Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
File:                     lAoQolZyjxGku6rcMgS38KNaUAA.mft (raw, json)
Hash identifier:          QU3ELzuLnbSSsl7DOZdiLM10V3PuBaJ5g4UoGoO2rBk=
Subject key identifier:   4D:61:0A:85:CC:50:00:0B:72:44:73:DB:92:CE:D7:A5:A3:03:AD:5B
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Certificate issuer:       /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial:       0195E07D3C434BCF589D2739BA227D343827
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
Manifest number:          14D0
Signing time:             Sat 29 Mar 2025 06:00:58 +0000
Manifest this update:     Sat 29 Mar 2025 06:00:58 +0000
Manifest next update:     Sun 30 Mar 2025 06:00:58 +0000
Files and hashes:         1: 96CoHDqUFKRWLMKpuPNky2AThV0.roa (hash: 2dbkXGtx2Y2iGJ3uWXJRyOKWK4j+bBsW6iNp6F1vwRk=)
                          2: Zv6rhEtfx_jSCXc_S8UyXA0vo2U.roa (hash: upx9rJYDv3PHx1B1uURg+ybXETCTfjV8bsr8SvgJ3XM=)
                          3: biGYeNx8PlSGKHRmVucthKOSlnY.roa (hash: YxlSQax5Hky2oIIKAGXfmWIsjyjpaMRbBxvVdrI+BSI=)
                          4: g1Zk3nIRea2SYaHqoN92Ss1LCL8.roa (hash: aHQejC3hHy18rRg2jbGxWbnzx0KaJtZTncqKQ8jXn3M=)
                          5: lAoQolZyjxGku6rcMgS38KNaUAA.crl (hash: espTRJjtYJNkmwd0kN682MTzAc8jcfOruZKljYrrE6o=)
                          6: mmvuqSKrxCIOK5dTOpgllxAuYB8.roa (hash: cXrhSBrwqA5XppxSkBQnZWJRKIyKnPJRdZjf9M/iItg=)
                          7: rZuO-15UbHThyJRmeryxRpgLk2M.roa (hash: /ED0vNPFUaV7PRvXzqX2jHZ983s8HtxjtsJuRuMtCvI=)
                          8: ucC9i3XEX6RhZkWqb6NvZwx0--U.roa (hash: 2+uO/5ecRW47tQiINeeU4pOO33FM+U1i9JrXKMVUjI4=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:7d:3c:43:4b:cf:58:9d:27:39:ba:22:7d:34:38:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
        Validity
            Not Before: Mar 29 06:00:58 2025 GMT
            Not After : Mar 30 06:00:58 2025 GMT
        Subject: CN=4d610a85cc50000b724473db92ced7a5a303ad5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:19:d0:fd:81:9c:aa:fe:97:8d:65:58:3c:91:
                    75:1c:c4:b6:58:a5:58:37:30:23:a3:96:67:22:63:
                    c9:5e:62:d1:df:54:20:2b:42:2a:68:e9:8e:ec:c8:
                    2f:15:66:40:7c:78:1e:1f:72:ac:aa:f1:de:c7:57:
                    8d:9f:e5:fc:6f:5b:d4:5b:46:6f:c2:ae:a2:0a:d6:
                    a2:3c:bd:da:74:3f:76:4e:ee:d1:9a:32:e7:68:7d:
                    eb:bf:50:6f:5f:37:7e:31:6e:ed:dd:f8:1d:f3:3c:
                    3b:cd:d1:a1:1d:fe:d3:61:8d:0a:dd:d5:3d:b1:d3:
                    f0:c7:98:79:2e:98:dd:43:5c:88:45:79:c3:3e:08:
                    6f:32:65:c3:d0:fc:7d:3c:94:74:99:7a:ed:d6:23:
                    01:9b:64:45:22:66:18:a9:55:68:05:6d:ec:74:8b:
                    d7:50:3d:0e:4b:6a:cb:34:cf:9a:7c:f8:fd:ea:77:
                    28:a9:66:03:e2:35:b1:64:17:d0:da:9f:7b:40:dc:
                    35:e9:41:5c:41:d3:a2:0e:8f:e7:9d:cb:7a:aa:fe:
                    ce:81:2c:c6:bd:ee:62:0a:94:55:13:9e:d8:7b:68:
                    c3:bb:36:75:31:17:34:79:cc:bd:25:e4:bf:cd:e5:
                    52:08:ef:ee:02:bc:37:09:9b:47:f5:78:33:eb:d6:
                    3c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:61:0A:85:CC:50:00:0B:72:44:73:DB:92:CE:D7:A5:A3:03:AD:5B
            X509v3 Authority Key Identifier:
                keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:6d:28:8f:92:69:4c:c7:f7:2d:52:f9:cb:64:d8:9e:8e:51:
         4a:ab:0c:84:e5:41:51:db:fe:ea:4e:11:6e:56:81:6b:0c:af:
         32:82:d1:59:90:96:6e:63:84:1a:d6:47:95:e2:97:8b:7f:ea:
         ae:f6:c9:12:8f:af:62:32:00:78:70:b0:a7:dd:6b:c5:45:fe:
         fe:8c:19:6d:2a:07:cb:2e:a2:90:04:6a:ad:d6:9c:27:ba:96:
         85:0a:9e:bb:70:31:59:14:1b:8c:c5:c8:fc:ba:ad:7f:50:5b:
         50:15:5e:e1:ab:36:db:bf:77:47:35:24:4e:c5:22:e3:ef:92:
         79:09:94:67:a2:9c:04:9e:1e:8d:48:e9:63:9f:22:80:aa:91:
         d5:9d:72:4e:0b:81:0d:ea:bf:05:cb:88:12:c5:9f:a2:0d:ee:
         30:e3:bb:8e:7b:53:8d:c7:27:0f:55:7d:d6:17:7d:82:91:a6:
         d7:ee:74:9c:6f:b2:17:c1:7c:2d:8f:74:99:98:39:99:cc:9c:
         07:64:56:f6:75:d3:8d:70:b8:8f:5c:ca:99:fd:bb:8a:d2:8c:
         99:5a:b2:da:e5:1f:0b:db:f4:f3:60:ca:2c:bd:63:9e:96:7c:
         f6:0b:3f:c9:fa:cc:f3:10:22:93:06:28:5b:af:22:a9:e0:e4:
         cf:72:1e:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgfTxDS89YnSc5uiJ9NDgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjUwMzI5MDYwMDU4WhcNMjUwMzMwMDYwMDU4WjAzMTEwLwYDVQQD
Eyg0ZDYxMGE4NWNjNTAwMDBiNzI0NDczZGI5MmNlZDdhNWEzMDNhZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xnQ/YGcqv6XjWVYPJF1HMS2WKVY
NzAjo5ZnImPJXmLR31QgK0IqaOmO7MgvFWZAfHgeH3KsqvHex1eNn+X8b1vUW0Zv
wq6iCtaiPL3adD92Tu7RmjLnaH3rv1BvXzd+MW7t3fgd8zw7zdGhHf7TYY0K3dU9
sdPwx5h5LpjdQ1yIRXnDPghvMmXD0Px9PJR0mXrt1iMBm2RFImYYqVVoBW3sdIvX
UD0OS2rLNM+afPj96ncoqWYD4jWxZBfQ2p97QNw16UFcQdOiDo/nnct6qv7OgSzG
ve5iCpRVE57Ye2jDuzZ1MRc0ecy9JeS/zeVSCO/uArw3CZtH9Xgz69Y8AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1hCoXMUAALckRz25LO16WjA61bMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz20oj5Jp
TMf3LVL5y2TYno5RSqsMhOVBUdv+6k4RblaBawyvMoLRWZCWbmOEGtZHleKXi3/q
rvbJEo+vYjIAeHCwp91rxUX+/owZbSoHyy6ikARqrdacJ7qWhQqeu3AxWRQbjMXI
/Lqtf1BbUBVe4as22793RzUkTsUi4++SeQmUZ6KcBJ4ejUjpY58igKqR1Z1yTguB
Deq/BcuIEsWfog3uMOO7jntTjccnD1V91hd9gpGm1+50nG+yF8F8LY90mZg5mcyc
B2RW9nXTjXC4j1zKmf27itKMmVqy2uUfC9v082DKLL1jnpZ89gs/yfrM8xAikwYo
W68iqeDkz3IesA==
-----END CERTIFICATE-----