Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          UAfcU7SOEEou/i7cbSME5NixR/ktHJpYNG1JCn3BcS4=
Subject key identifier:   BD:21:5D:C5:1F:BC:63:5D:78:D3:58:13:52:D2:A5:8C:D5:13:86:BB
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       019D3865B7F229626AC46C7ACC309CE75A60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0FAA
Signing time:             Sun 29 Mar 2026 07:01:23 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:23 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:23 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: BL8d+9JDDVGOHB77Epr/7J7pnIgvlsNUQGcfGQ1BLzM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b7:f2:29:62:6a:c4:6c:7a:cc:30:9c:e7:5a:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Mar 29 07:01:23 2026 GMT
            Not After : Mar 30 07:01:23 2026 GMT
        Subject: CN=bd215dc51fbc635d78d3581352d2a58cd51386bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:91:64:64:04:5a:d1:db:0e:25:fe:d9:f6:9a:
                    c7:98:e0:23:af:8f:4b:8f:46:c6:0e:2f:59:48:43:
                    91:35:87:b7:2e:ed:f8:06:06:60:f8:4f:ff:72:8d:
                    5e:04:71:b7:e9:7b:ef:38:bb:73:51:32:c2:1c:18:
                    b8:6b:20:4e:17:87:a2:41:d9:5f:90:e7:e1:10:ca:
                    cd:03:5b:cd:f1:c5:e7:dc:d9:da:a0:ce:fc:5d:f3:
                    a4:50:71:02:98:77:59:75:b1:5c:79:f3:37:29:32:
                    c3:5d:9e:8e:31:19:cd:5a:81:96:ce:b7:69:6b:ef:
                    12:06:9c:62:0f:f1:67:5b:99:d6:78:22:3f:67:7b:
                    f4:60:a8:9c:dd:9e:a2:79:ab:a8:b9:49:e3:60:73:
                    84:f6:0d:cb:84:2c:cd:e8:81:b8:02:d4:c2:33:98:
                    8e:85:04:d0:53:f2:98:76:65:f5:f9:61:f3:2c:1c:
                    3b:2a:34:04:b8:e6:8e:ff:f3:81:eb:8d:e9:3a:a7:
                    62:ec:fb:1c:fd:ab:38:4e:e8:9c:56:52:ba:83:5d:
                    ae:38:d0:c5:27:ae:3a:32:dd:b5:4b:2e:29:f3:42:
                    8d:ad:50:29:89:ba:71:b2:86:78:e0:dd:35:77:bc:
                    da:dd:41:7b:f5:2f:ff:05:23:1e:32:c5:6c:09:f5:
                    b3:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:21:5D:C5:1F:BC:63:5D:78:D3:58:13:52:D2:A5:8C:D5:13:86:BB
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:1c:73:af:f9:69:dc:8d:2b:f7:b9:96:c5:89:38:4c:cf:79:
         90:62:80:02:05:e3:0b:ef:71:59:e3:6f:7e:3e:09:83:ef:00:
         d5:31:d8:21:ab:f4:f2:c4:af:ac:c2:77:71:82:9c:3b:51:1d:
         a0:f3:8e:fd:5d:da:bd:5b:a7:f9:aa:00:53:d3:51:0b:ae:03:
         23:fa:cd:c8:6a:bc:f6:3b:3c:ef:a4:58:13:03:4e:31:74:97:
         0b:af:c1:ef:c2:45:c8:bb:eb:a5:56:ae:a3:a9:ed:db:d2:64:
         84:10:b4:f6:e9:3a:09:74:5d:47:0d:ac:ef:30:8f:a9:f8:a9:
         42:b6:71:0a:8a:c4:16:96:11:83:a6:d3:9c:ba:94:5a:e7:24:
         8d:d4:90:e1:b6:f7:bf:9c:9e:58:b0:17:70:ac:4a:31:db:9e:
         89:e6:e1:4a:4f:47:f1:90:7b:9e:ae:85:a6:d3:59:b2:32:be:
         c2:c1:13:78:81:7d:48:32:ff:42:f0:84:9d:e2:33:ab:5b:30:
         d7:f8:fc:0a:e6:14:ed:16:24:8b:28:72:eb:02:d1:5f:66:c2:
         fe:8b:10:c2:90:d0:b3:b7:51:5e:e4:5c:50:0a:99:96:c2:59:
         a1:a0:c2:a8:4c:46:59:99:95:d0:38:96:ad:09:9c:63:61:d4:
         cd:ce:be:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbfyKWJqxGx6zDCc51pgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjYwMzI5MDcwMTIzWhcNMjYwMzMwMDcwMTIzWjAzMTEwLwYDVQQD
EyhiZDIxNWRjNTFmYmM2MzVkNzhkMzU4MTM1MmQyYTU4Y2Q1MTM4NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupFkZARa0dsOJf7Z9prHmOAjr49L
j0bGDi9ZSEORNYe3Lu34BgZg+E//co1eBHG36XvvOLtzUTLCHBi4ayBOF4eiQdlf
kOfhEMrNA1vN8cXn3NnaoM78XfOkUHECmHdZdbFcefM3KTLDXZ6OMRnNWoGWzrdp
a+8SBpxiD/FnW5nWeCI/Z3v0YKic3Z6ieauouUnjYHOE9g3LhCzN6IG4AtTCM5iO
hQTQU/KYdmX1+WHzLBw7KjQEuOaO//OB643pOqdi7Psc/as4TuicVlK6g12uONDF
J646Mt21Sy4p80KNrVApibpxsoZ44N01d7za3UF79S//BSMeMsVsCfWz9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0hXcUfvGNdeNNYE1LSpYzVE4a7MB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxxzr/lp
3I0r97mWxYk4TM95kGKAAgXjC+9xWeNvfj4Jg+8A1THYIav08sSvrMJ3cYKcO1Ed
oPOO/V3avVun+aoAU9NRC64DI/rNyGq89js876RYEwNOMXSXC6/B78JFyLvrpVau
o6nt29JkhBC09uk6CXRdRw2s7zCPqfipQrZxCorEFpYRg6bTnLqUWuckjdSQ4bb3
v5yeWLAXcKxKMdueiebhSk9H8ZB7nq6FptNZsjK+wsETeIF9SDL/QvCEneIzq1sw
1/j8CuYU7RYkiyhy6wLRX2bC/osQwpDQs7dRXuRcUAqZlsJZoaDCqExGWZmV0DiW
rQmcY2HUzc6+gw==
-----END CERTIFICATE-----