$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft File: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft (raw, json) Hash identifier: SXLrwJF2dF+PLUqMx1qdArTXrShSCD8952x4jm/uqe0= Subject key identifier: 09:D9:90:22:74:80:19:9F:A9:FE:F6:FB:C6:85:E4:71:91:5B:B1:D3 Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Certificate serial: 056AB8DDBB5DDF906E8B8978E5126212E6EAB962 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft Manifest number: 04D8 Signing time: Sun 29 Mar 2026 11:56:38 +0000 Manifest this update: Sun 29 Mar 2026 11:51:38 +0000 Manifest next update: Mon 30 Mar 2026 12:58:38 +0000 Files and hashes: 1: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl (hash: 2vdAs0dDjM9gNsqKl8ZXcP60ZAXeWMoam1x260Rbu4Y=) 2: 34352e3134362e3136322e302f32342d3234203d3e203138363331.roa (hash: mQKE/0/NnV539NSoXtVCOp3+AeXahl8sUnLhuxaZN7o=) 3: 34352e3134362e3136302e302f32332d3233203d3e203437343437.roa (hash: 31YTnxmdtZ2cp3Cw9rcOHPD6ZzrVs4b/Az5vMfbmmIM=) 4: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (hash: dEyrefnnKSg66lfx459XJ2SroTggGi4go9Zp+DRZdvU=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 30 Mar 2026 07:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:6a:b8:dd:bb:5d:df:90:6e:8b:89:78:e5:12:62:12:e6:ea:b9:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Validity Not Before: Mar 29 11:51:38 2026 GMT Not After : Mar 30 12:58:38 2026 GMT Subject: CN=09D990227480199FA9FEF6FBC685E471915BB1D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:70:90:08:df:d8:db:19:56:1c:ea:a7:f2:7d: 5c:78:9e:79:ce:87:ca:82:0c:34:fe:bc:7c:1a:75: 13:f9:1a:f5:84:04:1b:7c:0d:ef:f9:82:5e:09:f5: bb:42:fc:53:ac:df:35:26:7e:fa:72:b4:26:2b:ea: c9:16:f2:a0:e6:65:ae:e5:c7:b1:c9:84:a2:77:4f: 11:57:28:15:61:39:e5:6d:5d:cd:21:42:0c:b5:14: 22:a1:91:3b:77:d6:9d:02:e3:b1:1f:2f:0c:7f:b6: f1:bc:1f:99:22:a9:4a:39:0e:5d:21:48:da:6a:aa: 13:32:c5:d2:26:f2:c6:88:e5:77:d0:74:f6:d6:36: b7:50:05:1d:2b:37:f2:77:41:2d:a2:b7:2f:f3:18: 30:4e:95:c2:aa:91:36:c1:0a:7a:99:af:cd:6f:e6: ed:3e:5d:8f:9e:f5:b3:f7:03:45:3f:a2:b1:c4:bd: da:8c:30:2b:82:95:f7:93:37:f9:e2:2a:19:19:30: 78:65:02:41:4b:c6:c6:26:30:19:7b:00:89:21:e3: a1:81:14:b3:ce:ca:7a:24:dc:f5:bd:1d:9c:81:27: 96:c5:47:91:6c:df:e1:07:b1:40:11:6b:2d:3f:9c: 68:82:cb:9c:ba:ba:38:e3:96:d4:9e:c3:73:1b:71: f0:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:D9:90:22:74:80:19:9F:A9:FE:F6:FB:C6:85:E4:71:91:5B:B1:D3 X509v3 Authority Key Identifier: keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:52:66:cb:b6:a0:d9:88:d9:64:6e:8e:76:c2:b0:cc:8d:e8: c3:ea:7a:78:37:62:c5:b8:c9:1d:e9:6e:03:91:a1:42:8e:a7: e1:31:86:15:c8:13:75:8e:4b:b8:ef:d2:ca:7f:c1:3b:f8:5b: 3d:26:dc:7a:a8:96:f6:6f:86:d4:37:20:57:f8:3b:26:eb:fa: 83:7e:bf:00:fa:54:cd:d6:9a:a7:79:72:52:65:a2:3a:c9:7e: dd:d2:94:95:d3:9e:fb:c0:8f:e0:51:5f:d7:ba:69:08:2b:4c: e4:6d:55:50:40:30:20:10:0d:08:99:d3:01:1f:35:a2:ab:84: 54:15:25:aa:4b:70:35:7f:a3:eb:fa:f6:22:4c:bb:2a:62:bf: 94:c8:1b:2a:17:25:70:17:69:b2:27:63:05:d8:de:0d:ad:51: d1:69:24:94:d9:0c:91:5e:1d:4f:1e:45:1c:63:48:6c:10:8c: 9d:57:21:84:54:e5:75:48:db:66:75:09:94:6b:ba:f8:9c:7f: 88:dd:43:34:c2:80:8c:ae:35:d2:2b:af:19:81:8e:59:04:47: de:29:a3:ef:f3:f9:20:15:4f:98:8a:75:41:68:97:ea:a4:77: e6:76:3a:f2:9b:79:63:3b:83:f8:a5:4f:85:d5:1d:a7:7d:ec: dd:a8:d7:34 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUBWq43btd35Bui4l45RJiEubquWIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm MjYwNzNjMzAeFw0yNjAzMjkxMTUxMzhaFw0yNjAzMzAxMjU4MzhaMDMxMTAvBgNV BAMTKDA5RDk5MDIyNzQ4MDE5OUZBOUZFRjZGQkM2ODVFNDcxOTE1QkIxRDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3cJAI39jbGVYc6qfyfVx4nnnO h8qCDDT+vHwadRP5GvWEBBt8De/5gl4J9btC/FOs3zUmfvpytCYr6skW8qDmZa7l x7HJhKJ3TxFXKBVhOeVtXc0hQgy1FCKhkTt31p0C47EfLwx/tvG8H5kiqUo5Dl0h SNpqqhMyxdIm8saI5XfQdPbWNrdQBR0rN/J3QS2ity/zGDBOlcKqkTbBCnqZr81v 5u0+XY+e9bP3A0U/orHEvdqMMCuClfeTN/niKhkZMHhlAkFLxsYmMBl7AIkh46GB FLPOynok3PW9HZyBJ5bFR5Fs3+EHsUARay0/nGiCy5y6ujjjltSew3MbcfBfAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUCdmQInSAGZ+p/vb7xoXkcZFbsdMwHwYDVR0j BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K Z2M4TS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZmUyYjI3YS0x ZWM1LTRhYjctOTc4ZS02ZGE5Y2Y5ZjM3OTAvMC81REVGRTA5MjJGNEY1NTI3MERD RDVDMDhGMDRGMUM3QkYyNjA3M0MzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAelJmy7ag2YjZZG6OdsKw zI3ow+p6eDdixbjJHeluA5GhQo6n4TGGFcgTdY5LuO/Syn/BO/hbPSbceqiW9m+G 1DcgV/g7Juv6g36/APpUzdaap3lyUmWiOsl+3dKUldOe+8CP4FFf17ppCCtM5G1V UEAwIBANCJnTAR81oquEVBUlqktwNX+j6/r2Iky7KmK/lMgbKhclcBdpsidjBdje Da1R0WkklNkMkV4dTx5FHGNIbBCMnVchhFTldUjbZnUJlGu6+Jx/iN1DNMKAjK41 0iuvGYGOWQRH3imj7/P5IBVPmIp1QWiX6qR35nY68pt5YzuD+KVPhdUdp33s3ajX NA== -----END CERTIFICATE-----Generated at Sun Mar 29 16:58:30 2026 by rpki-client