$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: zLULCq15YHSrzDnm3Ve6FO8NJuyX7SEl+WnDi8eFNAk= Subject key identifier: C2:6D:EC:01:44:85:C5:83:47:08:89:2E:5E:68:F8:3A:64:39:C7:3B Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019A541B1242FB1E7FBA545561F5AE8F5F75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 09CF Signing time: Wed 05 Nov 2025 13:00:51 +0000 Manifest this update: Wed 05 Nov 2025 13:00:51 +0000 Manifest next update: Thu 06 Nov 2025 13:00:51 +0000 Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=) 2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=) 3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=) 4: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (hash: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=) 5: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: tFdXxdg7hMv/6/SOaMJRMTRQlKWtnpdWckN1x9SDUJA=) 7: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (hash: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=) 8: cblkW3ZYAZ5VQl8X3gHLFnE7S8g.roa (hash: +MK4cG6/hNPklJaXz5PxE5zp6rLCIwlFMKcCPx37Jxo=) 9: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=) 10: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (hash: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=) 11: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=) 12: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=) 13: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=) 14: peFNs9o1tsBGwnwboXKeedD2GlM.roa (hash: Dmic12i1kcUbMMXMNmS8BrjxjQvM2y0e2GWo+yQ4WH0=) 15: puM6zDTCACkm8XM63GmrJCmb9w4.roa (hash: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=) 16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 12:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:54:1b:12:42:fb:1e:7f:ba:54:55:61:f5:ae:8f:5f:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Nov 5 13:00:51 2025 GMT Not After : Nov 6 13:00:51 2025 GMT Subject: CN=c26dec014485c5834708892e5e68f83a6439c73b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:14:3c:80:ce:08:8c:13:8f:38:e8:b2:21:40: af:c1:8e:a6:fa:35:30:94:e8:71:39:cd:47:84:7f: e1:45:b5:45:37:94:d0:f9:d4:66:da:de:c4:02:0a: 23:76:c9:ec:bb:38:47:ca:43:58:54:05:66:0e:f5: 8a:2c:e4:65:70:1d:4e:50:2a:e0:ed:66:57:c1:f1: 95:4a:78:8c:5d:8b:29:b8:f4:91:b9:c2:62:27:49: 28:89:20:20:16:3a:72:b2:a4:40:a6:90:6d:1d:7b: b8:eb:08:ed:94:a2:f3:8c:a9:02:60:39:3b:54:fa: a2:5e:ed:98:be:cc:06:88:cd:58:a3:c7:35:4a:ca: 1f:c6:97:27:58:1b:c8:71:c0:a6:9d:6f:10:4a:99: 78:45:53:ed:2c:23:64:46:b0:62:ac:da:0d:83:7e: 6c:f5:cf:62:24:bc:95:85:8b:d6:2f:23:a0:6b:79: a1:62:b7:39:f9:b4:26:4a:28:d5:a6:9e:e9:b6:af: 4f:64:dd:01:74:b4:5e:e0:c5:7c:fa:a0:c4:1b:eb: d1:ce:4e:4b:b7:78:7f:46:50:df:d0:77:4c:20:be: 10:69:cb:72:06:fe:1e:0b:1f:d6:67:27:81:d7:c8: db:24:cc:b0:b5:f8:e9:7f:be:a4:e6:74:06:02:28: 9b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:6D:EC:01:44:85:C5:83:47:08:89:2E:5E:68:F8:3A:64:39:C7:3B X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:e5:98:30:cc:10:17:09:64:ff:40:77:2c:b9:d6:e9:de:a0: b4:27:16:16:18:8a:7d:a9:83:2b:8d:46:fb:b1:a5:0b:d7:56: 12:4a:61:c8:01:4c:3d:b3:27:86:eb:68:05:80:d8:bf:11:6f: 12:64:86:fd:f7:7f:d3:97:b2:4c:fc:cc:7f:0a:13:1b:5e:ae: 76:30:eb:8d:b3:f5:68:19:e6:73:72:57:ca:c3:fb:a8:e5:25: e3:5f:63:d5:1a:d5:da:32:22:3d:60:94:a6:b1:9d:a0:dc:d6: da:ea:ad:61:56:f2:2c:36:32:21:e2:5a:bf:ce:dc:b7:cd:a2: 49:3c:e2:5a:63:81:38:55:27:35:a3:3a:e4:0f:f8:b7:3f:9b: 7c:f0:fd:67:ff:83:8f:e4:82:33:ee:92:79:eb:a4:0f:4c:0d: 42:bc:bf:c7:db:46:10:58:28:80:5f:17:cc:20:f5:9d:85:e1: c6:93:f3:71:0d:d0:99:44:f7:ae:eb:ba:ee:7f:15:28:48:8a: e2:e3:b1:57:23:b1:8d:a6:8e:d1:52:e3:ef:4d:44:99:d4:d6: 25:06:a3:d8:d7:df:52:b8:d5:9d:c2:f3:27:e4:33:6f:d3:b9: ae:74:ac:9e:89:8d:6f:9a:99:80:31:5a:60:d4:bc:bf:ce:e8: 16:21:11:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpUGxJC+x5/ulRVYfWuj191MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUxMTA1MTMwMDUxWhcNMjUxMTA2MTMwMDUxWjAzMTEwLwYDVQQD EyhjMjZkZWMwMTQ0ODVjNTgzNDcwODg5MmU1ZTY4ZjgzYTY0MzljNzNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhQ8gM4IjBOPOOiyIUCvwY6m+jUw lOhxOc1HhH/hRbVFN5TQ+dRm2t7EAgojdsnsuzhHykNYVAVmDvWKLORlcB1OUCrg 7WZXwfGVSniMXYspuPSRucJiJ0koiSAgFjpysqRAppBtHXu46wjtlKLzjKkCYDk7 VPqiXu2YvswGiM1Yo8c1SsofxpcnWBvIccCmnW8QSpl4RVPtLCNkRrBirNoNg35s 9c9iJLyVhYvWLyOga3mhYrc5+bQmSijVpp7ptq9PZN0BdLRe4MV8+qDEG+vRzk5L t3h/RlDf0HdMIL4QactyBv4eCx/WZyeB18jbJMywtfjpf76k5nQGAiibDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMJt7AFEhcWDRwiJLl5o+DpkOcc7MB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFeWYMMwQ Fwlk/0B3LLnW6d6gtCcWFhiKfamDK41G+7GlC9dWEkphyAFMPbMnhutoBYDYvxFv EmSG/fd/05eyTPzMfwoTG16udjDrjbP1aBnmc3JXysP7qOUl419j1RrV2jIiPWCU prGdoNzW2uqtYVbyLDYyIeJav87ct82iSTziWmOBOFUnNaM65A/4tz+bfPD9Z/+D j+SCM+6SeeukD0wNQry/x9tGEFgogF8XzCD1nYXhxpPzcQ3QmUT3ruu67n8VKEiK 4uOxVyOxjaaO0VLj701EmdTWJQaj2NffUrjVncLzJ+Qzb9O5rnSsnomNb5qZgDFa YNS8v87oFiERZQ== -----END CERTIFICATE-----Generated at Wed Nov 5 16:29:49 2025 by rpki-client