$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft File: OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft (raw, json) Hash identifier: 2Xpwms3GiHGsSKuWQNW7+mJygDtTwssLweYcHEMzuZQ= Subject key identifier: 6A:49:AB:98:5C:DC:9B:C5:80:3E:00:50:A7:C2:C8:CF:B6:FF:E4:9B Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Certificate serial: 019A4F98D0AAC69D559F4187D6630F13CA02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft Manifest number: 171C Signing time: Tue 04 Nov 2025 16:00:06 +0000 Manifest this update: Tue 04 Nov 2025 16:00:06 +0000 Manifest next update: Wed 05 Nov 2025 16:00:06 +0000 Files and hashes: 1: 3nAxOrqe3oi83iVjt7-kMzJ_imI.roa (hash: 0jNIl4uBhcm5LdIuubw+L/Ha2QMXka6zLLkNeAcF40c=) 2: 7B2j1343QblR9F6iTWiRinHn8x0.roa (hash: Bp/dbOZRIjunqnEsDuN3X0tRwg1SKVjgcGEA09U24Zc=) 3: B9dwnbBbiJenj05UDjyUy_TzXDg.roa (hash: s4Wv5YaGEZaX82N6dusRWR3tSJBVmvjmxniLSHfxYAE=) 4: E6umy5_OlHHb3NOgNKiaqTj372A.roa (hash: kmYIRPqCRch39x2r6WhmK+8aDVBlwYVLvzQIGAbOPps=) 5: GrCJk2XTvFQ1bFg3LeF86Dm0kMU.roa (hash: //aHWa+QTi3TqyDc0NocuZ54Ser38N49WnMxWn6LdwE=) 6: OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl (hash: oLOfEjCavnV5qG2a+ieJM/w6djMH1XaHq2XifG92Q9o=) 7: P0hYRZk_epkkwrcDiaxk_ejd9pE.roa (hash: RbP7Hj7hNb6SHmHJtPw1bzOEo2w8Ign3eKIaXKeZWz8=) 8: SOBAES4j7h-D6nKfccoc2NpSr8A.roa (hash: vmAKmT6VUkF1cozh164hgKJKVk8BJXYwDbwibYkkVy4=) 9: WBa-OMWvS5R9EiWcpIqPa_m7lKo.roa (hash: JhWDx8KAw0uX/VJGQRKzvoZLcAnbsOAM+D0EwwgJJrs=) 10: _6ucnx77KQFalvj5yEE2wp5osls.roa (hash: Xw55WCSv/8tmiRj4/KKvZ6v3swmB6TKO4qL1Xw6aI30=) 11: hmNo0lfF6aVfLa7MkqmEKjtbdyQ.roa (hash: +xwhsq1RdvJOWfeJtHcoWSMc+U0UkSWEqMUWf9xz80w=) 12: jtw47htspCaZBqLn-szAwwLDgRI.roa (hash: 4ge4ZfZPpCPnlsJ6k5nbKp3z9nIWCai+fnrSIWJ/WUA=) 13: jzrvK-bgXnpFKZtkluSwDEQbp08.roa (hash: ZM3tthCJVaSjXclzoJDdeWjLh7O5ICpnIBuMTiMEL9g=) 14: nDB6bqiXy-rzhdku9Lj005kPHfA.roa (hash: 0AJR+PurXnO7T0pJNk8Tq3MFQx7X/cSxW3eCAXJvtLk=) 15: pvCC0r4LUt3fsl1VHVQdfXh8Y18.roa (hash: 7j0tvWV4dVH4uAAkH8k/IyIqfSMk5UZQp8CnBxjMpFY=) 16: u50dx3Lab1g7VZDVh4T56LPcn_0.roa (hash: jDquIHZmp2NFyWqEfhpXVj8qaJ2TUhubdI3kfdM2qms=) 17: z5q48ktpf1eARPpbmIGK9GsvsrQ.roa (hash: tmWASzkDn54AHUg2VFq+szTIlcEFXE4zmXDoc40cFbw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 09:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:4f:98:d0:aa:c6:9d:55:9f:41:87:d6:63:0f:13:ca:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Validity Not Before: Nov 4 16:00:06 2025 GMT Not After : Nov 5 16:00:06 2025 GMT Subject: CN=6a49ab985cdc9bc5803e0050a7c2c8cfb6ffe49b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:32:8c:4f:f6:e3:11:19:fb:dd:74:85:0b:1a: 02:4d:eb:e2:e6:5a:6c:6f:6d:7e:b7:78:ad:92:65: 2b:bc:20:29:73:5a:52:96:a3:b3:90:e0:cf:9f:f9: 8f:29:ab:63:cb:26:37:ff:f3:90:2f:05:a1:0f:a1: 26:47:13:b8:8b:fe:b9:0b:18:68:c5:27:57:41:27: 37:ea:ca:5d:f3:47:59:37:e8:29:f7:c5:eb:e8:ee: 25:3c:30:6e:bc:5e:21:76:f8:3f:4f:8e:40:64:10: c4:63:c7:5c:50:a3:4c:45:7c:b4:34:ea:ad:d3:a9: 59:ab:72:7a:ff:5c:f1:40:39:99:07:be:63:4c:7b: d3:68:88:46:27:e9:f1:85:ed:10:df:20:37:89:8e: c0:d2:0f:41:5b:ce:ed:29:14:1d:f6:15:56:50:c2: f3:bd:b0:69:af:e7:16:72:12:0d:da:7a:7d:a7:f9: 7a:56:42:cb:df:19:8c:fd:76:f9:27:26:58:d5:df: 31:4d:b0:db:6b:98:4c:84:03:45:83:06:67:11:ff: 12:ea:80:bd:bc:ea:da:79:83:24:92:bb:a4:df:6d: fe:00:8f:f1:93:d0:cf:f6:70:b6:b3:01:6e:74:08: 07:d0:b2:f7:82:88:f1:87:47:eb:0b:6b:ec:74:64: bd:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:49:AB:98:5C:DC:9B:C5:80:3E:00:50:A7:C2:C8:CF:B6:FF:E4:9B X509v3 Authority Key Identifier: keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:59:4f:1b:dc:e4:e2:63:a5:95:a0:49:28:b7:70:24:e0:1d: 8f:a7:2a:fe:53:07:7c:c2:49:cd:11:1b:a8:43:df:74:f6:b8: 80:be:33:a1:c1:e0:4a:68:95:d2:fc:24:b0:af:b8:38:03:01: 8f:7a:f8:bd:36:55:ab:9d:70:56:fa:12:35:6c:2b:48:0b:61: bc:68:94:ab:fd:13:9b:a7:04:7c:27:db:0a:f3:9f:25:45:ed: f4:58:59:13:32:87:84:7a:2c:f4:87:8a:e3:8e:2e:ce:f3:f4: 6b:c8:59:a3:82:b0:a3:ab:6e:66:17:de:b0:c1:fe:b3:cf:06: 60:bb:02:08:84:4f:ac:8a:a2:f7:d7:51:b4:53:27:fe:a4:80: 9b:6c:dd:3f:15:64:ff:c9:86:99:02:ca:0b:5b:c1:be:38:41: cc:dc:b8:b2:ad:cb:d8:27:20:d8:ce:1b:af:7f:b3:61:93:28: bb:c6:39:80:4a:93:cd:1a:15:b7:9c:65:e9:ba:ef:49:0d:ec: 11:d5:af:8d:d5:df:ce:8a:e5:a2:6a:f9:7b:61:d5:aa:dc:a8: ec:3a:98:b3:5e:8f:8b:0d:4f:ff:0b:a4:5b:c3:65:30:44:83: f2:39:2b:2d:43:cb:71:c8:b6:0a:cb:f2:97:0c:f1:6f:1d:bf: b2:bd:17:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpPmNCqxp1Vn0GH1mMPE8oCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm OGNiZDgwHhcNMjUxMTA0MTYwMDA2WhcNMjUxMTA1MTYwMDA2WjAzMTEwLwYDVQQD Eyg2YTQ5YWI5ODVjZGM5YmM1ODAzZTAwNTBhN2MyYzhjZmI2ZmZlNDliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jKMT/bjERn73XSFCxoCTevi5lps b21+t3itkmUrvCApc1pSlqOzkODPn/mPKatjyyY3//OQLwWhD6EmRxO4i/65Cxho xSdXQSc36spd80dZN+gp98Xr6O4lPDBuvF4hdvg/T45AZBDEY8dcUKNMRXy0NOqt 06lZq3J6/1zxQDmZB75jTHvTaIhGJ+nxhe0Q3yA3iY7A0g9BW87tKRQd9hVWUMLz vbBpr+cWchIN2np9p/l6VkLL3xmM/Xb5JyZY1d8xTbDba5hMhANFgwZnEf8S6oC9 vOraeYMkkruk323+AI/xk9DP9nC2swFudAgH0LL3gojxh0frC2vsdGS9vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGpJq5hc3JvFgD4AUKfCyM+2/+SbMB8GA1UdIwQY MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt NjA5YTQ4YjJiMTRkLzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFlPG9zk 4mOllaBJKLdwJOAdj6cq/lMHfMJJzREbqEPfdPa4gL4zocHgSmiV0vwksK+4OAMB j3r4vTZVq51wVvoSNWwrSAthvGiUq/0Tm6cEfCfbCvOfJUXt9FhZEzKHhHos9IeK 444uzvP0a8hZo4Kwo6tuZhfesMH+s88GYLsCCIRPrIqi99dRtFMn/qSAm2zdPxVk /8mGmQLKC1vBvjhBzNy4sq3L2Ccg2M4br3+zYZMou8Y5gEqTzRoVt5xl6brvSQ3s EdWvjdXfzorlomr5e2HVqtyo7DqYs16Piw1P/wukW8NlMESD8jkrLUPLcci2Csvy lwzxbx2/sr0XQg== -----END CERTIFICATE-----Generated at Tue Nov 4 17:32:56 2025 by rpki-client