Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: 3e5PEYEAHrCXgj4zdVYaYnkqj0yT39tuPnBNqpmZoLM=
Subject key identifier: C9:D0:27:97:AD:70:B2:48:28:1D:48:8E:7D:CA:2E:E6:8F:11:BB:54
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019EC336EBA5DF0AFD16997D6106AFE30D47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 1522
Signing time: Sat 13 Jun 2026 23:00:16 +0000
Manifest this update: Sat 13 Jun 2026 23:00:16 +0000
Manifest next update: Sun 14 Jun 2026 23:00:16 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: 2IvYwfwalw1wek9pyHQT4WUzTuqC7t74PZf9FGPXhH8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 19:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c3:36:eb:a5:df:0a:fd:16:99:7d:61:06:af:e3:0d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Jun 13 23:00:16 2026 GMT
Not After : Jun 14 23:00:16 2026 GMT
Subject: CN=c9d02797ad70b248281d488e7dca2ee68f11bb54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:e4:e5:10:72:f7:56:87:39:c5:72:5f:fc:
18:bb:98:5e:f6:c5:9d:83:b6:2b:d7:52:b1:a3:62:
79:60:89:db:e7:8a:d9:7f:3b:b3:4a:6c:15:9a:18:
a8:93:af:d8:e8:aa:5b:81:bf:56:73:ac:4a:9e:2d:
eb:a1:ee:ad:b8:6b:63:ad:bf:7b:d2:01:bf:26:51:
56:35:20:3e:25:2f:97:eb:96:a4:de:6e:6f:bc:ef:
06:3e:76:cc:13:99:32:d2:ff:d3:63:d4:0c:27:2e:
a2:25:df:84:92:88:fa:59:2e:05:8b:b6:0e:0a:f7:
8f:46:89:e7:5e:32:70:d6:95:55:20:d1:3d:49:77:
e1:d0:66:16:e8:c3:71:05:03:b8:88:6e:a0:9f:9d:
65:f8:6d:9b:d4:b9:8c:73:8c:bb:1e:1e:c4:a5:09:
f3:c4:82:58:d2:3e:3a:42:77:bb:a8:f9:99:f7:8d:
6a:f3:dc:20:0c:ef:9f:9c:89:f7:39:48:e9:ba:25:
45:3a:6e:08:ff:26:2e:14:b9:99:36:d1:a4:b4:1e:
fb:ad:55:77:e0:53:5e:6c:67:b6:05:1c:50:5b:8c:
71:87:79:cc:e2:d2:58:14:f3:8c:a4:17:05:5b:17:
71:88:4e:e2:3e:47:de:d2:33:e9:16:75:52:33:8a:
67:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D0:27:97:AD:70:B2:48:28:1D:48:8E:7D:CA:2E:E6:8F:11:BB:54
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:f7:db:6a:2a:03:1e:80:8b:a0:7e:92:05:ed:7f:30:91:99:
34:cb:8e:e7:d5:5f:b1:49:dd:8a:7b:fc:3f:68:24:a5:6f:4e:
0c:b1:ec:4e:b8:3f:59:e3:00:c9:33:6d:cb:2e:e0:23:86:ec:
68:4b:fe:cc:2a:2c:0a:ff:41:11:11:52:1f:8e:c5:51:6d:cf:
da:16:88:04:09:07:4d:7b:b6:9f:86:88:bc:b7:d3:e2:6b:5c:
f1:96:b8:f2:9c:21:09:75:80:9c:61:95:d3:02:f2:c1:e4:24:
7a:79:22:dc:74:cb:8b:f8:8d:aa:67:82:e6:9e:6d:e0:1c:44:
4e:46:8f:a3:d6:9d:64:a1:dc:d1:56:5d:40:89:b2:09:2d:7a:
74:d9:e7:fe:8c:18:4f:a6:9d:5d:38:9f:ca:50:c8:07:da:da:
47:13:e4:37:82:82:50:15:ab:5d:5e:c5:90:7d:74:ee:09:7e:
83:03:f7:6a:ac:7b:91:f1:1c:1c:a1:08:2a:75:11:3d:aa:cc:
88:f4:47:28:b5:5b:7c:90:4e:75:53:da:24:84:fc:40:d6:16:
57:15:d3:6c:34:e4:1c:07:53:36:61:18:6a:18:8b:58:be:22:
31:bf:f0:44:9d:4d:a3:a5:12:93:ed:cb:3b:d1:c8:8d:1b:74:
86:dc:2a:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7DNuul3wr9Fpl9YQav4w1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwNjEzMjMwMDE2WhcNMjYwNjE0MjMwMDE2WjAzMTEwLwYDVQQD
EyhjOWQwMjc5N2FkNzBiMjQ4MjgxZDQ4OGU3ZGNhMmVlNjhmMTFiYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4Lk5RBy91aHOcVyX/wYu5he9sWd
g7Yr11Kxo2J5YInb54rZfzuzSmwVmhiok6/Y6Kpbgb9Wc6xKni3roe6tuGtjrb97
0gG/JlFWNSA+JS+X65ak3m5vvO8GPnbME5ky0v/TY9QMJy6iJd+Ekoj6WS4Fi7YO
CvePRonnXjJw1pVVINE9SXfh0GYW6MNxBQO4iG6gn51l+G2b1LmMc4y7Hh7EpQnz
xIJY0j46Qne7qPmZ941q89wgDO+fnIn3OUjpuiVFOm4I/yYuFLmZNtGktB77rVV3
4FNebGe2BRxQW4xxh3nM4tJYFPOMpBcFWxdxiE7iPkfe0jPpFnVSM4pnDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnQJ5etcLJIKB1Ijn3KLuaPEbtUMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/fbaioD
HoCLoH6SBe1/MJGZNMuO59VfsUndinv8P2gkpW9ODLHsTrg/WeMAyTNtyy7gI4bs
aEv+zCosCv9BERFSH47FUW3P2haIBAkHTXu2n4aIvLfT4mtc8Za48pwhCXWAnGGV
0wLyweQkenki3HTLi/iNqmeC5p5t4BxETkaPo9adZKHc0VZdQImyCS16dNnn/owY
T6adXTifylDIB9raRxPkN4KCUBWrXV7FkH107gl+gwP3aqx7kfEcHKEIKnURParM
iPRHKLVbfJBOdVPaJIT8QNYWVxXTbDTkHAdTNmEYahiLWL4iMb/wRJ1No6USk+3L
O9HIjRt0htwqkw==
-----END CERTIFICATE-----
Generated at Sun Jun 14 04:15:30 2026 by rpki-client