$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft File: AOT2p3Not87P5nIgtDZXax4Aiuw.mft (raw, json) Hash identifier: 8fIB+3padnXEmvuNCnGQHWkBObbkmxxcxecFibsaEho= Subject key identifier: 94:7F:6C:40:0D:8C:22:E4:9D:4B:C7:F6:C9:8C:AA:72:A3:C9:A3:A5 Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec Certificate serial: 0199FBB3772D688843F84813E22B1A6F16F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft Manifest number: 17D9 Signing time: Sun 19 Oct 2025 09:01:06 +0000 Manifest this update: Sun 19 Oct 2025 09:01:06 +0000 Manifest next update: Mon 20 Oct 2025 09:01:06 +0000 Files and hashes: 1: 9T56n42qcdDdN0gF0u82-0VAGAQ.roa (hash: uBMriIGAK+N61tGdoiuf0CM9PKKxee+sm/hbz3LttmE=) 2: AOT2p3Not87P5nIgtDZXax4Aiuw.crl (hash: 1rNg4yeM9QSWSAWjxKQTo1MQa1BrvtmsPJbAN3kPX8s=) 3: BY6vuao8dzcdWvFAFv0TrK8gbcs.roa (hash: ZDN7wXgq4/TF65FlyVO+h6CqqGxfq850Jit0suO59Nc=) 4: Fx5duu0Ld8OdzLL9KF_NytqnjQA.roa (hash: 1whwQcv4ojRdYkBS0qo2bjfiBAmUfpQ+IDeYrF1v1/0=) 5: Svvhgo8X1drpMq_QokkBFa4W80w.roa (hash: eEM6GVW64ZPHTJr6mZ27nOJM8iax+cOishqtH69OQFE=) 6: USyW0O_6fcBP2bF0PoHV0RL6-Y8.roa (hash: rYcvR45gztdgTjrFLAUTrj+3T6dDm1wWFyZUivL/lkQ=) 7: UqESFWwPTzjbApEAfUlqEqe0RQE.roa (hash: s8ahaYu2umakIkOHunLEsrzEdAIsc7vrgdaPFAJX/B0=) 8: UwuhHIRc9qSfEX6XGunAr85dyEA.roa (hash: v6KOr1rmHDt+GxwNeTG+w6jxSzGnr+bSVua9Q4OO8C0=) 9: VkkvGMtenz96Ubj3KDzXyym1LzY.roa (hash: E/GDo41oktFV73vvuiDk3fNXk8LkaX2ghEwTcizgkaw=) 10: kLCDMTUTRbJeJajr_KP2p663xqk.roa (hash: Cd9LBaXNUzFq1myVM5COYVtjKiIjTzwaQ7rIDyhpbzE=) 11: mS1g5aNaOIe32m5_FgfjTc6VbP4.roa (hash: DRqrjZnRKpeQWBmj82tLSsN99MhvkwnNbbxykbvBnVg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 06:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:fb:b3:77:2d:68:88:43:f8:48:13:e2:2b:1a:6f:16:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec Validity Not Before: Oct 19 09:01:06 2025 GMT Not After : Oct 20 09:01:06 2025 GMT Subject: CN=947f6c400d8c22e49d4bc7f6c98caa72a3c9a3a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d9:e6:4a:d2:65:64:3a:c6:d9:30:59:39:39: be:46:90:4c:de:91:87:30:9f:46:99:b3:6e:ad:36: 7d:75:24:2d:97:d2:38:ba:2a:aa:7d:03:50:5e:6b: 99:8d:d8:7f:ff:28:29:15:08:4f:88:e2:0f:2c:a7: 8a:9b:20:df:93:45:e9:fb:d4:aa:d4:86:26:7f:d8: b7:3c:d0:bb:73:0e:c2:bb:b1:ea:15:34:a1:7f:e6: 50:78:82:db:b1:fe:94:59:94:50:06:d9:e9:43:2b: 01:1c:ea:d4:73:4d:c2:9c:63:85:d9:72:ef:ac:08: cb:ae:19:48:13:7b:58:2d:5e:f2:0b:e9:ae:59:e4: 1e:1b:be:9b:25:f0:5b:5a:bf:f1:53:07:75:b0:51: f5:78:67:b6:c8:21:80:8e:d7:9e:c0:fe:8c:25:a3: 20:fa:64:20:f8:58:d8:48:eb:82:0e:2b:b4:02:82: 13:74:12:03:68:0c:92:4a:61:59:e6:b8:94:91:15: c4:ae:c9:93:9f:f9:64:0a:65:64:47:08:dc:92:da: f8:a2:fb:65:dc:be:af:0e:a5:d6:6e:56:15:dd:bf: 3e:20:bc:a3:d8:12:35:21:e4:92:8d:9e:90:c7:4d: b4:72:da:f4:be:25:59:d5:16:38:03:3e:f6:8d:78: 08:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:7F:6C:40:0D:8C:22:E4:9D:4B:C7:F6:C9:8C:AA:72:A3:C9:A3:A5 X509v3 Authority Key Identifier: keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:98:6d:cd:8a:ef:c7:42:a3:90:aa:0a:3e:cd:f1:db:6f:96: 3a:fe:4c:9e:59:1b:be:b4:5f:23:54:cc:66:8f:c3:dd:b2:e8: e7:ac:69:5a:8b:f5:ce:6c:3b:2f:7b:ec:bd:8b:c8:0a:16:bf: 12:bf:c2:a2:28:8d:9c:24:52:10:66:95:09:9a:e7:71:61:e6: 37:4a:45:7e:ab:8a:14:4a:fc:70:06:12:09:a7:95:83:51:e1: c2:25:a8:77:c8:68:a8:1b:41:28:1a:14:f1:05:5a:82:78:ae: 9e:38:0b:99:dd:a8:fa:53:5c:5a:ad:3c:6a:8e:d2:8d:ce:a0: f6:d5:43:6f:2e:91:dd:49:00:2d:d2:36:7a:80:67:a8:ed:58: 6d:4e:fe:e4:da:cc:2b:0a:77:dd:71:d9:ab:dd:e9:8f:14:d1: 5e:b9:13:fd:57:9c:fa:31:7f:4d:6f:a6:8b:76:28:19:27:cc: 03:f0:10:ee:dd:c6:d1:75:0c:2d:15:d6:4c:0c:0d:21:7c:7d: 1f:54:a3:b3:ed:06:2e:75:04:d3:62:98:bd:40:38:a6:d6:49: 03:f4:cb:42:9a:8d:97:73:94:c6:b4:68:dc:86:c9:58:c0:66: 08:72:c7:d3:1c:f2:82:75:af:f1:a1:2d:b7:f6:ac:3f:4c:23: 42:84:c1:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZn7s3ctaIhD+EgT4isabxb3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw MDhhZWMwHhcNMjUxMDE5MDkwMTA2WhcNMjUxMDIwMDkwMTA2WjAzMTEwLwYDVQQD Eyg5NDdmNmM0MDBkOGMyMmU0OWQ0YmM3ZjZjOThjYWE3MmEzYzlhM2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NnmStJlZDrG2TBZOTm+RpBM3pGH MJ9GmbNurTZ9dSQtl9I4uiqqfQNQXmuZjdh//ygpFQhPiOIPLKeKmyDfk0Xp+9Sq 1IYmf9i3PNC7cw7Cu7HqFTShf+ZQeILbsf6UWZRQBtnpQysBHOrUc03CnGOF2XLv rAjLrhlIE3tYLV7yC+muWeQeG76bJfBbWr/xUwd1sFH1eGe2yCGAjteewP6MJaMg +mQg+FjYSOuCDiu0AoITdBIDaAySSmFZ5riUkRXErsmTn/lkCmVkRwjcktr4ovtl 3L6vDqXWblYV3b8+ILyj2BI1IeSSjZ6Qx020ctr0viVZ1RY4Az72jXgIKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJR/bEANjCLknUvH9smMqnKjyaOlMB8GA1UdIwQY MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt YjA3ZDg0MTZhZTRhLzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASphtzYrv x0KjkKoKPs3x22+WOv5MnlkbvrRfI1TMZo/D3bLo56xpWov1zmw7L3vsvYvICha/ Er/CoiiNnCRSEGaVCZrncWHmN0pFfquKFEr8cAYSCaeVg1HhwiWod8hoqBtBKBoU 8QVagniunjgLmd2o+lNcWq08ao7Sjc6g9tVDby6R3UkALdI2eoBnqO1YbU7+5NrM Kwp33XHZq93pjxTRXrkT/Vec+jF/TW+mi3YoGSfMA/AQ7t3G0XUMLRXWTAwNIXx9 H1Sjs+0GLnUE02KYvUA4ptZJA/TLQpqNl3OUxrRo3IbJWMBmCHLH0xzygnWv8aEt t/asP0wjQoTBrg== -----END CERTIFICATE-----Generated at Sun Oct 19 13:07:03 2025 by rpki-client