$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: 2r4X2RSNKULiF7HOkC7Cva7Mt2lgl0JUN/qdTvKemj0= Subject key identifier: B3:E6:89:52:1C:F8:8E:2E:3F:A2:1E:70:7D:9E:76:D0:16:6C:76:74 Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019A5074D09B2477B84393CE139A639BE85E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 1226 Signing time: Tue 04 Nov 2025 20:00:24 +0000 Manifest this update: Tue 04 Nov 2025 20:00:24 +0000 Manifest next update: Wed 05 Nov 2025 20:00:24 +0000 Files and hashes: 1: 1-W_ixXGYX8sPaJagj-AVwFiwChc.roa (hash: L0D3lIfkN9efhBw5T+b3u9NkdIMxDqZ5UXxZUhgRWOs=) 2: 1wei3P__YsLq8D2DZQdx3r5Se8Q.roa (hash: mJ3sfO2t0ZrVqr8Lh/dS5cWV3uJ23FidlrzCBj85Xpg=) 3: D9OViOUA1-461O4zttxUuu7lHv0.roa (hash: 2itBNaHzhENVRyOefdMh6N1RENcyUMqY/eAvQKNqorQ=) 4: FL9fu1OvmoFGfhkDWCYg6qk3FZw.roa (hash: 4qo1m7CfLoe2e1/s3slGLhDBLmvad/IFz+DUbL4c5ro=) 5: QhTNtcmMP2d8JHj8beOVtwBfn-8.roa (hash: pGtJfsZnHgpcNHsy6MUt5rD0YLB/sQz5xjhWg8xCmoY=) 6: b_UNR9Xj_ycfuOSMA48F_QSRqts.roa (hash: V/FK04zH2Za3Nwu+0PjyuAuPUrWk9vHEnkwAOnyhoAs=) 7: bvT0XxpWvjhSrsyJnY-pHBlHicQ.roa (hash: jO921Nm2+NbwqmtR+BTndgCkDUsWuQ/tZNnxs0Ah0nM=) 8: jOvM-KkjMcocARVIZsXXSmhqwTk.roa (hash: /hlDFttzMgmj+4PtUECpeb46avxwmQavKNZsIngAs74=) 9: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: BHCk9Bsx4N179f7WWeJ0TPMV9rf6+DsngoQLdYpFdJE=) 10: mI6CMDbVFOggenhN7vYK1kqjlUM.roa (hash: Ix338GJteDKUBZwQ6uAO2I9vp00YeBcogG5YXz8IPLE=) 11: vUVcdpzXr2JQGsu1xtXoOvW_LHU.roa (hash: 2iN03nQJUllsMqRJ1fP7+P4h4U6MeEk1ERszIuxQ8MY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 18:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:50:74:d0:9b:24:77:b8:43:93:ce:13:9a:63:9b:e8:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Nov 4 20:00:24 2025 GMT Not After : Nov 5 20:00:24 2025 GMT Subject: CN=b3e689521cf88e2e3fa21e707d9e76d0166c7674 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:33:5e:0c:f7:6e:67:be:35:cc:8f:c1:19:ba: 6b:1e:ce:c3:bd:75:e3:ba:3e:03:f9:ff:92:a4:2d: c9:95:b2:89:3d:c4:8c:dd:0d:08:eb:6c:6a:39:41: 8a:ee:2e:1a:c9:f3:85:90:fe:f9:fc:d6:c8:1c:95: 4b:7a:8a:8b:58:89:82:74:a3:04:76:32:09:d6:f4: b8:fb:c7:e3:8c:81:99:0a:02:da:1c:78:6c:d8:7e: 32:10:c9:bb:ad:6f:10:70:d3:e1:1b:47:6a:14:0a: 49:5c:fd:1a:bb:42:8b:9a:37:12:84:69:d7:93:02: f4:49:74:e0:d8:82:a3:04:c3:5d:ae:1a:fa:0d:db: d2:67:66:28:7c:f3:ee:a8:7d:19:ae:7e:7c:ee:a3: 2d:77:21:2c:cf:59:a1:69:02:b8:f0:75:1e:cc:ba: 20:9b:bc:0a:94:aa:1a:13:c2:7f:13:fd:1e:08:7d: 3c:7e:ff:b7:60:a6:c8:d7:c9:b0:18:bb:9c:39:f2: 44:8a:8b:f0:c8:bc:b2:d0:ea:08:0f:40:21:ca:32: e1:3c:ba:60:50:44:b5:db:f0:0e:3a:52:2e:78:f2: 39:98:a1:1f:20:d6:18:28:21:39:4b:f1:f4:2f:aa: 31:df:bd:67:33:14:33:8a:80:d7:21:08:fc:ff:fd: 1d:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:E6:89:52:1C:F8:8E:2E:3F:A2:1E:70:7D:9E:76:D0:16:6C:76:74 X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d2:73:fe:e3:19:97:5a:75:33:f0:2f:97:69:ad:3d:03:f4:2c: cf:4c:c3:f9:38:ca:1c:bb:3a:8a:88:32:6a:ff:f0:8c:a9:7f: b4:3f:d1:01:d3:29:88:f2:90:30:10:51:81:4d:7b:5a:97:8b: 34:cd:64:d5:d5:5b:1b:c1:b0:79:0e:eb:15:99:67:62:4f:84: df:31:5c:d1:a5:ce:c2:8d:c1:38:bb:d4:e7:a5:ce:14:eb:56: 35:74:27:05:49:d7:68:e2:02:86:41:a2:84:82:bb:9c:8a:4b: 61:81:ce:d6:f7:f6:7a:8d:ba:74:27:03:52:1f:d4:a5:b7:1c: 1d:6a:63:58:77:8c:68:ab:30:d2:d6:06:da:f3:2e:61:50:f5: c9:fa:c6:4e:15:5f:04:8d:ac:68:43:7f:3b:88:7b:ff:54:18: 3a:1e:10:10:ea:23:98:4c:d9:c9:7d:26:6b:71:4a:a2:32:40: 63:42:cd:c1:27:c2:44:3a:ae:85:63:80:d0:92:01:0c:8c:8e: 10:4f:e3:1b:a9:f0:8c:69:15:73:23:8a:d7:65:cb:f0:c3:2b: 95:31:81:02:f1:54:8c:ec:df:88:6f:89:6b:24:68:ff:9b:21: 85:70:43:7d:32:2f:9b:c5:6f:ab:85:b2:47:0e:ba:4f:71:58: e2:46:ff:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpQdNCbJHe4Q5POE5pjm+heMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjUxMTA0MjAwMDI0WhcNMjUxMTA1MjAwMDI0WjAzMTEwLwYDVQQD EyhiM2U2ODk1MjFjZjg4ZTJlM2ZhMjFlNzA3ZDllNzZkMDE2NmM3Njc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojNeDPduZ741zI/BGbprHs7DvXXj uj4D+f+SpC3JlbKJPcSM3Q0I62xqOUGK7i4ayfOFkP75/NbIHJVLeoqLWImCdKME djIJ1vS4+8fjjIGZCgLaHHhs2H4yEMm7rW8QcNPhG0dqFApJXP0au0KLmjcShGnX kwL0SXTg2IKjBMNdrhr6DdvSZ2YofPPuqH0Zrn587qMtdyEsz1mhaQK48HUezLog m7wKlKoaE8J/E/0eCH08fv+3YKbI18mwGLucOfJEiovwyLyy0OoID0AhyjLhPLpg UES12/AOOlIuePI5mKEfINYYKCE5S/H0L6ox371nMxQzioDXIQj8//0dxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLPmiVIc+I4uP6IecH2edtAWbHZ0MB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0nP+4xmX WnUz8C+Xaa09A/Qsz0zD+TjKHLs6iogyav/wjKl/tD/RAdMpiPKQMBBRgU17WpeL NM1k1dVbG8GweQ7rFZlnYk+E3zFc0aXOwo3BOLvU56XOFOtWNXQnBUnXaOIChkGi hIK7nIpLYYHO1vf2eo26dCcDUh/UpbccHWpjWHeMaKsw0tYG2vMuYVD1yfrGThVf BI2saEN/O4h7/1QYOh4QEOojmEzZyX0ma3FKojJAY0LNwSfCRDquhWOA0JIBDIyO EE/jG6nwjGkVcyOK12XL8MMrlTGBAvFUjOzfiG+JayRo/5shhXBDfTIvm8Vvq4Wy Rw66T3FY4kb/VQ== -----END CERTIFICATE-----Generated at Wed Nov 5 02:55:29 2025 by rpki-client