Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: zx4khaXCMVteoU+3gXySxzhu32DDp47PrPP86cn1B/A=
Subject key identifier: 66:04:9D:75:61:23:0A:59:94:15:01:38:69:E4:42:66:41:50:B6:28
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019D99D01721C973090D959B8141D4980545
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 1488
Signing time: Fri 17 Apr 2026 05:00:44 +0000
Manifest this update: Fri 17 Apr 2026 05:00:44 +0000
Manifest next update: Sat 18 Apr 2026 05:00:44 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: jretGPyzG3l1IwPDkQjlaZdWtHfvI3Om4pxXXbXIgjg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:17:21:c9:73:09:0d:95:9b:81:41:d4:98:05:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Apr 17 05:00:44 2026 GMT
Not After : Apr 18 05:00:44 2026 GMT
Subject: CN=66049d7561230a599415013869e442664150b628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b4:06:a7:ba:42:7e:e7:6a:73:a4:41:ed:9a:
92:6a:a9:ae:df:7f:ec:a3:b5:78:8b:a1:64:e1:72:
98:89:e9:65:9e:66:a7:89:d8:c5:75:59:05:ab:18:
a8:9b:ad:5f:d3:92:3e:c7:d2:5d:76:28:f7:70:5d:
77:e4:0b:49:60:97:e9:9c:e4:e5:18:2b:94:ac:11:
c1:34:79:28:42:ca:44:3b:5b:ad:89:21:07:ac:51:
2a:11:a9:e6:9c:bb:87:db:55:e7:92:c2:34:81:d1:
f3:17:63:25:00:1e:c1:21:e0:60:a5:08:3b:fc:a9:
3f:41:ea:f4:fd:e4:88:b8:ca:57:71:90:27:7f:6a:
04:a9:8a:02:7b:75:a8:51:5e:60:b4:fc:e6:f2:da:
68:0e:78:5d:93:b3:8a:b3:31:cb:dd:a3:a3:e2:12:
07:8a:12:b8:0f:85:c6:fd:3e:f5:cd:42:82:e2:3c:
33:90:2e:15:15:92:24:ee:37:43:03:e3:79:f9:13:
da:86:06:7b:94:87:97:81:e5:6a:3d:4d:f8:9a:54:
b4:55:f7:8a:f8:b9:c3:7b:77:1a:3b:35:1c:79:26:
59:21:85:24:85:1c:8b:29:67:65:91:c3:48:a3:f5:
d3:28:d8:54:a5:e5:05:fa:44:fb:bc:b9:04:20:87:
b9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:04:9D:75:61:23:0A:59:94:15:01:38:69:E4:42:66:41:50:B6:28
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:80:ed:41:c2:ce:20:c1:e6:f1:73:c5:59:1b:44:f5:ad:68:
2a:55:c3:5a:1a:95:0f:f1:78:32:aa:e1:76:08:a7:cc:e5:ce:
6d:fa:70:0b:2a:f4:d3:ec:d6:2d:42:79:9a:9c:0b:50:8f:fe:
b6:6b:2f:e4:2a:d7:87:7b:bc:b6:10:13:3a:96:fd:48:13:cc:
b3:0c:56:02:56:c8:16:4b:e2:d0:c6:54:ea:f3:0f:3d:c9:34:
c7:7e:ce:14:4c:bb:ff:97:06:a2:85:af:d5:a8:88:ce:40:b2:
ed:37:9d:ae:80:1c:1b:b0:b8:ef:f9:c8:da:22:8b:05:3e:16:
f2:39:7f:35:42:29:02:49:0d:04:d5:aa:ed:ec:08:82:6f:14:
d6:5b:f1:1a:09:20:3f:a3:36:17:65:17:6b:0b:27:b0:32:68:
89:21:a6:e3:3b:d1:99:bc:94:49:b1:0f:48:ab:90:84:95:2b:
75:a4:c0:95:6e:41:95:89:2f:32:65:e1:47:75:c1:d0:61:42:
75:f0:9a:04:a8:2f:2f:0e:db:f1:5a:fa:fe:7e:e6:6f:ba:9b:
04:5e:e0:c5:7c:a3:c6:d0:40:1e:c6:b4:af:27:9f:d2:e8:16:
7f:6f:71:de:5d:ba:96:d1:c9:7e:83:13:bf:af:7a:cc:c7:20:
b5:68:0a:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0BchyXMJDZWbgUHUmAVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwNDE3MDUwMDQ0WhcNMjYwNDE4MDUwMDQ0WjAzMTEwLwYDVQQD
Eyg2NjA0OWQ3NTYxMjMwYTU5OTQxNTAxMzg2OWU0NDI2NjQxNTBiNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LQGp7pCfudqc6RB7ZqSaqmu33/s
o7V4i6Fk4XKYiellnmanidjFdVkFqxiom61f05I+x9Jddij3cF135AtJYJfpnOTl
GCuUrBHBNHkoQspEO1utiSEHrFEqEanmnLuH21XnksI0gdHzF2MlAB7BIeBgpQg7
/Kk/Qer0/eSIuMpXcZAnf2oEqYoCe3WoUV5gtPzm8tpoDnhdk7OKszHL3aOj4hIH
ihK4D4XG/T71zUKC4jwzkC4VFZIk7jdDA+N5+RPahgZ7lIeXgeVqPU34mlS0VfeK
+LnDe3caOzUceSZZIYUkhRyLKWdlkcNIo/XTKNhUpeUF+kT7vLkEIIe55wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYEnXVhIwpZlBUBOGnkQmZBULYoMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYDtQcLO
IMHm8XPFWRtE9a1oKlXDWhqVD/F4MqrhdginzOXObfpwCyr00+zWLUJ5mpwLUI/+
tmsv5CrXh3u8thATOpb9SBPMswxWAlbIFkvi0MZU6vMPPck0x37OFEy7/5cGooWv
1aiIzkCy7TedroAcG7C47/nI2iKLBT4W8jl/NUIpAkkNBNWq7ewIgm8U1lvxGgkg
P6M2F2UXawsnsDJoiSGm4zvRmbyUSbEPSKuQhJUrdaTAlW5BlYkvMmXhR3XB0GFC
dfCaBKgvLw7b8Vr6/n7mb7qbBF7gxXyjxtBAHsa0ryef0ugWf29x3l26ltHJfoMT
v696zMcgtWgKiw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:58:21 2026 by rpki-client