$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft File: ER1oFDdScdGjy9EhVdsR0r1BqNM.mft (raw, json) Hash identifier: PM/OH3bfFzRpmg1vgp73Y+s5mPZ+0HIpgtjEHq3K4qE= Subject key identifier: E9:85:44:91:14:A2:91:A8:EA:8D:34:3B:29:FF:6D:E7:88:5A:39:65 Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3 Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3 Certificate serial: 0196748C2F7D3376A0AC33AC6EDD3A3D15FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft Manifest number: 13D3 Signing time: Sun 27 Apr 2025 00:01:06 +0000 Manifest this update: Sun 27 Apr 2025 00:01:06 +0000 Manifest next update: Mon 28 Apr 2025 00:01:06 +0000 Files and hashes: 1: 1-Eladd6sj8Y7vq1mtW5h6ASM_tM.roa (hash: auxhruGljCxtN9ijkL9KZ/K4C+RcNKrzhKvUSRg/9HQ=) 2: 1-dpIOgQrHNlMUsxt6C2Ztf5nfuM.roa (hash: pCUJMhojWf39aVt/QyofbsbuGjc8Gizw3ZJ2MSqOsTA=) 3: 1-gUTUj2JpuChCvozdxCQFTR22DM.roa (hash: f/2CCyCRw0ujuPO8AP04nbSH6GVLpL5l8bdrrfS8KoQ=) 4: 4JmdsvBatEpFanHBLwN8tE53B0o.roa (hash: rZ4Y8EU6soeJCyiHjLhVB0iARab8gRMfLlwRpZ6KFuk=) 5: 7ap_QJi20SaGnPgK1pV6_7cP-Uo.roa (hash: BOo8F2wEw4BgZClwTOfUjkt0HIqhHPtSsQJru4E0kFk=) 6: 7pYVLfxDyksCdUmiOhbgviOo3x8.roa (hash: QcPN759vJqixjDGU3gmMeZsCeSMWabiqP3hVma37vPU=) 7: ER1oFDdScdGjy9EhVdsR0r1BqNM.crl (hash: ztINYALysOxlS5hPYKwDyrZRRe9Uy5QyPUr+QEbekso=) 8: Hfkubm6yrWEn7gBE9wSMaD_ExXE.roa (hash: FXP2ir2FJkx6oy+MltDsbhNB8kOwwEjeXoSk5fOxlUM=) 9: Kk7xKrzHzx6qmDJI5CVBM_Sl474.roa (hash: m5FUWhJ54zbQwUlYkehhIiOw3x1SXokhdxGSIsx1B6c=) 10: Si8V8khtv0yVUA78DGGzfalNcCk.roa (hash: TuKNETdYYEdxWIcOAjkF1OdADD7zXp4g+mS6E5V7pvo=) 11: XjirH4cwDvxlRkAGxm7FSwAK2sM.roa (hash: YF/U/qPEr6M3Q+MIXQrnfUUKIV5n5WTRe7Dd9hsZTtM=) 12: aaSIhAJHCTwygtdFuXnOQPW6bY4.roa (hash: wv3RWyn/0THt7bCTdq/aMs2HWBM2MxgNANY6nblHNaA=) 13: cozXNddBZMRS0D_fVDWk42XqVNI.roa (hash: nP2wP4zibtasbSbsg7EMlMPSKjFkuBzXXdP2DBCONIM=) 14: iwe0kg-crqIWyp2IScMa9LxREgQ.roa (hash: CaVzf6weXzwiNznLUpeTB+QaHcaNjVgYiVjygsUgHxg=) 15: lQoeI3fot2NEOazpcJqwENKoEUU.roa (hash: Elimcemes6spMNky/T+TAYcPtxVw5jFrGcayiuk5D80=) 16: vsEC-C0-IZ2XJzdCqJMyLFlVXyo.roa (hash: 6dyvsyNO+SBB5YmEGzfWoUfWH/YqXAoOIBD3aTROXnU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 27 Apr 2025 20:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:96:74:8c:2f:7d:33:76:a0:ac:33:ac:6e:dd:3a:3d:15:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3 Validity Not Before: Apr 27 00:01:06 2025 GMT Not After : Apr 28 00:01:06 2025 GMT Subject: CN=e985449114a291a8ea8d343b29ff6de7885a3965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:82:2f:40:91:5c:66:37:c9:12:99:ea:20:e3: 20:c1:13:44:d0:25:7e:05:30:42:bc:7f:3e:8a:36: 45:8a:50:0b:51:67:ee:df:2f:ba:d4:d0:c6:da:fa: 64:e3:00:f5:eb:5b:57:87:2d:b2:f8:7c:e1:16:72: 1b:fd:45:41:77:60:c9:ac:52:f8:07:33:ff:e6:b2: 6c:98:4a:46:0d:f0:1b:85:84:86:de:9c:da:e1:71: 78:37:70:18:46:b7:bb:24:f1:69:dc:f8:09:e0:a2: 5a:99:2d:33:08:11:21:42:4f:8c:38:5d:df:8e:a2: 21:37:7c:22:ca:b7:9d:2a:54:b0:a6:97:af:d3:b5: cc:11:b9:94:a2:8b:7f:2d:bb:69:6a:7d:c0:f1:e1: fa:be:4d:50:98:71:fd:44:0d:ad:a1:e6:b7:0c:09: 0b:50:8f:f6:77:fb:ae:25:0d:8e:01:2d:df:6a:0d: 1f:fe:6a:b5:b1:ea:89:27:19:5a:55:ce:23:c1:c7: 3b:be:b8:26:ef:24:98:43:7d:4b:26:21:72:44:25: 31:25:a5:02:c3:e2:1b:b0:74:b8:ba:29:92:a5:c7: a9:3d:4a:d5:eb:d7:8f:d0:57:80:c1:83:1c:30:9e: 59:f6:85:91:70:d0:4f:90:08:6c:d4:d1:9b:7b:f1: 21:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:85:44:91:14:A2:91:A8:EA:8D:34:3B:29:FF:6D:E7:88:5A:39:65 X509v3 Authority Key Identifier: keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:57:c1:8d:32:72:d6:1b:b1:30:90:c8:b5:0c:2f:ca:b9:12: 39:88:2f:0b:f5:08:b1:8f:62:1a:a7:b8:49:8c:eb:ca:07:68: b3:4f:2e:c3:3d:82:a9:6d:71:07:13:91:60:84:79:09:11:50: ef:47:df:d7:44:6c:b7:e6:17:4c:c6:81:7f:19:1a:60:7d:82: db:07:d0:92:82:41:10:a2:17:e9:69:b9:a7:4a:ba:92:83:33: 92:5a:0c:86:e5:8d:d7:7d:fc:5e:50:36:a7:01:8e:27:41:a9: de:5d:cd:9b:4a:d1:34:cc:0c:92:75:62:39:79:8c:5b:80:53: ae:c6:b0:cd:f7:bb:9d:67:9f:de:28:5f:29:45:b3:ba:11:79: 68:bc:ad:60:21:d0:b9:16:93:10:bd:94:4c:0b:50:bf:0f:54: 0c:cc:79:35:67:01:8e:b6:38:46:83:17:aa:c7:e0:c9:24:b5: 03:7f:03:0b:fb:6b:cb:1b:94:20:32:97:66:a5:a0:d3:bc:75: be:20:db:c8:5c:92:2b:97:4b:19:d9:39:9e:0a:05:64:d0:b3: 83:d5:e9:07:b9:9d:f9:f0:c7:9f:04:01:d3:e4:3a:44:b0:49: 1c:c6:af:d2:40:42:ff:54:13:87:ac:91:5a:02:80:37:98:2b: 26:46:e6:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZZ0jC99M3agrDOsbt06PRX6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0 MWE4ZDMwHhcNMjUwNDI3MDAwMTA2WhcNMjUwNDI4MDAwMTA2WjAzMTEwLwYDVQQD EyhlOTg1NDQ5MTE0YTI5MWE4ZWE4ZDM0M2IyOWZmNmRlNzg4NWEzOTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYIvQJFcZjfJEpnqIOMgwRNE0CV+ BTBCvH8+ijZFilALUWfu3y+61NDG2vpk4wD161tXhy2y+HzhFnIb/UVBd2DJrFL4 BzP/5rJsmEpGDfAbhYSG3pza4XF4N3AYRre7JPFp3PgJ4KJamS0zCBEhQk+MOF3f jqIhN3wiyredKlSwppev07XMEbmUoot/Lbtpan3A8eH6vk1QmHH9RA2toea3DAkL UI/2d/uuJQ2OAS3fag0f/mq1seqJJxlaVc4jwcc7vrgm7ySYQ31LJiFyRCUxJaUC w+IbsHS4uimSpcepPUrV69eP0FeAwYMcMJ5Z9oWRcNBPkAhs1NGbe/Eh3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOmFRJEUopGo6o00Oyn/beeIWjllMB8GA1UdIwQY MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt MjcxZDI1ZTIwNTc0LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0 LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi1fBjTJy 1huxMJDItQwvyrkSOYgvC/UIsY9iGqe4SYzrygdos08uwz2CqW1xBxORYIR5CRFQ 70ff10Rst+YXTMaBfxkaYH2C2wfQkoJBEKIX6Wm5p0q6koMzkloMhuWN1338XlA2 pwGOJ0Gp3l3Nm0rRNMwMknViOXmMW4BTrsawzfe7nWef3ihfKUWzuhF5aLytYCHQ uRaTEL2UTAtQvw9UDMx5NWcBjrY4RoMXqsfgySS1A38DC/tryxuUIDKXZqWg07x1 viDbyFySK5dLGdk5ngoFZNCzg9XpB7md+fDHnwQB0+Q6RLBJHMav0kBC/1QTh6yR WgKAN5grJkbmRA== -----END CERTIFICATE-----Generated at Sun Apr 27 05:34:14 2025 by rpki-client