$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft File: AOT2p3Not87P5nIgtDZXax4Aiuw.mft (raw, json) Hash identifier: gDUJ9T1DV7wR08DF1m+JWecvVDxikBcBLE4eKCi0/Xc= Subject key identifier: 13:53:25:5E:56:C8:BF:96:E4:51:1D:E8:6B:A0:D8:03:C7:F7:AD:D7 Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec Certificate serial: 019A4EBD55BA97FA8A7EFA2BC0A8F35D7C55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft Manifest number: 1809 Signing time: Tue 04 Nov 2025 12:00:22 +0000 Manifest this update: Tue 04 Nov 2025 12:00:22 +0000 Manifest next update: Wed 05 Nov 2025 12:00:22 +0000 Files and hashes: 1: AOT2p3Not87P5nIgtDZXax4Aiuw.crl (hash: 5kB4hMyaJBgs/uJro6aK8jy5uLM1++E/N2nhlI66lyE=) 2: BY6vuao8dzcdWvFAFv0TrK8gbcs.roa (hash: ZDN7wXgq4/TF65FlyVO+h6CqqGxfq850Jit0suO59Nc=) 3: Gy4BQkIL8-jo1JkeIH41QUjBDjM.roa (hash: GpUKXk0u0UsVOL/OxmPGoTdxb+oJOueuidELp/hZqyI=) 4: Svvhgo8X1drpMq_QokkBFa4W80w.roa (hash: eEM6GVW64ZPHTJr6mZ27nOJM8iax+cOishqtH69OQFE=) 5: USyW0O_6fcBP2bF0PoHV0RL6-Y8.roa (hash: rYcvR45gztdgTjrFLAUTrj+3T6dDm1wWFyZUivL/lkQ=) 6: UqESFWwPTzjbApEAfUlqEqe0RQE.roa (hash: s8ahaYu2umakIkOHunLEsrzEdAIsc7vrgdaPFAJX/B0=) 7: UwuhHIRc9qSfEX6XGunAr85dyEA.roa (hash: v6KOr1rmHDt+GxwNeTG+w6jxSzGnr+bSVua9Q4OO8C0=) 8: VkkvGMtenz96Ubj3KDzXyym1LzY.roa (hash: E/GDo41oktFV73vvuiDk3fNXk8LkaX2ghEwTcizgkaw=) 9: ZhKIDK-jjG9sj6aBi0aEGsJSA50.roa (hash: nuQxbov+85T/uqWDAmeJAZ+qip9Y/A2OahUFdjFPKhg=) 10: kLCDMTUTRbJeJajr_KP2p663xqk.roa (hash: Cd9LBaXNUzFq1myVM5COYVtjKiIjTzwaQ7rIDyhpbzE=) 11: mS1g5aNaOIe32m5_FgfjTc6VbP4.roa (hash: DRqrjZnRKpeQWBmj82tLSsN99MhvkwnNbbxykbvBnVg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 09:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:4e:bd:55:ba:97:fa:8a:7e:fa:2b:c0:a8:f3:5d:7c:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec Validity Not Before: Nov 4 12:00:22 2025 GMT Not After : Nov 5 12:00:22 2025 GMT Subject: CN=1353255e56c8bf96e4511de86ba0d803c7f7add7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:44:b5:64:f9:c6:d9:41:1f:2b:2a:e3:5a:9c: a1:8f:ce:97:e0:84:bd:77:e3:98:13:cb:18:d9:33: ff:ca:a9:23:3a:12:a2:b6:6b:57:7f:b1:92:21:f3: a3:63:12:e5:f4:e3:01:05:23:0a:d4:5d:05:1b:7a: a2:63:74:7b:b7:14:1c:16:fc:b7:4a:6e:cd:e4:c1: ec:ee:4b:b9:63:e9:af:52:ed:98:b9:c9:6f:74:6b: 60:c4:b6:b4:46:bb:1d:08:30:19:6b:8a:c6:09:3b: 3d:c5:90:d8:94:ce:fd:3f:44:d6:c8:bf:83:29:bf: 9a:52:ec:69:be:ca:71:9d:76:5a:d4:52:e6:fa:3a: d1:68:69:13:49:48:e4:e8:a0:8e:7b:3a:a2:eb:5d: 03:9a:27:45:7b:29:c0:94:42:45:5b:40:8a:c6:97: ce:f6:a7:c1:9a:b2:b2:6e:e9:0e:88:0d:dc:d5:7b: f7:79:d2:8c:78:61:7b:73:85:99:fa:b9:3b:eb:4f: 5e:55:4c:42:5e:65:a9:48:42:2e:e5:3f:a3:05:39: 8a:d3:48:90:f0:7d:9d:7a:da:4e:bd:93:ac:b7:51: fa:a6:aa:d5:76:d5:d7:2e:a4:20:0b:b7:d7:cd:31: c6:62:bf:bf:78:be:7d:e6:2d:37:12:cc:b2:88:ec: 37:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:53:25:5E:56:C8:BF:96:E4:51:1D:E8:6B:A0:D8:03:C7:F7:AD:D7 X509v3 Authority Key Identifier: keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:26:c0:16:b5:63:22:cd:98:5b:c0:ce:a3:b1:44:78:f1:d3: 6c:e6:7d:1d:d7:68:0b:86:b8:2f:9b:c7:ac:c6:ce:51:57:15: fc:3b:ae:9b:98:a3:c1:5a:ad:c2:8e:36:44:77:7f:7b:a1:0e: ee:18:50:42:ea:28:db:5a:f8:3d:36:ed:43:30:6f:32:63:bf: 78:6f:f6:23:db:a4:34:1d:59:92:b8:c6:64:72:20:57:12:41: 16:86:2e:2b:e0:6a:2f:c7:cf:94:55:a0:75:0a:5a:91:7c:99: 03:38:30:86:f1:d9:4d:84:24:a0:0f:7e:d4:77:fc:00:25:63: 1e:38:48:43:60:ba:61:c9:05:55:f9:03:dd:fc:e6:e9:c7:8f: d8:7f:01:ce:b6:f9:e9:e6:de:50:02:ec:2f:9d:f0:a4:23:2a: b2:b4:72:9a:8c:5b:21:26:69:78:03:d7:f3:19:c2:22:ff:1d: 6f:a6:4c:88:5e:d7:2c:98:3d:75:10:4a:bb:3b:74:ef:b3:b8: 78:83:90:60:59:8a:4c:84:4f:c2:82:1a:e3:1a:62:5d:90:65: ec:1f:0c:bd:d8:f4:00:bb:ca:49:a1:80:ac:07:f9:34:4c:ef: 7d:b9:82:3c:f9:8b:50:26:04:22:5f:74:d0:8b:8e:0e:50:87: a9:79:06:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpOvVW6l/qKfvorwKjzXXxVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw MDhhZWMwHhcNMjUxMTA0MTIwMDIyWhcNMjUxMTA1MTIwMDIyWjAzMTEwLwYDVQQD EygxMzUzMjU1ZTU2YzhiZjk2ZTQ1MTFkZTg2YmEwZDgwM2M3ZjdhZGQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuES1ZPnG2UEfKyrjWpyhj86X4IS9 d+OYE8sY2TP/yqkjOhKitmtXf7GSIfOjYxLl9OMBBSMK1F0FG3qiY3R7txQcFvy3 Sm7N5MHs7ku5Y+mvUu2YuclvdGtgxLa0RrsdCDAZa4rGCTs9xZDYlM79P0TWyL+D Kb+aUuxpvspxnXZa1FLm+jrRaGkTSUjk6KCOezqi610DmidFeynAlEJFW0CKxpfO 9qfBmrKybukOiA3c1Xv3edKMeGF7c4WZ+rk7609eVUxCXmWpSEIu5T+jBTmK00iQ 8H2detpOvZOst1H6pqrVdtXXLqQgC7fXzTHGYr+/eL595i03EsyyiOw3xQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBNTJV5WyL+W5FEd6Gug2APH963XMB8GA1UdIwQY MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt YjA3ZDg0MTZhZTRhLzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSbAFrVj Is2YW8DOo7FEePHTbOZ9HddoC4a4L5vHrMbOUVcV/Duum5ijwVqtwo42RHd/e6EO 7hhQQuoo21r4PTbtQzBvMmO/eG/2I9ukNB1ZkrjGZHIgVxJBFoYuK+BqL8fPlFWg dQpakXyZAzgwhvHZTYQkoA9+1Hf8ACVjHjhIQ2C6YckFVfkD3fzm6ceP2H8Bzrb5 6ebeUALsL53wpCMqsrRymoxbISZpeAPX8xnCIv8db6ZMiF7XLJg9dRBKuzt077O4 eIOQYFmKTIRPwoIa4xpiXZBl7B8Mvdj0ALvKSaGArAf5NEzvfbmCPPmLUCYEIl90 0IuODlCHqXkG1g== -----END CERTIFICATE-----Generated at Tue Nov 4 14:00:37 2025 by rpki-client