Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: kzE2encmu7EiDnubXyWCPElKm7aO0JCWkZuCuUksmjM=
Subject key identifier: 6E:B5:26:0A:70:83:77:DC:46:85:4D:53:DE:32:86:F8:88:23:C2:3F
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019A0F39C54E81FDE982A9B642C258412EFD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 12B2
Signing time: Thu 23 Oct 2025 04:00:35 +0000
Manifest this update: Thu 23 Oct 2025 04:00:35 +0000
Manifest next update: Fri 24 Oct 2025 04:00:35 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: D4TSpZ2GhLWjqDbPis5lK1sC5mScrq89RwJMC2/r4A0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0f:39:c5:4e:81:fd:e9:82:a9:b6:42:c2:58:41:2e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Oct 23 04:00:35 2025 GMT
Not After : Oct 24 04:00:35 2025 GMT
Subject: CN=6eb5260a708377dc46854d53de3286f88823c23f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:17:44:17:37:07:13:9f:59:a3:c8:4e:8a:04:
1f:0a:aa:fc:eb:01:e6:91:52:a8:ef:b7:3e:5a:18:
1a:11:0e:a1:6b:ae:13:08:89:38:df:11:4d:4e:af:
39:25:af:5f:2c:54:b5:22:8c:55:c2:43:27:36:5d:
e6:70:ec:eb:7c:53:5e:9e:16:fa:da:94:09:b3:dd:
c6:7a:6c:9c:55:a5:3e:5f:ff:d4:10:2c:62:cb:ed:
85:65:ff:54:47:9e:a3:97:ed:1a:fa:6e:ce:ea:06:
9f:f2:f9:68:ca:be:fe:04:7e:a6:fb:00:a2:cb:18:
e0:75:03:85:f7:88:9c:4f:21:fb:f2:09:66:1f:e0:
ab:66:12:4f:ac:fd:59:7d:c2:a4:ca:32:8d:8e:a2:
50:c8:32:e5:d8:4d:74:1d:59:05:56:59:b4:4b:f5:
0a:ed:36:58:cc:f3:f5:26:a7:b3:c3:22:fd:4c:95:
51:e2:aa:d9:b2:b5:3f:ce:51:a0:b0:a2:23:ed:c5:
34:1a:21:d7:c3:a8:7e:6f:d7:db:34:e4:b7:8e:36:
5b:17:64:83:44:17:1a:b4:22:f1:26:c6:35:27:36:
a8:26:cf:02:0a:2e:41:19:a6:92:1e:28:bf:2d:c5:
7f:a9:e7:24:d7:e3:72:bc:3e:d8:cb:c0:f0:f7:e0:
a7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B5:26:0A:70:83:77:DC:46:85:4D:53:DE:32:86:F8:88:23:C2:3F
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:f8:00:72:75:11:cc:18:6d:4f:52:42:f4:88:f6:b6:4e:71:
92:5d:82:a5:d8:2d:f3:d2:98:ec:db:ae:83:91:13:14:01:86:
c2:74:f6:3e:4f:ab:95:b9:62:70:a6:87:19:e8:e0:c6:01:16:
5d:1e:34:5a:40:b7:b4:e6:c3:08:17:94:3c:8f:25:38:3b:2c:
7b:47:89:a7:9a:d4:d8:62:b0:9e:02:7c:04:11:15:9f:f9:cc:
64:81:18:08:7c:0b:b3:cb:b3:b2:1e:f3:97:a0:92:98:e1:59:
d8:6b:8d:0f:92:89:61:8e:f9:f7:06:46:0b:b6:52:c4:b8:55:
c3:2c:ba:43:77:01:b0:d4:d9:96:0a:1e:4c:8d:e3:6f:fc:99:
04:b7:0a:9f:85:b7:34:a5:21:9d:be:88:c9:c2:2a:fc:2c:59:
5a:d5:0a:a1:16:0f:86:05:5f:ff:39:21:5a:f4:ac:f9:8d:96:
7f:27:28:fa:01:fc:2c:24:c7:c9:e7:bf:cc:fe:93:ee:16:01:
53:d2:a4:72:8d:a6:60:a5:9e:b6:3f:44:b5:13:65:aa:1f:b4:
31:79:d0:1a:64:8a:29:c1:90:cf:be:3b:6d:5b:ce:15:f9:fd:
40:02:87:04:47:6e:e6:93:e2:2e:97:c9:19:28:26:47:22:86:
3c:37:c8:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoPOcVOgf3pgqm2QsJYQS79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUxMDIzMDQwMDM1WhcNMjUxMDI0MDQwMDM1WjAzMTEwLwYDVQQD
Eyg2ZWI1MjYwYTcwODM3N2RjNDY4NTRkNTNkZTMyODZmODg4MjNjMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthdEFzcHE59Zo8hOigQfCqr86wHm
kVKo77c+WhgaEQ6ha64TCIk43xFNTq85Ja9fLFS1IoxVwkMnNl3mcOzrfFNenhb6
2pQJs93GemycVaU+X//UECxiy+2FZf9UR56jl+0a+m7O6gaf8vloyr7+BH6m+wCi
yxjgdQOF94icTyH78glmH+CrZhJPrP1ZfcKkyjKNjqJQyDLl2E10HVkFVlm0S/UK
7TZYzPP1JqezwyL9TJVR4qrZsrU/zlGgsKIj7cU0GiHXw6h+b9fbNOS3jjZbF2SD
RBcatCLxJsY1JzaoJs8CCi5BGaaSHii/LcV/qeck1+NyvD7Yy8Dw9+Cn3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG61Jgpwg3fcRoVNU94yhviII8I/MB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAifgAcnUR
zBhtT1JC9Ij2tk5xkl2Cpdgt89KY7Nuug5ETFAGGwnT2Pk+rlblicKaHGejgxgEW
XR40WkC3tObDCBeUPI8lODsse0eJp5rU2GKwngJ8BBEVn/nMZIEYCHwLs8uzsh7z
l6CSmOFZ2GuND5KJYY759wZGC7ZSxLhVwyy6Q3cBsNTZlgoeTI3jb/yZBLcKn4W3
NKUhnb6IycIq/CxZWtUKoRYPhgVf/zkhWvSs+Y2Wfyco+gH8LCTHyee/zP6T7hYB
U9Kkco2mYKWetj9EtRNlqh+0MXnQGmSKKcGQz747bVvOFfn9QAKHBEdu5pPiLpfJ
GSgmRyKGPDfI8w==
-----END CERTIFICATE-----
Generated at Thu Oct 23 07:42:24 2025 by rpki-client