$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: b0KVKFoE6U/kP9kDDbsRCM9dnImeqGATNvPOkFbwG5I= Subject key identifier: 6F:D2:64:B1:20:7F:D4:E9:EF:1E:38:CE:C3:76:1C:32:96:14:E5:79 Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 0199FC8F3D3A8B9D6AF9CB96FB2025CAF4B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 09A1 Signing time: Sun 19 Oct 2025 13:01:09 +0000 Manifest this update: Sun 19 Oct 2025 13:01:09 +0000 Manifest next update: Mon 20 Oct 2025 13:01:09 +0000 Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=) 2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=) 3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=) 4: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (hash: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=) 5: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: yhnk8NFg2n/kmQvGaL+h/xpFR0tGYb727wu92dR+zUQ=) 7: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (hash: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=) 8: cbgxDriMd1w8Ezk1j_uW9c-uk8k.roa (hash: RA/kZIx4fzU+RCbQ8O1BxIKCZRJDjC4JRLSNt3ovrQ8=) 9: cblkW3ZYAZ5VQl8X3gHLFnE7S8g.roa (hash: +MK4cG6/hNPklJaXz5PxE5zp6rLCIwlFMKcCPx37Jxo=) 10: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=) 11: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (hash: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=) 12: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=) 13: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=) 14: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=) 15: puM6zDTCACkm8XM63GmrJCmb9w4.roa (hash: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=) 16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 06:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:fc:8f:3d:3a:8b:9d:6a:f9:cb:96:fb:20:25:ca:f4:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Oct 19 13:01:09 2025 GMT Not After : Oct 20 13:01:09 2025 GMT Subject: CN=6fd264b1207fd4e9ef1e38cec3761c329614e579 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:b5:a8:5e:c9:b0:8e:0d:ef:e7:69:52:6c:01: 2f:2e:f2:41:a4:49:af:c1:49:cf:b4:4f:94:84:96: 1a:5f:40:5d:60:d9:b8:84:f7:f7:33:b1:df:61:f1: 9d:4e:c5:a0:ed:95:a3:8e:b7:0c:02:1e:10:d5:f0: 09:06:75:13:39:dd:25:5a:4a:d6:89:d7:52:0b:12: 92:82:d3:eb:8f:df:83:2f:55:79:55:b2:0c:cd:69: b0:2e:0c:df:81:07:7b:ee:7e:83:fd:9a:36:ca:c8: b9:a4:56:01:5e:af:33:74:21:26:e1:f3:d5:b5:37: b5:bb:ca:4f:10:83:72:87:ce:2b:c2:9d:f7:9a:d2: 43:7b:93:db:af:30:1a:54:e8:75:ee:5e:3f:fa:40: 37:ee:3f:c2:0f:4b:27:8e:22:e7:61:73:36:08:11: b6:ec:de:e5:1f:18:0b:35:91:e2:37:c3:68:33:f4: bf:a1:cc:d3:a7:0a:a7:82:9a:d2:db:10:a6:ca:5b: a5:60:f0:8c:10:f2:3e:cc:54:00:61:2f:8f:f7:c0: 2f:da:bb:b4:41:74:69:bc:c7:95:a8:d8:15:50:e2: 59:f5:de:eb:f0:57:df:57:51:45:e9:a9:a5:98:24: ca:7f:57:66:d6:8a:92:c3:08:5b:37:e8:65:b7:76: 35:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:D2:64:B1:20:7F:D4:E9:EF:1E:38:CE:C3:76:1C:32:96:14:E5:79 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:a1:75:00:99:33:60:9a:f5:92:af:7c:59:b3:05:46:5c:f0: a9:07:4b:00:e7:07:38:91:e4:20:d5:32:92:e2:e5:f9:68:41: 7b:1f:11:bd:9a:bd:48:13:a1:96:ce:d9:f3:10:17:99:10:94: 0a:b9:e7:71:7b:76:89:13:7f:a1:42:7c:df:83:25:34:cd:a0: b1:f7:ff:8c:ec:a1:f0:93:98:d9:06:a6:5d:2d:f4:12:f4:9e: 31:8d:44:7b:78:54:f8:0d:ed:3d:e2:b2:fc:97:ad:da:a2:4f: 82:b3:16:ff:60:a1:cb:e8:84:dc:ff:c0:f1:b3:52:f9:76:3e: 1d:8f:b0:b6:c6:ac:89:fe:b5:73:77:a5:35:b3:58:3d:c4:a2: 4e:ba:cc:11:8c:d4:b1:51:92:98:5d:cc:47:a6:3c:ce:c8:36: a6:f5:05:6f:34:4e:36:5a:29:04:7f:51:24:d0:e8:03:84:b4: d5:14:59:e6:89:1f:5f:31:42:a4:26:50:ec:02:43:1f:eb:02: e8:53:24:a7:19:7b:8d:7d:94:dc:41:39:65:b6:cf:8e:3b:47: ca:ed:c8:76:55:ca:6c:e9:75:ff:35:6e:aa:21:9a:73:0e:c3: 44:4a:73:50:bb:0c:86:b7:da:94:34:04:93:bb:fe:6d:3c:b5: 12:d3:5e:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZn8jz06i51q+cuW+yAlyvS0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUxMDE5MTMwMTA5WhcNMjUxMDIwMTMwMTA5WjAzMTEwLwYDVQQD Eyg2ZmQyNjRiMTIwN2ZkNGU5ZWYxZTM4Y2VjMzc2MWMzMjk2MTRlNTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbWoXsmwjg3v52lSbAEvLvJBpEmv wUnPtE+UhJYaX0BdYNm4hPf3M7HfYfGdTsWg7ZWjjrcMAh4Q1fAJBnUTOd0lWkrW iddSCxKSgtPrj9+DL1V5VbIMzWmwLgzfgQd77n6D/Zo2ysi5pFYBXq8zdCEm4fPV tTe1u8pPEINyh84rwp33mtJDe5PbrzAaVOh17l4/+kA37j/CD0snjiLnYXM2CBG2 7N7lHxgLNZHiN8NoM/S/oczTpwqngprS2xCmylulYPCMEPI+zFQAYS+P98Av2ru0 QXRpvMeVqNgVUOJZ9d7r8FffV1FF6amlmCTKf1dm1oqSwwhbN+hlt3Y1OwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG/SZLEgf9Tp7x44zsN2HDKWFOV5MB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqF1AJkz YJr1kq98WbMFRlzwqQdLAOcHOJHkINUykuLl+WhBex8RvZq9SBOhls7Z8xAXmRCU CrnncXt2iRN/oUJ834MlNM2gsff/jOyh8JOY2QamXS30EvSeMY1Ee3hU+A3tPeKy /Jet2qJPgrMW/2Chy+iE3P/A8bNS+XY+HY+wtsasif61c3elNbNYPcSiTrrMEYzU sVGSmF3MR6Y8zsg2pvUFbzRONlopBH9RJNDoA4S01RRZ5okfXzFCpCZQ7AJDH+sC 6FMkpxl7jX2U3EE5ZbbPjjtHyu3IdlXKbOl1/zVuqiGacw7DREpzULsMhrfalDQE k7v+bTy1EtNeEQ== -----END CERTIFICATE-----Generated at Sun Oct 19 15:21:02 2025 by rpki-client