$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft File: ypzNgwt-AzCL9c8l5np_wr3glXw.mft (raw, json) Hash identifier: GUBHJyJz+sVPyEgmi/Yny9va+4I32Sg9Prlpho04vGc= Subject key identifier: CB:86:94:B0:5A:90:16:23:B3:04:50:D8:17:64:14:7F:DE:74:72:3B Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c Certificate serial: 01967BE2E9778B0F7FDB27536849F313D60E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft Manifest number: 0AA6 Signing time: Mon 28 Apr 2025 10:13:10 +0000 Manifest this update: Mon 28 Apr 2025 10:13:10 +0000 Manifest next update: Tue 29 Apr 2025 10:13:10 +0000 Files and hashes: 1: 1X-psqrhXoWJNm9AGHsWuX9CEYk.roa (hash: bW01QgSO3kxqUT/liNPe0TPUpwe3PqHFLx6Llohhsy8=) 2: 5WgH_xCsZRb4adlvDXVIIpp6ocU.roa (hash: nhYvKu4wxzAU7QoVtR8rkZcfAXnTNDoweg5cXyMvKNU=) 3: 8nba-exF3ZHVESE2CvVjIKuU3UQ.roa (hash: jxvFl3q0Zgzzo4QwCA+FiBdsIMPCA+I2+5CHXaI0+OI=) 4: Bozz1f8-yfX9yXxPZKU9Cta0NYQ.roa (hash: 0IGwBXtpx1d8BB60fzDWUMcEXZ7eXrr4gU64azlIoKw=) 5: I_lCFRC-HTkJJ8TMCBaJw1xqt74.roa (hash: impRbzDteU6j3hXcCABJ5mmbukbCH4a+46ZkbaV2omw=) 6: PEXdMp-4CvfhDpAVQ0Pz3ECZAhk.roa (hash: qaoxZI1AadmU8INHwPbDVXQK737+Qj88K4LOCtSbEyg=) 7: PFaPt8f1BXC24GQ6dyfAr47R1QA.roa (hash: wfai0T+UJzpZnxL10tPs80Oos9vwanBxSD/wrEIQWEo=) 8: e5Sy1VAry68r-4ha4VS5j2qDIh4.roa (hash: iAgJw0j0bHx4il0UO6E61c4MJfLKF0a3JiNbi25PF/w=) 9: iSdpP7ZcrXle-CGEYFrwsY1kYrI.roa (hash: +6PdXaQuowtykR4waR/410l8flDm2QsBF8w2MV3GVtU=) 10: jWt_FdPMKhJ6LBUGm4GuQwlMer0.roa (hash: JSe4tFMgywTUkhZKCdS6lj1tYUGBxWS17wo5Kf6yHnk=) 11: rAhzT50KCRQXm8quXsR6iK9F-Rg.roa (hash: pRGswQTrkuiatSd34ijEQOzQk4+5VNyaCOncCW0Hp2g=) 12: ypzNgwt-AzCL9c8l5np_wr3glXw.crl (hash: wcR0WHtY5XMfHtnavbqgoyLUqBj7aCYeImvT3w/6le4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 29 Apr 2025 08:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:96:7b:e2:e9:77:8b:0f:7f:db:27:53:68:49:f3:13:d6:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c Validity Not Before: Apr 28 10:13:10 2025 GMT Not After : Apr 29 10:13:10 2025 GMT Subject: CN=cb8694b05a901623b30450d81764147fde74723b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:8a:69:14:60:2c:f6:a0:aa:1c:71:0c:72:8e: f5:67:bd:c2:7d:e2:ef:bb:44:33:87:d8:aa:21:6d: 42:93:79:3a:47:d8:4a:b1:66:c0:19:2e:16:e6:bb: b7:34:68:2c:a1:be:f7:b5:84:fc:a1:77:28:6c:bf: 0f:3b:51:2a:a2:a7:21:4a:65:57:83:3c:21:5c:3e: 9a:a8:bb:56:b4:48:70:b3:8c:3e:d1:c3:fb:3c:0e: 8b:9f:f3:73:83:4a:5f:24:34:c0:0b:94:56:86:17: 2f:21:9f:dd:ca:b4:b5:63:c5:05:e3:b3:9a:f3:49: e3:3a:2a:6f:8b:b0:18:09:97:ac:8b:41:87:b9:58: a8:2e:0f:4e:96:88:71:9c:44:8c:ca:f7:f2:72:b8: a7:db:e3:e4:9a:80:80:a4:d3:33:b9:50:89:b5:4e: 7b:b4:84:bc:a6:90:8d:8a:fc:7a:dd:af:28:b8:26: ec:26:0d:2e:ae:59:87:49:51:f4:3f:b5:8e:0f:21: 5f:9b:0e:4d:bd:45:27:6f:cf:b2:b4:82:92:40:07: 58:4c:6b:63:9e:aa:d8:55:cf:57:c3:fc:76:9f:5a: eb:38:26:00:53:37:54:4d:ff:9e:d7:f9:ff:f1:8c: 3e:87:f9:0f:5b:87:d7:61:f8:3d:0a:04:98:b4:87: 0c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:86:94:B0:5A:90:16:23:B3:04:50:D8:17:64:14:7F:DE:74:72:3B X509v3 Authority Key Identifier: keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:56:a5:0f:4b:43:b6:22:04:6f:53:04:8f:e9:5d:46:a5:94: 12:97:71:a0:eb:1f:71:bf:10:bd:17:65:fd:9c:e5:64:92:e9: 5d:d8:e9:50:60:74:ce:25:83:c7:a5:5f:f9:e7:86:54:a3:60: 81:41:25:a4:4e:5e:3b:74:e2:5e:61:f1:25:bf:c3:5c:3a:bf: 23:df:c2:7d:1c:58:b3:0a:cf:2a:ff:a8:0e:9c:e1:fa:52:1d: 7c:9a:84:86:01:99:73:58:66:74:04:4a:39:68:f9:4d:1e:1b: 01:eb:59:b6:ee:ab:d3:bc:1f:e9:73:b6:bd:cc:29:78:35:3e: 78:49:56:b1:2d:02:44:e6:b2:d6:c9:da:02:48:ec:bf:55:5c: b6:2e:39:c2:f0:a7:7b:1f:9c:1a:43:30:8f:d2:30:ae:b5:ae: 56:16:83:85:4b:1b:e2:6a:da:de:71:81:0c:61:ed:38:ae:5a: eb:1e:01:54:28:c3:a3:0a:06:7b:20:e8:11:75:ea:0e:3a:f8: a2:da:7d:d2:b1:dc:ee:3b:4b:d5:55:14:79:2c:d0:ef:83:76: c5:b7:bc:3a:e0:4e:11:9b:c4:a1:db:66:67:60:79:30:29:00: 0d:c8:83:e9:00:da:7e:95:a7:af:37:35:1b:7f:72:e1:bb:c9: 3f:84:a1:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZZ74ul3iw9/2ydTaEnzE9YOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl MDk1N2MwHhcNMjUwNDI4MTAxMzEwWhcNMjUwNDI5MTAxMzEwWjAzMTEwLwYDVQQD EyhjYjg2OTRiMDVhOTAxNjIzYjMwNDUwZDgxNzY0MTQ3ZmRlNzQ3MjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IppFGAs9qCqHHEMco71Z73CfeLv u0Qzh9iqIW1Ck3k6R9hKsWbAGS4W5ru3NGgsob73tYT8oXcobL8PO1EqoqchSmVX gzwhXD6aqLtWtEhws4w+0cP7PA6Ln/Nzg0pfJDTAC5RWhhcvIZ/dyrS1Y8UF47Oa 80njOipvi7AYCZesi0GHuVioLg9OlohxnESMyvfycrin2+PkmoCApNMzuVCJtU57 tIS8ppCNivx63a8ouCbsJg0urlmHSVH0P7WODyFfmw5NvUUnb8+ytIKSQAdYTGtj nqrYVc9Xw/x2n1rrOCYAUzdUTf+e1/n/8Yw+h/kPW4fXYfg9CgSYtIcMiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMuGlLBakBYjswRQ2BdkFH/edHI7MB8GA1UdIwQY MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt ZDFjZGUyNDY1Zjg5LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5 LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIlalD0tD tiIEb1MEj+ldRqWUEpdxoOsfcb8QvRdl/ZzlZJLpXdjpUGB0ziWDx6Vf+eeGVKNg gUElpE5eO3TiXmHxJb/DXDq/I9/CfRxYswrPKv+oDpzh+lIdfJqEhgGZc1hmdARK OWj5TR4bAetZtu6r07wf6XO2vcwpeDU+eElWsS0CROay1snaAkjsv1Vcti45wvCn ex+cGkMwj9IwrrWuVhaDhUsb4mra3nGBDGHtOK5a6x4BVCjDowoGeyDoEXXqDjr4 otp90rHc7jtL1VUUeSzQ74N2xbe8OuBOEZvEodtmZ2B5MCkADciD6QDafpWnrzc1 G39y4bvJP4ShaQ== -----END CERTIFICATE-----Generated at Mon Apr 28 13:15:18 2025 by rpki-client