Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          Eq9eD+X9mfSZbpXaCpJorHJ6CoJc1QPAfwNIbsD8ReA=
Subject key identifier:   14:A7:67:30:5A:BA:1D:60:27:F4:6D:03:D5:34:D9:22:90:20:C9:4E
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019873E334906C30272A569CB7E1592CDF98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          0328
Signing time:             Mon 04 Aug 2025 07:02:06 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:06 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:06 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: EfS6VPOrm/UXEh+1e8LNJOLAXYQot6jQ82E+A14UWGc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:34:90:6c:30:27:2a:56:9c:b7:e1:59:2c:df:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Aug  4 07:02:06 2025 GMT
            Not After : Aug  5 07:02:06 2025 GMT
        Subject: CN=14a767305aba1d6027f46d03d534d9229020c94e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:86:69:57:f7:3f:2f:b5:90:ff:59:bd:33:01:
                    df:d7:78:8f:a3:88:ef:af:24:ba:ce:e3:d5:80:20:
                    d7:26:e0:a5:b1:84:d8:ed:08:5d:ab:5c:be:95:9b:
                    7f:b8:ab:51:0e:e8:b7:6e:72:6d:3d:c3:09:8c:46:
                    b7:ae:9f:f2:a6:a7:31:45:3a:d6:7d:35:67:58:d8:
                    19:c0:9c:7e:19:a8:21:f1:be:d0:f7:eb:f5:6e:0d:
                    10:93:65:5b:1c:33:92:d9:1a:36:ca:ae:2b:96:2c:
                    c9:d9:c9:b1:d7:69:4e:e0:3c:a8:76:04:4f:fa:b5:
                    b1:73:a4:a3:f5:85:ab:89:65:c5:56:fb:5d:2f:d9:
                    dd:1a:70:62:19:03:62:8e:87:93:7c:f9:9c:d7:f5:
                    8a:89:a1:a6:38:81:ec:bf:48:59:44:37:82:1c:b2:
                    a2:75:30:24:92:dc:6f:f9:a5:67:65:aa:af:9d:6c:
                    e6:85:09:7e:4d:0f:2e:3f:9b:67:9b:20:f0:10:ba:
                    3c:74:bd:e3:7d:9e:39:8b:76:99:1f:ee:9e:a2:4f:
                    8b:e6:90:8a:fb:89:e9:b9:44:ff:b7:10:ae:e2:db:
                    62:7c:fd:85:c8:1c:9e:36:5a:5d:40:73:6f:1e:19:
                    10:56:94:6c:62:a9:50:58:0c:87:cd:1f:68:a2:f3:
                    29:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:A7:67:30:5A:BA:1D:60:27:F4:6D:03:D5:34:D9:22:90:20:C9:4E
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:b4:e2:af:ec:a2:39:a8:0c:1f:38:ae:51:e4:84:dc:18:ea:
         6d:eb:e2:58:b0:ee:23:67:95:11:f8:50:33:53:d0:c0:44:00:
         ab:80:71:61:84:0e:ff:8d:67:bb:d7:f8:83:9e:4a:0b:ff:d6:
         6e:a7:21:86:c2:71:3b:67:78:9d:30:e0:2e:ac:3b:fb:9d:7a:
         3e:1a:26:37:bf:ca:3c:ba:7f:0d:ba:92:6e:a8:f2:5b:3d:2f:
         be:52:e7:29:9a:6b:94:97:a5:aa:c1:26:6e:18:fd:af:03:bc:
         ea:de:72:29:83:b4:a7:ec:89:ad:fa:07:4f:87:05:a4:48:91:
         89:e8:94:fc:21:95:55:23:6f:5e:32:c7:a2:3f:76:be:e3:20:
         e5:87:b4:4c:fb:53:51:c0:8b:43:e6:20:9a:0b:06:61:ab:3a:
         7d:02:9b:e5:7e:65:9e:e7:8b:9b:0c:5a:a8:2d:bb:1f:75:94:
         da:2d:eb:aa:6d:e8:67:64:35:c2:29:32:a3:a8:85:67:4a:7c:
         fc:61:b2:16:28:ce:41:92:42:a8:e0:21:ab:94:a2:84:30:59:
         9d:90:d4:21:b0:48:e6:4d:fc:80:b2:49:df:7b:b3:ea:ac:35:
         e0:0d:41:a7:17:f9:31:3f:87:c2:40:76:e3:8d:39:e9:ff:5c:
         6e:fb:1a:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4zSQbDAnKlact+FZLN+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjUwODA0MDcwMjA2WhcNMjUwODA1MDcwMjA2WjAzMTEwLwYDVQQD
EygxNGE3NjczMDVhYmExZDYwMjdmNDZkMDNkNTM0ZDkyMjkwMjBjOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIZpV/c/L7WQ/1m9MwHf13iPo4jv
ryS6zuPVgCDXJuClsYTY7Qhdq1y+lZt/uKtRDui3bnJtPcMJjEa3rp/ypqcxRTrW
fTVnWNgZwJx+Gagh8b7Q9+v1bg0Qk2VbHDOS2Ro2yq4rlizJ2cmx12lO4DyodgRP
+rWxc6Sj9YWriWXFVvtdL9ndGnBiGQNijoeTfPmc1/WKiaGmOIHsv0hZRDeCHLKi
dTAkktxv+aVnZaqvnWzmhQl+TQ8uP5tnmyDwELo8dL3jfZ45i3aZH+6eok+L5pCK
+4npuUT/txCu4ttifP2FyByeNlpdQHNvHhkQVpRsYqlQWAyHzR9oovMpvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSnZzBauh1gJ/RtA9U02SKQIMlOMB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtbTir+yi
OagMHziuUeSE3BjqbeviWLDuI2eVEfhQM1PQwEQAq4BxYYQO/41nu9f4g55KC//W
bqchhsJxO2d4nTDgLqw7+516PhomN7/KPLp/DbqSbqjyWz0vvlLnKZprlJelqsEm
bhj9rwO86t5yKYO0p+yJrfoHT4cFpEiRieiU/CGVVSNvXjLHoj92vuMg5Ye0TPtT
UcCLQ+YgmgsGYas6fQKb5X5lnueLmwxaqC27H3WU2i3rqm3oZ2Q1wikyo6iFZ0p8
/GGyFijOQZJCqOAhq5SihDBZnZDUIbBI5k38gLJJ33uz6qw14A1Bpxf5MT+HwkB2
44056f9cbvsa2Q==
-----END CERTIFICATE-----