Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          sEZUgyf77oi6+ed4b0H3aP2YHama/xgwpGNptl0Q0lE=
Subject key identifier:   8E:58:9D:48:8D:82:9B:7B:41:37:56:23:19:21:97:2A:E4:B2:A0:50
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019679B1F9CE76796D554999344DEB8B117E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          0222
Signing time:             Mon 28 Apr 2025 00:00:28 +0000
Manifest this update:     Mon 28 Apr 2025 00:00:28 +0000
Manifest next update:     Tue 29 Apr 2025 00:00:28 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: /rbKlpPP8cp8cVV3mKJwdJ6qeQuT49DjM/I+ZaN1e74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:b1:f9:ce:76:79:6d:55:49:99:34:4d:eb:8b:11:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Apr 28 00:00:28 2025 GMT
            Not After : Apr 29 00:00:28 2025 GMT
        Subject: CN=8e589d488d829b7b413756231921972ae4b2a050
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e1:5c:c1:05:a6:d5:5f:98:87:4f:84:50:a5:
                    2e:83:49:46:d5:5e:5e:b7:98:74:51:33:41:37:f5:
                    5e:e8:5b:f9:4b:c4:ee:89:31:a3:e1:f8:5e:0b:d2:
                    2f:75:5d:40:64:84:18:1c:5a:e7:61:56:26:a0:72:
                    27:de:38:b4:0f:72:82:2d:46:cb:00:12:f2:62:eb:
                    4a:3f:fd:77:b4:23:fb:b9:82:35:32:85:71:b6:e5:
                    69:ed:79:bd:e5:65:1b:58:7d:49:39:8e:c5:56:eb:
                    8b:e0:35:b2:21:f0:91:7a:98:7d:0b:4d:5b:25:b3:
                    91:8d:72:d1:44:a0:8d:17:15:5b:a7:c3:f9:dc:f9:
                    97:b3:98:d9:07:c4:36:44:23:f6:b5:0e:86:d7:ea:
                    0d:77:d1:80:13:2f:5d:0c:a5:ed:d5:c8:16:ae:12:
                    f6:54:e7:f6:a8:ad:9c:0e:ba:ba:8f:65:1b:8a:83:
                    0a:ff:42:96:3e:e7:92:05:0a:be:1a:dd:75:08:4b:
                    02:e8:85:f7:42:66:58:d9:81:8a:38:03:e0:0c:28:
                    e7:c0:17:0c:c8:c7:c6:ed:46:8e:f4:57:3b:c5:40:
                    d3:66:0f:f2:3d:ba:a2:16:85:aa:c8:87:a6:3a:23:
                    e4:49:35:c2:27:d1:20:b0:5a:1b:55:99:a2:24:db:
                    4d:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:58:9D:48:8D:82:9B:7B:41:37:56:23:19:21:97:2A:E4:B2:A0:50
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:ca:e8:f9:19:73:78:1f:08:b6:8a:5b:ac:fc:34:ac:59:00:
         2f:10:07:3b:66:07:29:5a:5c:fe:92:2c:7c:01:14:f4:3c:8d:
         96:60:15:08:fc:9e:81:04:a3:05:03:3b:34:7b:7d:6a:0f:0b:
         2d:73:5d:b5:e1:a7:75:6f:3e:6e:80:4d:58:01:7f:7a:b5:54:
         5e:0f:ff:14:00:2d:71:8a:92:e0:74:76:cb:ab:f4:da:90:b8:
         8a:8b:02:0d:c6:f9:23:b0:79:17:61:91:7f:fc:6a:04:c3:c5:
         b2:6b:1b:73:47:46:36:ef:6a:f0:58:e2:fe:37:b5:c8:f1:2d:
         f3:c5:9f:8e:19:a1:7d:82:9a:87:71:26:e0:ff:84:0f:26:6b:
         8a:37:35:2f:6b:b8:80:5a:b8:15:6f:02:84:0c:8e:05:0f:33:
         0d:f7:d7:e3:5c:7c:9f:53:fd:e3:9c:f9:7d:02:19:e9:b2:bc:
         c7:d8:8d:76:c6:66:4a:22:fd:a0:25:b8:9b:fe:0b:5c:0f:b0:
         e1:eb:fa:61:04:52:c1:7f:1e:ec:5d:7f:ea:fa:fa:e3:9f:30:
         d1:e1:07:b1:50:3d:ee:80:b5:3e:d6:0a:fb:97:97:fd:e1:d2:
         46:2b:c3:ab:14:84:13:ca:ea:54:f1:c8:0c:9a:78:84:86:74:
         9e:bf:b7:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5sfnOdnltVUmZNE3rixF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjUwNDI4MDAwMDI4WhcNMjUwNDI5MDAwMDI4WjAzMTEwLwYDVQQD
Eyg4ZTU4OWQ0ODhkODI5YjdiNDEzNzU2MjMxOTIxOTcyYWU0YjJhMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquFcwQWm1V+Yh0+EUKUug0lG1V5e
t5h0UTNBN/Ve6Fv5S8TuiTGj4fheC9IvdV1AZIQYHFrnYVYmoHIn3ji0D3KCLUbL
ABLyYutKP/13tCP7uYI1MoVxtuVp7Xm95WUbWH1JOY7FVuuL4DWyIfCReph9C01b
JbORjXLRRKCNFxVbp8P53PmXs5jZB8Q2RCP2tQ6G1+oNd9GAEy9dDKXt1cgWrhL2
VOf2qK2cDrq6j2UbioMK/0KWPueSBQq+Gt11CEsC6IX3QmZY2YGKOAPgDCjnwBcM
yMfG7UaO9Fc7xUDTZg/yPbqiFoWqyIemOiPkSTXCJ9EgsFobVZmiJNtNfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5YnUiNgpt7QTdWIxkhlyrksqBQMB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMro+Rlz
eB8ItopbrPw0rFkALxAHO2YHKVpc/pIsfAEU9DyNlmAVCPyegQSjBQM7NHt9ag8L
LXNdteGndW8+boBNWAF/erVUXg//FAAtcYqS4HR2y6v02pC4iosCDcb5I7B5F2GR
f/xqBMPFsmsbc0dGNu9q8Fji/je1yPEt88WfjhmhfYKah3Em4P+EDyZrijc1L2u4
gFq4FW8ChAyOBQ8zDffX41x8n1P945z5fQIZ6bK8x9iNdsZmSiL9oCW4m/4LXA+w
4ev6YQRSwX8e7F1/6vr6458w0eEHsVA97oC1PtYK+5eX/eHSRivDqxSEE8rqVPHI
DJp4hIZ0nr+3XA==
-----END CERTIFICATE-----