$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft File: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft (raw, json) Hash identifier: Z0QhrNvPptqRQkeXcRrufpji39XMIIUe/NoDz80NHBw= Subject key identifier: D7:A5:18:DE:5D:5F:41:E7:4D:F7:8E:CD:89:77:24:73:28:82:31:98 Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Certificate serial: 5A49309A1D62C2CD89F4FA7A36D74312D949E9D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft Manifest number: FD Signing time: Wed 10 Sep 2025 08:40:59 +0000 Manifest this update: Wed 10 Sep 2025 08:35:59 +0000 Manifest next update: Thu 11 Sep 2025 09:48:59 +0000 Files and hashes: 1: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (hash: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=) 2: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (hash: fCahoT0DASmE4L0CnNku4FHnUTfBEMsJKaoRBnEvKJY=) 3: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (hash: lpEMU1X1JLSHAOWUFG4frUPhBZsu7LhlBnijuGC43xs=) 4: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (hash: AiP13DNBwIkSFzdQdSir0FYGd4okcKOcyfxhs/nt0mM=) 5: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl (hash: grEj6onazey8mjGbagcnINW0A+T1QyPZ0Z8gicdgJP8=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Sep 2025 09:48:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:49:30:9a:1d:62:c2:cd:89:f4:fa:7a:36:d7:43:12:d9:49:e9:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Validity Not Before: Sep 10 08:35:59 2025 GMT Not After : Sep 11 09:48:59 2025 GMT Subject: CN=D7A518DE5D5F41E74DF78ECD8977247328823198 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f3:cd:75:73:67:54:f1:f9:50:97:28:b3:85: 34:34:dc:ff:51:b4:9d:fa:7e:16:12:eb:b7:a6:3f: 36:5a:77:b8:12:d5:33:a9:90:06:63:5e:30:79:cb: b9:74:48:d9:b8:55:27:91:98:14:3d:98:fc:2c:cf: 48:80:75:ea:ee:a8:66:9a:e3:b3:77:77:3e:01:3a: 0d:2a:7a:db:47:60:98:38:e8:0e:b2:ad:d8:bb:32: 9d:ec:27:e4:a0:9c:ee:2a:ef:d2:4a:84:05:20:19: bd:a9:65:fa:15:93:10:ea:58:d0:26:e1:9b:0c:12: 7d:f3:9f:9f:ce:37:74:45:c8:03:c2:41:d4:d6:88: 3e:13:6c:17:73:1e:dd:16:a2:49:f5:2c:7a:75:92: 91:d0:17:08:0c:28:cb:8a:66:a1:b9:05:7f:70:e1: 41:bb:6b:39:84:2a:87:f5:ff:6b:d7:2f:3a:1c:a0: bb:3e:09:96:56:d6:47:de:f1:9a:97:66:d9:86:43: a4:fc:39:70:22:4f:a5:39:f1:cc:8c:0b:ef:e7:1c: e7:4c:b7:d7:6c:77:e3:bf:50:40:3d:f7:70:58:ed: 67:eb:3c:8d:b0:25:58:ba:e7:af:88:8a:c8:28:a6: a2:e6:4a:69:cf:68:4a:be:53:3b:a0:97:78:c6:5d: c9:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A5:18:DE:5D:5F:41:E7:4D:F7:8E:CD:89:77:24:73:28:82:31:98 X509v3 Authority Key Identifier: keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:c0:6f:c3:88:7e:d0:1f:62:8f:df:0c:94:66:6d:88:c1:89: 48:7e:f7:e9:b1:f8:5f:b3:f6:d8:99:ab:cd:7c:f3:16:74:ff: cf:13:c5:a6:d2:63:2f:0c:ef:33:84:f5:82:66:f0:be:c8:5a: e2:98:4f:fa:c2:7b:d7:89:be:19:88:56:a0:0b:50:ea:3f:f4: 02:f2:8e:c9:65:9d:6d:95:2b:6b:f8:3f:06:41:fc:ee:95:6c: 46:c3:19:d9:19:a8:50:b2:b7:e9:29:a5:7d:51:4b:84:2c:ca: 72:82:d1:d7:07:66:8a:a4:8e:67:10:0f:3a:75:71:2e:d1:a6: 1a:ac:a7:37:26:54:70:86:84:41:3c:6c:68:09:2c:41:7e:0b: 3c:e1:74:8d:a7:81:c0:f6:e3:54:40:79:14:c9:6b:a4:6c:14: 32:5e:1a:77:5f:c0:ed:ce:88:da:0c:91:ed:fd:e6:e8:32:57: 42:10:b1:ac:05:fe:9c:d5:ac:46:34:c3:8d:e2:7f:4c:13:fb: 73:15:b4:60:c0:1f:eb:c3:60:3e:81:81:a5:5b:4e:b2:8c:d3: 92:43:fe:4b:2f:bb:40:c3:9e:f0:16:f6:7c:fe:50:ec:f9:cf: bd:81:4d:4c:89:75:44:a8:79:52:22:04:c8:96:31:65:25:f1: b4:c8:0e:31 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUWkkwmh1iws2J9Pp6NtdDEtlJ6dAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw OWVhMzk4NTAeFw0yNTA5MTAwODM1NTlaFw0yNTA5MTEwOTQ4NTlaMDMxMTAvBgNV BAMTKEQ3QTUxOERFNUQ1RjQxRTc0REY3OEVDRDg5NzcyNDczMjg4MjMxOTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl8811c2dU8flQlyizhTQ03P9R tJ36fhYS67emPzZad7gS1TOpkAZjXjB5y7l0SNm4VSeRmBQ9mPwsz0iAderuqGaa 47N3dz4BOg0qettHYJg46A6yrdi7Mp3sJ+SgnO4q79JKhAUgGb2pZfoVkxDqWNAm 4ZsMEn3zn5/ON3RFyAPCQdTWiD4TbBdzHt0Wokn1LHp1kpHQFwgMKMuKZqG5BX9w 4UG7azmEKof1/2vXLzocoLs+CZZW1kfe8ZqXZtmGQ6T8OXAiT6U58cyMC+/nHOdM t9dsd+O/UEA993BY7WfrPI2wJVi656+IisgopqLmSmnPaEq+Uzugl3jGXckFAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQU16UY3l1fQedN947NiXckcyiCMZgwHwYDVR0j BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1 YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu cU9ZVS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZGZiMzBjYS1l MWMyLTQ5MjEtYjA1NC1kNGFmMDkxNjVhZjEvMC83RjIxNkY0OUEzQjlBODRBMEU4 NUU4MEEyQzQyODc0RjA5RUEzOTg1Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAosBvw4h+0B9ij98MlGZt iMGJSH736bH4X7P22JmrzXzzFnT/zxPFptJjLwzvM4T1gmbwvsha4phP+sJ714m+ GYhWoAtQ6j/0AvKOyWWdbZUra/g/BkH87pVsRsMZ2RmoULK36SmlfVFLhCzKcoLR 1wdmiqSOZxAPOnVxLtGmGqynNyZUcIaEQTxsaAksQX4LPOF0jaeBwPbjVEB5FMlr pGwUMl4ad1/A7c6I2gyR7f3m6DJXQhCxrAX+nNWsRjTDjeJ/TBP7cxW0YMAf68Ng PoGBpVtOsozTkkP+Sy+7QMOe8Bb2fP5Q7PnPvYFNTIl1RKh5UiIEyJYxZSXxtMgO MQ== -----END CERTIFICATE-----Generated at Wed Sep 10 15:05:32 2025 by rpki-client