Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: heppYBhKUdvxZh0cMz4q1EnNkBBUweGmC30vsQuxrT0=
Subject key identifier: 30:F8:AE:17:00:2E:35:7C:64:29:13:AD:1A:76:37:8E:DB:D9:C7:03
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019EB98F2927EF9A6B9636CF6F145FA61AD4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 151D
Signing time: Fri 12 Jun 2026 02:00:27 +0000
Manifest this update: Fri 12 Jun 2026 02:00:27 +0000
Manifest next update: Sat 13 Jun 2026 02:00:27 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: f7aQ6nH7odSOZjV+DFtiOGOcxVZNevPZ87XV342PAMY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b9:8f:29:27:ef:9a:6b:96:36:cf:6f:14:5f:a6:1a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Jun 12 02:00:27 2026 GMT
Not After : Jun 13 02:00:27 2026 GMT
Subject: CN=30f8ae17002e357c642913ad1a76378edbd9c703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:42:f0:a1:53:fa:11:e9:0b:c0:ec:a3:5e:af:
97:da:1d:13:50:f7:39:9b:9c:4c:a8:0b:41:dd:03:
c0:55:b6:ec:d5:4d:92:71:81:99:9a:fe:0c:04:a7:
b7:72:8b:7b:40:dc:bc:68:e9:43:ab:15:b8:3d:3f:
af:02:99:ea:4d:95:1d:3c:67:84:b8:7a:13:68:86:
68:3f:cc:76:f3:03:32:8a:e6:cb:c6:08:ab:24:38:
aa:fc:48:e3:1a:d8:fd:9c:1a:7b:f0:dc:aa:f2:98:
99:56:e8:6d:77:5c:9d:df:60:93:4a:aa:27:74:b1:
81:40:9c:a6:2c:4f:97:92:f9:39:68:bc:a1:46:f8:
5c:7b:ba:1f:6e:77:10:1f:3e:ad:d2:45:20:45:ea:
2f:09:e9:e6:61:5a:28:20:90:7b:c2:a9:59:76:26:
5a:c9:76:b8:85:cd:e7:de:b2:b1:f6:b3:83:69:48:
0b:87:65:f4:f9:89:f8:e1:8e:a6:1f:00:51:0c:4d:
4b:03:81:fb:13:a3:f8:65:c0:29:2a:af:51:79:73:
4d:f3:8e:2d:ef:78:99:77:9a:38:e6:f3:f0:a0:67:
e8:ed:a0:6a:a8:14:00:99:3a:0c:b1:9f:6f:67:2d:
2a:7e:30:8d:f2:98:73:bb:53:06:96:52:d6:f9:39:
4d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F8:AE:17:00:2E:35:7C:64:29:13:AD:1A:76:37:8E:DB:D9:C7:03
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:d0:aa:13:aa:5d:2d:5b:77:32:cc:c6:3e:d4:25:3e:e3:75:
27:d7:23:16:d7:a2:a1:4f:5c:07:62:b2:6b:12:00:c1:3b:31:
53:c8:08:7d:d6:1c:80:b9:a2:f9:a7:0b:51:c6:c8:8f:3d:a5:
03:c5:74:f2:97:6b:c4:4c:79:d1:86:0a:e9:b9:b2:e3:2e:ea:
af:7e:13:e7:9c:8d:46:37:fb:30:9b:6e:fb:55:8c:b7:62:0d:
56:c7:cd:b8:3c:3a:f3:b0:db:a8:52:22:da:4f:28:05:52:71:
42:92:70:9c:db:21:4d:3d:05:60:f3:d9:ea:eb:1a:77:d7:f0:
03:47:3b:90:c0:36:23:4b:e5:26:4a:94:bb:f0:e2:5b:77:78:
57:fd:ec:5e:91:18:e2:90:3f:35:72:26:48:ea:dc:21:fc:2e:
fd:c2:79:c8:13:91:00:f7:3a:41:98:ac:d4:48:31:08:f9:29:
45:3b:a7:b5:97:13:a7:dc:15:2b:5b:4a:5b:d6:74:76:3d:fb:
8d:c6:cc:f1:ae:a3:0c:bd:ed:c9:d3:46:e5:4f:67:1c:1c:32:
12:bf:73:38:03:8d:25:95:8e:08:2e:9e:69:4c:46:53:27:2b:
e5:46:b0:38:76:0d:cd:c0:49:9b:ea:52:d8:e9:1a:6d:46:b9:
3d:5c:08:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ65jykn75prljbPbxRfphrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwNjEyMDIwMDI3WhcNMjYwNjEzMDIwMDI3WjAzMTEwLwYDVQQD
EygzMGY4YWUxNzAwMmUzNTdjNjQyOTEzYWQxYTc2Mzc4ZWRiZDljNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50LwoVP6EekLwOyjXq+X2h0TUPc5
m5xMqAtB3QPAVbbs1U2ScYGZmv4MBKe3cot7QNy8aOlDqxW4PT+vApnqTZUdPGeE
uHoTaIZoP8x28wMyiubLxgirJDiq/EjjGtj9nBp78Nyq8piZVuhtd1yd32CTSqon
dLGBQJymLE+Xkvk5aLyhRvhce7ofbncQHz6t0kUgReovCenmYVooIJB7wqlZdiZa
yXa4hc3n3rKx9rODaUgLh2X0+Yn44Y6mHwBRDE1LA4H7E6P4ZcApKq9ReXNN844t
73iZd5o45vPwoGfo7aBqqBQAmToMsZ9vZy0qfjCN8phzu1MGllLW+TlNTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDD4rhcALjV8ZCkTrRp2N47b2ccDMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEtCqE6pd
LVt3MszGPtQlPuN1J9cjFteioU9cB2KyaxIAwTsxU8gIfdYcgLmi+acLUcbIjz2l
A8V08pdrxEx50YYK6bmy4y7qr34T55yNRjf7MJtu+1WMt2INVsfNuDw687DbqFIi
2k8oBVJxQpJwnNshTT0FYPPZ6usad9fwA0c7kMA2I0vlJkqUu/DiW3d4V/3sXpEY
4pA/NXImSOrcIfwu/cJ5yBORAPc6QZis1EgxCPkpRTuntZcTp9wVK1tKW9Z0dj37
jcbM8a6jDL3tydNG5U9nHBwyEr9zOAONJZWOCC6eaUxGUycr5UawOHYNzcBJm+pS
2OkabUa5PVwIoA==
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:37:44 2026 by rpki-client