$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft File: hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft (raw, json) Hash identifier: CAjmh+8SP6doXLFBkaFbBGYyadRpp/wyKfk4b54pzU0= Subject key identifier: 0A:92:A2:72:DC:C6:06:B9:6F:3D:07:AA:85:CF:BC:FE:4F:B5:2A:A3 Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd Certificate serial: 0199FB7CF1E12DA6B7B72E797BDEB420E3AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft Manifest number: 1302 Signing time: Sun 19 Oct 2025 08:01:33 +0000 Manifest this update: Sun 19 Oct 2025 08:01:33 +0000 Manifest next update: Mon 20 Oct 2025 08:01:33 +0000 Files and hashes: 1: 2Il6q-ZqOuI80bOhmO2ATk_4gjA.roa (hash: qZ2AvjwfuN5RofSpAulT+zvOokvk9hdo9R5gBG6wVV8=) 2: EqxVNlycylxq6ufI9ng2ltdK1KM.roa (hash: b+kpuQsONfGhMD7qgwxZkbzW/4IKkzNE5v/myC4W0qY=) 3: MceCU4XPd0t7fhZxTxvxReumv1Q.roa (hash: 5TdX80iYVUkF2JY7Z9ZEOYjAnRhS8f4vWckTIPnEXdo=) 4: QdYIwbhgXZFZDGrsD1bCfWnJfNM.roa (hash: GAa3KktDwm+TlBojUO7F6LnOQMJ0zxC/VLgeFCn23pI=) 5: V1rb0y6iu1TTOsIZQYPUPITNZdc.roa (hash: 4TLj9uQX2T55ymBodPD3FK/tTeE67Ngmw9g4awglSqU=) 6: Yjrt4HsK8wh6pJI81KOUWlnSEwg.roa (hash: XmuwPChIn1UvgMab/4oMWsQTN7bkJ51y5zUd1xVolH0=) 7: aaic0TQ08KDxqNotu0QjynGFp8k.roa (hash: y+rn4gyMmixGkyVVHgb8Zj+xOMFFm7BJm3FAMYf/M4M=) 8: cO2-NOuH2RV4sPciOdoA32su67Q.roa (hash: 9jc3V+7f0q1/c2NMI1faaA1MEEx9FCl4Vp7wxvOlyNU=) 9: euovkC8FzqkWizkBlJiIPuOidbU.roa (hash: NVQ3tcOFWDZctMMGjmKl2U9mGUa0NK9LjFLKrJC2iHM=) 10: gdNItxWNsM4KiGU05OylhksApCc.roa (hash: WiPvUqderzx9CicZMrqZIDKRBrczrFFx57GnwN1V0lI=) 11: hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl (hash: nQ642R7a08SAkhymWH0AU6e6mAPCJ6TC3cp8EI/5hYM=) 12: o1oWSbF99ChHezdi7-NEtS6WqIQ.roa (hash: ssh+w8HWpTpbSb7HfHBqwKGeOCK5JvaJKAWgtYiNFsU=) 13: oMpZucICfk-8ZesIjg26RzH9z8Q.roa (hash: avfjdtl0mm9+afn2EBtC58m5oIaLp8/rBFhWdaYQq6o=) 14: zYeF4EOXDH9wga2Hl1a9xt43c_E.roa (hash: qprf7Kh7V9oLipnyoiqapOwT3fD2c8ij+cCs23g5KeE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 06:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:fb:7c:f1:e1:2d:a6:b7:b7:2e:79:7b:de:b4:20:e3:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd Validity Not Before: Oct 19 08:01:33 2025 GMT Not After : Oct 20 08:01:33 2025 GMT Subject: CN=0a92a272dcc606b96f3d07aa85cfbcfe4fb52aa3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bf:60:57:68:57:5b:df:2e:50:4b:e0:73:fd: 9d:5f:70:fe:33:99:20:0d:10:b1:95:92:23:71:13: 29:22:9a:68:8b:6c:f8:11:cb:aa:56:9d:9f:a6:bb: 6d:7b:cd:a1:f7:e1:d4:44:69:5c:01:11:5f:e0:eb: f7:93:b8:3b:96:bb:f6:e9:98:e3:cc:8f:3f:aa:57: af:04:22:bb:7f:d5:ad:1f:f1:88:45:62:e8:dc:e0: 5b:bc:66:be:fd:eb:42:58:49:91:47:42:b7:7b:af: 90:09:79:2d:08:2d:a8:73:03:fd:2b:54:1f:c4:f1: dc:e3:b7:f3:58:7a:7a:d2:bb:54:f5:57:e1:98:c2: 6b:01:c6:b9:29:c1:a3:45:6d:43:08:3a:ad:1d:d9: b7:95:ab:8a:b6:c3:e4:80:a4:98:d4:06:ab:c9:63: 53:98:86:2d:ca:35:2d:27:82:59:b2:75:ed:eb:fc: 8b:b6:cc:8b:c5:7c:68:b9:c6:37:cd:ed:4a:bb:71: 5f:fa:16:64:68:83:1a:af:15:ae:5b:47:b4:8d:77: 71:0f:aa:a5:be:c2:8e:81:a7:95:30:05:4f:ad:c9: 1e:af:a2:ae:dd:5e:17:58:fe:45:12:99:2a:52:b5: cf:ac:e9:2f:c5:ac:c4:cb:03:56:bf:80:fc:fd:f4: 94:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:92:A2:72:DC:C6:06:B9:6F:3D:07:AA:85:CF:BC:FE:4F:B5:2A:A3 X509v3 Authority Key Identifier: keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:f8:45:b1:5b:3a:d1:c1:e6:a1:58:4d:2a:e7:cd:3a:4f:23: 86:62:3c:57:e4:f8:6a:a9:e5:cc:60:35:41:e0:b5:6f:14:5a: 10:a2:26:f9:a1:6b:b4:e9:90:c2:e1:f7:55:83:aa:c9:c2:69: 25:54:c8:48:d2:69:1c:1e:78:7a:2c:4e:3f:05:4f:8f:47:da: d6:c6:90:bd:80:c0:d6:a4:32:2c:ec:6a:e7:ce:0e:a4:cc:ea: c2:2f:e6:df:76:6c:63:a8:0e:d8:f1:fa:b7:62:02:bc:67:ef: 6e:db:ba:a5:48:bd:85:5f:d1:6c:55:d8:5a:6a:db:f3:ab:2b: 94:49:7e:64:b1:6b:d1:f6:93:02:11:dd:46:c3:06:33:e2:93: 92:72:fc:7f:fe:44:c7:81:28:fd:d2:25:27:92:aa:4e:51:be: e1:43:1f:65:92:16:40:c5:74:f1:92:fa:66:95:de:68:94:0a: 74:fc:ed:fd:46:42:d8:7e:43:9d:08:34:40:8a:ed:95:3a:c1: 40:f8:0d:cc:f1:dc:89:4a:da:4f:57:0b:77:24:48:d0:26:1e: be:ca:bf:2a:b7:48:e0:e6:4b:3d:62:23:b9:dc:3d:03:87:e0: 36:5a:fc:ef:6c:dd:03:3d:78:2c:d7:5c:e3:8e:0e:e0:5c:f9: fd:1d:28:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZn7fPHhLaa3ty55e960IOOrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi MmUyY2QwHhcNMjUxMDE5MDgwMTMzWhcNMjUxMDIwMDgwMTMzWjAzMTEwLwYDVQQD EygwYTkyYTI3MmRjYzYwNmI5NmYzZDA3YWE4NWNmYmNmZTRmYjUyYWEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs79gV2hXW98uUEvgc/2dX3D+M5kg DRCxlZIjcRMpIppoi2z4EcuqVp2fprtte82h9+HURGlcARFf4Ov3k7g7lrv26Zjj zI8/qlevBCK7f9WtH/GIRWLo3OBbvGa+/etCWEmRR0K3e6+QCXktCC2ocwP9K1Qf xPHc47fzWHp60rtU9VfhmMJrAca5KcGjRW1DCDqtHdm3lauKtsPkgKSY1AaryWNT mIYtyjUtJ4JZsnXt6/yLtsyLxXxoucY3ze1Ku3Ff+hZkaIMarxWuW0e0jXdxD6ql vsKOgaeVMAVPrcker6Ku3V4XWP5FEpkqUrXPrOkvxazEywNWv4D8/fSUpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAqSonLcxga5bz0HqoXPvP5PtSqjMB8GA1UdIwQY MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt ZjEyODM1ZjAyNDdiLzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAavhFsVs6 0cHmoVhNKufNOk8jhmI8V+T4aqnlzGA1QeC1bxRaEKIm+aFrtOmQwuH3VYOqycJp JVTISNJpHB54eixOPwVPj0fa1saQvYDA1qQyLOxq584OpMzqwi/m33ZsY6gO2PH6 t2ICvGfvbtu6pUi9hV/RbFXYWmrb86srlEl+ZLFr0faTAhHdRsMGM+KTknL8f/5E x4Eo/dIlJ5KqTlG+4UMfZZIWQMV08ZL6ZpXeaJQKdPzt/UZC2H5DnQg0QIrtlTrB QPgNzPHciUraT1cLdyRI0CYevsq/KrdI4OZLPWIjudw9A4fgNlr872zdAz14LNdc 444O4Fz5/R0ozg== -----END CERTIFICATE-----Generated at Sun Oct 19 15:42:25 2025 by rpki-client