$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft File: 520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json) Hash identifier: 2/GI4GL/uulS0QNEDRIwyOBfIjXBDhTb6qvDzezuZm4= Subject key identifier: 76:50:87:88:B6:B0:AB:94:CC:D7:61:F5:F4:A8:7A:FD:67:06:E2:42 Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Certificate serial: 01973C1A73441E780B320828DDF00AED5533 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft Manifest number: 1061 Signing time: Wed 04 Jun 2025 18:00:55 +0000 Manifest this update: Wed 04 Jun 2025 18:00:55 +0000 Manifest next update: Thu 05 Jun 2025 18:00:55 +0000 Files and hashes: 1: 1-i_ESwYWDKjvxe-cLQFb33q5Qu0.roa (hash: MWN71QN/v297mIABIQi0BIqexEx6vQv3LxWHulQ1lh0=) 2: 3uMGCa1hGu4z3o3-_G7z4ipL-iU.roa (hash: W9UTR4UDUFmqfh0USMFmsobpW7zQlT5fd2b07I+b238=) 3: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: pVRd1qVEHaVYGlFsRwk/Rjm0BPGlJ89WDvDSkgxOZi4=) 4: 53Cd6ksm6jJ9RlO5imUtuWj1rJA.roa (hash: cQll3lCbJxJtoxzsBZdQMm8ZJ1gmBBCp3yO2flYfKKU=) 5: 5aybWk2Ky5dF88Dl5BHsEFM1SO0.roa (hash: H+JwBN0SZWGViTYdzpWvA1lltG+ihuV8ot5mKPyc2Ag=) 6: D51k8Yufzem8ogKjVaG-BE3-N9Q.roa (hash: LfZnqpQQPapIc1GbVrcmd90U2aDXCgwED1y7JLo14nI=) 7: EEzCfGegHPEpdqTqvMRMlcFre1Y.roa (hash: uwoju1vAFdOs3H0Q+w/qT7aEQBJpMP98DiaXonyIQ9M=) 8: EQAhdlSS1FIFJlau-mazb3tbQD8.roa (hash: EYIWh35VYrIjFevk0wSjam09x/CTgAsspbJddnJMeDU=) 9: PLzlfTmqAL1rzlLN1TFrpHpYMVU.roa (hash: INujx6I3LZF9XIVr4zE9W5J6NHU6IlkfUKgf+j8aJrU=) 10: QCPaGZ8bi2Da50RQ4k8ya1w0dq4.roa (hash: UeTuehE3XWxqnHJAwNv7xL7hPz4xW2vyEJKj+BsbTow=) 11: aAu5S5IbLCTcHF2sjNSq_YvIkRs.roa (hash: Ofs8Vq4O2KmWTmDnq5aKJmZojKw/IVecQ8WTuC45ixk=) 12: fjY_g_wwgFPVt57q0tJYGzzoSDw.roa (hash: qq4Ldl54/taiWut/8vwq9PH71gezdeLMf1VMPmsHUe8=) 13: pw1_qD5J6o76enPdGNTr_4Viub8.roa (hash: L6pLEncIISYEMGBKzu7DbyUXVYEOgT4kfh4modTEATA=) 14: qigZWtFurHaD054OcaOqq49am_w.roa (hash: Sa19eTl0ldE9k7oxfeYcou5g3EZnF3X8bF0Hbur3zdE=) 15: tKmEC4MB5hqVQbFF_5qlwwlDujU.roa (hash: DWWPvUtVR9Z8569/gJySYMoNxwD1GjHbMP8gxFtXEzs=) 16: tRNXUlx68rKP9UOE-hhExB1kws8.roa (hash: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=) 17: ve2cUb4I36o88cUncaHeOHK5tGk.roa (hash: 6gTupRG97QR/JQvN8ay2tdbOI4Q3EMkpnACGQxjxniI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 05 Jun 2025 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:97:3c:1a:73:44:1e:78:0b:32:08:28:dd:f0:0a:ed:55:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Validity Not Before: Jun 4 18:00:55 2025 GMT Not After : Jun 5 18:00:55 2025 GMT Subject: CN=76508788b6b0ab94ccd761f5f4a87afd6706e242 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:b8:13:9a:cc:96:24:76:8f:76:a1:4c:a7:af: 08:fa:a9:d8:e9:26:05:1e:8d:10:4d:ff:12:fa:44: 01:95:16:a3:ac:c8:43:24:cb:4f:07:42:4e:f2:c1: 1b:9f:e9:06:85:c6:9f:c5:13:40:95:11:7c:fe:fd: 74:6f:75:54:b2:04:d1:0e:1c:38:a2:d5:8c:94:87: f2:76:0c:06:3b:d5:53:d7:e6:f1:64:dd:36:2f:c5: 8a:b8:dd:d8:f1:ca:f0:ca:88:1b:a5:7d:78:da:a4: 24:97:3b:cb:80:56:c3:a9:46:d8:4b:b7:86:cb:51: df:5c:ee:3d:a1:c7:68:31:27:58:4d:d2:a4:a8:bb: 06:ba:52:51:03:11:29:3b:79:11:34:df:0e:cf:47: d5:18:ea:7b:f4:ef:8b:fe:94:91:af:25:1d:84:19: 2b:65:19:5e:78:df:fd:aa:11:47:11:4f:af:c4:d0: f9:d6:ed:fd:da:f6:cd:ea:9b:ea:11:27:88:65:b9: 2e:01:45:32:d8:b9:62:17:27:82:b9:3c:7b:18:8d: d7:39:f2:2a:49:2f:73:7d:92:4e:3f:6e:0f:37:34: e7:b8:56:02:ec:4b:e2:48:a6:63:90:77:af:de:b6: ae:c5:a3:34:5f:76:7a:da:06:16:ed:02:12:e1:2d: b6:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:50:87:88:B6:B0:AB:94:CC:D7:61:F5:F4:A8:7A:FD:67:06:E2:42 X509v3 Authority Key Identifier: keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:9c:7d:bf:a7:f0:01:97:bd:92:c9:c4:92:c5:4c:a7:28:da: f4:3e:c3:b6:1a:ae:1f:7e:53:85:16:71:99:50:40:c9:cd:5f: 79:cb:ad:63:53:d1:0c:9c:bd:cf:92:b1:f2:27:dc:b7:e7:6e: c4:7e:93:7a:e2:1f:8f:f8:c3:c1:8b:95:26:e1:cb:65:0f:26: 41:81:2d:70:c4:a9:5e:94:cf:3a:10:6f:cb:7f:43:75:a8:36: 8b:6a:97:bd:96:7a:72:21:a7:4e:3f:38:90:3d:9a:43:b6:a5: 91:e2:9b:1a:56:e9:ed:91:ed:0b:e8:4d:e3:63:42:95:57:ae: 4f:2d:00:31:0c:54:67:1b:48:d9:25:e9:5d:2e:36:57:5d:bc: 20:bc:24:84:67:d2:c8:bf:1f:d3:02:fc:df:3d:82:09:ac:2b: e9:94:7d:d9:69:fa:f6:5d:e0:67:70:2f:3c:96:0f:80:93:71: e5:cc:18:96:27:b0:af:cd:de:97:f7:52:37:a6:d1:eb:23:23: d5:47:5c:45:94:da:d0:6a:39:24:0a:e4:af:b2:42:81:31:3e: 3a:5d:ca:a5:c3:ca:e9:b7:8c:41:41:08:29:04:86:ff:d2:22: f8:4f:6a:98:31:c3:8f:97:bd:b9:ef:1e:f8:75:46:8e:ba:aa: 1c:3f:20:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZc8GnNEHngLMggo3fAK7VUzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx OGM5YmMwHhcNMjUwNjA0MTgwMDU1WhcNMjUwNjA1MTgwMDU1WjAzMTEwLwYDVQQD Eyg3NjUwODc4OGI2YjBhYjk0Y2NkNzYxZjVmNGE4N2FmZDY3MDZlMjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rgTmsyWJHaPdqFMp68I+qnY6SYF Ho0QTf8S+kQBlRajrMhDJMtPB0JO8sEbn+kGhcafxRNAlRF8/v10b3VUsgTRDhw4 otWMlIfydgwGO9VT1+bxZN02L8WKuN3Y8crwyogbpX142qQklzvLgFbDqUbYS7eG y1HfXO49ocdoMSdYTdKkqLsGulJRAxEpO3kRNN8Oz0fVGOp79O+L/pSRryUdhBkr ZRleeN/9qhFHEU+vxND51u392vbN6pvqESeIZbkuAUUy2LliFyeCuTx7GI3XOfIq SS9zfZJOP24PNzTnuFYC7EviSKZjkHev3rauxaM0X3Z62gYW7QIS4S22KwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHZQh4i2sKuUzNdh9fSoev1nBuJCMB8GA1UdIwQY MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5 LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnZx9v6fw AZe9ksnEksVMpyja9D7DthquH35ThRZxmVBAyc1fecutY1PRDJy9z5Kx8ifct+du xH6TeuIfj/jDwYuVJuHLZQ8mQYEtcMSpXpTPOhBvy39Ddag2i2qXvZZ6ciGnTj84 kD2aQ7alkeKbGlbp7ZHtC+hN42NClVeuTy0AMQxUZxtI2SXpXS42V128ILwkhGfS yL8f0wL83z2CCawr6ZR92Wn69l3gZ3AvPJYPgJNx5cwYliewr83el/dSN6bR6yMj 1UdcRZTa0Go5JArkr7JCgTE+Ol3KpcPK6beMQUEIKQSG/9Ii+E9qmDHDj5e9ue8e +HVGjrqqHD8gjQ== -----END CERTIFICATE-----Generated at Wed Jun 4 22:47:44 2025 by rpki-client