$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft File: IQIbJSIimXv-M7fksxWsjV4GeVQ.mft (raw, json) Hash identifier: ldeplYUUFKiXFxg8B1K9FF+CwAeKWGopJg7j1vk8fkU= Subject key identifier: B4:2F:F1:01:7B:2B:0B:6B:DE:FF:B4:C0:A4:46:30:20:EB:B0:09:A2 Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019A4FCFBD96A01BF07663C9EDB346D055D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft Manifest number: 1476 Signing time: Tue 04 Nov 2025 17:00:05 +0000 Manifest this update: Tue 04 Nov 2025 17:00:05 +0000 Manifest next update: Wed 05 Nov 2025 17:00:05 +0000 Files and hashes: 1: 3MPX8Hgcgpj46XFJe7iOfP4Vx9k.roa (hash: X8ItFNiHsxzuYcCwG/t6V7CD4qgVaZVjCW5JDwwvo1k=) 2: BxuNK2XBHdo88OQyiW_5v_yfc5A.roa (hash: MFlUpzcLU82WlS9U/NlO4CgGrVyG4i0P38/lEf9NP58=) 3: H85sOAhghTea9a0fF7V97F8PmPU.roa (hash: 2OxoGkdCVVcRfuQOFsn/tuCAYUwqPM6hV+wTzXUpbKk=) 4: HLAFzpF1dtaNSAOxEl-uHrb_wcg.roa (hash: PtoSILiXlrGyGsA1CVrSehyontCCBay4De7QPXIkVlI=) 5: IOSFPx8A8l-pe0og_vxIgYl_NBY.roa (hash: KLjHQhBVtLRCltNJ+XqJhMVg3V2m+fHC9ZN7NVjvtDY=) 6: IQIbJSIimXv-M7fksxWsjV4GeVQ.crl (hash: KcM5iqImepyHLBokG1vodiSEos4Ag3+n0RN47C+rOds=) 7: J5ajMdCsK_xzfbhWxoAV2iRMcqc.roa (hash: i0rnl2YK8VurUbtxqh46jYu42vj9ovnjrsY7s0Ha76E=) 8: NIsfNrgr61FvPf7cYDhBUlhxHyo.roa (hash: erf8aKvQjphq5ECHQpzvwfDmeIXYw4ufNsUCtqSAry4=) 9: NojFSrrS5JKJQebH50O-Sn9xxis.roa (hash: 99amkQAhCwzYf+SSxz6XlFlKrJhhJL3h7GCB1tqsJIA=) 10: O0dA6ORgAzDqkWmj1R355BHaTrI.roa (hash: 296lT6a3xrMsAitqkt1Jep7cJYB5SeLJP2n68zngwhU=) 11: VbRKF62krl-KA_0dr7N8i46qs_A.roa (hash: PCEcpmBvUl37S6P9+HKjvTq2SZP3pF9GPHCRb88sRNw=) 12: W6gW_k4PAlDXWNXHj-7uVtaEhUo.roa (hash: 2GGe0Av8ayGGsSV+o4FXLrtSMr3LqMsV0faDwoshubs=) 13: bappW0a76vCPpE7es6c1mZAIjsM.roa (hash: cqG7BmBZANbhw2q44YhM+SIY2oACb3Cf8jR7Of0U21w=) 14: kdaSrzmnDVsM0RIoAgjgbrOtDPw.roa (hash: rqvV8WO0X2/bRdhoVD7e6+BEeyw0vjX6G9hkFrs+9Pk=) 15: vj_Rx3DB5-xDUqDlrBJ7IxL_21w.roa (hash: MTWWugX6ksDRRG983kctzCkaVVEPY1cdhe4ngzPqXI4=) 16: y88-XlX3iJ__DzfIGS5r5m0TLBs.roa (hash: XnV7xzm/iXlPi3I2M7gT2rIanQMocQ1jqhKZYjxglqk=) 17: yq4mDy7IWiKa_jUZsF8HmOo9YAA.roa (hash: D7e3OOFi7lIh2fyesD48w9fTpDFZydPZVUW+H+QSZ9A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 17:00:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:4f:cf:bd:96:a0:1b:f0:76:63:c9:ed:b3:46:d0:55:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Nov 4 17:00:05 2025 GMT Not After : Nov 5 17:00:05 2025 GMT Subject: CN=b42ff1017b2b0b6bdeffb4c0a4463020ebb009a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:07:c6:99:6e:3d:2c:de:22:24:f9:a0:9a:0b: 5b:49:19:eb:97:90:ef:73:c9:10:83:74:ff:ca:ea: 5f:5f:8a:53:88:ee:0b:18:01:4b:6c:cc:e5:f8:91: 7a:83:e6:fd:59:df:2f:7c:0c:36:85:75:ea:9d:e5: d7:f5:5a:34:9f:e7:20:30:3e:9b:0d:2c:cb:d5:57: c8:1d:72:0a:fb:5e:f8:48:b0:9c:d0:ea:b1:80:44: e5:01:2f:69:c4:a1:36:ed:5d:96:3b:a5:2e:b8:cf: d9:15:cf:12:4a:16:08:3f:06:85:3e:9e:a5:2f:ec: 69:81:68:25:72:d2:ea:ac:51:ad:55:48:98:25:04: bc:c4:aa:2e:dc:e7:3d:65:58:5c:36:ef:be:97:06: 1f:7f:5c:35:86:5a:21:87:df:cf:24:2e:11:ec:ba: dc:98:d2:ff:a2:fe:52:76:4b:7c:7c:7d:bb:05:fa: bb:19:ae:11:41:50:f0:3a:9d:d7:c2:bc:09:99:92: 8d:83:24:08:04:df:65:75:03:9c:8f:39:de:ca:46: b9:bc:d6:e1:96:8f:93:6e:64:27:a3:66:c2:0b:56: a9:3a:82:f6:2a:e7:85:fb:08:7d:c7:e5:19:26:8b: 54:76:99:dc:02:2f:c6:d4:18:c4:6d:33:16:7b:0d: 27:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:2F:F1:01:7B:2B:0B:6B:DE:FF:B4:C0:A4:46:30:20:EB:B0:09:A2 X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:8a:ea:46:98:c1:0d:6f:f2:23:e5:bf:2e:e5:30:22:4f:62: 22:66:13:8e:b9:51:c2:df:cb:ed:06:b2:52:45:b7:99:70:bd: 50:06:ce:da:e4:3b:7e:d5:1e:73:d9:33:53:4b:21:64:3b:b2: 50:7d:cf:52:56:fc:db:5b:22:52:9e:10:1c:e3:ba:f9:6b:82: ac:0a:72:6d:e5:37:b2:30:64:cf:7a:f8:b0:e7:01:8a:e6:2f: 21:ba:93:a0:dd:d4:f0:2e:0f:b4:70:2b:22:d5:6e:f2:79:cb: ae:d9:10:b7:5b:ea:51:ba:94:8a:75:69:4e:3d:5a:25:08:5a: 79:97:7f:13:80:b3:1e:75:c1:a7:f9:24:cf:03:e5:2d:28:bf: 32:02:21:39:81:7e:19:9b:ba:14:fa:de:01:97:40:29:31:b5: 84:ba:b0:0e:30:b1:de:67:1c:b4:a4:26:ef:5d:0b:4e:51:ec: 5f:96:08:09:76:fb:56:48:49:4e:3e:ce:62:8b:b6:10:45:41: b7:e6:e0:b3:ff:33:87:94:90:1a:c8:59:18:a0:59:bd:4e:76: 3a:d3:5c:41:93:b6:7a:4a:36:b1:e3:a9:11:1a:05:a0:da:78: 79:9b:fb:ea:cf:22:f2:ca:10:8d:0c:7a:69:6c:7a:74:16:c8: a6:a2:4b:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpPz72WoBvwdmPJ7bNG0FXTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjUxMTA0MTcwMDA1WhcNMjUxMTA1MTcwMDA1WjAzMTEwLwYDVQQD EyhiNDJmZjEwMTdiMmIwYjZiZGVmZmI0YzBhNDQ2MzAyMGViYjAwOWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gfGmW49LN4iJPmgmgtbSRnrl5Dv c8kQg3T/yupfX4pTiO4LGAFLbMzl+JF6g+b9Wd8vfAw2hXXqneXX9Vo0n+cgMD6b DSzL1VfIHXIK+174SLCc0OqxgETlAS9pxKE27V2WO6UuuM/ZFc8SShYIPwaFPp6l L+xpgWglctLqrFGtVUiYJQS8xKou3Oc9ZVhcNu++lwYff1w1hlohh9/PJC4R7Lrc mNL/ov5Sdkt8fH27Bfq7Ga4RQVDwOp3XwrwJmZKNgyQIBN9ldQOcjzneyka5vNbh lo+TbmQno2bCC1apOoL2KueF+wh9x+UZJotUdpncAi/G1BjEbTMWew0nbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLQv8QF7Kwtr3v+0wKRGMCDrsAmiMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfYrqRpjB DW/yI+W/LuUwIk9iImYTjrlRwt/L7QayUkW3mXC9UAbO2uQ7ftUec9kzU0shZDuy UH3PUlb821siUp4QHOO6+WuCrApybeU3sjBkz3r4sOcBiuYvIbqToN3U8C4PtHAr ItVu8nnLrtkQt1vqUbqUinVpTj1aJQhaeZd/E4CzHnXBp/kkzwPlLSi/MgIhOYF+ GZu6FPreAZdAKTG1hLqwDjCx3mcctKQm710LTlHsX5YICXb7VkhJTj7OYou2EEVB t+bgs/8zh5SQGshZGKBZvU52OtNcQZO2eko2seOpERoFoNp4eZv76s8i8soQjQx6 aWx6dBbIpqJL7A== -----END CERTIFICATE-----Generated at Wed Nov 5 03:04:59 2025 by rpki-client