Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: yx5A4IDViTVuyy/hpTzWWi3n7tA23I1hxNGp94fOgYk=
Subject key identifier: FF:9E:EA:AA:D5:3F:71:10:99:2D:57:23:01:D2:A3:0F:EF:CA:E2:BB
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019CAC46E35840E0A0C7A5E09D7C737AACF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 140D
Signing time: Mon 02 Mar 2026 02:00:52 +0000
Manifest this update: Mon 02 Mar 2026 02:00:52 +0000
Manifest next update: Tue 03 Mar 2026 02:00:52 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: zGqIIVFxWHfR7vPVeXuxS0EZjjpFEa1dccoy4Cjdpyo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:e3:58:40:e0:a0:c7:a5:e0:9d:7c:73:7a:ac:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Mar 2 02:00:52 2026 GMT
Not After : Mar 3 02:00:52 2026 GMT
Subject: CN=ff9eeaaad53f7110992d572301d2a30fefcae2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:09:97:5a:d0:71:47:60:d4:a4:3a:6d:33:0d:
9a:17:86:98:6f:ff:2e:92:73:51:dc:50:6f:c4:70:
0f:c7:ff:55:c9:1a:7c:62:df:fe:ee:27:1b:d8:8d:
43:7b:b8:3d:23:14:b6:0c:16:6e:5a:c6:52:0d:cc:
e9:e1:bd:8d:79:b5:c5:12:b0:ac:02:d1:35:d4:f9:
74:de:50:ab:84:55:fe:7d:0d:34:dd:01:38:68:4c:
65:b6:60:3f:6a:15:e2:e8:37:40:c8:a8:1d:73:11:
94:40:7c:af:a2:92:bd:9a:32:77:28:4c:e2:a8:00:
62:97:ea:f1:f6:ff:34:9f:1d:62:fc:cb:36:04:31:
2c:ec:28:3b:a7:6f:58:89:c0:c8:9d:00:d6:7c:36:
b5:29:ba:0e:be:ea:93:6c:20:c4:d0:69:8d:59:00:
2a:a5:f1:00:6a:a7:3c:d2:7e:64:be:61:a6:fd:2e:
11:19:05:5f:8c:db:73:c4:e4:a2:01:18:34:f9:b3:
68:69:c7:29:e3:98:16:e3:7d:ec:86:86:f2:9b:df:
bb:3a:97:a1:9e:c6:17:b7:b7:6d:c6:41:42:46:97:
e6:ed:86:0f:26:65:fd:76:19:19:4e:2d:c5:a6:3a:
87:50:89:a5:b9:1b:cd:5f:a1:f7:80:90:36:4c:fe:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:9E:EA:AA:D5:3F:71:10:99:2D:57:23:01:D2:A3:0F:EF:CA:E2:BB
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:48:31:c6:d8:40:e1:ae:b5:0e:2b:22:a0:73:66:7f:fa:bd:
96:64:1e:31:7d:0d:b2:59:49:03:bb:69:97:82:a8:a0:c5:ba:
72:57:16:fc:79:93:ea:e2:3b:9b:08:b5:02:ae:f9:ad:27:f4:
fb:8d:10:e2:c1:c6:09:c0:cd:af:b4:2c:d4:7b:a3:38:72:f0:
81:ad:be:28:4d:fd:dc:11:c6:ba:a6:14:d4:9b:d6:62:6e:7f:
10:a7:ac:80:5a:d9:92:98:46:fa:3d:bf:c2:23:31:35:b3:de:
3b:83:60:c6:89:a5:89:7d:65:aa:b2:cf:2d:d6:a5:aa:49:fc:
5d:7a:eb:11:f7:67:66:19:f5:f4:e4:03:f4:00:e8:1c:88:10:
78:c6:8d:a1:51:2f:f2:68:17:2e:4d:41:db:3d:c4:a2:58:c4:
76:0d:b0:3c:61:a1:07:ef:ba:29:14:ca:67:f7:e4:eb:fd:2f:
73:dd:a2:23:27:71:94:82:fe:61:1c:d4:57:0b:36:f7:79:32:
f3:1d:60:34:10:0a:36:d3:c0:b6:00:94:63:32:5f:e0:01:b9:
5e:4f:a3:ab:c6:18:1d:13:98:44:42:7c:f4:2c:47:4b:c8:a6:
8f:e5:66:f3:44:4d:96:f5:01:c1:e4:f1:da:34:65:37:fb:d8:
cb:b6:f9:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRuNYQOCgx6XgnXxzeqz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwMzAyMDIwMDUyWhcNMjYwMzAzMDIwMDUyWjAzMTEwLwYDVQQD
EyhmZjllZWFhYWQ1M2Y3MTEwOTkyZDU3MjMwMWQyYTMwZmVmY2FlMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAmXWtBxR2DUpDptMw2aF4aYb/8u
knNR3FBvxHAPx/9VyRp8Yt/+7icb2I1De7g9IxS2DBZuWsZSDczp4b2NebXFErCs
AtE11Pl03lCrhFX+fQ003QE4aExltmA/ahXi6DdAyKgdcxGUQHyvopK9mjJ3KEzi
qABil+rx9v80nx1i/Ms2BDEs7Cg7p29YicDInQDWfDa1KboOvuqTbCDE0GmNWQAq
pfEAaqc80n5kvmGm/S4RGQVfjNtzxOSiARg0+bNoaccp45gW433shobym9+7Opeh
nsYXt7dtxkFCRpfm7YYPJmX9dhkZTi3FpjqHUImluRvNX6H3gJA2TP4C0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+e6qrVP3EQmS1XIwHSow/vyuK7MB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbUgxxthA
4a61DisioHNmf/q9lmQeMX0NsllJA7tpl4KooMW6clcW/HmT6uI7mwi1Aq75rSf0
+40Q4sHGCcDNr7Qs1HujOHLwga2+KE393BHGuqYU1JvWYm5/EKesgFrZkphG+j2/
wiMxNbPeO4NgxomliX1lqrLPLdalqkn8XXrrEfdnZhn19OQD9ADoHIgQeMaNoVEv
8mgXLk1B2z3EoljEdg2wPGGhB++6KRTKZ/fk6/0vc92iIydxlIL+YRzUVws293ky
8x1gNBAKNtPAtgCUYzJf4AG5Xk+jq8YYHROYREJ89CxHS8imj+Vm80RNlvUBweTx
2jRlN/vYy7b5Xw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:26:43 2026 by rpki-client