$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft File: 520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json) Hash identifier: gEjLyBKtSisUNQ/zJ45BB+LA4aVELLDT4MiaIShBzl0= Subject key identifier: 45:17:0A:8F:86:7D:80:3C:9D:39:82:1B:3A:D6:2C:25:3F:99:CD:66 Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Certificate serial: 0197B5C4D1E24CB0C18A1D5488889FDE3C21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft Manifest number: 10A0 Signing time: Sat 28 Jun 2025 09:01:04 +0000 Manifest this update: Sat 28 Jun 2025 09:01:04 +0000 Manifest next update: Sun 29 Jun 2025 09:01:04 +0000 Files and hashes: 1: 1-i_ESwYWDKjvxe-cLQFb33q5Qu0.roa (hash: MWN71QN/v297mIABIQi0BIqexEx6vQv3LxWHulQ1lh0=) 2: 3uMGCa1hGu4z3o3-_G7z4ipL-iU.roa (hash: W9UTR4UDUFmqfh0USMFmsobpW7zQlT5fd2b07I+b238=) 3: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: KDk9BSXm9xfPqQ9/vIbutfNoI2+XuPnRsieaj6/ZYfg=) 4: 53Cd6ksm6jJ9RlO5imUtuWj1rJA.roa (hash: cQll3lCbJxJtoxzsBZdQMm8ZJ1gmBBCp3yO2flYfKKU=) 5: 5aybWk2Ky5dF88Dl5BHsEFM1SO0.roa (hash: H+JwBN0SZWGViTYdzpWvA1lltG+ihuV8ot5mKPyc2Ag=) 6: D51k8Yufzem8ogKjVaG-BE3-N9Q.roa (hash: LfZnqpQQPapIc1GbVrcmd90U2aDXCgwED1y7JLo14nI=) 7: EEzCfGegHPEpdqTqvMRMlcFre1Y.roa (hash: uwoju1vAFdOs3H0Q+w/qT7aEQBJpMP98DiaXonyIQ9M=) 8: EQAhdlSS1FIFJlau-mazb3tbQD8.roa (hash: EYIWh35VYrIjFevk0wSjam09x/CTgAsspbJddnJMeDU=) 9: PLzlfTmqAL1rzlLN1TFrpHpYMVU.roa (hash: INujx6I3LZF9XIVr4zE9W5J6NHU6IlkfUKgf+j8aJrU=) 10: QCPaGZ8bi2Da50RQ4k8ya1w0dq4.roa (hash: UeTuehE3XWxqnHJAwNv7xL7hPz4xW2vyEJKj+BsbTow=) 11: aAu5S5IbLCTcHF2sjNSq_YvIkRs.roa (hash: Ofs8Vq4O2KmWTmDnq5aKJmZojKw/IVecQ8WTuC45ixk=) 12: fjY_g_wwgFPVt57q0tJYGzzoSDw.roa (hash: qq4Ldl54/taiWut/8vwq9PH71gezdeLMf1VMPmsHUe8=) 13: pw1_qD5J6o76enPdGNTr_4Viub8.roa (hash: L6pLEncIISYEMGBKzu7DbyUXVYEOgT4kfh4modTEATA=) 14: qigZWtFurHaD054OcaOqq49am_w.roa (hash: Sa19eTl0ldE9k7oxfeYcou5g3EZnF3X8bF0Hbur3zdE=) 15: tKmEC4MB5hqVQbFF_5qlwwlDujU.roa (hash: DWWPvUtVR9Z8569/gJySYMoNxwD1GjHbMP8gxFtXEzs=) 16: tRNXUlx68rKP9UOE-hhExB1kws8.roa (hash: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=) 17: ve2cUb4I36o88cUncaHeOHK5tGk.roa (hash: 6gTupRG97QR/JQvN8ay2tdbOI4Q3EMkpnACGQxjxniI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 29 Jun 2025 09:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:97:b5:c4:d1:e2:4c:b0:c1:8a:1d:54:88:88:9f:de:3c:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Validity Not Before: Jun 28 09:01:04 2025 GMT Not After : Jun 29 09:01:04 2025 GMT Subject: CN=45170a8f867d803c9d39821b3ad62c253f99cd66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:1b:f2:60:1d:12:e3:83:6b:1a:45:d6:06:da: 03:8e:b6:5a:38:70:e1:59:d9:f4:fd:a8:71:6f:f1: af:24:dc:8c:0f:b5:46:4b:c5:07:d3:a6:44:9a:28: a3:67:ab:a3:45:e4:22:25:da:5b:40:e8:c8:c7:65: e3:f3:55:ce:b5:24:17:23:85:53:54:a1:30:11:b3: 7b:a7:2f:44:98:35:fb:1c:97:ab:0a:4f:cd:28:92: 58:ab:65:10:df:a7:0c:e4:fc:aa:02:7d:8a:bf:2b: 30:1f:4c:b1:9f:c0:77:f0:45:7e:1e:ad:c0:7c:87: a5:61:ac:58:7c:b1:b8:b5:95:65:9d:aa:aa:4a:72: fb:9b:ee:a3:3d:75:22:7a:1b:33:0e:93:d9:ca:20: 46:58:51:6e:bd:51:af:af:a0:64:29:a2:a4:62:84: 3e:29:64:15:e6:52:6f:f8:35:73:29:29:84:99:4f: cf:75:b7:0e:f7:ba:e6:a2:97:65:fe:5c:00:1e:7e: 52:28:aa:09:1c:d2:6e:70:ac:d3:92:99:75:b5:27: 9d:33:f8:3c:bd:b1:5b:38:61:64:84:93:1f:6c:1a: e1:c6:2b:30:b2:50:d4:56:f1:51:de:d6:b8:42:cf: 2d:5c:c8:b2:2a:42:3b:c5:02:23:ca:33:cb:b4:3c: 65:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:17:0A:8F:86:7D:80:3C:9D:39:82:1B:3A:D6:2C:25:3F:99:CD:66 X509v3 Authority Key Identifier: keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:96:d5:ff:7d:3c:9d:e3:d3:79:09:5d:82:bb:b7:b5:a4:93: f3:42:ea:f0:62:c0:41:a1:55:d9:71:73:e9:09:84:4d:68:08: a9:0b:ad:35:e4:8c:51:41:c5:5c:bf:2f:16:7e:61:79:44:8d: ad:de:0f:14:b2:b7:67:d6:4d:25:e3:99:d9:13:db:0f:1b:96: 64:57:71:45:56:0e:2f:98:fc:07:ed:6d:4e:33:9a:6c:d4:4b: 46:55:4a:7b:ae:cf:e9:03:86:0e:d8:2d:ad:e1:87:e9:9a:4b: 44:bd:03:40:0a:80:7c:a8:f9:b1:85:54:01:98:28:d8:d8:a0: 37:e2:1c:1e:0d:8d:25:77:61:5f:4b:db:bd:54:2a:e9:85:46: b6:27:0e:da:44:00:f3:55:19:51:40:11:51:3d:7e:f1:bc:6c: e8:3c:74:62:b9:74:52:9e:ae:de:2a:06:63:ad:49:ee:62:6a: da:22:59:f2:5f:49:58:55:89:19:1e:10:4d:85:2e:8a:ec:a0: ec:78:ce:b6:c9:80:4d:aa:bb:e8:53:00:53:09:ca:0b:02:db: 8b:3f:ea:eb:58:33:b2:f7:98:72:84:da:d6:f5:97:1b:38:6b: 82:fe:25:86:64:8a:c5:f3:c9:0e:bb:13:3f:ff:d5:3c:fd:93: eb:81:ed:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZe1xNHiTLDBih1UiIif3jwhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx OGM5YmMwHhcNMjUwNjI4MDkwMTA0WhcNMjUwNjI5MDkwMTA0WjAzMTEwLwYDVQQD Eyg0NTE3MGE4Zjg2N2Q4MDNjOWQzOTgyMWIzYWQ2MmMyNTNmOTljZDY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBvyYB0S44NrGkXWBtoDjrZaOHDh Wdn0/ahxb/GvJNyMD7VGS8UH06ZEmiijZ6ujReQiJdpbQOjIx2Xj81XOtSQXI4VT VKEwEbN7py9EmDX7HJerCk/NKJJYq2UQ36cM5PyqAn2KvyswH0yxn8B38EV+Hq3A fIelYaxYfLG4tZVlnaqqSnL7m+6jPXUiehszDpPZyiBGWFFuvVGvr6BkKaKkYoQ+ KWQV5lJv+DVzKSmEmU/PdbcO97rmopdl/lwAHn5SKKoJHNJucKzTkpl1tSedM/g8 vbFbOGFkhJMfbBrhxiswslDUVvFR3ta4Qs8tXMiyKkI7xQIjyjPLtDxlFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEUXCo+GfYA8nTmCGzrWLCU/mc1mMB8GA1UdIwQY MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5 LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVZbV/308 nePTeQldgru3taST80Lq8GLAQaFV2XFz6QmETWgIqQutNeSMUUHFXL8vFn5heUSN rd4PFLK3Z9ZNJeOZ2RPbDxuWZFdxRVYOL5j8B+1tTjOabNRLRlVKe67P6QOGDtgt reGH6ZpLRL0DQAqAfKj5sYVUAZgo2NigN+IcHg2NJXdhX0vbvVQq6YVGticO2kQA 81UZUUARUT1+8bxs6Dx0Yrl0Up6u3ioGY61J7mJq2iJZ8l9JWFWJGR4QTYUuiuyg 7HjOtsmATaq76FMAUwnKCwLbiz/q61gzsveYcoTa1vWXGzhrgv4lhmSKxfPJDrsT P//VPP2T64HtVg== -----END CERTIFICATE-----Generated at Sat Jun 28 19:47:35 2025 by rpki-client