Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: Wrt1kXw0HM8fqd2QaSknaK6WBQG/qorNAj34eOO4/jY=
Subject key identifier: C2:00:6E:D6:45:3D:6C:99:4C:1E:98:96:F6:5B:82:07:25:11:4F:21
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019E1F113660A300975698C3745A97A24325
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 14CD
Signing time: Wed 13 May 2026 02:01:22 +0000
Manifest this update: Wed 13 May 2026 02:01:22 +0000
Manifest next update: Thu 14 May 2026 02:01:22 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: EurN/eZSOGzIvCIFOcftJXg8WMtTt8Q6dqs31vxykss=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 02:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1f:11:36:60:a3:00:97:56:98:c3:74:5a:97:a2:43:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: May 13 02:01:22 2026 GMT
Not After : May 14 02:01:22 2026 GMT
Subject: CN=c2006ed6453d6c994c1e9896f65b820725114f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:68:51:6c:e6:dd:1a:b2:08:03:d2:71:34:07:
44:50:2d:fd:83:40:bd:2a:cf:73:ef:48:36:b1:fe:
33:6d:4e:55:39:ad:a2:86:f4:59:0d:26:6d:79:22:
2b:bc:27:e9:cd:e9:66:06:e7:af:c2:98:e4:76:97:
ff:a2:5c:fc:3d:cb:97:cf:90:30:5a:43:43:02:bf:
9f:a6:73:b9:95:31:6a:e2:6c:bd:f7:49:bf:0d:13:
d4:0c:15:fc:d0:48:47:53:88:a2:8a:75:ad:9a:63:
57:bc:95:e1:da:24:cb:63:f4:d5:d5:1a:d2:b6:39:
14:c7:ef:81:41:ce:52:ea:1d:3b:5d:bd:fd:12:53:
9a:29:b3:67:4b:cd:c9:f4:a9:9a:f4:82:98:1a:be:
51:93:9b:dd:e9:61:76:5d:8b:6d:80:d3:33:08:82:
62:33:00:8d:86:03:91:28:c4:44:d1:6c:73:92:9f:
8d:46:05:0e:c1:ef:36:e5:98:1c:b3:7e:61:a1:45:
3f:4f:c0:a6:f9:c8:f8:7f:56:9a:f7:a3:34:3f:d8:
6f:a4:8e:34:e2:64:ae:bb:72:fc:fe:fa:60:6f:ba:
06:e8:7b:c5:c8:98:7e:58:31:0e:bd:4b:81:16:8b:
8d:ad:fa:f4:ac:58:5e:c9:88:be:ce:c8:29:42:66:
f8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:00:6E:D6:45:3D:6C:99:4C:1E:98:96:F6:5B:82:07:25:11:4F:21
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:d7:9d:12:5a:80:43:73:e0:18:5e:1c:50:12:88:29:39:f1:
d7:ec:1f:0a:c7:7a:35:ed:4e:4e:1c:3e:fc:57:f2:a4:bc:a3:
94:6a:04:c0:ac:8c:f8:61:d8:fb:62:bf:b4:a7:c4:69:e0:b6:
97:f1:e7:69:1c:a4:87:60:78:bf:bb:d3:79:8a:e2:d2:9a:39:
2a:e9:4d:17:e0:7e:e0:ce:5d:4e:e0:22:be:0c:a1:4f:7d:82:
78:33:f6:5a:16:78:f1:35:31:94:a3:51:e7:94:22:90:67:4e:
ea:fb:32:f3:59:0a:22:9d:cb:1e:81:f5:a2:14:3c:e9:b8:7d:
9b:b4:2d:a1:14:a7:25:b6:21:ee:95:ce:1d:20:a8:56:a8:88:
89:ed:b9:97:39:96:f6:a1:9e:ec:a7:f4:07:8e:ce:cb:4c:1d:
82:be:a2:7e:58:f6:4e:9b:05:70:64:9e:b7:9c:c7:b8:86:10:
85:c0:39:ab:ca:24:df:83:b0:21:f1:45:92:5d:fa:18:b4:84:
a0:55:57:9b:68:f7:8b:2a:6c:30:83:b1:4a:8a:2c:50:28:3b:
81:a1:a9:92:85:28:34:ec:85:ea:8d:47:29:a1:e2:f6:db:8b:
db:3a:cf:b1:bd:16:a2:70:1d:71:23:72:de:b7:a5:b8:eb:72:
24:4b:e3:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fETZgowCXVpjDdFqXokMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwNTEzMDIwMTIyWhcNMjYwNTE0MDIwMTIyWjAzMTEwLwYDVQQD
EyhjMjAwNmVkNjQ1M2Q2Yzk5NGMxZTk4OTZmNjViODIwNzI1MTE0ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2hRbObdGrIIA9JxNAdEUC39g0C9
Ks9z70g2sf4zbU5VOa2ihvRZDSZteSIrvCfpzelmBuevwpjkdpf/olz8PcuXz5Aw
WkNDAr+fpnO5lTFq4my990m/DRPUDBX80EhHU4iiinWtmmNXvJXh2iTLY/TV1RrS
tjkUx++BQc5S6h07Xb39ElOaKbNnS83J9Kma9IKYGr5Rk5vd6WF2XYttgNMzCIJi
MwCNhgORKMRE0Wxzkp+NRgUOwe825Zgcs35hoUU/T8Cm+cj4f1aa96M0P9hvpI40
4mSuu3L8/vpgb7oG6HvFyJh+WDEOvUuBFouNrfr0rFheyYi+zsgpQmb4CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIAbtZFPWyZTB6YlvZbggclEU8hMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9edElqA
Q3PgGF4cUBKIKTnx1+wfCsd6Ne1OThw+/FfypLyjlGoEwKyM+GHY+2K/tKfEaeC2
l/HnaRykh2B4v7vTeYri0po5KulNF+B+4M5dTuAivgyhT32CeDP2WhZ48TUxlKNR
55QikGdO6vsy81kKIp3LHoH1ohQ86bh9m7QtoRSnJbYh7pXOHSCoVqiIie25lzmW
9qGe7Kf0B47Oy0wdgr6iflj2TpsFcGSet5zHuIYQhcA5q8ok34OwIfFFkl36GLSE
oFVXm2j3iypsMIOxSoosUCg7gaGpkoUoNOyF6o1HKaHi9tuL2zrPsb0WonAdcSNy
3reluOtyJEvjBw==
-----END CERTIFICATE-----
Generated at Wed May 13 09:42:40 2026 by rpki-client