$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft File: s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft (raw, json) Hash identifier: jWa+Ip0dWrRh2uw1LAEfR6zX0bMspwDdcwOknu+YV5k= Subject key identifier: C4:97:0D:3C:E7:DE:C1:A5:8F:98:39:F2:85:A9:D8:B4:CB:31:A0:11 Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 0197C5010079FFE0B174B15638BDA6E3A608 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft Manifest number: 15D3 Signing time: Tue 01 Jul 2025 08:01:06 +0000 Manifest this update: Tue 01 Jul 2025 08:01:06 +0000 Manifest next update: Wed 02 Jul 2025 08:01:06 +0000 Files and hashes: 1: 1IyxB14_QkLsvmLRx3j-3a6Zjk4.roa (hash: htWKauGvhiwmC3uhHI9F9baGTADLWNpjXIog5aUAkzA=) 2: Hrw24NCuWIUCpkj_ixSA3ykRPr4.roa (hash: EL86DxycBZAbHkapsC+FVYde7DJDbg6IvsLrlIhK4Mg=) 3: HzkqLbs1liYqOOnORyYsONDUWCk.roa (hash: uXYRvHJ6LJgN5jTlxHsTjXJyetqQoAXwubqH0//UAWg=) 4: KW8HM7Vt-viFSQssh-MaAGQ56LI.roa (hash: LVB3HoG1zrGwq6DA6Whlqb+iZJnipajeWgJUkFDtgQ8=) 5: LMWubVuf7cJuSG5rD2NRgzDK5TM.roa (hash: BApiahutiwbQpT3is1YK4Anf4y1KpsDk2PWh/oiETuo=) 6: N8YU9P6afQ3l1ax9yLIDe6D0fIk.roa (hash: EU77Dk5F7GrtkJ85p7yvIHvzXNj6aNgdhN+Tn5j+zs0=) 7: NxaezdRi3ofV0Ea6FtmKMCg4Xno.roa (hash: OxfdQ+cdMI49CYY0Q1jeMkKHuJPcs1w/NoTD4eAZ2MA=) 8: jGaeQ05R3hLIsxNTb7dpc8FaO6w.roa (hash: 4TEbxdiinYCpm4mycPqOwDmBBxQQxUxqZfGO0t4kbOg=) 9: mSsD_9FMfN2LP7M_Mwsa2ue8f54.roa (hash: 9X0dNAuuQyEHvxBMN4gp2QewnB9NGpB0KtQCW0IE4VU=) 10: oRsHwl0lqDdQsW8I1c5igLUyNzs.roa (hash: 8g9A+Hdue1idAErOv1qWZKgEKPMgG/A4+RlDqNfgnkI=) 11: oreGjQwv74g6OpxObQTCv-MnU1M.roa (hash: d1IJwSRdqQjA5VA/VLC7+miffsmnB8Nxer6G7ClHfMc=) 12: p2_R78qfiRDhzvxPsVGCBtVmaJE.roa (hash: AfONkYdMNZkN9Er/D4pbys1uxPQQYlJm+sdpKa5QxNI=) 13: s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl (hash: NYHGpz++i7hX8l9HWfvpl/+akuLhS92wgmtD5+804sg=) 14: wjy1-qmg6rYR0UilXbPOrktmKnc.roa (hash: OCHLZL4VOIDtWxajhki14b+EkeW6juZq6cOYKpzs8QI=) 15: xMcgE5el8x0M_rTEbVyhY3X3x1c.roa (hash: PGLJrZJLBXcLan5LC1jzJXTcMWQ+drrbyWZOiA3GgNU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 02 Jul 2025 08:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:97:c5:01:00:79:ff:e0:b1:74:b1:56:38:bd:a6:e3:a6:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Jul 1 08:01:06 2025 GMT Not After : Jul 2 08:01:06 2025 GMT Subject: CN=c4970d3ce7dec1a58f9839f285a9d8b4cb31a011 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:17:22:5e:0e:31:79:2c:05:7f:05:67:d8:e1: de:42:c6:b6:b3:c1:c7:73:c9:e3:ea:1d:cb:13:90: 82:e3:86:69:01:76:a1:aa:24:a0:1e:65:ae:09:d8: 0e:aa:01:26:f9:da:b8:e1:24:d8:68:6a:37:6b:dd: f7:89:80:40:7d:67:6e:c8:67:0e:5b:80:44:83:05: c0:3a:a7:19:b1:e6:26:d0:29:5e:54:d1:c0:92:a0: 62:66:c8:9c:bd:a7:37:a8:ba:fd:54:97:bf:95:5e: 1b:54:0a:51:ad:d5:c2:5c:9d:4a:b5:f7:b9:1f:12: 4b:a5:17:10:af:fb:22:84:26:23:c8:9e:ba:dd:da: 4a:ab:6b:a7:5a:ec:84:fc:2c:ea:7e:63:c3:6b:57: b2:dc:b2:cc:26:6a:87:6e:9e:ee:c6:ac:e3:79:73: ae:dd:2b:56:f4:b9:10:80:c0:df:5a:c3:bc:a7:75: 42:92:2d:fb:c0:49:3a:d7:17:da:d3:76:4e:29:cd: 74:57:0b:48:27:90:4a:c1:52:f1:c5:8f:45:d2:49: 0a:2d:b8:d2:64:bf:a2:c8:21:28:e7:ea:ef:7d:6f: 4e:22:cb:2d:84:91:d9:aa:47:2a:12:56:70:ee:e6: 22:0b:08:1f:4b:f0:4b:fb:84:df:7b:ac:2b:6b:97: 09:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:97:0D:3C:E7:DE:C1:A5:8F:98:39:F2:85:A9:D8:B4:CB:31:A0:11 X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:d0:18:c2:a6:ef:49:bd:52:78:c2:e9:a2:8e:1d:d1:47:66: 67:c5:a9:fe:9b:63:74:5c:60:9a:ba:45:8f:0c:17:e5:c2:3b: 3a:cd:ff:66:dd:72:90:11:ca:ce:6f:74:fd:49:e2:4c:eb:f5: 0d:e6:2b:a8:f4:e2:f9:ab:ed:f2:3e:2d:d4:e6:85:6a:80:4d: d4:4b:af:5e:01:33:36:14:8a:b7:05:c8:9d:df:5d:9a:9f:41: 2c:65:53:34:62:04:5c:ac:b7:50:6a:cd:85:4e:d2:db:6c:fd: 54:7c:8c:eb:d4:24:9c:ed:54:10:16:57:20:16:c3:be:ff:49: 98:64:fa:33:2a:5e:57:c2:c6:51:fd:35:98:fb:da:0f:6d:57: aa:ea:3e:f6:c3:fc:fd:09:8a:a0:be:2d:6c:e8:a1:14:01:aa: 00:d9:81:da:61:e8:ef:fa:5e:ef:1c:bc:52:fc:7b:6d:17:29: 75:03:b1:55:73:a0:c8:c9:80:75:31:65:0b:08:fc:be:13:22: 0f:af:63:3c:d5:52:c9:6e:a9:fb:06:12:d9:af:52:bf:73:32: b7:27:99:90:18:cd:9c:0f:32:ef:90:e9:62:3b:2d:92:31:94: 5f:5a:f4:bf:63:c0:0a:37:b6:36:51:58:d4:a7:4c:7b:10:88: d3:61:1e:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZfFAQB5/+CxdLFWOL2m46YIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjUwNzAxMDgwMTA2WhcNMjUwNzAyMDgwMTA2WjAzMTEwLwYDVQQD EyhjNDk3MGQzY2U3ZGVjMWE1OGY5ODM5ZjI4NWE5ZDhiNGNiMzFhMDExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RciXg4xeSwFfwVn2OHeQsa2s8HH c8nj6h3LE5CC44ZpAXahqiSgHmWuCdgOqgEm+dq44STYaGo3a933iYBAfWduyGcO W4BEgwXAOqcZseYm0CleVNHAkqBiZsicvac3qLr9VJe/lV4bVApRrdXCXJ1Ktfe5 HxJLpRcQr/sihCYjyJ663dpKq2unWuyE/CzqfmPDa1ey3LLMJmqHbp7uxqzjeXOu 3StW9LkQgMDfWsO8p3VCki37wEk61xfa03ZOKc10VwtIJ5BKwVLxxY9F0kkKLbjS ZL+iyCEo5+rvfW9OIssthJHZqkcqElZw7uYiCwgfS/BL+4Tfe6wra5cJuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMSXDTzn3sGlj5g58oWp2LTLMaARMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcNAYwqbv Sb1SeMLpoo4d0UdmZ8Wp/ptjdFxgmrpFjwwX5cI7Os3/Zt1ykBHKzm90/UniTOv1 DeYrqPTi+avt8j4t1OaFaoBN1EuvXgEzNhSKtwXInd9dmp9BLGVTNGIEXKy3UGrN hU7S22z9VHyM69QknO1UEBZXIBbDvv9JmGT6MypeV8LGUf01mPvaD21Xquo+9sP8 /QmKoL4tbOihFAGqANmB2mHo7/pe7xy8Uvx7bRcpdQOxVXOgyMmAdTFlCwj8vhMi D69jPNVSyW6p+wYS2a9Sv3MytyeZkBjNnA8y75DpYjstkjGUX1r0v2PACje2NlFY 1KdMexCI02EeCw== -----END CERTIFICATE-----Generated at Tue Jul 1 18:30:55 2025 by rpki-client