$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft File: CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json) Hash identifier: hPa1v6Z96PlyaldNuJFOXF5aG6fkFp0cpZQLU65h7B4= Subject key identifier: 94:61:B9:D2:E5:70:B3:26:1B:8E:5E:BF:4F:2C:FF:41:EC:B0:C1:B8 Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd Certificate serial: 019A42B933CB602C29C61C47CC6F009B7956 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft Manifest number: 0B21 Signing time: Sun 02 Nov 2025 04:00:24 +0000 Manifest this update: Sun 02 Nov 2025 04:00:24 +0000 Manifest next update: Mon 03 Nov 2025 04:00:24 +0000 Files and hashes: 1: BVbo9uh3-UvDvwSZi6BfXSBGPHU.roa (hash: Z8qyhH6viB+EEzaDtRv3WrjvxrAR7rKFv4csNYovB+g=) 2: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: xcaCM4oXeHUUX/ct6YbVCYbuKxyVQG6aM+9c7Mm/VbU=) 3: DN7cb2WxNWOTpycH6YaG66edbbs.roa (hash: xHRCbbCrWIHuruRPkilEuXWa24rKkDGqIeFboryKMwQ=) 4: Fiaoyzt87itbMDPQcRW3KUFZRqE.roa (hash: msw75zbRd9jVXLoPptdxNvS4cyBll5nFN6qdq2TWWOE=) 5: HHx5PgT40c8odAvxk1P-fxWePlA.roa (hash: zPsSrq/ptkyDcwkMCUxFQsAp1K70phIRO2z3d5q6bK8=) 6: OEhLMwhGsj88kZ4FqVMVTfpqz-8.roa (hash: /KQ43a3fdsH0+xJZbYiIUJZNQ9G0ar1u4ierKXmEsMM=) 7: m87-CXNBm5VwmmEvQBAI-p_8l98.roa (hash: vGGq9E7IPOkRddkapcYuXImJsPgw9f+HEWKjnAHtMCI=) 8: nMhyX7boXa--DjLfLdE1CijBszU.roa (hash: s95e1FJb6EuRsUkazwo7HJhOqZW3W1mabgyeLhjUIIo=) 9: o0CQ-6MywHICo_xO6JVYrovLnaI.roa (hash: z9rRzR4IXOVwVGTGGEfUd7SIN6ihlxFiSh4at67AG5g=) 10: wWtKIfnyuy5Pwsg7v1x01k_AkAs.roa (hash: 9+2f6OaYEE6gwGcro5Uy8iHzJQ0Asb4j3ndklknXQsA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 03 Nov 2025 01:29:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:42:b9:33:cb:60:2c:29:c6:1c:47:cc:6f:00:9b:79:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd Validity Not Before: Nov 2 04:00:24 2025 GMT Not After : Nov 3 04:00:24 2025 GMT Subject: CN=9461b9d2e570b3261b8e5ebf4f2cff41ecb0c1b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:85:6a:10:e9:34:b1:51:a5:29:b5:e6:b9:07: 9e:ac:29:0f:6e:ef:32:ce:e5:f9:b2:b9:41:5c:88: 08:b7:d2:98:8e:71:59:79:78:d1:c6:35:ba:f7:db: ad:4c:7f:55:df:4f:e2:c9:d5:45:49:89:00:5f:c1: ab:76:35:50:46:86:be:74:79:d2:d0:b8:e4:2e:28: 38:87:fa:e5:d1:42:75:f4:30:c0:8a:3d:bf:26:3c: e1:72:91:1d:be:9d:e8:d9:91:8d:6f:8f:63:78:53: 5a:23:c7:8e:e9:5f:b4:23:c6:e9:e1:d0:96:39:b8: 2b:fb:5d:cf:7c:1e:4a:e1:fe:af:69:c5:99:ca:85: 89:b5:f4:4f:ee:81:50:1e:05:e5:d9:58:4b:3f:75: 44:46:6d:e6:70:60:7c:89:ec:64:25:d7:71:fc:4d: cd:f6:45:95:03:d7:2e:06:3f:2d:ee:7a:33:57:42: 4f:69:3d:63:5f:08:b2:09:e5:07:d4:c8:de:65:cb: 39:b4:d4:bd:d3:94:75:92:6d:3b:19:52:0e:ab:e5: f6:ab:0d:b8:65:34:e9:d7:22:d8:52:4b:e8:46:ac: 97:22:37:61:c6:f6:94:dc:fe:07:69:31:db:03:4e: 9f:c7:1b:b7:6d:47:fe:90:70:94:85:82:1f:3c:5d: d7:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:61:B9:D2:E5:70:B3:26:1B:8E:5E:BF:4F:2C:FF:41:EC:B0:C1:B8 X509v3 Authority Key Identifier: keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:a5:5a:1d:ce:9f:f7:cf:f7:5e:43:1c:b3:da:4b:88:73:61: d5:29:c0:53:c0:0f:31:3e:32:87:76:d4:a8:df:17:21:1e:ab: 7c:46:b0:1e:29:8b:65:0d:17:78:92:bb:d1:7a:39:36:90:b4: ed:e7:b1:a5:f0:00:91:e5:dd:0b:9c:ee:56:be:52:fd:f6:a8: 35:a8:4a:15:5a:c7:77:65:a0:77:d0:60:a0:e5:95:42:a2:34: 6a:53:86:df:16:c1:31:5d:c9:82:a8:22:b7:96:d7:c8:c5:b3: 6a:cf:92:84:2e:62:68:90:ef:7e:72:d0:7b:1e:0f:80:01:27: a7:c4:b7:37:75:57:54:05:3c:b7:a6:23:fe:2e:32:f5:e8:81: d0:fc:af:db:0b:a9:c2:be:5f:93:be:4d:ad:ac:12:76:e9:31: 63:2a:12:33:b3:5f:a1:bf:fd:bf:87:86:38:ac:18:71:63:68: ee:e6:8a:3f:07:ce:55:19:87:47:81:21:61:bd:52:21:bc:69: ca:84:ca:90:f7:af:11:28:e6:12:bf:6e:25:22:3c:4c:01:b7: f6:cb:d9:7a:86:26:f3:5e:a6:ca:41:5c:f0:be:1a:da:2f:a4: 21:f9:5e:fc:75:0e:55:a1:92:a0:0c:41:ac:88:74:3e:a7:3f: 80:f9:4c:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpCuTPLYCwpxhxHzG8Am3lWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1 NmRiZmQwHhcNMjUxMTAyMDQwMDI0WhcNMjUxMTAzMDQwMDI0WjAzMTEwLwYDVQQD Eyg5NDYxYjlkMmU1NzBiMzI2MWI4ZTVlYmY0ZjJjZmY0MWVjYjBjMWI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84VqEOk0sVGlKbXmuQeerCkPbu8y zuX5srlBXIgIt9KYjnFZeXjRxjW699utTH9V30/iydVFSYkAX8GrdjVQRoa+dHnS 0LjkLig4h/rl0UJ19DDAij2/JjzhcpEdvp3o2ZGNb49jeFNaI8eO6V+0I8bp4dCW Obgr+13PfB5K4f6vacWZyoWJtfRP7oFQHgXl2VhLP3VERm3mcGB8iexkJddx/E3N 9kWVA9cuBj8t7nozV0JPaT1jXwiyCeUH1MjeZcs5tNS905R1km07GVIOq+X2qw24 ZTTp1yLYUkvoRqyXIjdhxvaU3P4HaTHbA06fxxu3bUf+kHCUhYIfPF3X6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJRhudLlcLMmG45ev08s/0HssMG4MB8GA1UdIwQY MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARqVaHc6f 98/3XkMcs9pLiHNh1SnAU8APMT4yh3bUqN8XIR6rfEawHimLZQ0XeJK70Xo5NpC0 7eexpfAAkeXdC5zuVr5S/faoNahKFVrHd2Wgd9BgoOWVQqI0alOG3xbBMV3Jgqgi t5bXyMWzas+ShC5iaJDvfnLQex4PgAEnp8S3N3VXVAU8t6Yj/i4y9eiB0Pyv2wup wr5fk75NrawSdukxYyoSM7Nfob/9v4eGOKwYcWNo7uaKPwfOVRmHR4EhYb1SIbxp yoTKkPevESjmEr9uJSI8TAG39svZeoYm816mykFc8L4a2i+kIfle/HUOVaGSoAxB rIh0Pqc/gPlMfA== -----END CERTIFICATE-----Generated at Sun Nov 2 10:52:06 2025 by rpki-client