Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          iuX9zsxGWIy2fSJosjloIjonisEBvPLk4mpwfhID3+4=
Subject key identifier:   C3:B5:52:AE:96:A7:DA:9B:90:F6:89:3D:99:C9:D5:EC:83:52:74:57
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       0196BB91BA89748179D02A2214254041DF7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0C4E
Signing time:             Sat 10 May 2025 19:00:11 +0000
Manifest this update:     Sat 10 May 2025 19:00:11 +0000
Manifest next update:     Sun 11 May 2025 19:00:11 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: 3UpvzqtraulYARJ8IpEAy4OOUmvMlxfZjopcQ8gaqSY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:91:ba:89:74:81:79:d0:2a:22:14:25:40:41:df:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: May 10 19:00:11 2025 GMT
            Not After : May 11 19:00:11 2025 GMT
        Subject: CN=c3b552ae96a7da9b90f6893d99c9d5ec83527457
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8c:c4:95:01:fe:96:46:0e:68:24:86:44:d1:
                    5a:03:57:ec:dd:1e:ba:85:ce:f3:ab:70:fc:38:a1:
                    3f:f6:ad:35:fa:9d:64:70:1e:5b:bb:21:57:2d:aa:
                    45:c5:14:e5:02:ab:ba:0c:29:e4:9f:3d:90:e4:78:
                    04:7f:6d:73:a1:79:7e:f8:61:62:13:0e:51:aa:05:
                    03:57:3f:dc:31:cb:7c:9d:e5:0b:aa:45:4f:64:c6:
                    c9:69:3a:62:85:ec:6f:d7:a8:cb:b3:18:a7:58:eb:
                    ed:de:7c:66:0a:0b:2a:71:15:67:c2:22:fa:6c:59:
                    cc:e5:fe:69:47:00:4b:2b:83:58:4b:7e:9e:ca:65:
                    8a:11:1b:1f:25:e3:8d:43:2b:87:8c:0f:7b:18:3f:
                    ae:03:fb:20:64:01:dc:3c:25:82:fe:5d:ed:93:dc:
                    ba:df:00:8e:60:f7:e0:23:6c:0c:df:19:6d:04:a6:
                    23:23:fa:fb:09:57:68:8f:20:0b:10:df:57:aa:c4:
                    ea:34:24:d0:58:96:40:1f:a4:8e:74:93:4a:e4:bb:
                    c9:cd:20:11:b4:bc:fe:16:2c:ff:ea:21:fd:ea:22:
                    72:76:21:d1:8a:51:b7:f8:c2:74:00:95:b9:89:2c:
                    aa:52:64:71:d1:17:25:64:2b:6f:82:4c:39:8a:72:
                    8c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B5:52:AE:96:A7:DA:9B:90:F6:89:3D:99:C9:D5:EC:83:52:74:57
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:dc:77:14:35:e0:71:0a:86:37:75:20:55:13:6b:46:2d:41:
         a9:12:78:50:72:36:b6:b7:ce:9e:87:39:60:1a:00:e5:d8:13:
         e6:62:5d:cc:58:d2:74:b9:f3:46:15:2b:07:24:c4:35:38:fa:
         46:55:f3:02:5c:77:0a:ca:49:36:74:c0:12:06:37:87:1c:74:
         93:d6:1e:e7:15:24:1e:fc:ae:70:3c:63:08:49:bb:b0:8a:6c:
         45:61:1e:04:89:c8:5a:a7:4f:e3:e1:59:9b:97:08:85:cf:96:
         ac:1d:d2:9a:40:f6:89:b2:68:6f:c5:c5:24:44:7c:ec:d4:0d:
         7b:58:f9:82:6f:d6:86:8c:9d:be:20:27:0c:be:d7:eb:0f:e5:
         77:e8:f0:d6:52:72:ba:45:28:f4:4a:ca:b8:0c:8e:27:b6:3e:
         05:64:e3:af:b3:a2:7f:ae:af:64:9f:12:54:c1:e6:38:27:b6:
         58:3e:65:23:22:e1:6c:02:91:73:91:78:c0:e0:ab:5a:1b:0a:
         1c:9d:a2:3d:bd:a4:3b:c9:bd:9e:73:e8:61:e5:5b:cb:49:fd:
         4e:19:5c:9d:b7:ec:2b:64:f1:af:e8:39:8b:65:a0:c6:a9:3d:
         a0:1c:ea:42:b3:6c:fd:5b:2b:73:e2:6d:68:c0:bd:96:54:b3:
         08:52:15:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kbqJdIF50CoiFCVAQd99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjUwNTEwMTkwMDExWhcNMjUwNTExMTkwMDExWjAzMTEwLwYDVQQD
EyhjM2I1NTJhZTk2YTdkYTliOTBmNjg5M2Q5OWM5ZDVlYzgzNTI3NDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIzElQH+lkYOaCSGRNFaA1fs3R66
hc7zq3D8OKE/9q01+p1kcB5buyFXLapFxRTlAqu6DCnknz2Q5HgEf21zoXl++GFi
Ew5RqgUDVz/cMct8neULqkVPZMbJaTpihexv16jLsxinWOvt3nxmCgsqcRVnwiL6
bFnM5f5pRwBLK4NYS36eymWKERsfJeONQyuHjA97GD+uA/sgZAHcPCWC/l3tk9y6
3wCOYPfgI2wM3xltBKYjI/r7CVdojyALEN9XqsTqNCTQWJZAH6SOdJNK5LvJzSAR
tLz+Fiz/6iH96iJydiHRilG3+MJ0AJW5iSyqUmRx0RclZCtvgkw5inKMXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMO1Uq6Wp9qbkPaJPZnJ1eyDUnRXMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABtx3FDXg
cQqGN3UgVRNrRi1BqRJ4UHI2trfOnoc5YBoA5dgT5mJdzFjSdLnzRhUrByTENTj6
RlXzAlx3CspJNnTAEgY3hxx0k9Ye5xUkHvyucDxjCEm7sIpsRWEeBInIWqdP4+FZ
m5cIhc+WrB3SmkD2ibJob8XFJER87NQNe1j5gm/WhoydviAnDL7X6w/ld+jw1lJy
ukUo9ErKuAyOJ7Y+BWTjr7Oif66vZJ8SVMHmOCe2WD5lIyLhbAKRc5F4wOCrWhsK
HJ2iPb2kO8m9nnPoYeVby0n9ThlcnbfsK2Txr+g5i2Wgxqk9oBzqQrNs/Vsrc+Jt
aMC9llSzCFIVzQ==
-----END CERTIFICATE-----