Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
File:                     lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json)
Hash identifier:          uIhBRmP6TZFqUGArrGgSOl23fuB1ks+nV3KGHcWNeKc=
Subject key identifier:   AF:84:F4:83:B8:A9:0D:63:AA:D6:18:8A:83:79:09:68:4D:BA:ED:72
Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3
Certificate issuer:       /CN=95e7dc68858c06094e0f43288b486589b483e3f3
Certificate serial:       01977CB04F2DD62FE00D259CE7AB28CA6EE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
Manifest number:          0CB2
Signing time:             Tue 17 Jun 2025 07:00:18 +0000
Manifest this update:     Tue 17 Jun 2025 07:00:18 +0000
Manifest next update:     Wed 18 Jun 2025 07:00:18 +0000
Files and hashes:         1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: n3fmwPmYHVT4MXWUxNxBEtYLB4xFQUJ/10mGFAru69E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7c:b0:4f:2d:d6:2f:e0:0d:25:9c:e7:ab:28:ca:6e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3
        Validity
            Not Before: Jun 17 07:00:18 2025 GMT
            Not After : Jun 18 07:00:18 2025 GMT
        Subject: CN=af84f483b8a90d63aad6188a837909684dbaed72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d9:1e:0b:61:5a:a2:f3:a8:90:ed:ea:31:9a:
                    8d:ea:c6:3d:5e:36:63:c1:f6:67:0b:9a:24:d2:af:
                    91:55:a4:4e:b0:36:8b:99:65:50:9b:3f:64:ff:22:
                    05:dd:eb:5a:36:bb:dc:e9:eb:c1:4d:5d:c4:99:24:
                    4a:40:e2:9f:f4:b5:22:be:d9:0b:10:8e:85:82:bf:
                    99:99:c2:55:22:d8:10:f0:6f:0f:9b:30:63:02:f1:
                    2a:c3:4e:c9:99:64:fc:72:05:67:46:f8:ea:ec:a2:
                    92:71:aa:08:c7:b3:76:e9:9e:be:ad:cc:d7:be:f5:
                    16:8a:8f:0c:f7:21:0c:46:1b:ea:8f:3c:2d:df:15:
                    e1:ed:d9:bd:af:d2:ba:df:1c:bb:71:5e:20:5d:fb:
                    5c:bc:f0:a4:4e:30:15:7b:28:13:09:f6:fc:59:90:
                    af:26:0e:69:d8:62:1a:3b:d1:65:56:84:8e:1e:94:
                    94:31:0d:cc:31:04:36:57:79:97:aa:9f:7e:c9:43:
                    b0:a2:7f:d3:16:f2:34:d3:b3:42:38:b7:3d:4a:d7:
                    e1:0e:a1:2f:1a:d9:a3:50:6c:09:d8:63:1a:ec:f7:
                    01:56:7b:d3:d1:43:59:8d:32:24:72:40:f0:03:b3:
                    e7:e2:de:dc:17:97:0f:2f:4c:74:1f:1e:29:9d:dc:
                    82:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:84:F4:83:B8:A9:0D:63:AA:D6:18:8A:83:79:09:68:4D:BA:ED:72
            X509v3 Authority Key Identifier:
                keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:64:f8:ca:2e:47:c2:21:f5:12:33:30:e8:53:ad:16:f8:00:
         b6:f9:70:0d:6f:0c:f3:39:ef:58:07:28:0e:c2:b8:1c:bb:72:
         be:63:67:66:b2:42:1a:97:52:b5:4a:9e:bd:da:34:6b:c5:10:
         a2:93:c9:9d:58:30:50:73:f7:72:f8:91:b5:e6:c7:f4:28:a5:
         08:bc:5a:4d:da:4c:2c:7e:a0:9f:e3:96:14:20:7d:c4:56:ed:
         31:0c:35:53:f0:75:1b:c9:fe:0c:d1:eb:ff:37:a2:ae:89:22:
         51:08:9b:96:ad:6f:45:0e:0b:03:bb:8e:93:fe:09:28:21:8b:
         31:c6:4d:a8:15:19:86:3b:d9:c7:41:f1:d4:dc:b2:8d:9e:f5:
         cf:c0:a8:87:a9:cd:03:8e:e7:a1:f6:b5:bd:6e:ea:1b:88:c0:
         d5:4e:bf:ce:7c:ac:90:c6:55:d7:73:88:15:b7:c3:1c:41:e1:
         fa:67:ff:8e:92:94:62:25:5e:fe:bd:0f:23:6a:8b:f6:5a:d9:
         cc:33:0b:c2:cf:25:85:68:74:3b:53:a5:a5:f3:aa:80:de:02:
         88:b4:09:a9:c7:08:7d:38:ef:32:6a:40:11:f9:a8:c6:88:c2:
         b1:3f:2e:e3:b2:f3:65:30:39:7b:e3:f8:0f:df:ce:14:53:cf:
         6d:bd:54:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd8sE8t1i/gDSWc56soym7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4
M2UzZjMwHhcNMjUwNjE3MDcwMDE4WhcNMjUwNjE4MDcwMDE4WjAzMTEwLwYDVQQD
EyhhZjg0ZjQ4M2I4YTkwZDYzYWFkNjE4OGE4Mzc5MDk2ODRkYmFlZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtkeC2FaovOokO3qMZqN6sY9XjZj
wfZnC5ok0q+RVaROsDaLmWVQmz9k/yIF3etaNrvc6evBTV3EmSRKQOKf9LUivtkL
EI6Fgr+ZmcJVItgQ8G8PmzBjAvEqw07JmWT8cgVnRvjq7KKScaoIx7N26Z6+rczX
vvUWio8M9yEMRhvqjzwt3xXh7dm9r9K63xy7cV4gXftcvPCkTjAVeygTCfb8WZCv
Jg5p2GIaO9FlVoSOHpSUMQ3MMQQ2V3mXqp9+yUOwon/TFvI007NCOLc9StfhDqEv
GtmjUGwJ2GMa7PcBVnvT0UNZjTIkckDwA7Pn4t7cF5cPL0x0Hx4pndyC3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+E9IO4qQ1jqtYYioN5CWhNuu1yMB8GA1UdIwQY
MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt
MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4
LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAamT4yi5H
wiH1EjMw6FOtFvgAtvlwDW8M8znvWAcoDsK4HLtyvmNnZrJCGpdStUqevdo0a8UQ
opPJnVgwUHP3cviRtebH9CilCLxaTdpMLH6gn+OWFCB9xFbtMQw1U/B1G8n+DNHr
/zeirokiUQiblq1vRQ4LA7uOk/4JKCGLMcZNqBUZhjvZx0Hx1NyyjZ71z8Coh6nN
A47nofa1vW7qG4jA1U6/znyskMZV13OIFbfDHEHh+mf/jpKUYiVe/r0PI2qL9lrZ
zDMLws8lhWh0O1OlpfOqgN4CiLQJqccIfTjvMmpAEfmoxojCsT8u47LzZTA5e+P4
D9/OFFPPbb1UAQ==
-----END CERTIFICATE-----