Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          byeACqVzhl2+gCuNM8f8b5gfiZdBqBPvVszAHmDmCs4=
Subject key identifier:   05:BD:E9:5D:3F:7B:DF:0C:96:74:62:0A:29:F2:AA:D8:10:98:40:91
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019DA48A79F57938CC56C0D088DBAE87660F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          05D8
Signing time:             Sun 19 Apr 2026 07:00:31 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:31 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:31 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: A5oPTawbP/WqypC/CxDxiynntSDM1pNaIEaBj0zeYzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:79:f5:79:38:cc:56:c0:d0:88:db:ae:87:66:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Apr 19 07:00:31 2026 GMT
            Not After : Apr 20 07:00:31 2026 GMT
        Subject: CN=05bde95d3f7bdf0c9674620a29f2aad810984091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1d:13:1f:83:32:82:30:c2:b7:ad:4d:5f:b3:
                    be:80:a2:89:72:93:4c:09:64:3f:47:5d:2a:55:e7:
                    a8:4d:d7:90:ae:e8:8a:3c:86:76:34:3d:be:6c:98:
                    26:5b:1d:6f:1f:06:9c:96:2f:b0:3f:3a:35:86:07:
                    67:46:58:9b:7e:b1:b8:7d:bc:e3:73:7e:65:d6:42:
                    0b:e2:f6:a2:a6:f6:fa:3d:29:bd:5f:42:57:d2:fb:
                    fd:fe:9a:62:26:b6:a1:e6:1f:fe:22:f8:41:7e:5c:
                    d3:a9:08:c5:aa:6a:43:88:b7:77:6b:18:d8:b0:3e:
                    42:d9:5c:0b:e1:e3:6d:20:b2:98:43:d2:9c:84:87:
                    b1:58:84:47:48:c9:72:57:a8:61:12:7e:74:77:c9:
                    e7:77:a3:b7:e6:c7:73:c7:35:79:3e:1b:5a:23:07:
                    b6:7a:42:f3:61:a1:a9:35:ad:c9:86:18:07:f1:a4:
                    12:65:07:fa:b8:42:18:95:91:fc:d8:2e:5b:94:7c:
                    cf:a5:15:19:98:de:fb:57:ab:62:69:de:35:2a:8b:
                    3d:1f:f0:2d:59:98:29:16:bd:41:a9:76:b7:e6:29:
                    36:b5:db:7f:3a:72:e4:eb:5b:68:ec:4c:fd:36:f3:
                    b5:b5:02:53:6b:da:ff:37:43:55:28:3c:79:33:4d:
                    63:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:BD:E9:5D:3F:7B:DF:0C:96:74:62:0A:29:F2:AA:D8:10:98:40:91
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:c7:20:28:39:15:3b:48:f6:75:40:6a:d1:bb:b2:8c:f1:b1:
         be:a8:2a:3d:ac:a1:e5:1a:09:e6:ab:17:c8:00:41:f4:e8:65:
         48:e2:79:f5:73:be:b4:dc:2b:dc:06:44:a2:ef:9e:f8:c0:0d:
         93:87:c7:65:05:76:c4:3f:a3:e4:16:4d:5e:bd:25:d9:71:cd:
         89:a2:0c:2b:83:70:f6:b9:ed:0e:d2:d9:d8:1f:d5:c3:5d:bb:
         38:c5:bb:e6:94:6b:05:d2:9f:7d:2f:01:fd:38:fc:33:52:ea:
         b1:27:93:cd:cf:e0:ed:bc:d8:6e:e6:e4:34:e5:7d:06:a7:5d:
         98:83:f8:a4:bc:9d:34:f8:c6:11:14:99:05:c0:c7:2a:97:e5:
         4f:3e:06:58:ed:f1:97:88:ef:fd:11:dc:4f:f6:29:48:02:eb:
         19:c8:f1:1b:2c:66:73:ee:5a:2b:9a:ea:b9:33:4b:a0:76:2a:
         41:bd:87:fb:91:40:5e:39:93:63:4e:45:bb:35:29:1f:53:24:
         46:b7:f2:9d:72:52:3a:12:91:e3:a8:3c:e9:be:53:c6:d0:ad:
         a9:4c:bb:93:37:21:fc:41:d9:45:04:be:23:f5:08:d0:c2:97:
         af:4c:33:4d:32:2a:c4:3d:a7:a8:e6:2e:0c:59:6d:15:79:b9:
         3f:16:af:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kinn1eTjMVsDQiNuuh2YPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjYwNDE5MDcwMDMxWhcNMjYwNDIwMDcwMDMxWjAzMTEwLwYDVQQD
EygwNWJkZTk1ZDNmN2JkZjBjOTY3NDYyMGEyOWYyYWFkODEwOTg0MDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh0TH4MygjDCt61NX7O+gKKJcpNM
CWQ/R10qVeeoTdeQruiKPIZ2ND2+bJgmWx1vHwacli+wPzo1hgdnRlibfrG4fbzj
c35l1kIL4vaipvb6PSm9X0JX0vv9/ppiJrah5h/+IvhBflzTqQjFqmpDiLd3axjY
sD5C2VwL4eNtILKYQ9KchIexWIRHSMlyV6hhEn50d8nnd6O35sdzxzV5PhtaIwe2
ekLzYaGpNa3JhhgH8aQSZQf6uEIYlZH82C5blHzPpRUZmN77V6tiad41Kos9H/At
WZgpFr1BqXa35ik2tdt/OnLk61to7Ez9NvO1tQJTa9r/N0NVKDx5M01jOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAW96V0/e98MlnRiCinyqtgQmECRMB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ8cgKDkV
O0j2dUBq0buyjPGxvqgqPayh5RoJ5qsXyABB9OhlSOJ59XO+tNwr3AZEou+e+MAN
k4fHZQV2xD+j5BZNXr0l2XHNiaIMK4Nw9rntDtLZ2B/Vw127OMW75pRrBdKffS8B
/Tj8M1LqsSeTzc/g7bzYbubkNOV9BqddmIP4pLydNPjGERSZBcDHKpflTz4GWO3x
l4jv/RHcT/YpSALrGcjxGyxmc+5aK5rquTNLoHYqQb2H+5FAXjmTY05FuzUpH1Mk
RrfynXJSOhKR46g86b5TxtCtqUy7kzch/EHZRQS+I/UI0MKXr0wzTTIqxD2nqOYu
DFltFXm5Pxavwg==
-----END CERTIFICATE-----