Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft
File:                     Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft (raw, json)
Hash identifier:          Pk0b5GKGojB+8ijN1F0cvW7xL3p5AuKPqsiHZ4n8tlE=
Subject key identifier:   78:82:10:59:A3:7D:BC:7B:DC:55:8A:EB:98:DE:5C:D8:5F:AC:03:B6
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Certificate issuer:       /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial:       0195DFD899188D48D8F7ECDDC2B3960942C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft
Manifest number:          14D1
Signing time:             Sat 29 Mar 2025 03:01:08 +0000
Manifest this update:     Sat 29 Mar 2025 03:01:08 +0000
Manifest next update:     Sun 30 Mar 2025 03:01:08 +0000
Files and hashes:         1: 4SxEa8qHfL0SdS-yvynVjEWywI0.roa (hash: ed273NQ5dggxiwmHaUzsS7LYiMx/0KEG21fx026Qijc=)
                          2: 57zAUxjN80d98_hrUg6wNGuh-LQ.roa (hash: qIcET8+9I+XlvyugPkuqmk4yArAibC2n8LmahOzKwL0=)
                          3: LE7N1a1uboQzN97q5uXEpXRCthI.roa (hash: acxO9/yWByiaEkWpHMZY/pa7lJUQ5fZxyIs+7NiR+UQ=)
                          4: NmoYPoFsB3H-yWZn9Rb0NDz1MJ4.roa (hash: FwqkjteV8mEkwCHBz60OLk0gwsGOE+XgtXFsarBN/XQ=)
                          5: Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl (hash: xDwMudUFHAoaSI0z4AFYhzSoXk0NjZkAjoaRa5n8aSA=)
                          6: rnTaQ1uEKUsJsa3f9-uniTuwHWo.roa (hash: 65NB0UfxYYmSvSLb5gS9zELjlvrzXWC3McdcTIR7Hxk=)
                          7: tIc5dJ9row9Jpwnimlce4tYbp44.roa (hash: ouwAo45RW/R/dO1EFuBCaboweb6Z3RjFTDf5e9DgnQU=)
                          8: xv_S9Q_lixnhLdeB2FeY6-83q40.roa (hash: fpHqpuP8WhUb/qgqx71BT4D9l/LEKw+tKbvv5QvJ1WU=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:df:d8:99:18:8d:48:d8:f7:ec:dd:c2:b3:96:09:42:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
        Validity
            Not Before: Mar 29 03:01:08 2025 GMT
            Not After : Mar 30 03:01:08 2025 GMT
        Subject: CN=78821059a37dbc7bdc558aeb98de5cd85fac03b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4a:6d:55:52:2b:a0:67:d0:e3:67:c3:1a:2a:
                    21:30:77:b9:d0:a4:a6:5f:40:b5:83:4b:c3:85:49:
                    81:e8:57:ff:27:c9:da:b4:77:21:f9:b5:e4:d9:ae:
                    81:f8:ee:95:49:4a:e5:1b:3e:52:ee:9e:ab:6f:ba:
                    ac:55:37:46:d7:e7:5b:4b:9f:8e:81:ce:d2:3b:f5:
                    26:4f:90:ff:da:2b:d6:4e:c1:c5:02:49:dd:73:19:
                    eb:ba:27:f5:92:a1:ea:c4:31:db:cd:f8:4f:56:f8:
                    9c:ca:eb:cd:bc:88:79:6b:8e:45:61:8d:25:60:ff:
                    d4:9b:09:c7:22:85:22:a7:50:ad:ba:11:0f:80:be:
                    86:11:fe:4d:8c:0f:0c:62:09:33:ef:a2:1c:be:8b:
                    16:59:07:f7:6a:6a:bd:ae:d2:a7:10:79:6a:fb:a8:
                    13:d4:14:15:84:9f:b9:fc:b7:59:0e:3c:1c:fb:be:
                    00:7e:ee:7a:5b:f2:01:84:18:59:ca:a1:ad:d8:88:
                    25:34:ba:69:0a:66:71:59:6e:c8:ed:85:d6:63:ac:
                    05:52:fa:c1:e8:56:36:a8:c5:1f:96:d9:5e:1a:ef:
                    aa:1c:57:dc:34:a5:89:88:2d:05:38:40:c0:b9:18:
                    97:92:88:35:5d:0c:4f:01:5d:5e:a7:dd:81:4b:9c:
                    99:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:82:10:59:A3:7D:BC:7B:DC:55:8A:EB:98:DE:5C:D8:5F:AC:03:B6
            X509v3 Authority Key Identifier:
                keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:90:8c:bd:d8:71:5f:cd:c4:1a:5e:bb:4a:a8:b3:97:d8:df:
         bf:1b:3f:2d:a1:f8:48:20:fa:0f:0f:82:d3:e5:5a:81:08:0b:
         04:9e:27:df:28:39:fa:79:bd:38:b7:4f:7b:4e:0c:69:0b:cc:
         53:e3:5c:46:5d:77:d4:2b:0b:da:a4:e4:da:3b:05:d3:16:9a:
         0f:8e:35:cc:fd:11:d4:dd:c9:34:74:de:4c:60:08:4f:df:4d:
         5b:ff:9c:22:52:0b:ed:95:6b:66:43:e0:11:83:83:e5:5d:c2:
         2b:0b:9f:09:4d:4e:13:0c:e3:56:d3:70:e5:b1:80:7e:31:23:
         ae:4b:8b:7b:08:3d:ee:05:6b:5c:78:c3:12:e8:46:2f:43:8b:
         b9:45:76:06:74:f9:43:ba:b9:d6:80:04:4a:53:dd:dc:8a:69:
         ab:de:b7:58:ea:37:54:22:4c:ce:49:b7:63:9b:5f:cb:21:28:
         ff:d2:6e:08:6b:05:82:56:3a:74:19:3a:c1:7f:0c:bd:fc:88:
         b2:2b:91:9e:6a:5f:aa:62:7d:54:71:b1:3f:ca:56:a6:23:28:
         85:bb:9a:47:df:1c:f7:d7:c1:44:4a:05:13:be:6c:83:a2:8b:
         71:b2:bf:14:5b:bf:af:ec:64:87:73:67:7b:17:c4:00:67:d4:
         3a:68:e8:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXf2JkYjUjY9+zdwrOWCULGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjUwMzI5MDMwMTA4WhcNMjUwMzMwMDMwMTA4WjAzMTEwLwYDVQQD
Eyg3ODgyMTA1OWEzN2RiYzdiZGM1NThhZWI5OGRlNWNkODVmYWMwM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUptVVIroGfQ42fDGiohMHe50KSm
X0C1g0vDhUmB6Ff/J8natHch+bXk2a6B+O6VSUrlGz5S7p6rb7qsVTdG1+dbS5+O
gc7SO/UmT5D/2ivWTsHFAkndcxnruif1kqHqxDHbzfhPVvicyuvNvIh5a45FYY0l
YP/UmwnHIoUip1CtuhEPgL6GEf5NjA8MYgkz76IcvosWWQf3amq9rtKnEHlq+6gT
1BQVhJ+5/LdZDjwc+74Afu56W/IBhBhZyqGt2IglNLppCmZxWW7I7YXWY6wFUvrB
6FY2qMUfltleGu+qHFfcNKWJiC0FOEDAuRiXkog1XQxPAV1ep92BS5yZCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiCEFmjfbx73FWK65jeXNhfrAO2MB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE5CMvdhx
X83EGl67Sqizl9jfvxs/LaH4SCD6Dw+C0+VagQgLBJ4n3yg5+nm9OLdPe04MaQvM
U+NcRl131CsL2qTk2jsF0xaaD441zP0R1N3JNHTeTGAIT99NW/+cIlIL7ZVrZkPg
EYOD5V3CKwufCU1OEwzjVtNw5bGAfjEjrkuLewg97gVrXHjDEuhGL0OLuUV2BnT5
Q7q51oAESlPd3Ippq963WOo3VCJMzkm3Y5tfyyEo/9JuCGsFglY6dBk6wX8MvfyI
siuRnmpfqmJ9VHGxP8pWpiMohbuaR98c99fBREoFE75sg6KLcbK/FFu/r+xkh3Nn
exfEAGfUOmjovg==
-----END CERTIFICATE-----