Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          sZ7UYBGqTZ8iOxVrOcKrQugajiNlW1MkD8of56aTsJ0=
Subject key identifier:   28:CF:63:AB:79:B3:71:F5:DA:CA:68:20:6A:40:8A:C5:BB:51:2F:E0
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       019510C7F78DEFA0A6DFA4DC17215CC8BFE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          0402
Signing time:             Sun 16 Feb 2025 22:01:35 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:35 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:35 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: vm0lbt3y4djv20bMOKe1eojv+0teq2WIIGBm+pZcwy8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:f7:8d:ef:a0:a6:df:a4:dc:17:21:5c:c8:bf:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Feb 16 22:01:35 2025 GMT
            Not After : Feb 17 22:01:35 2025 GMT
        Subject: CN=28cf63ab79b371f5daca68206a408ac5bb512fe0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e0:3e:53:d7:69:29:a6:84:25:f5:0f:1e:85:
                    c9:45:c0:76:15:7e:75:87:29:a9:b5:e0:49:3b:e0:
                    b1:1e:9d:b8:b6:fb:02:16:e2:4b:9b:ff:1a:73:0d:
                    e1:d6:05:6a:b9:58:c6:e5:e0:35:f0:42:73:58:59:
                    ac:a0:1e:c0:94:3e:08:84:8f:dc:c3:fd:bf:9c:ed:
                    1e:5f:8b:23:a1:7f:1f:7c:06:d9:58:4b:13:a0:05:
                    f6:a0:26:ab:ad:e6:70:4d:f8:5c:e2:8c:a6:1f:1b:
                    be:03:fa:7e:51:1c:a6:23:66:c7:ff:23:ff:57:7f:
                    50:61:32:91:a4:12:7a:4f:fa:54:25:50:04:83:44:
                    3d:b1:47:de:d4:89:69:a2:20:bd:e0:24:fd:50:21:
                    9b:8b:0b:df:a1:f4:06:98:2b:42:6a:b7:0c:e8:66:
                    4a:d3:e4:37:4a:c9:d9:aa:e5:1c:51:e8:0d:bb:ce:
                    54:c1:b5:bd:1f:da:7d:41:39:99:b5:44:6d:71:cf:
                    9a:a2:b6:2f:1b:88:bc:81:5f:54:6d:e1:36:78:7d:
                    1d:95:7c:1c:01:70:06:18:8f:a8:d5:c5:76:74:b4:
                    f8:0a:71:1d:de:74:ad:4a:da:57:03:66:0a:0a:41:
                    c7:6a:25:7e:41:71:ba:74:92:90:44:f5:92:f8:cb:
                    57:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:CF:63:AB:79:B3:71:F5:DA:CA:68:20:6A:40:8A:C5:BB:51:2F:E0
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:3a:18:0e:04:d5:af:04:40:ad:e7:da:e2:01:7d:29:a7:14:
         05:63:75:1c:f5:c9:48:45:1b:90:96:0f:80:74:12:83:0e:a3:
         1d:64:0f:9b:0e:de:48:f0:30:b4:91:e4:e5:49:f6:6b:ea:d4:
         8e:80:cd:e2:d6:cf:9a:f3:d2:1a:0b:bc:04:f7:b7:12:2e:3f:
         c6:c7:90:97:ce:87:30:f4:19:0b:41:2c:e7:76:31:5e:43:3d:
         08:82:db:ea:d9:5d:ca:d1:b5:6a:6c:a2:07:ca:37:23:15:4a:
         71:3a:27:fc:07:42:78:cc:63:60:1a:5b:cf:4a:c5:5e:52:89:
         c4:14:23:a0:0c:0f:64:f1:cd:76:e9:16:99:7a:60:b5:15:fb:
         c4:99:db:47:58:dc:9b:12:5b:60:4d:04:38:e9:a5:b8:12:77:
         d3:13:7e:98:06:b6:0c:40:55:a7:cb:07:db:b5:4a:86:a7:e1:
         c3:8c:ef:34:f7:af:02:00:3d:e6:53:8e:ea:f5:ee:20:90:bc:
         1c:d4:a3:53:08:39:2a:ce:3c:e9:a5:ac:f0:2e:bf:06:bc:f1:
         a3:d2:72:8b:ce:47:9a:a2:1c:b5:de:9a:1c:fb:04:1c:e8:86:
         d5:1b:8b:fc:13:4c:e6:19:7a:25:31:60:da:9c:60:dc:c4:cd:
         4e:9c:9c:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx/eN76Cm36TcFyFcyL/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjUwMjE2MjIwMTM1WhcNMjUwMjE3MjIwMTM1WjAzMTEwLwYDVQQD
EygyOGNmNjNhYjc5YjM3MWY1ZGFjYTY4MjA2YTQwOGFjNWJiNTEyZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuA+U9dpKaaEJfUPHoXJRcB2FX51
hympteBJO+CxHp24tvsCFuJLm/8acw3h1gVquVjG5eA18EJzWFmsoB7AlD4IhI/c
w/2/nO0eX4sjoX8ffAbZWEsToAX2oCarreZwTfhc4oymHxu+A/p+URymI2bH/yP/
V39QYTKRpBJ6T/pUJVAEg0Q9sUfe1IlpoiC94CT9UCGbiwvfofQGmCtCarcM6GZK
0+Q3SsnZquUcUegNu85UwbW9H9p9QTmZtURtcc+aorYvG4i8gV9UbeE2eH0dlXwc
AXAGGI+o1cV2dLT4CnEd3nStStpXA2YKCkHHaiV+QXG6dJKQRPWS+MtXnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjPY6t5s3H12spoIGpAisW7US/gMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASDoYDgTV
rwRArefa4gF9KacUBWN1HPXJSEUbkJYPgHQSgw6jHWQPmw7eSPAwtJHk5Un2a+rU
joDN4tbPmvPSGgu8BPe3Ei4/xseQl86HMPQZC0Es53YxXkM9CILb6tldytG1amyi
B8o3IxVKcTon/AdCeMxjYBpbz0rFXlKJxBQjoAwPZPHNdukWmXpgtRX7xJnbR1jc
mxJbYE0EOOmluBJ30xN+mAa2DEBVp8sH27VKhqfhw4zvNPevAgA95lOO6vXuIJC8
HNSjUwg5Ks486aWs8C6/Brzxo9Jyi85HmqIctd6aHPsEHOiG1RuL/BNM5hl6JTFg
2pxg3MTNTpycTw==
-----END CERTIFICATE-----