Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          LgLlQgtmKnN3jpcFWj6q546Konv6mGQH4a61GGpYqSw=
Subject key identifier:   87:2E:C7:25:3F:FA:B6:07:06:CC:79:BA:90:51:4D:6F:C8:5A:98:26
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       0197488C6771BD65AD23E21BF2CDF8E3934D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0C97
Signing time:             Sat 07 Jun 2025 04:00:50 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:50 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:50 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: HGOAW3oFgVDPeh8BJE/l9mI5YBf8G1KtMb5f+BJkQ4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:67:71:bd:65:ad:23:e2:1b:f2:cd:f8:e3:93:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Jun  7 04:00:50 2025 GMT
            Not After : Jun  8 04:00:50 2025 GMT
        Subject: CN=872ec7253ffab60706cc79ba90514d6fc85a9826
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:03:ac:a9:db:19:6e:c3:31:43:04:ea:0b:f5:
                    15:fc:7d:ef:18:bc:6c:e8:6c:f5:e8:95:bf:c7:a2:
                    e4:dd:35:01:3a:54:50:f7:11:30:e8:12:0b:38:41:
                    e4:80:45:ae:8e:66:b7:c1:e5:a6:3c:19:84:e3:bf:
                    68:e6:4c:0c:e4:ae:3f:a8:40:3e:c0:fc:aa:44:70:
                    9e:cc:d3:9c:8f:d5:6a:50:be:60:f0:86:b5:94:c9:
                    a2:9b:47:7b:28:4a:12:f4:bf:63:ef:74:a6:61:3f:
                    e5:60:a3:8c:54:a5:8a:d7:83:4c:4f:07:24:78:6e:
                    23:d1:50:01:01:b8:3d:38:16:5d:bd:8d:9f:23:52:
                    07:d5:e7:f4:e9:d2:b3:26:60:8a:d3:fd:0a:b3:db:
                    14:19:72:56:fa:f5:a0:68:6f:e3:f2:5c:7c:ea:1c:
                    c5:0c:e7:af:d6:55:d2:2f:54:22:e5:59:9c:ae:fc:
                    b2:88:62:bb:17:30:d0:d9:dd:ca:81:27:9e:b1:25:
                    89:4d:57:0f:ed:17:98:ac:87:44:ff:99:28:56:75:
                    49:d0:b9:4c:49:7e:ac:2f:30:44:5b:57:14:8c:9b:
                    a4:83:74:b4:ec:a2:0b:1f:bb:77:98:5b:b4:d6:dc:
                    ba:46:84:45:dc:4b:34:1e:40:5f:09:e1:2d:20:57:
                    fc:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:2E:C7:25:3F:FA:B6:07:06:CC:79:BA:90:51:4D:6F:C8:5A:98:26
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:80:5c:93:5f:4f:0a:b3:1e:69:75:92:09:49:d8:3d:57:55:
         d5:c7:8f:a5:81:b1:33:44:b2:9c:53:ae:b8:4a:1f:7d:2f:83:
         03:5c:75:9a:a6:a4:a8:d5:2d:1e:4f:81:2c:f7:58:03:95:33:
         fb:40:57:1c:4b:39:45:b0:f8:f0:43:be:6d:44:4d:58:3e:b5:
         12:00:68:1c:9d:93:b9:d0:fc:ef:c4:e5:e2:f7:2f:b2:e3:3a:
         71:1e:af:b4:f6:d6:60:da:3c:29:e3:2c:c4:01:d6:39:bb:bf:
         31:f2:40:58:80:38:23:fc:88:3a:22:a9:24:3d:b8:6e:bb:3a:
         d9:ee:de:e8:2e:5c:62:5d:fc:5d:22:0b:73:30:cd:2a:39:b1:
         f8:c0:78:42:fd:f2:e9:f7:45:21:ad:93:b5:1f:9a:b9:48:fe:
         63:3f:6e:1a:78:85:8a:d3:72:e8:3f:af:d9:1d:d5:3b:3f:51:
         0c:8b:3d:c5:3d:31:a9:b0:d6:c9:ff:d0:11:b1:b8:c2:7a:51:
         dc:9e:7a:42:ea:9d:e1:c6:fc:41:38:b4:7f:97:c7:52:f4:29:
         ca:0a:67:31:3f:f8:88:f1:be:e6:74:1b:80:80:3d:4d:de:b5:
         d4:91:6b:09:7f:2a:89:42:d4:ea:cb:27:ca:38:11:07:25:95:
         20:11:8b:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjGdxvWWtI+Ib8s3445NNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjUwNjA3MDQwMDUwWhcNMjUwNjA4MDQwMDUwWjAzMTEwLwYDVQQD
Eyg4NzJlYzcyNTNmZmFiNjA3MDZjYzc5YmE5MDUxNGQ2ZmM4NWE5ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QOsqdsZbsMxQwTqC/UV/H3vGLxs
6Gz16JW/x6Lk3TUBOlRQ9xEw6BILOEHkgEWujma3weWmPBmE479o5kwM5K4/qEA+
wPyqRHCezNOcj9VqUL5g8Ia1lMmim0d7KEoS9L9j73SmYT/lYKOMVKWK14NMTwck
eG4j0VABAbg9OBZdvY2fI1IH1ef06dKzJmCK0/0Ks9sUGXJW+vWgaG/j8lx86hzF
DOev1lXSL1Qi5VmcrvyyiGK7FzDQ2d3KgSeesSWJTVcP7ReYrIdE/5koVnVJ0LlM
SX6sLzBEW1cUjJukg3S07KILH7t3mFu01ty6RoRF3Es0HkBfCeEtIFf84wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcuxyU/+rYHBsx5upBRTW/IWpgmMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjYBck19P
CrMeaXWSCUnYPVdV1cePpYGxM0SynFOuuEoffS+DA1x1mqakqNUtHk+BLPdYA5Uz
+0BXHEs5RbD48EO+bURNWD61EgBoHJ2TudD878Tl4vcvsuM6cR6vtPbWYNo8KeMs
xAHWObu/MfJAWIA4I/yIOiKpJD24brs62e7e6C5cYl38XSILczDNKjmx+MB4Qv3y
6fdFIa2TtR+auUj+Yz9uGniFitNy6D+v2R3VOz9RDIs9xT0xqbDWyf/QEbG4wnpR
3J56Quqd4cb8QTi0f5fHUvQpygpnMT/4iPG+5nQbgIA9Td611JFrCX8qiULU6ssn
yjgRByWVIBGLHA==
-----END CERTIFICATE-----