Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: OJdZuq0kK60ohEWHyMdUX0j6MXGeMzX/tVdMzJPSHvk=
Subject key identifier: 8A:67:77:50:0A:E3:DC:36:ED:08:B9:83:DA:2F:4B:A2:76:C4:24:26
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 01967C0E55F28D902BA599F0182C0AD347A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 10D8
Signing time: Mon 28 Apr 2025 11:00:36 +0000
Manifest this update: Mon 28 Apr 2025 11:00:36 +0000
Manifest next update: Tue 29 Apr 2025 11:00:36 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: fLA4k2lkJOCN6ufnudR9wbsehvnp1045CK0SFFqxRYM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:0e:55:f2:8d:90:2b:a5:99:f0:18:2c:0a:d3:47:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Apr 28 11:00:36 2025 GMT
Not After : Apr 29 11:00:36 2025 GMT
Subject: CN=8a6777500ae3dc36ed08b983da2f4ba276c42426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ea:55:07:4c:3a:95:a4:bd:76:8a:7c:ea:85:
33:19:d9:2e:c1:74:ae:12:3d:73:c5:2b:9d:a7:f9:
d3:b8:69:ba:3b:76:9b:56:ee:13:b6:25:71:e2:07:
08:2b:fa:b8:48:87:e6:20:06:9b:3b:0e:ab:9f:02:
ed:c0:69:d3:ee:3d:36:1a:ed:ae:60:bc:7a:28:d4:
0f:27:21:3e:76:d0:4c:fd:da:9a:a6:a0:cc:4b:d9:
91:07:46:cd:14:9c:35:1f:8a:58:47:38:73:5e:15:
c2:2e:e1:f2:e4:e7:f5:de:6d:25:6a:bb:29:54:ec:
23:0a:71:7b:e3:30:e4:9f:c5:3a:bf:af:fb:56:39:
84:03:d1:bd:b5:8a:69:e6:47:7c:2e:a1:ae:af:b5:
17:1e:67:e0:76:d8:31:10:5f:d0:f1:a6:05:07:8e:
97:42:44:9e:02:8a:11:14:fa:c1:e9:95:3d:2a:9d:
9d:77:cf:bd:e3:c6:69:44:be:7a:61:bf:5d:56:f4:
f8:f5:29:62:06:dc:cf:9b:2c:10:d5:9b:77:9e:dd:
42:cf:50:07:e5:f7:cd:dc:19:5f:a3:cb:fd:af:45:
d9:d9:f7:e2:8b:28:81:80:f4:e8:80:08:e5:05:63:
b5:99:e6:ef:a0:b9:37:47:ff:77:a9:ba:4c:c8:5d:
e6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:67:77:50:0A:E3:DC:36:ED:08:B9:83:DA:2F:4B:A2:76:C4:24:26
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:d7:09:9d:05:c8:06:50:8c:f2:68:e1:af:eb:7e:87:05:4e:
80:5b:4b:a3:01:51:24:c0:8d:da:61:45:bb:dc:3b:8a:67:9c:
3f:63:b6:01:10:f8:55:5b:89:48:ca:39:b7:3f:33:01:b0:cd:
97:12:aa:5d:49:7d:a7:e2:b3:4f:88:c8:ce:14:c8:aa:7d:25:
de:53:4e:38:46:5a:ca:66:01:24:9f:ae:c5:40:97:36:4f:a2:
cd:79:8e:7e:30:8c:3a:e6:bd:6c:92:c3:60:ca:3d:d4:a6:c7:
7a:12:63:8a:45:47:f9:07:8e:12:0c:2b:61:c1:32:9d:3e:2b:
6c:d6:f4:93:8d:7b:54:49:6f:14:c7:3b:11:60:55:cf:ec:3c:
e6:0d:a3:90:54:c9:85:96:c5:5f:22:0a:f5:75:f6:86:42:95:
cc:43:0b:da:74:ac:2a:a1:f3:8a:f9:70:18:da:5f:2e:a5:27:
ff:d5:de:fe:ed:af:b2:5c:ff:b1:e7:34:76:af:cb:d6:3e:8c:
aa:f0:86:d6:f4:3a:88:72:da:b8:6e:2f:a4:fa:ad:6c:93:96:
10:7d:eb:08:40:37:bc:29:c6:7e:49:73:31:eb:11:04:22:a0:
3d:c3:8c:59:da:c9:b2:a5:94:90:69:1a:38:2d:5e:ad:ae:ca:
d4:44:88:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8DlXyjZArpZnwGCwK00ehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUwNDI4MTEwMDM2WhcNMjUwNDI5MTEwMDM2WjAzMTEwLwYDVQQD
Eyg4YTY3Nzc1MDBhZTNkYzM2ZWQwOGI5ODNkYTJmNGJhMjc2YzQyNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsupVB0w6laS9dop86oUzGdkuwXSu
Ej1zxSudp/nTuGm6O3abVu4TtiVx4gcIK/q4SIfmIAabOw6rnwLtwGnT7j02Gu2u
YLx6KNQPJyE+dtBM/dqapqDMS9mRB0bNFJw1H4pYRzhzXhXCLuHy5Of13m0larsp
VOwjCnF74zDkn8U6v6/7VjmEA9G9tYpp5kd8LqGur7UXHmfgdtgxEF/Q8aYFB46X
QkSeAooRFPrB6ZU9Kp2dd8+948ZpRL56Yb9dVvT49SliBtzPmywQ1Zt3nt1Cz1AH
5ffN3Blfo8v9r0XZ2ffiiyiBgPTogAjlBWO1mebvoLk3R/93qbpMyF3mLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpnd1AK49w27Qi5g9ovS6J2xCQmMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANNcJnQXI
BlCM8mjhr+t+hwVOgFtLowFRJMCN2mFFu9w7imecP2O2ARD4VVuJSMo5tz8zAbDN
lxKqXUl9p+KzT4jIzhTIqn0l3lNOOEZaymYBJJ+uxUCXNk+izXmOfjCMOua9bJLD
YMo91KbHehJjikVH+QeOEgwrYcEynT4rbNb0k417VElvFMc7EWBVz+w85g2jkFTJ
hZbFXyIK9XX2hkKVzEML2nSsKqHzivlwGNpfLqUn/9Xe/u2vslz/sec0dq/L1j6M
qvCG1vQ6iHLauG4vpPqtbJOWEH3rCEA3vCnGfklzMesRBCKgPcOMWdrJsqWUkGka
OC1era7K1ESIrQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:53:17 2025 by rpki-client