Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: Dm8kjf++JHV5b2e+Pg9ylrEI91V4ar6QJtME6PTdFNk=
Subject key identifier: 7B:2D:BF:EA:FE:CD:B1:F2:9C:D5:8C:07:4A:4D:4B:42:C0:27:12:42
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 01974AB16CA88E95789B8F7250447CDF092E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 1143
Signing time: Sat 07 Jun 2025 14:00:31 +0000
Manifest this update: Sat 07 Jun 2025 14:00:31 +0000
Manifest next update: Sun 08 Jun 2025 14:00:31 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: HGb/vxYPbJVzA8a8Yy0vy6fjhowHmGPpje4S/SoL348=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:b1:6c:a8:8e:95:78:9b:8f:72:50:44:7c:df:09:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Jun 7 14:00:31 2025 GMT
Not After : Jun 8 14:00:31 2025 GMT
Subject: CN=7b2dbfeafecdb1f29cd58c074a4d4b42c0271242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:b3:d3:db:2c:6d:4a:30:42:f3:23:f3:72:
84:7a:8c:82:c0:fc:42:ce:1c:83:c9:e6:17:e2:5d:
ef:bd:88:4b:ab:d6:76:be:02:57:bd:8d:a0:c4:18:
60:ad:c4:23:c3:b7:76:0f:fb:9f:8d:a6:34:cb:42:
02:b0:7d:ec:42:eb:d1:34:ff:a0:7c:ad:36:54:b4:
a9:25:a3:34:3e:af:94:34:83:c4:f2:1a:b6:3a:02:
49:a8:2e:e3:6c:0b:08:61:74:c2:5f:35:88:3d:1f:
46:36:39:95:30:cf:6a:90:9c:7c:33:13:a4:ce:c7:
32:63:87:fc:13:fa:0c:de:8b:fc:9a:60:b5:95:30:
5a:ee:98:96:23:8d:66:78:52:5f:51:6a:6c:1d:b8:
58:a6:ac:d6:31:52:7f:d2:57:24:d6:62:31:83:cc:
ea:6c:4b:43:a4:8b:8c:7e:f3:aa:7d:51:58:6f:c5:
c1:51:74:0b:a9:a6:c7:ff:f8:d0:09:8a:d9:09:79:
be:38:71:27:03:24:39:95:48:33:b2:9e:41:45:b9:
d9:e5:52:99:73:55:86:ee:cb:c8:19:3a:75:c4:cf:
b9:17:9f:4d:d8:90:3e:22:16:0c:19:c0:95:3f:80:
9e:da:e9:58:84:5d:d4:b8:cd:a3:3e:1c:ba:5f:79:
c3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2D:BF:EA:FE:CD:B1:F2:9C:D5:8C:07:4A:4D:4B:42:C0:27:12:42
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:86:8f:25:7e:b9:71:2d:37:06:e7:4d:2e:bf:75:10:8d:75:
ed:95:a8:87:89:e6:3a:41:f1:ed:b6:b0:24:b2:8f:6a:19:6e:
44:20:15:cc:d2:10:33:aa:16:fd:e5:53:a4:2d:52:fc:ef:21:
c1:72:f0:f5:6f:ef:dd:eb:09:72:1b:72:9c:16:e6:6c:f6:ac:
9a:81:db:33:30:40:56:f4:8c:a7:b8:12:9a:c4:d9:51:29:68:
1f:00:66:00:3c:a1:66:e3:b0:9e:a1:77:31:2e:94:0a:25:34:
8a:c3:cc:71:2c:31:32:d3:b4:6e:24:82:a1:61:5c:5b:65:b7:
df:3e:02:f4:2c:e8:5b:14:59:7d:18:ea:20:b6:ae:a7:9f:87:
e1:5e:63:9f:42:92:5d:3a:a1:e0:4c:b1:86:99:f1:7a:a2:66:
62:f0:6d:fc:39:60:5d:d3:29:9a:de:40:1f:16:07:3c:6e:da:
16:76:90:f9:f6:c3:79:f6:c7:f9:7d:04:52:b3:88:c9:c6:74:
32:d5:df:00:ea:d3:02:55:83:b6:7f:11:b9:42:12:18:46:a8:
ca:35:07:48:35:b9:28:c8:fc:8c:f8:98:f8:58:41:7b:67:ad:
b3:e0:ca:b3:f2:fd:e2:12:9f:f4:83:b5:da:83:d1:cf:b0:a3:
b5:15:54:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKsWyojpV4m49yUER83wkuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUwNjA3MTQwMDMxWhcNMjUwNjA4MTQwMDMxWjAzMTEwLwYDVQQD
Eyg3YjJkYmZlYWZlY2RiMWYyOWNkNThjMDc0YTRkNGI0MmMwMjcxMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjKz09ssbUowQvMj83KEeoyCwPxC
zhyDyeYX4l3vvYhLq9Z2vgJXvY2gxBhgrcQjw7d2D/ufjaY0y0ICsH3sQuvRNP+g
fK02VLSpJaM0Pq+UNIPE8hq2OgJJqC7jbAsIYXTCXzWIPR9GNjmVMM9qkJx8MxOk
zscyY4f8E/oM3ov8mmC1lTBa7piWI41meFJfUWpsHbhYpqzWMVJ/0lck1mIxg8zq
bEtDpIuMfvOqfVFYb8XBUXQLqabH//jQCYrZCXm+OHEnAyQ5lUgzsp5BRbnZ5VKZ
c1WG7svIGTp1xM+5F59N2JA+IhYMGcCVP4Ce2ulYhF3UuM2jPhy6X3nDkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHstv+r+zbHynNWMB0pNS0LAJxJCMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJoaPJX65
cS03BudNLr91EI117ZWoh4nmOkHx7bawJLKPahluRCAVzNIQM6oW/eVTpC1S/O8h
wXLw9W/v3esJchtynBbmbPasmoHbMzBAVvSMp7gSmsTZUSloHwBmADyhZuOwnqF3
MS6UCiU0isPMcSwxMtO0biSCoWFcW2W33z4C9CzoWxRZfRjqILaup5+H4V5jn0KS
XTqh4EyxhpnxeqJmYvBt/DlgXdMpmt5AHxYHPG7aFnaQ+fbDefbH+X0EUrOIycZ0
MtXfAOrTAlWDtn8RuUISGEaoyjUHSDW5KMj8jPiY+FhBe2ets+DKs/L94hKf9IO1
2oPRz7CjtRVUCg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:52:00 2025 by rpki-client