Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          k76+TTQb9/CMt/p4r+NTcj+CwMVJ+VINt01In6Pm7mM=
Subject key identifier:   46:30:C5:FA:43:60:0C:34:B6:9E:8F:67:D7:F0:48:FA:E4:96:A9:95
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       019923A0EC300C79072BD66B0FE6C4B69F39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          061E
Signing time:             Sun 07 Sep 2025 10:02:52 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:52 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:52 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: 2SEFCCC/pimcGL6BKBlkRdSrilxBF0/vZKOv1rcoDaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:ec:30:0c:79:07:2b:d6:6b:0f:e6:c4:b6:9f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Sep  7 10:02:52 2025 GMT
            Not After : Sep  8 10:02:52 2025 GMT
        Subject: CN=4630c5fa43600c34b69e8f67d7f048fae496a995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:69:44:55:87:6f:3f:05:b8:93:77:a5:10:2c:
                    6b:fe:28:b5:dc:8b:19:d1:2a:96:ca:07:74:96:f3:
                    fc:b3:dd:78:c2:21:5e:a3:0e:27:e9:47:63:8d:3f:
                    9b:37:af:9c:fb:f4:2a:b8:63:e3:f0:12:99:0e:eb:
                    96:98:67:b5:a7:3a:fd:ac:24:00:25:12:d4:6b:dc:
                    2a:a7:9b:3a:bb:52:37:8b:f8:31:bc:44:86:b6:03:
                    c0:07:96:b1:39:12:56:e2:d0:01:29:c0:62:73:5d:
                    e8:2a:13:27:38:80:28:2f:96:c9:49:a8:eb:98:64:
                    55:6e:67:11:0e:b7:78:0f:73:92:be:1f:a8:d3:bc:
                    a3:f6:61:8b:26:4e:bd:9e:6c:d8:ec:64:18:16:70:
                    f8:cc:d8:4a:a2:a9:53:b4:39:dc:b9:2f:a5:8f:12:
                    3c:d2:c0:2b:d0:ba:2d:bc:c0:88:d9:d7:c4:db:e3:
                    a7:96:45:53:a4:c5:a4:9c:b7:2a:e7:56:29:23:17:
                    6a:2f:f8:38:79:07:90:f4:72:e4:4a:12:a4:fe:7a:
                    69:9c:ca:fc:b4:40:8e:33:a7:b6:c0:e0:d6:33:fb:
                    e7:30:a0:1d:40:e6:42:e7:4d:4b:d7:ef:24:d4:54:
                    5c:86:a5:68:9b:cd:ff:85:45:e9:33:b3:5a:94:ae:
                    5b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:30:C5:FA:43:60:0C:34:B6:9E:8F:67:D7:F0:48:FA:E4:96:A9:95
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:34:14:27:d2:93:52:74:65:9c:86:53:12:03:3e:2e:35:fb:
         b3:94:8b:d7:df:6e:3a:1f:d8:70:36:68:c5:85:6b:92:1d:ae:
         28:db:49:38:36:cd:14:40:2a:72:7b:34:23:0f:d5:a5:64:06:
         dd:d8:ab:47:ae:07:fc:25:60:09:17:e3:5c:5b:07:b4:4a:e0:
         7e:a1:df:c5:81:27:78:e0:e7:17:56:6d:c7:f3:c7:74:82:b3:
         0d:7e:53:74:2d:f0:e0:f3:1e:df:2c:4a:4c:2c:b1:d2:88:7c:
         11:ad:81:ed:fb:01:9e:b9:c3:1b:06:03:07:67:5c:19:2f:72:
         54:c9:78:26:f5:5f:0a:f1:34:f3:78:6a:1c:56:d7:73:4a:b8:
         b8:b3:d8:1b:e3:ca:72:ef:7b:89:6f:9f:2e:d4:1d:0c:2a:51:
         9f:40:6c:9b:6e:19:62:7a:37:c9:5b:4e:40:df:82:f7:3d:cc:
         52:c2:70:3d:15:12:72:67:fc:68:a9:77:b8:6c:89:82:2c:9d:
         8a:70:c0:78:ae:a8:f7:e0:34:fd:b7:d0:42:c8:84:8b:c4:22:
         3d:45:a8:14:f1:c4:ba:ff:36:12:1c:3e:5e:1e:53:a7:8f:bf:
         ba:fd:60:f9:8d:58:c2:e7:69:0c:43:3d:53:03:14:0a:1e:fe:
         65:ff:2c:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoOwwDHkHK9ZrD+bEtp85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUwOTA3MTAwMjUyWhcNMjUwOTA4MTAwMjUyWjAzMTEwLwYDVQQD
Eyg0NjMwYzVmYTQzNjAwYzM0YjY5ZThmNjdkN2YwNDhmYWU0OTZhOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2lEVYdvPwW4k3elECxr/ii13IsZ
0SqWygd0lvP8s914wiFeow4n6UdjjT+bN6+c+/QquGPj8BKZDuuWmGe1pzr9rCQA
JRLUa9wqp5s6u1I3i/gxvESGtgPAB5axORJW4tABKcBic13oKhMnOIAoL5bJSajr
mGRVbmcRDrd4D3OSvh+o07yj9mGLJk69nmzY7GQYFnD4zNhKoqlTtDncuS+ljxI8
0sAr0LotvMCI2dfE2+OnlkVTpMWknLcq51YpIxdqL/g4eQeQ9HLkShKk/nppnMr8
tECOM6e2wODWM/vnMKAdQOZC501L1+8k1FRchqVom83/hUXpM7NalK5bIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYwxfpDYAw0tp6PZ9fwSPrklqmVMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAajQUJ9KT
UnRlnIZTEgM+LjX7s5SL199uOh/YcDZoxYVrkh2uKNtJODbNFEAqcns0Iw/VpWQG
3dirR64H/CVgCRfjXFsHtErgfqHfxYEneODnF1Ztx/PHdIKzDX5TdC3w4PMe3yxK
TCyx0oh8Ea2B7fsBnrnDGwYDB2dcGS9yVMl4JvVfCvE083hqHFbXc0q4uLPYG+PK
cu97iW+fLtQdDCpRn0Bsm24ZYno3yVtOQN+C9z3MUsJwPRUScmf8aKl3uGyJgiyd
inDAeK6o9+A0/bfQQsiEi8QiPUWoFPHEuv82Ehw+Xh5Tp4+/uv1g+Y1YwudpDEM9
UwMUCh7+Zf8shw==
-----END CERTIFICATE-----