Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/oBZYi9HMst0iHG-Hg4VnR11-8ps.mft
File:                     oBZYi9HMst0iHG-Hg4VnR11-8ps.mft (raw, json)
Hash identifier:          hyYLWuRVQ7h+T7mQsUPKKOiuYf+KGukSNmzChCA3+HI=
Subject key identifier:   CF:D3:A3:26:6C:77:69:93:E3:FB:90:68:EB:20:E2:8B:4E:48:43:A1
Authority key identifier: A0:16:58:8B:D1:CC:B2:DD:22:1C:6F:87:83:85:67:47:5D:7E:F2:9B
Certificate issuer:       /CN=a016588bd1ccb2dd221c6f87838567475d7ef29b
Certificate serial:       0195E04645CE8D070827825B1C01B0029A53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oBZYi9HMst0iHG-Hg4VnR11-8ps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/oBZYi9HMst0iHG-Hg4VnR11-8ps.mft
Manifest number:          14C3
Signing time:             Sat 29 Mar 2025 05:00:56 +0000
Manifest this update:     Sat 29 Mar 2025 05:00:56 +0000
Manifest next update:     Sun 30 Mar 2025 05:00:56 +0000
Files and hashes:         1: 7uBhUg1U8OiL4mgssHYwPwkKJrs.roa (hash: qe2rw9SjAhTjzWJWyO7/LvmX898Pe709+tHdC1jP6UA=)
                          2: P--cyCsEXWTpmdtjtbooGfKZW34.roa (hash: NViLGPpX2PnuVnmOA56Cf2Dp8n102H0opZdujn8vzcs=)
                          3: aUv0oKe6R2btvCdtOSYfT8WFAF0.roa (hash: lEgJxjlP6AlXHpqLTYKzkLDQsVq+Pi3xpQibZH/Rsds=)
                          4: gAUG9nMSNjQsq1tequutH3immt8.roa (hash: LCBTiYiGcwL+NIVJ6V4OXpEoNBb3bNUukyOlGZ8oVgM=)
                          5: kx7UofzIMm_m_XlnrQs2X_ZwrTs.roa (hash: FMY4CRQkCPFhXww6V/ELCA3IQUBWPklogLha1wHTo1w=)
                          6: oBZYi9HMst0iHG-Hg4VnR11-8ps.crl (hash: cg5Oi4vhTcsbHvCBb/7jU7XG0BW5/D73hJbVd8Fu7OU=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:46:45:ce:8d:07:08:27:82:5b:1c:01:b0:02:9a:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a016588bd1ccb2dd221c6f87838567475d7ef29b
        Validity
            Not Before: Mar 29 05:00:56 2025 GMT
            Not After : Mar 30 05:00:56 2025 GMT
        Subject: CN=cfd3a3266c776993e3fb9068eb20e28b4e4843a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8a:ac:6d:2b:b6:bf:d4:aa:b5:96:d2:55:83:
                    81:5f:41:08:04:af:7f:23:0b:45:27:3c:80:1b:eb:
                    e3:d2:e3:eb:6b:f3:b9:69:58:99:15:dd:0e:be:bf:
                    17:e7:88:59:b2:63:94:85:d5:d1:9a:b7:e7:6f:c8:
                    01:36:4d:0d:93:54:fa:16:2e:d4:04:93:04:0b:8c:
                    10:9e:f7:bf:99:f4:a4:24:b5:dc:c3:12:88:95:8d:
                    e1:5e:f1:b0:d3:28:9b:23:84:b3:97:d4:3f:17:2d:
                    21:71:61:b3:9b:fb:78:f5:02:19:fe:66:96:7c:f7:
                    b3:38:a3:63:df:64:72:2a:ac:40:b7:b0:87:74:1c:
                    d2:8b:94:28:2c:99:67:ef:ea:b8:90:88:5d:a7:7a:
                    1f:a5:32:79:db:9a:57:45:aa:cd:bd:24:25:34:21:
                    77:18:d2:51:8b:a8:fd:9c:ac:2a:c4:b0:fa:20:5f:
                    c8:41:87:89:16:e8:f3:c6:c2:68:2a:28:d7:ba:b8:
                    00:56:2a:73:45:e4:df:a5:0b:e9:f6:c7:16:73:d3:
                    81:a0:5e:f1:16:62:74:f1:6d:72:52:11:f5:4e:47:
                    0f:c5:e2:d7:9e:ea:c8:fc:7a:73:a2:a5:b3:8f:b9:
                    80:27:38:09:ca:da:87:ad:f6:2d:30:31:77:56:33:
                    74:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:D3:A3:26:6C:77:69:93:E3:FB:90:68:EB:20:E2:8B:4E:48:43:A1
            X509v3 Authority Key Identifier:
                keyid:A0:16:58:8B:D1:CC:B2:DD:22:1C:6F:87:83:85:67:47:5D:7E:F2:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBZYi9HMst0iHG-Hg4VnR11-8ps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/oBZYi9HMst0iHG-Hg4VnR11-8ps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/oBZYi9HMst0iHG-Hg4VnR11-8ps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:5c:ea:ac:8d:64:b9:79:49:c4:b4:62:ad:01:6a:f3:07:ad:
         5c:0e:c9:74:07:48:54:db:75:eb:e6:23:6d:69:17:8c:fb:52:
         20:5e:f9:4b:25:4e:e2:c9:8b:f5:44:f0:6d:17:98:67:b4:e2:
         57:33:1a:f5:e6:5b:23:c4:9f:28:10:06:e4:58:ab:18:00:d4:
         5e:2b:e7:cc:01:64:3a:6f:e8:5e:e9:e4:54:02:44:07:5a:f8:
         d9:0a:1a:9c:59:fb:47:5e:da:64:b4:34:f4:0a:59:5d:52:95:
         77:50:4f:bf:a1:40:72:a4:1a:d7:fa:0e:19:2e:ad:dd:00:48:
         4d:5c:18:a6:a3:82:5b:a9:d7:1c:4a:31:9b:90:d1:0a:ad:69:
         8b:e0:a4:95:c2:d6:aa:a6:22:69:eb:61:40:bf:67:b8:a1:e5:
         df:a2:e3:00:c9:84:57:2d:89:16:50:6c:88:55:c2:3d:b2:02:
         07:00:be:39:dd:8d:75:17:a8:06:8a:49:22:5e:a6:8f:c7:b7:
         49:33:d4:f8:a0:04:42:6e:69:df:0a:76:d1:78:44:48:a0:c9:
         3b:cd:96:19:74:55:3b:fe:6e:1d:e6:fb:e1:d8:34:df:51:aa:
         3e:6b:54:9a:dd:c9:45:98:de:81:78:1e:28:6f:31:b1:72:a4:
         4b:65:3e:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgRkXOjQcIJ4JbHAGwAppTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMTY1ODhiZDFjY2IyZGQyMjFjNmY4NzgzODU2NzQ3NWQ3
ZWYyOWIwHhcNMjUwMzI5MDUwMDU2WhcNMjUwMzMwMDUwMDU2WjAzMTEwLwYDVQQD
EyhjZmQzYTMyNjZjNzc2OTkzZTNmYjkwNjhlYjIwZTI4YjRlNDg0M2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoqsbSu2v9SqtZbSVYOBX0EIBK9/
IwtFJzyAG+vj0uPra/O5aViZFd0Ovr8X54hZsmOUhdXRmrfnb8gBNk0Nk1T6Fi7U
BJMEC4wQnve/mfSkJLXcwxKIlY3hXvGw0yibI4Szl9Q/Fy0hcWGzm/t49QIZ/maW
fPezOKNj32RyKqxAt7CHdBzSi5QoLJln7+q4kIhdp3ofpTJ525pXRarNvSQlNCF3
GNJRi6j9nKwqxLD6IF/IQYeJFujzxsJoKijXurgAVipzReTfpQvp9scWc9OBoF7x
FmJ08W1yUhH1TkcPxeLXnurI/HpzoqWzj7mAJzgJytqHrfYtMDF3VjN0VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/ToyZsd2mT4/uQaOsg4otOSEOhMB8GA1UdIwQY
MBaAFKAWWIvRzLLdIhxvh4OFZ0ddfvKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0JaWWk5SE1zdDBpSEctSGc0Vm5SMTEtOHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZWM1NjktOGNhZi00MTk4LWJhZTEt
NzczMTIwZmY3YzBmLzEvb0JaWWk5SE1zdDBpSEctSGc0Vm5SMTEtOHBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZWM1NjktOGNhZi00MTk4LWJhZTEtNzczMTIwZmY3YzBm
LzEvb0JaWWk5SE1zdDBpSEctSGc0Vm5SMTEtOHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPFzqrI1k
uXlJxLRirQFq8wetXA7JdAdIVNt16+YjbWkXjPtSIF75SyVO4smL9UTwbReYZ7Ti
VzMa9eZbI8SfKBAG5FirGADUXivnzAFkOm/oXunkVAJEB1r42QoanFn7R17aZLQ0
9ApZXVKVd1BPv6FAcqQa1/oOGS6t3QBITVwYpqOCW6nXHEoxm5DRCq1pi+CklcLW
qqYiaethQL9nuKHl36LjAMmEVy2JFlBsiFXCPbICBwC+Od2NdReoBopJIl6mj8e3
STPU+KAEQm5p3wp20XhESKDJO82WGXRVO/5uHeb74dg031GqPmtUmt3JRZjegXge
KG8xsXKkS2U+XA==
-----END CERTIFICATE-----