$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft File: pnhXc98xO5FxG_a8WxSezCRrnok.mft (raw, json) Hash identifier: YVKNlsFba73Yh6KwJRnwGcYRPRmt7rtfyhkofrNS5lA= Subject key identifier: B8:7E:F9:01:47:D4:CC:45:D4:BE:CC:1F:52:EF:25:2E:3A:E7:22:F9 Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Certificate serial: 0198D66040AC8006C4F973A1953E5B0AA29F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft Manifest number: 1413 Signing time: Sat 23 Aug 2025 10:01:28 +0000 Manifest this update: Sat 23 Aug 2025 10:01:28 +0000 Manifest next update: Sun 24 Aug 2025 10:01:28 +0000 Files and hashes: 1: 4_O_iIpyAI9RehObq-pOpadb0Oc.roa (hash: yk0faU3G873g+gLSQoGVoe7NYYyCWEaHzHI6ZIk9UdY=) 2: 7loUqY3SMQ476AvW8cBj_oE5D0w.roa (hash: 9ZWiK7Ya0oQoJXKuXssFNZZZ1jcO9WaxjH/2eSSyYlw=) 3: 9qXJnie35SdfH2J2EgodKBngTzA.roa (hash: jwDaD5ZgcucjZdcdoISWLpA3Zdrcncz7G1jWAlDHN4k=) 4: _K6pKy4r_yxn6KKjdedN6hKQIRc.roa (hash: Fa8PiwPRQ/Nbg/tMa4sLtAZckTKFYG8hQ2oLAm3z+YE=) 5: eeGo9wragRSvkLaXijzUVv6g1UQ.roa (hash: f0fCuBwmYqh4E9JpX2SXK0IGaTdlCqkrpCwPLzLM7U8=) 6: f_BAmJDU6YD_W-jGGFTEv2Fs7Ak.roa (hash: PaLYZLAv0TrU+Bsc9bxTmK6PnOfA5lCBIqcJSl9Ay7o=) 7: h0Rq-64YdH2Rhgx8VqQPxecaOJk.roa (hash: +OMPPDfPiGbQBs5xm10WtKzO2XvkhzUC6VL8TFg0R8M=) 8: p7CrYRPqjfqg5-SpOOWgZYcH7pg.roa (hash: VxeYJO6+oO8JTtkcjhdpm2dOlDG12rU/cm/baKhjYqs=) 9: pnhXc98xO5FxG_a8WxSezCRrnok.crl (hash: DURNWcwz5gBXADjDZWhc3NECPGQn9g2I/k4AcxbOraQ=) 10: vm5i6AVzmYzAz9qPwbnD4VrLfVA.roa (hash: VDQ8oeDiLzJU7KaKEM2DHEI37PMjg/GP0JQI1knZDEc=) 11: yj9vr2VnE10QnxtDsz-n2QVr0i4.roa (hash: oY4OEejijqth0Kn/mWSI257F9MR4bW3yyLCjseFCr/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Aug 2025 05:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:98:d6:60:40:ac:80:06:c4:f9:73:a1:95:3e:5b:0a:a2:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Validity Not Before: Aug 23 10:01:28 2025 GMT Not After : Aug 24 10:01:28 2025 GMT Subject: CN=b87ef90147d4cc45d4becc1f52ef252e3ae722f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:18:5f:95:13:0b:c7:09:d0:20:2c:73:f9:0d: 24:4a:cd:97:3f:70:e7:c6:97:d2:68:51:25:fd:f6: 3b:92:e3:5f:b8:1e:de:55:e0:ff:33:67:37:e8:96: 51:2d:f8:11:2c:ed:80:c5:cb:fc:ee:fd:0b:95:06: a1:28:14:d6:9e:59:0c:a5:ac:0d:d2:95:6e:2d:2e: 45:23:8b:22:3f:22:b7:9b:41:9f:f3:9f:fa:26:94: 03:a2:5f:d8:23:a0:3c:d7:11:a7:5a:91:16:be:a0: 43:52:da:fb:dc:38:42:ee:ac:f2:d2:9b:cc:ba:91: 94:15:d9:e0:1b:24:51:59:ff:08:1c:f3:4e:09:3e: f4:ce:99:f0:10:8f:64:8e:3c:8a:f0:5d:2d:b5:fd: 84:32:84:69:36:03:2c:6e:2a:b8:45:dc:30:90:c5: cf:19:a1:b5:d4:4c:f2:b2:3a:36:9c:72:ec:42:e4: 55:da:64:76:02:78:1f:85:66:3e:1f:09:e4:c5:0b: 8d:af:7e:4c:7c:24:58:bf:26:53:ac:f4:63:8d:3b: 3d:14:8b:2f:76:9c:64:8a:c3:7a:8f:08:b2:52:ab: a4:a6:34:7e:ae:f6:cc:66:0f:11:c7:5b:df:76:1c: f8:e0:af:9b:f3:2f:f3:dc:61:cc:f6:16:d9:91:9e: 1e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:7E:F9:01:47:D4:CC:45:D4:BE:CC:1F:52:EF:25:2E:3A:E7:22:F9 X509v3 Authority Key Identifier: keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:60:a4:5b:f4:b1:9d:3f:c1:a2:95:dd:c5:e4:28:91:ad:61: 26:5c:48:4e:e9:89:c3:2d:61:e3:74:a6:ca:02:6a:9b:19:84: de:89:c9:11:d1:8d:3f:0e:44:45:71:23:a4:69:6d:1d:a7:e5: d2:57:9e:af:a8:e9:ff:19:a4:90:6c:96:b2:02:0d:42:33:c4: 73:64:67:81:e3:bd:3a:01:ec:32:4c:73:2c:5f:0e:f1:aa:89: 24:8b:c9:43:c6:14:51:a0:98:c5:37:00:7b:d4:25:36:0b:59: 43:ed:1d:90:7b:90:ac:42:a9:52:be:ea:33:89:da:45:57:9d: ef:ba:45:8f:92:99:70:02:f0:6e:a6:f7:a1:d9:42:89:93:95: 49:12:11:f1:10:e1:22:5d:41:bd:e5:3c:cb:a0:64:f9:d1:5f: e9:ca:f2:4b:51:53:6c:23:e3:e2:10:23:38:64:f0:15:83:3b: 9d:50:1b:b7:e5:e7:c3:da:e1:49:10:f8:fc:64:7e:0f:41:62: e2:ca:bc:74:ad:d8:b0:86:e4:5e:9e:e4:ea:ff:4f:2b:36:96: 3e:07:bf:ff:64:78:3d:c9:49:33:f4:c4:a5:83:32:06:94:dc: 51:da:13:71:42:79:f4:bf:c3:bc:15:6d:d1:cd:a3:81:79:01: 05:bf:59:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZjWYECsgAbE+XOhlT5bCqKfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2 YjllODkwHhcNMjUwODIzMTAwMTI4WhcNMjUwODI0MTAwMTI4WjAzMTEwLwYDVQQD EyhiODdlZjkwMTQ3ZDRjYzQ1ZDRiZWNjMWY1MmVmMjUyZTNhZTcyMmY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBhflRMLxwnQICxz+Q0kSs2XP3Dn xpfSaFEl/fY7kuNfuB7eVeD/M2c36JZRLfgRLO2Axcv87v0LlQahKBTWnlkMpawN 0pVuLS5FI4siPyK3m0Gf85/6JpQDol/YI6A81xGnWpEWvqBDUtr73DhC7qzy0pvM upGUFdngGyRRWf8IHPNOCT70zpnwEI9kjjyK8F0ttf2EMoRpNgMsbiq4RdwwkMXP GaG11Ezysjo2nHLsQuRV2mR2AngfhWY+HwnkxQuNr35MfCRYvyZTrPRjjTs9FIsv dpxkisN6jwiyUqukpjR+rvbMZg8Rx1vfdhz44K+b8y/z3GHM9hbZkZ4ejQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLh++QFH1MxF1L7MH1LvJS465yL5MB8GA1UdIwQY MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt ZDc1ODY5YzBjNzFlLzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmCkW/Sx nT/BopXdxeQoka1hJlxITumJwy1h43SmygJqmxmE3onJEdGNPw5ERXEjpGltHafl 0leer6jp/xmkkGyWsgINQjPEc2RngeO9OgHsMkxzLF8O8aqJJIvJQ8YUUaCYxTcA e9QlNgtZQ+0dkHuQrEKpUr7qM4naRVed77pFj5KZcALwbqb3odlCiZOVSRIR8RDh Il1BveU8y6Bk+dFf6cryS1FTbCPj4hAjOGTwFYM7nVAbt+Xnw9rhSRD4/GR+D0Fi 4sq8dK3YsIbkXp7k6v9PKzaWPge//2R4PclJM/TEpYMyBpTcUdoTcUJ59L/DvBVt 0c2jgXkBBb9Z2g== -----END CERTIFICATE-----Generated at Sat Aug 23 12:20:55 2025 by rpki-client