$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: rMac+apqyTkursuyHsWwO5y1JeqbhNZU4sPGhz7hX40= Subject key identifier: D1:4E:07:B9:22:C1:6C:58:A4:91:25:2B:68:68:73:1C:4D:3C:88:34 Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 0198D515F5F9C8FBCAC341F5901BCD8C1612 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 0908 Signing time: Sat 23 Aug 2025 04:00:42 +0000 Manifest this update: Sat 23 Aug 2025 04:00:42 +0000 Manifest next update: Sun 24 Aug 2025 04:00:42 +0000 Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=) 2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=) 3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=) 4: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (hash: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=) 5: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: PCYuryk2jy7+KRbd8bJrd3cKYXDXSLSj6fiyC5hvG/U=) 7: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (hash: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=) 8: cbgxDriMd1w8Ezk1j_uW9c-uk8k.roa (hash: RA/kZIx4fzU+RCbQ8O1BxIKCZRJDjC4JRLSNt3ovrQ8=) 9: cblkW3ZYAZ5VQl8X3gHLFnE7S8g.roa (hash: +MK4cG6/hNPklJaXz5PxE5zp6rLCIwlFMKcCPx37Jxo=) 10: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=) 11: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (hash: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=) 12: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=) 13: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=) 14: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=) 15: puM6zDTCACkm8XM63GmrJCmb9w4.roa (hash: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=) 16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Aug 2025 04:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:98:d5:15:f5:f9:c8:fb:ca:c3:41:f5:90:1b:cd:8c:16:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Aug 23 04:00:42 2025 GMT Not After : Aug 24 04:00:42 2025 GMT Subject: CN=d14e07b922c16c58a491252b6868731c4d3c8834 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:41:cf:a4:95:4c:2e:a2:b3:2c:23:18:9e:71: 40:06:4b:0e:34:c7:b2:25:00:3f:7f:7b:3e:72:11: 3a:b5:c6:14:11:35:98:22:d7:81:6c:54:d3:16:60: 34:4d:a3:fb:ae:8a:7b:a1:b0:c5:b3:17:3c:4c:09: ae:b7:b9:dd:f3:48:57:83:9a:d2:92:67:98:96:56: 04:a6:3c:32:2e:fe:44:fb:26:bc:a3:85:55:72:66: cf:13:49:9d:7f:1a:37:98:32:09:9e:b2:23:c1:ec: 59:a8:a6:5b:33:88:93:cb:bc:a3:85:3c:f4:53:c5: b5:84:6a:94:01:09:64:4b:bc:a1:49:cb:10:78:8e: fd:f5:92:f1:14:83:65:95:fa:16:64:c2:e1:80:45: 17:af:f8:e4:38:4d:60:18:cb:34:45:ff:4d:f4:25: fb:66:92:c7:79:bc:10:38:b5:c9:94:96:1d:3a:25: 25:38:c4:1c:ba:3a:33:0c:23:40:f5:02:6f:3b:9e: da:3b:bd:ed:91:90:01:00:d6:1d:fe:54:93:c4:83: c2:e1:89:33:3f:05:70:df:43:13:99:fa:e5:d6:ee: 74:5d:74:53:5d:c5:e3:4d:37:9a:ff:6c:a9:a0:3f: ec:9a:9c:96:5d:4c:e1:30:a5:46:d4:41:d6:6a:99: a9:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:4E:07:B9:22:C1:6C:58:A4:91:25:2B:68:68:73:1C:4D:3C:88:34 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:fd:01:28:09:4e:8d:30:fb:7c:3e:c1:37:df:0a:71:d9:f6: a6:98:8c:24:57:5c:1c:81:7d:e7:ee:65:31:46:8c:10:0a:45: df:3d:83:0a:04:21:b3:65:c3:e7:b4:51:e9:2a:20:e7:28:04: 27:9c:87:5b:63:29:3f:8d:2b:47:8a:ad:df:8e:bd:57:29:16: 35:8b:f1:94:96:d2:99:a4:c4:58:6e:f2:4c:e9:db:fc:bf:9c: 93:d3:d5:0d:ea:4e:fc:e0:56:44:80:1c:2d:e2:46:9b:81:76: f8:2d:1a:2c:25:5b:28:f6:9e:aa:6f:96:23:e5:99:53:3a:0d: 3a:c2:e8:0c:f0:dc:49:29:8f:46:52:18:7a:20:02:da:13:1d: d4:ce:86:c9:ac:4d:c8:da:bc:e0:ed:38:9b:76:61:17:20:1f: 2c:2b:2b:3f:95:98:12:2c:18:00:1f:44:04:94:13:61:d8:da: 5e:f6:11:24:4d:07:71:f6:60:a6:37:0f:7f:03:58:a9:c9:1d: 90:e0:ca:56:1c:b8:81:35:54:ca:1c:bd:95:0f:bb:73:6a:27: 71:85:d8:33:78:4e:8f:11:03:b6:56:f1:aa:db:4b:15:b0:27: 71:08:6b:0f:4e:77:10:e5:3f:30:18:04:ca:32:46:d5:b4:6f: d5:93:c7:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZjVFfX5yPvKw0H1kBvNjBYSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUwODIzMDQwMDQyWhcNMjUwODI0MDQwMDQyWjAzMTEwLwYDVQQD EyhkMTRlMDdiOTIyYzE2YzU4YTQ5MTI1MmI2ODY4NzMxYzRkM2M4ODM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0HPpJVMLqKzLCMYnnFABksONMey JQA/f3s+chE6tcYUETWYIteBbFTTFmA0TaP7rop7obDFsxc8TAmut7nd80hXg5rS kmeYllYEpjwyLv5E+ya8o4VVcmbPE0mdfxo3mDIJnrIjwexZqKZbM4iTy7yjhTz0 U8W1hGqUAQlkS7yhScsQeI799ZLxFINllfoWZMLhgEUXr/jkOE1gGMs0Rf9N9CX7 ZpLHebwQOLXJlJYdOiUlOMQcujozDCNA9QJvO57aO73tkZABANYd/lSTxIPC4Ykz PwVw30MTmfrl1u50XXRTXcXjTTea/2ypoD/smpyWXUzhMKVG1EHWapmpXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNFOB7kiwWxYpJElK2hocxxNPIg0MB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWf0BKAlO jTD7fD7BN98Kcdn2ppiMJFdcHIF95+5lMUaMEApF3z2DCgQhs2XD57RR6Sog5ygE J5yHW2MpP40rR4qt3469VykWNYvxlJbSmaTEWG7yTOnb/L+ck9PVDepO/OBWRIAc LeJGm4F2+C0aLCVbKPaeqm+WI+WZUzoNOsLoDPDcSSmPRlIYeiAC2hMd1M6GyaxN yNq84O04m3ZhFyAfLCsrP5WYEiwYAB9EBJQTYdjaXvYRJE0HcfZgpjcPfwNYqckd kODKVhy4gTVUyhy9lQ+7c2oncYXYM3hOjxEDtlbxqttLFbAncQhrD053EOU/MBgE yjJG1bRv1ZPHLg== -----END CERTIFICATE-----Generated at Sat Aug 23 11:09:52 2025 by rpki-client