$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft File: bSDd05jayPYswSUmMl8YIftyT3U.mft (raw, json) Hash identifier: /2gG6HvP91Odju8+VXZkRgAvRd3ooMC9xhjlsUKQr8Q= Subject key identifier: D8:F6:21:47:5C:F5:8A:17:B6:7F:77:8D:79:0A:0D:08:AA:12:F0:B7 Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Certificate serial: 019675673C9E2114D1B009586944C444AA0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft Manifest number: 1406 Signing time: Sun 27 Apr 2025 04:00:22 +0000 Manifest this update: Sun 27 Apr 2025 04:00:22 +0000 Manifest next update: Mon 28 Apr 2025 04:00:22 +0000 Files and hashes: 1: 1cBjbhQO7ncLuCJPPP3ax-BP1rc.roa (hash: Jy5kekjzCQxDaa0ItIoXnMNYM41DXr2Kna+F8NZUTeI=) 2: 8hRBXjeqaNVqsRXwD3teVm2IptQ.roa (hash: 7trj/DN0w0nR+thBLV8DeXduqLYmWtu9yjYZdu4vyJw=) 3: Bx__fFiMMTggkGq_nd5kX3xmUcg.roa (hash: mKBt1ZL1NN3yHJQYqC4MudwNnNLAyAG6zsc+LH7T2yM=) 4: CLnjMLjaN6TgfiTPKuCp1qWork0.roa (hash: MihJ/9Q2aOSD5kcM3rgBq2rOZB5XjrnOSNAyQ0gi6BU=) 5: Ff-r3-0iyLfe2eC4tftKl7r4ksA.roa (hash: XBCuFAzYlK+KS0b0qdNX4BGXCyC4kES1ua5iNmQkljo=) 6: Hd6EfoaV6nT3HCN6XaeOjid6KeE.roa (hash: jB+LwnmkqI7LD0NI0i2IOq5xZm+2j2nKXigXc5yngNg=) 7: Kdr1IpxFOfOedDgEd0rr_-GJc6w.roa (hash: 4mvPk5YCIebKrrCqmTuHh7apgwePzT2ptGjzqSnMQ2k=) 8: MPADllIHWdYho5SL9cNb4fTjF5g.roa (hash: 0EWuYNC8MZ5sfsDzG+GHQhkCofnYevzEpH/1M0Pt09c=) 9: XhfMqezXvZ9Gr1SfZAFxxiBLdqw.roa (hash: QCoblTw77lmvmm3xeIb8Fg5RScedsC6Svua+HgD7wlE=) 10: _363_dFkTrxVWJRfmKGhVcGEYxw.roa (hash: EFI43I2qKJ1jnWCRyPrzhjddU2bZAD3g2m1Gb9lWY6w=) 11: aIC6ROQmIBkJtMQV3BLilIyM4Jc.roa (hash: +ZDiWP7vx5S7AAhHLcn6ylil5bTpyx1nO3rHC5JU56A=) 12: bSDd05jayPYswSUmMl8YIftyT3U.crl (hash: vSnsUERxE+2SZTb+BmtgxP7p0eVpDYU53gOWvgOSY7U=) 13: irOUAsVrlxFg5m013u0wtydduUU.roa (hash: z7Yif2k8ig/75nD80USkf23TbWyOlu3D9+tkTdBp9Ks=) 14: o5T0k_44TSkIgUx_Ff4U-HFRZqU.roa (hash: IFaPUBy92F06F1cq2klHPE/ZCTKON9EkjF2KsBLKJXw=) 15: qSlaLn-7EYhvBs__DrzBebluApA.roa (hash: /m9RdlfwCPFmSdntKKJTP1sX7ETuhSL8wJhpD8u8EQU=) 16: rgzdAffmWWAVB7HsZPyDscdDfUs.roa (hash: PHFUtB9FTI42HYVNCn11UAKgdzJHvZkAvCdcalSeSVs=) 17: vyh_XE53itxxZ2DN3zJiSHad7oQ.roa (hash: BwwJTDqClirjAI8z/+dm20U+LpRGL9usTj1KRJXE4gs=) 18: yg_HS_s2OCjXK0jReopP7pxbzEU.roa (hash: /cc/484KOb4Fggnc+ZXZkdfaz6dhvpdG37mEdlHjj9I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 28 Apr 2025 02:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:96:75:67:3c:9e:21:14:d1:b0:09:58:69:44:c4:44:aa:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Validity Not Before: Apr 27 04:00:22 2025 GMT Not After : Apr 28 04:00:22 2025 GMT Subject: CN=d8f621475cf58a17b67f778d790a0d08aa12f0b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:9e:84:9e:35:5a:8a:00:ad:17:f4:f6:38:07: 94:bd:fe:85:de:87:eb:f0:95:08:bf:f2:34:f5:2f: ce:62:c5:95:cb:53:e9:f4:18:ea:07:a8:83:70:f5: 0e:45:c0:bf:1f:a0:64:de:82:6c:8d:ba:90:32:d4: 40:f0:7c:7b:e3:28:6c:af:8c:4a:36:5c:a2:35:be: 67:bc:02:26:56:8a:9e:d6:ec:b1:73:af:c6:ce:75: c7:f9:5b:d7:cf:8b:41:9c:9b:70:ee:ad:17:68:db: f5:f7:f6:87:df:4c:32:d8:db:86:a0:20:cd:ab:60: 70:da:1c:d0:58:e8:7b:b6:ab:7e:22:99:f8:42:b5: 67:ea:f7:de:5b:24:f3:67:6e:0b:3b:85:b6:39:4f: 71:83:46:de:4b:65:0e:fc:c6:79:0a:18:b6:c1:95: 78:c0:96:29:8b:f0:44:2d:79:95:4f:da:e3:c6:f0: d0:2b:53:b6:cf:aa:8b:71:11:8d:74:cb:f9:a2:08: 67:80:a7:fc:ce:ff:7a:71:e6:25:ad:d2:f6:9b:b6: 1b:dd:97:d9:60:61:51:ec:7b:67:64:ac:40:48:1b: 3e:ca:90:de:f2:ea:e3:a5:bb:a6:60:cf:a4:57:f5: 04:06:20:c2:14:c9:57:a2:08:80:47:17:be:db:ff: c8:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:F6:21:47:5C:F5:8A:17:B6:7F:77:8D:79:0A:0D:08:AA:12:F0:B7 X509v3 Authority Key Identifier: keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:1c:b9:25:28:3f:84:3e:be:40:fd:16:12:a2:ca:8c:9f:fa: 0b:86:52:21:81:a7:e5:a8:7f:a2:f6:95:7d:d5:0f:3e:87:4b: ef:0a:91:7d:d0:b1:c3:8c:96:9e:0b:69:ea:7c:96:fd:e7:5b: b1:fd:8e:d6:d5:d1:da:be:18:f3:86:01:b9:c0:cb:13:4e:fb: 57:e4:40:a2:dd:10:7c:6b:8c:05:ea:a0:73:a4:a9:eb:bb:e7: ad:27:84:6e:ed:1b:85:56:1b:79:f3:06:bf:d9:01:a2:89:2b: 4e:19:03:8c:37:af:f8:4d:e6:19:d1:00:34:82:54:21:37:78: 18:99:c5:a4:52:ea:ff:69:a9:1b:0e:df:58:1b:a0:9b:84:5e: de:e3:9e:0a:82:1d:60:2f:74:96:29:69:89:83:51:cf:60:4e: 0b:2d:ac:b5:0b:00:f8:c9:24:93:36:2d:17:8c:ed:c5:e8:5a: 8e:d0:3f:bc:fd:43:b6:0d:74:e8:03:3f:40:0b:4e:73:16:96: f6:66:0c:6d:02:2a:fa:3f:74:e6:ae:7a:9f:f7:68:c1:02:d2: 0a:a7:bb:8b:17:38:9e:d1:68:ae:93:d4:74:86:6b:8c:56:0b: ed:44:91:cc:ba:c2:6e:b9:d9:70:d0:a2:8e:37:d1:0d:d8:00: 6f:f3:ba:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZZ1ZzyeIRTRsAlYaUTERKoLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3 MjRmNzUwHhcNMjUwNDI3MDQwMDIyWhcNMjUwNDI4MDQwMDIyWjAzMTEwLwYDVQQD EyhkOGY2MjE0NzVjZjU4YTE3YjY3Zjc3OGQ3OTBhMGQwOGFhMTJmMGI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo56EnjVaigCtF/T2OAeUvf6F3ofr 8JUIv/I09S/OYsWVy1Pp9BjqB6iDcPUORcC/H6Bk3oJsjbqQMtRA8Hx74yhsr4xK NlyiNb5nvAImVoqe1uyxc6/GznXH+VvXz4tBnJtw7q0XaNv19/aH30wy2NuGoCDN q2Bw2hzQWOh7tqt+Ipn4QrVn6vfeWyTzZ24LO4W2OU9xg0beS2UO/MZ5Chi2wZV4 wJYpi/BELXmVT9rjxvDQK1O2z6qLcRGNdMv5oghngKf8zv96ceYlrdL2m7Yb3ZfZ YGFR7HtnZKxASBs+ypDe8urjpbumYM+kV/UEBiDCFMlXogiARxe+2//IMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNj2IUdc9YoXtn93jXkKDQiqEvC3MB8GA1UdIwQY MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt MzZkZTY1NzIzMmJlLzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADhy5JSg/ hD6+QP0WEqLKjJ/6C4ZSIYGn5ah/ovaVfdUPPodL7wqRfdCxw4yWngtp6nyW/edb sf2O1tXR2r4Y84YBucDLE077V+RAot0QfGuMBeqgc6Sp67vnrSeEbu0bhVYbefMG v9kBookrThkDjDev+E3mGdEANIJUITd4GJnFpFLq/2mpGw7fWBugm4Re3uOeCoId YC90lilpiYNRz2BOCy2stQsA+MkkkzYtF4ztxehajtA/vP1Dtg106AM/QAtOcxaW 9mYMbQIq+j905q56n/dowQLSCqe7ixc4ntForpPUdIZrjFYL7USRzLrCbrnZcNCi jjfRDdgAb/O6og== -----END CERTIFICATE-----Generated at Sun Apr 27 07:41:29 2025 by rpki-client