Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: YsH8Nq4cHrkRrIXdzhNsbU50j7rHRtx57ovsPYQGwtY=
Subject key identifier: 41:15:38:46:0A:8E:08:8C:3C:43:22:E8:13:E8:B0:8F:8A:CB:89:76
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 01987DC10E1D85156020FAECBFDB4BCDA73B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 11E2
Signing time: Wed 06 Aug 2025 05:01:00 +0000
Manifest this update: Wed 06 Aug 2025 05:01:00 +0000
Manifest next update: Thu 07 Aug 2025 05:01:00 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: AG3BxAAZYh3UDjlW3Lr06QAvutDGB0k22E/JrNMwii8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:c1:0e:1d:85:15:60:20:fa:ec:bf:db:4b:cd:a7:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Aug 6 05:01:00 2025 GMT
Not After : Aug 7 05:01:00 2025 GMT
Subject: CN=411538460a8e088c3c4322e813e8b08f8acb8976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:42:58:69:3a:b7:46:e0:c2:fb:ad:41:51:79:
5a:fc:87:f8:67:f2:50:a5:5e:79:43:70:ff:dd:ee:
78:78:dd:bb:40:3a:7b:25:0c:1b:dd:94:99:5a:7d:
13:17:2a:c5:4d:4b:b5:e4:65:a0:f6:f8:51:1d:43:
fa:d5:9c:ed:49:29:79:eb:37:ef:9b:db:a9:c2:b4:
c2:84:26:46:09:d5:a1:82:f0:9a:2a:3e:b8:e7:3f:
df:8a:ca:09:00:a6:56:fd:a5:0f:33:8e:30:39:40:
72:19:1d:fd:17:9b:3a:d1:47:46:37:5d:9d:d5:4e:
8d:1c:75:b5:14:cf:64:ba:43:c8:20:64:b2:38:32:
ca:fd:59:78:4d:f1:24:84:d0:d7:db:9c:82:76:fb:
4c:a3:4c:b0:7e:2a:af:ed:d8:d1:4a:f2:f5:4a:e7:
86:87:b1:c3:93:11:ad:b0:b4:76:c9:76:d9:5a:7b:
ad:a0:b6:3c:d4:c2:96:5c:97:e8:0a:5c:63:27:b7:
01:20:83:e8:cd:02:9d:0a:79:63:80:20:2e:23:14:
86:ff:0d:0d:84:d7:07:a1:32:f6:25:76:c6:47:00:
3c:6f:b0:98:78:68:22:30:27:83:5e:96:9c:5c:69:
8a:5f:8f:a9:76:d1:fc:a4:f8:e5:af:1d:d0:a1:9f:
9b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:15:38:46:0A:8E:08:8C:3C:43:22:E8:13:E8:B0:8F:8A:CB:89:76
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:39:b7:b9:74:30:7a:d7:79:a4:8e:c3:c3:a8:3b:0c:c1:e2:
92:10:77:7e:40:81:2b:a2:e8:a8:ed:08:21:b0:3d:b6:b4:38:
5f:2c:b7:f6:99:06:66:58:cc:6a:f6:0f:ec:95:8a:97:55:20:
f1:d3:e3:c3:e1:be:f8:05:a2:90:06:90:b4:b3:eb:ad:0f:7e:
21:75:4d:8e:ea:66:e2:27:1d:ad:c3:74:32:44:e2:a8:28:a5:
3b:44:3b:83:ca:8e:de:52:80:ff:49:d0:75:4f:0a:c6:df:90:
3e:5a:6c:40:5a:87:97:2d:71:b6:ce:3c:28:21:99:53:e0:37:
2d:fc:92:0c:37:81:ba:e2:20:d4:be:e9:f5:b0:f1:88:33:e6:
79:0b:1a:e8:f5:93:92:23:43:15:46:b2:c1:ec:48:cd:ae:ff:
b1:e4:10:cf:3a:58:1f:0f:5d:7b:86:9c:82:0e:f9:e0:ab:ba:
1c:0c:12:7a:92:aa:8c:65:91:7c:b4:21:dd:39:37:54:99:bd:
27:4f:31:55:81:68:dc:55:cf:a6:e4:f8:45:19:0a:d5:e6:8c:
8f:36:d8:c9:42:c3:88:38:ad:6f:64:9d:47:66:1e:3c:68:da:
3d:d2:3c:44:4d:fe:5a:84:1d:d3:b3:00:59:b6:26:3f:5d:fd:
83:65:ee:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9wQ4dhRVgIPrsv9tLzac7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUwODA2MDUwMTAwWhcNMjUwODA3MDUwMTAwWjAzMTEwLwYDVQQD
Eyg0MTE1Mzg0NjBhOGUwODhjM2M0MzIyZTgxM2U4YjA4ZjhhY2I4OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkJYaTq3RuDC+61BUXla/If4Z/JQ
pV55Q3D/3e54eN27QDp7JQwb3ZSZWn0TFyrFTUu15GWg9vhRHUP61ZztSSl56zfv
m9upwrTChCZGCdWhgvCaKj645z/fisoJAKZW/aUPM44wOUByGR39F5s60UdGN12d
1U6NHHW1FM9kukPIIGSyODLK/Vl4TfEkhNDX25yCdvtMo0ywfiqv7djRSvL1SueG
h7HDkxGtsLR2yXbZWnutoLY81MKWXJfoClxjJ7cBIIPozQKdCnljgCAuIxSG/w0N
hNcHoTL2JXbGRwA8b7CYeGgiMCeDXpacXGmKX4+pdtH8pPjlrx3QoZ+bOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEVOEYKjgiMPEMi6BPosI+Ky4l2MB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGjm3uXQw
etd5pI7Dw6g7DMHikhB3fkCBK6LoqO0IIbA9trQ4Xyy39pkGZljMavYP7JWKl1Ug
8dPjw+G++AWikAaQtLPrrQ9+IXVNjupm4icdrcN0MkTiqCilO0Q7g8qO3lKA/0nQ
dU8Kxt+QPlpsQFqHly1xts48KCGZU+A3LfySDDeBuuIg1L7p9bDxiDPmeQsa6PWT
kiNDFUaywexIza7/seQQzzpYHw9de4acgg754Ku6HAwSepKqjGWRfLQh3Tk3VJm9
J08xVYFo3FXPpuT4RRkK1eaMjzbYyULDiDitb2SdR2YePGjaPdI8RE3+WoQd07MA
WbYmP139g2Xu8Q==
-----END CERTIFICATE-----
Generated at Wed Aug 6 12:33:22 2025 by rpki-client