$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft File: IQIbJSIimXv-M7fksxWsjV4GeVQ.mft (raw, json) Hash identifier: hr3ZsheQuQIABy3bSxTLIO0i0BtZ7VWS30JvvSMmdo8= Subject key identifier: 4D:7B:2B:74:41:FB:20:64:9F:7A:FF:0D:C9:D1:15:E7:15:B7:BE:F8 Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 01976A05B4ED7218DC2CBBD4A7C0332EC2A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft Manifest number: 12DC Signing time: Fri 13 Jun 2025 16:00:48 +0000 Manifest this update: Fri 13 Jun 2025 16:00:48 +0000 Manifest next update: Sat 14 Jun 2025 16:00:48 +0000 Files and hashes: 1: 3MPX8Hgcgpj46XFJe7iOfP4Vx9k.roa (hash: X8ItFNiHsxzuYcCwG/t6V7CD4qgVaZVjCW5JDwwvo1k=) 2: BxuNK2XBHdo88OQyiW_5v_yfc5A.roa (hash: MFlUpzcLU82WlS9U/NlO4CgGrVyG4i0P38/lEf9NP58=) 3: IOSFPx8A8l-pe0og_vxIgYl_NBY.roa (hash: KLjHQhBVtLRCltNJ+XqJhMVg3V2m+fHC9ZN7NVjvtDY=) 4: IQIbJSIimXv-M7fksxWsjV4GeVQ.crl (hash: A3s0TInmtA7RFHk2jan0D4/QcJYVvHZmNA3X796WR/I=) 5: J5ajMdCsK_xzfbhWxoAV2iRMcqc.roa (hash: i0rnl2YK8VurUbtxqh46jYu42vj9ovnjrsY7s0Ha76E=) 6: NojFSrrS5JKJQebH50O-Sn9xxis.roa (hash: 99amkQAhCwzYf+SSxz6XlFlKrJhhJL3h7GCB1tqsJIA=) 7: VbRKF62krl-KA_0dr7N8i46qs_A.roa (hash: PCEcpmBvUl37S6P9+HKjvTq2SZP3pF9GPHCRb88sRNw=) 8: W6gW_k4PAlDXWNXHj-7uVtaEhUo.roa (hash: 2GGe0Av8ayGGsSV+o4FXLrtSMr3LqMsV0faDwoshubs=) 9: kdaSrzmnDVsM0RIoAgjgbrOtDPw.roa (hash: rqvV8WO0X2/bRdhoVD7e6+BEeyw0vjX6G9hkFrs+9Pk=) 10: vj_Rx3DB5-xDUqDlrBJ7IxL_21w.roa (hash: MTWWugX6ksDRRG983kctzCkaVVEPY1cdhe4ngzPqXI4=) 11: y88-XlX3iJ__DzfIGS5r5m0TLBs.roa (hash: XnV7xzm/iXlPi3I2M7gT2rIanQMocQ1jqhKZYjxglqk=) 12: y_nsYj5ukmuGHg1FwnghygZPNtE.roa (hash: Z3btILynrnMXwAKpX0v9pTVp5I1JWRzLRy4WUkLzYaI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 14 Jun 2025 13:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:97:6a:05:b4:ed:72:18:dc:2c:bb:d4:a7:c0:33:2e:c2:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Jun 13 16:00:48 2025 GMT Not After : Jun 14 16:00:48 2025 GMT Subject: CN=4d7b2b7441fb20649f7aff0dc9d115e715b7bef8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:2b:64:7e:ca:4a:d3:d0:96:c7:5c:ae:79:ce: 24:41:46:5f:01:08:89:88:8f:b7:67:73:35:75:ab: c6:c3:34:75:76:e3:db:84:67:66:25:bb:51:20:db: 24:e5:71:48:56:ec:5f:90:c2:b6:34:22:a6:23:08: 98:63:8c:6a:d5:06:bd:ae:6d:8c:d3:f9:4e:0e:76: 2a:3a:d7:06:c8:ae:9f:ef:f6:e3:0e:a3:a6:7d:ff: 73:0b:1c:e3:29:5d:14:ef:8a:1d:e5:1a:0d:0e:fb: 42:0d:9d:1d:70:30:4e:3e:7c:1c:09:12:23:a2:b2: 5d:cd:5b:c1:99:82:82:d3:53:b1:a4:ec:98:0d:1c: 63:66:64:a0:a2:4c:4c:a3:04:3c:9b:9d:0e:f6:17: 02:91:33:c6:a1:4f:3a:0d:6b:18:8d:7a:f3:07:a5: b6:c7:64:5b:5f:2a:6a:78:5d:8a:e0:7b:0d:2c:dc: 44:85:6e:54:63:83:5c:37:c2:9a:ed:9d:21:98:3e: c4:43:e0:72:a8:1b:03:bf:06:5a:3b:e2:3b:b6:5d: 5b:7c:ed:8a:69:2a:52:07:6e:79:98:f4:43:74:fb: 81:de:68:2f:e1:e8:76:df:1b:b5:b9:d4:99:06:21: ac:fe:c5:96:88:5d:8a:b5:cf:5e:41:c9:c7:50:6b: 07:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:7B:2B:74:41:FB:20:64:9F:7A:FF:0D:C9:D1:15:E7:15:B7:BE:F8 X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:78:fd:02:af:6b:76:72:93:92:1b:fb:ff:7b:c6:3b:79:50: 95:6c:fe:e0:6b:df:33:1b:e3:94:2e:83:6c:f3:6c:06:3f:af: 69:00:24:aa:58:3b:5f:c5:59:3d:d7:07:82:86:04:19:13:1a: 65:88:d8:27:fd:47:2b:ec:04:8a:0d:d5:03:cf:9f:86:a5:80: 32:51:e5:36:77:c6:99:fe:10:71:73:59:83:85:3d:08:1e:81: 56:51:fc:9e:96:1b:ef:00:42:03:4a:7c:6e:3f:a4:b1:0b:7c: 17:49:07:74:11:ce:61:a1:b6:7f:63:9a:a7:2b:56:94:4e:46: 2e:11:6a:05:3c:60:0b:6f:a4:74:11:45:fa:f5:89:6e:1e:25: e3:7b:6e:ef:5d:b8:c1:7f:af:8f:91:14:a3:8a:42:1e:18:73: 1e:4d:f2:cc:70:b2:06:a8:ad:5d:9b:e6:5b:46:f5:80:fd:e0: 29:a6:a2:e9:56:af:ee:94:01:d3:05:a2:8b:21:dc:12:e8:39: 5a:1a:db:4d:18:20:62:e0:ca:b1:9c:ee:7a:cf:ce:18:4c:45: 68:7f:31:a3:ee:e3:6d:f9:fa:c6:92:0b:c6:c8:e1:31:0c:64: 1f:cf:c2:8e:a2:34:81:73:a5:22:e4:64:95:b3:77:33:88:64: cc:02:ca:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZdqBbTtchjcLLvUp8AzLsKlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjUwNjEzMTYwMDQ4WhcNMjUwNjE0MTYwMDQ4WjAzMTEwLwYDVQQD Eyg0ZDdiMmI3NDQxZmIyMDY0OWY3YWZmMGRjOWQxMTVlNzE1YjdiZWY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCtkfspK09CWx1yuec4kQUZfAQiJ iI+3Z3M1davGwzR1duPbhGdmJbtRINsk5XFIVuxfkMK2NCKmIwiYY4xq1Qa9rm2M 0/lODnYqOtcGyK6f7/bjDqOmff9zCxzjKV0U74od5RoNDvtCDZ0dcDBOPnwcCRIj orJdzVvBmYKC01OxpOyYDRxjZmSgokxMowQ8m50O9hcCkTPGoU86DWsYjXrzB6W2 x2RbXypqeF2K4HsNLNxEhW5UY4NcN8Ka7Z0hmD7EQ+ByqBsDvwZaO+I7tl1bfO2K aSpSB255mPRDdPuB3mgv4eh23xu1udSZBiGs/sWWiF2Ktc9eQcnHUGsHzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE17K3RB+yBkn3r/DcnRFecVt774MB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANnj9Aq9r dnKTkhv7/3vGO3lQlWz+4GvfMxvjlC6DbPNsBj+vaQAkqlg7X8VZPdcHgoYEGRMa ZYjYJ/1HK+wEig3VA8+fhqWAMlHlNnfGmf4QcXNZg4U9CB6BVlH8npYb7wBCA0p8 bj+ksQt8F0kHdBHOYaG2f2OapytWlE5GLhFqBTxgC2+kdBFF+vWJbh4l43tu7124 wX+vj5EUo4pCHhhzHk3yzHCyBqitXZvmW0b1gP3gKaai6Vav7pQB0wWiiyHcEug5 WhrbTRggYuDKsZzues/OGExFaH8xo+7jbfn6xpILxsjhMQxkH8/CjqI0gXOlIuRk lbN3M4hkzALKnw== -----END CERTIFICATE-----Generated at Fri Jun 13 19:20:46 2025 by rpki-client