Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          Lwf4ygymHw5atf2rPPqT9axQUIniEqtK5QN0vM4hzrk=
Subject key identifier:   71:1D:DC:84:E9:A5:95:09:0D:A8:96:F3:F8:A7:55:9B:EC:3F:64:80
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       019A71B85F017BF39A14065A5D925235A73C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          06CB
Signing time:             Tue 11 Nov 2025 07:01:39 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:39 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:39 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: KlIWGfCWVY9jD3HgRBV4+F8rtFz+OwOnSbOBk6TTIx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:5f:01:7b:f3:9a:14:06:5a:5d:92:52:35:a7:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Nov 11 07:01:39 2025 GMT
            Not After : Nov 12 07:01:39 2025 GMT
        Subject: CN=711ddc84e9a595090da896f3f8a7559bec3f6480
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:29:94:8b:da:04:c6:1d:9c:c8:5f:10:80:89:
                    04:7b:d1:86:02:62:5a:05:ba:66:cb:3d:07:2e:e9:
                    27:b3:ae:ce:b1:a0:3f:01:f2:d8:30:00:0d:0e:6d:
                    96:7d:90:96:5e:e5:55:bd:65:ff:1f:f1:72:dc:4c:
                    0c:52:16:99:b4:1b:b1:bf:bd:0c:95:cd:25:19:d8:
                    c1:ff:55:8c:42:a7:82:a1:04:dc:5c:5c:20:e1:e7:
                    b7:97:88:7b:4f:b8:a7:3d:fe:1b:49:d8:03:30:20:
                    7b:b3:fe:e6:0b:55:22:26:68:7d:f2:f6:94:e4:6e:
                    86:1b:cb:c1:3c:6e:c4:98:68:6f:71:17:98:ea:ce:
                    48:97:85:ff:01:f9:d9:c1:05:33:30:ab:83:ef:72:
                    fb:83:71:8e:79:93:bf:b7:a7:4f:b0:e0:8e:19:35:
                    fd:3a:8f:0c:8d:70:b0:a8:af:f8:72:a0:67:f9:a2:
                    64:d6:a5:33:04:af:0e:54:2e:e9:4f:0b:ce:03:de:
                    d1:86:6b:21:44:06:1a:fa:32:a1:0f:c9:98:69:0a:
                    49:70:da:58:68:a6:80:1f:14:df:8c:88:e3:53:91:
                    fe:e6:2a:18:67:1f:cb:bc:0b:ec:b8:2e:4a:a3:52:
                    33:1a:64:6d:3c:94:bf:16:7c:cc:cf:e9:2f:32:85:
                    9d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:1D:DC:84:E9:A5:95:09:0D:A8:96:F3:F8:A7:55:9B:EC:3F:64:80
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:37:71:3b:b2:31:b7:a4:84:99:ba:55:59:80:2a:f9:a8:1e:
         aa:2b:c8:d5:8c:f8:93:f9:0e:10:70:89:d2:53:cc:91:25:15:
         59:c1:04:bf:73:c5:96:d0:35:53:99:c2:58:ab:21:74:f3:13:
         08:df:c3:31:ff:d7:de:25:7e:72:0c:2e:fb:41:e4:0b:81:2f:
         da:cf:c5:09:3e:03:a6:03:4b:1b:5a:f6:30:18:bf:13:23:cb:
         2e:0e:64:4f:07:01:03:94:49:6d:81:25:81:ac:25:7d:09:44:
         fc:55:4b:6d:e2:88:a6:64:c2:3b:fa:d4:67:09:96:13:fb:63:
         35:8b:40:51:f1:5a:3f:e6:f0:c2:56:ff:82:04:c8:da:6d:54:
         b8:10:ca:8b:fa:49:d6:86:e7:07:3c:b0:89:34:ae:6c:f1:76:
         d6:42:ef:9e:56:c7:77:fa:b6:8f:01:53:2c:be:16:72:8f:4b:
         08:93:48:32:59:2d:48:42:6e:16:39:d5:5c:1d:e3:dd:40:4c:
         61:eb:f7:f9:f5:51:b6:f9:92:61:aa:81:67:ca:7d:4e:43:a2:
         73:ae:78:10:3c:79:ee:c7:45:cc:77:5b:4f:c1:e3:46:30:ca:
         8a:9a:b1:19:69:75:b3:ad:42:42:b1:47:0e:f3:7c:06:ab:7d:
         90:b4:5c:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuF8Be/OaFAZaXZJSNac8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUxMTExMDcwMTM5WhcNMjUxMTEyMDcwMTM5WjAzMTEwLwYDVQQD
Eyg3MTFkZGM4NGU5YTU5NTA5MGRhODk2ZjNmOGE3NTU5YmVjM2Y2NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArymUi9oExh2cyF8QgIkEe9GGAmJa
Bbpmyz0HLukns67OsaA/AfLYMAANDm2WfZCWXuVVvWX/H/Fy3EwMUhaZtBuxv70M
lc0lGdjB/1WMQqeCoQTcXFwg4ee3l4h7T7inPf4bSdgDMCB7s/7mC1UiJmh98vaU
5G6GG8vBPG7EmGhvcReY6s5Il4X/AfnZwQUzMKuD73L7g3GOeZO/t6dPsOCOGTX9
Oo8MjXCwqK/4cqBn+aJk1qUzBK8OVC7pTwvOA97RhmshRAYa+jKhD8mYaQpJcNpY
aKaAHxTfjIjjU5H+5ioYZx/LvAvsuC5Ko1IzGmRtPJS/FnzMz+kvMoWd/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEd3ITppZUJDaiW8/inVZvsP2SAMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANjdxO7Ix
t6SEmbpVWYAq+ageqivI1Yz4k/kOEHCJ0lPMkSUVWcEEv3PFltA1U5nCWKshdPMT
CN/DMf/X3iV+cgwu+0HkC4Ev2s/FCT4DpgNLG1r2MBi/EyPLLg5kTwcBA5RJbYEl
gawlfQlE/FVLbeKIpmTCO/rUZwmWE/tjNYtAUfFaP+bwwlb/ggTI2m1UuBDKi/pJ
1obnBzywiTSubPF21kLvnlbHd/q2jwFTLL4Wco9LCJNIMlktSEJuFjnVXB3j3UBM
Yev3+fVRtvmSYaqBZ8p9TkOic654EDx57sdFzHdbT8HjRjDKipqxGWl1s61CQrFH
DvN8Bqt9kLRcMw==
-----END CERTIFICATE-----