$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft File: P-3YXB7Mtf9LqTARenMpCZwP8us.mft (raw, json) Hash identifier: OJkQcrdUbF2Ee6jejqRk7MdAhl0mjH4YFrLfxL9MyxM= Subject key identifier: DD:C7:38:71:BD:BC:25:76:0D:61:AA:A0:FA:23:06:9C:D9:04:4C:AC Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb Certificate serial: 0199FF225CB1E6CB91C5B0F6B599E8AF05FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft Manifest number: 1709 Signing time: Mon 20 Oct 2025 01:01:05 +0000 Manifest this update: Mon 20 Oct 2025 01:01:05 +0000 Manifest next update: Tue 21 Oct 2025 01:01:05 +0000 Files and hashes: 1: 4SyAKG9FRt1gAFJy5VgH5PwxTRA.roa (hash: jTSIiH7dSb5EybAsEY+n22bAiKvGllq/AuPJ12+ncpM=) 2: BPvvMmPw0v2RXdpWWHfCuRUXY28.roa (hash: xZBsJjBvf0lTF+79AIT0zRbookilcef0qHIZ5VPCKjo=) 3: BZv8sGCcNALUX5pRivC_EjiidAY.roa (hash: h2vpw3fwMWMbbCOrxK6C72hr7+aeGxdeLm1OT0QOTJY=) 4: DGiTictajwWlIqV1Y3gB4SABHrM.roa (hash: Id5c1uksWgHuNXSqMulTJtxTXfw1/TAJk3AEd7b9YRQ=) 5: Mk65rzu_RkrceH34hYZR24Obsg0.roa (hash: rTzdbjg2prHl5GqIGFCWtd1Ib91ETCuwTrOfSPbAKbI=) 6: P-3YXB7Mtf9LqTARenMpCZwP8us.crl (hash: 1B0nyVqA4icFGwhKeM+1AHqWW3iBuIuzGuQSH9fgZBM=) 7: Q7Kremg5Fgj0SfkKKXdi8FJc68I.roa (hash: wwhqLnVWip/tEomt2waPsqqsK0Xf41SfYznp1QkJ0BM=) 8: VB2zjyzRbVcAI7qwybUzZhlXV-U.roa (hash: cbrJc/4RT0HiKhNiv2HtCVB5MjAEHV6aPZtCJF7/HaM=) 9: fScTC-RTAL4AeGIUFDXeFWgxNOU.roa (hash: LpQDvJVc9hMoS+6x9uoQSz8d+i8pdM/6GrU1p5QPkoU=) 10: gjV1b6nl-2sIdV0OViEWc13VOgw.roa (hash: YJxg+E5odCH0e5CDjaGL8I+42oC/IlpXfOKgoo/xCo4=) 11: i_vdOGwxPt-bikrKCsCq4vU6o1Y.roa (hash: Oi88txSdII7ssSiwm/zvR3/xE/bpdarLSDiFGBrNlqs=) 12: jLM5t3eg01fijHX5BZDxTUjpEGU.roa (hash: zlqEOh5qlKElj+/BR3gY6unzfRt8ygL6XM3lywwcPBU=) 13: jt3cdzogC_GhOHVIdQu1LfkbDrM.roa (hash: 4TbqHgl6LIIhOvKU0Ma8NpMAoh5pYOvW9g1cZnc89eY=) 14: mv1h37MzImfXhXtotGH2l6nUD-c.roa (hash: jma1UU++sReZAO/OYU5m4FrNNXuoRuTByWXR/ZHh5qk=) 15: pPSUgW-kch1wzV-mL74GjoJRYas.roa (hash: 14IsY2Pcu5B3SjJ5ycOJDXddH4w35As15arfEbi1nXc=) 16: sVq7ykDogd7cCsDF--hBK9DnjT4.roa (hash: yntzoQcvzBrX+tVilVNDQYJnh1oAW90RlNAXUQi35Kc=) 17: yUsdU2ULQpT4CaBLrnJG--v6B4k.roa (hash: nFPDGUe2wiSsXpmHy1xpSDCHB5E3thvkbalz4PA2+qg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 20:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:ff:22:5c:b1:e6:cb:91:c5:b0:f6:b5:99:e8:af:05:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb Validity Not Before: Oct 20 01:01:05 2025 GMT Not After : Oct 21 01:01:05 2025 GMT Subject: CN=ddc73871bdbc25760d61aaa0fa23069cd9044cac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:01:b4:5f:6a:33:44:ab:82:c4:d3:3a:da:48: ce:1e:9f:35:eb:66:a8:b9:06:aa:66:5b:99:22:08: ac:66:93:6b:a9:5c:b4:b5:fd:62:c6:ae:de:13:12: 92:4c:f7:9b:59:8f:c5:48:88:0e:75:b0:39:d1:b3: 30:71:cd:de:b4:d4:41:20:dc:68:09:34:6a:a1:0c: f9:c9:29:96:6c:d7:e5:b2:79:78:75:e5:43:a7:e4: 89:5d:be:32:77:e1:46:e0:ff:e9:42:e7:b1:99:b4: 8d:31:b6:4b:c5:f7:50:21:58:b5:bb:86:82:37:86: 16:e2:02:9a:34:81:ca:cf:d6:c1:36:fd:32:f6:8b: 7a:b9:20:7e:79:5f:2b:a3:f3:14:d2:90:ee:58:46: a1:4f:0e:c5:24:93:61:b5:fc:fb:85:c1:ae:a9:b1: e7:bb:89:c0:49:f5:cc:04:33:a5:1f:2e:30:c4:1f: f3:be:7c:bb:35:9a:ba:bc:93:b0:45:a3:00:6d:9f: 00:d6:09:99:4f:fc:ee:ad:cd:74:be:c8:14:45:03: 5b:4b:ae:76:dd:df:79:a3:7a:36:95:27:75:73:1c: f3:f2:3a:54:20:45:a2:00:c1:63:f0:58:86:1b:41: e9:b0:f3:15:43:9d:a8:99:04:be:7f:d5:d3:0a:4f: d1:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:C7:38:71:BD:BC:25:76:0D:61:AA:A0:FA:23:06:9C:D9:04:4C:AC X509v3 Authority Key Identifier: keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:b5:e5:dd:58:14:38:2d:f2:8a:50:5a:79:fb:ba:54:cb:1f: 67:b3:91:0c:0a:4e:91:22:50:2d:94:4c:ac:6b:47:68:96:d2: 97:41:9b:57:f6:21:68:5d:4b:f7:cc:81:18:06:53:1a:ce:41: bc:5d:01:ae:1f:25:f5:26:61:3a:a0:39:b9:61:df:3c:2c:1d: c7:b6:c1:de:24:be:50:f8:7f:bb:a8:d3:d3:74:bb:c0:28:68: 8f:58:22:8a:1a:d6:2a:62:a5:9c:26:67:9c:1b:3c:15:af:11: 6e:36:76:fa:e0:ff:15:5b:93:13:7d:26:9f:8d:27:dd:9d:2a: 2e:48:97:e0:76:ce:6a:07:b9:5a:23:16:9d:c5:58:0f:fb:60: 24:17:33:1d:3d:df:7f:61:5b:dc:87:62:99:2b:ff:40:59:1c: 78:dd:01:ef:a3:bf:95:eb:32:b3:ac:15:79:70:a4:14:85:6d: d4:5e:3d:df:06:82:80:cc:18:7c:6f:b0:41:81:30:d3:45:6c: 01:3a:af:4e:12:be:df:32:79:65:60:3f:a2:1f:b0:ce:0a:10: ab:fb:8c:5e:1f:2e:eb:53:3a:f0:8c:a9:75:49:b5:30:6f:ce: 08:09:8a:a1:bb:d2:44:b1:77:62:05:da:29:73:53:53:ec:f6: 77:7e:64:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZn/Ilyx5suRxbD2tZnorwX6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw ZmYyZWIwHhcNMjUxMDIwMDEwMTA1WhcNMjUxMDIxMDEwMTA1WjAzMTEwLwYDVQQD EyhkZGM3Mzg3MWJkYmMyNTc2MGQ2MWFhYTBmYTIzMDY5Y2Q5MDQ0Y2FjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAG0X2ozRKuCxNM62kjOHp8162ao uQaqZluZIgisZpNrqVy0tf1ixq7eExKSTPebWY/FSIgOdbA50bMwcc3etNRBINxo CTRqoQz5ySmWbNflsnl4deVDp+SJXb4yd+FG4P/pQuexmbSNMbZLxfdQIVi1u4aC N4YW4gKaNIHKz9bBNv0y9ot6uSB+eV8ro/MU0pDuWEahTw7FJJNhtfz7hcGuqbHn u4nASfXMBDOlHy4wxB/zvny7NZq6vJOwRaMAbZ8A1gmZT/zurc10vsgURQNbS652 3d95o3o2lSd1cxzz8jpUIEWiAMFj8FiGG0HpsPMVQ52omQS+f9XTCk/RZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3HOHG9vCV2DWGqoPojBpzZBEysMB8GA1UdIwQY MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt ZTJiNTI3NzI4ZTk2LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2 LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK7Xl3VgU OC3yilBaefu6VMsfZ7ORDApOkSJQLZRMrGtHaJbSl0GbV/YhaF1L98yBGAZTGs5B vF0Brh8l9SZhOqA5uWHfPCwdx7bB3iS+UPh/u6jT03S7wChoj1giihrWKmKlnCZn nBs8Fa8RbjZ2+uD/FVuTE30mn40n3Z0qLkiX4HbOage5WiMWncVYD/tgJBczHT3f f2Fb3IdimSv/QFkceN0B76O/lesys6wVeXCkFIVt1F493waCgMwYfG+wQYEw00Vs ATqvThK+3zJ5ZWA/oh+wzgoQq/uMXh8u61M68IypdUm1MG/OCAmKobvSRLF3YgXa KXNTU+z2d35kVg== -----END CERTIFICATE-----Generated at Mon Oct 20 05:35:13 2025 by rpki-client