$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft File: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft (raw, json) Hash identifier: 2McQDhYm+rX9z0h//jET+XRYkHdzQzIX2trr/37f+IA= Subject key identifier: 3A:FC:82:2C:C9:95:3F:15:1E:F1:8E:61:6A:13:7F:D4:14:27:C7:60 Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Certificate serial: 0300A90FEA3866C0E4958813384057113C86500F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft Manifest number: 2A Signing time: Fri 04 Apr 2025 23:48:16 +0000 Manifest this update: Fri 04 Apr 2025 23:43:16 +0000 Manifest next update: Sun 06 Apr 2025 00:03:16 +0000 Files and hashes: 1: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (hash: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=) 2: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (hash: AiP13DNBwIkSFzdQdSir0FYGd4okcKOcyfxhs/nt0mM=) 3: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl (hash: tiST8g8+arfA6i+6kHWZMumR6UZlSKRfdTAT85QKcX0=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 19:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:00:a9:0f:ea:38:66:c0:e4:95:88:13:38:40:57:11:3c:86:50:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Validity Not Before: Apr 4 23:43:16 2025 GMT Not After : Apr 6 00:03:16 2025 GMT Subject: CN=3AFC822CC9953F151EF18E616A137FD41427C760 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:3c:fb:96:73:e4:5b:22:7f:0c:0f:8a:76:c5: da:70:43:6c:1e:03:df:65:53:9a:44:3d:10:00:a1: bf:1e:42:2f:42:7c:f8:9a:49:e5:51:b0:f9:be:ce: 0f:d0:ff:f4:17:1f:6c:04:85:c3:c2:22:01:e7:b1: 2a:3c:bc:c3:ac:b4:a3:99:24:80:de:1b:0c:8c:5c: 26:12:b7:a8:ed:36:e3:21:65:47:a6:4e:c6:fc:7f: cb:ea:ce:df:36:30:cd:95:08:87:c1:61:b9:0e:52: a9:21:71:26:2e:41:e8:fe:bf:4a:14:ec:7d:c5:53: 8c:1d:9e:3a:09:cf:4f:4b:b5:61:16:0f:cc:f0:a1: 5f:d2:13:a7:d5:ed:2b:fa:53:4c:8c:8e:d5:42:a7: 43:38:c3:1f:fb:43:af:af:c0:c8:0c:de:97:81:c7: 85:4c:15:39:c4:67:27:fb:c4:f8:74:41:ae:50:0e: c0:48:4f:ee:29:66:77:8a:93:f9:9c:4c:40:59:ab: 5e:19:3b:e3:c9:0b:be:c3:04:2e:ee:43:51:37:7a: 9c:0c:19:e5:7e:29:4c:99:e8:7e:bc:8a:5b:b8:0f: d8:a6:49:54:f3:09:97:37:9c:b5:60:fb:0f:a3:a6: 99:50:87:81:e8:b6:ca:d3:09:30:4a:fb:8b:83:08: 02:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:FC:82:2C:C9:95:3F:15:1E:F1:8E:61:6A:13:7F:D4:14:27:C7:60 X509v3 Authority Key Identifier: keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:8b:1b:2a:1b:3f:a2:27:ea:58:1f:71:fd:23:a9:e2:49:7d: 09:b0:eb:c4:18:5b:c5:72:b2:c1:e0:8e:f3:69:c5:ff:a7:94: 9b:74:23:0b:b0:7a:fb:12:1f:aa:06:6a:82:c8:15:3c:e2:9b: 30:ba:4f:cd:54:47:0a:99:ef:00:68:ba:86:fa:f3:2e:39:86: 61:3d:8c:5f:7a:75:3e:bd:69:7c:a4:13:06:31:c0:c1:6c:77: 9d:9d:59:74:33:5f:3b:9c:72:38:a5:c8:61:26:d4:50:48:18: e2:66:a1:f7:e6:cf:21:93:aa:5e:91:14:76:f6:e7:cd:94:69: 88:83:8b:57:36:09:94:e1:7e:5b:64:2f:a2:cd:a8:ee:35:ae: 09:09:59:bf:d1:b7:82:49:9f:b1:7d:95:b3:04:04:05:f6:20: 72:6b:0a:a9:c1:6d:22:2b:c2:6e:f7:d5:44:5b:4f:e0:6d:2a: 0e:09:91:00:66:14:2a:13:89:a0:c7:16:a0:3a:8e:d2:5c:5a: 5c:fd:3e:04:db:16:5b:38:ca:d9:a7:c7:d4:c3:ca:b2:4a:34: 2e:44:65:9a:10:bc:3d:5b:ae:e7:e6:ef:f9:c9:16:db:01:ec: ff:4c:cb:11:4b:9f:e7:17:fb:da:85:43:09:77:8a:62:c8:2d: 04:c4:f9:59 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUAwCpD+o4ZsDklYgTOEBXETyGUA8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw OWVhMzk4NTAeFw0yNTA0MDQyMzQzMTZaFw0yNTA0MDYwMDAzMTZaMDMxMTAvBgNV BAMTKDNBRkM4MjJDQzk5NTNGMTUxRUYxOEU2MTZBMTM3RkQ0MTQyN0M3NjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIPPuWc+RbIn8MD4p2xdpwQ2we A99lU5pEPRAAob8eQi9CfPiaSeVRsPm+zg/Q//QXH2wEhcPCIgHnsSo8vMOstKOZ JIDeGwyMXCYSt6jtNuMhZUemTsb8f8vqzt82MM2VCIfBYbkOUqkhcSYuQej+v0oU 7H3FU4wdnjoJz09LtWEWD8zwoV/SE6fV7Sv6U0yMjtVCp0M4wx/7Q6+vwMgM3peB x4VMFTnEZyf7xPh0Qa5QDsBIT+4pZneKk/mcTEBZq14ZO+PJC77DBC7uQ1E3epwM GeV+KUyZ6H68ilu4D9imSVTzCZc3nLVg+w+jpplQh4HotsrTCTBK+4uDCALbAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUOvyCLMmVPxUe8Y5hahN/1BQnx2AwHwYDVR0j BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1 YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu cU9ZVS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZGZiMzBjYS1l MWMyLTQ5MjEtYjA1NC1kNGFmMDkxNjVhZjEvMC83RjIxNkY0OUEzQjlBODRBMEU4 NUU4MEEyQzQyODc0RjA5RUEzOTg1Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlIsbKhs/oifqWB9x/SOp 4kl9CbDrxBhbxXKyweCO82nF/6eUm3QjC7B6+xIfqgZqgsgVPOKbMLpPzVRHCpnv AGi6hvrzLjmGYT2MX3p1Pr1pfKQTBjHAwWx3nZ1ZdDNfO5xyOKXIYSbUUEgY4mah 9+bPIZOqXpEUdvbnzZRpiIOLVzYJlOF+W2Qvos2o7jWuCQlZv9G3gkmfsX2VswQE BfYgcmsKqcFtIivCbvfVRFtP4G0qDgmRAGYUKhOJoMcWoDqO0lxaXP0+BNsWWzjK 2afH1MPKsko0LkRlmhC8PVuu5+bv+ckW2wHs/0zLEUuf5xf72oVDCXeKYsgtBMT5 WQ== -----END CERTIFICATE-----Generated at Sat Apr 5 05:34:54 2025 by rpki-client