Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          L0D4QxILpGbZw9N8b5MUecynEk7TuHQPGohqHh6+ADA=
Subject key identifier:   6C:92:7A:CA:B6:73:2A:A6:80:FE:BC:5C:ED:7A:04:7C:B2:5F:CF:E9
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       01958C606DAA6E4F557DB7F7DC4488132292
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0BB1
Signing time:             Wed 12 Mar 2025 22:01:24 +0000
Manifest this update:     Wed 12 Mar 2025 22:01:24 +0000
Manifest next update:     Thu 13 Mar 2025 22:01:24 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: K8lhxU0lFK40kjgq4stsLFMpalCswcuajil6K2UtpWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:60:6d:aa:6e:4f:55:7d:b7:f7:dc:44:88:13:22:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Mar 12 22:01:24 2025 GMT
            Not After : Mar 13 22:01:24 2025 GMT
        Subject: CN=6c927acab6732aa680febc5ced7a047cb25fcfe9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3d:b9:d7:3f:24:f8:ac:7d:78:a7:4e:eb:10:
                    3c:99:50:73:16:90:b5:a4:af:ab:3a:36:e6:65:1d:
                    d5:06:f9:30:96:6a:21:3a:4d:d2:df:03:69:c6:ba:
                    cf:35:7b:9e:99:b2:27:3f:13:f5:f5:62:80:b3:3a:
                    bb:9d:5b:7e:94:c2:b2:c5:52:fc:4a:a7:c2:da:91:
                    e2:9e:fa:19:d4:b3:f2:e2:c0:88:91:e3:32:65:10:
                    d6:99:06:d9:65:0b:b6:c2:5f:ed:a6:76:1b:7f:8c:
                    5e:5b:a1:33:14:49:7b:2f:aa:ef:60:89:33:11:bc:
                    65:8e:0d:c2:e7:7b:c9:44:92:2c:88:28:77:43:f8:
                    d9:61:72:f4:97:ca:b5:de:c7:50:85:66:72:2c:1f:
                    80:fb:f2:ff:fa:75:26:36:4c:67:9a:08:2b:a7:72:
                    a4:67:f5:a0:7f:4e:8d:2d:88:a3:33:93:e9:78:b9:
                    a5:40:ea:0b:9d:e8:8b:88:3f:5d:8e:16:a3:3f:b5:
                    df:3a:e9:32:90:19:20:77:39:12:f0:80:21:2e:68:
                    ba:1e:95:bf:e9:8b:e0:89:dc:29:d3:f2:6b:19:24:
                    ec:da:aa:65:c3:e2:4f:13:5b:0e:58:0c:7e:da:3a:
                    63:ab:ac:bd:40:68:21:be:2b:24:52:b5:44:52:45:
                    93:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:92:7A:CA:B6:73:2A:A6:80:FE:BC:5C:ED:7A:04:7C:B2:5F:CF:E9
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:f9:ef:c4:34:4e:23:94:06:ff:86:53:cb:7a:42:ff:a0:32:
         2e:23:c4:a5:eb:ba:42:06:b6:a9:81:74:20:3b:23:22:46:18:
         5e:3e:62:7b:ab:de:ce:74:bc:0e:24:30:4c:f4:31:89:cf:45:
         4c:a7:58:52:0a:77:20:32:3b:91:3f:b2:b0:ff:fe:c7:aa:df:
         e9:ce:6d:f9:13:e9:77:06:20:6b:08:9a:1f:d6:ed:e4:2e:93:
         d0:3c:66:b4:44:8f:1f:24:ae:9f:42:9b:af:aa:34:68:37:ae:
         07:6e:0f:d6:5a:06:00:1c:e9:49:35:6d:54:f2:34:22:17:48:
         4f:db:19:88:41:e7:05:e8:99:9b:33:74:41:b3:37:e1:dc:f0:
         17:f8:3f:f4:64:7d:80:25:b0:3e:49:0d:c6:4a:c2:3d:af:7e:
         d2:80:7e:2f:de:d6:bb:f3:d8:be:8e:d2:e6:e9:90:0f:80:f4:
         8a:c3:f8:e2:be:97:94:b5:51:2c:d0:19:73:5d:6e:01:b8:27:
         2b:b2:2e:e6:4d:4a:d7:b8:66:63:f5:d3:79:39:cc:04:ca:6a:
         62:c3:f2:d4:73:7f:a7:ff:a3:88:34:a3:95:19:ad:d5:e8:5b:
         54:a7:f5:65:c2:e1:3b:fb:32:7e:ac:5a:ed:36:63:6d:d4:7a:
         37:06:ea:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYG2qbk9Vfbf33ESIEyKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjUwMzEyMjIwMTI0WhcNMjUwMzEzMjIwMTI0WjAzMTEwLwYDVQQD
Eyg2YzkyN2FjYWI2NzMyYWE2ODBmZWJjNWNlZDdhMDQ3Y2IyNWZjZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz251z8k+Kx9eKdO6xA8mVBzFpC1
pK+rOjbmZR3VBvkwlmohOk3S3wNpxrrPNXuembInPxP19WKAszq7nVt+lMKyxVL8
SqfC2pHinvoZ1LPy4sCIkeMyZRDWmQbZZQu2wl/tpnYbf4xeW6EzFEl7L6rvYIkz
Ebxljg3C53vJRJIsiCh3Q/jZYXL0l8q13sdQhWZyLB+A+/L/+nUmNkxnmggrp3Kk
Z/Wgf06NLYijM5PpeLmlQOoLneiLiD9djhajP7XfOukykBkgdzkS8IAhLmi6HpW/
6Yvgidwp0/JrGSTs2qplw+JPE1sOWAx+2jpjq6y9QGghviskUrVEUkWTswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGySesq2cyqmgP68XO16BHyyX8/pMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPnvxDRO
I5QG/4ZTy3pC/6AyLiPEpeu6Qga2qYF0IDsjIkYYXj5ie6veznS8DiQwTPQxic9F
TKdYUgp3IDI7kT+ysP/+x6rf6c5t+RPpdwYgawiaH9bt5C6T0DxmtESPHySun0Kb
r6o0aDeuB24P1loGABzpSTVtVPI0IhdIT9sZiEHnBeiZmzN0QbM34dzwF/g/9GR9
gCWwPkkNxkrCPa9+0oB+L97Wu/PYvo7S5umQD4D0isP44r6XlLVRLNAZc11uAbgn
K7Iu5k1K17hmY/XTeTnMBMpqYsPy1HN/p/+jiDSjlRmt1ehbVKf1ZcLhO/syfqxa
7TZjbdR6Nwbqpw==
-----END CERTIFICATE-----