Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
File:                     lHMg0DCTAXjm987vkdKrh4TT3BY.mft (raw, json)
Hash identifier:          ppFwza0KkN+L+StKixWPyMC7AqUssUyyZuUSToWPZAg=
Subject key identifier:   DA:8E:AB:98:4F:01:89:DA:FC:88:C3:D2:32:76:ED:F5:B9:FE:47:A1
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Certificate issuer:       /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial:       0195E0EB0805A4D4610FA42BAC8D67654604
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
Manifest number:          10EE
Signing time:             Sat 29 Mar 2025 08:00:53 +0000
Manifest this update:     Sat 29 Mar 2025 08:00:53 +0000
Manifest next update:     Sun 30 Mar 2025 08:00:53 +0000
Files and hashes:         1: 5QMHmJgfqvSExR78QZoDl1UWmsA.roa (hash: Dbmsjz6HJzMNQXjckNup+UFifmkcVaFAdGg2/Xlr06g=)
                          2: 9Hm8EAVuf4tqOcHaH0y7y-1Ym9k.roa (hash: FodBXOCVdl5JGOEkTl9E8+4jK0F+A6PAABCoahGBKds=)
                          3: ChcX6dEQMX7PgnkGnKeX9TQTPSU.roa (hash: 9GX5XaBmVeFjM4n7HjAG7e5pB9imRwZnEdAGfd1ulvc=)
                          4: I2s0NE0e0ldLesJa5IwWq_3YoQY.roa (hash: 32nxkp+mnSpxawrjeJdAmkwgRYzly761fgfPTbswaVo=)
                          5: PMaHuXs3WWXL_wMiCfpWp06YsGo.roa (hash: 9cmCaAVftyHuRhOLzikzJqVe0HoECs2yXEC681pBBp4=)
                          6: lHMg0DCTAXjm987vkdKrh4TT3BY.crl (hash: yYg3lW/yFynkAJGcFliw9h8sHkTOhTkB0knxo9OBVcM=)
                          7: wV_UPXPoWr2rMigTEJujKEPHkRU.roa (hash: sWrQ1dC0i8v5NdCh/KJb/CYIzz2swLex9WzWGoX8cPc=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:eb:08:05:a4:d4:61:0f:a4:2b:ac:8d:67:65:46:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
        Validity
            Not Before: Mar 29 08:00:53 2025 GMT
            Not After : Mar 30 08:00:53 2025 GMT
        Subject: CN=da8eab984f0189dafc88c3d23276edf5b9fe47a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:70:b3:45:00:07:79:40:8a:88:d0:ef:1b:eb:
                    b7:e3:c8:1c:5b:eb:aa:4e:cb:20:02:13:43:ce:eb:
                    56:4c:9f:08:76:00:85:08:9a:95:2b:ba:23:c4:be:
                    e9:c4:4b:58:c4:71:0c:04:bc:fd:62:1e:2d:3f:4a:
                    27:77:cd:86:1f:40:92:92:27:b7:94:55:b8:e1:ee:
                    b1:57:b6:1e:7d:e6:a2:ff:e1:45:6e:63:8b:5c:20:
                    02:65:6a:7e:cb:fd:c1:7c:94:5b:73:06:6a:bc:5a:
                    1c:90:c4:de:8f:11:3c:96:cc:87:e6:0c:27:e1:3c:
                    c1:9f:eb:d9:15:48:40:fb:f5:8a:19:b3:e6:f9:ea:
                    4e:ba:5f:a8:86:76:a6:07:29:ad:86:8e:51:88:71:
                    f5:9a:33:90:66:6f:4b:d8:09:74:51:6b:7b:f2:3b:
                    68:33:43:91:27:f6:0c:d1:11:81:67:bc:20:b3:2a:
                    76:04:7d:66:40:93:92:6b:a8:7c:6d:a7:ca:c7:6d:
                    e5:b1:b1:d2:b3:e4:5e:b6:44:76:47:5c:5a:cc:15:
                    14:cb:6c:54:01:45:2c:cd:00:2d:6b:c9:28:74:35:
                    8f:38:f8:5b:8d:c6:d7:9f:c8:b2:26:c3:de:02:83:
                    16:db:74:56:86:ef:03:52:04:3a:5e:20:a2:6b:d1:
                    9c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:8E:AB:98:4F:01:89:DA:FC:88:C3:D2:32:76:ED:F5:B9:FE:47:A1
            X509v3 Authority Key Identifier:
                keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:79:5b:46:a2:48:6f:c9:de:51:99:b4:cc:4b:08:af:5f:fa:
         dc:d2:b2:e0:83:c9:7c:aa:e3:d1:a1:9f:91:d6:af:48:be:b8:
         17:f2:c9:ff:91:5d:2c:dd:66:14:7d:36:37:a6:52:72:2e:fa:
         6e:18:9b:89:40:6f:eb:6f:71:9f:87:b1:99:d3:ed:bb:b0:d8:
         5d:bf:fe:6b:d0:f3:c8:ff:8e:b3:71:e4:e3:f8:4e:56:bf:00:
         5c:c8:de:b5:02:62:29:ce:9f:3f:c4:17:2b:b1:d9:a5:47:19:
         a0:66:d0:89:31:25:84:b0:02:c4:08:6e:65:9d:f7:be:76:51:
         80:81:b3:1d:7b:d4:68:9d:50:e6:a9:6a:1d:55:0d:ec:eb:18:
         d6:a2:c4:a0:88:a5:b6:45:86:bf:99:ef:45:f3:ec:05:87:f2:
         bf:b9:64:15:f1:c2:d7:62:9c:56:74:cc:b3:ce:98:a0:a3:a8:
         a7:fb:01:2e:d6:cb:88:1a:8d:1c:b3:9c:65:bf:da:0d:2c:19:
         09:b5:02:cf:85:e0:37:e5:60:b3:a8:67:f0:38:d4:b4:47:98:
         e2:ea:4a:65:b6:86:58:11:1d:db:49:fe:72:e1:d9:9f:d1:9a:
         fa:8f:c2:c0:51:47:66:07:e8:13:44:90:2f:d4:7d:23:ab:23:
         31:47:3a:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXg6wgFpNRhD6QrrI1nZUYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjUwMzI5MDgwMDUzWhcNMjUwMzMwMDgwMDUzWjAzMTEwLwYDVQQD
EyhkYThlYWI5ODRmMDE4OWRhZmM4OGMzZDIzMjc2ZWRmNWI5ZmU0N2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHCzRQAHeUCKiNDvG+u348gcW+uq
TssgAhNDzutWTJ8IdgCFCJqVK7ojxL7pxEtYxHEMBLz9Yh4tP0ond82GH0CSkie3
lFW44e6xV7Yefeai/+FFbmOLXCACZWp+y/3BfJRbcwZqvFockMTejxE8lsyH5gwn
4TzBn+vZFUhA+/WKGbPm+epOul+ohnamBymtho5RiHH1mjOQZm9L2Al0UWt78jto
M0ORJ/YM0RGBZ7wgsyp2BH1mQJOSa6h8bafKx23lsbHSs+RetkR2R1xazBUUy2xU
AUUszQAta8kodDWPOPhbjcbXn8iyJsPeAoMW23RWhu8DUgQ6XiCia9Gc8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqOq5hPAYna/IjD0jJ27fW5/kehMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlnlbRqJI
b8neUZm0zEsIr1/63NKy4IPJfKrj0aGfkdavSL64F/LJ/5FdLN1mFH02N6ZSci76
bhibiUBv629xn4exmdPtu7DYXb/+a9DzyP+Os3Hk4/hOVr8AXMjetQJiKc6fP8QX
K7HZpUcZoGbQiTElhLACxAhuZZ33vnZRgIGzHXvUaJ1Q5qlqHVUN7OsY1qLEoIil
tkWGv5nvRfPsBYfyv7lkFfHC12KcVnTMs86YoKOop/sBLtbLiBqNHLOcZb/aDSwZ
CbUCz4XgN+Vgs6hn8DjUtEeY4upKZbaGWBEd20n+cuHZn9Ga+o/CwFFHZgfoE0SQ
L9R9I6sjMUc6sw==
-----END CERTIFICATE-----