$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: qCOGoiVWRf53tNvZQeEhgkZjzWUwqm5VHWjEg0Ma9+k= Subject key identifier: 11:48:2E:38:59:2A:63:A7:35:0A:B8:E0:DA:53:04:7B:24:BF:0D:80 Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 01988DA1F593324A542CFFC76374503816BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 08E3 Signing time: Sat 09 Aug 2025 07:00:58 +0000 Manifest this update: Sat 09 Aug 2025 07:00:58 +0000 Manifest next update: Sun 10 Aug 2025 07:00:58 +0000 Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=) 2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=) 3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=) 4: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (hash: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=) 5: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: JlkeDOeQNLQxUvqOWFdsFXzG0tMvKlxZhTaQMhffUxw=) 7: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (hash: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=) 8: cbgxDriMd1w8Ezk1j_uW9c-uk8k.roa (hash: RA/kZIx4fzU+RCbQ8O1BxIKCZRJDjC4JRLSNt3ovrQ8=) 9: cblkW3ZYAZ5VQl8X3gHLFnE7S8g.roa (hash: +MK4cG6/hNPklJaXz5PxE5zp6rLCIwlFMKcCPx37Jxo=) 10: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=) 11: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (hash: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=) 12: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=) 13: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=) 14: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=) 15: puM6zDTCACkm8XM63GmrJCmb9w4.roa (hash: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=) 16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 10 Aug 2025 05:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:98:8d:a1:f5:93:32:4a:54:2c:ff:c7:63:74:50:38:16:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Aug 9 07:00:58 2025 GMT Not After : Aug 10 07:00:58 2025 GMT Subject: CN=11482e38592a63a7350ab8e0da53047b24bf0d80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:32:83:fd:c8:d8:e8:4c:72:12:5f:87:fb:67: 84:3c:4e:bc:09:de:10:67:90:af:35:73:3c:39:20: e8:92:0e:a7:f7:6c:08:54:52:1c:8a:58:a3:64:54: 41:1c:99:2e:bc:b7:9a:0e:a3:a2:41:f8:26:64:fe: 0a:89:44:1f:f5:f3:fd:35:fa:98:ed:e6:1e:70:5c: 6a:a7:9c:f0:8b:54:f4:b3:f6:68:be:89:2f:28:52: 8d:72:17:02:d3:39:b0:99:80:98:c5:3c:64:b0:33: 70:1e:2c:02:fd:53:08:88:ee:0e:96:f0:1f:c5:c6: 3c:c8:8f:b4:7d:c8:0a:c1:a1:2e:7d:46:93:86:0e: 7b:5d:b6:81:8e:08:83:03:f8:a5:c2:55:12:b2:64: d6:18:ee:c5:ea:f1:e2:df:b6:73:fc:5f:72:01:44: ec:3c:c0:b4:03:30:7b:45:92:12:34:2a:fe:9f:02: 92:13:51:00:6e:d7:5e:98:09:1e:83:30:19:83:3f: 5d:21:63:1c:17:15:6d:44:cf:88:fa:8a:0c:9c:2e: ff:79:de:d6:4f:df:5c:05:ba:4a:54:2b:a3:5d:34: 6f:42:06:f1:d7:c2:18:d4:f0:ac:7d:a3:76:18:96: bd:81:4c:a6:ed:1a:6d:64:3d:6f:99:01:ad:44:35: 4a:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:48:2E:38:59:2A:63:A7:35:0A:B8:E0:DA:53:04:7B:24:BF:0D:80 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:65:c6:ee:a1:10:76:80:34:27:fe:9d:e2:7b:01:1c:80:ec: 39:a5:dc:84:75:07:2f:b5:68:9d:49:42:e9:a8:ae:f9:30:95: 98:1b:f7:82:63:b4:f8:2b:cf:e3:02:c8:6e:53:d9:63:30:5a: ef:0f:d8:64:9a:6f:ef:ee:1c:0c:53:76:68:f8:d6:bf:7b:4a: 14:f7:cf:9a:18:bd:1d:ae:24:5a:58:8a:53:bc:69:ff:25:ff: cc:b8:fa:90:e9:bf:e1:81:6e:be:f2:43:eb:1d:60:9a:3e:23: 34:cb:b9:59:7f:19:75:fd:7b:82:6f:a9:10:1b:1a:f0:f4:50: 6a:32:25:b3:ff:22:cb:8f:78:29:a1:41:8e:04:da:a1:39:ff: 8a:23:46:6c:14:d6:2e:39:ba:57:0b:c5:06:0d:c3:3a:75:43: 9f:f4:1f:83:fa:45:8a:45:9c:55:2b:bd:71:bc:05:64:24:a8: 3d:45:f8:2e:a4:5e:62:a2:8a:18:9f:00:fe:00:d1:ba:10:a4: a7:97:09:9b:6a:96:01:7f:fe:28:7c:a7:50:0f:2c:01:d4:55: 9a:61:db:9c:5d:de:60:57:1d:ce:e0:0d:a9:74:bc:68:5f:97: 9f:ad:c8:2c:4b:74:d8:a3:90:0e:4f:e9:f2:90:c8:19:cd:5e: ab:fa:7a:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZiNofWTMkpULP/HY3RQOBa8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUwODA5MDcwMDU4WhcNMjUwODEwMDcwMDU4WjAzMTEwLwYDVQQD EygxMTQ4MmUzODU5MmE2M2E3MzUwYWI4ZTBkYTUzMDQ3YjI0YmYwZDgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TKD/cjY6ExyEl+H+2eEPE68Cd4Q Z5CvNXM8OSDokg6n92wIVFIcilijZFRBHJkuvLeaDqOiQfgmZP4KiUQf9fP9NfqY 7eYecFxqp5zwi1T0s/ZovokvKFKNchcC0zmwmYCYxTxksDNwHiwC/VMIiO4OlvAf xcY8yI+0fcgKwaEufUaThg57XbaBjgiDA/ilwlUSsmTWGO7F6vHi37Zz/F9yAUTs PMC0AzB7RZISNCr+nwKSE1EAbtdemAkegzAZgz9dIWMcFxVtRM+I+ooMnC7/ed7W T99cBbpKVCujXTRvQgbx18IY1PCsfaN2GJa9gUym7RptZD1vmQGtRDVK0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBFILjhZKmOnNQq44NpTBHskvw2AMB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWXG7qEQ doA0J/6d4nsBHIDsOaXchHUHL7VonUlC6aiu+TCVmBv3gmO0+CvP4wLIblPZYzBa 7w/YZJpv7+4cDFN2aPjWv3tKFPfPmhi9Ha4kWliKU7xp/yX/zLj6kOm/4YFuvvJD 6x1gmj4jNMu5WX8Zdf17gm+pEBsa8PRQajIls/8iy494KaFBjgTaoTn/iiNGbBTW Ljm6VwvFBg3DOnVDn/Qfg/pFikWcVSu9cbwFZCSoPUX4LqReYqKKGJ8A/gDRuhCk p5cJm2qWAX/+KHynUA8sAdRVmmHbnF3eYFcdzuANqXS8aF+Xn63ILEt02KOQDk/p 8pDIGc1eq/p6MQ== -----END CERTIFICATE-----Generated at Sat Aug 9 14:25:50 2025 by rpki-client