$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.mft File: 72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.mft (raw, json) Hash identifier: T+Ot46yqKZ+CRwNUaGSQZkyqwhbC2YBbi4hMpZ81ahc= Subject key identifier: C9:E9:CC:B4:FB:1C:6C:7C:58:9E:74:CE:63:5F:22:F3:E9:ED:4D:1A Authority key identifier: 72:F3:EE:16:9F:9B:D7:1F:78:A4:2D:1A:72:FE:0F:2A:82:48:22:D1 Certificate issuer: /CN=72f3ee169f9bd71f78a42d1a72fe0f2a824822d1 Certificate serial: 17F3634289DC2EE742A532A149C8E7C5B6873C72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.mft Manifest number: 0108 Signing time: Tue 11 Nov 2025 10:48:53 +0000 Manifest this update: Tue 11 Nov 2025 10:43:53 +0000 Manifest next update: Wed 12 Nov 2025 11:53:53 +0000 Files and hashes: 1: 3139352e37342e34302e302f32322d3234203d3e203331313834.roa (hash: OWTrG12il6+R+m95Ctsd+LQNgEyVIDW3AMDlydaSO3g=) 2: 326131333a363134303a3a2f32392d3332203d3e203331313834.roa (hash: HEAzsbwZSQMPtZWHDUG9J3+dKm/03SetBs7lrO1nkwI=) 3: 3139332e32322e3235332e302f32342d3234203d3e203331313834.roa (hash: WrMYNrMKiwcHb7Layep1L0ANnPM7z3AEErZKMOJmYxg=) 4: 72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.crl (hash: DkAkNMNrqbtezpNm52WJtibP9FNDWodgTDb2d0RpdZ0=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.crl rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.mft rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 12 Nov 2025 09:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:f3:63:42:89:dc:2e:e7:42:a5:32:a1:49:c8:e7:c5:b6:87:3c:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72f3ee169f9bd71f78a42d1a72fe0f2a824822d1 Validity Not Before: Nov 11 10:43:53 2025 GMT Not After : Nov 12 11:53:53 2025 GMT Subject: CN=C9E9CCB4FB1C6C7C589E74CE635F22F3E9ED4D1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f3:69:2d:f4:b6:22:bf:52:dc:1e:2b:c4:2a: 29:a5:82:0b:75:ff:59:bc:69:5a:8f:cc:67:44:0a: f5:c2:81:98:df:4e:74:2b:04:00:ee:a9:83:e7:9c: 67:9f:5e:9b:47:9a:ac:57:04:0c:9c:75:6c:5d:7b: 33:5c:ac:1d:f8:f2:f8:14:2b:9a:fd:6e:ea:dc:21: b0:fa:78:0c:82:f1:d7:81:05:b0:49:de:cc:c0:03: c4:c6:37:56:c9:64:d2:78:8c:35:59:87:8e:54:36: 67:3e:7e:07:3a:2f:35:cb:91:37:05:f4:f2:8d:ce: 83:5e:f9:c3:7d:71:ac:5c:33:eb:0e:18:89:4d:b8: 61:a8:19:c6:a8:b5:95:0c:dc:12:44:5e:21:58:4c: 19:04:ed:cf:a3:45:21:c5:21:6d:62:11:eb:dd:39: 79:c2:5b:5f:87:0f:98:64:2d:97:5f:52:76:5b:2c: 05:80:3e:0b:16:ea:a8:c7:54:7e:d1:61:56:36:de: 05:c0:da:a8:3a:01:2c:35:8e:d8:61:bb:a7:ba:4a: 9c:61:04:f8:a6:bb:76:90:f4:7b:5d:47:1b:a8:7f: b3:44:04:47:62:76:b5:95:30:c1:2b:f8:3e:23:e1: 53:61:37:9c:cc:f4:12:a6:c9:00:cb:46:4f:96:17: 13:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:E9:CC:B4:FB:1C:6C:7C:58:9E:74:CE:63:5F:22:F3:E9:ED:4D:1A X509v3 Authority Key Identifier: keyid:72:F3:EE:16:9F:9B:D7:1F:78:A4:2D:1A:72:FE:0F:2A:82:48:22:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:72:93:8d:21:c1:f6:f3:05:96:cf:60:cd:7e:98:40:43:c6: cb:78:a5:97:50:a4:13:25:f6:32:a8:a2:ed:79:93:0f:10:77: 9b:19:a7:70:fb:cd:69:d6:61:53:03:b1:c1:3f:05:69:d3:68: 9d:64:3f:24:10:a7:ad:e5:6e:45:9e:14:aa:78:25:b0:6a:42: 19:d5:df:ae:fa:a0:a3:7d:70:9a:ce:f3:be:5e:5b:e2:ad:80: 71:e8:56:6c:37:ae:78:f9:61:70:55:a6:e7:43:f0:71:10:7b: db:80:60:73:30:b6:ec:61:cb:b2:82:09:0f:0a:a2:c5:89:d1: b8:e9:b7:77:15:78:0c:4b:93:c1:b2:7e:e3:99:34:0c:a3:64: 5e:8f:2f:09:45:d2:c7:9a:59:d9:23:85:09:5a:61:c3:7c:6c: 52:ae:da:e2:cb:72:c1:11:52:cd:12:d2:4f:7e:25:9a:b1:d9: bb:2e:2c:9b:b0:f5:6f:f5:54:9e:47:3b:f0:63:e1:ee:6d:ac: 7e:64:3f:27:3a:ea:24:69:7c:5f:1a:a4:4e:60:24:0a:0c:16: 46:3d:dc:37:30:75:41:81:5d:b5:cf:60:f0:bf:c3:5c:6c:04: de:1b:2e:dd:82:51:78:17:3f:d8:ee:2b:01:5f:c9:53:ed:d5: 92:fe:ed:89 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUF/NjQoncLudCpTKhScjnxbaHPHIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzJmM2VlMTY5ZjliZDcxZjc4YTQyZDFhNzJmZTBmMmE4 MjQ4MjJkMTAeFw0yNTExMTExMDQzNTNaFw0yNTExMTIxMTUzNTNaMDMxMTAvBgNV BAMTKEM5RTlDQ0I0RkIxQzZDN0M1ODlFNzRDRTYzNUYyMkYzRTlFRDREMUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB82kt9LYiv1LcHivEKimlggt1 /1m8aVqPzGdECvXCgZjfTnQrBADuqYPnnGefXptHmqxXBAycdWxdezNcrB348vgU K5r9burcIbD6eAyC8deBBbBJ3szAA8TGN1bJZNJ4jDVZh45UNmc+fgc6LzXLkTcF 9PKNzoNe+cN9caxcM+sOGIlNuGGoGcaotZUM3BJEXiFYTBkE7c+jRSHFIW1iEevd OXnCW1+HD5hkLZdfUnZbLAWAPgsW6qjHVH7RYVY23gXA2qg6ASw1jthhu6e6Spxh BPimu3aQ9HtdRxuof7NEBEdidrWVMMEr+D4j4VNhN5zM9BKmyQDLRk+WFxMLAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUyenMtPscbHxYnnTOY18i8+ntTRowHwYDVR0j BBgwFoAUcvPuFp+b1x94pC0acv4PKoJIItEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjgyYjVlMDAtMmFjMy00OWYxLWEyOWItMjZhNWZkZjBm YTQxLzAvNzJGM0VFMTY5RjlCRDcxRjc4QTQyRDFBNzJGRTBGMkE4MjQ4MjJEMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2N2UHVGcC1iMXg5NHBDMGFjdjRQS29K SUl0RS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yODJiNWUwMC0y YWMzLTQ5ZjEtYTI5Yi0yNmE1ZmRmMGZhNDEvMC83MkYzRUUxNjlGOUJENzFGNzhB NDJEMUE3MkZFMEYyQTgyNDgyMkQxLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGXKTjSHB9vMFls9gzX6Y QEPGy3ill1CkEyX2Mqii7XmTDxB3mxmncPvNadZhUwOxwT8FadNonWQ/JBCnreVu RZ4UqnglsGpCGdXfrvqgo31wms7zvl5b4q2AcehWbDeuePlhcFWm50PwcRB724Bg czC27GHLsoIJDwqixYnRuOm3dxV4DEuTwbJ+45k0DKNkXo8vCUXSx5pZ2SOFCVph w3xsUq7a4stywRFSzRLST34lmrHZuy4sm7D1b/VUnkc78GPh7m2sfmQ/JzrqJGl8 XxqkTmAkCgwWRj3cNzB1QYFdtc9g8L/DXGwE3hsu3YJReBc/2O4rAV/JU+3Vkv7t iQ== -----END CERTIFICATE-----Generated at Tue Nov 11 13:58:41 2025 by rpki-client