Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
File:                     ypzNgwt-AzCL9c8l5np_wr3glXw.mft (raw, json)
Hash identifier:          gi3RT130Cmzu/loM8h5uuuI/3g80KPz0H41Ddf1109Y=
Subject key identifier:   66:49:56:70:1C:C6:40:22:6E:B7:DF:5F:A5:E4:13:3C:DC:10:3A:29
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Certificate issuer:       /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial:       0196C15DC25029F1B744A1718331DF358BE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
Manifest number:          0ACE
Signing time:             Sun 11 May 2025 22:01:09 +0000
Manifest this update:     Sun 11 May 2025 22:01:09 +0000
Manifest next update:     Mon 12 May 2025 22:01:09 +0000
Files and hashes:         1: 1X-psqrhXoWJNm9AGHsWuX9CEYk.roa (hash: bW01QgSO3kxqUT/liNPe0TPUpwe3PqHFLx6Llohhsy8=)
                          2: 8nba-exF3ZHVESE2CvVjIKuU3UQ.roa (hash: jxvFl3q0Zgzzo4QwCA+FiBdsIMPCA+I2+5CHXaI0+OI=)
                          3: ENs0VS1_xeTvYzTZmqEmbB_PYVg.roa (hash: dl2TxChiXhquvWHjZi/+Os7yvSKlYDzVu159Q7je5+E=)
                          4: RbP9WzN9W7AgthBGxFtKwKC3VEg.roa (hash: Dy3SR6pxsdXGOnv/F45dOMNbVP/Be5it2JmMPs3hnKk=)
                          5: e5Sy1VAry68r-4ha4VS5j2qDIh4.roa (hash: iAgJw0j0bHx4il0UO6E61c4MJfLKF0a3JiNbi25PF/w=)
                          6: iSdpP7ZcrXle-CGEYFrwsY1kYrI.roa (hash: +6PdXaQuowtykR4waR/410l8flDm2QsBF8w2MV3GVtU=)
                          7: jWt_FdPMKhJ6LBUGm4GuQwlMer0.roa (hash: JSe4tFMgywTUkhZKCdS6lj1tYUGBxWS17wo5Kf6yHnk=)
                          8: ypzNgwt-AzCL9c8l5np_wr3glXw.crl (hash: ZW8yVffMu1YGH8ftmIeTD0d1wzvt7t62KOktijqg9OM=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:c2:50:29:f1:b7:44:a1:71:83:31:df:35:8b:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
        Validity
            Not Before: May 11 22:01:09 2025 GMT
            Not After : May 12 22:01:09 2025 GMT
        Subject: CN=664956701cc640226eb7df5fa5e4133cdc103a29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:96:e1:32:73:48:6c:a9:df:31:33:71:d2:d0:
                    e5:d4:80:89:36:41:e3:6d:1c:bd:f3:10:9c:02:9a:
                    a5:73:48:a1:93:08:0f:ea:53:22:dc:39:a6:32:81:
                    ba:0c:2b:50:fc:7e:91:aa:58:81:2e:09:74:60:f1:
                    10:01:82:8e:9b:f8:b7:8a:dc:df:4d:0d:7c:f4:16:
                    5b:0d:c4:41:37:7c:8f:99:ad:92:ff:4e:e1:e4:1c:
                    f7:c4:09:4c:d8:1e:b5:be:89:25:70:41:72:68:6f:
                    62:ae:a6:3d:c5:49:40:b9:2e:41:92:af:f3:49:55:
                    d2:57:38:29:04:64:68:ba:c9:4d:ce:df:3d:40:da:
                    4f:63:47:e9:de:89:5c:b2:dd:aa:6c:78:20:b6:b4:
                    eb:85:82:39:3b:13:43:71:79:54:65:83:81:01:d5:
                    ea:5c:a3:2f:c3:81:fb:56:ce:85:f7:c0:62:a0:c6:
                    75:8e:4f:6a:5f:96:c5:3b:1a:2a:01:b3:9a:65:40:
                    26:1b:1c:0a:0f:ee:43:f1:8b:0f:97:5e:42:2d:9f:
                    69:54:7a:93:28:75:47:cf:bf:1d:04:96:89:a3:f2:
                    b5:6b:91:9f:16:c9:2e:70:2f:55:42:88:51:f1:d3:
                    86:d5:b6:a1:ba:f5:08:c2:4f:34:8e:27:50:55:0e:
                    36:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:49:56:70:1C:C6:40:22:6E:B7:DF:5F:A5:E4:13:3C:DC:10:3A:29
            X509v3 Authority Key Identifier:
                keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:bd:9d:4a:7f:40:ef:73:d9:9b:c4:b4:d6:02:ca:da:fc:c0:
         92:55:b8:6e:4b:0e:0c:cd:d9:45:b4:6f:5f:d7:a6:c1:13:a6:
         c0:02:8b:ef:23:74:37:a1:d9:b8:7a:d1:d5:5e:92:92:18:db:
         9d:aa:82:9e:df:50:3e:bb:be:d1:33:8e:52:8a:04:d0:41:7a:
         70:c7:fc:e5:7b:74:66:e7:51:4d:e1:49:77:4e:ae:07:81:3f:
         c1:b7:d8:e7:f5:dd:fb:9a:11:47:be:76:b2:a3:f3:af:6c:8a:
         06:ac:5a:cd:1a:a0:99:71:44:bb:d6:49:96:26:14:d5:f4:ab:
         45:94:da:50:9b:a9:0a:64:ea:07:e5:30:81:0a:56:4d:04:85:
         24:55:4d:21:c1:40:48:45:9b:09:05:87:be:2c:e2:c9:62:d7:
         da:99:07:67:fd:94:1c:fb:8c:52:dd:fe:eb:3f:3d:a6:d1:c2:
         e3:93:8d:d1:10:89:31:c1:9b:f2:c5:af:69:b4:94:7b:18:d0:
         e9:01:1d:be:d1:f7:28:d2:c8:05:32:40:9e:c0:14:eb:6a:f7:
         cf:62:2e:80:fd:92:64:e6:14:77:7f:ac:58:33:e4:d4:75:49:
         33:75:2e:ed:0a:f0:5d:66:0e:cf:03:c9:2a:cf:89:1e:b5:cf:
         63:26:f8:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXcJQKfG3RKFxgzHfNYvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNTExMjIwMTA5WhcNMjUwNTEyMjIwMTA5WjAzMTEwLwYDVQQD
Eyg2NjQ5NTY3MDFjYzY0MDIyNmViN2RmNWZhNWU0MTMzY2RjMTAzYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+5bhMnNIbKnfMTNx0tDl1ICJNkHj
bRy98xCcApqlc0ihkwgP6lMi3DmmMoG6DCtQ/H6RqliBLgl0YPEQAYKOm/i3itzf
TQ189BZbDcRBN3yPma2S/07h5Bz3xAlM2B61voklcEFyaG9irqY9xUlAuS5Bkq/z
SVXSVzgpBGRouslNzt89QNpPY0fp3olcst2qbHggtrTrhYI5OxNDcXlUZYOBAdXq
XKMvw4H7Vs6F98BioMZ1jk9qX5bFOxoqAbOaZUAmGxwKD+5D8YsPl15CLZ9pVHqT
KHVHz78dBJaJo/K1a5GfFskucC9VQohR8dOG1bahuvUIwk80jidQVQ421wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZJVnAcxkAibrffX6XkEzzcEDopMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHL2dSn9A
73PZm8S01gLK2vzAklW4bksODM3ZRbRvX9emwROmwAKL7yN0N6HZuHrR1V6Skhjb
naqCnt9QPru+0TOOUooE0EF6cMf85Xt0ZudRTeFJd06uB4E/wbfY5/Xd+5oRR752
sqPzr2yKBqxazRqgmXFEu9ZJliYU1fSrRZTaUJupCmTqB+UwgQpWTQSFJFVNIcFA
SEWbCQWHviziyWLX2pkHZ/2UHPuMUt3+6z89ptHC45ON0RCJMcGb8sWvabSUexjQ
6QEdvtH3KNLIBTJAnsAU62r3z2IugP2SZOYUd3+sWDPk1HVJM3Uu7QrwXWYOzwPJ
Ks+JHrXPYyb4gA==
-----END CERTIFICATE-----