Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: juDNkmwblFmYxSNbeupfUJoeJBpJQ9cnNjEzhzAJnq0=
Subject key identifier: 92:9E:29:F8:39:94:2D:A2:B0:7E:01:34:B6:3A:02:D0:3B:EB:7F:74
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019D3752B89BEB70EFF0D67D63A40B7ED647
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 1455
Signing time: Sun 29 Mar 2026 02:01:01 +0000
Manifest this update: Sun 29 Mar 2026 02:01:01 +0000
Manifest next update: Mon 30 Mar 2026 02:01:01 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: +3cC8RZ9jsWk1HjRqI0nIMZc6AU9iw4wgA5jHJ9/kgI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:b8:9b:eb:70:ef:f0:d6:7d:63:a4:0b:7e:d6:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Mar 29 02:01:01 2026 GMT
Not After : Mar 30 02:01:01 2026 GMT
Subject: CN=929e29f839942da2b07e0134b63a02d03beb7f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d9:9b:1b:66:1e:d4:f1:16:52:c0:3f:2f:23:
24:70:e9:3a:6a:fd:85:90:fb:d6:0a:3a:35:82:ee:
eb:34:fa:19:df:b8:c9:e7:35:89:76:c6:fc:bb:10:
60:7d:8d:b3:e8:dc:ac:a9:c9:0b:1c:e9:bb:f1:92:
b6:97:d7:0a:65:39:54:ac:49:66:0e:c4:37:07:d9:
3d:c4:a9:4e:37:cf:3c:3a:39:eb:d8:e6:e2:4e:31:
a0:cc:dc:b8:db:07:58:7e:1f:e1:98:00:a7:ce:cc:
30:7d:1f:46:c9:f7:7c:dd:50:f4:34:d3:02:33:ff:
82:f0:f2:98:fe:63:f1:95:3a:64:4d:9f:60:61:a8:
4a:ff:da:3d:1b:20:09:6f:2e:87:e6:e9:b9:b9:21:
aa:2a:b3:36:2c:88:fa:36:64:c8:7f:fb:4a:2f:55:
82:6b:e3:73:83:31:79:bf:c8:29:16:fa:64:dc:8e:
56:99:a9:b1:5f:6b:87:02:1d:43:8b:72:7f:5e:86:
13:3f:d9:85:be:14:47:f6:77:3a:d0:e3:38:fd:a5:
03:6f:e3:f3:94:9c:0a:ed:e4:1a:44:8b:e1:cc:10:
1e:7b:28:a4:3e:a5:00:db:cf:76:1a:73:69:a9:16:
7f:48:f9:23:f2:b2:60:68:08:31:d1:ca:14:3a:7f:
99:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9E:29:F8:39:94:2D:A2:B0:7E:01:34:B6:3A:02:D0:3B:EB:7F:74
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
be:a4:6a:4b:e8:73:fb:f4:d7:80:79:52:19:d6:38:27:ef:bb:
3a:c8:e9:b5:cc:06:74:90:f5:09:3c:18:41:5b:36:7c:a9:58:
d3:94:59:5d:13:cb:91:10:22:06:ba:b9:84:a1:ff:19:bc:6e:
ba:40:de:1c:32:9f:a9:ee:0a:80:da:a3:08:75:23:64:5a:c2:
36:3b:0b:e9:7b:d2:a0:6f:24:6d:a4:75:a1:c7:0b:ac:1f:9e:
6e:ce:9f:d9:d3:5b:cd:57:58:8f:97:c5:a4:0f:bd:53:78:0e:
b2:8f:85:dc:bd:6c:bf:e5:f0:cc:19:85:ef:87:9c:9d:77:f8:
21:83:a9:44:e1:d5:e4:0a:8c:91:09:cd:e0:66:aa:ec:05:8a:
0d:6f:19:dd:dc:02:3f:0b:3e:bf:41:2f:88:b4:c7:82:c0:5a:
7c:3d:5b:06:96:20:e3:fd:dc:74:f4:3d:f8:74:6a:30:80:7d:
06:03:fe:7e:f2:de:eb:12:21:e6:8a:9e:77:83:6f:cf:a2:8d:
f0:c0:97:3a:20:8f:68:38:1b:b0:e7:d0:33:1f:62:9f:7c:b7:
50:63:e2:50:85:3f:6f:31:f6:af:40:25:67:03:de:33:c5:a6:
65:cb:b5:0c:1a:58:53:8c:18:f1:48:75:ca:88:74:03:9f:46:
f1:ea:1f:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Urib63Dv8NZ9Y6QLftZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwMzI5MDIwMTAxWhcNMjYwMzMwMDIwMTAxWjAzMTEwLwYDVQQD
Eyg5MjllMjlmODM5OTQyZGEyYjA3ZTAxMzRiNjNhMDJkMDNiZWI3Zjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9mbG2Ye1PEWUsA/LyMkcOk6av2F
kPvWCjo1gu7rNPoZ37jJ5zWJdsb8uxBgfY2z6NysqckLHOm78ZK2l9cKZTlUrElm
DsQ3B9k9xKlON888Ojnr2ObiTjGgzNy42wdYfh/hmACnzswwfR9Gyfd83VD0NNMC
M/+C8PKY/mPxlTpkTZ9gYahK/9o9GyAJby6H5um5uSGqKrM2LIj6NmTIf/tKL1WC
a+NzgzF5v8gpFvpk3I5WmamxX2uHAh1Di3J/XoYTP9mFvhRH9nc60OM4/aUDb+Pz
lJwK7eQaRIvhzBAeeyikPqUA2892GnNpqRZ/SPkj8rJgaAgx0coUOn+ZWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKeKfg5lC2isH4BNLY6AtA76390MB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvqRqS+hz
+/TXgHlSGdY4J++7OsjptcwGdJD1CTwYQVs2fKlY05RZXRPLkRAiBrq5hKH/Gbxu
ukDeHDKfqe4KgNqjCHUjZFrCNjsL6XvSoG8kbaR1occLrB+ebs6f2dNbzVdYj5fF
pA+9U3gOso+F3L1sv+XwzBmF74ecnXf4IYOpROHV5AqMkQnN4Gaq7AWKDW8Z3dwC
Pws+v0EviLTHgsBafD1bBpYg4/3cdPQ9+HRqMIB9BgP+fvLe6xIh5oqed4Nvz6KN
8MCXOiCPaDgbsOfQMx9in3y3UGPiUIU/bzH2r0AlZwPeM8WmZcu1DBpYU4wY8Uh1
yoh0A59G8eofJQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:24 2026 by rpki-client