$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: oXwKgY0aAiMDcIFUogRKfeJLmm8kqO7FPQhJpcSdtco= Subject key identifier: 89:C2:3F:6B:06:5B:03:30:D4:23:F9:5B:26:51:56:A5:EE:7B:EE:20 Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019A522CE0FFB2C55723EDDB351D734DA46D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 09CE Signing time: Wed 05 Nov 2025 04:01:04 +0000 Manifest this update: Wed 05 Nov 2025 04:01:04 +0000 Manifest next update: Thu 06 Nov 2025 04:01:04 +0000 Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=) 2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=) 3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=) 4: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (hash: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=) 5: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: DDHvDiagTV6Fcz1WnMsU1Jeskb5iIHUSN8H25I2gGdA=) 7: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (hash: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=) 8: cblkW3ZYAZ5VQl8X3gHLFnE7S8g.roa (hash: +MK4cG6/hNPklJaXz5PxE5zp6rLCIwlFMKcCPx37Jxo=) 9: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=) 10: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (hash: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=) 11: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=) 12: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=) 13: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=) 14: peFNs9o1tsBGwnwboXKeedD2GlM.roa (hash: Dmic12i1kcUbMMXMNmS8BrjxjQvM2y0e2GWo+yQ4WH0=) 15: puM6zDTCACkm8XM63GmrJCmb9w4.roa (hash: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=) 16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 03:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:52:2c:e0:ff:b2:c5:57:23:ed:db:35:1d:73:4d:a4:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Nov 5 04:01:04 2025 GMT Not After : Nov 6 04:01:04 2025 GMT Subject: CN=89c23f6b065b0330d423f95b265156a5ee7bee20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:47:05:f3:1c:b6:d2:b0:7f:b7:6d:64:8e:61: d4:df:38:67:cd:03:6a:39:41:e8:5c:8d:18:5a:7a: 4c:7b:69:bc:e4:f7:e9:3a:1b:94:fa:8a:70:11:63: c4:2e:fc:4a:c2:44:7d:3c:7a:9c:35:7b:44:a1:14: 7f:8a:39:b5:ab:0b:5f:23:ca:4f:1c:6b:e4:25:e6: 3c:c9:f8:5d:2d:94:82:75:ef:60:da:de:b8:c1:f4: 88:84:d1:99:ef:f2:46:dd:65:a6:a7:d1:9f:8b:46: 85:5c:39:11:97:65:ab:81:27:66:95:73:27:79:f9: 44:64:33:f0:99:33:c8:4f:3e:f0:49:2f:21:6c:a8: 32:75:01:a6:3b:d6:90:66:a1:8f:a8:b9:1d:11:5e: 64:90:fc:fe:d8:fd:b8:90:3d:69:e7:cb:15:c3:69: 79:25:f1:45:44:05:a9:09:3b:e3:f2:cb:e7:16:bd: fe:24:24:ca:c0:99:9d:58:60:3d:3e:07:69:06:0a: b0:a3:ba:34:31:f1:ae:4c:ca:ed:2a:2a:93:d7:0a: 30:12:ad:5f:70:2f:d9:aa:08:ad:a3:89:7d:79:f2: 05:49:34:eb:65:e0:2a:8c:85:80:ed:2a:a7:c8:9e: fd:0a:16:0c:06:05:00:93:7e:f3:3e:a4:68:b8:ee: 6d:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C2:3F:6B:06:5B:03:30:D4:23:F9:5B:26:51:56:A5:EE:7B:EE:20 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:20:86:1f:8b:69:40:ba:d9:98:f8:90:b5:cf:4e:3f:72:66: f9:ee:e2:b3:fa:09:bd:5f:ae:4b:c4:e8:d0:3a:03:3c:8e:6d: 0e:4b:09:71:9c:7a:a2:bf:b8:37:9a:73:fd:6f:34:ac:5c:57: 18:ee:a2:b8:46:4e:2c:9f:ac:b9:3f:f1:ef:16:d6:d5:5d:71: 7b:80:03:b2:c0:13:1c:a9:7f:46:de:d7:9e:5f:4a:6f:50:90: 90:27:9d:b9:09:14:da:00:da:3c:9b:a2:be:6e:65:57:d3:ed: 25:92:2b:65:26:f6:09:2c:63:7e:72:db:23:0b:28:ac:d0:b6: a8:30:b8:b8:e1:f8:90:2c:73:a7:97:06:1a:38:33:22:7a:09: d4:24:14:be:9e:ae:28:89:d2:dc:f0:38:f3:6c:7a:8d:8a:bc: 14:9c:59:ff:9d:50:a1:c3:26:34:b5:b0:c0:28:cc:45:34:3d: 51:c3:2c:4f:95:4d:7e:b7:d8:07:4e:8d:7a:4a:fd:84:0e:28: 92:00:43:64:c6:9c:1f:48:1e:33:bf:49:89:9c:37:38:45:29: a2:24:8b:ce:ac:65:e5:0a:15:d6:c7:1c:f5:5f:a8:c1:ff:99: a8:31:e6:8b:61:e9:f9:3f:0e:0d:41:77:04:35:fe:e5:17:b2: ba:10:55:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpSLOD/ssVXI+3bNR1zTaRtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUxMTA1MDQwMTA0WhcNMjUxMTA2MDQwMTA0WjAzMTEwLwYDVQQD Eyg4OWMyM2Y2YjA2NWIwMzMwZDQyM2Y5NWIyNjUxNTZhNWVlN2JlZTIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UcF8xy20rB/t21kjmHU3zhnzQNq OUHoXI0YWnpMe2m85PfpOhuU+opwEWPELvxKwkR9PHqcNXtEoRR/ijm1qwtfI8pP HGvkJeY8yfhdLZSCde9g2t64wfSIhNGZ7/JG3WWmp9Gfi0aFXDkRl2WrgSdmlXMn eflEZDPwmTPITz7wSS8hbKgydQGmO9aQZqGPqLkdEV5kkPz+2P24kD1p58sVw2l5 JfFFRAWpCTvj8svnFr3+JCTKwJmdWGA9PgdpBgqwo7o0MfGuTMrtKiqT1wowEq1f cC/Zqgito4l9efIFSTTrZeAqjIWA7SqnyJ79ChYMBgUAk37zPqRouO5tawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFInCP2sGWwMw1CP5WyZRVqXue+4gMB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWyCGH4tp QLrZmPiQtc9OP3Jm+e7is/oJvV+uS8To0DoDPI5tDksJcZx6or+4N5pz/W80rFxX GO6iuEZOLJ+suT/x7xbW1V1xe4ADssATHKl/Rt7Xnl9Kb1CQkCeduQkU2gDaPJui vm5lV9PtJZIrZSb2CSxjfnLbIwsorNC2qDC4uOH4kCxzp5cGGjgzInoJ1CQUvp6u KInS3PA482x6jYq8FJxZ/51QocMmNLWwwCjMRTQ9UcMsT5VNfrfYB06Nekr9hA4o kgBDZMacH0geM79JiZw3OEUpoiSLzqxl5QoV1scc9V+owf+ZqDHmi2Hp+T8ODUF3 BDX+5ReyuhBVCA== -----END CERTIFICATE-----Generated at Wed Nov 5 10:30:58 2025 by rpki-client