Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          f/wCDLDxy/1GfY5eFoy1qOKsqoZMlH8MZNNK7MosD34=
Subject key identifier:   DD:4C:26:DE:20:E9:18:D6:8C:0C:73:A2:49:D3:0C:BC:42:CE:28:04
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       01987D8B6B0AD75D871D8704E50DD342029B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          05C8
Signing time:             Wed 06 Aug 2025 04:02:25 +0000
Manifest this update:     Wed 06 Aug 2025 04:02:25 +0000
Manifest next update:     Thu 07 Aug 2025 04:02:25 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: sbSlKLYhjf65Q90s20S1zOmIBhJRBCx+50RprTZLOG0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8b:6b:0a:d7:5d:87:1d:87:04:e5:0d:d3:42:02:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Aug  6 04:02:25 2025 GMT
            Not After : Aug  7 04:02:25 2025 GMT
        Subject: CN=dd4c26de20e918d68c0c73a249d30cbc42ce2804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:00:e3:51:b4:aa:e8:95:da:d3:e6:26:f7:9f:
                    a1:4c:cc:ce:73:44:9e:df:27:15:08:de:4d:e4:ba:
                    f1:34:44:07:67:a7:73:2c:24:4b:0b:30:cd:7b:ed:
                    7f:a6:5c:85:de:c5:97:70:2f:54:a4:c6:9e:8a:71:
                    6a:41:86:b7:3a:bb:73:0e:24:d0:e2:27:3e:de:6a:
                    c6:f3:3f:23:c8:9c:2b:34:e6:79:fd:c1:41:b3:95:
                    3e:f6:85:86:98:07:8e:0a:41:a8:d5:ec:c9:a3:14:
                    4b:f9:44:4b:b8:34:fe:90:59:9d:d9:39:b1:0d:7e:
                    5a:20:35:42:70:9f:8d:b3:4e:1f:c4:c4:ad:6a:7b:
                    dd:22:cd:e0:35:4f:1c:4f:d3:8d:8c:48:e1:82:79:
                    5b:5b:07:dc:24:fd:f9:13:99:8e:06:57:72:b1:24:
                    54:e2:0b:11:ef:a0:a8:8d:26:ad:4e:e1:26:19:b6:
                    6e:81:52:44:59:74:da:c2:9c:5c:f9:07:6e:03:54:
                    c6:37:82:6c:07:5a:08:52:11:0b:14:2e:98:a9:8b:
                    0b:ba:4b:15:24:08:bd:2d:c3:58:a5:5b:2f:e9:1f:
                    46:6d:8f:6f:0a:27:61:e0:b9:eb:ad:7f:a1:1d:3d:
                    33:80:b6:5b:f1:d4:b1:5c:79:2f:61:a2:d5:5a:3e:
                    d4:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:4C:26:DE:20:E9:18:D6:8C:0C:73:A2:49:D3:0C:BC:42:CE:28:04
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:c4:7c:e1:66:cd:c2:7e:8c:ad:37:a0:81:57:04:fb:f3:c3:
         7d:d7:94:b7:f9:c7:98:a3:19:56:c5:0c:6a:ba:38:09:df:60:
         93:6f:fd:f3:fa:e3:6e:4d:61:90:80:5f:09:20:fa:7c:8a:89:
         48:03:1d:cd:2a:f7:86:8f:85:7c:2d:9f:8e:5a:c1:6f:b0:bb:
         fb:52:53:57:64:cb:a4:ef:b0:7f:d6:ad:d7:ca:8f:ad:6f:f1:
         98:49:4c:3e:ab:0e:20:af:99:06:b8:0a:a5:f2:85:ef:19:61:
         7e:c5:20:c8:ed:27:cc:e0:96:f9:67:2b:e5:d7:87:5a:a3:6e:
         44:63:7f:fb:9a:d9:80:f3:fc:c0:78:51:0b:be:d0:7b:d5:6a:
         95:20:bb:01:72:d7:6a:3c:eb:0c:70:5b:0f:6d:03:0f:e1:a1:
         b5:7b:c5:86:86:44:48:34:d9:a8:f9:88:d9:10:c6:2c:25:f6:
         d1:30:ad:2a:08:f1:d7:33:fc:29:a8:88:db:f3:4b:ca:a0:76:
         e0:2c:e5:e7:37:9b:23:e1:ce:71:af:08:5f:f4:07:7c:fe:2f:
         e9:7c:4b:10:2d:78:cf:8b:fe:3c:35:c5:73:a0:40:c2:ef:33:
         9d:08:84:39:78:6c:f9:15:33:67:a4:e2:fb:04:6d:50:29:81:
         03:37:90:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9i2sK112HHYcE5Q3TQgKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUwODA2MDQwMjI1WhcNMjUwODA3MDQwMjI1WjAzMTEwLwYDVQQD
EyhkZDRjMjZkZTIwZTkxOGQ2OGMwYzczYTI0OWQzMGNiYzQyY2UyODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wDjUbSq6JXa0+Ym95+hTMzOc0Se
3ycVCN5N5LrxNEQHZ6dzLCRLCzDNe+1/plyF3sWXcC9UpMaeinFqQYa3OrtzDiTQ
4ic+3mrG8z8jyJwrNOZ5/cFBs5U+9oWGmAeOCkGo1ezJoxRL+URLuDT+kFmd2Tmx
DX5aIDVCcJ+Ns04fxMStanvdIs3gNU8cT9ONjEjhgnlbWwfcJP35E5mOBldysSRU
4gsR76CojSatTuEmGbZugVJEWXTawpxc+QduA1TGN4JsB1oIUhELFC6YqYsLuksV
JAi9LcNYpVsv6R9GbY9vCidh4LnrrX+hHT0zgLZb8dSxXHkvYaLVWj7ULQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1MJt4g6RjWjAxzoknTDLxCzigEMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8R84WbN
wn6MrTeggVcE+/PDfdeUt/nHmKMZVsUMaro4Cd9gk2/98/rjbk1hkIBfCSD6fIqJ
SAMdzSr3ho+FfC2fjlrBb7C7+1JTV2TLpO+wf9at18qPrW/xmElMPqsOIK+ZBrgK
pfKF7xlhfsUgyO0nzOCW+Wcr5deHWqNuRGN/+5rZgPP8wHhRC77Qe9VqlSC7AXLX
ajzrDHBbD20DD+GhtXvFhoZESDTZqPmI2RDGLCX20TCtKgjx1zP8KaiI2/NLyqB2
4Czl5zebI+HOca8IX/QHfP4v6XxLEC14z4v+PDXFc6BAwu8znQiEOXhs+RUzZ6Ti
+wRtUCmBAzeQMA==
-----END CERTIFICATE-----