Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
File:                     Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft (raw, json)
Hash identifier:          ++EfZX7JAxYhXtcZFSuBg30za64NVN5oMR2aKTiNA2M=
Subject key identifier:   F8:53:BB:CD:26:50:0B:79:9E:C4:77:E2:E1:17:E8:2A:3F:82:F6:3C
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Certificate issuer:       /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial:       0195E046908AEF31AEF5C5524ACA48892A39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
Manifest number:          1310
Signing time:             Sat 29 Mar 2025 05:01:15 +0000
Manifest this update:     Sat 29 Mar 2025 05:01:15 +0000
Manifest next update:     Sun 30 Mar 2025 05:01:15 +0000
Files and hashes:         1: 1-KS-11GCop4jdIEBghE-M8_v_g8.roa (hash: EqC/3yl9y80XofTy0F138kTU+PwB4qz9tGO9qfDtpgk=)
                          2: 28Clr4Ex1l2uqo6qlmoWgDRx4JU.roa (hash: idGohMKsNgyo0RBS8sMY69MlW8nQfQuAaP7Q0HBe0uM=)
                          3: 3RrW5Yatg2PUvnJMq7_H-tuFmj8.roa (hash: 5AaD0wsj8bY2cs7Xy1+SAntuaiPPTR2j1GucGYtil+8=)
                          4: 6Mu0G5eGnDMdTKqwRVWTSuG8bsw.roa (hash: moIyQZi4wCVA13IscbWLzRltLBx1xw7w1x6HIQR/1Hg=)
                          5: Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl (hash: /uSHhLVynMrrEbkp03hnfrLD7x7qMOawt9abTa91eTY=)
                          6: ZDWi8X9SmWmbAKCwE55Pm2H1s3Q.roa (hash: j4Bd1zsOhh9D77jUeZ1o5ZusSCW9cs9P4TtpELqNqCQ=)
                          7: nJT9Bh_tbP1He9594EppfoCQEts.roa (hash: EeLGem/zMOULX8JHQg+hYpRqNlikcSBKHqsuzrAaMZg=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:46:90:8a:ef:31:ae:f5:c5:52:4a:ca:48:89:2a:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
        Validity
            Not Before: Mar 29 05:01:15 2025 GMT
            Not After : Mar 30 05:01:15 2025 GMT
        Subject: CN=f853bbcd26500b799ec477e2e117e82a3f82f63c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:1a:f7:2d:7c:f8:30:1d:0e:ca:7e:6a:13:c3:
                    c4:a4:a9:65:15:2e:ec:dc:b9:7c:9d:74:90:75:68:
                    77:11:d0:24:61:9d:9f:75:53:8d:ba:1a:ac:ed:a3:
                    28:a8:e4:74:dc:4a:84:c7:92:1b:fb:6a:83:0d:25:
                    12:a9:60:3f:7f:6f:1f:69:e8:7d:cb:e1:59:b5:0b:
                    85:77:b6:4e:a4:97:b2:c5:d5:34:e6:bf:a4:8b:99:
                    75:66:37:7b:21:8b:11:1a:2a:d5:35:db:c5:43:6b:
                    ec:bf:24:e9:94:5d:75:a0:ad:4a:9f:2c:d5:3d:73:
                    fa:03:65:4c:df:52:79:66:23:a9:f9:fc:1e:d6:2d:
                    6b:7c:92:45:bb:12:b8:62:3b:75:cc:4d:cf:42:11:
                    50:ca:4a:2c:68:bb:16:0c:fa:47:9b:15:c8:b0:ff:
                    6c:83:ed:3e:e6:dd:62:55:18:0a:bd:fc:a2:70:95:
                    47:21:84:26:a2:84:70:0b:e5:9c:16:ec:19:64:f5:
                    5b:41:6f:07:81:79:28:85:57:d3:dc:dc:b3:45:19:
                    67:89:36:28:ba:40:f1:c6:fb:a0:61:e2:c6:80:fb:
                    53:de:7b:4a:69:38:fc:cb:19:ea:93:0a:cb:e1:fc:
                    75:a1:a5:79:a8:20:6c:be:51:a9:a6:3d:e1:cd:d3:
                    58:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:53:BB:CD:26:50:0B:79:9E:C4:77:E2:E1:17:E8:2A:3F:82:F6:3C
            X509v3 Authority Key Identifier:
                keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:f5:bd:17:9b:0e:12:d8:37:a8:b6:63:4c:d1:90:a2:a4:eb:
         96:0c:7d:cc:55:da:4a:c4:50:38:ed:7e:ef:60:e4:39:4e:6c:
         89:4e:29:aa:09:34:da:1d:56:24:16:01:b5:79:f3:89:94:c7:
         8a:16:f8:66:8e:60:83:05:99:c4:ae:aa:63:ee:7d:32:c0:68:
         96:0c:a1:65:2a:98:92:2e:04:a5:5a:ac:15:01:2a:67:31:66:
         2a:ba:72:74:d2:7e:c2:71:93:fc:1e:9f:38:a4:76:15:af:eb:
         26:35:a7:73:fd:9d:3a:cf:5f:c4:ea:1f:4b:ec:3d:e4:0b:c4:
         5d:09:e0:7e:a3:67:b0:4d:f9:53:90:5c:ac:24:ed:1d:60:88:
         0a:f4:3d:3b:b1:6e:bf:d8:2f:aa:fb:39:ce:24:bc:9f:42:b8:
         11:91:f6:81:18:50:f5:38:55:19:c5:72:ed:ec:a9:a2:b5:a6:
         fc:f1:8c:30:0d:cf:a0:66:53:fa:ad:4a:88:0b:a7:f7:3e:58:
         05:4e:1a:21:9a:36:82:26:0c:49:bd:82:d5:13:a1:6b:91:75:
         a3:6b:10:8b:70:73:9b:a6:a8:42:bc:a5:11:92:02:a2:6a:ed:
         87:76:e2:01:42:f8:8d:f8:84:9e:63:67:40:45:f1:9f:ca:16:
         99:a3:6f:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgRpCK7zGu9cVSSspIiSo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjUwMzI5MDUwMTE1WhcNMjUwMzMwMDUwMTE1WjAzMTEwLwYDVQQD
EyhmODUzYmJjZDI2NTAwYjc5OWVjNDc3ZTJlMTE3ZTgyYTNmODJmNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Br3LXz4MB0Oyn5qE8PEpKllFS7s
3Ll8nXSQdWh3EdAkYZ2fdVONuhqs7aMoqOR03EqEx5Ib+2qDDSUSqWA/f28faeh9
y+FZtQuFd7ZOpJeyxdU05r+ki5l1Zjd7IYsRGirVNdvFQ2vsvyTplF11oK1KnyzV
PXP6A2VM31J5ZiOp+fwe1i1rfJJFuxK4Yjt1zE3PQhFQykosaLsWDPpHmxXIsP9s
g+0+5t1iVRgKvfyicJVHIYQmooRwC+WcFuwZZPVbQW8HgXkohVfT3NyzRRlniTYo
ukDxxvugYeLGgPtT3ntKaTj8yxnqkwrL4fx1oaV5qCBsvlGppj3hzdNYtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhTu80mUAt5nsR34uEX6Co/gvY8MB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEvW9F5sO
Etg3qLZjTNGQoqTrlgx9zFXaSsRQOO1+72DkOU5siU4pqgk02h1WJBYBtXnziZTH
ihb4Zo5ggwWZxK6qY+59MsBolgyhZSqYki4EpVqsFQEqZzFmKrpydNJ+wnGT/B6f
OKR2Fa/rJjWnc/2dOs9fxOofS+w95AvEXQngfqNnsE35U5BcrCTtHWCICvQ9O7Fu
v9gvqvs5ziS8n0K4EZH2gRhQ9ThVGcVy7eyporWm/PGMMA3PoGZT+q1KiAun9z5Y
BU4aIZo2giYMSb2C1ROha5F1o2sQi3Bzm6aoQrylEZIComrth3biAUL4jfiEnmNn
QEXxn8oWmaNvdw==
-----END CERTIFICATE-----