$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: m/rygh6qiePsSPaqk/6daS80W2M19m9YdYHcRAlXgUk= Subject key identifier: 8E:7F:02:6E:5F:86:12:2C:05:B0:DF:E6:EF:BA:BA:92:89:9A:C2:1D Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019A26D481F554E47756DD25DF3DD0015E55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 1210 Signing time: Mon 27 Oct 2025 18:00:52 +0000 Manifest this update: Mon 27 Oct 2025 18:00:52 +0000 Manifest next update: Tue 28 Oct 2025 18:00:52 +0000 Files and hashes: 1: 1-W_ixXGYX8sPaJagj-AVwFiwChc.roa (hash: L0D3lIfkN9efhBw5T+b3u9NkdIMxDqZ5UXxZUhgRWOs=) 2: 1wei3P__YsLq8D2DZQdx3r5Se8Q.roa (hash: mJ3sfO2t0ZrVqr8Lh/dS5cWV3uJ23FidlrzCBj85Xpg=) 3: D9OViOUA1-461O4zttxUuu7lHv0.roa (hash: 2itBNaHzhENVRyOefdMh6N1RENcyUMqY/eAvQKNqorQ=) 4: FL9fu1OvmoFGfhkDWCYg6qk3FZw.roa (hash: 4qo1m7CfLoe2e1/s3slGLhDBLmvad/IFz+DUbL4c5ro=) 5: QhTNtcmMP2d8JHj8beOVtwBfn-8.roa (hash: pGtJfsZnHgpcNHsy6MUt5rD0YLB/sQz5xjhWg8xCmoY=) 6: b_UNR9Xj_ycfuOSMA48F_QSRqts.roa (hash: V/FK04zH2Za3Nwu+0PjyuAuPUrWk9vHEnkwAOnyhoAs=) 7: bvT0XxpWvjhSrsyJnY-pHBlHicQ.roa (hash: jO921Nm2+NbwqmtR+BTndgCkDUsWuQ/tZNnxs0Ah0nM=) 8: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: g14BrTJEEtJhBIUiiVk64lu8OeM5GltH4ZGYtQmwodE=) 9: mI6CMDbVFOggenhN7vYK1kqjlUM.roa (hash: Ix338GJteDKUBZwQ6uAO2I9vp00YeBcogG5YXz8IPLE=) 10: vUVcdpzXr2JQGsu1xtXoOvW_LHU.roa (hash: 2iN03nQJUllsMqRJ1fP7+P4h4U6MeEk1ERszIuxQ8MY=) 11: wGY7w33wbp754v9ca7Ik2gL3Voc.roa (hash: cLU9Ywl9VMx+T+dYulHYxfzmlahVeyhReHN4Xp/Qd78=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Oct 2025 15:57:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:26:d4:81:f5:54:e4:77:56:dd:25:df:3d:d0:01:5e:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Oct 27 18:00:52 2025 GMT Not After : Oct 28 18:00:52 2025 GMT Subject: CN=8e7f026e5f86122c05b0dfe6efbaba92899ac21d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:a0:74:af:1c:18:a0:fc:a7:81:f5:11:3a:f2: 30:76:45:95:b1:cd:25:6d:1f:76:cb:7c:9c:59:c2: f6:e6:42:e3:20:88:ec:20:33:1f:40:bf:51:d9:67: 65:46:81:4e:c6:b4:9d:97:a8:ae:f5:e2:ec:55:75: 05:d2:4f:a4:e2:83:53:20:d9:4d:7c:ef:18:86:cf: 5e:3f:fa:b7:3a:ff:86:2c:00:e1:69:0f:19:d2:f6: 97:3f:e9:94:53:45:e1:44:90:01:65:a5:12:9b:cc: 37:00:02:7d:e1:9a:ee:41:f2:c2:0e:40:24:9d:29: e8:da:8e:d6:9d:44:8a:78:20:62:32:97:f2:98:e9: 6b:40:6c:83:21:4d:4b:98:48:90:c5:6d:ef:7f:bf: 38:6a:33:c1:55:54:bc:bf:d3:39:45:35:c0:a2:49: 57:a6:c4:c0:81:1d:ab:fb:62:d9:de:42:aa:b2:c2: 98:ce:68:05:3a:11:70:9e:6f:2f:72:8f:0d:7a:2f: d2:fc:d3:e9:aa:cc:ae:cc:57:6f:2f:54:62:ab:63: 23:20:60:4c:6b:23:40:6b:bc:e8:ef:3a:47:d8:f9: 03:6b:31:38:13:5f:53:fa:cb:ab:42:a4:af:18:4f: f9:0b:4f:5b:ba:31:cd:4a:37:74:46:7f:7f:73:70: 50:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:7F:02:6E:5F:86:12:2C:05:B0:DF:E6:EF:BA:BA:92:89:9A:C2:1D X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:34:80:a1:c8:a3:3e:39:48:70:dd:89:64:a6:d7:06:e4:56: cc:d6:75:e6:81:a4:25:89:5d:ee:17:14:c4:a1:43:9f:f1:44: 98:a7:9d:83:19:69:2b:b0:20:4e:6c:41:c2:62:9a:e2:d1:ae: 14:4e:53:4f:c4:05:f3:fa:bb:1c:b4:bc:8b:4b:09:bf:44:0a: 8a:72:ba:1c:31:9e:64:84:f9:b1:06:db:74:94:4b:4a:3a:76: 9f:3a:78:ab:e5:e9:9b:06:5e:39:4c:a3:9b:ee:c2:14:ca:7b: 81:0e:e6:e1:33:f2:9d:ef:ab:1f:57:3d:f9:7d:ae:cd:48:a3: 2a:e1:da:4c:e5:88:9d:13:05:4d:71:61:23:42:48:3d:8a:0d: 96:ed:fd:38:28:30:2e:1e:e2:ac:40:b2:fb:9c:9e:7e:b4:5f: 6c:68:a1:8f:7d:35:a5:05:f3:24:32:e2:44:e2:6d:d9:b5:ea: 69:69:d0:16:d2:d4:9f:cf:3b:9c:a3:96:3a:26:b2:6c:9e:79: 56:fa:8e:67:01:06:a7:7e:22:61:ee:34:9a:e7:f1:85:6c:21: 66:09:a5:ef:6d:fe:cf:a3:eb:ea:17:36:e3:5f:f2:ea:38:c9: f0:51:96:47:04:df:c3:e4:47:20:4a:c4:f4:50:ec:ff:d2:bb: ac:27:52:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZom1IH1VOR3Vt0l3z3QAV5VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjUxMDI3MTgwMDUyWhcNMjUxMDI4MTgwMDUyWjAzMTEwLwYDVQQD Eyg4ZTdmMDI2ZTVmODYxMjJjMDViMGRmZTZlZmJhYmE5Mjg5OWFjMjFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qB0rxwYoPyngfUROvIwdkWVsc0l bR92y3ycWcL25kLjIIjsIDMfQL9R2WdlRoFOxrSdl6iu9eLsVXUF0k+k4oNTINlN fO8Yhs9eP/q3Ov+GLADhaQ8Z0vaXP+mUU0XhRJABZaUSm8w3AAJ94ZruQfLCDkAk nSno2o7WnUSKeCBiMpfymOlrQGyDIU1LmEiQxW3vf784ajPBVVS8v9M5RTXAoklX psTAgR2r+2LZ3kKqssKYzmgFOhFwnm8vco8Nei/S/NPpqsyuzFdvL1Riq2MjIGBM ayNAa7zo7zpH2PkDazE4E19T+surQqSvGE/5C09bujHNSjd0Rn9/c3BQTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI5/Am5fhhIsBbDf5u+6upKJmsIdMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFDSAocij PjlIcN2JZKbXBuRWzNZ15oGkJYld7hcUxKFDn/FEmKedgxlpK7AgTmxBwmKa4tGu FE5TT8QF8/q7HLS8i0sJv0QKinK6HDGeZIT5sQbbdJRLSjp2nzp4q+XpmwZeOUyj m+7CFMp7gQ7m4TPyne+rH1c9+X2uzUijKuHaTOWInRMFTXFhI0JIPYoNlu39OCgw Lh7irECy+5yefrRfbGihj301pQXzJDLiROJt2bXqaWnQFtLUn887nKOWOiaybJ55 VvqOZwEGp34iYe40mufxhWwhZgml723+z6Pr6hc241/y6jjJ8FGWRwTfw+RHIErE 9FDs/9K7rCdS1w== -----END CERTIFICATE-----Generated at Mon Oct 27 21:06:08 2025 by rpki-client