$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft File: s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft (raw, json) Hash identifier: FrUkBTBlZIXX0JIiruFdRmShUf5fhKSKHM/Ndm9fm/4= Subject key identifier: 0A:06:F4:3A:09:BD:18:A0:E5:A0:F5:F3:35:F5:18:B4:1F:03:7C:AF Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019A4EF506C3B331135B0B80D62189A99D63 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft Manifest number: 172F Signing time: Tue 04 Nov 2025 13:01:12 +0000 Manifest this update: Tue 04 Nov 2025 13:01:12 +0000 Manifest next update: Wed 05 Nov 2025 13:01:12 +0000 Files and hashes: 1: 8G17Uj9AIXGxXZ66yfJHOLsxPo8.roa (hash: qU/6T++9LyINzVzJ8CV6sT+MweAHyZF0SIUnm5bIRYg=) 2: Hrw24NCuWIUCpkj_ixSA3ykRPr4.roa (hash: EL86DxycBZAbHkapsC+FVYde7DJDbg6IvsLrlIhK4Mg=) 3: HzkqLbs1liYqOOnORyYsONDUWCk.roa (hash: uXYRvHJ6LJgN5jTlxHsTjXJyetqQoAXwubqH0//UAWg=) 4: N8YU9P6afQ3l1ax9yLIDe6D0fIk.roa (hash: EU77Dk5F7GrtkJ85p7yvIHvzXNj6aNgdhN+Tn5j+zs0=) 5: NxaezdRi3ofV0Ea6FtmKMCg4Xno.roa (hash: OxfdQ+cdMI49CYY0Q1jeMkKHuJPcs1w/NoTD4eAZ2MA=) 6: TO40FjbIwGNQNwtqPj8kwc1ZTTA.roa (hash: CxCIaev63Gqq5Rl8++kPvXMtj4T/C8ceRG4EudeHUmA=) 7: g0-0qeR0lc1LsLxknNYR3dnvEBA.roa (hash: EXsDcqkvYGuTEAGM2nI2WIcOnpMXlYj8og8Md2Id59Q=) 8: gG0DNUP64NYeP7QJN-nJ3HYb71o.roa (hash: TdYqV2WNRnqL2XDaa0pYRnVh8SMGr720PVd0f0ZigsI=) 9: jGaeQ05R3hLIsxNTb7dpc8FaO6w.roa (hash: 4TEbxdiinYCpm4mycPqOwDmBBxQQxUxqZfGO0t4kbOg=) 10: oRsHwl0lqDdQsW8I1c5igLUyNzs.roa (hash: 8g9A+Hdue1idAErOv1qWZKgEKPMgG/A4+RlDqNfgnkI=) 11: oreGjQwv74g6OpxObQTCv-MnU1M.roa (hash: d1IJwSRdqQjA5VA/VLC7+miffsmnB8Nxer6G7ClHfMc=) 12: p2_R78qfiRDhzvxPsVGCBtVmaJE.roa (hash: AfONkYdMNZkN9Er/D4pbys1uxPQQYlJm+sdpKa5QxNI=) 13: s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl (hash: LIhkPCB6m81pPWkIyUIrlNgUOPtPEY8pF+D3Cz4klL0=) 14: wjy1-qmg6rYR0UilXbPOrktmKnc.roa (hash: OCHLZL4VOIDtWxajhki14b+EkeW6juZq6cOYKpzs8QI=) 15: xMcgE5el8x0M_rTEbVyhY3X3x1c.roa (hash: PGLJrZJLBXcLan5LC1jzJXTcMWQ+drrbyWZOiA3GgNU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 09:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:4e:f5:06:c3:b3:31:13:5b:0b:80:d6:21:89:a9:9d:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Nov 4 13:01:12 2025 GMT Not After : Nov 5 13:01:12 2025 GMT Subject: CN=0a06f43a09bd18a0e5a0f5f335f518b41f037caf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:8a:69:d1:cf:c1:31:50:13:6f:cb:ee:26:7a: 20:91:08:ad:b7:71:2c:c6:b5:92:f9:cf:0a:03:7b: 56:53:96:20:0f:e4:e1:67:e5:bd:79:fa:93:8b:d8: ba:93:cb:a5:df:a4:bb:c9:a3:e5:da:e5:5e:36:b1: c7:e9:02:c9:2d:d7:a0:e1:be:c3:d4:bb:9c:3e:0b: 7d:b5:5a:87:8a:fe:e2:34:f9:84:f5:61:80:16:0f: 09:2e:d9:5e:64:35:9c:c2:9b:a3:16:b1:09:9b:58: 48:6e:05:83:b8:40:5a:af:07:14:c1:f2:90:db:69: 4a:cf:c3:1d:7b:39:dd:e9:7a:b1:23:7d:b0:96:12: 80:86:b2:cd:c3:f5:3c:2b:d4:97:8c:90:b8:08:74: 50:18:9b:11:4b:f8:d5:63:20:3b:9c:65:25:c1:d7: d4:04:8d:f0:8a:54:2c:6b:d1:5f:80:c2:7e:e9:89: 79:d8:7e:96:6f:19:89:2a:7d:5a:4f:02:6d:0c:f5: 9e:47:d6:ad:f0:80:12:2a:3e:74:e6:08:43:81:e6: fd:e0:44:bf:45:94:56:83:4f:50:7c:c2:ea:4b:2e: 56:18:f7:33:c6:2b:a3:6b:0f:c6:c8:c3:64:89:34: 33:01:95:e5:cf:1c:81:0b:ef:96:92:1a:a2:0a:2a: 96:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:06:F4:3A:09:BD:18:A0:E5:A0:F5:F3:35:F5:18:B4:1F:03:7C:AF X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:35:a1:81:0e:5e:90:ba:94:d5:b6:b4:ce:0c:c2:fd:28:3e: 76:18:34:72:b1:6c:fb:8c:c5:19:fe:c9:b4:bb:f3:c2:58:58: 94:b5:96:41:09:63:c8:c3:15:5c:87:12:ac:fd:c5:00:59:e3: 86:6b:ae:a4:05:a1:91:6a:70:8f:8d:e7:ab:36:4c:c5:28:ea: 2f:6a:b3:ea:e3:11:d1:84:89:99:11:cd:56:8f:1d:97:b4:f5: c5:4d:e1:06:38:0c:bd:a5:4a:bf:fb:32:ae:a9:6d:c9:de:f7: 1d:8b:ce:0c:c7:d2:14:9c:eb:c3:65:65:1a:65:bb:4c:96:a4: 8f:88:18:c3:68:9e:16:14:c0:97:6e:a0:91:92:87:e3:d2:b6: ea:82:d6:d6:0b:c3:c6:89:69:56:f4:e2:0b:bf:06:ff:9c:ca: 78:c2:c3:9a:b6:61:cc:d9:d8:81:82:cd:6c:02:78:52:9b:a7: 06:62:c2:cd:80:f9:2e:22:96:27:07:d0:f5:1e:52:1e:9e:f0: 68:30:13:50:2b:6b:a6:e0:b8:b1:38:a4:40:a3:3e:d7:2b:bc: 87:38:84:51:94:23:a8:a2:d7:4e:0c:8b:05:91:4c:0d:d5:cb: 21:7f:b4:1e:28:83:98:a2:09:64:9c:2d:43:86:72:d8:2c:d0: c7:93:a5:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpO9QbDszETWwuA1iGJqZ1jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjUxMTA0MTMwMTEyWhcNMjUxMTA1MTMwMTEyWjAzMTEwLwYDVQQD EygwYTA2ZjQzYTA5YmQxOGEwZTVhMGY1ZjMzNWY1MThiNDFmMDM3Y2FmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ypp0c/BMVATb8vuJnogkQitt3Es xrWS+c8KA3tWU5YgD+ThZ+W9efqTi9i6k8ul36S7yaPl2uVeNrHH6QLJLdeg4b7D 1LucPgt9tVqHiv7iNPmE9WGAFg8JLtleZDWcwpujFrEJm1hIbgWDuEBarwcUwfKQ 22lKz8Mdeznd6XqxI32wlhKAhrLNw/U8K9SXjJC4CHRQGJsRS/jVYyA7nGUlwdfU BI3wilQsa9FfgMJ+6Yl52H6WbxmJKn1aTwJtDPWeR9at8IASKj505ghDgeb94ES/ RZRWg09QfMLqSy5WGPczxiujaw/GyMNkiTQzAZXlzxyBC++WkhqiCiqWSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAoG9DoJvRig5aD18zX1GLQfA3yvMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASTWhgQ5e kLqU1ba0zgzC/Sg+dhg0crFs+4zFGf7JtLvzwlhYlLWWQQljyMMVXIcSrP3FAFnj hmuupAWhkWpwj43nqzZMxSjqL2qz6uMR0YSJmRHNVo8dl7T1xU3hBjgMvaVKv/sy rqltyd73HYvODMfSFJzrw2VlGmW7TJakj4gYw2ieFhTAl26gkZKH49K26oLW1gvD xolpVvTiC78G/5zKeMLDmrZhzNnYgYLNbAJ4UpunBmLCzYD5LiKWJwfQ9R5SHp7w aDATUCtrpuC4sTikQKM+1yu8hziEUZQjqKLXTgyLBZFMDdXLIX+0HiiDmKIJZJwt Q4Zy2CzQx5OlNg== -----END CERTIFICATE-----Generated at Tue Nov 4 17:54:43 2025 by rpki-client