Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          iC9mh5oVU0BvjQfjDPfqQsGU1JbmJtcqWkl0+KmAfEU=
Subject key identifier:   91:87:4D:D8:8F:BD:4B:7D:FA:5E:E9:AA:45:94:1A:EF:51:79:DC:49
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       0197B6A10DBC7A62F7809B7AF822C25603F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0CD0
Signing time:             Sat 28 Jun 2025 13:01:37 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:37 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:37 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: SwcTScRoAAZarO2wDFrvT2vEqpWbVy4eK2ptgCXQohs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:0d:bc:7a:62:f7:80:9b:7a:f8:22:c2:56:03:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Jun 28 13:01:37 2025 GMT
            Not After : Jun 29 13:01:37 2025 GMT
        Subject: CN=91874dd88fbd4b7dfa5ee9aa45941aef5179dc49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:9b:34:7b:9a:4d:cc:11:9d:fc:b8:40:e7:a7:
                    06:81:2e:81:ae:18:8c:91:cd:9e:0c:5e:3e:54:d7:
                    5f:0e:f3:eb:7e:0a:95:34:ad:1b:ac:51:ef:15:e2:
                    2f:b6:9e:e4:21:6f:ce:88:51:bb:3d:93:d6:db:d3:
                    06:79:eb:15:84:00:db:6c:94:a3:b8:2b:f0:31:cb:
                    ae:8d:e6:a8:8b:8c:67:63:b8:de:f4:af:9f:60:59:
                    76:77:59:74:25:9f:b0:8e:91:c9:77:65:a8:6c:0d:
                    e9:ef:45:61:db:95:e8:e2:96:97:93:90:13:64:f1:
                    f5:92:23:fd:b9:76:f4:e5:85:8a:3d:e2:da:4a:b1:
                    15:e1:43:fd:04:98:e0:03:c9:32:62:e8:ad:4e:01:
                    4f:67:4f:9b:bb:8f:76:f2:99:c6:ed:59:a9:81:63:
                    56:cd:86:a2:0b:d6:4c:da:cc:4e:af:8a:00:3f:81:
                    57:25:d9:59:c0:cf:5d:0a:ee:22:2f:94:a4:d5:0f:
                    9c:14:cb:c8:6a:69:04:ed:96:3c:93:bb:2c:a7:4d:
                    73:d5:ae:cd:d9:fa:8b:ce:7b:03:6a:db:f8:8d:20:
                    b1:82:c2:af:08:cf:de:99:a6:e9:64:ca:b7:1c:9c:
                    96:00:e6:ff:a4:28:f7:6b:3f:61:ed:3d:1c:07:e8:
                    e1:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:87:4D:D8:8F:BD:4B:7D:FA:5E:E9:AA:45:94:1A:EF:51:79:DC:49
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:82:ba:15:30:df:ee:c8:38:26:e1:5d:71:79:1c:1d:4b:06:
         f6:8e:44:f8:cd:d9:8c:e5:ce:2e:fb:f8:24:20:6d:38:28:08:
         7c:22:5d:4d:c9:4f:3a:3e:f8:4c:fb:33:94:98:1f:ed:cd:09:
         2d:52:98:44:ae:f2:d1:32:e1:62:6d:e2:97:f1:e7:17:a1:e4:
         31:3a:8d:57:5c:be:59:31:12:db:2c:d1:a3:fa:72:7f:e4:28:
         b1:a6:24:de:04:19:07:44:cd:6a:b0:07:65:73:99:93:01:8f:
         7a:ac:4c:b9:9d:04:29:bd:58:47:76:a0:57:0f:4e:6f:ce:9e:
         39:65:b9:53:1f:b1:ae:ba:29:62:93:ff:09:62:38:09:a8:c6:
         1d:21:7c:a2:32:b3:ec:cf:3b:0c:e5:73:13:9a:e5:0f:54:bc:
         fe:8b:2f:dd:17:b3:15:6f:8f:8d:07:56:e1:b4:de:72:bb:98:
         86:45:b9:05:3e:6b:c2:03:33:d9:f6:1a:ab:59:6d:fb:67:03:
         25:40:7f:5d:12:2a:3e:ac:9f:0d:a4:4a:a5:f2:00:30:f7:cc:
         f3:a1:2a:e4:61:85:32:b8:ed:82:02:7d:75:8c:09:01:d6:ca:
         41:7b:56:35:c6:66:d7:9c:29:30:3d:60:48:5d:f8:7b:aa:b4:
         c0:4c:bb:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oQ28emL3gJt6+CLCVgP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjUwNjI4MTMwMTM3WhcNMjUwNjI5MTMwMTM3WjAzMTEwLwYDVQQD
Eyg5MTg3NGRkODhmYmQ0YjdkZmE1ZWU5YWE0NTk0MWFlZjUxNzlkYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Js0e5pNzBGd/LhA56cGgS6BrhiM
kc2eDF4+VNdfDvPrfgqVNK0brFHvFeIvtp7kIW/OiFG7PZPW29MGeesVhADbbJSj
uCvwMcuujeaoi4xnY7je9K+fYFl2d1l0JZ+wjpHJd2WobA3p70Vh25Xo4paXk5AT
ZPH1kiP9uXb05YWKPeLaSrEV4UP9BJjgA8kyYuitTgFPZ0+bu4928pnG7VmpgWNW
zYaiC9ZM2sxOr4oAP4FXJdlZwM9dCu4iL5Sk1Q+cFMvIamkE7ZY8k7ssp01z1a7N
2fqLznsDatv4jSCxgsKvCM/emabpZMq3HJyWAOb/pCj3az9h7T0cB+jhaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGHTdiPvUt9+l7pqkWUGu9RedxJMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUoK6FTDf
7sg4JuFdcXkcHUsG9o5E+M3ZjOXOLvv4JCBtOCgIfCJdTclPOj74TPszlJgf7c0J
LVKYRK7y0TLhYm3il/HnF6HkMTqNV1y+WTES2yzRo/pyf+QosaYk3gQZB0TNarAH
ZXOZkwGPeqxMuZ0EKb1YR3agVw9Ob86eOWW5Ux+xrropYpP/CWI4CajGHSF8ojKz
7M87DOVzE5rlD1S8/osv3RezFW+PjQdW4bTecruYhkW5BT5rwgMz2fYaq1lt+2cD
JUB/XRIqPqyfDaRKpfIAMPfM86Eq5GGFMrjtggJ9dYwJAdbKQXtWNcZm15wpMD1g
SF34e6q0wEy7NQ==
-----END CERTIFICATE-----