$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: zN2mkAi1qVK/wNMrNl2kdgL0eT1WUaNufZG9kcfztGU= Subject key identifier: D9:03:61:A0:04:9B:0A:14:B1:34:B8:06:9E:51:69:68:B0:D7:12:E3 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 3A211B3B527E6135FA73F317B2CD093F2FA8968F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: 0184 Signing time: Fri 15 May 2026 20:04:58 +0000 Manifest this update: Fri 15 May 2026 19:59:58 +0000 Manifest next update: Sat 16 May 2026 23:03:58 +0000 Files and hashes: 1: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 2: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 3: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 4: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 5: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: Hz5MqaZMWpM9QTVSBajBGpmHYA/3hTei+mc67PrS9YQ=) 6: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 7: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) 8: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 9: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 10: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 11: 326130343a623930343a373230303a3a2f34302d3430203d3e20323131333231.roa (hash: refEY6cMSdDY7cBVUX5w6R5vf51PxokJ+N8DMMimo3o=) 12: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 13: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 14: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 15: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 16 May 2026 15:18:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:21:1b:3b:52:7e:61:35:fa:73:f3:17:b2:cd:09:3f:2f:a8:96:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: May 15 19:59:58 2026 GMT Not After : May 16 23:03:58 2026 GMT Subject: CN=D90361A0049B0A14B134B8069E516968B0D712E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:c5:31:eb:c9:69:9d:9e:a5:52:46:81:13:aa: e9:bb:7d:c1:82:b6:a3:d2:be:3e:d1:57:1b:57:72: 9d:ca:d4:b5:e5:55:e8:c5:b0:dc:dc:2d:5f:c0:fe: b5:78:62:cf:b8:69:66:7e:5e:46:46:0c:d6:0b:33: 90:6a:c4:a9:08:1f:7c:7a:e9:be:df:68:ba:f5:00: b0:2f:c8:c9:45:4f:8f:41:4b:14:b8:30:10:93:7c: 7e:fc:4c:30:58:ba:f1:7c:91:a2:da:29:8f:ec:18: ae:14:02:8b:47:70:79:ae:30:79:37:e8:0d:4b:21: a1:71:96:dd:01:ce:16:aa:17:2c:c3:b3:97:cd:76: 41:a4:bf:c7:cc:16:f4:17:8a:2f:b7:60:95:6c:e7: de:88:5c:37:eb:98:93:6e:f7:ea:ae:a0:3f:0c:e4: 99:7a:87:14:86:9b:46:97:f0:f2:53:83:c9:6e:7b: 25:1a:58:ec:b8:3c:5c:28:d8:2b:45:2a:e4:fa:81: 4b:45:c9:08:77:9f:15:ae:ec:3e:44:e2:17:fb:29: a5:1b:96:7d:ea:e0:2f:b7:2b:2f:03:e7:14:7b:df: 96:25:e6:c6:4c:75:f2:3d:62:3d:a6:9d:5f:0c:24: 56:24:b4:2b:1e:bc:65:ee:01:1b:9b:31:7a:39:41: 96:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:03:61:A0:04:9B:0A:14:B1:34:B8:06:9E:51:69:68:B0:D7:12:E3 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:56:1a:cc:0a:c1:c7:fb:51:cf:d7:06:a9:ec:a3:2f:4e:80: 74:2a:e3:3c:c2:b4:f2:c7:8a:f2:81:0d:a0:2e:2f:35:33:5a: ba:1a:63:a5:95:63:23:ea:c7:2d:a2:44:55:4b:bf:dc:ad:00: 3d:33:a9:1c:de:e4:47:30:d5:66:77:39:e7:ff:50:ee:8d:6b: a4:d3:3a:75:b3:0a:74:0b:a9:b9:57:3c:f4:20:8a:a1:bd:b5: 10:3f:e7:32:c2:71:7a:61:af:bf:07:e0:6c:ea:2c:2d:2f:de: 4c:23:3d:44:79:51:fd:0c:35:d7:66:8e:2e:9e:f7:85:64:52: 49:df:92:0a:3e:9a:d3:44:8d:92:3a:a9:52:a4:98:ab:15:ac: 35:99:04:e3:c3:7a:eb:b9:96:b1:93:0a:b9:05:7c:12:b1:1a: 4b:e6:fe:68:e3:a7:60:6f:0f:2e:79:92:8f:d3:b3:72:e4:34: 31:de:a9:6a:da:cf:22:a6:7b:e4:fb:a2:57:41:10:8d:37:9f: bc:5a:c6:fa:de:df:a1:78:19:b7:23:9c:66:8c:6f:6d:34:e9: 71:30:45:e6:45:0f:af:dc:f9:ba:1a:f2:e2:a3:e3:87:80:6f: 37:52:e3:ff:00:eb:ed:e2:24:8b:b3:46:52:5c:dd:10:7a:14: 79:03:a3:b5 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUOiEbO1J+YTX6c/MXss0JPy+olo8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNjA1MTUxOTU5NThaFw0yNjA1MTYyMzAzNThaMDMxMTAvBgNV BAMTKEQ5MDM2MUEwMDQ5QjBBMTRCMTM0QjgwNjlFNTE2OTY4QjBENzEyRTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlxTHryWmdnqVSRoETqum7fcGC tqPSvj7RVxtXcp3K1LXlVejFsNzcLV/A/rV4Ys+4aWZ+XkZGDNYLM5BqxKkIH3x6 6b7faLr1ALAvyMlFT49BSxS4MBCTfH78TDBYuvF8kaLaKY/sGK4UAotHcHmuMHk3 6A1LIaFxlt0BzhaqFyzDs5fNdkGkv8fMFvQXii+3YJVs596IXDfrmJNu9+quoD8M 5Jl6hxSGm0aX8PJTg8lueyUaWOy4PFwo2CtFKuT6gUtFyQh3nxWu7D5E4hf7KaUb ln3q4C+3Ky8D5xR735Yl5sZMdfI9Yj2mnV8MJFYktCsevGXuARubMXo5QZZ9AgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQU2QNhoASbChSxNLgGnlFpaLDXEuMwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQAxVhrMCsHH+1HP1wap7KMvToB0KuM8wrTyx4rygQ2gLi81M1q6GmOllWMj 6sctokRVS7/crQA9M6kc3uRHMNVmdznn/1DujWuk0zp1swp0C6m5Vzz0IIqhvbUQ P+cywnF6Ya+/B+Bs6iwtL95MIz1EeVH9DDXXZo4unveFZFJJ35IKPprTRI2SOqlS pJirFaw1mQTjw3rruZaxkwq5BXwSsRpL5v5o46dgbw8ueZKP07Ny5DQx3qlq2s8i pnvk+6JXQRCNN5+8Wsb63t+heBm3I5xmjG9tNOlxMEXmRQ+v3Pm6GvLio+OHgG83 UuP/AOvt4iSLs0ZSXN0QehR5A6O1 -----END CERTIFICATE-----Generated at Fri May 15 21:45:14 2026 by rpki-client