$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft File: 9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft (raw, json) Hash identifier: 2Gmsp81xKhJ+Vk2ipNv6No9Hm8wVOyOQUH+NZAgmSyA= Subject key identifier: 4F:42:5B:D5:60:28:01:90:DC:37:07:90:15:8F:FB:C1:D7:F2:54:EF Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae Certificate serial: 1C35BBBB0D732FD4E60594ECFBF272D5148D933B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft Manifest number: 0460 Signing time: Tue 21 Oct 2025 09:22:17 +0000 Manifest this update: Tue 21 Oct 2025 09:17:17 +0000 Manifest next update: Wed 22 Oct 2025 11:43:17 +0000 Files and hashes: 1: 38392e3131362e3131362e302f32322d3232203d3e203135343139.roa (hash: +6pKiWIr1xfpXpXCXiVMVMi0tFetJIO1JWmpuLH4c10=) 2: 3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa (hash: W9T8aPnkMAlNbGOA+isd3U8U+YdKRxlDW0/+vHw4iGg=) 3: 38362e33382e332e302f32342d3234203d3e203135343139.roa (hash: 1jWpw+W9zeIRwNdxwEeWvA1uKZ5XVqeLW/yed0hU+d4=) 4: 326130323a323633303a3a2f33322d3332203d3e203135343139.roa (hash: qWp9paAJXWyG6T4NlWTD/O+mrcUKf+wb2OOSJ/RUTQM=) 5: 3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa (hash: Pgs5ueHQXHOzRUAnFpUKAel9Ig4WE+HMpXX4wHeR3SY=) 6: 38392e3131362e31392e302f32342d3234203d3e203135343139.roa (hash: 4JL3Gtu7UsX3IaHs3LaQwmdxUfCfFV6YWJerzJoc+wE=) 7: 38392e3131362e31322e302f32332d3233203d3e203135343139.roa (hash: vCrLMX0eSFK/WsSjH4NPI6BnYmwIN7ZEFJbozFxO6uE=) 8: 38322e3134302e3138392e302f32342d3234203d3e203135343139.roa (hash: q/tmnbq1kdd2hUMwbcuSKcZt7pux1EaGGpLbn7IfofI=) 9: 38392e3131362e31352e302f32342d3234203d3e203135343139.roa (hash: /LejqbWiFUxs1DgkjzVItnmcQXCtVjOkQxj/fIk9rAQ=) 10: 3231372e392e3234322e302f32342d3234203d3e203135343139.roa (hash: mOAttZBNx/CTeO/Z3xtwFj9TNAzOHD7wWSzttDopHBY=) 11: 38392e3131362e312e302f32342d3234203d3e203135343139.roa (hash: QlNtxapPtCDVmKsd/rR7Y2Bq1QIkmg64gwg6mpWc9ZY=) 12: 38392e3131362e342e302f32322d3232203d3e203135343139.roa (hash: S7PYQmgyaS+nUukOrNi+7gU0SVsm2vupfOTXwPtPOXM=) 13: 3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa (hash: ld9bmw/lU5ViE7fFfnUAARe92vzpSXeZ47xTrIGHE2Y=) 14: 38392e3131362e34322e302f32332d3233203d3e203135343139.roa (hash: dqiC7sfkexEdY4bNAfWo7TkIe5GTWHX5uIAGfupS9Ro=) 15: 9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl (hash: wgDQ3xlNXkwD64V/Onl3hJwyj4EzRjwzLN1Jv24d5sM=) 16: 38392e3131362e34312e302f32342d3234203d3e203135343139.roa (hash: nrTdofG3QiyT59ifvXqBtX8pF4lYbmqFJc6mO1yyOW0=) 17: 3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa (hash: DudKC7EbN/x1z3E3UcohZZDxNJCJJwujdDPss+8DrkI=) 18: 326130323a323633303a3a2f32392d3239203d3e203135343139.roa (hash: 8htEN27nXC1XFUYvScmaKLGazPRUUosEipnSlN6XgBk=) 19: 38322e3134302e3133312e302f32342d3234203d3e203135343139.roa (hash: YcmyLeFBQ+WK9MxW4qT13yT/CsdMqFWcCNcHges7cNY=) 20: 38392e3131362e31362e302f32332d3233203d3e203135343139.roa (hash: 7gdiZpTYF4VKwdmEsTHKuwi6oAiZC6mVLx4cpcdl/GE=) 21: 38392e3131362e322e302f32332d3233203d3e203135343139.roa (hash: twheygdBU9M/hWK8PwEKS7vel1IBGYLsGKuF6NDPdmA=) 22: 38362e33382e382e302f32312d3231203d3e203135343139.roa (hash: uWYPVYjRnhouz2kB1gip220mm9ixJ1+yxtSXIITlxEw=) 23: 3231372e392e3235342e302f32332d3233203d3e203135343139.roa (hash: iksl6QO5bGAwqBp6Vth9mckUoVZxpFnDxq6gmgw5QDs=) 24: 38322e3134302e3137382e302f32342d3234203d3e203135343139.roa (hash: kVZlSJSrWOIFgbVyyqSUiD6jECTpvfhx5mx8hRL1cGE=) 25: D34606949D385DB42714FE71274FAC9948EF279C.cer (hash: TQCZQkzK1CqgemnKR/erluvTKMYq58W//DcXZ16FiAE=) 26: 3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa (hash: yiPh36TU1+o+jLX45pyYr1yhJEOI86BPrMUwrS94mMI=) 27: 3231372e392e3234312e302f32342d3234203d3e203135343139.roa (hash: hFAW06mmhAPSV/HJ4B8aC2PvIR5CrcKx3FcqsTikSiM=) 28: 3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa (hash: 3LQCLtbZ2cAzmsqD8inTKmHS0+b4RIJVefCUUonuvB0=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 22 Oct 2025 07:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:35:bb:bb:0d:73:2f:d4:e6:05:94:ec:fb:f2:72:d5:14:8d:93:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae Validity Not Before: Oct 21 09:17:17 2025 GMT Not After : Oct 22 11:43:17 2025 GMT Subject: CN=4F425BD560280190DC370790158FFBC1D7F254EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d5:b7:a7:64:00:a3:be:36:42:c4:d6:73:73: 4d:e0:20:05:3f:55:c1:d8:7a:95:ce:61:18:4e:0e: 95:d4:14:0a:2c:1a:8f:4b:1e:99:ac:68:c9:2d:74: 17:3d:59:e9:f6:eb:99:87:05:f8:15:c1:97:0b:ed: da:5e:6f:15:d8:8a:b6:79:93:6d:79:4e:00:9c:67: c6:2e:77:ee:21:50:aa:e6:70:9e:41:1a:15:e0:fb: 60:08:20:24:4d:75:69:8a:14:64:f1:be:9f:42:f3: a7:80:c1:df:47:d4:34:90:28:9c:57:8f:8b:88:68: 4f:2a:1d:03:63:b3:5d:af:b0:b6:dd:01:fd:e0:10: 50:d7:fa:80:26:15:96:b5:13:af:e6:c4:62:98:61: f8:23:89:15:57:df:f3:70:dc:97:55:5f:9a:91:9c: 26:2a:e9:cc:cf:eb:f7:48:36:2d:18:80:63:af:1d: b0:3b:51:cb:db:4d:cf:92:7b:ac:72:55:3a:c5:10: fb:f3:d9:57:c9:3e:1b:8c:ae:2c:8a:b8:17:02:b9: 1e:6d:b8:6f:b2:5c:c9:a6:33:3a:5a:6e:cc:a7:73: 1c:1f:a3:d3:e5:14:9f:ff:e1:9a:ba:f6:cf:33:d1: 1f:1b:a4:a5:ee:57:36:97:12:71:c1:98:9e:0b:99: 27:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:42:5B:D5:60:28:01:90:DC:37:07:90:15:8F:FB:C1:D7:F2:54:EF X509v3 Authority Key Identifier: keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:e1:28:23:e4:9f:b0:30:ba:61:b6:41:3c:4a:c2:62:36:92: 7f:70:bf:8d:b0:30:c5:bc:49:e6:c1:a8:c2:21:d9:b1:36:ba: 15:83:95:f3:f2:2d:61:3d:14:2c:3f:97:26:c5:84:14:e5:dc: 2d:fc:b9:3f:16:0c:72:e9:d4:9e:5f:b5:a9:3b:c7:38:c6:6e: 94:4b:6b:fe:d4:a9:fb:80:d4:e2:ed:29:c9:e8:a8:70:49:b4: d0:73:f7:ec:27:0f:96:74:ce:50:13:5e:f9:e4:8e:3c:e7:31: 0e:b8:fa:28:36:1f:54:ec:22:eb:9f:47:ff:1f:a4:89:bf:34: 9f:4a:2b:80:a3:a6:92:3d:e2:04:ca:0f:62:1b:26:b6:31:6b: 5e:08:c9:19:47:78:2c:11:4b:5a:32:27:83:a3:b5:c4:f2:61: 5f:6c:43:6c:55:c4:b7:06:eb:7f:ba:5d:7d:1e:48:6b:a4:8d: 16:e9:40:25:05:27:a7:ac:61:f0:93:39:06:d1:1c:94:d7:3a: cc:e9:ed:67:7a:a9:2c:59:13:77:87:3a:ad:d3:ef:3e:3f:7f: 71:06:5f:65:9a:92:e3:05:c5:91:7e:9d:ad:79:2b:84:e5:17: 2e:da:0f:c4:6c:e5:5d:d7:80:16:47:4d:09:88:f5:22:9a:e2: b8:f5:c7:cc -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUHDW7uw1zL9TmBZTs+/Jy1RSNkzswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh MDIxNDRhZTAeFw0yNTEwMjEwOTE3MTdaFw0yNTEwMjIxMTQzMTdaMDMxMTAvBgNV BAMTKDRGNDI1QkQ1NjAyODAxOTBEQzM3MDc5MDE1OEZGQkMxRDdGMjU0RUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI1benZACjvjZCxNZzc03gIAU/ VcHYepXOYRhODpXUFAosGo9LHpmsaMktdBc9Wen265mHBfgVwZcL7dpebxXYirZ5 k215TgCcZ8Yud+4hUKrmcJ5BGhXg+2AIICRNdWmKFGTxvp9C86eAwd9H1DSQKJxX j4uIaE8qHQNjs12vsLbdAf3gEFDX+oAmFZa1E6/mxGKYYfgjiRVX3/Nw3JdVX5qR nCYq6czP6/dINi0YgGOvHbA7UcvbTc+Se6xyVTrFEPvz2VfJPhuMriyKuBcCuR5t uG+yXMmmMzpabsyncxwfo9PlFJ//4Zq69s8z0R8bpKXuVzaXEnHBmJ4LmSfjAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUT0Jb1WAoAZDcNweQFY/7wdfyVO8wHwYDVR0j BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0 M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB aFJLNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wMDJlMGJhMy1m ZTYwLTQ1YjEtOTE2MC04NjhhMmY4YTQzYjEvMy85REY4NTk5N0IxQjlCMzU4RTFD NDNGMzY3NjVBQTBBNEEwMjE0NEFFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADOEoI+SfsDC6YbZBPErC YjaSf3C/jbAwxbxJ5sGowiHZsTa6FYOV8/ItYT0ULD+XJsWEFOXcLfy5PxYMcunU nl+1qTvHOMZulEtr/tSp+4DU4u0pyeiocEm00HP37CcPlnTOUBNe+eSOPOcxDrj6 KDYfVOwi659H/x+kib80n0orgKOmkj3iBMoPYhsmtjFrXgjJGUd4LBFLWjIng6O1 xPJhX2xDbFXEtwbrf7pdfR5Ia6SNFulAJQUnp6xh8JM5BtEclNc6zOntZ3qpLFkT d4c6rdPvPj9/cQZfZZqS4wXFkX6drXkrhOUXLtoPxGzlXdeAFkdNCYj1IpriuPXH zA== -----END CERTIFICATE-----Generated at Tue Oct 21 13:23:38 2025 by rpki-client