$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft File: pnhXc98xO5FxG_a8WxSezCRrnok.mft (raw, json) Hash identifier: t+rw2Yyomxn68ajho4JkmwcZ0qE35Mx59ptGjuS2ies= Subject key identifier: 91:A3:91:00:60:7F:2F:63:56:B0:71:47:D6:6F:84:2E:9D:53:2D:92 Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Certificate serial: 019935011FB2B3B35764831F14F7FFF8C610 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft Manifest number: 1444 Signing time: Wed 10 Sep 2025 19:01:30 +0000 Manifest this update: Wed 10 Sep 2025 19:01:30 +0000 Manifest next update: Thu 11 Sep 2025 19:01:30 +0000 Files and hashes: 1: 4_O_iIpyAI9RehObq-pOpadb0Oc.roa (hash: yk0faU3G873g+gLSQoGVoe7NYYyCWEaHzHI6ZIk9UdY=) 2: 7loUqY3SMQ476AvW8cBj_oE5D0w.roa (hash: 9ZWiK7Ya0oQoJXKuXssFNZZZ1jcO9WaxjH/2eSSyYlw=) 3: 9qXJnie35SdfH2J2EgodKBngTzA.roa (hash: jwDaD5ZgcucjZdcdoISWLpA3Zdrcncz7G1jWAlDHN4k=) 4: _K6pKy4r_yxn6KKjdedN6hKQIRc.roa (hash: Fa8PiwPRQ/Nbg/tMa4sLtAZckTKFYG8hQ2oLAm3z+YE=) 5: eeGo9wragRSvkLaXijzUVv6g1UQ.roa (hash: f0fCuBwmYqh4E9JpX2SXK0IGaTdlCqkrpCwPLzLM7U8=) 6: f_BAmJDU6YD_W-jGGFTEv2Fs7Ak.roa (hash: PaLYZLAv0TrU+Bsc9bxTmK6PnOfA5lCBIqcJSl9Ay7o=) 7: h0Rq-64YdH2Rhgx8VqQPxecaOJk.roa (hash: +OMPPDfPiGbQBs5xm10WtKzO2XvkhzUC6VL8TFg0R8M=) 8: p7CrYRPqjfqg5-SpOOWgZYcH7pg.roa (hash: VxeYJO6+oO8JTtkcjhdpm2dOlDG12rU/cm/baKhjYqs=) 9: pnhXc98xO5FxG_a8WxSezCRrnok.crl (hash: bJVSHN3Gb8ycOOKS+M76p4rWcrgNLlHJJFowE7DkAmI=) 10: vm5i6AVzmYzAz9qPwbnD4VrLfVA.roa (hash: VDQ8oeDiLzJU7KaKEM2DHEI37PMjg/GP0JQI1knZDEc=) 11: yj9vr2VnE10QnxtDsz-n2QVr0i4.roa (hash: oY4OEejijqth0Kn/mWSI257F9MR4bW3yyLCjseFCr/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Sep 2025 19:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:35:01:1f:b2:b3:b3:57:64:83:1f:14:f7:ff:f8:c6:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Validity Not Before: Sep 10 19:01:30 2025 GMT Not After : Sep 11 19:01:30 2025 GMT Subject: CN=91a39100607f2f6356b07147d66f842e9d532d92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:48:e3:93:ce:e4:c6:9f:77:17:cc:c0:8e:af: 91:df:85:f2:d8:34:b6:08:3b:1b:c4:7e:dc:fb:c8: 51:d1:a6:c4:c7:02:77:45:d3:71:7b:60:e2:b4:5a: d3:05:f2:63:18:dd:9b:ff:a5:99:c5:ce:7c:c8:11: ce:c5:84:7e:1b:95:5a:28:4f:66:c7:46:14:19:d8: 49:57:14:04:ca:8f:20:8e:75:82:f8:83:46:b8:3f: 37:1f:72:a6:7a:6d:a4:d2:95:b3:72:d3:36:2b:3a: a7:20:6b:40:cd:7b:48:54:66:90:4f:70:68:e5:e3: db:96:f7:5e:0a:cc:84:26:48:f4:c5:6c:29:d3:af: 12:1a:be:c8:67:28:9b:30:36:5c:97:ba:ad:d0:a9: 4b:4e:73:5a:94:2d:5a:0c:31:fc:9f:92:b2:8b:c4: 84:b0:3b:38:b1:7d:da:f0:75:ec:56:77:61:d8:0c: f0:0b:65:b9:21:1d:0d:01:1f:b2:99:f7:bd:83:97: 36:9e:f8:bc:4e:32:37:79:f7:7e:a8:bc:33:a0:e2: 99:e1:d7:b5:0d:17:7c:20:76:16:75:c7:fd:e8:81: f1:c0:15:2d:9b:0e:46:a9:fc:29:84:f9:ed:5d:7c: 29:11:3e:b6:46:35:0c:89:fd:f0:4d:37:67:0e:9d: b5:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:A3:91:00:60:7F:2F:63:56:B0:71:47:D6:6F:84:2E:9D:53:2D:92 X509v3 Authority Key Identifier: keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:ad:c5:84:5f:ff:3e:84:7d:d0:3b:cd:85:ee:aa:42:a9:d5: 9a:ed:39:34:03:d3:ba:16:1b:e5:06:d1:58:1e:21:d3:c2:8f: bf:91:d8:35:36:85:2e:a1:15:b0:30:f9:08:e5:4a:c8:2f:59: 80:2d:43:b7:4c:c9:e7:37:1d:0b:cd:b6:8b:89:c9:28:57:08: fa:be:78:26:77:9a:47:96:bc:1c:13:ba:5c:c6:ed:e0:dd:38: 48:19:62:d7:e5:f9:31:74:51:f0:1f:c1:e2:d2:d1:b5:ef:19: 25:02:2a:e9:16:8c:95:86:c3:97:9d:ee:a4:8d:cf:e8:00:04: c2:0d:60:8f:ce:21:1b:12:33:c2:93:0d:a5:eb:19:f5:8b:c1: 70:f3:ae:4d:60:61:54:07:8f:50:36:82:24:8f:76:6a:a7:db: 74:c8:02:cb:e6:da:0c:31:31:82:0a:52:a2:01:2c:a1:22:1b: 95:29:92:48:a7:99:01:0e:4a:6f:3b:bb:1e:01:21:5c:56:d7: 44:39:74:37:b8:50:ef:ba:f5:96:1e:19:b4:1c:34:1d:73:27: af:cb:d4:ff:9a:a9:23:56:eb:9c:43:c8:10:5a:ec:2f:cc:01: 7d:3b:b3:e3:bc:0e:5f:3e:3e:1b:44:e5:e6:21:10:b7:3e:cf: 4e:58:6c:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZk1AR+ys7NXZIMfFPf/+MYQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2 YjllODkwHhcNMjUwOTEwMTkwMTMwWhcNMjUwOTExMTkwMTMwWjAzMTEwLwYDVQQD Eyg5MWEzOTEwMDYwN2YyZjYzNTZiMDcxNDdkNjZmODQyZTlkNTMyZDkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkjjk87kxp93F8zAjq+R34Xy2DS2 CDsbxH7c+8hR0abExwJ3RdNxe2DitFrTBfJjGN2b/6WZxc58yBHOxYR+G5VaKE9m x0YUGdhJVxQEyo8gjnWC+INGuD83H3Kmem2k0pWzctM2KzqnIGtAzXtIVGaQT3Bo 5ePblvdeCsyEJkj0xWwp068SGr7IZyibMDZcl7qt0KlLTnNalC1aDDH8n5Kyi8SE sDs4sX3a8HXsVndh2AzwC2W5IR0NAR+ymfe9g5c2nvi8TjI3efd+qLwzoOKZ4de1 DRd8IHYWdcf96IHxwBUtmw5GqfwphPntXXwpET62RjUMif3wTTdnDp21EQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJGjkQBgfy9jVrBxR9ZvhC6dUy2SMB8GA1UdIwQY MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt ZDc1ODY5YzBjNzFlLzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAga3FhF// PoR90DvNhe6qQqnVmu05NAPTuhYb5QbRWB4h08KPv5HYNTaFLqEVsDD5COVKyC9Z gC1Dt0zJ5zcdC822i4nJKFcI+r54JneaR5a8HBO6XMbt4N04SBli1+X5MXRR8B/B 4tLRte8ZJQIq6RaMlYbDl53upI3P6AAEwg1gj84hGxIzwpMNpesZ9YvBcPOuTWBh VAePUDaCJI92aqfbdMgCy+baDDExggpSogEsoSIblSmSSKeZAQ5Kbzu7HgEhXFbX RDl0N7hQ77r1lh4ZtBw0HXMnr8vU/5qpI1brnEPIEFrsL8wBfTuz47wOXz4+G0Tl 5iEQtz7PTlhs0g== -----END CERTIFICATE-----Generated at Wed Sep 10 22:56:58 2025 by rpki-client