$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft File: OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft (raw, json) Hash identifier: G478iXa+yACVIoct/ggKQjR8D2ga7EPSwZTltZV6rgU= Subject key identifier: E7:AC:9E:75:12:7E:A4:31:CA:82:E6:D7:71:06:C0:EA:B9:C9:EF:77 Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84 Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984 Certificate serial: 01978EEE05E34A2B786D0BFBECD1939B76D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft Manifest number: 12DF Signing time: Fri 20 Jun 2025 20:00:53 +0000 Manifest this update: Fri 20 Jun 2025 20:00:53 +0000 Manifest next update: Sat 21 Jun 2025 20:00:53 +0000 Files and hashes: 1: 0Fmh8eaTe-TA8TzJaqV0xDv1Pzo.roa (hash: ZxN3vaamtDqMo8xYPJBI33oBeaqJ8QIz0amzm/bnvtg=) 2: 3nej7O_5-sZXCWeuqPyGbja9XnQ.roa (hash: p+MNFJ74eHqjwkPNS5+3QDf8dfQpJUlMjkJWwIsIN5s=) 3: JpI0mKHoKJGb5HpwhqpgQJ-989w.roa (hash: +p1PcccuIrfXBOI8p25PVV972uHT5dceE6dg0Tn0L/g=) 4: OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl (hash: iA7znF7ZYdf5G85MK322iL9UpJgvRXJ1ZeBggWLCRAo=) 5: Q718Z9XRXwbb8eAv-JSYxNy8m3E.roa (hash: QwKiyK2H3mBEUzLEautBF28TXwWRoI+nh+WAF8i9ayk=) 6: eapLNVKWkPJvIKSSw8FvjnbqKM4.roa (hash: lQyg7ma6RsIJVyHbW0BuPsXW31hRi/B1a2UZgfzLbWY=) 7: flTVx8-F7E37FHcVoN5708sXexM.roa (hash: snTHoXZxUjfO9kURa3StUkh2LzhC8cP2m56/uoBtpVA=) 8: itNeHRmlhkmkLNFMeFLLpwNO4FY.roa (hash: iZAIvlpDGBx0E4icQgD8R/hQnWve6QmLhqITJu2cuoY=) 9: ktpnhSV94n1dgI9-LO5orxsroMo.roa (hash: HdTZITsdNE12a7HbwFoAmzx8Exmybo0iwACkTzBDWZ0=) 10: p6yu9K0prb-3wy95x-qc7KcMywQ.roa (hash: bNVvwouaPK4oyavhTkisO8oVhR1iolZntv1z6WFieUk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 21 Jun 2025 19:42:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:97:8e:ee:05:e3:4a:2b:78:6d:0b:fb:ec:d1:93:9b:76:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984 Validity Not Before: Jun 20 20:00:53 2025 GMT Not After : Jun 21 20:00:53 2025 GMT Subject: CN=e7ac9e75127ea431ca82e6d77106c0eab9c9ef77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ba:c6:85:b2:25:d4:2f:fd:da:c9:f8:82:2b: 98:e4:aa:d5:8c:56:14:51:fa:e2:4c:77:28:8f:e4: 54:3b:a5:5f:34:94:de:2f:2d:a8:4f:00:d2:63:5e: db:94:d3:59:2d:db:68:0d:89:f5:8c:d3:09:26:85: 07:bb:3f:e1:89:a4:ed:4f:51:39:84:73:ad:30:21: 17:0b:fb:44:2e:6a:58:0f:f9:e5:59:74:8c:25:47: 18:ca:ff:d8:47:86:a3:90:db:72:eb:b4:17:9a:ef: 65:32:01:30:c4:69:63:15:9a:07:fd:23:13:af:b3: c6:f6:28:63:3e:6a:0b:79:9b:2f:6b:1d:5c:ff:99: 95:d0:4a:03:bf:cc:a2:14:53:5c:6c:dc:33:75:c5: b5:88:65:f8:ac:8d:9e:bf:c4:a0:55:4a:4d:8d:84: d2:b2:5c:cb:9c:30:f8:24:67:32:68:2d:56:91:59: eb:bb:57:19:ca:bb:3d:18:99:d2:0d:97:a3:69:26: 4d:ad:49:c0:d2:a0:74:a6:48:0f:a9:b8:1a:84:af: d7:b1:8d:77:8d:61:c9:ee:5b:9f:b7:3d:d9:12:28: ae:73:73:34:d1:9b:c9:c6:31:ea:4a:57:f8:0e:b1: 45:c5:89:a2:0c:f6:f1:db:2e:77:16:da:24:19:f4: 3c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:AC:9E:75:12:7E:A4:31:CA:82:E6:D7:71:06:C0:EA:B9:C9:EF:77 X509v3 Authority Key Identifier: keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:93:7e:9a:cc:6f:d0:36:40:75:c1:a4:89:bd:36:b3:63:bf: ea:af:70:16:5c:c9:70:bb:61:52:10:48:24:f2:6d:af:c9:51: 2c:2e:0c:20:1b:10:6c:36:e5:cd:e5:4e:ef:36:69:8a:25:ca: 83:76:f5:92:d6:e3:61:14:be:fc:9f:25:96:91:bd:92:9e:d1: 13:16:02:79:c0:56:6e:42:a9:37:7c:d6:ae:9c:de:0d:a3:a7: a7:f1:37:cf:32:68:e3:f6:4f:c8:92:72:32:9e:31:06:61:be: d0:cf:3a:c1:35:96:dd:dd:e0:af:89:60:18:89:21:83:5c:32: 81:99:cb:17:96:75:1a:12:49:13:fa:2d:75:b3:90:dd:29:6f: e5:9b:5f:0e:ea:b7:1f:ff:69:9d:4f:22:91:e2:2a:57:42:88: 45:be:a8:c4:50:6a:e0:28:b7:d5:92:a8:f2:62:4e:2e:3a:84: 03:a7:a5:58:a1:a4:a4:d0:0b:79:29:a0:7d:88:06:55:86:0b: 0b:05:35:49:93:aa:92:4b:7f:b1:47:ac:6b:e5:d1:30:f8:c5: 8d:1b:22:06:0e:db:d1:3a:91:bb:33:4b:60:98:4b:16:29:ce: 75:ef:0d:37:8c:32:3c:a8:4e:95:1e:79:c1:4a:6b:63:96:c6: 60:55:75:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZeO7gXjSit4bQv77NGTm3bSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2 ZjM5ODQwHhcNMjUwNjIwMjAwMDUzWhcNMjUwNjIxMjAwMDUzWjAzMTEwLwYDVQQD EyhlN2FjOWU3NTEyN2VhNDMxY2E4MmU2ZDc3MTA2YzBlYWI5YzllZjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrrGhbIl1C/92sn4giuY5KrVjFYU UfriTHcoj+RUO6VfNJTeLy2oTwDSY17blNNZLdtoDYn1jNMJJoUHuz/hiaTtT1E5 hHOtMCEXC/tELmpYD/nlWXSMJUcYyv/YR4ajkNty67QXmu9lMgEwxGljFZoH/SMT r7PG9ihjPmoLeZsvax1c/5mV0EoDv8yiFFNcbNwzdcW1iGX4rI2ev8SgVUpNjYTS slzLnDD4JGcyaC1WkVnru1cZyrs9GJnSDZejaSZNrUnA0qB0pkgPqbgahK/XsY13 jWHJ7luftz3ZEiiuc3M00ZvJxjHqSlf4DrFFxYmiDPbx2y53FtokGfQ8oQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOesnnUSfqQxyoLm13EGwOq5ye93MB8GA1UdIwQY MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt NTg5MzUxNzliOTg1LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1 LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJN+msxv 0DZAdcGkib02s2O/6q9wFlzJcLthUhBIJPJtr8lRLC4MIBsQbDblzeVO7zZpiiXK g3b1ktbjYRS+/J8llpG9kp7RExYCecBWbkKpN3zWrpzeDaOnp/E3zzJo4/ZPyJJy Mp4xBmG+0M86wTWW3d3gr4lgGIkhg1wygZnLF5Z1GhJJE/otdbOQ3Slv5ZtfDuq3 H/9pnU8ikeIqV0KIRb6oxFBq4Ci31ZKo8mJOLjqEA6elWKGkpNALeSmgfYgGVYYL CwU1SZOqkkt/sUesa+XRMPjFjRsiBg7b0TqRuzNLYJhLFinOde8NN4wyPKhOlR55 wUprY5bGYFV1Lg== -----END CERTIFICATE-----Generated at Sat Jun 21 04:33:47 2025 by rpki-client