Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          GbsJrUOUOBSFOf6AJ/yZiyGwrzikvBaCE9F6mm6doFg=
Subject key identifier:   B4:38:E9:6B:39:20:DA:6F:EC:BD:5E:E5:52:AE:17:DB:A7:C6:0A:BC
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       01976D3E76E264E574E763509C2D8452BD3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          053B
Signing time:             Sat 14 Jun 2025 07:01:39 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:39 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:39 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: sAa/krCoy0yVax9Bv6BZYDZ9ZSYGkv7g07EyuvYhXCQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:76:e2:64:e5:74:e7:63:50:9c:2d:84:52:bd:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Jun 14 07:01:39 2025 GMT
            Not After : Jun 15 07:01:39 2025 GMT
        Subject: CN=b438e96b3920da6fecbd5ee552ae17dba7c60abc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:3d:9a:99:81:12:92:97:ca:02:09:48:88:9f:
                    58:cd:57:44:45:16:c9:9c:4a:25:91:6f:f5:e1:9c:
                    8e:7f:9c:ec:3a:d2:cc:c2:3e:6c:ea:b1:7f:7b:a3:
                    13:f9:4f:a7:b9:98:ad:de:20:1d:54:b7:60:8b:1e:
                    d5:e7:4d:f5:8a:07:10:8d:66:d2:77:b4:9c:e5:36:
                    7c:75:04:0f:c7:75:60:51:f2:e5:5f:b1:6b:4a:76:
                    f9:7f:eb:c7:e2:bf:f3:a4:d1:b1:9b:e9:49:e0:a1:
                    59:03:5f:07:25:6a:8b:e6:ee:90:ff:88:2e:17:46:
                    55:af:35:3f:a0:ee:73:44:9d:8c:51:41:16:20:90:
                    8a:d7:12:c8:74:b0:22:c5:7b:7f:df:b7:c0:0b:da:
                    60:ff:7a:a9:4c:64:52:e6:5b:81:ec:35:14:4a:14:
                    76:aa:ae:33:bd:a7:4e:a4:0e:7a:8d:bd:c9:8a:63:
                    5a:da:b6:51:fb:a2:3d:41:90:fa:af:74:0d:ef:06:
                    c8:80:c0:fc:fa:06:fd:73:49:dc:f3:ca:d8:4c:f1:
                    0b:f6:f2:04:52:f3:78:80:87:7a:99:71:c1:ee:da:
                    3c:69:89:45:fc:fc:84:87:18:5f:bf:8f:ab:fa:43:
                    c7:2b:08:89:79:e1:33:5c:d8:ca:6e:1e:96:4f:fc:
                    34:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:38:E9:6B:39:20:DA:6F:EC:BD:5E:E5:52:AE:17:DB:A7:C6:0A:BC
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:fe:05:15:85:30:a7:49:9f:26:84:1e:a0:e9:5e:c6:36:ea:
         49:52:45:1a:c9:f2:5b:d8:d8:ff:a4:6f:8b:ff:46:e2:a9:fb:
         50:7a:18:39:4d:a3:2e:2f:0f:ad:7c:92:36:fc:7c:a9:79:d7:
         09:68:b1:3f:ba:62:65:c4:0b:1d:b9:8f:a3:37:50:35:1c:1c:
         d1:4a:8b:26:0d:50:da:10:24:df:6d:2c:fe:10:5e:63:a8:3c:
         56:1d:b3:32:8b:69:0e:fa:31:0a:ac:1b:76:24:1b:fd:f1:85:
         9a:bc:25:7f:95:d9:a8:a0:d1:9a:82:fd:be:8b:6b:ac:da:4e:
         6c:cc:33:96:d7:01:2a:a0:b2:dd:c0:d2:c8:a5:d3:82:93:81:
         f9:95:a8:77:22:28:c8:cf:2e:85:59:6b:da:40:26:9d:8b:28:
         7e:47:0d:cb:35:6b:1c:5b:59:28:e1:ea:05:1b:15:cd:51:c8:
         52:3b:0e:0a:a4:3b:6b:7e:1d:a3:4c:14:47:87:ce:75:ea:6a:
         9e:d0:e8:87:67:ca:03:9e:66:c0:7d:09:9e:a0:46:cd:ba:38:
         4a:d3:48:1f:cb:b5:6e:a1:3c:56:0c:ed:b4:ab:d5:d8:8f:b6:
         7c:fe:af:b2:fd:d8:3b:85:b9:63:b4:66:4b:60:3a:dd:d9:11:
         9a:fc:e0:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPnbiZOV052NQnC2EUr0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUwNjE0MDcwMTM5WhcNMjUwNjE1MDcwMTM5WjAzMTEwLwYDVQQD
EyhiNDM4ZTk2YjM5MjBkYTZmZWNiZDVlZTU1MmFlMTdkYmE3YzYwYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3j2amYESkpfKAglIiJ9YzVdERRbJ
nEolkW/14ZyOf5zsOtLMwj5s6rF/e6MT+U+nuZit3iAdVLdgix7V5031igcQjWbS
d7Sc5TZ8dQQPx3VgUfLlX7FrSnb5f+vH4r/zpNGxm+lJ4KFZA18HJWqL5u6Q/4gu
F0ZVrzU/oO5zRJ2MUUEWIJCK1xLIdLAixXt/37fAC9pg/3qpTGRS5luB7DUUShR2
qq4zvadOpA56jb3JimNa2rZR+6I9QZD6r3QN7wbIgMD8+gb9c0nc88rYTPEL9vIE
UvN4gId6mXHB7to8aYlF/PyEhxhfv4+r+kPHKwiJeeEzXNjKbh6WT/w02wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQ46Ws5INpv7L1e5VKuF9unxgq8MB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZP4FFYUw
p0mfJoQeoOlexjbqSVJFGsnyW9jY/6Rvi/9G4qn7UHoYOU2jLi8PrXySNvx8qXnX
CWixP7piZcQLHbmPozdQNRwc0UqLJg1Q2hAk320s/hBeY6g8Vh2zMotpDvoxCqwb
diQb/fGFmrwlf5XZqKDRmoL9votrrNpObMwzltcBKqCy3cDSyKXTgpOB+ZWodyIo
yM8uhVlr2kAmnYsofkcNyzVrHFtZKOHqBRsVzVHIUjsOCqQ7a34do0wUR4fOdepq
ntDoh2fKA55mwH0JnqBGzbo4StNIH8u1bqE8VgzttKvV2I+2fP6vsv3YO4W5Y7Rm
S2A63dkRmvzgiQ==
-----END CERTIFICATE-----