Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          6dVSOjT/1beLT3Q2e1JMS2l7DZ1rDTj8WRPJTB+YvLQ=
Subject key identifier:   21:3E:B6:00:6D:8D:7B:A1:45:34:70:7D:AD:8A:5F:65:81:64:F1:F9
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       01965500AA162C26F00BCE38DC1ABF941508
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          020F
Signing time:             Sun 20 Apr 2025 21:00:28 +0000
Manifest this update:     Sun 20 Apr 2025 21:00:28 +0000
Manifest next update:     Mon 21 Apr 2025 21:00:28 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: RxZrtuYA65vxo9ZGQBLSsfkWUUWIO1gijYfTzWr9Cjk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 21:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:00:aa:16:2c:26:f0:0b:ce:38:dc:1a:bf:94:15:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Apr 20 21:00:28 2025 GMT
            Not After : Apr 21 21:00:28 2025 GMT
        Subject: CN=213eb6006d8d7ba14534707dad8a5f658164f1f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:35:b5:f3:90:97:5d:cd:2f:24:2e:6f:54:af:
                    35:a3:0a:74:b1:74:27:72:e0:7b:3f:e8:73:14:f5:
                    de:50:4b:c1:d7:d8:09:74:ae:f1:af:e2:6a:5a:74:
                    7a:4c:0a:21:1c:81:2a:f4:c2:79:33:6a:28:47:8d:
                    f6:d7:cb:7b:85:41:45:ec:4b:f2:75:c8:57:5a:9d:
                    45:0f:22:54:82:1e:5a:d9:e0:f7:3d:68:cf:92:0a:
                    f4:b4:8a:26:a3:29:2d:d0:b9:c6:80:4a:4c:39:a7:
                    0c:b1:52:8f:4c:89:68:14:ed:79:d5:8a:37:03:fa:
                    93:5a:c3:1f:f9:e3:7a:ce:81:02:06:7e:2c:f1:1a:
                    0e:e1:c0:07:d2:ef:17:66:8e:60:60:31:14:6d:e9:
                    a4:5f:48:e2:d9:ab:dc:a3:a1:c4:38:a8:6e:0f:5f:
                    6e:a7:ac:22:10:e7:0f:ed:59:4e:86:53:db:c5:63:
                    c2:5f:ff:ac:3e:33:82:49:0d:ec:1e:de:52:0c:12:
                    ac:6e:53:1a:64:dd:75:7d:88:0d:b9:36:f4:52:6f:
                    7a:4b:ef:c0:de:de:07:30:a0:60:5a:71:d9:1d:0e:
                    4d:b0:a4:db:81:28:16:99:87:17:d5:ae:de:ee:de:
                    06:95:e1:59:cb:13:a2:07:15:99:33:68:40:f3:39:
                    6c:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:3E:B6:00:6D:8D:7B:A1:45:34:70:7D:AD:8A:5F:65:81:64:F1:F9
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:8c:e0:40:22:c5:da:1c:2b:48:5e:b6:a9:01:ba:43:87:fb:
         34:f6:24:ec:2e:68:38:ce:d4:11:af:d0:6e:db:4b:5b:e6:7f:
         a6:fb:fe:61:d0:01:ae:d1:30:95:01:7d:23:ab:25:b6:20:86:
         14:75:a7:3f:2e:be:db:cd:26:17:6b:53:23:77:7e:6e:b1:a0:
         fd:7c:ca:ab:4a:a0:ad:59:cb:d6:b4:5d:d0:ff:6c:75:e9:58:
         8d:e5:1e:d3:b8:5b:13:d2:e0:98:22:51:74:4a:d5:dd:75:83:
         c1:a6:b6:02:d5:b8:5f:75:a2:1c:0f:87:35:38:6c:97:26:fb:
         c7:3b:b5:25:08:5a:f7:97:c0:2e:50:13:44:a5:f4:86:3b:e5:
         8e:11:8c:95:80:3b:aa:93:a5:a1:fe:f9:0f:19:2e:32:b4:4c:
         5e:82:18:87:0a:42:af:0d:c9:d4:17:68:9a:ed:d1:fb:3f:c6:
         fb:c7:9c:17:77:b6:0d:be:5a:32:12:95:d0:d0:3a:8b:34:01:
         a4:47:32:7c:49:c0:b8:31:49:b7:a0:ce:26:2c:16:b6:5b:f8:
         d3:dc:e9:02:e1:d0:c7:60:65:2e:0c:2d:dd:ec:4e:8b:30:d3:
         83:5a:99:ab:a1:0a:fd:a8:5a:53:6a:1c:f3:33:c6:32:3d:42:
         f7:33:e1:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVAKoWLCbwC8443Bq/lBUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjUwNDIwMjEwMDI4WhcNMjUwNDIxMjEwMDI4WjAzMTEwLwYDVQQD
EygyMTNlYjYwMDZkOGQ3YmExNDUzNDcwN2RhZDhhNWY2NTgxNjRmMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDW185CXXc0vJC5vVK81owp0sXQn
cuB7P+hzFPXeUEvB19gJdK7xr+JqWnR6TAohHIEq9MJ5M2ooR43218t7hUFF7Evy
dchXWp1FDyJUgh5a2eD3PWjPkgr0tIomoykt0LnGgEpMOacMsVKPTIloFO151Yo3
A/qTWsMf+eN6zoECBn4s8RoO4cAH0u8XZo5gYDEUbemkX0ji2avco6HEOKhuD19u
p6wiEOcP7VlOhlPbxWPCX/+sPjOCSQ3sHt5SDBKsblMaZN11fYgNuTb0Um96S+/A
3t4HMKBgWnHZHQ5NsKTbgSgWmYcX1a7e7t4GleFZyxOiBxWZM2hA8zlsfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCE+tgBtjXuhRTRwfa2KX2WBZPH5MB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb4zgQCLF
2hwrSF62qQG6Q4f7NPYk7C5oOM7UEa/QbttLW+Z/pvv+YdABrtEwlQF9I6sltiCG
FHWnPy6+280mF2tTI3d+brGg/XzKq0qgrVnL1rRd0P9sdelYjeUe07hbE9LgmCJR
dErV3XWDwaa2AtW4X3WiHA+HNThslyb7xzu1JQha95fALlATRKX0hjvljhGMlYA7
qpOlof75DxkuMrRMXoIYhwpCrw3J1Bdomu3R+z/G+8ecF3e2Db5aMhKV0NA6izQB
pEcyfEnAuDFJt6DOJiwWtlv409zpAuHQx2BlLgwt3exOizDTg1qZq6EK/ahaU2oc
8zPGMj1C9zPhCA==
-----END CERTIFICATE-----