$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft File: IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft (raw, json) Hash identifier: FzxnBVgKdPiaJhcn5b3zktJQxZL9qiwuxFF34xgjwCw= Subject key identifier: 1D:5C:F9:80:8E:B8:70:8D:C4:C1:DC:84:7D:73:34:53:7D:E3:20:B0 Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Certificate serial: 019A24AED0A8976522134B34CCF4F71AD8DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft Manifest number: 1701 Signing time: Mon 27 Oct 2025 08:00:27 +0000 Manifest this update: Mon 27 Oct 2025 08:00:27 +0000 Manifest next update: Tue 28 Oct 2025 08:00:27 +0000 Files and hashes: 1: 5AXDwMNDZZJ0p2E5YCI5vVZD8a4.roa (hash: FFW/pHdY/n3mzgFNkaOSLkOhdoLgzZsHvl8kfEiEWu8=) 2: IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl (hash: VUtMZdpzC4+VAlHoKDFR7XHPuEehcca0aNkxbYS+L3A=) 3: J0xQ_1w-gFpYF0LKQsYsfk-VGSQ.roa (hash: BG3PKtX8/a+ywGlKRJT/ICLStEzmSbRCf01OUsYWJWQ=) 4: JqGjYzJUHlyPRNKT7Gdae1GdJUA.roa (hash: /ZlOeq2y9fIyqYcQI5TRRc+qHPMMjEQDsJbQfMP47Os=) 5: KP1-R8Ozo5sN8i5g7eaE07K0eTQ.roa (hash: mLvAtndHxWdPvRVZIiOq/nwf/VdytfBFv0z3meNar9k=) 6: Qx2_RHRctf32pDo6Ld_wrMI7fd8.roa (hash: hDrMyW+0exQk+cf4mu6FMV+aN0cWstWHfqosAD9dRy0=) 7: Rlb2tOHsLeLyjP1RSURryd9jvec.roa (hash: jecxIoKlBvw6gWyoJ8u8/wuvD6cFE1AGV7OziEZZTXs=) 8: W08HMn4p6kVqze5MDixmPqgVV3Q.roa (hash: jlOVPZJCuEAwn3iEzzJNLFkpo/PRQpHf+dW9CA2qsug=) 9: ZaM9jNyw62egtMMXYnGxszrNY3k.roa (hash: IjXCT+wQnlaMHMU5neUWgppwJ+IMB7wimw7ZMxVicdg=) 10: _zKodDelYzkycuOaCvmIVNehVaU.roa (hash: 06Jd/JDGW6Xe4+7xG76Qs6GUdZwHdMuLomnrIM9Qkbg=) 11: cf3WHfeWDYu7TWnELnXzycteCaY.roa (hash: TcxuwVKWwTiShtI0Unrv/gZ/YwHGK8T1H3ocBzBxMZk=) 12: fuo8dYdaswIRyEIz4oPsApWqGJc.roa (hash: TgHuzsK6LNwJZxHjJiXaEYIfR/pJeI5Px7YOwniHSmE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Oct 2025 08:00:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:24:ae:d0:a8:97:65:22:13:4b:34:cc:f4:f7:1a:d8:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Validity Not Before: Oct 27 08:00:27 2025 GMT Not After : Oct 28 08:00:27 2025 GMT Subject: CN=1d5cf9808eb8708dc4c1dc847d7334537de320b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:f0:22:62:e5:e1:b2:bf:5d:86:31:4a:e3:96: 44:80:f2:36:b1:4b:72:5d:7f:41:9b:96:f6:9c:72: 7d:a1:4a:be:5b:f3:c8:50:c4:72:7a:5e:95:b7:a0: 4f:bf:b6:df:4d:8a:0c:09:52:07:c8:48:0c:68:57: 74:08:13:dd:4a:71:59:3b:e6:d7:6f:b2:d1:3b:12: b7:64:a8:c9:99:09:41:2b:dd:95:59:c3:85:ef:f5: 42:1d:82:d3:9e:5c:e4:32:8b:fc:ac:97:c1:2d:60: bc:55:6e:a4:66:f7:37:0a:f9:9b:15:c3:a3:a1:ec: 49:3e:79:74:ce:24:39:b8:47:6c:1f:f2:9b:34:e5: ed:1c:f9:8b:64:81:dc:c7:46:53:f3:18:f9:5f:ea: a1:92:c2:58:a3:52:d3:ae:0f:c2:aa:ec:e4:04:e2: b4:08:f7:59:cc:23:26:f7:73:47:2d:1e:a8:cc:89: 54:cc:fd:82:c9:97:4d:ad:cd:f4:0e:26:21:2a:6d: c1:2c:fd:db:53:f9:f0:5a:a3:ee:39:8f:42:92:70: b5:93:9d:b7:34:94:64:a5:45:6d:35:86:94:3f:dd: 9a:38:ee:a8:5f:c2:d0:7c:7b:c5:a4:8a:01:b1:18: 13:f8:ba:5a:84:e5:d7:79:59:70:4d:7e:f4:9a:52: 1e:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:5C:F9:80:8E:B8:70:8D:C4:C1:DC:84:7D:73:34:53:7D:E3:20:B0 X509v3 Authority Key Identifier: keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:cf:5e:cf:81:00:4e:09:b5:7a:e1:4f:7c:3f:17:a6:5f:e6: b6:24:5a:8c:02:d5:05:28:3a:66:8b:b2:2d:7a:03:11:2a:6e: 77:82:e7:7f:48:c6:76:1c:8c:a2:3e:d2:94:f4:3d:ec:ce:bc: d5:c7:b2:1b:31:79:2e:c9:06:74:fe:d7:0f:7f:98:f4:57:8e: a4:b2:f4:e7:38:58:5a:19:d9:ee:5e:d1:fc:b5:31:d4:a9:66: 27:89:b9:da:c8:cd:94:c0:b7:94:19:72:23:cc:e7:e1:76:cc: ad:62:07:d4:95:f1:77:2f:96:45:f5:dd:9d:e8:24:aa:b1:36: 60:6b:bf:2c:f2:e2:a4:2a:c2:33:f5:3a:68:05:29:f3:05:88: 7e:ea:59:57:79:18:d2:4f:dd:81:e0:02:36:0c:d8:4b:fc:18: 6e:37:b5:34:e1:69:d6:ad:49:18:83:a1:98:f5:50:71:70:89: 1c:d0:ad:3f:3b:b9:e9:da:1f:4f:a6:eb:70:3d:5f:55:88:38: 6e:ab:4d:ad:b0:7a:72:c4:66:17:2c:e1:7a:cd:47:8d:45:d4: b9:15:c6:87:18:5c:b9:ba:e9:9f:cf:8a:e9:6b:c2:79:54:5d: 87:10:87:be:e7:c4:ad:7b:bc:df:76:31:d4:63:69:88:4f:1d: fa:51:52:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZokrtCol2UiE0s0zPT3GtjcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj ZmQwNjIwHhcNMjUxMDI3MDgwMDI3WhcNMjUxMDI4MDgwMDI3WjAzMTEwLwYDVQQD EygxZDVjZjk4MDhlYjg3MDhkYzRjMWRjODQ3ZDczMzQ1MzdkZTMyMGIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8/AiYuXhsr9dhjFK45ZEgPI2sUty XX9Bm5b2nHJ9oUq+W/PIUMRyel6Vt6BPv7bfTYoMCVIHyEgMaFd0CBPdSnFZO+bX b7LROxK3ZKjJmQlBK92VWcOF7/VCHYLTnlzkMov8rJfBLWC8VW6kZvc3CvmbFcOj oexJPnl0ziQ5uEdsH/KbNOXtHPmLZIHcx0ZT8xj5X+qhksJYo1LTrg/CquzkBOK0 CPdZzCMm93NHLR6ozIlUzP2CyZdNrc30DiYhKm3BLP3bU/nwWqPuOY9CknC1k523 NJRkpUVtNYaUP92aOO6oX8LQfHvFpIoBsRgT+LpahOXXeVlwTX70mlIepQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB1c+YCOuHCNxMHchH1zNFN94yCwMB8GA1UdIwQY MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt NjU0ZGQ2NDQyY2U0LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0 LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZs9ez4EA Tgm1euFPfD8Xpl/mtiRajALVBSg6ZouyLXoDESpud4Lnf0jGdhyMoj7SlPQ97M68 1ceyGzF5LskGdP7XD3+Y9FeOpLL05zhYWhnZ7l7R/LUx1KlmJ4m52sjNlMC3lBly I8zn4XbMrWIH1JXxdy+WRfXdnegkqrE2YGu/LPLipCrCM/U6aAUp8wWIfupZV3kY 0k/dgeACNgzYS/wYbje1NOFp1q1JGIOhmPVQcXCJHNCtPzu56dofT6brcD1fVYg4 bqtNrbB6csRmFyzhes1HjUXUuRXGhxhcubrpn8+K6WvCeVRdhxCHvufErXu833Yx 1GNpiE8d+lFSqQ== -----END CERTIFICATE-----Generated at Mon Oct 27 12:12:35 2025 by rpki-client