Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: nl/p6SOPno2mzRcR7tnd1MsAMFLP45byvGmgbwwzddc=
Subject key identifier: 9D:66:F5:B9:5E:F2:FA:19:A3:B9:6C:DD:E3:BF:32:32:18:0C:A3:A4
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019A4EF5AC6F7E524EA036A776D9CEEEE88A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 12D3
Signing time: Tue 04 Nov 2025 13:01:54 +0000
Manifest this update: Tue 04 Nov 2025 13:01:54 +0000
Manifest next update: Wed 05 Nov 2025 13:01:54 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: iW/PAr+hSZ/HEnvuB/yOXxK7FPmA5e7Y9/hPEWFodWg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:ac:6f:7e:52:4e:a0:36:a7:76:d9:ce:ee:e8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Nov 4 13:01:54 2025 GMT
Not After : Nov 5 13:01:54 2025 GMT
Subject: CN=9d66f5b95ef2fa19a3b96cdde3bf3232180ca3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6f:05:f5:4f:9b:72:3b:c5:b0:50:88:67:e9:
2a:d2:ee:ea:87:8d:3a:56:7d:76:e0:f4:23:53:aa:
8f:d4:e4:9e:cd:2c:12:1a:1a:b9:c1:cc:90:c2:a3:
59:6d:12:c2:4c:a4:ae:bb:81:ee:a9:04:fe:15:0d:
51:9b:89:f8:08:9c:bf:1f:8c:e1:96:31:99:e6:8f:
1f:63:fc:d2:15:da:e3:2e:b4:9d:24:10:0d:08:ed:
7a:7f:ec:81:fb:0b:1e:2e:4d:ce:0d:93:5b:4c:b1:
d5:71:f9:a2:94:3a:10:97:30:bf:6a:83:7b:00:dc:
a4:9a:c8:9f:5a:8c:29:21:1d:c9:3f:4d:c8:4c:13:
92:75:4e:34:f0:9f:1c:1c:10:b2:a2:2b:94:80:7b:
88:bf:25:58:14:9c:82:86:ca:7a:dc:a8:b9:34:42:
31:40:c6:0f:93:f2:ea:55:c8:20:1d:49:ad:4a:42:
09:05:40:31:6f:df:5f:52:93:67:37:ce:8c:a1:fd:
f3:5b:2c:76:fa:b9:57:23:a5:36:90:e7:d8:7b:68:
ec:4b:ab:b8:d0:57:d8:5b:3e:8f:2d:d5:5e:72:db:
e8:46:39:b5:1b:fe:45:ab:a7:1b:ba:aa:0a:4a:b7:
17:c2:35:0b:5b:d6:83:66:6a:f6:d7:db:cf:f9:59:
0d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:66:F5:B9:5E:F2:FA:19:A3:B9:6C:DD:E3:BF:32:32:18:0C:A3:A4
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:b0:9d:51:7f:d3:47:ce:9c:a8:28:04:dd:a4:9d:ea:1d:26:
be:e7:87:09:28:2c:64:fd:fd:25:ac:1c:cb:b1:53:2e:30:31:
38:bc:b4:20:58:bd:36:fa:9f:45:9f:04:92:e5:66:d7:28:22:
64:1f:25:3b:9b:d7:d8:9f:57:f4:b2:08:ea:35:6b:4e:d6:c6:
47:8e:10:f3:ad:ab:c6:58:18:bb:26:87:49:37:cc:eb:4a:96:
52:0a:b1:fc:b2:93:a0:3e:20:ee:6f:23:b7:b7:01:5f:08:6b:
24:ba:98:16:08:12:16:37:95:89:ea:92:94:03:2d:c2:cf:77:
c0:93:2e:8f:b6:14:02:7c:7a:01:43:e2:a8:a7:94:0e:3a:64:
49:5b:d2:93:5d:75:5b:98:ed:3b:99:9e:9c:d8:8c:3b:84:ed:
92:d6:81:5c:af:aa:15:58:61:fe:f1:16:15:4f:3f:01:fb:66:
79:5a:8d:31:76:06:8a:bc:22:1d:c4:b0:db:7f:11:8a:5c:f5:
33:f5:aa:c9:ef:19:bb:e0:a2:3e:d3:0a:8f:50:35:0f:a3:39:
3f:b1:7c:27:a4:de:34:a9:78:8d:2c:bb:d7:e0:34:1a:7f:be:
60:93:03:ed:b9:7a:08:98:08:61:6a:91:2b:76:52:57:83:2a:
57:bf:c7:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9axvflJOoDandtnO7uiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUxMTA0MTMwMTU0WhcNMjUxMTA1MTMwMTU0WjAzMTEwLwYDVQQD
Eyg5ZDY2ZjViOTVlZjJmYTE5YTNiOTZjZGRlM2JmMzIzMjE4MGNhM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3W8F9U+bcjvFsFCIZ+kq0u7qh406
Vn124PQjU6qP1OSezSwSGhq5wcyQwqNZbRLCTKSuu4HuqQT+FQ1Rm4n4CJy/H4zh
ljGZ5o8fY/zSFdrjLrSdJBANCO16f+yB+wseLk3ODZNbTLHVcfmilDoQlzC/aoN7
ANykmsifWowpIR3JP03ITBOSdU408J8cHBCyoiuUgHuIvyVYFJyChsp63Ki5NEIx
QMYPk/LqVcggHUmtSkIJBUAxb99fUpNnN86Mof3zWyx2+rlXI6U2kOfYe2jsS6u4
0FfYWz6PLdVectvoRjm1G/5Fq6cbuqoKSrcXwjULW9aDZmr219vP+VkNiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1m9ble8voZo7ls3eO/MjIYDKOkMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAArCdUX/T
R86cqCgE3aSd6h0mvueHCSgsZP39Jawcy7FTLjAxOLy0IFi9NvqfRZ8EkuVm1ygi
ZB8lO5vX2J9X9LII6jVrTtbGR44Q862rxlgYuyaHSTfM60qWUgqx/LKToD4g7m8j
t7cBXwhrJLqYFggSFjeVieqSlAMtws93wJMuj7YUAnx6AUPiqKeUDjpkSVvSk111
W5jtO5menNiMO4TtktaBXK+qFVhh/vEWFU8/AftmeVqNMXYGirwiHcSw238Rilz1
M/Wqye8Zu+CiPtMKj1A1D6M5P7F8J6TeNKl4jSy71+A0Gn++YJMD7bl6CJgIYWqR
K3ZSV4MqV7/H9A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:59:55 2025 by rpki-client