Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
File:                     NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json)
Hash identifier:          xTjfDGi5OQ9StZEZcHLG/fr6q1RW67UAMRXE9FXHHB4=
Subject key identifier:   F7:C5:A5:FC:B9:37:F3:27:A5:7E:BB:A1:40:89:1D:05:A2:2C:97:0B
Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D
Certificate issuer:       /CN=36e054287dbe76062d1770d83c6a160000db0d7d
Certificate serial:       019D3865BC413412B5EC7639E7C0EE9411EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
Manifest number:          083B
Signing time:             Sun 29 Mar 2026 07:01:24 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:24 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:24 +0000
Files and hashes:         1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: l4UhAePLQgRkVeroq6Bo7VJuEpTuUxVxDVWuVHvGVKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:bc:41:34:12:b5:ec:76:39:e7:c0:ee:94:11:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d
        Validity
            Not Before: Mar 29 07:01:24 2026 GMT
            Not After : Mar 30 07:01:24 2026 GMT
        Subject: CN=f7c5a5fcb937f327a57ebba140891d05a22c970b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c1:ec:7a:c6:ac:14:41:6a:32:32:51:63:0f:
                    4c:de:12:86:a6:78:58:4c:82:10:ca:ad:76:6f:ac:
                    29:86:5b:82:3a:0b:de:c7:ad:e8:de:40:74:45:f8:
                    30:aa:42:b8:f8:8d:28:9e:08:8a:16:8f:1c:45:6e:
                    b7:84:05:bc:ba:f4:27:65:30:bf:e3:4b:a0:66:73:
                    84:b4:e3:6d:a1:c7:89:e0:c4:10:28:06:64:1a:8a:
                    8e:61:d0:69:27:10:4f:8b:35:46:d8:96:fc:09:cc:
                    49:c4:8d:52:ad:8c:22:f2:85:6e:9f:16:39:28:94:
                    e3:c4:20:5a:cb:54:a2:06:08:90:89:2d:a4:12:ea:
                    88:37:c7:a5:8b:f1:74:0a:0f:cc:f3:e4:20:7c:8c:
                    1d:f8:b3:db:ba:f1:b8:0e:83:04:63:96:e8:f8:6b:
                    d8:91:7b:e8:68:d4:01:6b:0a:68:af:60:a5:3a:bb:
                    51:03:8c:b6:b1:db:ca:45:81:f2:cc:f6:a2:b2:07:
                    63:72:68:c4:18:8a:6c:fd:4a:c7:3e:5a:46:83:07:
                    3b:ad:c5:30:1f:c0:2a:61:df:35:2c:fe:ee:c0:6a:
                    4a:8e:3d:43:dd:a3:4d:e0:4d:1b:77:28:2d:6b:91:
                    ec:bb:17:55:0a:f7:b9:ce:0c:07:70:86:49:2f:59:
                    6f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:C5:A5:FC:B9:37:F3:27:A5:7E:BB:A1:40:89:1D:05:A2:2C:97:0B
            X509v3 Authority Key Identifier:
                keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:4a:63:c8:c2:f0:f3:b7:47:10:16:b9:10:ba:58:72:1e:2d:
         8f:45:18:58:68:45:bb:2f:b2:56:af:df:44:53:56:21:ed:80:
         45:58:a2:5f:b8:75:ae:b9:86:dd:e0:8b:7b:2d:bc:62:6e:db:
         d5:8b:ea:d3:12:da:ec:39:a4:25:91:54:d2:3e:7e:48:f9:ce:
         96:e4:d0:8a:2e:75:ff:00:d8:b2:e7:0a:ab:49:e2:50:07:52:
         78:c7:fe:93:17:c1:11:96:f5:db:4e:0c:df:8a:f2:82:92:5e:
         81:ee:ce:75:b9:d3:a9:ce:1c:b4:c1:89:92:c7:15:6a:33:1a:
         8a:8d:0c:71:7c:0d:1c:ce:27:8f:04:b7:90:d1:45:a0:58:cc:
         68:60:72:2f:b2:28:c6:bf:09:86:41:41:ee:87:95:39:1d:d6:
         09:4c:11:29:df:66:b8:46:b5:57:2b:a1:4b:22:6d:db:c7:c0:
         40:44:8a:dc:e2:fd:d5:4d:22:5d:7c:df:26:14:8c:4c:d6:0d:
         7a:b1:4a:42:fd:af:e1:b7:c1:26:1d:2b:4d:82:cc:02:bb:99:
         18:43:81:e5:57:ab:70:f9:85:aa:fb:cc:3e:70:69:5c:69:49:
         45:d4:12:77:be:85:e1:53:4a:aa:d5:2f:64:66:66:e6:40:ac:
         ff:7c:50:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbxBNBK17HY558DulBHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk
YjBkN2QwHhcNMjYwMzI5MDcwMTI0WhcNMjYwMzMwMDcwMTI0WjAzMTEwLwYDVQQD
EyhmN2M1YTVmY2I5MzdmMzI3YTU3ZWJiYTE0MDg5MWQwNWEyMmM5NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cHsesasFEFqMjJRYw9M3hKGpnhY
TIIQyq12b6wphluCOgvex63o3kB0RfgwqkK4+I0ongiKFo8cRW63hAW8uvQnZTC/
40ugZnOEtONtoceJ4MQQKAZkGoqOYdBpJxBPizVG2Jb8CcxJxI1SrYwi8oVunxY5
KJTjxCBay1SiBgiQiS2kEuqIN8eli/F0Cg/M8+QgfIwd+LPbuvG4DoMEY5bo+GvY
kXvoaNQBawpor2ClOrtRA4y2sdvKRYHyzPaisgdjcmjEGIps/UrHPlpGgwc7rcUw
H8AqYd81LP7uwGpKjj1D3aNN4E0bdygta5HsuxdVCve5zgwHcIZJL1lvMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfFpfy5N/MnpX67oUCJHQWiLJcLMB8GA1UdIwQY
MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt
YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl
LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjkpjyMLw
87dHEBa5ELpYch4tj0UYWGhFuy+yVq/fRFNWIe2ARViiX7h1rrmG3eCLey28Ym7b
1Yvq0xLa7DmkJZFU0j5+SPnOluTQii51/wDYsucKq0niUAdSeMf+kxfBEZb1204M
34rygpJege7OdbnTqc4ctMGJkscVajMaio0McXwNHM4njwS3kNFFoFjMaGByL7Io
xr8JhkFB7oeVOR3WCUwRKd9muEa1VyuhSyJt28fAQESK3OL91U0iXXzfJhSMTNYN
erFKQv2v4bfBJh0rTYLMAruZGEOB5VercPmFqvvMPnBpXGlJRdQSd76F4VNKqtUv
ZGZm5kCs/3xQpg==
-----END CERTIFICATE-----