Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: iM+n4Phrv5vWhd7KFSX/Yv0bXf0NeETnoxdHc8lJJl0=
Subject key identifier: 96:78:BE:91:35:57:FB:78:CA:1F:18:3F:14:11:27:79:9C:4A:7F:6B
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 019D27E03B377B824328BB9C502A542E26BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 144D
Signing time: Thu 26 Mar 2026 02:01:39 +0000
Manifest this update: Thu 26 Mar 2026 02:01:39 +0000
Manifest next update: Fri 27 Mar 2026 02:01:39 +0000
Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: sjYQcMjasHMaj+49Ki1naUpEgFHW0QUiwsaC/WDB2R8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:e0:3b:37:7b:82:43:28:bb:9c:50:2a:54:2e:26:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Mar 26 02:01:39 2026 GMT
Not After : Mar 27 02:01:39 2026 GMT
Subject: CN=9678be913557fb78ca1f183f141127799c4a7f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b4:fb:9b:54:0a:fa:ed:68:e4:8a:a2:9b:8e:
0f:29:07:01:a1:61:55:52:57:ac:b1:8e:18:22:14:
c2:6b:fe:30:b4:5a:48:96:49:fe:76:e3:04:8b:dc:
e5:b4:de:e4:61:52:29:fd:0f:06:96:3c:d6:ca:e8:
d8:31:a0:28:f6:16:e3:bd:35:26:4f:a6:dd:7a:a7:
24:8e:d7:1d:e0:e3:35:96:44:2b:02:87:de:6d:2a:
24:9a:2e:07:33:23:58:f5:29:71:88:e1:f9:59:8c:
46:11:6d:53:93:7b:1f:d4:c8:45:b5:8b:1a:a9:78:
2d:c8:3b:b4:df:b0:2f:dd:e1:49:9c:e6:6d:81:85:
d2:eb:9d:68:24:07:1b:c0:06:63:ee:4f:c0:05:2a:
ce:56:9b:02:09:f7:7b:4c:21:22:b9:7e:e7:e1:6f:
59:6e:92:8e:c8:83:63:32:92:66:80:40:51:1f:6c:
b0:f0:69:0c:13:98:07:0b:3e:78:44:f0:1a:f7:10:
0d:fb:a8:a1:95:90:12:28:e6:33:4d:8a:48:34:ba:
0a:d7:d5:77:2f:38:cf:bf:45:f5:a0:c1:97:74:92:
f0:5e:c1:ca:2a:c9:a6:07:83:67:a1:89:e5:b9:f6:
db:f5:8f:7c:80:ab:35:a9:6a:e4:33:cc:ba:fb:d4:
3d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:78:BE:91:35:57:FB:78:CA:1F:18:3F:14:11:27:79:9C:4A:7F:6B
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:e2:ff:fc:00:7a:0d:9c:64:bd:f7:2c:28:37:3b:b0:a8:84:
11:1f:3c:31:a8:7f:9f:cd:e6:98:06:32:f8:d6:28:55:ff:9a:
25:08:70:89:82:8e:d6:8d:30:f9:9f:10:18:d7:58:22:8d:ac:
a7:bc:62:5e:0a:1a:e2:27:92:7e:19:f6:b4:6f:2c:ea:ff:61:
d6:e4:d8:f7:11:5e:57:7d:1c:88:20:1b:3b:45:06:fc:9a:68:
5f:28:d8:7d:09:d8:95:b6:df:95:d7:69:74:c3:04:51:fa:0a:
46:8e:57:a3:50:51:25:c9:58:35:d4:2a:63:de:e6:27:c7:ba:
3c:97:71:a5:3d:ce:38:91:66:9e:24:c8:f4:cd:90:1a:e8:09:
9d:04:3f:cd:8e:aa:08:ca:b3:b1:96:47:c5:f5:10:2f:50:fc:
f7:4f:15:45:b3:3f:c3:62:b1:3a:db:cd:c6:df:58:68:0a:ed:
5b:6a:06:bd:5a:94:c6:c4:53:a4:b2:35:e4:13:29:de:7d:19:
fe:7c:94:dc:8d:a0:b2:36:ac:23:85:c8:9e:73:73:28:87:2f:
3d:f2:08:c7:ac:55:0c:26:03:dc:b0:59:14:f8:a8:fd:b5:a2:
80:ed:d5:35:1d:db:b1:9e:8b:c2:ce:2d:6e:ab:1c:f8:65:93:
21:eb:8b:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4Ds3e4JDKLucUCpULia8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjYwMzI2MDIwMTM5WhcNMjYwMzI3MDIwMTM5WjAzMTEwLwYDVQQD
Eyg5Njc4YmU5MTM1NTdmYjc4Y2ExZjE4M2YxNDExMjc3OTljNGE3ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LT7m1QK+u1o5Iqim44PKQcBoWFV
UlessY4YIhTCa/4wtFpIlkn+duMEi9zltN7kYVIp/Q8GljzWyujYMaAo9hbjvTUm
T6bdeqckjtcd4OM1lkQrAofebSokmi4HMyNY9SlxiOH5WYxGEW1Tk3sf1MhFtYsa
qXgtyDu037Av3eFJnOZtgYXS651oJAcbwAZj7k/ABSrOVpsCCfd7TCEiuX7n4W9Z
bpKOyINjMpJmgEBRH2yw8GkME5gHCz54RPAa9xAN+6ihlZASKOYzTYpINLoK19V3
LzjPv0X1oMGXdJLwXsHKKsmmB4NnoYnlufbb9Y98gKs1qWrkM8y6+9Q99wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZ4vpE1V/t4yh8YPxQRJ3mcSn9rMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARuL//AB6
DZxkvfcsKDc7sKiEER88Mah/n83mmAYy+NYoVf+aJQhwiYKO1o0w+Z8QGNdYIo2s
p7xiXgoa4ieSfhn2tG8s6v9h1uTY9xFeV30ciCAbO0UG/JpoXyjYfQnYlbbflddp
dMMEUfoKRo5Xo1BRJclYNdQqY97mJ8e6PJdxpT3OOJFmniTI9M2QGugJnQQ/zY6q
CMqzsZZHxfUQL1D8908VRbM/w2KxOtvNxt9YaArtW2oGvVqUxsRTpLI15BMp3n0Z
/nyU3I2gsjasI4XInnNzKIcvPfIIx6xVDCYD3LBZFPio/bWigO3VNR3bsZ6Lws4t
bqsc+GWTIeuL/Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:10:58 2026 by rpki-client