$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft File: s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft (raw, json) Hash identifier: v/YH+LPlS13h+pCNaqJaey9ZDbT1QAHmCHVrM5Bqd+o= Subject key identifier: 2B:F7:F8:22:D1:55:B8:FA:AF:0C:2E:5A:AD:E8:CC:95:85:F0:D9:3F Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 01967DC5B4374F4A033776C1289CBCE3640E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft Manifest number: 1529 Signing time: Mon 28 Apr 2025 19:00:30 +0000 Manifest this update: Mon 28 Apr 2025 19:00:30 +0000 Manifest next update: Tue 29 Apr 2025 19:00:30 +0000 Files and hashes: 1: 1IyxB14_QkLsvmLRx3j-3a6Zjk4.roa (hash: htWKauGvhiwmC3uhHI9F9baGTADLWNpjXIog5aUAkzA=) 2: Hrw24NCuWIUCpkj_ixSA3ykRPr4.roa (hash: EL86DxycBZAbHkapsC+FVYde7DJDbg6IvsLrlIhK4Mg=) 3: HzkqLbs1liYqOOnORyYsONDUWCk.roa (hash: uXYRvHJ6LJgN5jTlxHsTjXJyetqQoAXwubqH0//UAWg=) 4: KW8HM7Vt-viFSQssh-MaAGQ56LI.roa (hash: LVB3HoG1zrGwq6DA6Whlqb+iZJnipajeWgJUkFDtgQ8=) 5: N8YU9P6afQ3l1ax9yLIDe6D0fIk.roa (hash: EU77Dk5F7GrtkJ85p7yvIHvzXNj6aNgdhN+Tn5j+zs0=) 6: NxaezdRi3ofV0Ea6FtmKMCg4Xno.roa (hash: OxfdQ+cdMI49CYY0Q1jeMkKHuJPcs1w/NoTD4eAZ2MA=) 7: jGaeQ05R3hLIsxNTb7dpc8FaO6w.roa (hash: 4TEbxdiinYCpm4mycPqOwDmBBxQQxUxqZfGO0t4kbOg=) 8: mSsD_9FMfN2LP7M_Mwsa2ue8f54.roa (hash: 9X0dNAuuQyEHvxBMN4gp2QewnB9NGpB0KtQCW0IE4VU=) 9: oRsHwl0lqDdQsW8I1c5igLUyNzs.roa (hash: 8g9A+Hdue1idAErOv1qWZKgEKPMgG/A4+RlDqNfgnkI=) 10: oreGjQwv74g6OpxObQTCv-MnU1M.roa (hash: d1IJwSRdqQjA5VA/VLC7+miffsmnB8Nxer6G7ClHfMc=) 11: p2_R78qfiRDhzvxPsVGCBtVmaJE.roa (hash: AfONkYdMNZkN9Er/D4pbys1uxPQQYlJm+sdpKa5QxNI=) 12: s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl (hash: wWXAlsYOXXr6DlB8I4wrU6iJzg4p+M2Q3m444TZbMp0=) 13: vxg-yi7SqRx3q3DlZJY82nlINbw.roa (hash: 8Tp3GLDI+FIAlBt1x2bg1AA0ZulV2JjhMEdWi/PMtGA=) 14: wjy1-qmg6rYR0UilXbPOrktmKnc.roa (hash: OCHLZL4VOIDtWxajhki14b+EkeW6juZq6cOYKpzs8QI=) 15: xMcgE5el8x0M_rTEbVyhY3X3x1c.roa (hash: PGLJrZJLBXcLan5LC1jzJXTcMWQ+drrbyWZOiA3GgNU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 29 Apr 2025 19:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:96:7d:c5:b4:37:4f:4a:03:37:76:c1:28:9c:bc:e3:64:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Apr 28 19:00:30 2025 GMT Not After : Apr 29 19:00:30 2025 GMT Subject: CN=2bf7f822d155b8faaf0c2e5aade8cc9585f0d93f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:b5:26:c6:00:d8:05:8d:70:68:ab:52:bc:07: a7:02:6d:7d:4c:c5:9e:73:fd:c8:88:8d:b5:72:3d: 83:44:68:22:88:a5:6f:72:df:9b:da:b7:3c:96:ea: 32:7a:9a:34:68:f9:0d:b1:1e:2b:72:91:96:5a:4e: 50:f0:a3:6d:26:6c:e9:ac:04:0d:11:2b:bc:1e:80: 6f:cc:11:07:8a:80:f3:65:2c:07:fd:3a:ee:13:fd: 8a:6f:a8:3c:47:9d:ed:22:c8:ec:1a:1d:73:8d:31: 12:f6:68:b1:73:4f:34:a9:91:a1:d6:a7:34:d5:e1: 19:a8:51:03:aa:42:a6:30:5c:97:a9:cf:1a:7c:8b: 95:4e:8a:22:67:60:bd:73:0c:f6:37:a2:cc:44:6c: c4:82:29:ef:b9:b3:95:30:e0:a9:16:1f:2f:6f:4d: 61:02:26:33:57:6e:4c:b5:6d:00:f1:eb:7b:ea:d0: 5a:38:e7:03:aa:61:ba:77:7d:32:6d:6c:bd:9a:f5: d3:16:f1:ac:32:11:f8:7e:6a:95:d0:9a:7d:bd:2d: 74:00:6d:52:30:6a:c1:65:4c:69:fa:9b:68:79:e3: 4c:b9:56:a8:16:94:07:d0:ed:28:86:02:28:c3:56: 32:ae:5c:15:36:5c:0a:77:73:6e:94:dd:90:60:62: dd:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:F7:F8:22:D1:55:B8:FA:AF:0C:2E:5A:AD:E8:CC:95:85:F0:D9:3F X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:bd:a9:00:d0:af:89:e6:19:6d:6d:6e:24:15:27:b1:d0:ca: 8e:11:3a:09:6a:d7:51:ee:b0:39:48:c5:20:3f:38:a6:ca:b8: b3:59:af:f4:7c:c3:64:70:fd:5d:d5:9b:08:6a:0d:1f:cc:a0: bc:6c:b5:d6:7b:1a:88:77:02:e2:3e:df:7d:0b:71:b7:24:06: ca:1b:24:b3:48:c6:cf:5a:d6:ba:34:5a:6f:86:72:b6:b8:1b: db:78:b7:ae:bb:c0:27:8d:18:aa:7d:40:ff:6c:ee:54:00:b3: 7d:8b:31:70:52:06:e5:67:d3:56:63:e9:36:82:be:d2:f5:3a: a9:ae:aa:60:71:a8:a5:ab:11:0a:0d:82:5c:17:aa:8c:65:95: bb:08:65:6e:48:e8:20:f0:12:8d:f5:67:94:77:fc:4d:51:e0: 01:f1:b0:d8:23:7d:52:0e:3e:1a:a5:2c:1a:65:14:93:ff:f9: e4:cf:3e:81:87:ef:c4:41:f7:bc:eb:2e:60:dc:a4:59:54:b7: 42:70:05:10:63:a7:b6:de:b7:ee:a4:cb:ec:18:cb:2e:74:76: e7:35:e7:08:f9:63:81:b2:84:d4:a2:26:39:df:a8:bf:6d:10: 0c:8e:03:55:86:fe:9d:9a:69:05:1b:ce:8f:79:a7:80:70:fa: c6:98:94:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZZ9xbQ3T0oDN3bBKJy842QOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjUwNDI4MTkwMDMwWhcNMjUwNDI5MTkwMDMwWjAzMTEwLwYDVQQD EygyYmY3ZjgyMmQxNTViOGZhYWYwYzJlNWFhZGU4Y2M5NTg1ZjBkOTNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LUmxgDYBY1waKtSvAenAm19TMWe c/3IiI21cj2DRGgiiKVvct+b2rc8luoyepo0aPkNsR4rcpGWWk5Q8KNtJmzprAQN ESu8HoBvzBEHioDzZSwH/TruE/2Kb6g8R53tIsjsGh1zjTES9mixc080qZGh1qc0 1eEZqFEDqkKmMFyXqc8afIuVTooiZ2C9cwz2N6LMRGzEginvubOVMOCpFh8vb01h AiYzV25MtW0A8et76tBaOOcDqmG6d30ybWy9mvXTFvGsMhH4fmqV0Jp9vS10AG1S MGrBZUxp+ptoeeNMuVaoFpQH0O0ohgIow1YyrlwVNlwKd3NulN2QYGLdnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCv3+CLRVbj6rwwuWq3ozJWF8Nk/MB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp72pANCv ieYZbW1uJBUnsdDKjhE6CWrXUe6wOUjFID84psq4s1mv9HzDZHD9XdWbCGoNH8yg vGy11nsaiHcC4j7ffQtxtyQGyhsks0jGz1rWujRab4Zytrgb23i3rrvAJ40Yqn1A /2zuVACzfYsxcFIG5WfTVmPpNoK+0vU6qa6qYHGopasRCg2CXBeqjGWVuwhlbkjo IPASjfVnlHf8TVHgAfGw2CN9Ug4+GqUsGmUUk//55M8+gYfvxEH3vOsuYNykWVS3 QnAFEGOntt637qTL7BjLLnR25zXnCPljgbKE1KImOd+ov20QDI4DVYb+nZppBRvO j3mngHD6xpiUIw== -----END CERTIFICATE-----Generated at Tue Apr 29 03:22:43 2025 by rpki-client