Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          8hOORDkRzZgmdAsTZfSu1XFrGjcmM6VbqpzfGVzOOfI=
Subject key identifier:   63:5C:16:94:88:C7:10:54:69:FF:96:98:6D:60:7D:38:0A:2C:20:5F
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       0197488BE8D4F16001F6A7FCBF06CA72F3A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          0528
Signing time:             Sat 07 Jun 2025 04:00:18 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:18 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:18 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: MVzpWmQqKI8Ugzu6HvdJTbbTd5ApoaZpfGRdnq3oy48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8b:e8:d4:f1:60:01:f6:a7:fc:bf:06:ca:72:f3:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Jun  7 04:00:18 2025 GMT
            Not After : Jun  8 04:00:18 2025 GMT
        Subject: CN=635c169488c7105469ff96986d607d380a2c205f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:13:4e:c8:74:6c:1a:f3:28:b7:09:22:e9:03:
                    c9:af:87:09:a5:49:7c:ca:41:17:b2:9d:01:b3:56:
                    80:e5:57:97:b6:b9:86:d9:64:c5:05:af:49:bc:fc:
                    f2:d5:a8:c0:b2:26:e4:36:31:0d:6a:f6:5f:76:e6:
                    62:82:5c:be:21:b6:ad:68:bb:84:5e:43:6f:17:17:
                    0d:be:36:1b:a7:2f:d8:64:a2:4a:f8:09:89:e2:6c:
                    0c:99:07:d7:f9:33:5a:6f:11:03:a9:0d:ce:1e:26:
                    46:64:50:0a:28:21:bc:57:8f:47:8d:6f:ed:3c:b0:
                    1e:0a:f2:37:be:66:d3:c3:87:6f:37:b8:de:dc:4c:
                    1f:70:ae:6c:f1:6e:5e:16:3e:f0:8a:82:a7:23:71:
                    b3:e3:0c:ee:49:15:d2:dd:75:ca:ea:00:16:44:72:
                    0d:c9:09:6f:20:6e:71:34:a3:05:4e:e1:64:e8:63:
                    21:a4:93:7b:94:be:78:6a:58:28:6f:f7:e1:bd:a2:
                    a8:8a:f5:0c:db:c2:d7:87:79:83:46:fc:b9:6a:47:
                    1e:6d:11:f4:57:f8:7c:36:5b:89:e9:75:3a:32:3c:
                    47:e6:b3:bb:c0:26:5e:3e:98:b7:ea:01:ce:c3:dc:
                    1d:45:21:00:b1:4c:28:e6:c2:18:c0:89:ab:48:b1:
                    0f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:5C:16:94:88:C7:10:54:69:FF:96:98:6D:60:7D:38:0A:2C:20:5F
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:23:2d:43:8c:e2:2b:40:9b:7d:51:bb:45:36:b2:f9:a1:71:
         f1:d8:48:a4:20:3e:0f:ef:20:8f:d9:6f:51:44:d5:a8:49:0d:
         50:4b:33:7f:cc:06:1c:56:15:1b:eb:40:99:69:80:44:43:ed:
         9a:b2:e8:7b:1c:1e:9b:7f:77:b3:b6:9e:67:fc:5c:24:33:a0:
         e4:4f:7a:26:26:da:22:0e:68:08:1b:70:75:73:03:32:55:c9:
         67:cc:8c:2e:a2:2d:a0:7a:11:15:46:9b:84:8e:dd:3b:14:96:
         41:cb:fc:f5:9f:27:1f:09:83:8d:06:f8:ce:8d:7a:d4:07:81:
         d9:fc:2f:c8:4d:a0:28:fd:bb:59:05:8e:e0:3b:f0:7e:0f:1a:
         72:7f:ee:27:83:6d:7c:33:b6:b8:2e:a9:64:d4:a1:cc:3a:34:
         4a:31:0e:48:2a:4b:bf:04:69:67:98:0d:d6:59:10:55:d2:d1:
         9e:c7:5b:85:ce:03:7a:8d:bd:3a:f4:07:70:69:d1:17:4a:d7:
         c1:49:7d:48:96:b5:23:97:7e:e7:8b:bf:0a:96:b5:01:f7:7c:
         e0:46:1c:f8:44:7a:b2:5a:8a:2c:02:fa:53:a6:c7:69:72:32:
         a4:93:90:4b:6c:41:ba:38:21:8f:40:b6:85:3e:22:4a:e6:8c:
         9e:c7:55:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIi+jU8WAB9qf8vwbKcvOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUwNjA3MDQwMDE4WhcNMjUwNjA4MDQwMDE4WjAzMTEwLwYDVQQD
Eyg2MzVjMTY5NDg4YzcxMDU0NjlmZjk2OTg2ZDYwN2QzODBhMmMyMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxNOyHRsGvMotwki6QPJr4cJpUl8
ykEXsp0Bs1aA5VeXtrmG2WTFBa9JvPzy1ajAsibkNjENavZfduZigly+IbataLuE
XkNvFxcNvjYbpy/YZKJK+AmJ4mwMmQfX+TNabxEDqQ3OHiZGZFAKKCG8V49HjW/t
PLAeCvI3vmbTw4dvN7je3EwfcK5s8W5eFj7wioKnI3Gz4wzuSRXS3XXK6gAWRHIN
yQlvIG5xNKMFTuFk6GMhpJN7lL54algob/fhvaKoivUM28LXh3mDRvy5akcebRH0
V/h8NluJ6XU6MjxH5rO7wCZePpi36gHOw9wdRSEAsUwo5sIYwImrSLEPSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNcFpSIxxBUaf+WmG1gfTgKLCBfMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQSMtQ4zi
K0CbfVG7RTay+aFx8dhIpCA+D+8gj9lvUUTVqEkNUEszf8wGHFYVG+tAmWmAREPt
mrLoexwem393s7aeZ/xcJDOg5E96JibaIg5oCBtwdXMDMlXJZ8yMLqItoHoRFUab
hI7dOxSWQcv89Z8nHwmDjQb4zo161AeB2fwvyE2gKP27WQWO4Dvwfg8acn/uJ4Nt
fDO2uC6pZNShzDo0SjEOSCpLvwRpZ5gN1lkQVdLRnsdbhc4Deo29OvQHcGnRF0rX
wUl9SJa1I5d+54u/Cpa1Afd84EYc+ER6slqKLAL6U6bHaXIypJOQS2xBujghj0C2
hT4iSuaMnsdVSw==
-----END CERTIFICATE-----