$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft File: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft (raw, json) Hash identifier: 81h6Qi4CsSg/YsdKZKQ+BSVQ94XTTRzO+x9a9app4Jk= Subject key identifier: 8B:3E:AD:84:12:53:8D:BB:20:5B:0E:14:04:FF:17:6D:F7:E6:0B:DA Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f Certificate serial: 019A251C8319EB4F15F91C17C33CB1BDE4E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft Manifest number: 171F Signing time: Mon 27 Oct 2025 10:00:16 +0000 Manifest this update: Mon 27 Oct 2025 10:00:16 +0000 Manifest next update: Tue 28 Oct 2025 10:00:16 +0000 Files and hashes: 1: 08x65D62xajmjuWxGOGX--5GFZ4.roa (hash: ku01TCluM3ObD1DEPpsLr/8jGhA1O5espf/zteTKSkk=) 2: 1-fxNLZQMykWE3SLBLsEKwibzn3o.roa (hash: U9t8UfOKITE6D0gBLc/Dtn9zr6EfXzJkxHJL0LBQvTo=) 3: FDmDvOACHulfshItBSDCX5mBYSQ.roa (hash: aexzHKGvD/WM+wZ6/qx7vyWxEHAqx7gswtzEcmCk74k=) 4: FzyJ-A4chBzu8lQqhpLh4dfVe9s.roa (hash: kikBFtCVFZZA5yK1FlsJJ2Y15ol/mIm/K3+f2pwmt3Q=) 5: JRfXlKgZScSlnAP9_s4mWUCHMzI.roa (hash: Yofq9QzaUqxyhMLfnSLcXXtmS3vz0xWVOjl3kItQ1gM=) 6: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl (hash: zuU01M6R0YGAUgaPdzYlxYfGdby4hDJtCm2/MQEpAKU=) 7: RV1rjCwSnXKPzqWOYcizuue6Tmw.roa (hash: ZJyuiQwoYun/WqH4NVoy2nm760NToV5F7bd+tbvhpZI=) 8: UI2cnhatNs5ZeysmslxEpLBSTew.roa (hash: axZPCQgEFKrONNIyjteNC+Y0RYmX6khaCS5yj1K7lFE=) 9: XIqtTjvuJ5glY39EaIP6KmILhoo.roa (hash: oyK+JoJZ3ZJXn7BAWGpujgyfoF5xI3Ds91YiwWdI2PE=) 10: XwhTClSP1UI8joFe2laQDXk_PGU.roa (hash: Vu9nNK134kjM8iGZdGpKi0T5ZrLtuDBr7FKT4joBB3w=) 11: b_MAVuI29oBciIh7vGGq0NJVEzc.roa (hash: hDxp3S5bhbbLqI6OACypq5MMFaQlI+7lCsYe3tJ2F9c=) 12: dOfaSe3fIYIhGR1xcwXjfUk3OeI.roa (hash: uz8UfxMH6M1zEnn7EFrd8TVCQANQpajV/Ux4YkN59Jk=) 13: ivBw7pb2lERE4O4pT70f-IjK-H8.roa (hash: 9+du4uvg6+sqYU99LVsbimMbdhpdO5ppSVPQO3/HDIY=) 14: vaL0J_r43BzBTm5r8Bo75j0pTF8.roa (hash: 75FzmVXUE4MjGcr9LiSgeGxgqkVwVmsZ6mF1xXYO59Y=) 15: zhtRFI1IbB8hGc_SM2h4CISUl7A.roa (hash: bLD1C+K9v2CYIV0aCijm7HOS8Af4YKVs8VztsZsW80w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Oct 2025 10:00:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:25:1c:83:19:eb:4f:15:f9:1c:17:c3:3c:b1:bd:e4:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f Validity Not Before: Oct 27 10:00:16 2025 GMT Not After : Oct 28 10:00:16 2025 GMT Subject: CN=8b3ead8412538dbb205b0e1404ff176df7e60bda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:85:d9:89:9b:8a:21:2a:a6:2b:33:8e:83:bb: 2a:b3:9d:22:6f:75:5f:71:0a:23:0b:99:22:59:34: df:66:4a:96:58:34:3e:b2:68:95:88:87:2b:3b:75: 7e:db:4a:80:f0:97:41:95:f4:c6:1d:c4:8d:50:cf: 66:7c:74:ba:9c:5b:24:25:9d:46:c6:69:87:4d:34: be:46:d2:0e:f7:69:47:24:f1:ae:17:a4:b1:9f:bb: ae:a5:56:f8:7e:69:f4:c2:31:b4:cd:77:0d:ba:a0: ca:1b:8a:00:ed:d7:13:26:d6:10:50:46:0f:1d:8c: eb:7b:eb:84:d9:6f:81:7d:bb:3d:e2:32:8f:30:40: 58:07:21:32:ab:7b:5e:83:70:03:68:a7:c7:29:d7: 4a:00:17:eb:3c:19:c2:f6:e0:5f:4e:19:79:51:91: e3:91:fd:2a:86:41:95:fb:e7:96:4a:23:ce:94:ab: 5a:5e:75:73:ef:88:71:74:c1:67:ff:5c:fe:b9:86: 80:de:10:13:75:07:81:0d:4a:42:16:b6:85:aa:bc: 40:de:c7:73:b9:f7:88:78:96:33:2b:2f:88:0b:57: 18:ac:8e:cc:b2:65:30:05:70:f0:a1:34:83:8e:4c: ec:6f:75:35:dc:87:d7:c6:79:0a:16:db:80:8b:a0: 87:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:3E:AD:84:12:53:8D:BB:20:5B:0E:14:04:FF:17:6D:F7:E6:0B:DA X509v3 Authority Key Identifier: keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:21:bb:77:ae:2e:74:b3:6d:3c:98:dc:b0:9f:27:42:0a:23: ef:15:5c:bf:b7:2c:87:71:cb:d8:ca:e2:5b:a5:cf:72:ea:4b: 01:16:b2:ff:9a:9a:e2:0a:ff:4b:f4:90:40:a2:ed:a0:f6:79: 0e:dc:b1:31:03:eb:47:b1:5f:8c:da:b2:87:ed:a7:dc:13:21: 19:7a:56:05:87:7f:b0:62:9f:0d:38:d1:83:e9:5a:88:76:10: af:c8:d9:c3:d1:51:a5:93:8b:ae:66:5d:ad:37:46:ed:89:41: 97:c2:7b:89:4c:bb:1d:aa:85:08:b8:5d:06:e0:ef:33:35:82: 86:aa:e3:1c:d3:61:6b:65:d2:9c:42:25:6c:14:43:a1:c4:82: 80:84:72:44:97:a8:7b:6c:cd:a9:d5:4e:6b:7c:bc:f8:c7:9b: 33:25:6c:8c:3c:7e:ee:ce:86:89:89:64:df:61:ce:d9:51:d3: f5:dd:48:bb:f5:f5:72:f6:8b:df:46:e8:47:81:6f:a5:f6:89: 58:b6:49:0b:45:c5:c7:d8:a1:ec:74:ef:07:6d:b7:94:69:c3: 42:30:b3:fb:76:e0:34:94:a2:05:1c:5c:68:ac:ff:10:c7:ae: 82:cd:22:d5:49:ab:a8:de:e3:75:78:48:78:db:4a:0a:d2:24: 20:bc:b3:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZolHIMZ608V+RwXwzyxveTlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2 NGRlMGYwHhcNMjUxMDI3MTAwMDE2WhcNMjUxMDI4MTAwMDE2WjAzMTEwLwYDVQQD Eyg4YjNlYWQ4NDEyNTM4ZGJiMjA1YjBlMTQwNGZmMTc2ZGY3ZTYwYmRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYXZiZuKISqmKzOOg7sqs50ib3Vf cQojC5kiWTTfZkqWWDQ+smiViIcrO3V+20qA8JdBlfTGHcSNUM9mfHS6nFskJZ1G xmmHTTS+RtIO92lHJPGuF6Sxn7uupVb4fmn0wjG0zXcNuqDKG4oA7dcTJtYQUEYP HYzre+uE2W+Bfbs94jKPMEBYByEyq3teg3ADaKfHKddKABfrPBnC9uBfThl5UZHj kf0qhkGV++eWSiPOlKtaXnVz74hxdMFn/1z+uYaA3hATdQeBDUpCFraFqrxA3sdz ufeIeJYzKy+IC1cYrI7MsmUwBXDwoTSDjkzsb3U13IfXxnkKFtuAi6CHnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIs+rYQSU427IFsOFAT/F2335gvaMB8GA1UdIwQY MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt MTJlYzIyYzljNWEyLzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnCG7d64u dLNtPJjcsJ8nQgoj7xVcv7csh3HL2MriW6XPcupLARay/5qa4gr/S/SQQKLtoPZ5 DtyxMQPrR7FfjNqyh+2n3BMhGXpWBYd/sGKfDTjRg+laiHYQr8jZw9FRpZOLrmZd rTdG7YlBl8J7iUy7HaqFCLhdBuDvMzWChqrjHNNha2XSnEIlbBRDocSCgIRyRJeo e2zNqdVOa3y8+MebMyVsjDx+7s6GiYlk32HO2VHT9d1Iu/X1cvaL30boR4FvpfaJ WLZJC0XFx9ih7HTvB223lGnDQjCz+3bgNJSiBRxcaKz/EMeugs0i1UmrqN7jdXhI eNtKCtIkILyzVg== -----END CERTIFICATE-----Generated at Mon Oct 27 17:31:47 2025 by rpki-client