$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft File: pnhXc98xO5FxG_a8WxSezCRrnok.mft (raw, json) Hash identifier: GVvDJfn6U/gJNwmE20iidXUJlEY4KOn6CHw6Ty87d54= Subject key identifier: CC:19:41:0B:92:64:43:F3:F9:DA:52:AC:65:C3:98:D4:CA:C3:C2:AC Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Certificate serial: 019A2478F3531EFBDC22CF081789AF1245D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft Manifest number: 14C0 Signing time: Mon 27 Oct 2025 07:01:37 +0000 Manifest this update: Mon 27 Oct 2025 07:01:37 +0000 Manifest next update: Tue 28 Oct 2025 07:01:37 +0000 Files and hashes: 1: 4_O_iIpyAI9RehObq-pOpadb0Oc.roa (hash: yk0faU3G873g+gLSQoGVoe7NYYyCWEaHzHI6ZIk9UdY=) 2: 7loUqY3SMQ476AvW8cBj_oE5D0w.roa (hash: 9ZWiK7Ya0oQoJXKuXssFNZZZ1jcO9WaxjH/2eSSyYlw=) 3: 9qXJnie35SdfH2J2EgodKBngTzA.roa (hash: jwDaD5ZgcucjZdcdoISWLpA3Zdrcncz7G1jWAlDHN4k=) 4: _K6pKy4r_yxn6KKjdedN6hKQIRc.roa (hash: Fa8PiwPRQ/Nbg/tMa4sLtAZckTKFYG8hQ2oLAm3z+YE=) 5: eeGo9wragRSvkLaXijzUVv6g1UQ.roa (hash: f0fCuBwmYqh4E9JpX2SXK0IGaTdlCqkrpCwPLzLM7U8=) 6: f_BAmJDU6YD_W-jGGFTEv2Fs7Ak.roa (hash: PaLYZLAv0TrU+Bsc9bxTmK6PnOfA5lCBIqcJSl9Ay7o=) 7: h0Rq-64YdH2Rhgx8VqQPxecaOJk.roa (hash: +OMPPDfPiGbQBs5xm10WtKzO2XvkhzUC6VL8TFg0R8M=) 8: p7CrYRPqjfqg5-SpOOWgZYcH7pg.roa (hash: VxeYJO6+oO8JTtkcjhdpm2dOlDG12rU/cm/baKhjYqs=) 9: pnhXc98xO5FxG_a8WxSezCRrnok.crl (hash: I1/SGtW9VWBkdeC+niVT9YcZ2fxy3mCuoBBGNfi6QoY=) 10: vm5i6AVzmYzAz9qPwbnD4VrLfVA.roa (hash: VDQ8oeDiLzJU7KaKEM2DHEI37PMjg/GP0JQI1knZDEc=) 11: yj9vr2VnE10QnxtDsz-n2QVr0i4.roa (hash: oY4OEejijqth0Kn/mWSI257F9MR4bW3yyLCjseFCr/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Oct 2025 07:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:24:78:f3:53:1e:fb:dc:22:cf:08:17:89:af:12:45:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Validity Not Before: Oct 27 07:01:37 2025 GMT Not After : Oct 28 07:01:37 2025 GMT Subject: CN=cc19410b926443f3f9da52ac65c398d4cac3c2ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:77:b0:aa:9d:0d:ae:d5:bc:82:7a:ad:87:2c: 2f:d0:63:78:5d:92:fc:cf:1b:39:37:72:4c:d2:49: d5:e5:10:42:f9:11:5c:81:7a:55:d1:ff:dc:48:85: 12:a2:79:de:78:bd:1e:38:29:1b:d0:63:8f:d1:1d: 2e:27:be:43:7b:a2:38:5b:c1:34:b1:b4:aa:c1:ad: 15:86:09:fd:b4:20:4d:b3:11:3d:8d:31:50:09:eb: 1f:15:ad:32:6d:43:5d:27:fe:52:70:1e:c7:fb:c1: 85:a2:b3:2a:7b:a1:83:3f:9e:34:79:d8:c7:99:37: 2f:88:75:fc:bd:d1:11:a6:7f:f2:df:a7:2f:f8:1f: 0c:28:08:57:00:02:df:83:34:52:e4:3a:30:ac:5b: 05:f1:5a:b7:16:01:71:86:af:7c:01:46:34:d1:43: 34:8a:30:67:9c:ad:c0:96:5b:bd:17:78:fb:05:2e: b0:ff:4c:40:24:1e:c0:8d:e7:fe:08:50:ab:34:10: e5:bf:71:21:a6:7c:af:ff:a4:de:92:54:d4:0a:b5: f0:ae:dd:ab:75:28:d0:13:8e:3e:70:c3:95:ac:ae: 2d:78:4f:fa:0c:72:dd:10:49:0a:2a:77:ae:7d:47: 22:07:f7:e2:91:0f:8a:94:44:13:a7:31:5c:aa:ac: ac:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:19:41:0B:92:64:43:F3:F9:DA:52:AC:65:C3:98:D4:CA:C3:C2:AC X509v3 Authority Key Identifier: keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:3e:b6:a7:46:d5:58:a4:82:79:34:59:a1:b9:47:04:57:f6: 34:5f:47:8e:fe:de:48:bd:70:c1:e0:a1:5f:ad:77:42:20:42: a1:69:0f:eb:01:19:05:fa:47:8c:b6:38:6b:36:44:03:15:76: 9a:7c:83:af:e8:53:13:76:6f:86:dd:8e:fd:93:c9:e1:83:28: c7:0a:d2:08:19:18:e2:18:5e:6a:9c:ae:ca:1f:72:e4:b3:d5: 35:db:32:75:a8:87:51:71:ac:ca:a9:8a:4f:6b:45:d3:d8:99: d5:5f:48:7a:81:2c:b0:83:bb:65:93:1b:66:43:66:3b:4e:87: 6e:53:8e:6f:3a:36:85:fb:b8:9c:1d:4e:69:23:e2:37:e2:b2: bb:4e:78:23:40:2b:f6:a8:1a:a7:31:75:e9:36:e7:da:1d:30: 81:1a:64:b9:3d:44:0f:ac:76:7c:dc:fe:6e:aa:e0:e9:89:72: 31:81:6d:47:d5:2d:a0:22:9d:78:9c:9a:2b:7e:6b:5f:51:90: f4:89:72:16:b8:a7:77:17:c4:e2:04:a6:7f:88:53:8f:a2:4d: af:cd:e1:c6:6e:9d:92:60:50:43:8a:ad:b1:e3:e3:0f:aa:fd: 4a:2b:43:fc:d3:4a:64:7c:82:fe:da:c2:ac:42:75:ee:bf:97: cd:1b:a2:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZokePNTHvvcIs8IF4mvEkXRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2 YjllODkwHhcNMjUxMDI3MDcwMTM3WhcNMjUxMDI4MDcwMTM3WjAzMTEwLwYDVQQD EyhjYzE5NDEwYjkyNjQ0M2YzZjlkYTUyYWM2NWMzOThkNGNhYzNjMmFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnewqp0NrtW8gnqthywv0GN4XZL8 zxs5N3JM0knV5RBC+RFcgXpV0f/cSIUSonneeL0eOCkb0GOP0R0uJ75De6I4W8E0 sbSqwa0Vhgn9tCBNsxE9jTFQCesfFa0ybUNdJ/5ScB7H+8GForMqe6GDP540edjH mTcviHX8vdERpn/y36cv+B8MKAhXAALfgzRS5DowrFsF8Vq3FgFxhq98AUY00UM0 ijBnnK3Allu9F3j7BS6w/0xAJB7Ajef+CFCrNBDlv3Ehpnyv/6TeklTUCrXwrt2r dSjQE44+cMOVrK4teE/6DHLdEEkKKneufUciB/fikQ+KlEQTpzFcqqysswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMwZQQuSZEPz+dpSrGXDmNTKw8KsMB8GA1UdIwQY MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt ZDc1ODY5YzBjNzFlLzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPT62p0bV WKSCeTRZoblHBFf2NF9Hjv7eSL1wweChX613QiBCoWkP6wEZBfpHjLY4azZEAxV2 mnyDr+hTE3Zvht2O/ZPJ4YMoxwrSCBkY4hheapyuyh9y5LPVNdsydaiHUXGsyqmK T2tF09iZ1V9IeoEssIO7ZZMbZkNmO06HblOObzo2hfu4nB1OaSPiN+Kyu054I0Ar 9qgapzF16Tbn2h0wgRpkuT1ED6x2fNz+bqrg6YlyMYFtR9UtoCKdeJyaK35rX1GQ 9IlyFrindxfE4gSmf4hTj6JNr83hxm6dkmBQQ4qtsePjD6r9SitD/NNKZHyC/trC rEJ17r+XzRuitg== -----END CERTIFICATE-----Generated at Mon Oct 27 11:45:32 2025 by rpki-client