$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.mft File: Kb4C3qCghumID1ZMhocrvFl8xnI.mft (raw, json) Hash identifier: f7AJyCNdmzBWHOfGMaJwNCAE4ZcYNFbNYe7eFrKVoPA= Subject key identifier: 85:6C:21:66:83:3D:C0:96:26:B0:78:04:58:CB:80:49:16:38:45:03 Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72 Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672 Certificate serial: 0198D58354341E09E75148444D9505D0AF7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.mft Manifest number: 143A Signing time: Sat 23 Aug 2025 06:00:10 +0000 Manifest this update: Sat 23 Aug 2025 06:00:10 +0000 Manifest next update: Sun 24 Aug 2025 06:00:10 +0000 Files and hashes: 1: 6KpBI63kEhQRzmhRvVQxSFsUBTI.roa (hash: Ckcyw44N8h4Yete0VsDquepnFPzly6G4UPrg1n68+p4=) 2: Bl50d2SW5pMGbeTLnaL144PRWUQ.roa (hash: bI5Yiq9+r3/RdML3fweIl1fiyaU2NaLiJvR9z1M6k50=) 3: Kb4C3qCghumID1ZMhocrvFl8xnI.crl (hash: HtbZ4LSEv8n28i8MkZxD/nReIaavncKmSF87/FPOOTU=) 4: MLMPGj8H9Pi_UwBtlTfByiigjfM.roa (hash: pC0aw2jiKroOvxcRGHKOge3OdR3RFQ8raECTuPmJMXM=) 5: OHP3S03u5tMHflzGMFoSd5vTyZk.roa (hash: nGDY1zJo3dHSTN2PJe0pXCx8heywXO+QdXtgHJbEB2A=) 6: RZnwVTO26PBx3a68dhxrN-N2_9U.roa (hash: 2uzv1j/fxffpUq8amOpURgwfPrkNCx7YPSsxO/BHSJk=) 7: XkZDM_8IFwDF5TaEYGBCOeA1rnY.roa (hash: wJ3Nd2iWllTHLJTwVq5JnkwdVdkkialVRVjZAGjLaUA=) 8: aB7sKw4yBEcglwqSevB86YJRj7Y.roa (hash: PH14Cm3gVr59rgH3FX69SJ0GUOOG1kpk0YkBDPc5P9M=) 9: j1JcZG88WoDJIAs0TuxaORvfLro.roa (hash: yIeCKxXutjytoAiiGxkiUBSn0Vk24wB2GDbKm+IJthI=) 10: nwUsD1fndRShZT-s5ssppnOFmiI.roa (hash: 5Gw61qVpay4Kz2GbqbYja1rnv6svDc1Ma6KW2KgO/Fk=) 11: zphCyxB7JvvZfrdVh3qU9-FSl5c.roa (hash: PYY+kdRiBf7TYzIHyOP800eu0rdgwqkk9pHLsntWJR8=) 12: zvPA1UGui-igyOCxkJMwtvZ5S28.roa (hash: /AfKz5TxnkzdqXaxQMADqDtWb4d/fIp2oXqMIKdkCNA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.mft rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Aug 2025 00:37:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:98:d5:83:54:34:1e:09:e7:51:48:44:4d:95:05:d0:af:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672 Validity Not Before: Aug 23 06:00:10 2025 GMT Not After : Aug 24 06:00:10 2025 GMT Subject: CN=856c2166833dc09626b0780458cb804916384503 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6c:aa:99:75:70:f2:dc:a1:d2:9d:92:a5:7d: e0:8b:a2:c2:bf:9c:49:f8:c7:91:da:c8:7e:ea:b8: fa:48:75:d7:b5:8d:29:0f:f6:b7:0a:17:e7:45:65: b3:5c:b1:08:38:70:ae:c1:23:5d:94:da:04:83:22: cd:c7:3f:ec:d4:84:71:83:10:57:90:72:69:81:2d: 3b:3a:a1:c6:d2:8e:bc:49:78:b7:b3:a9:db:dd:08: 65:90:ee:c1:ae:54:a9:4c:5a:3e:b6:cd:61:4a:4d: 95:5d:7c:08:3b:a3:80:0c:0f:ba:bc:f3:af:17:f5: a9:a9:ca:72:2d:51:7e:69:f6:ee:00:b0:bc:b3:5f: 83:fa:f6:47:7c:c0:bb:30:d4:40:09:da:f4:1d:96: 28:8a:93:97:4c:1a:6f:22:73:66:19:64:69:8e:59: 75:8c:02:50:a4:13:92:2f:ec:9b:53:98:f6:74:cb: c0:15:29:0e:82:96:6c:b9:03:2c:21:a9:17:61:b0: 66:f6:49:15:2a:5e:06:cc:46:86:a3:32:3e:a8:e1: 06:fc:d6:99:74:79:a9:96:81:93:11:3a:e8:0a:c7: ab:43:3a:ac:ec:0d:87:40:20:e6:df:97:55:50:19: bb:01:b2:d0:bb:d8:fe:64:6f:55:fb:0f:7d:5f:ea: 8f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:6C:21:66:83:3D:C0:96:26:B0:78:04:58:CB:80:49:16:38:45:03 X509v3 Authority Key Identifier: keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:4f:40:d8:14:a0:0d:5d:de:c1:12:bf:e7:47:ab:07:b4:79: 64:d5:91:9f:dc:05:46:7d:bf:42:ed:ff:1c:7d:1e:81:e3:d5: f1:91:77:34:f0:35:40:51:67:08:49:00:82:a2:c0:0b:b2:ce: 99:e2:cf:56:7b:a7:82:b9:71:d0:f3:8a:09:8a:d7:75:73:8a: 08:ec:18:b2:dc:e4:b5:a5:53:9d:29:3d:30:82:cd:29:35:c5: 4f:aa:82:bf:03:1c:68:b8:1a:50:8a:69:44:3a:53:93:39:c7: 2f:86:f1:3e:52:8e:6c:c5:5e:41:85:86:34:fb:fa:23:00:d3: 81:3c:85:04:18:63:ff:da:fa:d3:f6:14:15:a7:ad:82:0d:70: 98:20:66:67:a6:3f:dd:4f:8e:e5:f9:25:d3:c4:40:5e:7f:b5: aa:cc:31:c1:17:c6:3d:2e:41:df:30:ef:73:5b:a4:bc:38:bb: 57:2d:3b:9c:af:e9:8e:0c:ee:a2:0b:63:1d:0e:bf:db:01:10: 1a:0e:17:4f:98:3b:f7:c1:ee:35:cc:d3:d2:97:46:39:12:be: c4:71:d4:38:56:98:f5:ea:d7:9b:ec:ad:f5:05:19:a7:ad:02: e2:dd:6b:49:97:0f:24:60:ed:29:fd:44:77:7a:51:9d:46:5e: 22:fc:0c:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZjVg1Q0HgnnUUhETZUF0K9/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3 Y2M2NzIwHhcNMjUwODIzMDYwMDEwWhcNMjUwODI0MDYwMDEwWjAzMTEwLwYDVQQD Eyg4NTZjMjE2NjgzM2RjMDk2MjZiMDc4MDQ1OGNiODA0OTE2Mzg0NTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmyqmXVw8tyh0p2SpX3gi6LCv5xJ +MeR2sh+6rj6SHXXtY0pD/a3ChfnRWWzXLEIOHCuwSNdlNoEgyLNxz/s1IRxgxBX kHJpgS07OqHG0o68SXi3s6nb3QhlkO7BrlSpTFo+ts1hSk2VXXwIO6OADA+6vPOv F/WpqcpyLVF+afbuALC8s1+D+vZHfMC7MNRACdr0HZYoipOXTBpvInNmGWRpjll1 jAJQpBOSL+ybU5j2dMvAFSkOgpZsuQMsIakXYbBm9kkVKl4GzEaGozI+qOEG/NaZ dHmploGTETroCserQzqs7A2HQCDm35dVUBm7AbLQu9j+ZG9V+w99X+qPqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIVsIWaDPcCWJrB4BFjLgEkWOEUDMB8GA1UdIwQY MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt MDAzYTE1NjhiZjNmLzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWk9A2BSg DV3ewRK/50erB7R5ZNWRn9wFRn2/Qu3/HH0egePV8ZF3NPA1QFFnCEkAgqLAC7LO meLPVnungrlx0POKCYrXdXOKCOwYstzktaVTnSk9MILNKTXFT6qCvwMcaLgaUIpp RDpTkznHL4bxPlKObMVeQYWGNPv6IwDTgTyFBBhj/9r60/YUFaetgg1wmCBmZ6Y/ 3U+O5fkl08RAXn+1qswxwRfGPS5B3zDvc1ukvDi7Vy07nK/pjgzuogtjHQ6/2wEQ Gg4XT5g798HuNczT0pdGORK+xHHUOFaY9erXm+yt9QUZp60C4t1rSZcPJGDtKf1E d3pRnUZeIvwMAA== -----END CERTIFICATE-----Generated at Sat Aug 23 10:25:49 2025 by rpki-client