Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
File:                     Q8FllZZq-wus8deTfyRdagUiIaM.mft (raw, json)
Hash identifier:          kSMhRHxF3b7wTiJgO2J4JdzE5HtGtOVrVM9YS7pk/7Y=
Subject key identifier:   7C:CE:57:52:95:F2:A4:EE:9B:AA:EF:24:B6:B9:D1:B4:8F:22:DB:C4
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Certificate issuer:       /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial:       0195E07D87F4CE2CDD2760C812B6CDE9CDFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
Manifest number:          14C3
Signing time:             Sat 29 Mar 2025 06:01:18 +0000
Manifest this update:     Sat 29 Mar 2025 06:01:18 +0000
Manifest next update:     Sun 30 Mar 2025 06:01:18 +0000
Files and hashes:         1: 52v68hN6UT4PPJjjqq1uuE_KUSs.roa (hash: /ZapQrg7UEXSt0NcWwZ+kj+0zgSiaiRBd7g+qhPDHBg=)
                          2: 8S9ibO6esCTeLY2sD14WhmMZOvI.roa (hash: bmTNDF41Sq+c7Se/EWf8YA8iGIHNg20TI2zfC/lGrO0=)
                          3: Q8FllZZq-wus8deTfyRdagUiIaM.crl (hash: 25XhtnnnblJPOPwrWOAP+yv7VCyoMuuz0r5x+PA/klc=)
                          4: WvCj9VbsFj7fqJOx6tk2wit_WpE.roa (hash: /cLe2CDT0v+6sDR4E14KbBpNPCZZWPI/9CgtItdZn+0=)
                          5: a5Civ4TQY8vU2rue9PuRjdGc5Mc.roa (hash: QP4yk7Jx/AL7wrs9Y5ybfTghTEkjk/U3Nsn5OFbBsqk=)
                          6: gqvKWohVcj0Z7jlOtSMQwdCwp3g.roa (hash: hvyUYeos7vf6+TZ2NgvLPFstgzyNO3xqXZO7/gB/Dow=)
                          7: i6WUIDE1FurqyNNZ1EYEHsIVqvc.roa (hash: n8PwD1+DrWnTVld/M9MqGCrSY8HTEouEds18pHnIKJc=)
                          8: ih3tlDmlbrDwbuabWdJCxXWHffo.roa (hash: 80OP5bzoyzQkUOxJ3u7VzQr4QzoK9uZZaNU7fzcue8E=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e0:7d:87:f4:ce:2c:dd:27:60:c8:12:b6:cd:e9:cd:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
        Validity
            Not Before: Mar 29 06:01:18 2025 GMT
            Not After : Mar 30 06:01:18 2025 GMT
        Subject: CN=7cce575295f2a4ee9baaef24b6b9d1b48f22dbc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b4:ca:49:22:68:df:eb:5a:59:58:c8:83:50:
                    ed:03:02:82:e2:62:0d:c5:6e:0a:db:f7:99:c9:f6:
                    6a:a2:92:98:f8:c8:00:43:7d:7f:5a:94:a6:33:30:
                    6f:be:d7:28:67:f0:b4:9a:ac:09:87:dc:82:e3:e2:
                    3d:78:0e:87:93:10:8f:96:2a:a0:a0:37:90:09:b3:
                    77:3a:04:d1:fa:0d:da:46:c0:e6:c3:b5:b6:9e:6e:
                    fc:f9:59:cd:19:7b:8c:56:7f:cd:5b:f4:0e:c1:50:
                    10:fe:af:a7:07:29:5d:24:83:5c:85:45:46:3e:3c:
                    df:a0:21:0d:34:af:4d:ea:98:c7:19:13:e5:c5:20:
                    b0:b5:24:b5:35:d5:b5:60:cb:cd:7c:89:33:0d:f7:
                    53:2a:63:05:61:d0:8c:21:e2:45:a1:3e:48:e1:52:
                    bf:15:f2:11:42:be:fd:63:6c:0e:35:e6:1e:3e:90:
                    eb:b7:6d:bb:32:f1:95:41:58:2d:b7:ce:f6:39:60:
                    1d:52:ff:82:c1:36:e2:a9:2e:37:4e:eb:ef:f2:1a:
                    48:7b:40:0c:c1:e0:60:b4:18:32:d6:1f:34:f7:d3:
                    d7:90:47:b3:c5:9d:36:8a:8d:54:f8:31:fd:6a:bf:
                    b9:54:d8:5d:f1:fa:f3:f3:be:91:54:d0:ac:2c:7f:
                    31:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:CE:57:52:95:F2:A4:EE:9B:AA:EF:24:B6:B9:D1:B4:8F:22:DB:C4
            X509v3 Authority Key Identifier:
                keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:1f:bd:5d:0b:d6:5c:86:7b:58:6c:07:5e:dc:e7:e9:07:63:
         c6:32:9b:d7:d1:47:44:62:5e:c1:f8:c4:7c:92:76:b9:5d:7d:
         10:f1:1c:28:ef:04:71:94:b2:74:2b:fd:1c:90:4c:d7:f2:a8:
         57:e8:b2:3c:43:65:52:ab:5a:2b:87:5a:90:8b:43:e9:6c:ff:
         64:6d:e9:6d:56:0b:97:52:d1:83:fa:94:d2:94:70:25:21:c1:
         46:ce:77:c5:4d:17:83:09:ce:c7:2d:a8:80:f4:ed:7a:3b:0d:
         7d:04:d5:c6:0c:15:5c:e4:3a:6f:c9:d1:1b:c0:ab:d7:dd:70:
         5b:31:c5:bb:ce:ae:bb:40:f8:f1:5c:d3:23:da:02:fd:c2:00:
         db:c9:c2:cb:62:5d:c4:a4:5f:35:ec:ea:81:61:2f:b0:96:89:
         5f:26:52:d9:9c:28:8d:bc:18:0b:96:ba:55:ec:a7:c4:3d:59:
         ed:85:67:77:5b:c9:66:7e:4e:f2:eb:01:2a:9d:ef:10:8b:69:
         28:03:6c:09:67:a1:6e:e4:11:17:a9:69:d3:3a:e3:56:52:09:
         41:bf:db:49:da:b9:22:8c:89:83:e1:53:c1:2d:11:8a:c9:b3:
         8c:be:5f:ef:33:9e:b8:4d:9b:c4:57:12:fb:64:dc:60:ba:9b:
         73:29:39:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgfYf0zizdJ2DIErbN6c39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjUwMzI5MDYwMTE4WhcNMjUwMzMwMDYwMTE4WjAzMTEwLwYDVQQD
Eyg3Y2NlNTc1Mjk1ZjJhNGVlOWJhYWVmMjRiNmI5ZDFiNDhmMjJkYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7TKSSJo3+taWVjIg1DtAwKC4mIN
xW4K2/eZyfZqopKY+MgAQ31/WpSmMzBvvtcoZ/C0mqwJh9yC4+I9eA6HkxCPliqg
oDeQCbN3OgTR+g3aRsDmw7W2nm78+VnNGXuMVn/NW/QOwVAQ/q+nByldJINchUVG
PjzfoCENNK9N6pjHGRPlxSCwtSS1NdW1YMvNfIkzDfdTKmMFYdCMIeJFoT5I4VK/
FfIRQr79Y2wONeYePpDrt227MvGVQVgtt872OWAdUv+CwTbiqS43Tuvv8hpIe0AM
weBgtBgy1h8099PXkEezxZ02io1U+DH9ar+5VNhd8frz876RVNCsLH8xMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzOV1KV8qTum6rvJLa50bSPItvEMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGItNTk5MGVhNThlMDMw
LzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAph+9XQvW
XIZ7WGwHXtzn6QdjxjKb19FHRGJewfjEfJJ2uV19EPEcKO8EcZSydCv9HJBM1/Ko
V+iyPENlUqtaK4dakItD6Wz/ZG3pbVYLl1LRg/qU0pRwJSHBRs53xU0XgwnOxy2o
gPTtejsNfQTVxgwVXOQ6b8nRG8Cr191wWzHFu86uu0D48VzTI9oC/cIA28nCy2Jd
xKRfNezqgWEvsJaJXyZS2ZwojbwYC5a6VeynxD1Z7YVnd1vJZn5O8usBKp3vEItp
KANsCWehbuQRF6lp0zrjVlIJQb/bSdq5IoyJg+FTwS0RismzjL5f7zOeuE2bxFcS
+2TcYLqbcyk5jA==
-----END CERTIFICATE-----