Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          3qLBkoqc0VAdKizuIJxYC9NrRiRc3I+ykdgLBkOtwSg=
Subject key identifier:   18:1F:D5:71:DA:0A:CA:A8:61:96:BA:21:52:4D:4A:45:4C:42:91:3D
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       019921B19E9FBC19B949744DBB31351A9145
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0D8C
Signing time:             Sun 07 Sep 2025 01:01:52 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:52 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:52 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: TQ8LTGw4aUiejxHqzfpnIVaW3rlR1rCw2sOtnFJDiUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:9e:9f:bc:19:b9:49:74:4d:bb:31:35:1a:91:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Sep  7 01:01:52 2025 GMT
            Not After : Sep  8 01:01:52 2025 GMT
        Subject: CN=181fd571da0acaa86196ba21524d4a454c42913d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:71:0f:df:ae:0b:2e:b6:f2:fa:ec:7f:63:a7:
                    b4:47:c9:5f:4b:e7:f3:e5:58:63:f5:e6:97:ea:63:
                    09:1e:16:80:6d:a8:f5:6d:21:27:de:0d:17:4b:b3:
                    f3:8a:cf:28:d2:48:82:ad:34:54:74:10:69:73:f9:
                    d5:a1:06:cd:95:3a:8b:57:a9:9b:20:b4:81:33:1f:
                    c9:a4:1e:dd:ef:55:b2:fa:67:68:25:22:09:6f:7c:
                    ee:62:ca:6c:e0:d7:cd:5c:f1:15:59:81:9d:86:92:
                    87:6e:0e:25:e0:e0:b1:ad:b4:24:a4:0f:5f:0f:3d:
                    a7:6b:c9:08:5c:97:49:58:1c:c7:c8:69:a7:8f:e1:
                    90:63:ac:6c:fc:d9:4c:21:5b:6c:07:41:37:c2:9b:
                    27:94:e3:7d:d9:c5:da:11:65:cf:b8:dd:eb:ca:b5:
                    4c:ce:49:d4:57:36:65:9f:1e:c7:52:2c:99:ab:69:
                    40:2f:75:95:1e:9c:8a:c0:ed:26:1b:4c:05:04:26:
                    14:00:fa:3e:75:ed:a6:c4:83:1c:b3:b0:10:92:a0:
                    4a:f9:02:01:73:67:ff:08:fe:be:a1:ad:d7:e2:f0:
                    ca:ed:72:85:2e:d3:1f:d6:10:66:45:e6:43:7c:c4:
                    b6:2e:bf:d8:ab:68:4b:82:4a:b7:cf:33:f3:d9:91:
                    34:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:1F:D5:71:DA:0A:CA:A8:61:96:BA:21:52:4D:4A:45:4C:42:91:3D
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:79:bb:f9:24:36:b4:1d:05:07:fe:fa:dd:71:61:94:00:b9:
         52:0a:17:48:fd:f8:dc:02:1a:b4:56:63:4a:03:30:61:0a:93:
         fc:72:52:20:10:ad:78:58:1c:e7:65:cb:88:c2:d3:d9:8e:12:
         c1:44:81:8b:b8:ae:7b:9e:8e:4f:13:b9:54:da:82:74:4f:52:
         8f:de:ae:60:34:00:f0:9c:fb:c1:30:2d:bb:de:65:57:d2:0b:
         32:f5:11:9b:7b:d6:c1:84:84:92:45:34:01:d4:71:34:fd:a8:
         d3:ae:9b:75:91:8c:10:2f:e7:a7:a5:73:82:cd:69:d0:48:a3:
         f9:5e:7f:0e:28:e3:95:73:2b:b2:8b:c9:00:0f:fe:8e:a4:b5:
         c2:58:af:86:46:b5:4b:f7:4a:e7:43:9f:08:96:c3:7c:a5:63:
         e4:d2:fb:dc:0c:5a:8d:60:97:7a:f3:1c:bf:c8:42:ce:81:d5:
         b0:9b:45:4d:e1:38:65:89:24:c1:f8:0b:bf:4f:28:4f:99:13:
         b5:44:fc:32:8a:eb:f0:9c:0b:20:c7:cd:25:9d:6f:16:42:b9:
         67:70:24:77:c9:e4:ae:f0:15:17:cd:32:04:c7:03:31:a8:44:
         5c:65:0e:64:0a:ea:ea:f9:c4:5a:98:d8:18:e6:7f:c1:e1:02:
         72:5e:ca:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsZ6fvBm5SXRNuzE1GpFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjUwOTA3MDEwMTUyWhcNMjUwOTA4MDEwMTUyWjAzMTEwLwYDVQQD
EygxODFmZDU3MWRhMGFjYWE4NjE5NmJhMjE1MjRkNGE0NTRjNDI5MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XEP364LLrby+ux/Y6e0R8lfS+fz
5Vhj9eaX6mMJHhaAbaj1bSEn3g0XS7Pzis8o0kiCrTRUdBBpc/nVoQbNlTqLV6mb
ILSBMx/JpB7d71Wy+mdoJSIJb3zuYsps4NfNXPEVWYGdhpKHbg4l4OCxrbQkpA9f
Dz2na8kIXJdJWBzHyGmnj+GQY6xs/NlMIVtsB0E3wpsnlON92cXaEWXPuN3ryrVM
zknUVzZlnx7HUiyZq2lAL3WVHpyKwO0mG0wFBCYUAPo+de2mxIMcs7AQkqBK+QIB
c2f/CP6+oa3X4vDK7XKFLtMf1hBmReZDfMS2Lr/Yq2hLgkq3zzPz2ZE0rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBgf1XHaCsqoYZa6IVJNSkVMQpE9MB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA3m7+SQ2
tB0FB/763XFhlAC5UgoXSP343AIatFZjSgMwYQqT/HJSIBCteFgc52XLiMLT2Y4S
wUSBi7iue56OTxO5VNqCdE9Sj96uYDQA8Jz7wTAtu95lV9ILMvURm3vWwYSEkkU0
AdRxNP2o066bdZGMEC/np6Vzgs1p0Eij+V5/DijjlXMrsovJAA/+jqS1wlivhka1
S/dK50OfCJbDfKVj5NL73AxajWCXevMcv8hCzoHVsJtFTeE4ZYkkwfgLv08oT5kT
tUT8Morr8JwLIMfNJZ1vFkK5Z3Akd8nkrvAVF80yBMcDMahEXGUOZArq6vnEWpjY
GOZ/weECcl7KJg==
-----END CERTIFICATE-----