$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: sGDJjXMdtjnrxjb0VT4SIjYHXPp08l4Rf70s0wTcAbg= Subject key identifier: 22:B5:B5:54:CA:93:B2:EC:89:9E:4F:57:6D:A1:04:8E:53:A9:6F:56 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 2D9799A2E34AE7D233430765444AC501800F73A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: 36 Signing time: Sun 07 Sep 2025 09:49:06 +0000 Manifest this update: Sun 07 Sep 2025 09:44:06 +0000 Manifest next update: Mon 08 Sep 2025 13:47:06 +0000 Files and hashes: 1: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 2: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 3: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 4: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 5: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 6: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 7: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 8: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 9: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 10: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 11: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: aa1//b36ZVcSUzfXkSa/ZhuN5ZjDaZa4K1afJqkuzVg=) 12: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 13: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 14: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Sep 2025 07:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:97:99:a2:e3:4a:e7:d2:33:43:07:65:44:4a:c5:01:80:0f:73:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Sep 7 09:44:06 2025 GMT Not After : Sep 8 13:47:06 2025 GMT Subject: CN=22B5B554CA93B2EC899E4F576DA1048E53A96F56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:22:3d:17:89:ca:8e:9c:6e:f0:6f:dd:6c:85: 0f:e6:46:d1:e2:a5:ff:76:2b:46:7d:ef:ad:24:3a: 05:1b:55:b1:c7:b0:a9:d4:3a:91:d1:54:91:c9:d2: ba:3a:84:61:06:87:5e:67:a3:dd:0a:69:33:60:53: 43:01:3f:c8:c9:24:c9:fc:88:cc:f9:5e:0e:94:d1: 58:2f:be:2e:e1:77:b5:89:d8:59:a1:fc:62:fe:87: 26:38:84:71:a4:35:2c:ff:d7:a8:b6:ce:c4:27:3f: 9e:91:32:a9:01:c5:09:b6:20:f4:2f:17:92:b1:79: f1:9d:0c:3b:8f:b4:18:2f:4e:13:2f:b0:af:22:0d: 99:57:e9:68:46:7f:c2:a6:49:f2:a3:7e:a7:58:fa: 41:81:9f:c8:71:6c:0d:85:75:c4:e7:76:3d:50:68: dc:aa:53:c1:d9:bb:e3:54:75:68:dd:07:3d:3f:6b: 8f:f6:d2:48:aa:6e:6c:16:e8:40:f3:fa:66:8a:84: ae:5d:e2:46:8e:d4:f3:fc:31:38:ab:cd:42:7e:cd: 70:07:6b:19:91:f9:da:fe:9a:e2:86:40:9b:0a:64: 4d:bd:88:7c:47:11:52:42:ac:ff:6c:49:25:8c:c3: 9f:1a:fb:4a:e8:cb:7e:51:11:5e:09:b0:cd:f2:7e: 24:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:B5:B5:54:CA:93:B2:EC:89:9E:4F:57:6D:A1:04:8E:53:A9:6F:56 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:8f:18:bf:d5:c2:bb:85:26:ec:b7:e5:64:0a:09:b5:90:54: db:dd:f3:57:f6:9f:ef:71:84:78:b2:89:c3:32:4f:29:15:aa: 3a:16:2a:9b:b9:67:ed:53:50:e5:9d:87:5e:d5:d2:47:5d:f0: da:22:7d:43:b9:26:91:05:07:a9:e7:d2:af:9e:77:9c:01:22: 15:83:d6:9f:b3:f4:9e:33:7e:d5:55:33:b8:fb:a6:67:4a:8e: c2:0a:ad:41:69:9c:e3:55:e0:97:b6:80:9e:36:c1:8d:84:5b: 06:b8:de:15:cb:72:bd:75:4d:12:52:b6:3f:78:46:4a:50:26: f3:f3:82:e2:d0:52:a6:0a:54:85:48:77:d6:59:bf:48:7d:e0: bf:60:03:a2:52:b4:d4:6f:ff:6a:f7:1a:e8:44:9e:51:52:8e: 4c:3b:ad:fd:db:68:81:15:5e:90:da:5a:fc:dc:68:75:fa:ac: f5:49:ca:5e:b9:9f:f0:aa:9f:79:06:0a:3d:3b:78:6d:67:64: e5:4f:81:47:a5:98:de:9f:11:17:6f:29:3f:0d:a0:19:40:3b: 72:f9:0c:e0:a4:6c:be:7e:0b:5c:db:b5:ff:b5:9f:b7:5b:a7: 95:ff:03:75:26:0d:21:78:14:94:ba:bc:e1:04:6f:51:56:65: e6:38:4f:e1 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIULZeZouNK59IzQwdlRErFAYAPc6AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNTA5MDcwOTQ0MDZaFw0yNTA5MDgxMzQ3MDZaMDMxMTAvBgNV BAMTKDIyQjVCNTU0Q0E5M0IyRUM4OTlFNEY1NzZEQTEwNDhFNTNBOTZGNTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyIj0XicqOnG7wb91shQ/mRtHi pf92K0Z9760kOgUbVbHHsKnUOpHRVJHJ0ro6hGEGh15no90KaTNgU0MBP8jJJMn8 iMz5Xg6U0Vgvvi7hd7WJ2Fmh/GL+hyY4hHGkNSz/16i2zsQnP56RMqkBxQm2IPQv F5KxefGdDDuPtBgvThMvsK8iDZlX6WhGf8KmSfKjfqdY+kGBn8hxbA2FdcTndj1Q aNyqU8HZu+NUdWjdBz0/a4/20kiqbmwW6EDz+maKhK5d4kaO1PP8MTirzUJ+zXAH axmR+dr+muKGQJsKZE29iHxHEVJCrP9sSSWMw58a+0roy35REV4JsM3yfiSLAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQUIrW1VMqTsuyJnk9XbaEEjlOpb1YwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQBQjxi/1cK7hSbst+VkCgm1kFTb3fNX9p/vcYR4sonDMk8pFao6FiqbuWft U1DlnYde1dJHXfDaIn1DuSaRBQep59KvnnecASIVg9afs/SeM37VVTO4+6ZnSo7C Cq1BaZzjVeCXtoCeNsGNhFsGuN4Vy3K9dU0SUrY/eEZKUCbz84Li0FKmClSFSHfW Wb9IfeC/YAOiUrTUb/9q9xroRJ5RUo5MO63922iBFV6Q2lr83Gh1+qz1ScpeuZ/w qp95Bgo9O3htZ2TlT4FHpZjenxEXbyk/DaAZQDty+QzgpGy+fgtc27X/tZ+3W6eV /wN1Jg0heBSUurzhBG9RVmXmOE/h -----END CERTIFICATE-----Generated at Sun Sep 7 13:45:30 2025 by rpki-client