$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft File: OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft (raw, json) Hash identifier: KGPC+BvJwl/zfGt3USA4ZYVHxMGWhYzTEwZZMXFlS5Y= Subject key identifier: 3A:00:49:8A:DE:3A:65:97:F9:BE:66:FA:A1:23:26:05:6A:60:E1:2E Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84 Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984 Certificate serial: 019893A46D8F120E2637A8DA8B4F43F15AB0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft Manifest number: 1366 Signing time: Sun 10 Aug 2025 11:01:23 +0000 Manifest this update: Sun 10 Aug 2025 11:01:23 +0000 Manifest next update: Mon 11 Aug 2025 11:01:23 +0000 Files and hashes: 1: 0Fmh8eaTe-TA8TzJaqV0xDv1Pzo.roa (hash: ZxN3vaamtDqMo8xYPJBI33oBeaqJ8QIz0amzm/bnvtg=) 2: 3nej7O_5-sZXCWeuqPyGbja9XnQ.roa (hash: p+MNFJ74eHqjwkPNS5+3QDf8dfQpJUlMjkJWwIsIN5s=) 3: JpI0mKHoKJGb5HpwhqpgQJ-989w.roa (hash: +p1PcccuIrfXBOI8p25PVV972uHT5dceE6dg0Tn0L/g=) 4: OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl (hash: aoMdNGWwT33l1YCIAZ6YEwSa201QpZonQMiC1s+wCTE=) 5: Q718Z9XRXwbb8eAv-JSYxNy8m3E.roa (hash: QwKiyK2H3mBEUzLEautBF28TXwWRoI+nh+WAF8i9ayk=) 6: eapLNVKWkPJvIKSSw8FvjnbqKM4.roa (hash: lQyg7ma6RsIJVyHbW0BuPsXW31hRi/B1a2UZgfzLbWY=) 7: flTVx8-F7E37FHcVoN5708sXexM.roa (hash: snTHoXZxUjfO9kURa3StUkh2LzhC8cP2m56/uoBtpVA=) 8: itNeHRmlhkmkLNFMeFLLpwNO4FY.roa (hash: iZAIvlpDGBx0E4icQgD8R/hQnWve6QmLhqITJu2cuoY=) 9: ktpnhSV94n1dgI9-LO5orxsroMo.roa (hash: HdTZITsdNE12a7HbwFoAmzx8Exmybo0iwACkTzBDWZ0=) 10: p6yu9K0prb-3wy95x-qc7KcMywQ.roa (hash: bNVvwouaPK4oyavhTkisO8oVhR1iolZntv1z6WFieUk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 11 Aug 2025 11:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:98:93:a4:6d:8f:12:0e:26:37:a8:da:8b:4f:43:f1:5a:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984 Validity Not Before: Aug 10 11:01:23 2025 GMT Not After : Aug 11 11:01:23 2025 GMT Subject: CN=3a00498ade3a6597f9be66faa12326056a60e12e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:75:47:c1:f0:38:92:1e:00:50:28:c2:43:b1: 98:6e:83:e5:f3:24:28:5f:a9:10:98:5c:87:bb:c3: 70:67:01:6a:6f:51:b9:54:46:28:d6:de:5c:14:f8: 80:3c:97:7f:7a:da:bf:c9:4c:36:8b:b4:1a:df:e1: 26:71:7c:41:8e:b7:ed:91:91:c4:70:b3:dc:ca:9d: f8:d2:f4:88:70:6a:ec:0c:fc:9f:00:0b:ae:d3:11: 46:22:f7:a2:c0:b1:8b:95:64:69:2d:e5:5f:45:64: b5:c7:0e:c5:c4:b5:14:66:75:59:f8:22:21:63:5f: e1:31:13:2f:eb:4e:33:4e:ab:8f:40:bb:66:f0:b8: 7a:93:81:28:04:8e:42:9f:d6:e2:a2:90:14:94:56: 95:de:c7:05:b1:00:72:0e:d0:a1:c2:c8:8a:13:5f: 93:51:57:06:7b:1b:d5:4f:9b:5c:c3:24:b5:ed:00: 00:7b:49:90:a8:d5:31:1a:4f:0c:25:a6:38:7f:40: 96:e1:e7:7d:e8:e4:ed:d3:6d:fd:ac:5c:30:84:b7: 26:4d:e3:8a:87:12:40:cc:64:06:ab:bb:04:13:b0: a3:7b:95:60:96:5b:96:92:34:5e:46:fa:5f:d3:76: 7b:67:46:36:25:57:b2:35:f9:4d:ac:65:84:fd:0d: 31:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:00:49:8A:DE:3A:65:97:F9:BE:66:FA:A1:23:26:05:6A:60:E1:2E X509v3 Authority Key Identifier: keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:7c:a2:ec:28:4b:f2:38:a9:51:4e:ca:20:bd:0d:fd:39:a9: 2d:6c:70:b1:35:24:42:64:0e:d8:b5:d9:90:c4:57:3b:52:cd: 0f:d8:f2:ee:e6:f1:b8:58:9a:2f:23:22:25:4a:ea:6c:b9:85: 2a:ff:62:f2:b5:cc:df:b9:9a:b8:27:71:3a:2c:71:ec:6b:73: 3a:7e:0c:ee:d8:1a:a5:9d:33:78:64:56:1f:d8:89:8f:41:1e: 93:d9:01:48:08:bd:e8:67:01:d7:09:16:87:b3:59:0b:b1:a9: 1c:ce:f6:7e:9f:f9:ee:bd:db:bc:27:d1:89:5f:1a:0e:60:52: 91:4c:d2:2c:b3:b6:6f:08:e1:bd:02:41:19:95:c0:c5:9f:5d: 37:55:90:d4:74:2e:de:51:33:19:5e:13:23:32:72:9c:86:f1: 97:9e:78:8d:96:59:33:16:88:93:e4:ef:5a:48:f2:cc:dc:e0: c6:35:09:9b:a1:2b:88:f4:76:95:4c:65:c9:ba:6e:ae:90:b4: e9:88:1f:31:6f:fa:23:79:b2:db:54:0a:50:5e:64:2c:d1:fb: 61:9f:02:5f:27:af:c1:af:1c:9a:6f:2b:67:0c:fb:67:c1:fe: 2e:f0:c2:d9:46:af:11:6a:58:75:ae:f8:c8:60:03:be:46:8d: 04:59:5f:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZiTpG2PEg4mN6jai09D8VqwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2 ZjM5ODQwHhcNMjUwODEwMTEwMTIzWhcNMjUwODExMTEwMTIzWjAzMTEwLwYDVQQD EygzYTAwNDk4YWRlM2E2NTk3ZjliZTY2ZmFhMTIzMjYwNTZhNjBlMTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXVHwfA4kh4AUCjCQ7GYboPl8yQo X6kQmFyHu8NwZwFqb1G5VEYo1t5cFPiAPJd/etq/yUw2i7Qa3+EmcXxBjrftkZHE cLPcyp340vSIcGrsDPyfAAuu0xFGIveiwLGLlWRpLeVfRWS1xw7FxLUUZnVZ+CIh Y1/hMRMv604zTquPQLtm8Lh6k4EoBI5Cn9biopAUlFaV3scFsQByDtChwsiKE1+T UVcGexvVT5tcwyS17QAAe0mQqNUxGk8MJaY4f0CW4ed96OTt0239rFwwhLcmTeOK hxJAzGQGq7sEE7Cje5VglluWkjReRvpf03Z7Z0Y2JVeyNflNrGWE/Q0xRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDoASYreOmWX+b5m+qEjJgVqYOEuMB8GA1UdIwQY MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt NTg5MzUxNzliOTg1LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1 LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXyi7ChL 8jipUU7KIL0N/TmpLWxwsTUkQmQO2LXZkMRXO1LND9jy7ubxuFiaLyMiJUrqbLmF Kv9i8rXM37mauCdxOixx7GtzOn4M7tgapZ0zeGRWH9iJj0Eek9kBSAi96GcB1wkW h7NZC7GpHM72fp/57r3bvCfRiV8aDmBSkUzSLLO2bwjhvQJBGZXAxZ9dN1WQ1HQu 3lEzGV4TIzJynIbxl554jZZZMxaIk+TvWkjyzNzgxjUJm6EriPR2lUxlybpurpC0 6YgfMW/6I3my21QKUF5kLNH7YZ8CXyevwa8cmm8rZwz7Z8H+LvDC2UavEWpYda74 yGADvkaNBFlfuw== -----END CERTIFICATE-----Generated at Sun Aug 10 18:21:38 2025 by rpki-client