Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          q37dov9wYSfD30FQK1BgudwLhv1D7cwRMnn+trYPUfc=
Subject key identifier:   0A:79:C4:E2:50:AB:A5:D0:15:93:42:F3:EF:0F:2E:43:03:27:F0:4A
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       01988731FE4766E974A14AA7F834003EE381
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0D3C
Signing time:             Fri 08 Aug 2025 01:00:57 +0000
Manifest this update:     Fri 08 Aug 2025 01:00:57 +0000
Manifest next update:     Sat 09 Aug 2025 01:00:57 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: E5skS2M3WLSdylYuryDl15DtZH8+xozaJ9gbweaFNKg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 01:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:87:31:fe:47:66:e9:74:a1:4a:a7:f8:34:00:3e:e3:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Aug  8 01:00:57 2025 GMT
            Not After : Aug  9 01:00:57 2025 GMT
        Subject: CN=0a79c4e250aba5d0159342f3ef0f2e430327f04a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:39:64:16:20:8c:c9:b2:15:6a:d0:b5:36:11:
                    44:be:ae:94:0c:f2:97:f2:b3:d4:8e:e5:c6:bf:9e:
                    40:67:fa:45:85:d4:07:bf:36:2c:6f:21:f5:47:6d:
                    49:b3:76:f7:53:0c:f3:4e:03:f4:20:be:33:da:93:
                    eb:c0:6d:34:e5:24:4e:74:56:2a:6c:6b:cf:b0:41:
                    40:d3:ab:8c:e9:09:c1:13:a0:84:70:5f:ec:fc:76:
                    73:fb:e5:42:36:6d:00:48:2b:ef:55:66:55:64:1e:
                    b8:52:ce:0f:64:53:5c:c4:9f:3d:8a:6e:de:db:e2:
                    71:a7:8d:4a:ca:85:37:dd:a8:23:91:86:c5:c2:4d:
                    2a:7b:02:cd:d7:a0:8a:4c:f0:b5:43:ee:f0:10:4f:
                    48:c9:34:a8:f3:47:13:1a:83:3b:ad:35:72:71:e9:
                    59:b4:00:b6:27:6d:9c:a0:0b:ea:f5:79:c1:b5:15:
                    4f:20:d1:42:33:67:91:3d:f8:82:dc:44:18:93:3e:
                    f0:ce:60:b0:e7:15:47:28:e0:ab:9a:60:31:72:f0:
                    a2:cd:59:6a:fa:8b:63:07:9b:8c:98:4e:49:89:b3:
                    68:05:fd:89:83:ac:93:9f:f7:e7:1a:eb:f4:ab:18:
                    e6:f5:73:b8:24:87:db:eb:81:1b:d0:3b:75:56:73:
                    22:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:79:C4:E2:50:AB:A5:D0:15:93:42:F3:EF:0F:2E:43:03:27:F0:4A
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:c6:27:8c:4b:01:a7:92:03:88:55:37:b0:0d:8b:52:70:b4:
         66:5a:7c:5f:d1:31:f4:3c:d8:dd:ba:4b:88:96:14:a9:ab:50:
         6b:33:43:83:2d:fd:df:5d:28:b8:07:f6:67:38:fb:4d:53:a2:
         f0:84:93:cd:be:d8:ce:50:20:4e:ab:27:d0:a9:25:18:23:3a:
         fa:16:93:16:4a:64:c8:cc:ce:bf:5d:df:84:16:98:10:21:6c:
         62:47:57:f2:3d:e4:5c:d7:cf:e3:30:9a:4e:d2:cd:22:e3:51:
         36:0b:da:8b:32:18:f9:56:0b:58:5e:fc:f2:80:7e:0c:f1:33:
         fc:13:62:3a:c3:91:f8:14:6d:4e:29:26:ca:f4:24:5c:39:00:
         58:f6:9e:b8:8b:73:a2:f4:68:87:0c:59:86:11:c1:2f:37:0b:
         d2:28:ee:e9:4f:3a:3b:2c:86:63:d1:81:15:01:46:a1:57:87:
         15:33:3a:8f:a4:78:1d:fb:60:1e:1a:8e:8d:2e:05:fe:93:3a:
         a3:c3:bf:d7:83:4d:59:25:de:17:6d:78:1e:94:81:36:66:1a:
         9c:4c:d5:14:e0:9f:00:60:a5:0c:53:f2:9f:3c:fc:6c:a5:45:
         9d:0f:11:70:bd:7d:36:a3:ba:cd:b7:82:33:1a:04:88:73:5a:
         68:8e:02:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiHMf5HZul0oUqn+DQAPuOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjUwODA4MDEwMDU3WhcNMjUwODA5MDEwMDU3WjAzMTEwLwYDVQQD
EygwYTc5YzRlMjUwYWJhNWQwMTU5MzQyZjNlZjBmMmU0MzAzMjdmMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjlkFiCMybIVatC1NhFEvq6UDPKX
8rPUjuXGv55AZ/pFhdQHvzYsbyH1R21Js3b3UwzzTgP0IL4z2pPrwG005SROdFYq
bGvPsEFA06uM6QnBE6CEcF/s/HZz++VCNm0ASCvvVWZVZB64Us4PZFNcxJ89im7e
2+Jxp41KyoU33agjkYbFwk0qewLN16CKTPC1Q+7wEE9IyTSo80cTGoM7rTVycelZ
tAC2J22coAvq9XnBtRVPINFCM2eRPfiC3EQYkz7wzmCw5xVHKOCrmmAxcvCizVlq
+otjB5uMmE5JibNoBf2Jg6yTn/fnGuv0qxjm9XO4JIfb64Eb0Dt1VnMiUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAp5xOJQq6XQFZNC8+8PLkMDJ/BKMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcYnjEsB
p5IDiFU3sA2LUnC0Zlp8X9Ex9DzY3bpLiJYUqatQazNDgy39310ouAf2Zzj7TVOi
8ISTzb7YzlAgTqsn0KklGCM6+haTFkpkyMzOv13fhBaYECFsYkdX8j3kXNfP4zCa
TtLNIuNRNgvaizIY+VYLWF788oB+DPEz/BNiOsOR+BRtTikmyvQkXDkAWPaeuItz
ovRohwxZhhHBLzcL0iju6U86OyyGY9GBFQFGoVeHFTM6j6R4HftgHhqOjS4F/pM6
o8O/14NNWSXeF214HpSBNmYanEzVFOCfAGClDFPynzz8bKVFnQ8RcL19NqO6zbeC
MxoEiHNaaI4Cnw==
-----END CERTIFICATE-----