Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          ZyIAN+sZUT53nJ4wd8pxQLd4axxmUpawR8w8BbeeN4E=
Subject key identifier:   71:32:04:2C:B3:9F:C6:9D:64:A0:63:B8:BD:8F:3C:FE:49:7A:B8:15
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       0196741E8FDCA013B934FE61290BACA8D852
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          04BA
Signing time:             Sat 26 Apr 2025 22:01:21 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:21 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:21 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: Bk22mrKyA0V6aIGfs/zNLGVnrTKYj8wzrzr+V7viz94=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:8f:dc:a0:13:b9:34:fe:61:29:0b:ac:a8:d8:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Apr 26 22:01:21 2025 GMT
            Not After : Apr 27 22:01:21 2025 GMT
        Subject: CN=7132042cb39fc69d64a063b8bd8f3cfe497ab815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e0:26:0a:72:63:79:78:1d:3f:f6:87:5a:ee:
                    d8:08:ee:6b:5b:38:6f:69:de:df:33:ca:2a:46:ac:
                    e8:70:a0:a3:5b:ef:7e:f8:a9:ed:8c:20:4b:f3:e8:
                    30:89:56:cf:b8:e7:80:4f:6f:c4:5e:0e:f7:6d:93:
                    2c:38:fb:61:d3:c4:92:17:ac:02:de:68:67:b8:c6:
                    e1:fe:88:1c:89:af:9b:3c:30:b3:36:74:28:82:de:
                    a0:bd:f9:c7:e1:1d:9d:44:33:98:c1:bb:f1:98:8a:
                    a1:17:9e:63:c7:c1:6c:9a:0c:89:3c:83:af:af:13:
                    96:15:f7:eb:53:7f:c2:17:ee:21:d8:dc:34:96:ca:
                    de:68:14:f9:5b:ee:9c:c2:50:4c:91:b1:43:e9:45:
                    10:96:d0:ad:9b:c7:6d:bf:15:e3:3f:8f:82:6a:fe:
                    a6:dd:bf:45:00:90:b5:46:9b:83:5c:0d:79:e4:25:
                    ca:bc:37:9e:26:7d:94:45:3a:b0:92:20:5a:39:88:
                    ed:3f:9b:96:e9:32:b1:d0:75:31:11:89:32:6a:c8:
                    94:4e:e3:48:a9:77:bb:4a:28:c7:6d:38:ab:4f:b6:
                    7b:f6:ec:29:fa:53:93:a0:9a:f5:bf:f8:81:84:55:
                    2e:d6:fb:b4:f5:7b:0d:dd:26:4d:b3:bd:d8:96:e9:
                    76:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:32:04:2C:B3:9F:C6:9D:64:A0:63:B8:BD:8F:3C:FE:49:7A:B8:15
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:48:54:42:2d:79:73:28:bf:b5:c4:52:92:b4:96:8c:38:0d:
         0c:1e:52:d0:20:7b:d4:84:a8:ae:40:59:db:01:3a:a5:75:a8:
         aa:24:56:ae:d7:e8:4a:86:f1:8f:ab:f7:39:a6:69:74:2a:00:
         90:bf:eb:6a:5d:4e:4e:21:84:60:b9:6b:0e:7b:62:a1:c9:11:
         f3:6d:ce:a8:87:be:b7:5a:b7:bb:32:7d:a3:f7:e6:f0:df:6e:
         fd:e8:7b:80:dc:a0:50:a3:d6:6c:f1:e4:f3:5b:c6:5d:e5:1c:
         a9:72:ad:6d:8d:39:34:19:cc:fd:fa:ed:44:b4:51:85:83:3b:
         89:bc:f5:0e:a7:f0:1b:ff:37:16:de:59:1a:55:b5:f7:c5:94:
         81:53:30:f4:d4:8e:95:25:f1:e1:c2:aa:a0:0f:e3:5a:c3:8f:
         e7:b7:47:bf:0f:71:c0:4c:46:a8:8b:a9:9f:b5:61:5e:43:8a:
         9f:ca:0a:97:5d:80:60:62:79:e1:77:8e:0f:c2:1d:b5:0f:8b:
         b0:be:c3:a8:8b:91:d5:f5:1f:b9:bd:97:2a:f8:f2:e0:7d:c9:
         09:89:09:8b:e7:75:8d:f3:d3:ac:45:09:8d:f0:35:4d:7c:69:
         ff:95:ce:5b:48:05:72:f0:c8:d2:2a:62:4c:67:cd:9d:a2:6c:
         b8:c6:27:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0Ho/coBO5NP5hKQusqNhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUwNDI2MjIwMTIxWhcNMjUwNDI3MjIwMTIxWjAzMTEwLwYDVQQD
Eyg3MTMyMDQyY2IzOWZjNjlkNjRhMDYzYjhiZDhmM2NmZTQ5N2FiODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuAmCnJjeXgdP/aHWu7YCO5rWzhv
ad7fM8oqRqzocKCjW+9++KntjCBL8+gwiVbPuOeAT2/EXg73bZMsOPth08SSF6wC
3mhnuMbh/ogcia+bPDCzNnQogt6gvfnH4R2dRDOYwbvxmIqhF55jx8FsmgyJPIOv
rxOWFffrU3/CF+4h2Nw0lsreaBT5W+6cwlBMkbFD6UUQltCtm8dtvxXjP4+Cav6m
3b9FAJC1RpuDXA155CXKvDeeJn2URTqwkiBaOYjtP5uW6TKx0HUxEYkyasiUTuNI
qXe7SijHbTirT7Z79uwp+lOToJr1v/iBhFUu1vu09XsN3SZNs73Ylul2cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEyBCyzn8adZKBjuL2PPP5JergVMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMUhUQi15
cyi/tcRSkrSWjDgNDB5S0CB71ISorkBZ2wE6pXWoqiRWrtfoSobxj6v3OaZpdCoA
kL/ral1OTiGEYLlrDntiockR823OqIe+t1q3uzJ9o/fm8N9u/eh7gNygUKPWbPHk
81vGXeUcqXKtbY05NBnM/frtRLRRhYM7ibz1DqfwG/83Ft5ZGlW198WUgVMw9NSO
lSXx4cKqoA/jWsOP57dHvw9xwExGqIupn7VhXkOKn8oKl12AYGJ54XeOD8IdtQ+L
sL7DqIuR1fUfub2XKvjy4H3JCYkJi+d1jfPTrEUJjfA1TXxp/5XOW0gFcvDI0ipi
TGfNnaJsuMYnqw==
-----END CERTIFICATE-----