$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft File: bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft (raw, json) Hash identifier: FR6ga4x4j0+bn74f5mEOhzODa1AS99W7gFQoVnsMPBI= Subject key identifier: AE:3C:58:07:2E:15:A4:93:5C:E7:15:AE:FD:9A:47:EC:23:AC:AE:B9 Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29 Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129 Certificate serial: 019A522C10CFF86A980387AAD29BA70D816D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft Manifest number: 1790 Signing time: Wed 05 Nov 2025 04:00:10 +0000 Manifest this update: Wed 05 Nov 2025 04:00:10 +0000 Manifest next update: Thu 06 Nov 2025 04:00:10 +0000 Files and hashes: 1: GJGNGTLsLaPzo7RV9J9cGo7ZCKI.roa (hash: ycPiGraLR+oJB3cwW5Zn+sG2+Vx4fOUp8s3QYwjDHdY=) 2: LJGytq9N5LZAfsPYy6Q-7xTDnFQ.roa (hash: L8DANG0AVQkhh+LlhVF97AUo2a9H2Thg2+BhZTsZc9s=) 3: VdTIZg10bNsf97lJZgApyqs5rnw.roa (hash: JZmVNExP4W1uSJTEkKjxhG9IYISkRZKnN8IfaygiTvg=) 4: _RuQI5qt_gCJV8eSXJjHywGzAcM.roa (hash: DUnvGlvb0qBwrlu2PMIboP80gnaIA1d0Yg1mit2U5+4=) 5: _oIa1v5_qtgCStQ7Gr8CmdhmJJk.roa (hash: sBeGOfBKlFTzuSpkLUgZSpY0MFPhQu/DyIR2/KkHkUM=) 6: acsdEgh-dFdAGSqAE_lAYWdPdzo.roa (hash: lIvBIoA3FQRV1Et4CF8cBr7OP+IuEmQHKzZDW4s0Y6A=) 7: bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl (hash: fJ+BgbWW8qN6Ydz4hSxxjprQq4DjEchhlKpEtPIPQv0=) 8: gp93L_YQvuGEaCDSOxiRg-T-4UM.roa (hash: cOL7dP+BUiqZrZ0lZLE/dQN9GFbGifb1tHwfI+S3noI=) 9: mJjHdX3SCVwj6yoNCT7Dpu7pXSo.roa (hash: ccP3x4XUmUaf8il9YXiD7LEPdeAv9/EZKZYCHAVZnrA=) 10: uXeorQ0KraTFvVQlrxOSwyrTRt8.roa (hash: p6Mox6CbN3FoG5SSiyHeNVnPtI+94QgKaVPxEdmTl2o=) 11: yE8yGiOSM9_WiLeRkIg-dqNW2to.roa (hash: lSz5irzOf2/kcuzlFP5VLqCVP2LHBpJf2WHVunZKvMQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 03:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:52:2c:10:cf:f8:6a:98:03:87:aa:d2:9b:a7:0d:81:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129 Validity Not Before: Nov 5 04:00:10 2025 GMT Not After : Nov 6 04:00:10 2025 GMT Subject: CN=ae3c58072e15a4935ce715aefd9a47ec23acaeb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:b6:17:4a:ce:a6:da:b2:84:b1:fd:19:97:56: a9:86:72:72:0a:d7:4f:21:ef:31:bb:3c:c4:29:e0: ed:90:9c:19:a6:1a:ad:72:e3:f2:f4:4f:f9:f0:a2: 08:7b:68:6a:8b:fb:f3:68:80:a8:a8:3a:b8:53:b2: 03:02:75:50:ca:fc:2b:a6:8b:2c:c9:80:76:9d:7f: 80:fe:02:a1:bc:ea:47:25:f2:a6:7d:b9:fb:97:85: 74:77:c9:19:4f:31:40:bc:a1:52:75:01:e6:8e:a0: 4c:f6:70:a0:d5:c1:6b:af:98:9f:73:79:f6:2d:7c: 4d:00:0f:fc:5d:87:34:d3:86:c1:0a:09:e1:b9:40: a4:8a:19:77:50:06:4c:dc:b6:e7:9c:58:91:57:9e: dc:00:93:78:21:be:ff:74:ea:c7:8b:4f:e5:b6:b0: a7:fe:84:3e:81:cd:0b:ad:24:cf:89:c9:5b:ff:d5: d4:c2:f5:ee:a0:5e:17:c8:6a:66:de:df:f8:ec:ab: ec:c1:6c:31:ab:b5:1a:71:4e:07:31:77:36:23:6a: 1f:7c:2c:73:14:c0:c7:95:3e:3d:3d:30:41:70:7a: d8:04:f2:32:d7:10:d1:b5:54:1a:e8:c0:0b:06:f0: 24:61:bc:40:ce:78:02:70:31:96:57:94:05:60:1e: 6a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:3C:58:07:2E:15:A4:93:5C:E7:15:AE:FD:9A:47:EC:23:AC:AE:B9 X509v3 Authority Key Identifier: keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c4:ac:32:d0:19:f0:0a:28:6c:cf:d9:95:73:c7:c2:dd:76:4a: f5:77:bd:90:91:20:70:12:69:9a:da:1b:37:43:d9:0b:1c:84: 80:94:36:07:a5:9a:dd:65:f2:c6:f2:3c:0d:7b:83:4a:d5:7f: 41:7d:d9:77:64:31:9a:6a:07:56:67:99:7a:52:78:54:98:73: 7d:7b:f9:67:45:86:63:61:6b:1c:bc:6a:7c:c5:27:ca:86:e6: 12:d6:ef:aa:e4:f1:3a:97:a6:77:9d:71:46:6f:5a:9d:e5:7d: 7a:fb:db:71:f4:3a:16:01:8b:e3:05:fd:46:d6:e0:38:59:a0: 7e:a8:d7:fd:3c:3c:d1:cd:c5:b1:62:ce:46:8f:75:06:3f:5b: 88:64:f3:fd:f2:2e:ce:37:a7:04:17:d5:af:05:ee:9e:71:34: 04:3c:8b:d7:bb:5b:f8:ca:4a:47:e2:53:cd:01:8e:bf:77:a8: 4f:ff:79:f6:39:83:8e:ac:40:92:0c:d6:9b:50:2f:61:04:85: e8:ba:f8:a5:e3:89:02:19:36:27:f3:8b:92:63:4b:8f:bb:01: 08:a9:40:0d:43:6e:73:08:74:b6:6d:90:ae:a4:1d:8a:56:7c: 3f:30:36:d3:d5:66:3f:e4:bf:24:86:17:20:d1:02:36:ee:3f: 6d:13:07:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpSLBDP+GqYA4eq0punDYFtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0 YjUxMjkwHhcNMjUxMTA1MDQwMDEwWhcNMjUxMTA2MDQwMDEwWjAzMTEwLwYDVQQD EyhhZTNjNTgwNzJlMTVhNDkzNWNlNzE1YWVmZDlhNDdlYzIzYWNhZWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57YXSs6m2rKEsf0Zl1aphnJyCtdP Ie8xuzzEKeDtkJwZphqtcuPy9E/58KIIe2hqi/vzaICoqDq4U7IDAnVQyvwrposs yYB2nX+A/gKhvOpHJfKmfbn7l4V0d8kZTzFAvKFSdQHmjqBM9nCg1cFrr5ifc3n2 LXxNAA/8XYc004bBCgnhuUCkihl3UAZM3LbnnFiRV57cAJN4Ib7/dOrHi0/ltrCn /oQ+gc0LrSTPiclb/9XUwvXuoF4XyGpm3t/47KvswWwxq7UacU4HMXc2I2offCxz FMDHlT49PTBBcHrYBPIy1xDRtVQa6MALBvAkYbxAzngCcDGWV5QFYB5qKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK48WAcuFaSTXOcVrv2aR+wjrK65MB8GA1UdIwQY MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt YmYzYjIxYTI3MGYyLzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxKwy0Bnw Cihsz9mVc8fC3XZK9Xe9kJEgcBJpmtobN0PZCxyEgJQ2B6Wa3WXyxvI8DXuDStV/ QX3Zd2QxmmoHVmeZelJ4VJhzfXv5Z0WGY2FrHLxqfMUnyobmEtbvquTxOpemd51x Rm9aneV9evvbcfQ6FgGL4wX9RtbgOFmgfqjX/Tw80c3FsWLORo91Bj9biGTz/fIu zjenBBfVrwXunnE0BDyL17tb+MpKR+JTzQGOv3eoT/959jmDjqxAkgzWm1AvYQSF 6Lr4peOJAhk2J/OLkmNLj7sBCKlADUNucwh0tm2QrqQdilZ8PzA209VmP+S/JIYX INECNu4/bRMHPA== -----END CERTIFICATE-----Generated at Wed Nov 5 08:47:00 2025 by rpki-client