Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: 58NFMtVI0AliVq9QIuNeSuts628jucT4xMfzl4aQICs=
Subject key identifier: BE:48:41:10:B4:87:FD:D1:4F:11:B4:26:28:20:06:12:52:82:93:E5
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 0197B8C629CFA8CCB94D056024A2DD7D9E5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 117C
Signing time: Sat 28 Jun 2025 23:01:23 +0000
Manifest this update: Sat 28 Jun 2025 23:01:23 +0000
Manifest next update: Sun 29 Jun 2025 23:01:23 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: fmVAXTERowO0gtk+gqygRRAcycYpy3yq67h0keNRhPE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:c6:29:cf:a8:cc:b9:4d:05:60:24:a2:dd:7d:9e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Jun 28 23:01:23 2025 GMT
Not After : Jun 29 23:01:23 2025 GMT
Subject: CN=be484110b487fdd14f11b42628200612528293e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:29:16:35:82:18:67:dd:b5:10:04:f1:3c:2c:
4e:45:a6:a8:6b:df:e6:cc:90:c2:0f:6c:86:b7:6a:
52:0f:f0:36:b7:8c:1d:a1:f2:dd:1e:61:ec:4a:33:
99:7a:b3:fb:51:cb:5d:de:6a:44:f6:c3:da:d2:e3:
1d:f4:9e:c1:87:47:54:10:70:06:50:94:4d:af:82:
ed:31:f6:b1:97:a7:56:96:81:5b:73:58:4f:e1:fa:
7f:9d:1a:aa:a1:c5:a6:a4:df:8b:41:5c:08:82:bc:
bd:cc:a8:df:6b:6e:fe:1f:92:52:ea:17:1c:85:d2:
d7:27:75:bc:cc:a3:af:78:82:de:7a:48:ff:06:d8:
59:0e:ca:5e:25:c6:60:49:be:24:33:94:a4:79:7d:
a2:0c:86:66:b8:9c:e8:a3:58:2a:ce:41:c0:6b:06:
58:5f:18:fd:1b:a0:2a:8b:99:20:2e:63:2d:8d:fa:
4d:d0:73:4f:0f:1c:74:d4:c4:54:65:e3:a0:9d:33:
02:81:20:81:8d:01:da:2a:ea:7b:90:11:70:a1:02:
25:a7:3a:ff:8e:2c:11:b5:ff:2c:fb:dc:32:71:65:
d1:49:55:fc:f7:32:34:39:46:f0:29:13:9c:f9:36:
23:c7:03:1b:da:c1:c0:04:e2:e9:f2:84:96:c3:b2:
98:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:48:41:10:B4:87:FD:D1:4F:11:B4:26:28:20:06:12:52:82:93:E5
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:06:41:6b:a7:0a:87:f5:20:f8:30:27:aa:b6:46:63:68:38:
6c:2e:dd:c8:ec:eb:20:5f:c4:96:57:7b:1d:45:77:d3:9c:e8:
c6:66:af:22:b7:d6:cf:f1:cc:6e:13:ef:f4:d4:28:90:3c:4c:
1b:41:86:32:9b:6b:9f:4a:ed:92:c9:17:2a:5a:a5:45:47:c3:
63:32:9c:0b:12:b0:fb:2d:96:74:11:0d:57:58:16:fe:1d:fc:
88:14:d7:a4:4c:a7:02:3c:25:6a:fc:70:44:54:25:c7:1b:43:
5f:14:82:a2:37:c4:0c:e2:39:e3:9d:17:29:7c:9d:88:3e:68:
17:04:79:45:e2:ba:00:d4:e3:a5:e5:24:ff:ea:87:96:8f:8b:
d3:88:34:0c:ea:2d:df:43:a1:f3:2f:aa:1f:53:86:9e:80:b9:
64:35:7c:a0:5e:0f:f8:1d:18:41:35:db:41:a0:3e:88:d8:88:
a0:43:4d:7b:77:1b:19:05:62:83:25:88:62:da:85:a3:cd:c9:
cb:fe:0e:32:fb:0b:86:10:a2:90:1b:6f:9a:7f:46:9c:85:4a:
7e:2b:c6:ed:9e:30:f3:47:4d:9e:20:94:26:62:ac:19:29:50:
8d:cb:79:c5:fd:64:06:09:b7:ba:4d:a7:67:d1:4b:13:4d:a1:
f5:8a:58:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4xinPqMy5TQVgJKLdfZ5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUwNjI4MjMwMTIzWhcNMjUwNjI5MjMwMTIzWjAzMTEwLwYDVQQD
EyhiZTQ4NDExMGI0ODdmZGQxNGYxMWI0MjYyODIwMDYxMjUyODI5M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSkWNYIYZ921EATxPCxORaaoa9/m
zJDCD2yGt2pSD/A2t4wdofLdHmHsSjOZerP7Uctd3mpE9sPa0uMd9J7Bh0dUEHAG
UJRNr4LtMfaxl6dWloFbc1hP4fp/nRqqocWmpN+LQVwIgry9zKjfa27+H5JS6hcc
hdLXJ3W8zKOveILeekj/BthZDspeJcZgSb4kM5SkeX2iDIZmuJzoo1gqzkHAawZY
Xxj9G6Aqi5kgLmMtjfpN0HNPDxx01MRUZeOgnTMCgSCBjQHaKup7kBFwoQIlpzr/
jiwRtf8s+9wycWXRSVX89zI0OUbwKROc+TYjxwMb2sHABOLp8oSWw7KY3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5IQRC0h/3RTxG0JiggBhJSgpPlMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxgZBa6cK
h/Ug+DAnqrZGY2g4bC7dyOzrIF/Elld7HUV305zoxmavIrfWz/HMbhPv9NQokDxM
G0GGMptrn0rtkskXKlqlRUfDYzKcCxKw+y2WdBENV1gW/h38iBTXpEynAjwlavxw
RFQlxxtDXxSCojfEDOI5450XKXydiD5oFwR5ReK6ANTjpeUk/+qHlo+L04g0DOot
30Oh8y+qH1OGnoC5ZDV8oF4P+B0YQTXbQaA+iNiIoENNe3cbGQVigyWIYtqFo83J
y/4OMvsLhhCikBtvmn9GnIVKfivG7Z4w80dNniCUJmKsGSlQjct5xf1kBgm3uk2n
Z9FLE02h9YpYHA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:34:01 2025 by rpki-client