XZx1REGFbiAHzad4pH
9r8GuYrLyjAO7ZHXFKWEjBJGgogToV8YXuzmTrREoHZvNzjwOwM6rWKA/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLbHicwcTxQKh1tX/v/+idxt9o0MB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWp05W3hT
dYGKEuviYNoJu0/NF6CKjeAIP2MyeBg2xv2VDvQ+GqCLhJIfAPUe27Rql63CeQfC
GIFgmlo8DOcP+h3evMvsIGob/+yrYRawauMWYhczupWQvNr/IreTzuaAKRxuHudY
vycL5zbfWa5qQvLfEk+q/oFuzs+sZE2blJ2sbVS/sQ03eia4KD4MvXcMbN3jVle5
IccvN448hswz6xv+XR5lFGCtMmtLsYueTTB2Zsv9Ffmps/u+291shkjIadbUhGO5
w8wWLpJde81V5cVkpPnOiHemfzyVcVawn+g0y5P30kwS2A1UnJENBnnqYeRmYyDR
SOe15R3siCqmVQ==
-----END CERTIFICATE-----