Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          6d1OJObLX9956hoSllOxthsHKbkKBIORbr278RR9Jag=
Subject key identifier:   E8:B9:F7:BF:FB:66:A2:DA:33:21:AA:A5:2F:0E:3D:48:DA:CC:07:C3
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019D38659521563269E1D0D6E89D0EDE55A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          05A0
Signing time:             Sun 29 Mar 2026 07:01:14 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:14 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:14 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: Nc4Q9WXuZWJJK2a7gjV4yAbpWaXf0YSUkwXzNl61EXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:95:21:56:32:69:e1:d0:d6:e8:9d:0e:de:55:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Mar 29 07:01:14 2026 GMT
            Not After : Mar 30 07:01:14 2026 GMT
        Subject: CN=e8b9f7bffb66a2da3321aaa52f0e3d48dacc07c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2a:57:a1:3c:2a:c7:c7:df:57:55:5c:d1:74:
                    c8:4b:aa:c2:ef:fd:a7:8e:93:31:5a:91:8d:f9:30:
                    59:60:f4:4a:20:72:6d:fd:3c:b6:9d:68:38:b2:6e:
                    2d:56:f4:68:91:f9:6a:4b:16:ef:4f:05:f4:b3:e7:
                    b7:bf:fe:6e:8b:76:34:d8:09:f6:fe:28:0a:29:94:
                    ce:bb:f1:e1:c2:09:3a:ec:72:c2:62:46:cf:dc:ed:
                    04:b7:bc:ca:eb:4a:20:10:86:48:73:ca:a7:61:58:
                    b1:71:f3:aa:f7:7b:c4:5a:2f:10:30:e9:d2:62:46:
                    af:e6:51:15:ad:a4:02:40:4b:01:2d:36:6f:0d:e6:
                    cd:7f:0b:f3:72:3a:8c:77:38:10:a7:1e:18:56:21:
                    85:2f:2b:fb:5a:a3:5e:f2:79:67:55:70:c2:85:de:
                    26:22:d0:f4:03:7b:30:9d:83:58:47:6e:b9:e7:18:
                    3f:e9:8d:30:e8:a7:9b:eb:8a:23:53:e2:e7:ac:97:
                    9e:2b:9b:1e:3c:30:fc:31:f3:3f:e1:36:f6:1d:07:
                    04:90:7e:76:6a:fb:89:c3:1d:3f:31:97:43:b0:c9:
                    2a:c1:f9:d7:2e:aa:f5:b0:88:cc:3d:34:8f:7e:8f:
                    51:80:6c:ec:44:b0:88:e0:d9:31:4a:17:8b:0c:71:
                    e9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:B9:F7:BF:FB:66:A2:DA:33:21:AA:A5:2F:0E:3D:48:DA:CC:07:C3
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:c3:e1:63:a9:e6:81:f0:cd:d9:cd:cb:49:de:d3:96:ee:8e:
         ab:6a:2f:85:ee:3d:c3:98:26:78:24:a6:9d:29:9f:45:af:e0:
         36:d0:a3:38:bb:67:9d:87:58:7c:71:3d:c4:ff:fa:63:64:ef:
         28:73:13:ad:54:7e:ee:07:59:c8:94:6d:a1:6d:43:2e:f6:d0:
         1a:49:ba:cf:1c:f2:a8:f4:cd:5a:ed:27:ef:ad:6d:fc:c8:b7:
         2e:4b:15:64:a9:8a:55:2d:e3:bf:ed:0c:34:37:d6:a7:84:cf:
         b6:e3:e9:f5:cd:d6:8f:4e:e4:55:81:02:68:0b:39:cb:e7:e8:
         38:5a:2a:10:2f:7e:5e:52:0b:5f:01:a3:fb:04:88:09:4b:5f:
         e6:68:d9:a9:f0:ce:c3:97:a0:25:18:5c:fb:ed:08:ea:92:aa:
         b2:f6:7c:51:2b:2b:f2:8d:51:c8:b4:a8:9e:39:38:02:d0:1e:
         9a:6d:cf:ad:1d:b9:9b:f6:c4:b1:3c:60:a8:63:82:7a:90:77:
         2c:20:5f:61:e6:8a:ee:44:e1:a2:17:8c:2f:87:91:1b:77:8f:
         54:55:35:a9:3a:f7:06:47:98:fa:65:1c:03:c4:93:41:14:0d:
         bb:c5:e9:e7:f6:c5:1c:cb:75:20:1f:0e:93:7d:30:99:fa:2c:
         3d:3e:6d:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZUhVjJp4dDW6J0O3lWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjYwMzI5MDcwMTE0WhcNMjYwMzMwMDcwMTE0WjAzMTEwLwYDVQQD
EyhlOGI5ZjdiZmZiNjZhMmRhMzMyMWFhYTUyZjBlM2Q0OGRhY2MwN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCpXoTwqx8ffV1Vc0XTIS6rC7/2n
jpMxWpGN+TBZYPRKIHJt/Ty2nWg4sm4tVvRokflqSxbvTwX0s+e3v/5ui3Y02An2
/igKKZTOu/Hhwgk67HLCYkbP3O0Et7zK60ogEIZIc8qnYVixcfOq93vEWi8QMOnS
Ykav5lEVraQCQEsBLTZvDebNfwvzcjqMdzgQpx4YViGFLyv7WqNe8nlnVXDChd4m
ItD0A3swnYNYR2655xg/6Y0w6Keb64ojU+LnrJeeK5sePDD8MfM/4Tb2HQcEkH52
avuJwx0/MZdDsMkqwfnXLqr1sIjMPTSPfo9RgGzsRLCI4NkxSheLDHHpqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOi597/7ZqLaMyGqpS8OPUjazAfDMB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM8PhY6nm
gfDN2c3LSd7Tlu6Oq2ovhe49w5gmeCSmnSmfRa/gNtCjOLtnnYdYfHE9xP/6Y2Tv
KHMTrVR+7gdZyJRtoW1DLvbQGkm6zxzyqPTNWu0n761t/Mi3LksVZKmKVS3jv+0M
NDfWp4TPtuPp9c3Wj07kVYECaAs5y+foOFoqEC9+XlILXwGj+wSICUtf5mjZqfDO
w5egJRhc++0I6pKqsvZ8USsr8o1RyLSonjk4AtAemm3PrR25m/bEsTxgqGOCepB3
LCBfYeaK7kThoheML4eRG3ePVFU1qTr3BkeY+mUcA8STQRQNu8Xp5/bFHMt1IB8O
k30wmfosPT5tcw==
-----END CERTIFICATE-----