$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft File: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft (raw, json) Hash identifier: +XKimKiuLZ95MhK3/8LVgatFtHj7nyQDDFK0ZRxw4eA= Subject key identifier: 75:A4:0F:47:6D:38:EB:1A:6D:54:03:5E:8B:07:43:2F:47:21:07:EE Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Certificate serial: 46E90188588EA9105254324BF14756E8705880BD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft Manifest number: 04C0 Signing time: Wed 22 Oct 2025 15:57:46 +0000 Manifest this update: Wed 22 Oct 2025 15:52:46 +0000 Manifest next update: Thu 23 Oct 2025 18:35:46 +0000 Files and hashes: 1: 34362e3138332e32372e302f32342d3234203d3e20323132323338.roa (hash: MBTQi0HOcbTwY/4fQl+vTOHLOQ2FmR/EhBIZ6Dj3u14=) 2: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl (hash: fzccch3TyV8H1f/WwOI+XF/snRHEzFD0O8GsY2JbL9I=) 3: 34362e3138332e33312e302f32342d3234203d3e20313734.roa (hash: 3Z7e+5TwzBef1b9VYHjpmL+5jzamN8gXYO/wLKWP7lA=) 4: 34362e3138332e32342e302f32342d3234203d3e20313432313436.roa (hash: U6sIE1tc5XNg8Vw7jnbxLLCNANnB9wH3voxb1FhuZwc=) 5: 34362e3138332e32392e302f32342d3234203d3e20383334.roa (hash: 0Syl2RFUWkkZiRGY1Pwqb1zrgJevSvKDh9Tp1/7uXXA=) 6: 34362e3138332e33302e302f32342d3234203d3e203631333137.roa (hash: pxnqedD3kuwz1m+9x0q4e9R46P3xXGAP6tM7JZr4zqQ=) 7: 34362e3138332e32362e302f32342d3234203d3e2039303039.roa (hash: ii72WRjo+pDoTtYybgLKaFsOG8JUV0CPdunTnf7/tAg=) 8: 34362e3138332e32352e302f32342d3234203d3e203633303233.roa (hash: 4jq0qwMJqWtfRUuzz3vPyKHtua4FM5/8Y3cvVGfTKBM=) 9: 34362e3138332e32352e302f32342d3234203d3e20323132323338.roa (hash: lxi2m0tJ4IwcIv1Qu/mxuwgzf8BGdtHdxfKNM9mKZEQ=) 10: 34362e3138332e32382e302f32342d3234203d3e203631333137.roa (hash: EQc8ZSWRYu3w3yABE1KT+uLZnchUtUDhUBMKc9gsz8U=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 23 Oct 2025 13:42:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:e9:01:88:58:8e:a9:10:52:54:32:4b:f1:47:56:e8:70:58:80:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Validity Not Before: Oct 22 15:52:46 2025 GMT Not After : Oct 23 18:35:46 2025 GMT Subject: CN=75A40F476D38EB1A6D54035E8B07432F472107EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:c7:5d:b2:bb:d4:cb:2d:0f:81:0f:eb:80:89: f0:ec:3b:07:69:d1:8b:4a:3f:83:df:74:3c:77:59: 85:ae:2c:f0:f2:83:09:99:f4:0f:82:ef:00:29:a3: b6:d1:1b:68:92:7f:2c:cf:f7:80:78:02:db:01:c4: ec:90:6b:69:06:f0:a3:7e:4f:57:1a:cc:56:96:35: b0:d9:ab:31:9d:ce:d9:e4:c0:b2:64:17:90:34:d6: 7f:09:37:3a:64:b6:38:77:1e:30:92:b6:66:8c:c2: b3:f4:ea:59:40:a4:c6:ea:b4:37:20:8d:3f:65:0a: 54:00:79:36:12:96:2a:38:0d:c2:b2:cd:12:17:c3: 62:89:a4:56:65:9e:61:41:5f:a0:de:57:f6:6e:67: 99:73:d5:9a:b2:62:62:fe:63:9e:b3:23:b0:75:1e: 66:f4:60:8c:92:46:72:11:df:e1:69:b0:33:ad:1f: a0:09:44:04:88:38:a6:c7:41:8b:6f:ef:e1:5d:d0: 8d:cd:64:26:1b:84:2d:22:70:b8:c9:08:e5:ca:08: 6f:d1:c9:1c:83:35:67:30:9c:2c:0b:48:39:a1:9f: 45:56:c5:b7:50:f8:ed:f3:93:24:63:40:7c:91:a9: 1f:28:b0:ef:a5:91:75:2a:60:e4:79:8a:c8:1a:43: fe:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:A4:0F:47:6D:38:EB:1A:6D:54:03:5E:8B:07:43:2F:47:21:07:EE X509v3 Authority Key Identifier: keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:a8:39:c0:2d:be:95:1f:c8:de:12:8a:6c:48:ba:b0:db:40: 08:c8:6b:e2:0b:1d:49:eb:a8:40:d3:7d:d3:dc:7c:24:fa:5c: 69:e7:ab:79:67:7d:ba:43:b9:2d:ed:74:63:8d:b0:a9:07:f2: ca:a3:3c:a6:45:b8:a3:90:50:40:3b:d4:39:8b:0b:3b:27:ad: 6b:d1:81:92:27:5b:29:ab:17:8a:82:36:22:59:fb:55:3e:2d: a3:0e:6d:74:fc:64:db:87:16:af:ea:d5:2d:81:c0:3c:69:95: 69:79:0d:0c:ee:29:02:5f:00:39:f9:d8:a3:30:72:65:8e:37: 45:42:14:62:f0:16:4a:64:89:22:b8:31:a8:48:e2:7e:e1:7f: e8:2c:20:40:8c:d0:44:dc:92:f0:97:9d:a4:f7:a2:a3:67:a4: fa:db:c6:21:a0:64:5e:83:85:49:2d:3f:27:36:20:f5:69:50: 07:d0:76:f7:a1:c1:df:0f:b2:27:26:3c:33:ce:a3:c6:72:b8: 78:d0:37:50:b6:66:d7:56:e3:27:b0:63:b9:55:a8:d1:da:17: 3f:46:77:81:8e:68:dc:0e:6b:6e:cd:b1:d7:f8:01:cf:86:7c: 4e:ee:68:b1:5a:01:6d:18:88:a8:3f:82:92:e9:b0:f8:ad:d4: 7c:14:a5:43 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIURukBiFiOqRBSVDJL8UdW6HBYgL0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj YzY3N2IwMDAeFw0yNTEwMjIxNTUyNDZaFw0yNTEwMjMxODM1NDZaMDMxMTAvBgNV BAMTKDc1QTQwRjQ3NkQzOEVCMUE2RDU0MDM1RThCMDc0MzJGNDcyMTA3RUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDax12yu9TLLQ+BD+uAifDsOwdp 0YtKP4PfdDx3WYWuLPDygwmZ9A+C7wApo7bRG2iSfyzP94B4AtsBxOyQa2kG8KN+ T1cazFaWNbDZqzGdztnkwLJkF5A01n8JNzpktjh3HjCStmaMwrP06llApMbqtDcg jT9lClQAeTYSlio4DcKyzRIXw2KJpFZlnmFBX6DeV/ZuZ5lz1ZqyYmL+Y56zI7B1 Hmb0YIySRnIR3+FpsDOtH6AJRASIOKbHQYtv7+Fd0I3NZCYbhC0icLjJCOXKCG/R yRyDNWcwnCwLSDmhn0VWxbdQ+O3zkyRjQHyRqR8osO+lkXUqYOR5isgaQ/4XAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUdaQPR2046xptVANeiwdDL0chB+4wHwYDVR0j BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0 Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4 bmV3QS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xNmFjYjlhMC02 ZDFlLTRhZTQtOTE3Ny1kOTM4ZTk4MDQzOTUvMC8yNEU1Mzc4OEJENEVGQTIzQjFB ODIwN0I3RTc0QThFMUNDNjc3QjAwLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnqg5wC2+lR/I3hKKbEi6 sNtACMhr4gsdSeuoQNN909x8JPpcaeereWd9ukO5Le10Y42wqQfyyqM8pkW4o5BQ QDvUOYsLOyeta9GBkidbKasXioI2Iln7VT4tow5tdPxk24cWr+rVLYHAPGmVaXkN DO4pAl8AOfnYozByZY43RUIUYvAWSmSJIrgxqEjifuF/6CwgQIzQRNyS8JedpPei o2ek+tvGIaBkXoOFSS0/JzYg9WlQB9B296HB3w+yJyY8M86jxnK4eNA3ULZm11bj J7BjuVWo0doXP0Z3gY5o3A5rbs2x1/gBz4Z8Tu5osVoBbRiIqD+Ckumw+K3UfBSl Qw== -----END CERTIFICATE-----Generated at Wed Oct 22 21:43:59 2025 by rpki-client