$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft File: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft (raw, json) Hash identifier: UZvyX7bZHRoNtqIZv8oykE43AXoleGJGzUMbZe85UY8= Subject key identifier: 8F:A5:BE:E0:74:5D:B1:E0:5D:8D:12:3E:ED:F1:6B:32:F0:E3:7E:4E Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Certificate serial: 3B767DC3EAFD05DFAEAD918743F604529694E328 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft Manifest number: 0587 Signing time: Mon 16 Mar 2026 21:35:37 +0000 Manifest this update: Mon 16 Mar 2026 21:30:37 +0000 Manifest next update: Tue 17 Mar 2026 23:39:37 +0000 Files and hashes: 1: 34362e3138332e32382e302f32342d3234203d3e203631333137.roa (hash: EQc8ZSWRYu3w3yABE1KT+uLZnchUtUDhUBMKc9gsz8U=) 2: 34362e3138332e32372e302f32342d3234203d3e20323132323338.roa (hash: MBTQi0HOcbTwY/4fQl+vTOHLOQ2FmR/EhBIZ6Dj3u14=) 3: 34362e3138332e32362e302f32342d3234203d3e2039303039.roa (hash: ckwThy9Ftd6Jb/nTbj53dd12b3F3RSR9Etp8JSW5svM=) 4: 34362e3138332e32352e302f32342d3234203d3e203633303233.roa (hash: 4jq0qwMJqWtfRUuzz3vPyKHtua4FM5/8Y3cvVGfTKBM=) 5: 34362e3138332e32392e302f32342d3234203d3e20383334.roa (hash: cCNMl/j8O4+QWokqGu7uLfEk807f860f4W6iD80yDww=) 6: 34362e3138332e33302e302f32342d3234203d3e203631333137.roa (hash: pxnqedD3kuwz1m+9x0q4e9R46P3xXGAP6tM7JZr4zqQ=) 7: 34362e3138332e33312e302f32342d3234203d3e20383334.roa (hash: sUL1Un4mrUIulXB1hFi4zMCmkeeullp5kTLJ3eXsXVI=) 8: 34362e3138332e32342e302f32342d3234203d3e20313432313436.roa (hash: U6sIE1tc5XNg8Vw7jnbxLLCNANnB9wH3voxb1FhuZwc=) 9: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl (hash: RnIZjPaIwLOGRUYKs3Rey2f+vA9RrIgCZbLS/ZEJ4T4=) 10: 34362e3138332e32352e302f32342d3234203d3e20323132323338.roa (hash: lxi2m0tJ4IwcIv1Qu/mxuwgzf8BGdtHdxfKNM9mKZEQ=) 11: 34362e3138332e32382e302f32342d3234203d3e203239383032.roa (hash: kUcJYnZDGTlKIzzpmv1f5LvT/3qyw3JDmGespkIKDl8=) 12: 34362e3138332e33302e302f32342d3234203d3e203239383032.roa (hash: 72nHdO4b4bTlOVAl3qEYnqrejyz7ta1anmrlcAXdAWw=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 17 Mar 2026 19:32:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:76:7d:c3:ea:fd:05:df:ae:ad:91:87:43:f6:04:52:96:94:e3:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Validity Not Before: Mar 16 21:30:37 2026 GMT Not After : Mar 17 23:39:37 2026 GMT Subject: CN=8FA5BEE0745DB1E05D8D123EEDF16B32F0E37E4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:49:cc:6e:07:63:8f:09:a1:99:1a:24:ba:7c: 18:c7:a0:4d:42:12:f5:9a:41:80:c3:b2:39:fb:d6: 60:b2:c7:34:13:9c:40:72:b2:5e:3a:01:86:ad:02: ff:4b:8f:e5:30:40:fd:6b:ff:79:0e:8f:de:61:16: 1f:23:02:2a:df:ed:1b:5a:c0:a0:b8:f0:5e:e9:61: e3:fc:2f:a8:ea:25:d8:c4:44:6d:ec:d7:65:89:17: ea:cd:81:4f:ea:17:cc:33:e3:21:61:2d:13:3f:77: 3f:ca:55:04:2a:1e:78:8f:2b:b9:3d:29:a2:ae:b5: be:0b:9e:ec:2a:e0:ef:2b:5b:a6:78:29:df:be:0e: 09:07:ce:75:4d:28:48:b9:bf:d0:b5:12:f8:7b:89: b0:2c:18:b6:f0:32:73:ae:7f:0f:e2:4f:68:45:c5: 24:9f:b2:6d:08:94:86:c8:58:dc:84:12:40:99:65: 02:d2:48:04:e5:de:c1:ba:a6:c7:fd:bc:64:ac:0b: da:b2:bc:9c:58:66:41:eb:e0:d3:e3:1b:ff:05:d0: 5e:60:79:c2:e0:7d:2c:e1:77:b4:4b:f3:46:8a:45: db:8c:f4:ff:e1:0e:7a:a3:f2:6f:7d:40:26:a2:c6: c2:6f:53:01:e3:e1:cb:f3:86:6e:df:21:f2:9f:65: d9:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:A5:BE:E0:74:5D:B1:E0:5D:8D:12:3E:ED:F1:6B:32:F0:E3:7E:4E X509v3 Authority Key Identifier: keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:09:ad:81:26:3d:4c:fc:80:e1:97:b3:d0:00:7a:98:07:23: 35:75:e4:e0:f6:07:81:ed:7e:c6:b4:b8:b4:6c:ed:ca:88:3e: 94:ac:d8:27:5c:51:59:7e:93:c0:9f:c8:ea:8d:dd:4c:c7:ce: 84:83:61:73:fb:40:3d:85:59:84:a4:85:1e:bf:22:fd:d1:59: c3:3d:fd:19:02:ed:42:14:c9:12:18:d6:10:f6:67:64:fb:0f: b9:2a:aa:31:f7:dd:58:da:9c:be:c9:5a:92:ae:8b:08:47:72: e7:ac:47:26:61:04:92:de:09:7d:7a:e1:42:22:f4:d4:8c:e6: 8b:22:22:4b:52:9f:86:83:dc:b0:4f:fe:d0:ab:25:6a:8d:18: 16:8e:d1:df:ec:ba:92:a8:96:35:7d:8e:73:4a:82:bd:30:1c: c2:55:8f:62:41:5b:f4:5d:16:0e:8c:3f:8d:a3:cf:2e:63:31: e4:69:a9:90:9a:0a:02:be:bd:f4:e9:52:7e:b9:04:3c:16:14: 49:55:33:fc:a2:ca:e0:91:03:96:1e:10:5d:7f:29:f2:1a:51: 4f:f9:96:5b:7c:cc:b5:a7:44:6c:e3:67:a6:61:d4:03:a2:f4: 3b:21:fe:57:bc:f4:72:a4:85:be:56:84:89:d2:2d:89:07:3a: 97:8c:1f:0e -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUO3Z9w+r9Bd+urZGHQ/YEUpaU4ygwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj YzY3N2IwMDAeFw0yNjAzMTYyMTMwMzdaFw0yNjAzMTcyMzM5MzdaMDMxMTAvBgNV BAMTKDhGQTVCRUUwNzQ1REIxRTA1RDhEMTIzRUVERjE2QjMyRjBFMzdFNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvScxuB2OPCaGZGiS6fBjHoE1C EvWaQYDDsjn71mCyxzQTnEBysl46AYatAv9Lj+UwQP1r/3kOj95hFh8jAirf7Rta wKC48F7pYeP8L6jqJdjERG3s12WJF+rNgU/qF8wz4yFhLRM/dz/KVQQqHniPK7k9 KaKutb4Lnuwq4O8rW6Z4Kd++DgkHznVNKEi5v9C1Evh7ibAsGLbwMnOufw/iT2hF xSSfsm0IlIbIWNyEEkCZZQLSSATl3sG6psf9vGSsC9qyvJxYZkHr4NPjG/8F0F5g ecLgfSzhd7RL80aKRduM9P/hDnqj8m99QCaixsJvUwHj4cvzhm7fIfKfZdnzAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUj6W+4HRdseBdjRI+7fFrMvDjfk4wHwYDVR0j BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0 Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4 bmV3QS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xNmFjYjlhMC02 ZDFlLTRhZTQtOTE3Ny1kOTM4ZTk4MDQzOTUvMC8yNEU1Mzc4OEJENEVGQTIzQjFB ODIwN0I3RTc0QThFMUNDNjc3QjAwLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALgmtgSY9TPyA4Zez0AB6 mAcjNXXk4PYHge1+xrS4tGztyog+lKzYJ1xRWX6TwJ/I6o3dTMfOhINhc/tAPYVZ hKSFHr8i/dFZwz39GQLtQhTJEhjWEPZnZPsPuSqqMffdWNqcvslakq6LCEdy56xH JmEEkt4JfXrhQiL01IzmiyIiS1KfhoPcsE/+0Kslao0YFo7R3+y6kqiWNX2Oc0qC vTAcwlWPYkFb9F0WDow/jaPPLmMx5GmpkJoKAr699OlSfrkEPBYUSVUz/KLK4JED lh4QXX8p8hpRT/mWW3zMtadEbONnpmHUA6L0OyH+V7z0cqSFvlaEidItiQc6l4wf Dg== -----END CERTIFICATE-----Generated at Tue Mar 17 04:00:09 2026 by rpki-client