Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          ZFgPW/+UjZqxsXMHy7DDzrOH6qrCk6GN+uAOVKrJBO0=
Subject key identifier:   00:0D:9B:B8:2E:B6:5F:1E:9B:09:CC:91:6A:9C:DF:02:F6:90:D7:E7
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019A50E35852DF55827A6930C791FEBA6DCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          041F
Signing time:             Tue 04 Nov 2025 22:01:07 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:07 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:07 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: VHbaADBTOAteUZlYRmdYtfhToGU/Dt0TPShtWRI2SSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:58:52:df:55:82:7a:69:30:c7:91:fe:ba:6d:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Nov  4 22:01:07 2025 GMT
            Not After : Nov  5 22:01:07 2025 GMT
        Subject: CN=000d9bb82eb65f1e9b09cc916a9cdf02f690d7e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6a:15:6e:e6:b6:c1:30:4c:31:c4:d6:60:84:
                    82:02:3d:95:a2:c1:d8:87:04:9d:57:10:ba:40:5c:
                    4b:d5:5a:58:4e:1c:4a:4e:58:cf:0d:c2:78:2e:a2:
                    b2:f4:4c:64:00:7c:10:e6:04:f0:a3:12:17:48:f0:
                    01:3b:76:b3:7f:e6:3d:09:43:0c:c7:e9:e6:63:fb:
                    80:22:26:01:f8:59:29:66:9a:9e:42:b0:60:11:89:
                    f3:1a:d4:16:19:3c:9e:ed:b3:60:37:07:c0:6b:b4:
                    2a:27:9b:db:01:9f:a3:9f:e0:07:39:4b:4a:da:3d:
                    00:ba:f4:b7:0a:8e:05:50:eb:cd:7e:ce:9d:96:6d:
                    16:cb:c4:b5:ab:38:99:54:c7:57:7d:66:f9:b8:d3:
                    3b:84:8f:f2:f3:4b:2d:72:44:1b:62:51:17:21:90:
                    09:18:34:d1:6d:6c:c0:cd:d8:1c:00:06:50:9c:8e:
                    0a:d5:a8:ac:57:6c:b6:87:88:3b:89:5e:69:d0:04:
                    36:48:37:bb:78:1f:f9:ea:6e:7f:88:d5:92:0e:ee:
                    32:7b:25:44:7a:e0:3a:75:61:88:6c:ab:14:a7:37:
                    89:7c:a1:46:de:0d:ad:8f:68:ea:4f:76:ba:63:10:
                    89:4e:2b:22:85:e7:f1:9f:c1:b4:55:7a:57:aa:6a:
                    28:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:0D:9B:B8:2E:B6:5F:1E:9B:09:CC:91:6A:9C:DF:02:F6:90:D7:E7
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:ca:b4:6a:b7:ec:6d:71:53:91:0b:44:16:68:a9:6f:2e:30:
         21:ba:c5:0e:af:87:9a:7c:d0:f0:29:13:13:03:8d:99:50:96:
         4c:e1:65:96:62:77:a8:52:88:5b:2f:01:21:78:91:ef:2f:09:
         82:88:3e:89:3d:3c:b0:67:4e:5c:a8:2f:cb:ed:b5:fc:5b:c1:
         2b:44:4f:a3:cc:92:15:c3:ce:d7:f8:37:23:2d:a9:e8:42:b0:
         f4:62:27:18:01:b0:3e:68:49:4a:80:bf:e6:eb:a8:62:7e:7c:
         64:b8:35:47:e8:fc:ef:a4:cc:7e:4f:dd:97:6d:e2:d0:25:22:
         40:cf:7e:64:e8:8a:91:0a:e0:42:43:4c:7c:b7:a8:84:d4:7e:
         82:2e:05:aa:94:1c:e4:9b:9e:be:ba:7b:3b:39:a6:14:76:3c:
         01:d1:93:28:1e:ea:e5:48:d7:0c:57:6e:d3:48:2f:76:5d:8d:
         4c:52:e5:87:70:92:17:6f:61:f6:e3:bd:21:db:24:72:fd:31:
         c4:43:41:cc:df:5e:b3:dd:11:e3:68:4a:ca:8b:05:d9:eb:e4:
         92:1a:4b:ff:14:47:b1:53:ac:37:f8:dc:9c:45:65:86:04:9a:
         6a:bc:90:1f:25:79:c8:8d:8e:80:65:6d:e3:a3:0b:e9:28:61:
         21:ba:43:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ41hS31WCemkwx5H+um3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjUxMTA0MjIwMTA3WhcNMjUxMTA1MjIwMTA3WjAzMTEwLwYDVQQD
EygwMDBkOWJiODJlYjY1ZjFlOWIwOWNjOTE2YTljZGYwMmY2OTBkN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWoVbua2wTBMMcTWYISCAj2VosHY
hwSdVxC6QFxL1VpYThxKTljPDcJ4LqKy9ExkAHwQ5gTwoxIXSPABO3azf+Y9CUMM
x+nmY/uAIiYB+FkpZpqeQrBgEYnzGtQWGTye7bNgNwfAa7QqJ5vbAZ+jn+AHOUtK
2j0AuvS3Co4FUOvNfs6dlm0Wy8S1qziZVMdXfWb5uNM7hI/y80stckQbYlEXIZAJ
GDTRbWzAzdgcAAZQnI4K1aisV2y2h4g7iV5p0AQ2SDe7eB/56m5/iNWSDu4yeyVE
euA6dWGIbKsUpzeJfKFG3g2tj2jqT3a6YxCJTisihefxn8G0VXpXqmoodwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAANm7gutl8emwnMkWqc3wL2kNfnMB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKsq0arfs
bXFTkQtEFmipby4wIbrFDq+HmnzQ8CkTEwONmVCWTOFllmJ3qFKIWy8BIXiR7y8J
gog+iT08sGdOXKgvy+21/FvBK0RPo8ySFcPO1/g3Iy2p6EKw9GInGAGwPmhJSoC/
5uuoYn58ZLg1R+j876TMfk/dl23i0CUiQM9+ZOiKkQrgQkNMfLeohNR+gi4FqpQc
5Juevrp7OzmmFHY8AdGTKB7q5UjXDFdu00gvdl2NTFLlh3CSF29h9uO9Idskcv0x
xENBzN9es90R42hKyosF2evkkhpL/xRHsVOsN/jcnEVlhgSaaryQHyV5yI2OgGVt
46ML6ShhIbpD3g==
-----END CERTIFICATE-----