Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          u1n+Tna92+K9/WsBEDkd4Sm5GahYFEIA6F8CCwK6DEQ=
Subject key identifier:   44:5A:8B:6E:3C:D8:C1:D2:9B:B1:0C:66:61:3E:8A:B0:06:13:21:59
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       019A50E3F35830F664A68CBE820AA79DA6AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          06BA
Signing time:             Tue 04 Nov 2025 22:01:47 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:47 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:47 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: m5m8sbhcjIzsfP2R2LixT5Lc6x3zC145RkXzny0xPcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:f3:58:30:f6:64:a6:8c:be:82:0a:a7:9d:a6:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Nov  4 22:01:47 2025 GMT
            Not After : Nov  5 22:01:47 2025 GMT
        Subject: CN=445a8b6e3cd8c1d29bb10c66613e8ab006132159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c9:c1:5e:51:f5:ed:54:0d:13:6f:a2:b1:68:
                    7c:21:01:27:1e:52:b7:9d:7d:4d:ee:fb:b8:07:87:
                    f1:5d:a0:b7:7f:9b:e0:c2:5d:a4:a5:83:05:44:fb:
                    c7:19:2c:2f:0c:68:67:dd:e0:20:b3:cd:94:7b:32:
                    51:10:df:6c:27:01:e3:db:b1:d5:b7:65:11:e1:4b:
                    65:86:9f:aa:da:60:c7:ad:7e:ad:19:70:ce:e3:5f:
                    b6:fa:e5:bb:19:a2:a5:b0:c4:ec:23:20:c9:f2:80:
                    89:82:9f:15:4b:e6:bc:71:cf:41:8a:d9:0b:b1:0b:
                    27:f0:6e:7e:2e:cb:97:52:8f:40:dc:7d:a3:0b:b6:
                    bf:1a:cf:89:bb:64:8c:70:72:c4:2c:b9:1d:5d:0d:
                    65:1d:e1:c8:67:9e:4a:08:a8:f6:55:85:5f:b3:6c:
                    06:02:bd:42:eb:1a:12:46:44:32:d8:3e:4c:4d:ea:
                    c2:ba:a6:90:f1:60:e3:f0:55:23:0d:2b:8c:2d:30:
                    a2:3c:52:31:d3:ef:86:d2:a9:50:b3:8a:3f:66:39:
                    8a:13:e9:fb:40:c7:8e:b4:8e:c5:06:46:b7:aa:30:
                    dd:5d:04:63:05:1a:40:dc:83:1e:d1:2f:6e:f7:30:
                    3a:0c:b7:65:ea:65:34:02:3e:df:36:f4:d4:78:9a:
                    44:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:5A:8B:6E:3C:D8:C1:D2:9B:B1:0C:66:61:3E:8A:B0:06:13:21:59
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:a9:cc:79:0e:68:41:c4:eb:24:e2:65:e8:26:1a:75:b3:80:
         9f:32:66:58:26:a2:63:fd:64:5b:b0:46:ce:be:b9:c8:39:77:
         ef:92:a5:df:27:53:01:b3:6a:f6:33:57:d4:f6:4d:7f:eb:aa:
         2e:69:06:d1:8d:ba:ca:b5:16:b7:00:ee:c9:b0:76:cb:af:2f:
         4d:d4:61:a7:85:3f:02:0d:48:d4:6b:16:ae:d6:9b:ed:b5:eb:
         65:6b:e7:42:40:48:08:f7:e2:3d:55:dc:dd:68:32:c6:98:b9:
         4f:54:05:bf:53:e7:6a:e9:dd:e5:36:c9:cc:ad:dc:24:1c:f5:
         83:1e:5e:79:ca:d8:8f:c6:c4:1d:81:8e:f6:19:d8:5c:8e:e2:
         dc:7f:fe:9a:c2:f9:d6:37:14:ac:1f:04:f4:5e:f7:1c:d0:9a:
         d9:d0:cd:6f:9e:56:78:70:12:83:d7:7d:27:93:e0:2c:b7:3c:
         24:1c:d4:2a:3f:fb:10:71:38:8a:61:37:de:41:7e:ee:22:51:
         bb:3a:10:cf:bc:b3:a6:01:f7:5e:20:83:0d:0e:2e:8c:8a:6d:
         51:12:be:9a:41:f0:29:db:d3:7d:57:b6:18:cf:d6:6d:58:d0:
         0b:c6:c7:02:dd:2c:06:71:6e:a6:af:33:a5:45:7c:b8:4f:68:
         78:7f:5f:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4/NYMPZkpoy+ggqnnaarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUxMTA0MjIwMTQ3WhcNMjUxMTA1MjIwMTQ3WjAzMTEwLwYDVQQD
Eyg0NDVhOGI2ZTNjZDhjMWQyOWJiMTBjNjY2MTNlOGFiMDA2MTMyMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMnBXlH17VQNE2+isWh8IQEnHlK3
nX1N7vu4B4fxXaC3f5vgwl2kpYMFRPvHGSwvDGhn3eAgs82UezJREN9sJwHj27HV
t2UR4Utlhp+q2mDHrX6tGXDO41+2+uW7GaKlsMTsIyDJ8oCJgp8VS+a8cc9BitkL
sQsn8G5+LsuXUo9A3H2jC7a/Gs+Ju2SMcHLELLkdXQ1lHeHIZ55KCKj2VYVfs2wG
Ar1C6xoSRkQy2D5MTerCuqaQ8WDj8FUjDSuMLTCiPFIx0++G0qlQs4o/ZjmKE+n7
QMeOtI7FBka3qjDdXQRjBRpA3IMe0S9u9zA6DLdl6mU0Aj7fNvTUeJpEGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERai2482MHSm7EMZmE+irAGEyFZMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAianMeQ5o
QcTrJOJl6CYadbOAnzJmWCaiY/1kW7BGzr65yDl375Kl3ydTAbNq9jNX1PZNf+uq
LmkG0Y26yrUWtwDuybB2y68vTdRhp4U/Ag1I1GsWrtab7bXrZWvnQkBICPfiPVXc
3Wgyxpi5T1QFv1Pnaund5TbJzK3cJBz1gx5eecrYj8bEHYGO9hnYXI7i3H/+msL5
1jcUrB8E9F73HNCa2dDNb55WeHASg9d9J5PgLLc8JBzUKj/7EHE4imE33kF+7iJR
uzoQz7yzpgH3XiCDDQ4ujIptURK+mkHwKdvTfVe2GM/WbVjQC8bHAt0sBnFupq8z
pUV8uE9oeH9fRw==
-----END CERTIFICATE-----