Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          NoyOdODyrTkVhDRZOjYoKLum86NXBakZUssJrT6HYLY=
Subject key identifier:   2C:D0:46:E4:40:47:F9:55:D7:E3:44:D1:9F:76:C5:DB:18:30:14:D7
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019CAD598C5ABA6A655AFF5234838E21AAFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          0558
Signing time:             Mon 02 Mar 2026 07:00:52 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:52 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:52 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: YvsR3I2BpMvfW6O0gsnszXKGCa3leBIZ5OXkoRo/Rgc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:8c:5a:ba:6a:65:5a:ff:52:34:83:8e:21:aa:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Mar  2 07:00:52 2026 GMT
            Not After : Mar  3 07:00:52 2026 GMT
        Subject: CN=2cd046e44047f955d7e344d19f76c5db183014d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:3d:7e:cf:e2:6f:19:d9:5a:31:8d:4f:b3:01:
                    1b:47:f2:a9:80:94:38:3a:4d:b7:ae:c5:69:71:32:
                    f2:f0:bf:e5:21:ed:bd:d1:ba:1d:3c:50:c5:0d:34:
                    ff:d2:f5:c0:d7:1c:09:72:b3:2e:25:64:14:50:b1:
                    13:36:08:38:57:ac:a5:1a:68:20:74:e9:bf:df:dc:
                    f0:2a:7c:52:52:03:3a:9a:64:32:f7:98:4c:56:ab:
                    7b:af:12:18:a1:c1:5c:3e:1d:5a:96:1a:2d:45:d4:
                    b8:31:9e:28:4b:45:62:86:1c:65:4c:b5:8b:e2:23:
                    7f:44:0a:42:04:bb:1c:fe:dd:03:e2:20:8c:a7:9d:
                    43:aa:9e:23:d1:4f:b5:cb:55:e9:23:8e:28:ba:f8:
                    e8:19:82:8e:fe:d5:4f:4f:dd:e3:b7:c6:4e:1d:e9:
                    19:fe:0d:78:c3:3d:20:9c:ab:ac:eb:3f:25:66:e0:
                    b8:ca:34:90:f3:86:96:2d:e5:7c:f8:55:f7:b9:12:
                    90:ed:6f:13:a9:56:ae:e3:22:59:93:4e:71:d7:1d:
                    95:5e:b0:90:92:76:0b:db:8e:6f:fb:cd:01:1b:49:
                    67:14:85:ca:35:55:7b:ea:84:5f:72:5b:93:36:24:
                    5d:9c:d1:ea:22:c7:dd:a0:06:ad:11:fc:4d:eb:db:
                    c9:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:D0:46:E4:40:47:F9:55:D7:E3:44:D1:9F:76:C5:DB:18:30:14:D7
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:e5:00:03:bd:0d:f1:71:71:cf:d9:c7:eb:19:fa:c6:85:eb:
         03:c2:8b:0d:7f:54:bb:ce:8f:c8:3e:aa:53:21:5d:27:86:cb:
         ac:6e:76:7b:01:31:72:a2:08:57:7c:ff:d3:51:d7:05:f3:b6:
         94:c3:91:99:24:07:ea:7e:f3:a6:40:cb:8f:71:5a:65:dc:15:
         61:05:62:91:1b:55:0a:53:29:5b:48:67:bc:eb:ed:3a:be:d3:
         8b:fc:88:45:19:27:ff:89:7f:07:54:fa:f6:90:36:0b:91:40:
         27:f3:54:ca:f7:65:ad:bf:ba:28:9b:7a:dc:bf:d4:41:e2:1d:
         d3:17:e6:ee:a8:5f:a3:22:19:d2:4d:9f:19:87:36:b5:72:20:
         96:c4:b4:2b:5d:dc:f5:82:85:d9:c1:28:eb:07:f7:70:c4:a4:
         ec:25:27:e8:14:8c:1e:ea:83:b0:78:9a:26:ec:e5:52:ee:9d:
         8a:54:2a:bd:22:d8:3e:0e:57:d5:13:55:ac:b2:cf:1d:a2:ce:
         f2:c8:93:73:56:36:5e:b5:28:19:ab:1e:f7:bd:58:2b:dd:c2:
         6c:2a:2b:3a:40:b7:7a:44:b2:8b:e0:5f:cc:1d:7a:9b:0f:a4:
         a2:16:4a:d4:d2:ed:4d:b5:dd:3c:65:0f:a8:07:a8:ea:90:47:
         28:ef:ad:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWYxaumplWv9SNIOOIar+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjYwMzAyMDcwMDUyWhcNMjYwMzAzMDcwMDUyWjAzMTEwLwYDVQQD
EygyY2QwNDZlNDQwNDdmOTU1ZDdlMzQ0ZDE5Zjc2YzVkYjE4MzAxNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2j1+z+JvGdlaMY1PswEbR/KpgJQ4
Ok23rsVpcTLy8L/lIe290bodPFDFDTT/0vXA1xwJcrMuJWQUULETNgg4V6ylGmgg
dOm/39zwKnxSUgM6mmQy95hMVqt7rxIYocFcPh1alhotRdS4MZ4oS0VihhxlTLWL
4iN/RApCBLsc/t0D4iCMp51Dqp4j0U+1y1XpI44ouvjoGYKO/tVPT93jt8ZOHekZ
/g14wz0gnKus6z8lZuC4yjSQ84aWLeV8+FX3uRKQ7W8TqVau4yJZk05x1x2VXrCQ
knYL245v+80BG0lnFIXKNVV76oRfcluTNiRdnNHqIsfdoAatEfxN69vJQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzQRuRAR/lV1+NE0Z92xdsYMBTXMB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWOUAA70N
8XFxz9nH6xn6xoXrA8KLDX9Uu86PyD6qUyFdJ4bLrG52ewExcqIIV3z/01HXBfO2
lMORmSQH6n7zpkDLj3FaZdwVYQVikRtVClMpW0hnvOvtOr7Ti/yIRRkn/4l/B1T6
9pA2C5FAJ/NUyvdlrb+6KJt63L/UQeId0xfm7qhfoyIZ0k2fGYc2tXIglsS0K13c
9YKF2cEo6wf3cMSk7CUn6BSMHuqDsHiaJuzlUu6dilQqvSLYPg5X1RNVrLLPHaLO
8siTc1Y2XrUoGase971YK93CbCorOkC3ekSyi+BfzB16mw+kohZK1NLtTbXdPGUP
qAeo6pBHKO+tew==
-----END CERTIFICATE-----