$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: Fg9RVMbkby+AR3VoeaVqMwF4EIHc0Z2kXb9UekcBSPc= Subject key identifier: DD:57:B7:E3:9E:2A:D9:C5:EE:A2:26:C7:A5:0A:1D:34:2B:97:21:3F Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019A1FF642DF8F6380E3A97C5249F0EE15E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 09B4 Signing time: Sun 26 Oct 2025 10:00:23 +0000 Manifest this update: Sun 26 Oct 2025 10:00:23 +0000 Manifest next update: Mon 27 Oct 2025 10:00:23 +0000 Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=) 2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=) 3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=) 4: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (hash: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=) 5: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: cuapVyFv0BHke+4Jp9r3IsGnTpLU7N1PcAdK0CaMvQg=) 7: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (hash: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=) 8: cblkW3ZYAZ5VQl8X3gHLFnE7S8g.roa (hash: +MK4cG6/hNPklJaXz5PxE5zp6rLCIwlFMKcCPx37Jxo=) 9: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=) 10: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (hash: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=) 11: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=) 12: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=) 13: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=) 14: peFNs9o1tsBGwnwboXKeedD2GlM.roa (hash: Dmic12i1kcUbMMXMNmS8BrjxjQvM2y0e2GWo+yQ4WH0=) 15: puM6zDTCACkm8XM63GmrJCmb9w4.roa (hash: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=) 16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 27 Oct 2025 05:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:1f:f6:42:df:8f:63:80:e3:a9:7c:52:49:f0:ee:15:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Oct 26 10:00:23 2025 GMT Not After : Oct 27 10:00:23 2025 GMT Subject: CN=dd57b7e39e2ad9c5eea226c7a50a1d342b97213f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e6:f9:3e:85:a6:84:14:75:8e:f7:94:2a:8f: 31:36:f9:92:f2:12:18:50:47:49:34:61:15:4c:69: 4b:f9:02:72:d8:e9:b0:a2:98:f7:2d:29:1c:9a:ef: ab:82:4d:0f:00:ed:0c:08:94:e6:9f:50:b6:30:01: 80:55:21:f5:e9:d3:06:22:f4:25:55:1a:42:64:3c: 13:ce:76:e7:93:6c:80:35:aa:88:63:38:5f:b4:13: 46:59:10:b5:9f:4b:42:25:82:32:ca:69:66:19:fc: cd:30:7f:12:c0:0c:0a:08:d9:e8:2a:36:aa:f2:90: 50:4e:1b:bb:d8:fd:f1:c5:9c:c1:a8:ca:f2:39:72: 0b:6f:ef:14:4c:75:10:ed:3d:62:11:47:f5:92:02: 76:d3:23:cc:a1:a1:70:b7:68:b7:8e:15:21:c6:ca: 0a:18:9c:40:f2:64:92:f6:5a:90:f1:90:29:ca:06: b2:95:c9:c4:3f:08:a8:5e:17:51:5a:1e:d4:04:06: ee:0f:e4:67:1c:a6:de:e2:58:d6:a3:bf:21:f0:12: 52:6e:80:bf:0b:ef:2b:d3:d3:3d:34:55:39:f9:be: ce:de:52:4f:e8:bf:33:1d:76:a1:92:21:71:65:b8: 5e:46:be:2a:e9:b6:b8:4f:4b:b1:20:63:17:10:e9: 8d:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:57:B7:E3:9E:2A:D9:C5:EE:A2:26:C7:A5:0A:1D:34:2B:97:21:3F X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:40:af:aa:50:b1:7d:d1:94:20:b7:f1:bd:8c:46:82:c1:6d: 7f:17:75:a7:2c:7b:2c:7a:86:54:8a:b2:4e:89:df:5f:f3:ae: fe:e7:1a:24:cd:62:1a:d6:67:bf:f7:a6:8a:a6:13:69:6d:8e: 9c:cb:07:f8:ba:8a:a1:e3:85:98:74:70:b8:b6:a5:bd:72:04: b2:99:7e:5b:09:26:8a:fd:31:23:ec:8c:32:ed:25:8e:8f:aa: 69:5f:74:c1:80:e3:bf:17:7d:f3:77:1f:a9:79:c8:06:95:05: 40:1b:b3:7a:53:e9:e0:ee:cc:62:e0:d8:ac:76:d9:20:d1:76: 91:32:8c:4c:05:84:7d:19:6b:58:b7:2b:19:26:0a:27:e1:e1: 8f:38:40:57:69:c1:a2:c2:90:81:c3:5f:76:9b:7e:57:30:93: 4c:17:2a:52:60:96:cb:c4:84:04:87:00:aa:32:3c:31:f6:00: 3e:cc:8e:38:ac:38:5b:8e:85:cc:d4:11:bf:c0:2a:cc:a2:30: f1:33:7e:ea:c7:9b:a6:28:83:8e:f7:49:2a:3d:23:d4:22:33: 73:2f:cb:28:2e:68:0c:b5:44:41:48:6a:fe:63:95:ba:ac:91: d7:6f:8a:1d:52:85:08:d0:78:42:0c:0c:ff:4e:18:99:89:15: 85:3c:93:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZof9kLfj2OA46l8Uknw7hXoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUxMDI2MTAwMDIzWhcNMjUxMDI3MTAwMDIzWjAzMTEwLwYDVQQD EyhkZDU3YjdlMzllMmFkOWM1ZWVhMjI2YzdhNTBhMWQzNDJiOTcyMTNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOb5PoWmhBR1jveUKo8xNvmS8hIY UEdJNGEVTGlL+QJy2Omwopj3LSkcmu+rgk0PAO0MCJTmn1C2MAGAVSH16dMGIvQl VRpCZDwTznbnk2yANaqIYzhftBNGWRC1n0tCJYIyymlmGfzNMH8SwAwKCNnoKjaq 8pBQThu72P3xxZzBqMryOXILb+8UTHUQ7T1iEUf1kgJ20yPMoaFwt2i3jhUhxsoK GJxA8mSS9lqQ8ZApygaylcnEPwioXhdRWh7UBAbuD+RnHKbe4ljWo78h8BJSboC/ C+8r09M9NFU5+b7O3lJP6L8zHXahkiFxZbheRr4q6ba4T0uxIGMXEOmNHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN1Xt+OeKtnF7qImx6UKHTQrlyE/MB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARECvqlCx fdGUILfxvYxGgsFtfxd1pyx7LHqGVIqyTonfX/Ou/ucaJM1iGtZnv/emiqYTaW2O nMsH+LqKoeOFmHRwuLalvXIEspl+Wwkmiv0xI+yMMu0ljo+qaV90wYDjvxd983cf qXnIBpUFQBuzelPp4O7MYuDYrHbZINF2kTKMTAWEfRlrWLcrGSYKJ+HhjzhAV2nB osKQgcNfdpt+VzCTTBcqUmCWy8SEBIcAqjI8MfYAPsyOOKw4W46FzNQRv8AqzKIw 8TN+6sebpiiDjvdJKj0j1CIzcy/LKC5oDLVEQUhq/mOVuqyR12+KHVKFCNB4QgwM /04YmYkVhTyTSg== -----END CERTIFICATE-----Generated at Sun Oct 26 14:30:50 2025 by rpki-client