$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft File: ER1oFDdScdGjy9EhVdsR0r1BqNM.mft (raw, json) Hash identifier: SZvj+qg7Nj7eJwMeuOhAQFzHdZVS8IXtbTt99A90a0E= Subject key identifier: 00:13:37:00:7B:C8:85:86:21:43:50:77:85:38:8E:6D:34:B3:88:33 Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3 Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3 Certificate serial: 019A503DDE59B7127D45768E9CAF2ED974E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft Manifest number: 15D3 Signing time: Tue 04 Nov 2025 19:00:23 +0000 Manifest this update: Tue 04 Nov 2025 19:00:23 +0000 Manifest next update: Wed 05 Nov 2025 19:00:23 +0000 Files and hashes: 1: 1-Eladd6sj8Y7vq1mtW5h6ASM_tM.roa (hash: auxhruGljCxtN9ijkL9KZ/K4C+RcNKrzhKvUSRg/9HQ=) 2: 1-dpIOgQrHNlMUsxt6C2Ztf5nfuM.roa (hash: pCUJMhojWf39aVt/QyofbsbuGjc8Gizw3ZJ2MSqOsTA=) 3: 1-gUTUj2JpuChCvozdxCQFTR22DM.roa (hash: f/2CCyCRw0ujuPO8AP04nbSH6GVLpL5l8bdrrfS8KoQ=) 4: 4JmdsvBatEpFanHBLwN8tE53B0o.roa (hash: rZ4Y8EU6soeJCyiHjLhVB0iARab8gRMfLlwRpZ6KFuk=) 5: 7ap_QJi20SaGnPgK1pV6_7cP-Uo.roa (hash: BOo8F2wEw4BgZClwTOfUjkt0HIqhHPtSsQJru4E0kFk=) 6: 7pYVLfxDyksCdUmiOhbgviOo3x8.roa (hash: QcPN759vJqixjDGU3gmMeZsCeSMWabiqP3hVma37vPU=) 7: ER1oFDdScdGjy9EhVdsR0r1BqNM.crl (hash: gQ7p4cyYvrmuZyOKFyZjYdLW9fhpdTVSTd6WYNynVIE=) 8: Hfkubm6yrWEn7gBE9wSMaD_ExXE.roa (hash: FXP2ir2FJkx6oy+MltDsbhNB8kOwwEjeXoSk5fOxlUM=) 9: Kk7xKrzHzx6qmDJI5CVBM_Sl474.roa (hash: m5FUWhJ54zbQwUlYkehhIiOw3x1SXokhdxGSIsx1B6c=) 10: Si8V8khtv0yVUA78DGGzfalNcCk.roa (hash: TuKNETdYYEdxWIcOAjkF1OdADD7zXp4g+mS6E5V7pvo=) 11: XjirH4cwDvxlRkAGxm7FSwAK2sM.roa (hash: YF/U/qPEr6M3Q+MIXQrnfUUKIV5n5WTRe7Dd9hsZTtM=) 12: aaSIhAJHCTwygtdFuXnOQPW6bY4.roa (hash: wv3RWyn/0THt7bCTdq/aMs2HWBM2MxgNANY6nblHNaA=) 13: azpo2jbXZip4fzf6JfxzYCloMXU.roa (hash: lChd9oLNFRupauF5HA1DBK7UGcNDTVpyA1eioCbGUns=) 14: cozXNddBZMRS0D_fVDWk42XqVNI.roa (hash: nP2wP4zibtasbSbsg7EMlMPSKjFkuBzXXdP2DBCONIM=) 15: iwe0kg-crqIWyp2IScMa9LxREgQ.roa (hash: CaVzf6weXzwiNznLUpeTB+QaHcaNjVgYiVjygsUgHxg=) 16: lQoeI3fot2NEOazpcJqwENKoEUU.roa (hash: Elimcemes6spMNky/T+TAYcPtxVw5jFrGcayiuk5D80=) 17: vsEC-C0-IZ2XJzdCqJMyLFlVXyo.roa (hash: 6dyvsyNO+SBB5YmEGzfWoUfWH/YqXAoOIBD3aTROXnU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 18:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:50:3d:de:59:b7:12:7d:45:76:8e:9c:af:2e:d9:74:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3 Validity Not Before: Nov 4 19:00:23 2025 GMT Not After : Nov 5 19:00:23 2025 GMT Subject: CN=001337007bc885862143507785388e6d34b38833 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c9:5a:2b:7b:0e:09:2e:69:e8:2e:85:71:f7: 86:3d:e4:57:93:90:b6:bc:e7:43:49:c8:74:56:7a: 7e:0e:62:c6:2e:82:bd:eb:66:9b:cd:78:d3:b5:92: 42:c2:4e:83:b2:ef:1b:a8:f9:73:3f:8e:38:27:cc: ad:bb:48:b1:5d:c2:bb:c0:15:5c:a6:90:02:b8:9c: da:96:e8:5e:b6:28:6d:ad:25:f4:24:cd:1e:7d:ea: 95:8e:8f:03:7e:09:16:4e:37:e8:1e:6b:de:2f:dd: c8:b9:d4:30:ff:89:0e:ec:57:3a:3e:4d:04:0f:54: 75:00:b7:5c:a4:c6:e7:e4:da:6e:01:f4:9f:bd:83: cc:b3:b1:e0:ae:2e:a8:9c:79:20:eb:0d:0d:e9:54: f1:52:94:e1:88:c0:fb:c2:1c:06:25:f7:39:8a:e4: 3c:33:6f:c8:a1:a4:aa:ad:5b:25:28:2e:76:31:e5: 69:f4:3e:ad:70:45:1e:4e:8d:17:04:2d:ea:02:52: bf:1d:d0:8c:6e:9d:20:e8:94:14:b0:67:00:b3:a7: 4a:7e:49:90:0a:13:3f:6b:30:e8:ef:4b:b5:60:42: 77:ee:de:16:93:8b:d9:02:0d:1b:61:cc:6b:de:65: 35:c5:3f:25:e5:44:bc:75:9b:68:27:31:b5:87:f8: d2:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:13:37:00:7B:C8:85:86:21:43:50:77:85:38:8E:6D:34:B3:88:33 X509v3 Authority Key Identifier: keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:9a:10:b3:da:87:fa:f8:44:fb:06:a2:98:76:45:fc:8c:50: df:cd:81:3b:d6:11:e1:1d:74:09:01:6a:02:33:9e:61:36:f4: bf:c1:a2:08:3d:8d:b1:91:41:93:95:8a:71:a3:8d:06:c8:0b: 2a:9d:c2:95:6c:e2:f3:e9:ca:13:30:48:c5:ef:89:73:4d:a8: ca:e9:1a:22:15:c7:68:41:7d:75:1d:66:1e:0c:a9:a7:d1:c9: 7b:cc:21:8f:88:ed:f6:a0:cc:2d:77:c5:0c:81:ad:95:99:a1: e3:89:e3:d5:33:72:8f:41:24:5b:9d:69:fb:56:36:39:4d:08: 52:f8:74:12:25:b4:77:0f:c6:cb:08:34:d1:fd:c1:e5:0a:32: 39:0c:b4:89:2e:ea:e8:e9:d4:ab:96:79:d1:9e:b1:74:55:d5: aa:11:0e:4b:e6:05:01:60:b4:f6:50:e9:20:93:26:18:2e:eb: 49:6f:43:57:c3:ce:1e:cd:1d:75:75:bd:b2:cb:11:8a:ab:3b: 47:19:ab:33:7b:cd:a5:0a:87:d1:ba:89:58:55:a3:45:3b:e9: 4f:a1:9b:33:8a:fe:c4:b3:b9:e1:e9:a9:f6:56:0f:d4:9f:ed: 7d:76:40:97:ac:ee:f0:a0:06:8d:c2:dc:b7:a4:47:3b:84:8e: b7:ed:d5:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZpQPd5ZtxJ9RXaOnK8u2XTlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0 MWE4ZDMwHhcNMjUxMTA0MTkwMDIzWhcNMjUxMTA1MTkwMDIzWjAzMTEwLwYDVQQD EygwMDEzMzcwMDdiYzg4NTg2MjE0MzUwNzc4NTM4OGU2ZDM0YjM4ODMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwclaK3sOCS5p6C6FcfeGPeRXk5C2 vOdDSch0Vnp+DmLGLoK962abzXjTtZJCwk6Dsu8bqPlzP444J8ytu0ixXcK7wBVc ppACuJzaluhetihtrSX0JM0efeqVjo8DfgkWTjfoHmveL93IudQw/4kO7Fc6Pk0E D1R1ALdcpMbn5NpuAfSfvYPMs7Hgri6onHkg6w0N6VTxUpThiMD7whwGJfc5iuQ8 M2/IoaSqrVslKC52MeVp9D6tcEUeTo0XBC3qAlK/HdCMbp0g6JQUsGcAs6dKfkmQ ChM/azDo70u1YEJ37t4Wk4vZAg0bYcxr3mU1xT8l5US8dZtoJzG1h/jSAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAATNwB7yIWGIUNQd4U4jm00s4gzMB8GA1UdIwQY MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt MjcxZDI1ZTIwNTc0LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0 LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANJoQs9qH +vhE+waimHZF/IxQ382BO9YR4R10CQFqAjOeYTb0v8GiCD2NsZFBk5WKcaONBsgL Kp3ClWzi8+nKEzBIxe+Jc02oyukaIhXHaEF9dR1mHgypp9HJe8whj4jt9qDMLXfF DIGtlZmh44nj1TNyj0EkW51p+1Y2OU0IUvh0EiW0dw/Gywg00f3B5QoyOQy0iS7q 6OnUq5Z50Z6xdFXVqhEOS+YFAWC09lDpIJMmGC7rSW9DV8POHs0ddXW9sssRiqs7 RxmrM3vNpQqH0bqJWFWjRTvpT6GbM4r+xLO54emp9lYP1J/tfXZAl6zu8KAGjcLc t6RHO4SOt+3V7g== -----END CERTIFICATE-----Generated at Tue Nov 4 23:53:45 2025 by rpki-client