Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          ihtpzBU3FZc2CdMrxeLw+c2x97qERzcDydBm3jPg/yI=
Subject key identifier:   CC:84:9C:19:BF:62:2E:F6:2C:C4:A4:3B:DB:B6:EF:D5:A8:D2:0F:1B
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       019D98F523226CCA83E12A048A6EE2A021DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          086D
Signing time:             Fri 17 Apr 2026 01:01:35 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:35 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:35 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: /hLI+ik8iKatn5Is5issgLZ5YvclcRGhf/hxttV4jXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:23:22:6c:ca:83:e1:2a:04:8a:6e:e2:a0:21:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Apr 17 01:01:35 2026 GMT
            Not After : Apr 18 01:01:35 2026 GMT
        Subject: CN=cc849c19bf622ef62cc4a43bdbb6efd5a8d20f1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a6:3d:25:77:35:ee:b9:77:70:55:c7:af:ed:
                    d5:22:e7:b9:ca:bd:d5:0b:0b:43:82:e9:cd:b4:35:
                    56:21:d1:f0:a4:6d:0b:0e:6c:07:fa:7b:fc:3c:21:
                    f7:9e:21:ed:82:b0:72:f0:83:9e:75:29:0f:c5:34:
                    55:eb:da:e2:25:30:62:ff:8b:76:e1:ac:43:df:f8:
                    56:64:88:55:ca:e9:6a:67:14:c2:3e:83:2b:bd:5c:
                    2d:93:5b:69:d4:7f:1c:fa:af:9e:8b:88:1d:20:b0:
                    26:92:48:98:81:70:87:14:6e:28:81:6e:83:3e:b6:
                    e8:fb:c6:76:4f:f4:6a:9f:f6:09:35:53:89:a2:2f:
                    58:70:bc:26:27:cf:7e:c1:f5:9e:60:89:51:47:fc:
                    b3:ca:92:6f:4b:91:47:98:7a:63:b3:1f:b8:e4:46:
                    1f:46:56:0c:bf:b2:81:ba:3a:7c:59:16:75:e1:40:
                    55:99:f7:c4:89:63:65:9b:7d:4c:d0:16:02:97:18:
                    3d:bd:eb:03:15:46:2e:3a:cf:b3:99:78:51:cd:fb:
                    6c:23:fb:79:30:76:08:5d:92:86:7d:b8:de:b0:33:
                    25:fe:b6:54:bb:4e:61:01:e4:1d:c7:08:78:f0:7b:
                    21:c4:e7:d4:af:47:8b:92:b6:11:7a:a3:e4:05:e5:
                    d9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:84:9C:19:BF:62:2E:F6:2C:C4:A4:3B:DB:B6:EF:D5:A8:D2:0F:1B
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:67:29:c7:0e:98:34:f9:fd:c3:28:fa:7b:8c:a0:35:b3:9e:
         e9:0a:2f:55:54:c0:08:a5:5d:c7:6a:21:0e:f0:ac:e4:a9:c6:
         4c:2b:0c:36:e2:3b:fb:ef:29:23:42:fb:6e:eb:ff:bb:07:de:
         36:40:9a:a1:f2:b7:25:0b:68:1c:91:04:93:79:1b:b6:a2:10:
         50:bc:b1:24:d1:6d:75:dc:13:a5:fd:60:e0:ff:3e:50:b6:f3:
         bb:e5:bf:b3:60:2e:fa:57:2c:88:7a:92:45:58:ed:c1:91:0f:
         ed:ac:96:1b:ac:21:ec:cb:6c:3b:c2:06:32:74:dd:a7:34:a4:
         2a:e6:c3:39:60:c4:40:0a:c5:a2:34:aa:20:a2:9c:9e:a1:45:
         65:4a:fe:c4:6e:0c:c3:ff:a2:a8:5e:b0:56:d3:aa:d9:2d:ca:
         b5:82:71:cf:5d:45:16:e1:ed:a4:fc:77:7e:66:84:64:3f:7d:
         f9:50:cb:41:cc:fb:d2:b0:0e:8f:e2:87:f0:8f:f9:a0:e2:70:
         12:2b:04:33:e7:c0:75:54:86:bc:5e:fc:bc:1d:a5:7e:ab:3a:
         4d:36:9e:0e:c6:26:ba:1e:84:03:f2:0b:53:d8:49:7e:37:75:
         7b:eb:19:85:b8:eb:df:fc:2b:5b:cc:f0:a1:4b:dd:7c:69:a9:
         14:fb:29:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9SMibMqD4SoEim7ioCHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjYwNDE3MDEwMTM1WhcNMjYwNDE4MDEwMTM1WjAzMTEwLwYDVQQD
EyhjYzg0OWMxOWJmNjIyZWY2MmNjNGE0M2JkYmI2ZWZkNWE4ZDIwZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6Y9JXc17rl3cFXHr+3VIue5yr3V
CwtDgunNtDVWIdHwpG0LDmwH+nv8PCH3niHtgrBy8IOedSkPxTRV69riJTBi/4t2
4axD3/hWZIhVyulqZxTCPoMrvVwtk1tp1H8c+q+ei4gdILAmkkiYgXCHFG4ogW6D
Prbo+8Z2T/Rqn/YJNVOJoi9YcLwmJ89+wfWeYIlRR/yzypJvS5FHmHpjsx+45EYf
RlYMv7KBujp8WRZ14UBVmffEiWNlm31M0BYClxg9vesDFUYuOs+zmXhRzftsI/t5
MHYIXZKGfbjesDMl/rZUu05hAeQdxwh48HshxOfUr0eLkrYReqPkBeXZJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyEnBm/Yi72LMSkO9u279Wo0g8bMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWcpxw6Y
NPn9wyj6e4ygNbOe6QovVVTACKVdx2ohDvCs5KnGTCsMNuI7++8pI0L7buv/uwfe
NkCaofK3JQtoHJEEk3kbtqIQULyxJNFtddwTpf1g4P8+ULbzu+W/s2Au+lcsiHqS
RVjtwZEP7ayWG6wh7MtsO8IGMnTdpzSkKubDOWDEQArFojSqIKKcnqFFZUr+xG4M
w/+iqF6wVtOq2S3KtYJxz11FFuHtpPx3fmaEZD99+VDLQcz70rAOj+KH8I/5oOJw
EisEM+fAdVSGvF78vB2lfqs6TTaeDsYmuh6EA/ILU9hJfjd1e+sZhbjr3/wrW8zw
oUvdfGmpFPspIA==
-----END CERTIFICATE-----