Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          +BouQQoLWmceO2SKqOmd77TrrG+zN7APLVSw6OlHK1w=
Subject key identifier:   60:2C:5D:02:78:D3:F7:53:7D:A7:03:2C:8B:F4:88:D7:AC:D4:4A:11
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       019CAB6ADE0216DEE20164731B9D30248311
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          07F2
Signing time:             Sun 01 Mar 2026 22:00:33 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:33 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:33 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: faLvqNZjCPU9WedLA40ZwQFN3D1FQxDEvhHCj79JRfs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:de:02:16:de:e2:01:64:73:1b:9d:30:24:83:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Mar  1 22:00:33 2026 GMT
            Not After : Mar  2 22:00:33 2026 GMT
        Subject: CN=602c5d0278d3f7537da7032c8bf488d7acd44a11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5a:30:fd:6d:0f:9a:7b:71:07:8b:22:48:da:
                    a9:2d:2a:5d:61:74:14:3b:a1:d0:a3:c5:26:80:8d:
                    11:87:d8:fa:b6:37:5c:6c:8d:35:5e:d9:bb:9e:90:
                    cd:38:4c:d9:74:81:ed:8b:6e:fa:e8:db:10:b6:30:
                    d3:00:53:e3:b5:9e:83:55:22:ed:e5:2c:1e:dd:c6:
                    e1:31:82:7a:7b:62:c0:b4:63:e4:2e:ff:ca:08:3b:
                    bd:9c:59:01:03:36:c9:ae:6c:7a:05:d9:e8:60:bb:
                    aa:fa:32:04:24:5e:73:0c:00:f4:53:05:12:50:16:
                    d8:ac:20:d6:4b:85:3c:a7:60:61:e5:9e:80:df:66:
                    3a:9f:9e:77:6d:38:24:a3:82:9c:63:a9:7d:5c:4f:
                    52:e5:5d:18:72:7f:01:fd:2d:a1:28:32:00:dd:5d:
                    81:c5:71:fb:11:c0:ed:02:d4:66:19:39:48:46:b5:
                    41:70:ba:e9:35:02:ae:c7:6c:d4:39:24:28:74:14:
                    c2:38:51:f8:f8:9e:a0:a4:fd:e7:fe:07:8f:65:03:
                    f6:ca:73:d4:37:f6:13:9f:54:90:82:5b:43:71:5d:
                    d4:0e:f4:ad:fd:ab:95:e8:98:60:6b:fc:41:81:ce:
                    4f:ed:6d:33:a1:4b:bd:60:82:42:3f:4f:81:56:da:
                    39:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:2C:5D:02:78:D3:F7:53:7D:A7:03:2C:8B:F4:88:D7:AC:D4:4A:11
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:ff:37:f1:fb:97:84:c1:1d:fd:e3:e6:be:4b:67:a9:a6:2d:
         49:73:eb:5a:23:7e:f6:e4:6b:1b:f7:19:8f:06:02:c7:3f:af:
         f6:e7:4e:0d:e2:5b:ea:53:0d:41:e7:99:df:70:cc:14:9e:3f:
         71:1b:18:63:91:80:d1:59:4b:51:a3:f9:e3:be:ba:7e:78:32:
         e3:df:ce:bb:26:36:f7:ee:c4:cc:9c:a5:20:67:e3:59:63:58:
         ff:88:48:80:1b:9c:3e:2d:89:4f:68:1e:79:0e:f0:04:6f:5d:
         e1:54:ef:56:cd:c5:c9:ff:e3:e5:07:19:c5:1e:49:c4:50:ad:
         68:51:73:b1:87:ea:3d:a4:18:ba:fb:46:64:d0:de:17:04:a4:
         93:b7:31:3a:59:d3:3e:bb:f7:be:e7:8e:29:1e:0e:51:17:ce:
         c5:4c:78:10:26:3d:56:2f:ab:d9:7a:92:00:1c:85:c1:ba:00:
         be:7d:5c:07:2f:29:57:20:55:63:26:19:d4:ac:97:01:04:b8:
         ab:2e:ca:e3:69:f6:7b:45:d0:9e:e1:66:9f:eb:36:cc:bf:94:
         2e:db:cb:b1:49:84:84:bf:93:6d:2e:09:61:fd:9f:ec:16:7a:
         63:88:77:7c:54:f8:b9:0b:d3:40:40:50:ab:19:aa:5d:08:48:
         e3:86:19:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrat4CFt7iAWRzG50wJIMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjYwMzAxMjIwMDMzWhcNMjYwMzAyMjIwMDMzWjAzMTEwLwYDVQQD
Eyg2MDJjNWQwMjc4ZDNmNzUzN2RhNzAzMmM4YmY0ODhkN2FjZDQ0YTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1ow/W0PmntxB4siSNqpLSpdYXQU
O6HQo8UmgI0Rh9j6tjdcbI01Xtm7npDNOEzZdIHti2766NsQtjDTAFPjtZ6DVSLt
5Swe3cbhMYJ6e2LAtGPkLv/KCDu9nFkBAzbJrmx6BdnoYLuq+jIEJF5zDAD0UwUS
UBbYrCDWS4U8p2Bh5Z6A32Y6n553bTgko4KcY6l9XE9S5V0Ycn8B/S2hKDIA3V2B
xXH7EcDtAtRmGTlIRrVBcLrpNQKux2zUOSQodBTCOFH4+J6gpP3n/gePZQP2ynPU
N/YTn1SQgltDcV3UDvSt/auV6Jhga/xBgc5P7W0zoUu9YIJCP0+BVto5RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAsXQJ40/dTfacDLIv0iNes1EoRMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEP838fuX
hMEd/ePmvktnqaYtSXPrWiN+9uRrG/cZjwYCxz+v9udODeJb6lMNQeeZ33DMFJ4/
cRsYY5GA0VlLUaP54766fngy49/OuyY29+7EzJylIGfjWWNY/4hIgBucPi2JT2ge
eQ7wBG9d4VTvVs3Fyf/j5QcZxR5JxFCtaFFzsYfqPaQYuvtGZNDeFwSkk7cxOlnT
Prv3vueOKR4OURfOxUx4ECY9Vi+r2XqSAByFwboAvn1cBy8pVyBVYyYZ1KyXAQS4
qy7K42n2e0XQnuFmn+s2zL+ULtvLsUmEhL+TbS4JYf2f7BZ6Y4h3fFT4uQvTQEBQ
qxmqXQhI44YZAA==
-----END CERTIFICATE-----