Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          zQgYN1O+gc+1U871fDY08cb+oBMWk6AcnjK4xSuwEPg=
Subject key identifier:   EA:C8:DC:4E:74:E0:17:F6:63:DF:A9:15:92:43:13:2A:22:84:B8:B5
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019776AE708C912E8805A0C473D732631899
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          02A5
Signing time:             Mon 16 Jun 2025 03:00:32 +0000
Manifest this update:     Mon 16 Jun 2025 03:00:32 +0000
Manifest next update:     Tue 17 Jun 2025 03:00:32 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: HF4LhrJOgtvp4JD/royG8pEgt4iV5DYBzYFu/w+9/2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 03:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:ae:70:8c:91:2e:88:05:a0:c4:73:d7:32:63:18:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Jun 16 03:00:32 2025 GMT
            Not After : Jun 17 03:00:32 2025 GMT
        Subject: CN=eac8dc4e74e017f663dfa9159243132a2284b8b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:73:4d:22:fb:e8:1d:d9:ce:12:e7:da:25:54:
                    f7:aa:c1:0c:81:af:fd:ce:79:96:ef:9c:a3:0b:7f:
                    4a:45:63:66:9e:9b:89:e6:3f:b1:2c:94:d0:1f:58:
                    9d:e2:24:ad:3c:f6:4a:1b:15:4b:1a:8d:0c:5a:93:
                    ea:ef:c2:61:31:fb:de:1d:15:29:41:83:70:f9:2e:
                    ff:31:4a:5f:05:7e:dc:ea:d1:09:47:f0:5e:3d:93:
                    3d:ce:1e:5b:86:a6:ee:39:89:43:de:4c:ed:d3:11:
                    86:b1:27:fe:c5:11:3a:41:f0:2f:c3:39:e9:39:16:
                    cb:8c:a7:10:df:3a:2a:f9:5f:f1:00:d1:21:cf:5f:
                    dd:74:f9:ed:d2:c9:f9:78:90:95:2c:36:58:0b:ac:
                    bc:f9:7b:f7:b1:7d:3b:ad:44:48:b1:be:be:91:3a:
                    58:4e:e1:21:b7:8a:9b:d9:f9:bb:fb:90:99:8e:f9:
                    ce:fe:d2:70:3e:9c:dd:b9:8d:72:d5:37:1a:66:af:
                    4b:fa:d9:8a:e1:3e:a3:81:b3:b7:94:8e:47:da:cc:
                    d4:eb:82:f7:36:88:c7:79:14:bd:98:9f:3d:ce:a2:
                    47:23:26:b3:84:4a:cd:8b:d7:b8:c3:8d:a6:34:da:
                    df:a7:1e:e2:fc:a6:3c:e3:50:f9:a2:e6:1c:fc:e0:
                    98:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C8:DC:4E:74:E0:17:F6:63:DF:A9:15:92:43:13:2A:22:84:B8:B5
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:9f:c6:f7:57:d9:0d:0a:a6:ae:58:28:a3:f1:15:ee:bb:4c:
         43:ad:b9:13:02:29:ad:8f:70:11:8e:74:a4:b5:87:f1:68:3f:
         b1:13:7e:1c:ad:33:8c:ce:47:e5:02:1a:58:41:9e:37:61:17:
         02:67:83:62:fc:b2:ce:80:21:8d:84:6c:12:50:52:17:79:a4:
         c5:d1:6d:49:43:5c:24:cc:ad:71:ce:62:eb:eb:dd:79:b7:40:
         17:dc:ac:e0:58:4c:4e:e7:18:ff:8e:5d:df:7e:1d:c1:b9:ec:
         74:8a:b9:bb:c4:6a:2b:fb:f6:bf:c7:38:69:c4:57:a4:39:75:
         e7:0e:2b:90:25:4a:ec:e1:1a:d7:d9:d7:d4:41:6c:d1:7a:4c:
         15:e6:58:b7:ce:ae:29:fa:7f:17:09:8c:32:4f:d9:49:97:7d:
         d8:7a:45:cf:b0:8d:c4:4a:b7:5c:dd:f5:9a:c2:ac:43:1a:b0:
         25:68:be:ae:8e:d9:85:b2:fe:fc:8a:a6:63:24:08:47:78:e2:
         89:3d:c7:52:30:93:d0:c6:c9:7a:47:48:5f:f2:6e:b1:54:81:
         4e:28:f7:03:bf:20:9b:da:9f:8d:d3:a3:21:3b:34:51:cc:5d:
         58:66:9b:57:42:ea:55:67:29:fa:4c:f1:ec:29:95:cf:58:e7:
         ec:12:bf:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd2rnCMkS6IBaDEc9cyYxiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjUwNjE2MDMwMDMyWhcNMjUwNjE3MDMwMDMyWjAzMTEwLwYDVQQD
EyhlYWM4ZGM0ZTc0ZTAxN2Y2NjNkZmE5MTU5MjQzMTMyYTIyODRiOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7XNNIvvoHdnOEufaJVT3qsEMga/9
znmW75yjC39KRWNmnpuJ5j+xLJTQH1id4iStPPZKGxVLGo0MWpPq78JhMfveHRUp
QYNw+S7/MUpfBX7c6tEJR/BePZM9zh5bhqbuOYlD3kzt0xGGsSf+xRE6QfAvwznp
ORbLjKcQ3zoq+V/xANEhz1/ddPnt0sn5eJCVLDZYC6y8+Xv3sX07rURIsb6+kTpY
TuEht4qb2fm7+5CZjvnO/tJwPpzduY1y1TcaZq9L+tmK4T6jgbO3lI5H2szU64L3
NojHeRS9mJ89zqJHIyazhErNi9e4w42mNNrfpx7i/KY841D5ouYc/OCY0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrI3E504Bf2Y9+pFZJDEyoihLi1MB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZ/G91fZ
DQqmrlgoo/EV7rtMQ625EwIprY9wEY50pLWH8Wg/sRN+HK0zjM5H5QIaWEGeN2EX
AmeDYvyyzoAhjYRsElBSF3mkxdFtSUNcJMytcc5i6+vdebdAF9ys4FhMTucY/45d
334dwbnsdIq5u8RqK/v2v8c4acRXpDl15w4rkCVK7OEa19nX1EFs0XpMFeZYt86u
Kfp/FwmMMk/ZSZd92HpFz7CNxEq3XN31msKsQxqwJWi+ro7ZhbL+/IqmYyQIR3ji
iT3HUjCT0MbJekdIX/JusVSBTij3A78gm9qfjdOjITs0UcxdWGabV0LqVWcp+kzx
7CmVz1jn7BK/dA==
-----END CERTIFICATE-----