Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.mft
File:                     yjuG5lRw-ZTfptb-6OJk22LiSvk.mft (raw, json)
Hash identifier:          fw0KOhlq8RxWJ5f5lLTbia1dsp6Nl7HYdxavli1LQW0=
Subject key identifier:   79:FB:D8:B4:C7:A0:14:18:66:3C:5D:EC:64:94:97:DE:DD:92:53:AA
Authority key identifier: CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
Certificate issuer:       /CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Certificate serial:       0195E122416488C1F93970F90712A338EDCD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.mft
Manifest number:          14CA
Signing time:             Sat 29 Mar 2025 09:01:13 +0000
Manifest this update:     Sat 29 Mar 2025 09:01:13 +0000
Manifest next update:     Sun 30 Mar 2025 09:01:13 +0000
Files and hashes:         1: Db8DTjUYkYFq1VL2utnrt9ZhoOQ.roa (hash: d9GgydKG9uk/HAxIswAdFFBoSDorEX71FTaOERwLhzg=)
                          2: RfiogXB75ZZcw60YgsMcLXMGreQ.roa (hash: CxagJfgQ+HRjqYYAQUHG4nzSSm5GU9hHUNpe0/HqHLA=)
                          3: Vsvw7zSK2cjlfLBPzsEjNibepw0.roa (hash: fMTdJF0J/U/sST/3YzLYOWjYa8T84ONedHLdQ86kfmA=)
                          4: WTl9wt0Rp1_SP8V72BWndXzvVXk.roa (hash: BI9xuqlMchALIUZfnOAm1MAIdvbV4MZUCOFrf3rfZgA=)
                          5: yjuG5lRw-ZTfptb-6OJk22LiSvk.crl (hash: ZTVUPDCcem2Q3qzINblEmREMfjx2g6AKRf1ZxCUiQNs=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e1:22:41:64:88:c1:f9:39:70:f9:07:12:a3:38:ed:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
        Validity
            Not Before: Mar 29 09:01:13 2025 GMT
            Not After : Mar 30 09:01:13 2025 GMT
        Subject: CN=79fbd8b4c7a01418663c5dec649497dedd9253aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:d4:f0:ab:87:14:b7:25:73:a8:d3:e8:ce:18:
                    2e:24:7d:33:c9:1a:c8:71:6e:83:b6:9e:d2:78:60:
                    29:ee:a3:87:ea:ee:a0:88:2a:e2:4f:80:5c:da:95:
                    bf:79:6d:13:19:dd:c1:82:72:a1:fb:af:67:3d:3a:
                    31:88:e5:a1:57:4b:6c:04:e8:bd:bb:b4:fa:2c:cc:
                    ae:f1:b5:82:e1:b7:ef:c3:dc:bd:cd:d1:0f:af:4c:
                    f9:3a:36:2a:58:05:2c:6c:b5:86:85:81:3b:7d:77:
                    c0:45:2b:63:99:bc:e5:50:4a:c7:a3:aa:02:7d:19:
                    32:ad:c2:18:bc:3e:fb:4d:11:42:21:99:c9:74:09:
                    0b:f7:3c:5c:5c:1f:d5:c7:3e:3b:cf:ac:79:8d:cf:
                    1e:37:8f:60:5d:c1:10:cb:3a:4b:b5:7f:1a:33:02:
                    00:a6:49:c7:40:aa:87:ad:60:5e:89:9a:db:62:0e:
                    e6:29:33:83:66:ab:3f:6f:6a:94:26:8b:fb:4d:ef:
                    f1:e7:a3:00:5c:b4:d9:1a:0f:c0:1f:6d:16:fe:97:
                    b3:32:c5:5f:5c:d6:07:30:cc:a9:4e:fd:4f:89:f3:
                    8f:9c:96:e1:6e:0a:22:cd:31:a9:f0:57:c0:36:08:
                    76:66:ad:eb:1c:f3:bb:e0:59:43:5e:3c:ad:09:5e:
                    43:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:FB:D8:B4:C7:A0:14:18:66:3C:5D:EC:64:94:97:DE:DD:92:53:AA
            X509v3 Authority Key Identifier:
                keyid:CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:04:3d:c7:39:40:28:73:70:dc:a8:c4:72:7a:74:f1:a9:87:
         be:3d:e0:8c:96:45:c7:71:f0:cb:62:00:9a:bf:0a:15:cb:22:
         b0:bc:2e:fb:cf:40:46:e8:56:62:9d:48:fb:87:d9:04:94:ed:
         ed:89:cd:69:92:11:47:85:a9:f6:6f:e8:b1:e6:e7:9d:f1:f9:
         25:d5:4a:1b:f3:95:39:86:34:ec:07:83:3f:a2:39:07:f1:d2:
         59:18:c8:4c:3c:95:79:56:be:70:ec:44:76:e3:33:4b:f6:e9:
         63:34:4f:19:73:ae:81:88:9b:f9:9e:49:d7:39:c5:86:3e:8c:
         89:c4:07:b6:30:a4:f8:dd:ec:3a:fd:b6:05:5c:02:7c:cb:91:
         f9:ef:7b:32:7c:67:02:c0:85:4f:5c:b5:33:5f:eb:27:15:fe:
         01:7c:52:41:00:98:16:ea:d9:b3:48:f2:a8:b7:b8:5e:59:b1:
         2a:70:11:5e:7e:1b:14:e2:5e:3e:4a:df:21:d2:7b:d7:69:21:
         95:f2:96:0a:e7:de:6e:2f:ad:bc:27:ab:3a:ff:f9:25:c8:68:
         28:dd:a3:bc:3b:b0:9a:48:38:0a:c5:29:5d:e0:85:da:70:4c:
         81:2a:3a:24:7b:eb:33:0b:96:4e:7e:81:41:20:77:0e:7e:ce:
         e0:26:ca:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXhIkFkiMH5OXD5BxKjOO3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2I4NmU2NTQ3MGY5OTRkZmE2ZDZmZWU4ZTI2NGRiNjJl
MjRhZjkwHhcNMjUwMzI5MDkwMTEzWhcNMjUwMzMwMDkwMTEzWjAzMTEwLwYDVQQD
Eyg3OWZiZDhiNGM3YTAxNDE4NjYzYzVkZWM2NDk0OTdkZWRkOTI1M2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19Twq4cUtyVzqNPozhguJH0zyRrI
cW6Dtp7SeGAp7qOH6u6giCriT4Bc2pW/eW0TGd3BgnKh+69nPToxiOWhV0tsBOi9
u7T6LMyu8bWC4bfvw9y9zdEPr0z5OjYqWAUsbLWGhYE7fXfARStjmbzlUErHo6oC
fRkyrcIYvD77TRFCIZnJdAkL9zxcXB/Vxz47z6x5jc8eN49gXcEQyzpLtX8aMwIA
pknHQKqHrWBeiZrbYg7mKTODZqs/b2qUJov7Te/x56MAXLTZGg/AH20W/pezMsVf
XNYHMMypTv1PifOPnJbhbgoizTGp8FfANgh2Zq3rHPO74FlDXjytCV5DEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn72LTHoBQYZjxd7GSUl97dklOqMB8GA1UdIwQY
MBaAFMo7huZUcPmU36bW/ujiZNti4kr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgt
OTUzMWQyNGUwNjEwLzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgtOTUzMWQyNGUwNjEw
LzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQQ9xzlA
KHNw3KjEcnp08amHvj3gjJZFx3Hwy2IAmr8KFcsisLwu+89ARuhWYp1I+4fZBJTt
7YnNaZIRR4Wp9m/osebnnfH5JdVKG/OVOYY07AeDP6I5B/HSWRjITDyVeVa+cOxE
duMzS/bpYzRPGXOugYib+Z5J1znFhj6MicQHtjCk+N3sOv22BVwCfMuR+e97Mnxn
AsCFT1y1M1/rJxX+AXxSQQCYFurZs0jyqLe4XlmxKnARXn4bFOJePkrfIdJ712kh
lfKWCufebi+tvCerOv/5JchoKN2jvDuwmkg4CsUpXeCF2nBMgSo6JHvrMwuWTn6B
QSB3Dn7O4CbK1A==
-----END CERTIFICATE-----