Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: rmzDRcZaQiOf+JOjq+zkjWLeaSXOeQEeW+eMggN9SJY=
Subject key identifier: B4:A8:F9:07:A8:20:9F:B0:74:DC:3D:E1:A3:F1:04:3D:E4:25:16:87
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 0199FFC7871212C18A1A6083ECFB80741198
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 12AA
Signing time: Mon 20 Oct 2025 04:01:30 +0000
Manifest this update: Mon 20 Oct 2025 04:01:30 +0000
Manifest next update: Tue 21 Oct 2025 04:01:30 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: VNdOawhvIX4UV5eUwK80tb1Tnt+GEkH7NHmLksMD9EI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:87:12:12:c1:8a:1a:60:83:ec:fb:80:74:11:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Oct 20 04:01:30 2025 GMT
Not After : Oct 21 04:01:30 2025 GMT
Subject: CN=b4a8f907a8209fb074dc3de1a3f1043de4251687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6d:e8:a7:17:91:9f:26:9b:a0:c7:08:9d:ab:
44:4a:34:70:39:b5:57:fc:8f:3a:4a:8d:1d:8e:5e:
ba:9d:5f:33:79:ca:95:91:1a:2b:bb:c2:ce:10:84:
c2:76:83:4e:97:9c:68:d4:64:c6:f2:95:9c:51:5b:
82:1b:1c:86:f8:d4:9c:d6:d8:ef:ba:31:93:64:26:
48:e5:fd:4a:19:ae:aa:79:b5:58:2e:dd:07:64:09:
8d:8d:34:cf:fe:5a:2d:e6:fa:0e:31:2d:c5:85:81:
0f:cd:38:c4:ec:8b:a6:59:cc:b7:ac:84:53:ca:81:
59:f4:7d:08:1c:8b:d8:60:b0:42:c6:34:14:c3:dd:
52:36:6a:47:0e:7e:9b:48:5e:af:9c:bb:8c:7d:c7:
e6:67:60:95:93:63:85:23:00:9c:f8:42:b0:8e:a1:
cd:7f:3f:cd:0b:9a:7e:4f:0d:44:d2:9d:f4:c5:55:
51:a1:7a:a2:53:cc:91:07:5b:82:14:eb:c9:f2:6e:
fa:8f:30:9f:89:5e:03:ce:40:bf:b9:c0:7a:b6:83:
a6:2b:7d:e6:5a:1b:87:97:d1:1d:36:10:f4:31:bc:
b9:95:42:9e:53:bf:30:a7:a7:01:b7:dc:0a:85:ad:
0b:99:1f:9b:44:19:2b:0f:c8:24:59:c7:73:50:44:
ed:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A8:F9:07:A8:20:9F:B0:74:DC:3D:E1:A3:F1:04:3D:E4:25:16:87
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:92:3b:cd:ad:d4:6a:e8:02:d2:1a:66:f5:6b:5f:65:af:3d:
fb:43:9d:7f:6a:5a:fa:6f:61:40:8c:54:10:79:f3:dd:3a:d9:
cc:b5:ca:16:43:a7:97:fb:2c:45:0c:dd:73:7c:9f:3c:3f:91:
87:b6:1e:76:7f:d4:5d:22:88:52:fe:72:c2:f2:f8:7f:f9:dc:
88:df:23:f9:59:a5:74:01:4b:9f:e0:bb:bb:2c:96:e6:6f:55:
89:cb:fb:30:40:5c:1c:21:a8:1e:d1:f1:b5:eb:95:ba:8b:86:
c4:e4:fc:dc:6b:0e:ea:bf:59:5e:b3:84:df:5c:de:57:56:10:
38:c8:51:88:08:c4:10:bc:c1:a5:c5:3b:28:91:40:e9:4f:ac:
93:af:79:80:30:86:51:ab:9c:19:6d:fe:ce:cf:e8:1b:60:1f:
4b:55:a3:bf:24:55:80:a0:07:40:98:e6:63:34:41:80:00:4d:
f7:65:52:79:d8:13:7d:89:a7:31:45:ed:35:0a:86:d0:cc:bb:
a2:32:24:22:35:6d:58:f8:c2:44:c3:68:29:9d:d9:49:ab:0f:
97:02:bf:36:8e:1a:d9:81:12:59:cd:d2:e7:3b:ce:2b:fd:38:
a7:65:50:8c:60:b0:28:05:a8:19:40:59:3c:25:dc:0e:2e:4f:
34:e8:48:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x4cSEsGKGmCD7PuAdBGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUxMDIwMDQwMTMwWhcNMjUxMDIxMDQwMTMwWjAzMTEwLwYDVQQD
EyhiNGE4ZjkwN2E4MjA5ZmIwNzRkYzNkZTFhM2YxMDQzZGU0MjUxNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW3opxeRnyaboMcInatESjRwObVX
/I86So0djl66nV8zecqVkRoru8LOEITCdoNOl5xo1GTG8pWcUVuCGxyG+NSc1tjv
ujGTZCZI5f1KGa6qebVYLt0HZAmNjTTP/lot5voOMS3FhYEPzTjE7IumWcy3rIRT
yoFZ9H0IHIvYYLBCxjQUw91SNmpHDn6bSF6vnLuMfcfmZ2CVk2OFIwCc+EKwjqHN
fz/NC5p+Tw1E0p30xVVRoXqiU8yRB1uCFOvJ8m76jzCfiV4DzkC/ucB6toOmK33m
WhuHl9EdNhD0Mby5lUKeU78wp6cBt9wKha0LmR+bRBkrD8gkWcdzUETtjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSo+QeoIJ+wdNw94aPxBD3kJRaHMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqpI7za3U
augC0hpm9WtfZa89+0Odf2pa+m9hQIxUEHnz3TrZzLXKFkOnl/ssRQzdc3yfPD+R
h7Yedn/UXSKIUv5ywvL4f/nciN8j+VmldAFLn+C7uyyW5m9Vicv7MEBcHCGoHtHx
teuVuouGxOT83GsO6r9ZXrOE31zeV1YQOMhRiAjEELzBpcU7KJFA6U+sk695gDCG
UaucGW3+zs/oG2AfS1WjvyRVgKAHQJjmYzRBgABN92VSedgTfYmnMUXtNQqG0My7
ojIkIjVtWPjCRMNoKZ3ZSasPlwK/No4a2YESWc3S5zvOK/04p2VQjGCwKAWoGUBZ
PCXcDi5PNOhITQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:47:28 2025 by rpki-client