Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          9e9s2qoyx8g0vFVphVkqJvoIPOC5Jh2g7+73KahCWJs=
Subject key identifier:   2F:1F:D7:9F:B6:B3:92:2E:81:9D:6D:09:72:EB:12:6C:30:76:76:20
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       018F8749D88ED11276A9F3A7751BC48A7709
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0893
Signing time:             Fri 17 May 2024 16:01:54 +0000
Manifest this update:     Fri 17 May 2024 16:01:54 +0000
Manifest next update:     Sat 18 May 2024 16:01:54 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: 34O6+N6Mr8/rIqT8mIbwGuIqCMDMrr5FeJccmqA51+Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:d8:8e:d1:12:76:a9:f3:a7:75:1b:c4:8a:77:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: May 17 16:01:54 2024 GMT
            Not After : May 18 16:01:54 2024 GMT
        Subject: CN=2f1fd79fb6b3922e819d6d0972eb126c30767620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:28:2e:b8:4c:79:e1:5f:00:86:dd:98:cd:71:
                    20:b1:aa:83:f5:ac:51:63:76:97:01:ab:e6:7c:3a:
                    52:52:82:bf:90:4d:cd:17:aa:63:a1:33:1d:53:d1:
                    9d:bd:40:53:16:71:f5:65:f2:78:dc:45:b5:8a:48:
                    a0:17:ad:9d:56:ed:40:99:2f:3e:16:d7:cc:9b:33:
                    52:51:9c:1d:27:55:63:c5:06:d2:b5:76:95:61:60:
                    9d:95:d4:26:5a:d9:01:90:95:5f:ad:fb:b5:6c:84:
                    22:40:9f:a3:b9:62:61:a4:17:79:a8:96:b1:c0:33:
                    0c:9b:83:df:44:a4:29:64:79:ca:1b:ef:40:fb:71:
                    db:b7:02:f6:e6:51:98:b8:d1:36:fb:ab:38:ba:5f:
                    92:62:f9:51:2b:c1:b4:1f:ce:a3:4a:7e:5a:a8:19:
                    56:88:77:30:34:99:f4:cc:f8:ff:5a:b8:c2:30:4b:
                    a5:90:2b:52:a4:c0:fa:d4:08:6c:bb:da:8e:56:c6:
                    e9:10:2d:66:6b:67:48:72:08:0c:cc:4a:a2:76:7f:
                    8b:df:a4:32:20:e9:9c:19:70:f8:e5:25:eb:de:34:
                    51:e1:b9:17:db:82:97:cd:7a:fb:2b:1e:c1:82:00:
                    b0:4d:11:7b:47:d1:c6:b1:d9:de:ac:6d:eb:23:43:
                    17:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:1F:D7:9F:B6:B3:92:2E:81:9D:6D:09:72:EB:12:6C:30:76:76:20
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ef:cd:26:d4:29:78:5d:78:e1:e0:81:38:bf:ce:8c:dd:02:7a:
         31:ab:2e:a9:06:4f:fd:3b:3e:42:30:5b:62:09:1f:95:7e:d5:
         d7:4d:d1:4b:b8:cf:b1:eb:82:f3:c7:40:f5:d6:7c:4a:5f:b4:
         ea:8b:7b:07:e4:16:7c:13:6a:a1:50:52:05:3a:e8:d3:65:1f:
         39:d7:74:1b:2a:56:4a:5c:13:6f:35:e4:25:bf:c2:c0:30:98:
         df:1b:8a:5d:4e:4a:f3:3d:02:8e:73:3b:fd:18:88:8d:66:6f:
         f1:83:ce:e8:15:fa:8a:1d:5b:a0:cf:e4:1b:4f:80:82:98:ed:
         de:a4:bf:e4:f6:cc:84:15:8e:95:c5:cf:b9:11:7b:e4:ad:90:
         3a:7d:61:26:73:98:13:33:41:c5:71:99:ec:9f:6e:b5:2a:a5:
         c6:d9:00:17:44:73:36:e4:37:e5:43:2b:ad:62:a9:43:da:99:
         82:9e:d7:73:ee:b4:8c:b6:49:98:ca:b2:d1:0f:c4:f1:9f:54:
         00:2e:a0:a2:b6:aa:55:f1:41:fd:e5:aa:d6:fe:e9:c4:a7:fb:
         94:b9:ba:da:09:21:5e:14:aa:80:5e:ab:b1:1f:78:46:19:37:
         bf:2b:ae:c9:3f:e0:5a:02:20:e1:06:d9:11:71:52:e2:35:d9:
         95:f9:d8:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSdiO0RJ2qfOndRvEincJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjQwNTE3MTYwMTU0WhcNMjQwNTE4MTYwMTU0WjAzMTEwLwYDVQQD
EygyZjFmZDc5ZmI2YjM5MjJlODE5ZDZkMDk3MmViMTI2YzMwNzY3NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyguuEx54V8Aht2YzXEgsaqD9axR
Y3aXAavmfDpSUoK/kE3NF6pjoTMdU9GdvUBTFnH1ZfJ43EW1ikigF62dVu1AmS8+
FtfMmzNSUZwdJ1VjxQbStXaVYWCdldQmWtkBkJVfrfu1bIQiQJ+juWJhpBd5qJax
wDMMm4PfRKQpZHnKG+9A+3HbtwL25lGYuNE2+6s4ul+SYvlRK8G0H86jSn5aqBlW
iHcwNJn0zPj/WrjCMEulkCtSpMD61Ahsu9qOVsbpEC1ma2dIcggMzEqidn+L36Qy
IOmcGXD45SXr3jRR4bkX24KXzXr7Kx7BggCwTRF7R9HGsdnerG3rI0MXgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8f15+2s5IugZ1tCXLrEmwwdnYgMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA780m1Cl4
XXjh4IE4v86M3QJ6MasuqQZP/Ts+QjBbYgkflX7V103RS7jPseuC88dA9dZ8Sl+0
6ot7B+QWfBNqoVBSBTro02UfOdd0GypWSlwTbzXkJb/CwDCY3xuKXU5K8z0CjnM7
/RiIjWZv8YPO6BX6ih1boM/kG0+Agpjt3qS/5PbMhBWOlcXPuRF75K2QOn1hJnOY
EzNBxXGZ7J9utSqlxtkAF0RzNuQ35UMrrWKpQ9qZgp7Xc+60jLZJmMqy0Q/E8Z9U
AC6goraqVfFB/eWq1v7pxKf7lLm62gkhXhSqgF6rsR94Rhk3vyuuyT/gWgIg4QbZ
EXFS4jXZlfnYyA==
-----END CERTIFICATE-----