$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft File: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft (raw, json) Hash identifier: 6sFHt8AfsOuq3F1BWWbw4SvMVP1MlvyvgfXuApGHPCc= Subject key identifier: 40:87:C0:98:16:41:1F:95:75:24:D2:07:73:E7:63:ED:42:7E:A9:FE Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Certificate serial: 18D944222D8D36C7974436639D38F1A07CA926A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft Manifest number: 013D Signing time: Mon 27 Oct 2025 01:57:14 +0000 Manifest this update: Mon 27 Oct 2025 01:52:14 +0000 Manifest next update: Tue 28 Oct 2025 05:08:14 +0000 Files and hashes: 1: 326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa (hash: OBdYMpDCrnydUqYR/9aR6OWDxV3xrASuK04QdHbbnp4=) 2: 326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa (hash: 9ztDCaU6aAMVKVrLFNLTSsl1A84X7CinJDw99b10Wgk=) 3: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (hash: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=) 4: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl (hash: agyfrTSjVJ1B8ICn7l8BXb8cmBn1JzvgnLy7qwtnBQ4=) 5: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (hash: lpEMU1X1JLSHAOWUFG4frUPhBZsu7LhlBnijuGC43xs=) 6: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (hash: fCahoT0DASmE4L0CnNku4FHnUTfBEMsJKaoRBnEvKJY=) 7: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (hash: AiP13DNBwIkSFzdQdSir0FYGd4okcKOcyfxhs/nt0mM=) 8: 326130653a666434353a326633303a3a2f34382d3438203d3e20323039333130.roa (hash: Ah9wB6P+J6/u6bq6IHZMWUCN9kLwcy3+ovMQjaM+Mjs=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Oct 2025 05:08:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:d9:44:22:2d:8d:36:c7:97:44:36:63:9d:38:f1:a0:7c:a9:26:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Validity Not Before: Oct 27 01:52:14 2025 GMT Not After : Oct 28 05:08:14 2025 GMT Subject: CN=4087C09816411F957524D20773E763ED427EA9FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:34:53:40:01:57:0d:5e:df:fc:7e:b2:ca:c0: 7d:d4:1f:d0:a8:54:54:99:c2:2a:aa:e2:23:57:79: 2f:fe:62:1e:00:3a:f5:77:b8:90:00:85:45:fe:ff: d0:b6:53:02:9e:10:44:14:5c:52:1c:b2:2d:5a:b8: d2:9f:84:20:76:08:34:37:93:e4:00:8b:f0:84:0b: cd:58:f7:26:f6:bd:97:d5:b5:4c:fc:d8:c8:76:26: 6d:a5:4a:da:ab:7f:b6:a9:e7:73:d6:27:60:de:7b: 36:04:ae:64:96:a1:8c:07:b7:9e:34:8d:57:3b:62: 77:0b:5d:b6:15:b2:11:93:ef:b6:33:3c:44:cc:30: fe:dd:af:d1:9c:e3:e7:41:38:a2:13:b1:cc:9d:f8: 4b:59:02:ae:6a:82:a0:8a:11:be:10:0b:df:b4:10: d1:b9:53:48:9e:69:7a:09:2a:af:fb:06:57:69:af: a0:0f:26:c3:0b:18:a8:80:e5:5f:da:2f:06:5d:a0: 41:e0:dd:d8:69:91:9f:61:5a:99:9b:b8:f9:ae:66: 11:5b:db:be:03:a0:39:ea:dc:6e:49:dc:bb:ac:6f: c3:d8:c5:45:79:1d:8b:44:3a:1e:75:b2:84:55:e8: 17:e2:cc:e9:12:2a:da:db:55:38:cb:6b:36:61:76: 96:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:87:C0:98:16:41:1F:95:75:24:D2:07:73:E7:63:ED:42:7E:A9:FE X509v3 Authority Key Identifier: keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:30:93:03:f1:3a:60:ef:75:2c:99:d9:f9:08:df:25:0c:2b: 88:d9:53:ac:69:f6:24:50:13:ca:d9:b5:6d:d2:14:c8:84:47: 0e:be:7c:e4:b3:f8:b6:fe:74:46:7d:eb:fc:22:c2:75:c6:6d: 58:9f:6e:9c:17:a1:d5:83:85:fb:94:7c:38:36:44:7d:af:cc: ef:ee:9f:d5:5a:8b:cd:43:7c:86:d0:06:ae:4e:2e:8a:6f:72: e0:50:79:e1:21:73:28:4c:ac:3d:59:05:4e:dc:ea:a7:39:01: da:9c:d4:e1:79:ad:d7:43:c2:3d:b4:62:bf:a7:37:b5:cc:1f: 7a:6f:57:8f:e8:03:be:02:a6:ac:dc:95:f3:30:02:a4:8c:a1: d0:3b:ea:02:a0:2f:84:60:7f:3d:fa:d0:09:ef:27:9e:48:8e: e2:a7:41:83:a9:38:55:8c:ae:16:8a:2e:4b:1b:17:91:d1:05: 8b:9a:e2:2f:dc:67:05:f2:28:c1:4d:cd:d1:19:2f:82:a3:cb: fc:a9:1a:c2:6c:40:f4:b7:68:e3:06:4e:e6:b4:e5:eb:7c:1d: 9b:31:a4:45:12:fe:80:1e:86:b3:ca:58:f9:0f:ee:01:d3:b3: 51:12:8d:38:9b:f8:2b:e9:52:7a:1b:ec:0b:cc:ba:3e:85:2c: d1:d7:45:af -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUGNlEIi2NNseXRDZjnTjxoHypJqUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw OWVhMzk4NTAeFw0yNTEwMjcwMTUyMTRaFw0yNTEwMjgwNTA4MTRaMDMxMTAvBgNV BAMTKDQwODdDMDk4MTY0MTFGOTU3NTI0RDIwNzczRTc2M0VENDI3RUE5RkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZNFNAAVcNXt/8frLKwH3UH9Co VFSZwiqq4iNXeS/+Yh4AOvV3uJAAhUX+/9C2UwKeEEQUXFIcsi1auNKfhCB2CDQ3 k+QAi/CEC81Y9yb2vZfVtUz82Mh2Jm2lStqrf7ap53PWJ2DeezYErmSWoYwHt540 jVc7YncLXbYVshGT77YzPETMMP7dr9Gc4+dBOKITscyd+EtZAq5qgqCKEb4QC9+0 ENG5U0ieaXoJKq/7Bldpr6APJsMLGKiA5V/aLwZdoEHg3dhpkZ9hWpmbuPmuZhFb 274DoDnq3G5J3Lusb8PYxUV5HYtEOh51soRV6BfizOkSKtrbVTjLazZhdpb9AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUQIfAmBZBH5V1JNIHc+dj7UJ+qf4wHwYDVR0j BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1 YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu cU9ZVS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZGZiMzBjYS1l MWMyLTQ5MjEtYjA1NC1kNGFmMDkxNjVhZjEvMC83RjIxNkY0OUEzQjlBODRBMEU4 NUU4MEEyQzQyODc0RjA5RUEzOTg1Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFTCTA/E6YO91LJnZ+Qjf JQwriNlTrGn2JFATytm1bdIUyIRHDr585LP4tv50Rn3r/CLCdcZtWJ9unBeh1YOF +5R8ODZEfa/M7+6f1VqLzUN8htAGrk4uim9y4FB54SFzKEysPVkFTtzqpzkB2pzU 4Xmt10PCPbRiv6c3tcwfem9Xj+gDvgKmrNyV8zACpIyh0DvqAqAvhGB/PfrQCe8n nkiO4qdBg6k4VYyuFoouSxsXkdEFi5riL9xnBfIowU3N0RkvgqPL/KkawmxA9Ldo 4wZO5rTl63wdmzGkRRL+gB6Gs8pY+Q/uAdOzURKNOJv4K+lSehvsC8y6PoUs0ddF rw== -----END CERTIFICATE-----Generated at Mon Oct 27 09:23:39 2025 by rpki-client