
$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft
File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json)
Hash identifier: LGbwxDcO7/pmI14xMzJCd7/OAL+0I9YAt4R23u2vxyc=
Subject key identifier: B4:25:CB:E1:11:09:8C:82:40:97:97:5A:25:C0:27:D2:C0:4C:59:94
Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A
Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a
Certificate serial: 601A33D055A40524079A55A13F7D2D7591B0A503
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer
Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft
Manifest number: 01C1
Signing time: Tue 30 Jun 2026 20:20:10 +0000
Manifest this update: Tue 30 Jun 2026 20:15:10 +0000
Manifest next update: Wed 01 Jul 2026 23:40:10 +0000
Files and hashes: 1: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=)
2: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=)
3: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=)
4: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=)
5: 326130343a623930343a373230303a3a2f34302d3430203d3e20323131333231.roa (hash: refEY6cMSdDY7cBVUX5w6R5vf51PxokJ+N8DMMimo3o=)
6: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=)
7: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=)
8: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=)
9: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=)
10: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: ktIQKSwRC+NJM7DHYsIoagUA9numwCCjSq723RpWnzg=)
11: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=)
12: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=)
13: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=)
14: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=)
15: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=)
Validation: OK
Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl
rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 23:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:1a:33:d0:55:a4:05:24:07:9a:55:a1:3f:7d:2d:75:91:b0:a5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a
Validity
Not Before: Jun 30 20:15:10 2026 GMT
Not After : Jul 1 23:40:10 2026 GMT
Subject: CN=B425CBE111098C824097975A25C027D2C04C5994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:05:e7:47:9e:44:1a:e3:35:23:99:fd:fe:
b0:29:d0:61:77:6c:1d:40:fc:e7:0f:71:e8:b2:ba:
a4:b5:40:39:cb:86:b6:c9:c6:91:82:17:aa:2c:14:
f9:49:fd:88:55:ea:05:c2:9b:a1:3d:c9:73:9b:71:
e4:25:a8:47:3b:ec:7f:1a:dc:55:80:79:ff:a1:7a:
bf:fc:04:86:7e:58:fe:a6:a0:c6:e4:7e:90:42:b1:
b3:d3:10:b4:79:cc:ac:f7:6b:41:2a:fa:2f:a5:a3:
4a:a5:b7:96:0c:32:a8:a0:cb:c3:f0:c0:b6:4c:a4:
23:d7:1a:40:3f:7a:1e:a4:66:b8:64:c8:52:ba:dc:
cd:38:6f:c9:9b:cb:47:56:cc:ca:d5:24:81:0f:09:
9b:89:0d:e6:84:ad:ac:b9:43:8e:50:27:ef:1e:d8:
05:b8:fa:2d:ff:66:92:37:c1:ea:21:df:cc:a7:04:
1e:67:11:1b:98:3c:92:f3:1c:5e:e3:4b:34:ad:33:
0e:71:a2:35:70:d4:03:fc:ac:fb:b4:33:f2:e8:63:
53:10:9c:06:2c:7c:7b:df:95:fa:25:8e:62:89:b7:
84:11:65:cb:6d:82:d4:27:74:7e:19:b1:78:96:7b:
86:b0:20:34:1d:b4:bd:44:b5:e8:c0:85:94:52:61:
97:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:25:CB:E1:11:09:8C:82:40:97:97:5A:25:C0:27:D2:C0:4C:59:94
X509v3 Authority Key Identifier:
keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ba:db:e6:cf:9c:47:14:a0:80:66:5c:1e:26:ed:1e:58:bc:66:
b0:ff:8e:9a:27:15:46:b3:c2:43:52:4f:61:8d:b3:71:d3:a1:
4b:8c:99:09:08:9a:6a:d7:d2:c7:85:87:a6:df:8e:b2:91:63:
8b:17:f8:3c:97:b7:1b:e4:76:7f:e2:fc:c7:97:09:9f:0e:53:
d7:89:9b:e5:2c:a0:a4:5b:71:f3:f5:84:9d:ee:ff:47:ee:5e:
4a:64:30:d5:e1:63:06:c0:83:12:73:9b:0e:ae:ef:85:86:45:
1e:0b:2d:23:c3:37:22:46:13:8f:95:7c:66:4b:49:b8:79:f3:
f0:1a:1e:4f:cb:ee:a3:67:f2:dc:4f:ab:57:d6:6b:57:2a:80:
8c:d1:ef:9b:33:ba:99:d7:ab:69:df:4f:f5:b0:89:df:e6:8c:
63:e1:10:45:28:9d:49:97:c5:d1:ad:7e:3c:b8:fc:71:37:0e:
57:ad:75:6d:42:34:69:18:97:84:f5:fd:c1:67:88:3c:d4:92:
ec:e9:74:8d:44:7b:9b:31:54:d4:3d:ab:19:3b:f0:b5:5c:03:
e4:52:01:26:4b:d3:ad:4b:72:1c:76:60:e5:ef:aa:48:1d:c5:
09:2e:96:91:d9:18:c1:db:74:a7:d2:68:02:e5:7d:0f:d2:64:
90:da:d2:ce
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUYBoz0FWkBSQHmlWhP30tdZGwpQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3
NDNjMzk5YTAeFw0yNjA2MzAyMDE1MTBaFw0yNjA3MDEyMzQwMTBaMDMxMTAvBgNV
BAMTKEI0MjVDQkUxMTEwOThDODI0MDk3OTc1QTI1QzAyN0QyQzA0QzU5OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnXQXnR55EGuM1I5n9/rAp0GF3
bB1A/OcPceiyuqS1QDnLhrbJxpGCF6osFPlJ/YhV6gXCm6E9yXObceQlqEc77H8a
3FWAef+her/8BIZ+WP6moMbkfpBCsbPTELR5zKz3a0Eq+i+lo0qlt5YMMqigy8Pw
wLZMpCPXGkA/eh6kZrhkyFK63M04b8mby0dWzMrVJIEPCZuJDeaEray5Q45QJ+8e
2AW4+i3/ZpI3weoh38ynBB5nERuYPJLzHF7jSzStMw5xojVw1AP8rPu0M/LoY1MQ
nAYsfHvflfoljmKJt4QRZcttgtQndH4ZsXiWe4awIDQdtL1EtejAhZRSYZdDAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUtCXL4REJjIJAl5daJcAn0sBMWZQwHwYDVR0j
BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl
cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3
NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF
Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y
c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x
L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB
BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA
A4IBAQC62+bPnEcUoIBmXB4m7R5YvGaw/46aJxVGs8JDUk9hjbNx06FLjJkJCJpq
19LHhYem346ykWOLF/g8l7cb5HZ/4vzHlwmfDlPXiZvlLKCkW3Hz9YSd7v9H7l5K
ZDDV4WMGwIMSc5sOru+FhkUeCy0jwzciRhOPlXxmS0m4efPwGh5Py+6jZ/LcT6tX
1mtXKoCM0e+bM7qZ16tp30/1sInf5oxj4RBFKJ1Jl8XRrX48uPxxNw5XrXVtQjRp
GJeE9f3BZ4g81JLs6XSNRHubMVTUPasZO/C1XAPkUgEmS9OtS3IcdmDl76pIHcUJ
LpaR2RjB23Sn0mgC5X0P0mSQ2tLO
-----END CERTIFICATE-----
Generated at Wed Jul 1 10:33:59 2026 by rpki-client