$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: rIogetz69+59fA7jAVNropgD9plZ40u4UJIbNnuCVzU= Subject key identifier: 5B:00:EA:93:71:79:E8:DC:B9:2C:74:9D:0A:F1:BD:B2:C0:30:2F:C4 Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019A52633AA140D554921DB1B6406460CA0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 1227 Signing time: Wed 05 Nov 2025 05:00:26 +0000 Manifest this update: Wed 05 Nov 2025 05:00:26 +0000 Manifest next update: Thu 06 Nov 2025 05:00:26 +0000 Files and hashes: 1: 1-W_ixXGYX8sPaJagj-AVwFiwChc.roa (hash: L0D3lIfkN9efhBw5T+b3u9NkdIMxDqZ5UXxZUhgRWOs=) 2: 1wei3P__YsLq8D2DZQdx3r5Se8Q.roa (hash: mJ3sfO2t0ZrVqr8Lh/dS5cWV3uJ23FidlrzCBj85Xpg=) 3: D9OViOUA1-461O4zttxUuu7lHv0.roa (hash: 2itBNaHzhENVRyOefdMh6N1RENcyUMqY/eAvQKNqorQ=) 4: FL9fu1OvmoFGfhkDWCYg6qk3FZw.roa (hash: 4qo1m7CfLoe2e1/s3slGLhDBLmvad/IFz+DUbL4c5ro=) 5: QhTNtcmMP2d8JHj8beOVtwBfn-8.roa (hash: pGtJfsZnHgpcNHsy6MUt5rD0YLB/sQz5xjhWg8xCmoY=) 6: b_UNR9Xj_ycfuOSMA48F_QSRqts.roa (hash: V/FK04zH2Za3Nwu+0PjyuAuPUrWk9vHEnkwAOnyhoAs=) 7: bvT0XxpWvjhSrsyJnY-pHBlHicQ.roa (hash: jO921Nm2+NbwqmtR+BTndgCkDUsWuQ/tZNnxs0Ah0nM=) 8: jOvM-KkjMcocARVIZsXXSmhqwTk.roa (hash: /hlDFttzMgmj+4PtUECpeb46avxwmQavKNZsIngAs74=) 9: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: FlotqNmYw06AOC7FnpgJVPxmn5u1W4FyhFjcBGbO/88=) 10: mI6CMDbVFOggenhN7vYK1kqjlUM.roa (hash: Ix338GJteDKUBZwQ6uAO2I9vp00YeBcogG5YXz8IPLE=) 11: vUVcdpzXr2JQGsu1xtXoOvW_LHU.roa (hash: 2iN03nQJUllsMqRJ1fP7+P4h4U6MeEk1ERszIuxQ8MY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 03:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:52:63:3a:a1:40:d5:54:92:1d:b1:b6:40:64:60:ca:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Nov 5 05:00:26 2025 GMT Not After : Nov 6 05:00:26 2025 GMT Subject: CN=5b00ea937179e8dcb92c749d0af1bdb2c0302fc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:64:d9:33:48:ed:5b:47:a7:f3:ea:8e:ea:0d: e2:82:b2:e9:a6:ae:e1:be:4a:6d:e8:7e:1f:8c:c5: a6:60:f3:34:6f:4e:38:21:5f:40:0b:70:61:2c:cf: d7:40:5b:42:ad:a0:e4:1a:22:9c:39:f7:0f:a8:91: 38:56:a0:f5:86:bd:6a:83:8c:79:d9:be:a4:04:a9: 70:64:62:c4:fe:71:79:ef:6c:15:0c:e4:5b:b4:6c: 97:81:64:31:9f:63:80:b8:cc:14:3c:a4:2f:6d:56: 10:21:23:23:ff:3d:c2:fb:1e:a7:97:c6:2a:8b:55: de:dd:c0:7d:99:bc:6e:91:7e:40:b1:89:74:f0:a3: bf:c5:d5:c2:53:f3:f5:d7:6e:16:e6:0a:19:69:60: 07:d8:42:99:81:db:cd:73:37:61:0f:2e:92:9a:d5: f9:d5:ed:a1:27:b8:75:84:0e:14:b3:f4:60:d4:dc: d4:ea:41:aa:a7:96:f9:4f:9f:e7:1e:ae:71:2c:d5: 9c:92:ea:76:18:d6:a8:e3:4d:4f:15:2e:be:36:88: a5:12:63:9d:18:11:63:35:93:6e:b4:67:50:fd:3e: e0:33:0c:a9:09:7f:2a:3a:a8:68:71:3b:f4:af:47: 3c:a6:db:71:e1:8b:0c:c3:af:0a:22:6b:8b:73:83: 9c:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:00:EA:93:71:79:E8:DC:B9:2C:74:9D:0A:F1:BD:B2:C0:30:2F:C4 X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:67:51:2a:8c:5e:65:59:c8:7f:cb:c4:ce:7b:e5:f6:b2:8b: 2d:9b:88:68:63:89:e8:8b:c1:40:d6:f1:17:cf:25:e3:f5:ab: 90:b0:a3:d3:85:07:10:41:76:81:42:ae:f4:f2:47:05:2e:f8: cc:58:03:d0:1f:c6:21:d4:d2:8c:3a:92:84:15:80:48:e7:73: ab:5a:07:ab:34:84:36:37:f9:48:53:74:38:b6:2c:11:5e:02: 2b:dd:f2:88:8d:84:90:ba:bc:08:56:32:3a:5e:31:7d:32:07: 4a:6d:24:25:95:47:23:5d:61:e5:24:03:bf:fa:cb:9c:8a:ea: 0e:51:c6:46:4e:ed:ed:15:4f:d0:da:ca:51:7c:b5:22:39:0b: 59:5f:79:33:61:10:ab:36:c6:c2:0a:23:3f:1f:0f:27:01:5e: 11:4d:66:13:f0:06:39:a9:5a:6d:71:5c:1e:14:a3:60:65:84: eb:7a:bf:bf:87:82:b1:43:61:8d:91:1e:02:f7:fd:ab:fb:40: d6:d8:1c:90:7c:81:72:dc:0f:48:84:71:47:48:3e:48:bf:0f: 54:11:34:46:49:4e:c0:af:4e:d2:57:6f:76:92:2e:ba:2d:a7: e0:1a:89:c9:3a:64:48:41:fa:23:a2:ad:5f:bb:eb:6f:14:62: 96:6a:7a:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpSYzqhQNVUkh2xtkBkYMoOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjUxMTA1MDUwMDI2WhcNMjUxMTA2MDUwMDI2WjAzMTEwLwYDVQQD Eyg1YjAwZWE5MzcxNzllOGRjYjkyYzc0OWQwYWYxYmRiMmMwMzAyZmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGTZM0jtW0en8+qO6g3igrLppq7h vkpt6H4fjMWmYPM0b044IV9AC3BhLM/XQFtCraDkGiKcOfcPqJE4VqD1hr1qg4x5 2b6kBKlwZGLE/nF572wVDORbtGyXgWQxn2OAuMwUPKQvbVYQISMj/z3C+x6nl8Yq i1Xe3cB9mbxukX5AsYl08KO/xdXCU/P1124W5goZaWAH2EKZgdvNczdhDy6SmtX5 1e2hJ7h1hA4Us/Rg1NzU6kGqp5b5T5/nHq5xLNWckup2GNao401PFS6+NoilEmOd GBFjNZNutGdQ/T7gMwypCX8qOqhocTv0r0c8pttx4YsMw68KImuLc4OcyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFsA6pNxeejcuSx0nQrxvbLAMC/EMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWdRKoxe ZVnIf8vEznvl9rKLLZuIaGOJ6IvBQNbxF88l4/WrkLCj04UHEEF2gUKu9PJHBS74 zFgD0B/GIdTSjDqShBWASOdzq1oHqzSENjf5SFN0OLYsEV4CK93yiI2EkLq8CFYy Ol4xfTIHSm0kJZVHI11h5SQDv/rLnIrqDlHGRk7t7RVP0NrKUXy1IjkLWV95M2EQ qzbGwgojPx8PJwFeEU1mE/AGOalabXFcHhSjYGWE63q/v4eCsUNhjZEeAvf9q/tA 1tgckHyBctwPSIRxR0g+SL8PVBE0RklOwK9O0ldvdpIuui2n4BqJyTpkSEH6I6Kt X7vrbxRilmp6sA== -----END CERTIFICATE-----Generated at Wed Nov 5 10:16:46 2025 by rpki-client