$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft File: pnhXc98xO5FxG_a8WxSezCRrnok.mft (raw, json) Hash identifier: 4nYnET9NdxkBBY+p/P62wV6n/V2XF2plm7iaIRV7des= Subject key identifier: FF:F6:57:1B:39:B9:B1:4B:40:72:BD:63:E4:54:B6:B5:D9:7C:32:44 Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Certificate serial: 0199FBEBD9393B5FDCAD6A16832C25815283 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft Manifest number: 14AB Signing time: Sun 19 Oct 2025 10:02:41 +0000 Manifest this update: Sun 19 Oct 2025 10:02:41 +0000 Manifest next update: Mon 20 Oct 2025 10:02:41 +0000 Files and hashes: 1: 4_O_iIpyAI9RehObq-pOpadb0Oc.roa (hash: yk0faU3G873g+gLSQoGVoe7NYYyCWEaHzHI6ZIk9UdY=) 2: 7loUqY3SMQ476AvW8cBj_oE5D0w.roa (hash: 9ZWiK7Ya0oQoJXKuXssFNZZZ1jcO9WaxjH/2eSSyYlw=) 3: 9qXJnie35SdfH2J2EgodKBngTzA.roa (hash: jwDaD5ZgcucjZdcdoISWLpA3Zdrcncz7G1jWAlDHN4k=) 4: _K6pKy4r_yxn6KKjdedN6hKQIRc.roa (hash: Fa8PiwPRQ/Nbg/tMa4sLtAZckTKFYG8hQ2oLAm3z+YE=) 5: eeGo9wragRSvkLaXijzUVv6g1UQ.roa (hash: f0fCuBwmYqh4E9JpX2SXK0IGaTdlCqkrpCwPLzLM7U8=) 6: f_BAmJDU6YD_W-jGGFTEv2Fs7Ak.roa (hash: PaLYZLAv0TrU+Bsc9bxTmK6PnOfA5lCBIqcJSl9Ay7o=) 7: h0Rq-64YdH2Rhgx8VqQPxecaOJk.roa (hash: +OMPPDfPiGbQBs5xm10WtKzO2XvkhzUC6VL8TFg0R8M=) 8: p7CrYRPqjfqg5-SpOOWgZYcH7pg.roa (hash: VxeYJO6+oO8JTtkcjhdpm2dOlDG12rU/cm/baKhjYqs=) 9: pnhXc98xO5FxG_a8WxSezCRrnok.crl (hash: ezLAENZ3KpoKGMVAulpLAdXpN8OTKuWFGmp/4tF4wPU=) 10: vm5i6AVzmYzAz9qPwbnD4VrLfVA.roa (hash: VDQ8oeDiLzJU7KaKEM2DHEI37PMjg/GP0JQI1knZDEc=) 11: yj9vr2VnE10QnxtDsz-n2QVr0i4.roa (hash: oY4OEejijqth0Kn/mWSI257F9MR4bW3yyLCjseFCr/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 10:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:99:fb:eb:d9:39:3b:5f:dc:ad:6a:16:83:2c:25:81:52:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Validity Not Before: Oct 19 10:02:41 2025 GMT Not After : Oct 20 10:02:41 2025 GMT Subject: CN=fff6571b39b9b14b4072bd63e454b6b5d97c3244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:fd:e6:4c:ab:a6:f4:31:35:bc:b8:c8:ad:04: a5:cf:2d:fe:b3:57:1a:02:b1:23:a4:c3:18:7b:0d: b0:b4:a0:10:0d:12:b8:10:c1:86:f0:df:e0:5c:f0: 5a:12:a2:d0:8e:e2:42:69:80:9f:ee:8b:c9:8d:02: 54:94:39:c5:e8:00:d6:14:3e:c7:be:2c:12:b5:12: dc:9d:c3:60:8c:0b:3e:23:16:26:b6:9d:a0:4b:34: 73:ab:d5:8f:64:48:ba:75:43:c3:cf:3b:06:14:98: 9f:32:97:c7:98:6b:e1:4d:9d:bc:f8:a2:f4:5b:50: 86:ed:b0:c1:9d:25:ba:80:89:10:42:30:f4:30:b2: 73:05:ed:22:7a:01:6d:89:0e:c9:2a:36:73:39:9c: 09:10:62:17:76:9c:2a:99:44:f7:11:c0:0f:43:15: 4e:dd:37:21:fc:b4:9c:ac:1d:87:83:2f:c6:80:33: b8:4c:58:02:03:78:02:a8:10:52:6e:85:d8:39:21: c6:b1:6f:dd:4f:91:52:22:b7:80:c4:b8:68:ec:07: 47:a6:84:79:50:cf:6b:7e:0d:35:3f:2b:f6:ec:01: 55:4b:ee:38:4d:5f:52:37:8b:d5:61:9f:89:0f:f1: e9:31:47:fe:5b:bb:31:cc:d1:a7:19:74:f0:e8:00: 73:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:F6:57:1B:39:B9:B1:4B:40:72:BD:63:E4:54:B6:B5:D9:7C:32:44 X509v3 Authority Key Identifier: keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:b8:30:a4:96:a4:78:63:2c:0d:76:cf:34:0d:36:70:95:0d: a6:f2:8f:43:77:7f:37:b1:e2:0a:54:15:7c:2b:0f:0c:71:13: 25:c5:ba:e5:98:ee:64:53:2a:83:90:0e:1f:01:7f:51:ec:17: bc:47:eb:74:c1:77:b5:32:f5:9b:8e:3f:d3:6b:0e:27:44:89: f8:c8:94:42:c4:c7:88:2e:3d:6c:b5:2d:44:9b:a6:ef:26:39: d3:cf:80:2e:03:64:ff:8c:0c:eb:bc:70:b9:3a:5f:9e:31:19: a1:b1:d1:4c:74:d3:d9:de:ca:77:5a:4a:9e:74:f8:1b:4a:53: b7:e0:61:12:e2:e3:05:e1:bd:5a:a7:b7:74:f5:db:f5:9a:a8: b0:56:5c:f1:f2:49:44:1f:6b:49:c8:73:5e:3c:ca:08:cc:e1: 00:81:50:e5:72:d3:55:b5:65:ec:1f:d0:91:7e:a7:aa:7c:54: d6:85:4e:ad:55:51:77:bf:69:2c:e2:b2:17:1c:3b:00:fc:41: a0:b6:95:6a:f8:71:74:f2:77:fb:40:40:20:e1:d9:5e:a7:c5: a4:6b:52:73:30:c4:d0:57:2c:89:cc:58:9e:69:db:a4:19:9e: 74:99:3d:52:7e:75:71:ea:2c:0e:b1:9a:7d:1d:03:92:37:98: d5:cb:40:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZn769k5O1/crWoWgywlgVKDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2 YjllODkwHhcNMjUxMDE5MTAwMjQxWhcNMjUxMDIwMTAwMjQxWjAzMTEwLwYDVQQD EyhmZmY2NTcxYjM5YjliMTRiNDA3MmJkNjNlNDU0YjZiNWQ5N2MzMjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1v3mTKum9DE1vLjIrQSlzy3+s1ca ArEjpMMYew2wtKAQDRK4EMGG8N/gXPBaEqLQjuJCaYCf7ovJjQJUlDnF6ADWFD7H viwStRLcncNgjAs+IxYmtp2gSzRzq9WPZEi6dUPDzzsGFJifMpfHmGvhTZ28+KL0 W1CG7bDBnSW6gIkQQjD0MLJzBe0iegFtiQ7JKjZzOZwJEGIXdpwqmUT3EcAPQxVO 3Tch/LScrB2Hgy/GgDO4TFgCA3gCqBBSboXYOSHGsW/dT5FSIreAxLho7AdHpoR5 UM9rfg01Pyv27AFVS+44TV9SN4vVYZ+JD/HpMUf+W7sxzNGnGXTw6ABzOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP/2Vxs5ubFLQHK9Y+RUtrXZfDJEMB8GA1UdIwQY MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt ZDc1ODY5YzBjNzFlLzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxrgwpJak eGMsDXbPNA02cJUNpvKPQ3d/N7HiClQVfCsPDHETJcW65ZjuZFMqg5AOHwF/UewX vEfrdMF3tTL1m44/02sOJ0SJ+MiUQsTHiC49bLUtRJum7yY508+ALgNk/4wM67xw uTpfnjEZobHRTHTT2d7Kd1pKnnT4G0pTt+BhEuLjBeG9Wqe3dPXb9ZqosFZc8fJJ RB9rSchzXjzKCMzhAIFQ5XLTVbVl7B/QkX6nqnxU1oVOrVVRd79pLOKyFxw7APxB oLaVavhxdPJ3+0BAIOHZXqfFpGtSczDE0FcsicxYnmnbpBmedJk9Un51ceosDrGa fR0DkjeY1ctA7w== -----END CERTIFICATE-----Generated at Sun Oct 19 17:56:50 2025 by rpki-client