Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: Pn4v+ijlcUbUiK5thpwWx7yKrtTrQCRH1htWSejReEM=
Subject key identifier: 8F:74:A7:77:58:E2:BB:B1:69:6F:87:CE:42:FF:37:51:80:EB:76:03
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 0198D69839F0543118DCA477F4D66134F417
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 1210
Signing time: Sat 23 Aug 2025 11:02:37 +0000
Manifest this update: Sat 23 Aug 2025 11:02:37 +0000
Manifest next update: Sun 24 Aug 2025 11:02:37 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: k+xISerfw0Oo2YxZF0NfYnPdt5vRJJzOq7jnx95D6s0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:98:39:f0:54:31:18:dc:a4:77:f4:d6:61:34:f4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Aug 23 11:02:37 2025 GMT
Not After : Aug 24 11:02:37 2025 GMT
Subject: CN=8f74a77758e2bbb1696f87ce42ff375180eb7603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:15:40:ed:5f:66:7a:8c:71:2a:c8:31:c8:7e:
13:c4:09:b0:a3:d8:80:94:7d:c6:0f:dd:6b:a1:64:
f9:b3:f0:bc:41:08:a3:e7:a3:9d:57:7b:da:d6:c4:
67:56:ee:0f:ff:e5:72:a8:2b:b5:00:63:62:f7:ba:
c3:9e:77:3e:9e:34:16:26:0d:7d:9d:5f:69:76:8a:
80:3f:4a:be:d8:e7:4b:f3:4f:f0:1c:87:51:7f:55:
8b:8e:20:e8:38:08:bc:95:6b:f9:15:4c:be:8c:d6:
c6:6e:30:b2:48:ba:49:6e:2a:a8:25:58:84:0f:2c:
14:05:5b:54:fe:fb:44:da:a2:c6:58:3d:bd:f5:54:
65:fd:90:9f:91:4f:6b:29:53:04:07:68:19:a7:21:
a1:d6:6c:35:c8:a7:09:7b:0a:27:60:5a:cc:e4:19:
27:79:8a:71:5d:e2:56:20:70:5e:51:6f:d6:11:fd:
91:c2:fd:4b:2d:1d:06:06:6b:c9:8c:0e:1d:45:1f:
47:bc:88:d8:fd:85:20:05:69:cb:b4:af:cc:64:e5:
48:a0:b3:1e:f9:92:25:9a:b2:13:d7:32:92:db:81:
95:e2:79:5b:ac:8a:3a:1a:05:e0:bf:91:a9:23:be:
0e:d5:df:62:7d:d8:55:2b:c8:4e:72:64:d0:34:1e:
5b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:74:A7:77:58:E2:BB:B1:69:6F:87:CE:42:FF:37:51:80:EB:76:03
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:1c:9d:86:28:62:7c:4e:24:1a:ea:99:ad:f3:19:eb:c5:f1:
b9:bd:05:d7:26:33:82:50:9b:1c:f9:4a:e8:b6:6b:2e:72:38:
dc:08:ec:9b:08:bc:00:2e:06:76:7c:0f:28:f1:95:fa:af:54:
9b:66:31:8c:7d:ba:84:6f:c1:c0:92:68:a2:7b:d6:88:f9:e6:
ee:9a:08:ba:6c:60:5d:5e:92:c0:71:37:7a:bf:7c:61:6e:f7:
39:f0:de:08:08:69:50:d4:4b:ca:ef:ef:2b:3a:26:39:82:3c:
36:cc:75:eb:a8:8c:ef:f8:ae:b5:ad:63:b7:80:98:7a:ce:88:
e1:3e:b7:b2:b8:8c:3b:c1:86:bf:a8:f6:b5:45:4b:32:8f:ba:
67:04:00:65:4e:89:da:e1:c0:9e:48:39:5a:ff:78:21:8b:25:
22:11:88:ab:c7:dd:48:3d:36:95:a9:c2:59:49:c9:44:3d:90:
99:a4:39:75:a2:3b:d5:17:a5:f5:c1:66:65:53:c9:25:f8:4a:
51:ed:bb:a7:55:94:80:8b:6a:0e:96:4a:f0:50:82:70:13:5c:
68:2e:0b:03:d6:6d:50:bb:a0:27:ae:0c:26:cd:29:b4:97:b4:
bd:59:b6:b2:fe:1d:8f:06:f0:c8:50:c3:94:71:56:55:cf:12:
e7:d1:08:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmDnwVDEY3KR39NZhNPQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUwODIzMTEwMjM3WhcNMjUwODI0MTEwMjM3WjAzMTEwLwYDVQQD
Eyg4Zjc0YTc3NzU4ZTJiYmIxNjk2Zjg3Y2U0MmZmMzc1MTgwZWI3NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BVA7V9meoxxKsgxyH4TxAmwo9iA
lH3GD91roWT5s/C8QQij56OdV3va1sRnVu4P/+VyqCu1AGNi97rDnnc+njQWJg19
nV9pdoqAP0q+2OdL80/wHIdRf1WLjiDoOAi8lWv5FUy+jNbGbjCySLpJbiqoJViE
DywUBVtU/vtE2qLGWD299VRl/ZCfkU9rKVMEB2gZpyGh1mw1yKcJewonYFrM5Bkn
eYpxXeJWIHBeUW/WEf2Rwv1LLR0GBmvJjA4dRR9HvIjY/YUgBWnLtK/MZOVIoLMe
+ZIlmrIT1zKS24GV4nlbrIo6GgXgv5GpI74O1d9ifdhVK8hOcmTQNB5bJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI90p3dY4ruxaW+HzkL/N1GA63YDMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAthydhihi
fE4kGuqZrfMZ68Xxub0F1yYzglCbHPlK6LZrLnI43Ajsmwi8AC4GdnwPKPGV+q9U
m2YxjH26hG/BwJJoonvWiPnm7poIumxgXV6SwHE3er98YW73OfDeCAhpUNRLyu/v
KzomOYI8Nsx166iM7/iuta1jt4CYes6I4T63sriMO8GGv6j2tUVLMo+6ZwQAZU6J
2uHAnkg5Wv94IYslIhGIq8fdSD02lanCWUnJRD2QmaQ5daI71Rel9cFmZVPJJfhK
Ue27p1WUgItqDpZK8FCCcBNcaC4LA9ZtULugJ64MJs0ptJe0vVm2sv4djwbwyFDD
lHFWVc8S59EIkQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:49:36 2025 by rpki-client