Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          JKrUZkupxtM6jJAzhq9BJjSEoGf98fp+tx8jfWki2Rs=
Subject key identifier:   59:21:E1:35:69:7E:46:8C:A0:EB:E4:D4:F1:02:E2:99:44:CE:B4:A6
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       019D2703D310FC8A24A66321E2CABEB6E926
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0FA1
Signing time:             Wed 25 Mar 2026 22:00:55 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:55 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:55 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: 5nAtecGHte44XcSuNMQ1rLu3aGmhdYaCzgU6DlEInd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:d3:10:fc:8a:24:a6:63:21:e2:ca:be:b6:e9:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Mar 25 22:00:55 2026 GMT
            Not After : Mar 26 22:00:55 2026 GMT
        Subject: CN=5921e135697e468ca0ebe4d4f102e29944ceb4a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b6:18:c9:90:47:0f:2f:6a:18:ec:a0:e2:1f:
                    fb:ce:83:5e:43:a3:78:26:ad:56:d9:1f:5e:a5:58:
                    19:61:aa:7a:8d:92:78:14:0f:42:85:0d:e0:df:a5:
                    9e:29:00:8f:7c:e4:86:bb:61:08:4f:fd:9b:cc:ab:
                    dd:0d:13:fc:4c:bc:16:b5:2d:ba:28:25:8c:70:32:
                    de:74:bc:87:eb:19:69:92:86:f1:9a:e3:f5:50:89:
                    ae:c3:63:1e:93:f3:43:f5:36:a7:d6:cd:f1:47:ca:
                    fa:69:c6:fa:17:da:29:68:b7:81:31:10:53:38:8d:
                    af:68:df:d6:d6:c0:25:66:74:db:b8:64:b6:05:1f:
                    05:c0:ee:d6:75:03:f9:83:c5:7a:9b:67:43:fc:67:
                    21:b0:38:42:29:08:36:90:a0:a7:6b:aa:0e:15:56:
                    b2:d4:a8:41:24:54:96:d3:42:8b:00:a4:ee:45:4b:
                    98:e0:7e:25:a2:25:5d:0a:c5:b0:0b:f8:41:f3:d5:
                    d2:3c:4f:f8:d3:4b:01:6a:eb:d2:6a:ad:47:a1:f5:
                    36:71:f2:2b:af:58:97:57:81:9a:99:66:2e:f2:d5:
                    ad:f8:ce:ae:6d:3a:d9:d5:77:56:6d:d1:13:79:52:
                    33:5c:9e:67:60:9e:1a:27:07:86:70:bd:0b:36:2b:
                    fe:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:21:E1:35:69:7E:46:8C:A0:EB:E4:D4:F1:02:E2:99:44:CE:B4:A6
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:ad:13:57:f9:9a:b7:c5:1e:51:30:24:e5:f3:d8:08:2b:cf:
         3b:3f:94:71:6d:be:4e:55:e5:ae:39:61:1b:b7:9d:e8:44:9b:
         89:8e:48:5c:68:af:c7:77:23:4f:df:c2:44:48:7b:cf:6b:79:
         f9:a5:27:58:3d:4e:33:bd:02:29:4c:18:71:e9:e3:98:59:e5:
         b7:10:58:70:18:6d:02:6c:d2:c2:e5:a8:91:55:82:d7:83:a2:
         60:a3:65:fb:fa:a9:a8:bc:00:16:22:fc:62:f4:6c:1c:2c:b1:
         c1:ff:de:44:f8:cf:b4:81:69:19:4d:ca:21:3c:83:23:98:db:
         f2:24:a7:d8:21:de:5e:0a:c0:33:fc:80:3a:a9:4f:fb:d6:bd:
         c5:9c:d1:7f:09:41:af:83:3c:d1:0d:c2:11:45:d9:43:37:ae:
         d8:e8:e2:70:41:51:a9:19:65:9f:41:56:c7:9c:45:ad:78:17:
         bc:bc:c6:d4:93:ff:46:b6:d2:a2:5c:d4:07:98:d3:97:9f:0f:
         7d:81:43:3d:b3:16:ee:58:22:45:67:5d:fc:6f:f9:1c:a0:36:
         40:10:5f:5c:81:f7:a0:79:12:f3:b8:da:48:b0:cb:35:98:c5:
         b3:9b:9e:da:3f:60:11:f8:ab:4c:67:df:c4:e1:5f:1e:fb:24:
         93:33:64:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9MQ/IokpmMh4sq+tukmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjYwMzI1MjIwMDU1WhcNMjYwMzI2MjIwMDU1WjAzMTEwLwYDVQQD
Eyg1OTIxZTEzNTY5N2U0NjhjYTBlYmU0ZDRmMTAyZTI5OTQ0Y2ViNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17YYyZBHDy9qGOyg4h/7zoNeQ6N4
Jq1W2R9epVgZYap6jZJ4FA9ChQ3g36WeKQCPfOSGu2EIT/2bzKvdDRP8TLwWtS26
KCWMcDLedLyH6xlpkobxmuP1UImuw2Mek/ND9Tan1s3xR8r6acb6F9opaLeBMRBT
OI2vaN/W1sAlZnTbuGS2BR8FwO7WdQP5g8V6m2dD/GchsDhCKQg2kKCna6oOFVay
1KhBJFSW00KLAKTuRUuY4H4loiVdCsWwC/hB89XSPE/400sBauvSaq1HofU2cfIr
r1iXV4GamWYu8tWt+M6ubTrZ1XdWbdETeVIzXJ5nYJ4aJweGcL0LNiv+QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkh4TVpfkaMoOvk1PEC4plEzrSmMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvq0TV/ma
t8UeUTAk5fPYCCvPOz+UcW2+TlXlrjlhG7ed6ESbiY5IXGivx3cjT9/CREh7z2t5
+aUnWD1OM70CKUwYcenjmFnltxBYcBhtAmzSwuWokVWC14OiYKNl+/qpqLwAFiL8
YvRsHCyxwf/eRPjPtIFpGU3KITyDI5jb8iSn2CHeXgrAM/yAOqlP+9a9xZzRfwlB
r4M80Q3CEUXZQzeu2OjicEFRqRlln0FWx5xFrXgXvLzG1JP/RrbSolzUB5jTl58P
fYFDPbMW7lgiRWdd/G/5HKA2QBBfXIH3oHkS87jaSLDLNZjFs5ue2j9gEfirTGff
xOFfHvskkzNkAQ==
-----END CERTIFICATE-----