$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: eW9S8CMVXx9SCioemPLYTZntLZarjCEbUq3yxy3W6UE= Subject key identifier: 6E:B6:65:32:50:71:44:03:FC:A8:F4:D5:DE:80:5C:59:61:48:09:F2 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 41CDF15C12325D90810AD34484A9C0F03B412798 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: 79 Signing time: Mon 27 Oct 2025 19:09:29 +0000 Manifest this update: Mon 27 Oct 2025 19:04:29 +0000 Manifest next update: Tue 28 Oct 2025 22:16:29 +0000 Files and hashes: 1: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 2: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 3: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 4: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 5: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) 6: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 7: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 8: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 9: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 10: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 11: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 12: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 13: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 14: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: u3wiJPfUBqjGkcWus9jXAAnTpMUwqIQWFFYyNQ+aAOc=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Oct 2025 22:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:cd:f1:5c:12:32:5d:90:81:0a:d3:44:84:a9:c0:f0:3b:41:27:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Oct 27 19:04:29 2025 GMT Not After : Oct 28 22:16:29 2025 GMT Subject: CN=6EB6653250714403FCA8F4D5DE805C59614809F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:d1:3a:97:14:8c:31:89:17:ef:b8:e9:8c:e6: df:63:2a:0f:ae:07:15:31:e9:76:92:c4:04:a9:1a: 9a:7b:8c:fc:1c:8f:eb:a0:59:b7:c7:8d:94:9e:a7: d4:9a:d4:31:d3:6a:46:d5:21:da:1e:8f:06:5e:9d: d0:61:23:1a:83:a7:a3:d7:db:a7:97:08:5c:62:81: 0d:6a:1a:19:ab:77:12:b6:d6:19:c8:19:87:d4:0d: d8:d9:b9:48:67:2a:49:a9:18:bb:9d:e9:00:d4:15: ea:42:e6:c3:ba:8e:ad:8c:3a:31:25:e5:b1:a2:50: b5:2f:21:af:cb:4b:c4:e8:74:79:c4:d3:7b:34:b7: c0:1b:02:3a:c6:c5:e1:da:0d:be:c7:10:8e:ab:a8: 37:2a:2d:7d:d0:29:9a:24:eb:29:90:7f:43:ee:b6: cf:ef:84:67:92:24:15:86:eb:87:ba:60:b9:3c:a5: ad:1c:e9:c0:88:8b:9f:d9:c7:40:5d:7e:bb:46:ce: 2f:e2:f5:1b:4c:2b:b0:f2:36:2b:4e:76:0f:c8:c1: 0f:10:81:1d:e2:4c:b3:be:7a:3d:ac:3c:c5:57:17: 5d:02:f7:80:0f:7a:14:4f:e8:9d:bf:6f:5a:11:9d: a1:15:b1:c3:d5:7f:2c:30:63:48:74:d4:83:c1:67: 21:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:B6:65:32:50:71:44:03:FC:A8:F4:D5:DE:80:5C:59:61:48:09:F2 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:1e:67:03:4a:7d:dd:48:00:f9:18:9d:5e:75:ab:79:c9:8e: 67:6f:9e:77:87:b1:0f:9a:4a:39:8b:18:b0:13:6b:92:7a:33: c7:eb:90:5a:ec:5b:50:67:0f:a9:37:3e:29:54:f8:f2:8d:fa: 23:be:0b:5e:c8:30:5c:f0:8d:fd:1a:7a:9f:e6:2b:11:38:b7: 56:83:e5:22:13:64:8b:cb:31:c8:a0:c5:bd:4e:df:49:ee:22: 38:6e:07:0f:54:b9:b2:42:dd:cd:93:84:fb:0b:fb:ac:1b:18: 51:55:95:37:c2:f9:fa:f1:23:4d:5a:0e:62:d7:93:3b:da:4a: 0c:d5:62:c9:0b:21:c9:40:3c:47:ea:dd:0c:a4:db:33:f5:54: d8:b3:81:50:76:63:28:84:a1:20:82:8d:63:58:bb:27:e7:ea: 7b:e9:41:82:c6:94:80:10:3d:25:19:57:ac:25:f8:59:a6:42: 4a:5f:b8:6e:b4:8f:4b:30:f3:82:3e:4c:0b:c4:24:43:2f:da: 2b:df:0b:4a:f9:a9:9f:74:56:b0:39:3c:5f:72:28:4d:d2:66: 16:11:90:ae:2f:a7:11:8d:b2:64:c9:d1:60:1d:7b:69:2c:df: cb:45:bd:0f:7f:ab:c1:f3:4c:0f:5b:72:24:67:12:03:e5:6d: 0c:b0:62:a5 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUQc3xXBIyXZCBCtNEhKnA8DtBJ5gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNTEwMjcxOTA0MjlaFw0yNTEwMjgyMjE2MjlaMDMxMTAvBgNV BAMTKDZFQjY2NTMyNTA3MTQ0MDNGQ0E4RjRENURFODA1QzU5NjE0ODA5RjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP0TqXFIwxiRfvuOmM5t9jKg+u BxUx6XaSxASpGpp7jPwcj+ugWbfHjZSep9Sa1DHTakbVIdoejwZendBhIxqDp6PX 26eXCFxigQ1qGhmrdxK21hnIGYfUDdjZuUhnKkmpGLud6QDUFepC5sO6jq2MOjEl 5bGiULUvIa/LS8TodHnE03s0t8AbAjrGxeHaDb7HEI6rqDcqLX3QKZok6ymQf0Pu ts/vhGeSJBWG64e6YLk8pa0c6cCIi5/Zx0BdfrtGzi/i9RtMK7DyNitOdg/IwQ8Q gR3iTLO+ej2sPMVXF10C94APehRP6J2/b1oRnaEVscPVfywwY0h01IPBZyHNAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQUbrZlMlBxRAP8qPTV3oBcWWFICfIwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQAKHmcDSn3dSAD5GJ1edat5yY5nb553h7EPmko5ixiwE2uSejPH65Ba7FtQ Zw+pNz4pVPjyjfojvgteyDBc8I39Gnqf5isROLdWg+UiE2SLyzHIoMW9Tt9J7iI4 bgcPVLmyQt3Nk4T7C/usGxhRVZU3wvn68SNNWg5i15M72koM1WLJCyHJQDxH6t0M pNsz9VTYs4FQdmMohKEggo1jWLsn5+p76UGCxpSAED0lGVesJfhZpkJKX7hutI9L MPOCPkwLxCRDL9or3wtK+amfdFawOTxfcihN0mYWEZCuL6cRjbJkydFgHXtpLN/L Rb0Pf6vB80wPW3IkZxID5W0MsGKl -----END CERTIFICATE-----Generated at Tue Oct 28 12:18:41 2025 by rpki-client