$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: O5AgwltF0YEbC+bnOJcWFAQQ5739FFQ6Y/CZ3DPCdvo= Subject key identifier: 75:DC:9F:8B:CD:D6:4F:B7:D6:6D:6B:3E:FD:6B:25:C2:67:66:A6:8C Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019931FF25FB7FEE4A7C7D82BF1D044D560E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 1191 Signing time: Wed 10 Sep 2025 05:00:28 +0000 Manifest this update: Wed 10 Sep 2025 05:00:28 +0000 Manifest next update: Thu 11 Sep 2025 05:00:28 +0000 Files and hashes: 1: 1-W_ixXGYX8sPaJagj-AVwFiwChc.roa (hash: L0D3lIfkN9efhBw5T+b3u9NkdIMxDqZ5UXxZUhgRWOs=) 2: 1wei3P__YsLq8D2DZQdx3r5Se8Q.roa (hash: mJ3sfO2t0ZrVqr8Lh/dS5cWV3uJ23FidlrzCBj85Xpg=) 3: D9OViOUA1-461O4zttxUuu7lHv0.roa (hash: 2itBNaHzhENVRyOefdMh6N1RENcyUMqY/eAvQKNqorQ=) 4: FL9fu1OvmoFGfhkDWCYg6qk3FZw.roa (hash: 4qo1m7CfLoe2e1/s3slGLhDBLmvad/IFz+DUbL4c5ro=) 5: QhTNtcmMP2d8JHj8beOVtwBfn-8.roa (hash: pGtJfsZnHgpcNHsy6MUt5rD0YLB/sQz5xjhWg8xCmoY=) 6: b_UNR9Xj_ycfuOSMA48F_QSRqts.roa (hash: V/FK04zH2Za3Nwu+0PjyuAuPUrWk9vHEnkwAOnyhoAs=) 7: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: ntlLwZArOAP7Z/hYyVhH/gUmQ4mvFCYfHc6MFCvXiqA=) 8: mI6CMDbVFOggenhN7vYK1kqjlUM.roa (hash: Ix338GJteDKUBZwQ6uAO2I9vp00YeBcogG5YXz8IPLE=) 9: vUVcdpzXr2JQGsu1xtXoOvW_LHU.roa (hash: 2iN03nQJUllsMqRJ1fP7+P4h4U6MeEk1ERszIuxQ8MY=) 10: wGY7w33wbp754v9ca7Ik2gL3Voc.roa (hash: cLU9Ywl9VMx+T+dYulHYxfzmlahVeyhReHN4Xp/Qd78=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Sep 2025 02:00:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:31:ff:25:fb:7f:ee:4a:7c:7d:82:bf:1d:04:4d:56:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Sep 10 05:00:28 2025 GMT Not After : Sep 11 05:00:28 2025 GMT Subject: CN=75dc9f8bcdd64fb7d66d6b3efd6b25c26766a68c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b7:5e:34:d9:43:ea:5a:95:33:a9:6d:c4:f8: 7b:0f:0d:b6:6a:90:30:17:67:56:6f:ad:aa:9b:ef: 6e:83:5f:02:18:08:93:4f:1c:74:f5:5b:20:91:61: 7d:f3:d9:26:c9:cb:08:77:70:e8:db:85:64:7a:06: ce:ba:f3:02:25:9d:96:d3:9d:10:db:8d:81:ba:1f: 54:a0:38:8f:4f:26:c6:0b:46:78:3f:c1:10:d9:52: 7d:1f:41:c7:ec:cc:42:6e:8d:77:41:ea:7d:d1:73: 0d:c5:7a:2a:25:d8:5e:bf:d7:9b:a6:65:3f:50:b1: a1:1f:61:f8:f8:60:99:9f:55:1b:4e:91:92:e0:21: 61:db:f3:84:44:f6:f7:c8:b5:49:a5:20:f6:80:51: f7:a2:bf:fc:11:7e:1f:db:15:7f:f1:51:8d:f0:72: 22:44:f4:22:3f:b2:6f:bf:bd:a9:a9:05:93:8a:42: 1c:bb:48:27:37:55:73:a0:fc:2f:d8:ee:51:20:4b: b8:6d:a1:f1:93:07:20:7b:5d:fb:e9:11:24:61:9a: c5:54:3c:a6:ff:80:90:09:ea:fb:21:24:df:9f:bc: 12:d5:54:ce:a2:db:20:c1:2f:0f:72:35:a9:53:b5: 02:b5:b8:21:9e:d6:5b:7c:d0:74:88:30:ea:84:b5: 98:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:DC:9F:8B:CD:D6:4F:B7:D6:6D:6B:3E:FD:6B:25:C2:67:66:A6:8C X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:2a:4e:fd:ac:de:99:0a:7d:df:07:dd:ea:81:f9:07:94:1c: 71:b3:4e:fe:30:37:0e:c9:d9:64:bb:cf:92:e2:94:4a:77:55: 91:bb:7c:90:34:95:3a:ab:5a:72:01:55:2e:bb:4a:a4:7e:55: 31:40:af:a1:d8:77:6b:f6:3a:b1:4c:57:4d:d7:16:17:4a:9c: 51:91:5e:2a:03:58:52:7e:f3:60:8b:47:38:9b:e4:9a:24:d8: 84:5d:e8:7b:ce:f2:ce:7f:ce:ba:2e:04:01:76:ff:24:a1:03: 9b:95:fe:0f:35:f7:bd:63:64:1d:d2:8e:19:9a:04:6b:65:32: d0:62:6c:15:64:d1:ae:58:3c:31:dd:17:c9:8f:51:69:d7:16: 1b:f5:cc:f8:cb:35:49:52:87:46:0f:57:f6:27:23:ec:24:c0: 6a:bb:bf:62:52:ff:f6:51:58:97:a8:49:e2:2c:ae:17:7c:c5: 6a:c4:b6:66:7d:fb:f8:18:4d:0b:f3:96:19:32:53:3e:6e:d7: b3:43:9a:e6:7d:74:2d:3f:d0:c0:13:1f:90:94:54:21:a9:d7: d8:5d:c3:11:01:50:55:d0:2e:0c:a1:1e:ee:f3:33:c0:cd:cd: 77:5e:77:93:ec:bb:a8:89:3c:24:99:d3:46:77:c0:f4:3b:44: bd:7e:15:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZkx/yX7f+5KfH2Cvx0ETVYOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjUwOTEwMDUwMDI4WhcNMjUwOTExMDUwMDI4WjAzMTEwLwYDVQQD Eyg3NWRjOWY4YmNkZDY0ZmI3ZDY2ZDZiM2VmZDZiMjVjMjY3NjZhNjhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLdeNNlD6lqVM6ltxPh7Dw22apAw F2dWb62qm+9ug18CGAiTTxx09VsgkWF989kmycsId3Do24VkegbOuvMCJZ2W050Q 242Buh9UoDiPTybGC0Z4P8EQ2VJ9H0HH7MxCbo13Qep90XMNxXoqJdhev9ebpmU/ ULGhH2H4+GCZn1UbTpGS4CFh2/OERPb3yLVJpSD2gFH3or/8EX4f2xV/8VGN8HIi RPQiP7Jvv72pqQWTikIcu0gnN1VzoPwv2O5RIEu4baHxkwcge1376REkYZrFVDym /4CQCer7ISTfn7wS1VTOotsgwS8PcjWpU7UCtbghntZbfNB0iDDqhLWYBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHXcn4vN1k+31m1rPv1rJcJnZqaMMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjSpO/aze mQp93wfd6oH5B5QccbNO/jA3DsnZZLvPkuKUSndVkbt8kDSVOqtacgFVLrtKpH5V MUCvodh3a/Y6sUxXTdcWF0qcUZFeKgNYUn7zYItHOJvkmiTYhF3oe87yzn/Oui4E AXb/JKEDm5X+DzX3vWNkHdKOGZoEa2Uy0GJsFWTRrlg8Md0XyY9RadcWG/XM+Ms1 SVKHRg9X9icj7CTAaru/YlL/9lFYl6hJ4iyuF3zFasS2Zn37+BhNC/OWGTJTPm7X s0Oa5n10LT/QwBMfkJRUIanX2F3DEQFQVdAuDKEe7vMzwM3Nd153k+y7qIk8JJnT RnfA9DtEvX4VwA== -----END CERTIFICATE-----Generated at Wed Sep 10 10:28:45 2025 by rpki-client