Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json)
Hash identifier: Cli2x4Cj/OjiFwk2nL6hq7XcJwo0jpQ7zypDoONr9V0=
Subject key identifier: DB:59:7B:B3:D6:7C:6E:5B:5A:7E:EF:59:F7:FA:A5:5F:DA:EE:64:1F
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 0196BDB7582831120D858EC0F399B90BD8A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
Manifest number: 10FA
Signing time: Sun 11 May 2025 05:00:31 +0000
Manifest this update: Sun 11 May 2025 05:00:31 +0000
Manifest next update: Mon 12 May 2025 05:00:31 +0000
Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=)
2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: D/7Hl7uQrcCQVuZzw1IgejEq9nqgLFwydILPK8fE0k8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 05:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:b7:58:28:31:12:0d:85:8e:c0:f3:99:b9:0b:d8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: May 11 05:00:31 2025 GMT
Not After : May 12 05:00:31 2025 GMT
Subject: CN=db597bb3d67c6e5b5a7eef59f7faa55fdaee641f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:5f:df:e4:1d:9f:91:66:7e:20:49:da:c6:
6e:d5:e4:5a:57:1a:e7:a1:b5:18:31:32:78:9f:57:
f4:10:b3:a5:fe:a3:8e:ca:28:6c:d8:d9:c5:6e:8c:
f0:60:c8:67:17:7a:02:23:b5:53:53:b9:48:12:db:
84:f4:dc:a0:e1:00:80:e8:22:39:0e:ea:42:8b:5e:
28:ef:73:23:1c:c7:bc:c2:53:24:dc:39:22:34:01:
65:7d:1e:f4:50:b1:45:f0:37:6f:40:50:cb:45:72:
fa:cc:34:69:0a:43:e1:3d:7c:b4:7d:16:48:6a:55:
c8:dc:e0:57:0b:c5:12:c2:ef:23:86:f7:b6:a5:10:
79:84:d1:c1:42:b2:da:b9:a8:69:e4:8a:a2:f6:db:
3f:66:66:fa:60:b7:84:9f:b6:7a:58:55:8b:ad:41:
b1:a8:5a:79:4a:90:b4:94:e8:b0:f1:bb:5c:be:df:
d3:c0:6b:b3:f0:cb:e2:ba:82:bc:f7:f1:cb:93:64:
c0:93:92:5e:b0:bd:12:27:c9:09:04:24:02:1c:26:
ca:4c:8e:29:6f:11:ce:6d:a8:16:bd:73:fe:a5:6a:
05:4b:87:e0:4c:26:0d:ce:0a:86:00:ff:38:f0:72:
00:94:d3:13:6c:49:30:52:82:de:c3:42:22:62:d1:
8b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:59:7B:B3:D6:7C:6E:5B:5A:7E:EF:59:F7:FA:A5:5F:DA:EE:64:1F
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:d3:f1:3e:e8:60:b9:d2:76:33:ed:18:3e:2d:a0:5e:28:8e:
2d:7e:3e:f2:db:cc:53:3f:70:a7:89:88:41:4b:37:46:43:35:
e3:12:8b:14:c3:97:a5:28:2b:cb:ef:00:cf:47:af:5e:90:d8:
23:b7:e4:44:1f:f7:4b:e6:9e:37:9f:5d:81:f8:80:fd:f5:bb:
f1:1a:ed:6a:ab:3a:49:de:49:77:52:c3:35:6b:89:82:11:2a:
86:42:58:0d:8c:0a:f0:29:e5:34:b7:be:ec:50:21:a7:4c:15:
66:9d:24:96:bb:a0:7b:65:99:b7:01:b9:dc:3e:c5:d5:d2:08:
1d:57:cb:d6:7c:5a:53:b5:68:a2:0c:bc:a2:71:c9:06:fc:5a:
a3:0a:69:c4:84:b3:3a:9f:55:46:f6:c5:6a:e4:4f:7c:f4:9e:
6d:9b:3e:92:3d:81:57:af:15:9d:4e:77:ad:9e:9d:a7:34:9f:
ce:e5:e8:7c:56:fb:41:6d:bd:11:00:e4:ca:bc:69:be:45:c9:
92:07:5d:45:fe:8d:bd:92:77:5b:67:cc:e6:56:74:ce:a2:18:
d3:ba:b9:15:c4:94:a6:ee:be:e6:24:a9:f5:eb:a6:1e:3e:c5:
0a:67:ac:7b:25:85:28:ca:3f:c3:3b:ea:50:61:9c:6d:9b:88:
16:75:7f:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9t1goMRINhY7A85m5C9imMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjUwNTExMDUwMDMxWhcNMjUwNTEyMDUwMDMxWjAzMTEwLwYDVQQD
EyhkYjU5N2JiM2Q2N2M2ZTViNWE3ZWVmNTlmN2ZhYTU1ZmRhZWU2NDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdFf3+Qdn5FmfiBJ2sZu1eRaVxrn
obUYMTJ4n1f0ELOl/qOOyihs2NnFbozwYMhnF3oCI7VTU7lIEtuE9Nyg4QCA6CI5
DupCi14o73MjHMe8wlMk3DkiNAFlfR70ULFF8DdvQFDLRXL6zDRpCkPhPXy0fRZI
alXI3OBXC8USwu8jhve2pRB5hNHBQrLauahp5Iqi9ts/Zmb6YLeEn7Z6WFWLrUGx
qFp5SpC0lOiw8btcvt/TwGuz8MviuoK89/HLk2TAk5JesL0SJ8kJBCQCHCbKTI4p
bxHObagWvXP+pWoFS4fgTCYNzgqGAP848HIAlNMTbEkwUoLew0IiYtGLcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtZe7PWfG5bWn7vWff6pV/a7mQfMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAptPxPuhg
udJ2M+0YPi2gXiiOLX4+8tvMUz9wp4mIQUs3RkM14xKLFMOXpSgry+8Az0evXpDY
I7fkRB/3S+aeN59dgfiA/fW78Rrtaqs6Sd5Jd1LDNWuJghEqhkJYDYwK8CnlNLe+
7FAhp0wVZp0klruge2WZtwG53D7F1dIIHVfL1nxaU7Voogy8onHJBvxaowppxISz
Op9VRvbFauRPfPSebZs+kj2BV68VnU53rZ6dpzSfzuXofFb7QW29EQDkyrxpvkXJ
kgddRf6NvZJ3W2fM5lZ0zqIY07q5FcSUpu6+5iSp9eumHj7FCmeseyWFKMo/wzvq
UGGcbZuIFnV/Dg==
-----END CERTIFICATE-----
Generated at Sun May 11 11:29:57 2025 by rpki-client