Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
File:                     aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft (raw, json)
Hash identifier:          vbhuiAf2TN4nYPBnK0C9UuffL4aeOEicc3/BpO1Nvuw=
Subject key identifier:   2F:4D:67:81:E2:A6:F9:BF:CF:BE:1B:36:DE:EB:37:9F:2F:BB:85:74
Authority key identifier: 68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17
Certificate issuer:       /CN=68c1824be0b16f46d2ff012c5825a670bb932a17
Certificate serial:       01974855626FE32861863756D08E1B0EFEDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
Manifest number:          028D
Signing time:             Sat 07 Jun 2025 03:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 03:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 03:00:44 +0000
Files and hashes:         1: aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl (hash: D/nGqoruSueug7bdW9ODysGBHMJwSg0Xf5QYpbcUzx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:55:62:6f:e3:28:61:86:37:56:d0:8e:1b:0e:fe:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c1824be0b16f46d2ff012c5825a670bb932a17
        Validity
            Not Before: Jun  7 03:00:44 2025 GMT
            Not After : Jun  8 03:00:44 2025 GMT
        Subject: CN=2f4d6781e2a6f9bfcfbe1b36deeb379f2fbb8574
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:5f:7a:ae:31:ed:e7:37:5b:9c:62:22:b1:dc:
                    b3:ad:c0:90:31:6e:3e:4f:65:05:b1:bc:99:a1:48:
                    b8:e9:8a:d3:bd:89:46:90:5b:7e:ff:da:2c:47:e8:
                    d2:cb:c7:42:80:18:6c:9b:ba:6a:8d:e3:91:d3:9d:
                    0f:ef:ad:82:4d:a7:51:43:94:11:9a:82:3a:b6:9f:
                    58:6d:37:e3:98:f3:4e:65:c7:9d:22:3f:5d:00:39:
                    40:15:d3:81:59:9c:9a:1d:31:4d:8a:e9:a5:5b:9d:
                    8d:16:9a:b2:ab:79:94:ef:73:65:cc:eb:d4:73:1b:
                    5c:19:ec:97:04:cf:0d:5d:c4:20:4e:a5:03:03:dd:
                    ef:6d:f7:26:e0:51:fe:8b:07:e0:1c:b8:51:53:43:
                    48:70:76:4c:8a:ff:be:1e:a9:4b:cf:01:8b:da:1f:
                    80:e7:44:f7:9e:56:81:74:ec:2e:f4:d0:14:18:08:
                    80:49:55:67:0f:c5:92:5d:ad:4a:50:3c:3e:4f:f2:
                    fb:9a:da:19:38:6e:76:f6:57:e1:8f:83:d6:45:58:
                    09:35:e2:d2:ac:0f:ca:a8:ef:67:27:75:eb:ea:48:
                    db:45:f8:bb:ac:b0:a2:01:b5:d6:06:62:8a:3c:67:
                    27:98:c4:5b:d4:05:bf:bd:28:c7:72:42:2b:0f:98:
                    62:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:4D:67:81:E2:A6:F9:BF:CF:BE:1B:36:DE:EB:37:9F:2F:BB:85:74
            X509v3 Authority Key Identifier:
                keyid:68:C1:82:4B:E0:B1:6F:46:D2:FF:01:2C:58:25:A6:70:BB:93:2A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/986634-c573-4fc4-ada4-7fdeb8f50503/1/aMGCS-Cxb0bS_wEsWCWmcLuTKhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:22:5e:34:58:7b:82:63:cf:00:62:d0:62:48:65:a4:58:15:
         fb:7f:7c:0d:72:b1:07:7c:b9:84:cf:4d:49:1d:af:2e:3d:c5:
         98:9b:35:53:3d:1c:a1:e1:b8:46:8f:aa:20:de:a9:05:fd:a7:
         91:ee:01:f7:a9:07:ab:71:08:70:7b:7e:2e:6c:9b:e7:0b:ba:
         73:30:fd:38:00:83:36:1d:ec:94:c0:58:f6:2c:6f:75:b9:f6:
         5e:b5:fa:6a:25:a4:3b:c9:58:05:f7:56:04:23:b9:99:5e:5f:
         ee:52:7e:34:62:2b:be:83:11:b7:d0:b6:95:b6:37:e5:20:b0:
         13:2e:11:e8:ef:12:31:03:33:b4:68:71:5a:61:a0:f0:fb:f0:
         f4:fc:b1:2e:2c:18:06:a4:1c:91:d8:00:a1:bc:cc:99:3c:0c:
         1e:ea:07:66:23:5b:21:d9:44:fb:98:e8:2b:ea:81:bd:b0:ae:
         e8:6b:34:25:cd:0a:db:56:10:57:72:f3:88:44:e7:97:5c:19:
         d1:5f:4d:5a:6a:0e:fe:f9:2b:cb:9a:aa:fa:63:86:a8:23:7f:
         15:8c:b0:b7:05:de:c8:cf:71:88:bd:cc:46:80:0c:55:2d:e8:
         c2:5b:af:30:e4:74:8f:10:4d:c0:1c:3a:e0:29:b1:84:15:99:
         9d:82:97:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIVWJv4yhhhjdW0I4bDv7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE4MjRiZTBiMTZmNDZkMmZmMDEyYzU4MjVhNjcwYmI5
MzJhMTcwHhcNMjUwNjA3MDMwMDQ0WhcNMjUwNjA4MDMwMDQ0WjAzMTEwLwYDVQQD
EygyZjRkNjc4MWUyYTZmOWJmY2ZiZTFiMzZkZWViMzc5ZjJmYmI4NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV96rjHt5zdbnGIisdyzrcCQMW4+
T2UFsbyZoUi46YrTvYlGkFt+/9osR+jSy8dCgBhsm7pqjeOR050P762CTadRQ5QR
moI6tp9YbTfjmPNOZcedIj9dADlAFdOBWZyaHTFNiumlW52NFpqyq3mU73NlzOvU
cxtcGeyXBM8NXcQgTqUDA93vbfcm4FH+iwfgHLhRU0NIcHZMiv++HqlLzwGL2h+A
50T3nlaBdOwu9NAUGAiASVVnD8WSXa1KUDw+T/L7mtoZOG529lfhj4PWRVgJNeLS
rA/KqO9nJ3Xr6kjbRfi7rLCiAbXWBmKKPGcnmMRb1AW/vSjHckIrD5hiiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9NZ4Hipvm/z74bNt7rN58vu4V0MB8GA1UdIwQY
MBaAFGjBgkvgsW9G0v8BLFglpnC7kyoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQt
N2ZkZWI4ZjUwNTAzLzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85ODY2MzQtYzU3My00ZmM0LWFkYTQtN2ZkZWI4ZjUwNTAz
LzEvYU1HQ1MtQ3hiMGJTX3dFc1dDV21jTHVUS2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSJeNFh7
gmPPAGLQYkhlpFgV+398DXKxB3y5hM9NSR2vLj3FmJs1Uz0coeG4Ro+qIN6pBf2n
ke4B96kHq3EIcHt+Lmyb5wu6czD9OACDNh3slMBY9ixvdbn2XrX6aiWkO8lYBfdW
BCO5mV5f7lJ+NGIrvoMRt9C2lbY35SCwEy4R6O8SMQMztGhxWmGg8Pvw9PyxLiwY
BqQckdgAobzMmTwMHuoHZiNbIdlE+5joK+qBvbCu6Gs0Jc0K21YQV3LziETnl1wZ
0V9NWmoO/vkry5qq+mOGqCN/FYywtwXeyM9xiL3MRoAMVS3owluvMOR0jxBNwBw6
4CmxhBWZnYKXWw==
-----END CERTIFICATE-----