Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: t5ikWW7lwiQQw/8c4JphZDjiegZPHbjsa86vu2KQN7Q=
Subject key identifier: ED:9A:56:D8:CE:D1:13:64:E6:AA:8F:26:C2:C8:E0:0E:DF:5C:3B:53
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019EC14876A6C361599DA6209542D0F1C4D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 1521
Signing time: Sat 13 Jun 2026 14:00:12 +0000
Manifest this update: Sat 13 Jun 2026 14:00:12 +0000
Manifest next update: Sun 14 Jun 2026 14:00:12 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: 38E/Xuq9aZmevjqHE51adUbbsJkRkg/x91qwQSjPMeI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c1:48:76:a6:c3:61:59:9d:a6:20:95:42:d0:f1:c4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Jun 13 14:00:12 2026 GMT
Not After : Jun 14 14:00:12 2026 GMT
Subject: CN=ed9a56d8ced11364e6aa8f26c2c8e00edf5c3b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:33:bd:9b:67:17:ef:31:5e:cf:7f:2b:66:87:
e4:be:9f:06:50:ea:a0:62:68:32:98:60:05:0b:39:
dd:c2:75:c6:59:f6:02:44:1a:88:ce:f4:66:51:fa:
e3:02:6a:05:ea:5a:57:e3:68:db:8e:41:9c:4c:d4:
67:d2:78:ff:0a:15:93:d3:5e:66:ef:b9:c2:e4:0f:
57:3d:bc:59:d1:b8:81:f3:a9:49:4b:1c:ea:94:21:
5a:69:bd:09:28:99:72:6f:28:8d:b6:04:8a:c3:2e:
c6:85:55:fe:b8:62:68:9f:83:8f:d7:ad:80:e1:09:
a4:72:64:b1:03:44:00:cb:17:78:e0:24:09:14:9c:
e7:7c:8f:1d:ba:46:31:ef:78:95:ec:b6:af:5d:9a:
74:57:82:1c:6c:eb:4c:50:90:e8:55:ce:d9:bb:1e:
0d:36:8f:02:75:46:a7:55:1d:60:d8:60:27:e2:35:
85:cf:1c:b1:74:cc:80:70:ef:bd:47:7e:e7:3a:e3:
81:6c:9b:97:5d:c9:fc:d7:83:5a:20:be:fc:7f:c8:
f3:7f:bb:a0:70:40:9b:c5:b0:c0:bb:4e:1b:e8:41:
dd:20:8c:61:89:0f:a1:c1:0b:64:fb:4c:f8:c8:b8:
8e:d1:85:b3:83:32:d9:d8:e9:94:51:7a:07:bc:f9:
34:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9A:56:D8:CE:D1:13:64:E6:AA:8F:26:C2:C8:E0:0E:DF:5C:3B:53
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:60:27:f9:1d:24:01:f7:1d:2f:ec:0c:bc:f7:ab:65:bf:50:
91:6f:6a:7a:64:30:c7:a1:5a:aa:2d:24:16:b7:c2:df:e0:10:
6a:59:bb:a0:6a:cc:3e:3d:5d:ec:62:a1:b7:e7:c4:ab:58:d8:
73:29:54:b7:e0:94:90:01:72:da:fb:be:9f:47:d2:5c:8e:2a:
36:0c:f0:16:a6:37:92:a6:d1:0a:e0:7b:55:fd:d7:ad:58:38:
aa:9a:db:93:3f:b7:2c:6e:9d:42:4d:fa:3c:c7:cd:87:6f:c4:
62:69:05:7c:2c:44:e2:0e:51:4c:a2:1e:fc:4a:85:2d:1d:c0:
36:92:2e:cf:4b:57:c9:53:25:ae:74:02:53:6c:6b:36:e7:4e:
e9:24:bb:49:7b:1e:5e:37:73:87:9f:58:20:b5:35:a6:33:ce:
e6:cf:03:de:9e:aa:38:42:cd:eb:eb:b1:a9:43:05:c3:42:88:
66:bf:c3:71:1d:fa:f7:9b:c0:77:28:ce:f1:dc:e3:77:08:a2:
dc:51:67:58:43:da:a5:5c:c0:1d:e8:ac:56:c8:bb:e6:d5:da:
f2:f8:b4:0e:07:11:09:db:ea:c2:eb:4b:92:ef:94:b8:78:f0:
00:ba:f3:25:f7:49:44:84:f4:bc:aa:05:d3:97:93:a0:5f:09:
0a:9c:3d:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7BSHamw2FZnaYglULQ8cTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwNjEzMTQwMDEyWhcNMjYwNjE0MTQwMDEyWjAzMTEwLwYDVQQD
EyhlZDlhNTZkOGNlZDExMzY0ZTZhYThmMjZjMmM4ZTAwZWRmNWMzYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzO9m2cX7zFez38rZofkvp8GUOqg
YmgymGAFCzndwnXGWfYCRBqIzvRmUfrjAmoF6lpX42jbjkGcTNRn0nj/ChWT015m
77nC5A9XPbxZ0biB86lJSxzqlCFaab0JKJlybyiNtgSKwy7GhVX+uGJon4OP162A
4QmkcmSxA0QAyxd44CQJFJznfI8dukYx73iV7LavXZp0V4IcbOtMUJDoVc7Zux4N
No8CdUanVR1g2GAn4jWFzxyxdMyAcO+9R37nOuOBbJuXXcn814NaIL78f8jzf7ug
cECbxbDAu04b6EHdIIxhiQ+hwQtk+0z4yLiO0YWzgzLZ2OmUUXoHvPk0lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2aVtjO0RNk5qqPJsLI4A7fXDtTMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmAn+R0k
AfcdL+wMvPerZb9QkW9qemQwx6Faqi0kFrfC3+AQalm7oGrMPj1d7GKht+fEq1jY
cylUt+CUkAFy2vu+n0fSXI4qNgzwFqY3kqbRCuB7Vf3XrVg4qprbkz+3LG6dQk36
PMfNh2/EYmkFfCxE4g5RTKIe/EqFLR3ANpIuz0tXyVMlrnQCU2xrNudO6SS7SXse
Xjdzh59YILU1pjPO5s8D3p6qOELN6+uxqUMFw0KIZr/DcR3695vAdyjO8dzjdwii
3FFnWEPapVzAHeisVsi75tXa8vi0DgcRCdvqwutLku+UuHjwALrzJfdJRIT0vKoF
05eToF8JCpw9LA==
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:38:10 2026 by rpki-client