Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          gRtGYbz3/l0+LBL6hiIWoK4bLBGaPuWT/jzn/YZkX/E=
Subject key identifier:   71:1D:55:48:71:20:8B:D1:BC:07:52:6A:68:83:CE:71:A1:BD:2C:01
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       019A71B854E2E8A056078263F17CAC99C646
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          0430
Signing time:             Tue 11 Nov 2025 07:01:36 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:36 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:36 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: 5wR0fDnFoSgupZ6dzGzFqP896hI/z7TczeF0H6GY6wM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:54:e2:e8:a0:56:07:82:63:f1:7c:ac:99:c6:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Nov 11 07:01:36 2025 GMT
            Not After : Nov 12 07:01:36 2025 GMT
        Subject: CN=711d554871208bd1bc07526a6883ce71a1bd2c01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:89:ec:3a:d3:30:56:37:d7:50:4d:59:fb:2a:
                    ee:d0:55:85:f4:36:4e:8d:34:35:60:a4:5e:cc:c6:
                    38:e7:dc:8b:8f:2a:2c:b7:8e:2a:59:79:a6:69:49:
                    47:0c:f9:9d:a7:78:af:a7:8b:53:2d:aa:ae:0f:07:
                    45:a1:d4:94:7a:5a:20:b9:f6:33:c8:3a:7b:b6:0e:
                    a5:13:20:b8:29:c1:05:2b:9b:f9:c8:3d:f5:7f:c0:
                    11:56:69:9c:91:ea:09:21:4a:92:8e:9d:47:04:10:
                    58:bd:70:34:7f:c4:d5:66:c2:62:a7:4b:ea:6d:47:
                    28:e1:65:19:59:b8:9b:b9:80:50:a5:9f:c9:16:ad:
                    82:3e:40:eb:7f:4c:43:8d:f3:68:3d:be:01:4d:08:
                    f2:04:0a:f9:b4:92:2b:75:0b:24:59:7e:a3:4b:c0:
                    71:16:c9:fb:68:aa:76:99:a7:5a:26:2c:9d:b6:2d:
                    bb:42:3a:74:be:d8:82:f1:cb:57:bd:29:43:fd:aa:
                    d4:a3:0f:b4:78:29:9d:33:37:9e:8e:09:63:e9:e8:
                    75:ce:e6:1c:0c:40:ad:08:89:6c:29:7a:d3:a3:00:
                    bb:69:c4:87:eb:7f:5a:32:77:80:27:b9:7f:92:c2:
                    93:8e:aa:e7:e2:3d:12:87:c4:a6:23:b9:26:4c:d5:
                    f4:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:1D:55:48:71:20:8B:D1:BC:07:52:6A:68:83:CE:71:A1:BD:2C:01
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:2b:78:dd:ee:02:6d:bd:a0:23:c1:b0:15:11:a1:8c:fd:e8:
         31:17:8d:cd:65:bb:aa:d0:70:bd:8c:b1:5d:f2:f7:09:ef:19:
         79:7d:d8:85:58:a8:db:8a:32:aa:61:53:a1:7f:87:d9:bc:2e:
         2a:a6:d2:64:5e:09:87:5e:c6:f6:08:7e:fc:13:fc:7d:e7:da:
         f0:08:bc:70:57:23:a1:d2:8b:20:50:cc:ad:56:8f:90:72:4e:
         5f:37:1e:be:34:1f:6f:72:1d:fe:0f:ce:9b:90:09:6d:4a:1e:
         16:11:81:75:27:30:db:5d:93:52:f3:ab:b0:91:c5:a1:3b:85:
         0e:30:9a:f5:7f:67:06:61:d0:23:70:7f:c5:6f:ba:94:62:95:
         af:d9:cb:6c:9d:6d:dd:17:d4:5a:f8:aa:52:ed:7d:63:f4:7b:
         8f:91:0b:20:dc:86:d7:2e:54:76:1a:21:aa:6d:eb:8c:3c:3f:
         6d:79:d3:6d:04:f0:f3:67:bd:62:50:c8:2e:c2:b5:82:76:1c:
         a0:b2:ef:37:ad:23:32:a3:56:a6:cc:e8:ae:76:a5:40:30:d3:
         2f:41:60:c8:d5:7c:c5:c1:f9:e9:90:1f:37:cf:a9:52:3a:ce:
         97:9b:e2:b0:ea:6c:17:63:22:82:58:6a:71:e1:3f:4b:ad:58:
         4e:6e:eb:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFTi6KBWB4Jj8XysmcZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjUxMTExMDcwMTM2WhcNMjUxMTEyMDcwMTM2WjAzMTEwLwYDVQQD
Eyg3MTFkNTU0ODcxMjA4YmQxYmMwNzUyNmE2ODgzY2U3MWExYmQyYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkInsOtMwVjfXUE1Z+yru0FWF9DZO
jTQ1YKRezMY459yLjyost44qWXmmaUlHDPmdp3ivp4tTLaquDwdFodSUelogufYz
yDp7tg6lEyC4KcEFK5v5yD31f8ARVmmckeoJIUqSjp1HBBBYvXA0f8TVZsJip0vq
bUco4WUZWbibuYBQpZ/JFq2CPkDrf0xDjfNoPb4BTQjyBAr5tJIrdQskWX6jS8Bx
Fsn7aKp2madaJiydti27Qjp0vtiC8ctXvSlD/arUow+0eCmdMzeejglj6eh1zuYc
DECtCIlsKXrTowC7acSH639aMneAJ7l/ksKTjqrn4j0Sh8SmI7kmTNX07wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEdVUhxIIvRvAdSamiDznGhvSwBMB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQit43e4C
bb2gI8GwFRGhjP3oMReNzWW7qtBwvYyxXfL3Ce8ZeX3YhVio24oyqmFToX+H2bwu
KqbSZF4Jh17G9gh+/BP8fefa8Ai8cFcjodKLIFDMrVaPkHJOXzcevjQfb3Id/g/O
m5AJbUoeFhGBdScw212TUvOrsJHFoTuFDjCa9X9nBmHQI3B/xW+6lGKVr9nLbJ1t
3RfUWviqUu19Y/R7j5ELINyG1y5Udhohqm3rjDw/bXnTbQTw82e9YlDILsK1gnYc
oLLvN60jMqNWpszornalQDDTL0FgyNV8xcH56ZAfN8+pUjrOl5visOpsF2Miglhq
ceE/S61YTm7r8A==
-----END CERTIFICATE-----