$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft File: 520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json) Hash identifier: qChUlnpmGO9q1gVpolbD27t2rsdOD5A3l1CH6YFmqP0= Subject key identifier: 76:BE:21:7E:80:75:BB:82:F0:57:DC:F5:A4:13:72:FE:96:C9:B4:7F Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Certificate serial: 0199FFC8253AFC8236BC6F1F217A9AA5D69C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft Manifest number: 11D1 Signing time: Mon 20 Oct 2025 04:02:10 +0000 Manifest this update: Mon 20 Oct 2025 04:02:10 +0000 Manifest next update: Tue 21 Oct 2025 04:02:10 +0000 Files and hashes: 1: 1-i_ESwYWDKjvxe-cLQFb33q5Qu0.roa (hash: MWN71QN/v297mIABIQi0BIqexEx6vQv3LxWHulQ1lh0=) 2: 3uMGCa1hGu4z3o3-_G7z4ipL-iU.roa (hash: W9UTR4UDUFmqfh0USMFmsobpW7zQlT5fd2b07I+b238=) 3: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: GwcQ1ZmKnt2HMpqv9iLq/8v4GCiIE7dWObXgTScsDxU=) 4: 53Cd6ksm6jJ9RlO5imUtuWj1rJA.roa (hash: cQll3lCbJxJtoxzsBZdQMm8ZJ1gmBBCp3yO2flYfKKU=) 5: 5aybWk2Ky5dF88Dl5BHsEFM1SO0.roa (hash: H+JwBN0SZWGViTYdzpWvA1lltG+ihuV8ot5mKPyc2Ag=) 6: D51k8Yufzem8ogKjVaG-BE3-N9Q.roa (hash: LfZnqpQQPapIc1GbVrcmd90U2aDXCgwED1y7JLo14nI=) 7: EEzCfGegHPEpdqTqvMRMlcFre1Y.roa (hash: uwoju1vAFdOs3H0Q+w/qT7aEQBJpMP98DiaXonyIQ9M=) 8: EQAhdlSS1FIFJlau-mazb3tbQD8.roa (hash: EYIWh35VYrIjFevk0wSjam09x/CTgAsspbJddnJMeDU=) 9: PLzlfTmqAL1rzlLN1TFrpHpYMVU.roa (hash: INujx6I3LZF9XIVr4zE9W5J6NHU6IlkfUKgf+j8aJrU=) 10: QCPaGZ8bi2Da50RQ4k8ya1w0dq4.roa (hash: UeTuehE3XWxqnHJAwNv7xL7hPz4xW2vyEJKj+BsbTow=) 11: aAu5S5IbLCTcHF2sjNSq_YvIkRs.roa (hash: Ofs8Vq4O2KmWTmDnq5aKJmZojKw/IVecQ8WTuC45ixk=) 12: fjY_g_wwgFPVt57q0tJYGzzoSDw.roa (hash: qq4Ldl54/taiWut/8vwq9PH71gezdeLMf1VMPmsHUe8=) 13: nOw141dLNmkj2u2FTqG2Wvc-gVM.roa (hash: CQnQRUA/+q6ZVbEZKZtps04sWUzpVEunbxRhthCLZIQ=) 14: pw1_qD5J6o76enPdGNTr_4Viub8.roa (hash: L6pLEncIISYEMGBKzu7DbyUXVYEOgT4kfh4modTEATA=) 15: qigZWtFurHaD054OcaOqq49am_w.roa (hash: Sa19eTl0ldE9k7oxfeYcou5g3EZnF3X8bF0Hbur3zdE=) 16: tRNXUlx68rKP9UOE-hhExB1kws8.roa (hash: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=) 17: ve2cUb4I36o88cUncaHeOHK5tGk.roa (hash: 6gTupRG97QR/JQvN8ay2tdbOI4Q3EMkpnACGQxjxniI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 21 Oct 2025 00:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:ff:c8:25:3a:fc:82:36:bc:6f:1f:21:7a:9a:a5:d6:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Validity Not Before: Oct 20 04:02:10 2025 GMT Not After : Oct 21 04:02:10 2025 GMT Subject: CN=76be217e8075bb82f057dcf5a41372fe96c9b47f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:c3:72:8b:37:7a:48:35:5c:7b:17:7f:c8:94: fd:18:ae:20:63:86:0f:d4:42:59:f3:70:ea:4c:b1: f1:9f:2e:09:d1:92:5f:ab:61:d5:48:52:6a:5b:33: a0:a8:10:b7:55:25:8e:8b:ae:68:eb:e8:45:b9:aa: d3:7f:bc:67:47:50:3e:f5:98:3a:63:08:4a:7f:c7: f6:53:29:38:85:c5:fe:8a:ae:fc:89:0c:a3:56:87: ea:5e:65:15:de:89:7b:eb:99:dc:6a:cd:e0:85:f0: 48:f1:47:13:94:24:66:d9:33:e2:2f:34:9f:c7:14: 79:c6:a6:97:0f:57:fb:68:1a:b8:af:39:40:c2:67: 20:5b:1c:5e:23:cb:55:26:2f:de:bf:af:cc:0f:47: e5:0d:b1:ba:e4:b3:9d:7b:f5:76:60:f0:eb:d4:e7: b8:01:af:22:ff:82:a3:3d:1b:7c:a3:d3:96:c0:d5: bb:23:75:e1:9c:90:13:70:55:39:7c:92:ea:77:6b: 4d:83:1a:e6:7e:7a:8b:dd:76:b4:6f:40:90:9d:72: 2d:1a:26:1d:95:e1:e0:d1:77:0b:df:68:a6:69:c2: 34:fd:96:22:37:54:83:0b:72:19:2b:f0:85:43:8a: e1:e2:48:f8:2d:bf:c1:50:2e:fc:b4:3c:0d:4d:7e: 7a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:BE:21:7E:80:75:BB:82:F0:57:DC:F5:A4:13:72:FE:96:C9:B4:7F X509v3 Authority Key Identifier: keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:4c:f3:09:f8:a4:e7:bd:9e:c7:18:aa:bc:3f:4c:98:c1:66: 41:e7:15:b3:ae:53:7e:aa:15:a7:b7:8e:66:06:3c:2e:5c:99: b0:79:1f:f0:2e:b7:9a:c0:6f:b4:ac:b5:7a:0e:4f:15:d9:1b: 62:6b:d4:67:13:9f:c0:6d:3f:8b:a1:44:48:f0:23:e3:97:1d: cc:89:d5:2e:bd:24:31:56:1b:a1:ef:29:14:68:54:f7:58:1c: cd:42:e5:3f:30:a1:53:66:f1:58:70:c8:c7:bf:07:cf:03:a3: 97:24:6b:a4:e6:ad:cf:f8:d3:1f:e9:33:3b:57:06:95:a4:e5: 4f:a2:2c:47:f6:34:ef:53:6b:73:e0:57:c5:c4:29:12:23:71: 5e:72:08:c5:ed:bb:b4:56:1a:19:25:f8:5d:e5:a0:f7:e5:ae: 9e:77:31:3a:1e:62:ae:ad:c5:1f:5e:b2:8c:c5:a5:6e:79:b4: c2:6c:f5:9e:67:23:4a:bb:ea:0d:ca:22:c9:96:10:33:7e:e7: 64:2a:cd:55:9d:25:0c:f7:12:f5:ee:f1:15:16:61:32:34:3e: 2e:d0:6d:54:4e:58:6f:0c:20:a0:1a:82:83:fa:51:a0:1e:27: 32:43:24:5d:2f:79:cd:6c:b9:42:7f:e2:76:10:f4:7a:55:71: 4b:26:ba:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZn/yCU6/II2vG8fIXqapdacMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx OGM5YmMwHhcNMjUxMDIwMDQwMjEwWhcNMjUxMDIxMDQwMjEwWjAzMTEwLwYDVQQD Eyg3NmJlMjE3ZTgwNzViYjgyZjA1N2RjZjVhNDEzNzJmZTk2YzliNDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48Nyizd6SDVcexd/yJT9GK4gY4YP 1EJZ83DqTLHxny4J0ZJfq2HVSFJqWzOgqBC3VSWOi65o6+hFuarTf7xnR1A+9Zg6 YwhKf8f2Uyk4hcX+iq78iQyjVofqXmUV3ol765ncas3ghfBI8UcTlCRm2TPiLzSf xxR5xqaXD1f7aBq4rzlAwmcgWxxeI8tVJi/ev6/MD0flDbG65LOde/V2YPDr1Oe4 Aa8i/4KjPRt8o9OWwNW7I3XhnJATcFU5fJLqd2tNgxrmfnqL3Xa0b0CQnXItGiYd leHg0XcL32imacI0/ZYiN1SDC3IZK/CFQ4rh4kj4Lb/BUC78tDwNTX56OwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHa+IX6AdbuC8Ffc9aQTcv6WybR/MB8GA1UdIwQY MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5 LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJUzzCfik 572exxiqvD9MmMFmQecVs65TfqoVp7eOZgY8LlyZsHkf8C63msBvtKy1eg5PFdkb YmvUZxOfwG0/i6FESPAj45cdzInVLr0kMVYboe8pFGhU91gczULlPzChU2bxWHDI x78HzwOjlyRrpOatz/jTH+kzO1cGlaTlT6IsR/Y071Nrc+BXxcQpEiNxXnIIxe27 tFYaGSX4XeWg9+WunncxOh5irq3FH16yjMWlbnm0wmz1nmcjSrvqDcoiyZYQM37n ZCrNVZ0lDPcS9e7xFRZhMjQ+LtBtVE5YbwwgoBqCg/pRoB4nMkMkXS95zWy5Qn/i dhD0elVxSya6GQ== -----END CERTIFICATE-----Generated at Mon Oct 20 08:44:15 2025 by rpki-client