$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft File: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft (raw, json) Hash identifier: jWZ46B671D9X6Bp1lNhFOaxL02Bk3wnlTMAOCxU7fkk= Subject key identifier: 4C:0C:B4:CE:49:FF:B5:18:A4:F1:DB:4D:D3:30:27:C8:72:95:6C:DA Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Certificate serial: 49DBA32CC1862AD868BA745344685E8D16F5BD28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft Manifest number: 0533 Signing time: Thu 04 Jun 2026 14:07:27 +0000 Manifest this update: Thu 04 Jun 2026 14:02:27 +0000 Manifest next update: Fri 05 Jun 2026 16:10:27 +0000 Files and hashes: 1: 34352e3134362e3136332e302f32342d3234203d3e203338313336.roa (hash: 2UoYMc+T3VQ81nJuKfdlMgklJP2lCeK6kVAd1Zef4f8=) 2: 34352e3134362e3136332e302f32342d3234203d3e20343031373736.roa (hash: vOmOz2BugVIPRfW7G2v3UGhcWNCUu83kIhIIM2fnK0w=) 3: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl (hash: eIlVrLvTc5CdsD4lw7aUABtx6us9Bzvpis9e5yJt2Us=) 4: 34352e3134362e3136302e302f32332d3233203d3e203437343437.roa (hash: 31YTnxmdtZ2cp3Cw9rcOHPD6ZzrVs4b/Az5vMfbmmIM=) 5: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (hash: dEyrefnnKSg66lfx459XJ2SroTggGi4go9Zp+DRZdvU=) 6: 34352e3134362e3136322e302f32342d3234203d3e203138363331.roa (hash: mQKE/0/NnV539NSoXtVCOp3+AeXahl8sUnLhuxaZN7o=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Jun 2026 15:34:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:db:a3:2c:c1:86:2a:d8:68:ba:74:53:44:68:5e:8d:16:f5:bd:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Validity Not Before: Jun 4 14:02:27 2026 GMT Not After : Jun 5 16:10:27 2026 GMT Subject: CN=4C0CB4CE49FFB518A4F1DB4DD33027C872956CDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:52:fd:c6:54:b4:59:da:0b:ac:fb:5f:bb:78: a8:c4:ba:e3:1e:cd:7a:bf:9e:f5:a0:e2:00:25:e7: b0:a2:12:f5:b0:3e:63:27:4b:6d:d2:a3:d8:0c:33: 76:0b:0c:d1:55:15:45:df:b1:a6:ed:b7:f4:06:63: 76:bd:f2:34:53:b5:86:32:a4:d1:21:24:71:38:7d: 24:ff:cd:1b:fb:5d:50:bf:ba:4a:fd:83:93:7d:c6: d8:8f:fb:e6:4d:12:54:65:ed:19:f5:6f:53:15:0b: 0d:fd:de:80:5a:a6:18:c6:b3:01:b1:70:f3:9c:02: 4c:63:61:da:41:b6:95:6f:d3:ed:20:c4:33:53:e4: 2b:c9:0c:39:eb:1b:f4:bc:b2:9a:e9:74:63:11:26: b5:07:82:64:d2:b3:99:f0:c1:9a:95:82:29:f1:31: b0:1a:b3:d0:b4:70:66:94:ea:f1:af:56:b5:86:30: 00:c1:4b:33:44:c0:f6:b9:a3:0d:fb:4a:a5:66:7f: 1c:2c:94:d1:78:e3:9e:03:32:5d:5e:6d:59:0e:e1: 7f:3c:c3:b9:e2:cc:f5:22:31:ac:7b:e5:eb:8f:dc: 13:57:eb:a3:3b:4d:02:cc:e1:77:58:54:31:ef:82: 83:eb:2e:a6:87:00:a9:96:f6:92:75:ae:ef:34:5a: 89:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:0C:B4:CE:49:FF:B5:18:A4:F1:DB:4D:D3:30:27:C8:72:95:6C:DA X509v3 Authority Key Identifier: keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:0e:02:43:40:7f:56:4f:b2:5e:03:48:3d:46:b4:b7:2f:8a: 1a:b2:66:66:85:9b:64:f1:94:7b:7a:e6:d3:fa:c6:29:d3:2a: 20:c7:dd:43:2d:7f:37:91:e2:ba:5d:89:1b:e1:5d:ca:09:f6: 63:27:9d:ff:0d:d7:6e:48:cc:b6:a0:5a:18:d1:49:df:31:5b: 48:33:6a:50:0a:cc:8b:12:04:ed:5f:1e:35:14:dd:6d:5f:32: cd:90:0d:7e:eb:03:ce:f0:19:10:df:86:a3:02:48:41:80:c1: 2f:0f:bf:e5:54:fe:8a:1e:cf:a3:10:05:a8:66:8f:56:5f:82: f1:7f:59:82:28:83:1c:8d:10:21:bb:b7:b4:6f:4f:73:80:11: a8:38:27:d1:fd:71:f9:2f:10:09:4c:64:99:11:56:7a:91:0e: 28:1d:7b:d0:58:05:5f:52:a2:3e:88:fc:fc:f7:c2:6a:a2:76: 3c:40:6b:89:15:5b:01:07:46:a1:22:77:5e:a4:69:51:95:55: 48:f3:54:93:d9:e1:56:4a:6d:d2:ef:21:13:8f:ca:b3:c8:2d: 7d:d1:42:61:fa:d0:91:78:1f:35:a2:65:9b:19:11:f3:e6:73: 9b:93:75:75:2c:d5:37:b2:de:ab:e4:0b:82:b9:b0:90:30:ca: cb:83:f0:ae -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUSdujLMGGKthounRTRGhejRb1vSgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm MjYwNzNjMzAeFw0yNjA2MDQxNDAyMjdaFw0yNjA2MDUxNjEwMjdaMDMxMTAvBgNV BAMTKDRDMENCNENFNDlGRkI1MThBNEYxREI0REQzMzAyN0M4NzI5NTZDREEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Uv3GVLRZ2gus+1+7eKjEuuMe zXq/nvWg4gAl57CiEvWwPmMnS23So9gMM3YLDNFVFUXfsabtt/QGY3a98jRTtYYy pNEhJHE4fST/zRv7XVC/ukr9g5N9xtiP++ZNElRl7Rn1b1MVCw393oBaphjGswGx cPOcAkxjYdpBtpVv0+0gxDNT5CvJDDnrG/S8sprpdGMRJrUHgmTSs5nwwZqVginx MbAas9C0cGaU6vGvVrWGMADBSzNEwPa5ow37SqVmfxwslNF4454DMl1ebVkO4X88 w7nizPUiMax75euP3BNX66M7TQLM4XdYVDHvgoPrLqaHAKmW9pJ1ru80WoltAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUTAy0zkn/tRik8dtN0zAnyHKVbNowHwYDVR0j BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K Z2M4TS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZmUyYjI3YS0x ZWM1LTRhYjctOTc4ZS02ZGE5Y2Y5ZjM3OTAvMC81REVGRTA5MjJGNEY1NTI3MERD RDVDMDhGMDRGMUM3QkYyNjA3M0MzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAw4CQ0B/Vk+yXgNIPUa0 ty+KGrJmZoWbZPGUe3rm0/rGKdMqIMfdQy1/N5Hiul2JG+Fdygn2Yyed/w3XbkjM tqBaGNFJ3zFbSDNqUArMixIE7V8eNRTdbV8yzZANfusDzvAZEN+GowJIQYDBLw+/ 5VT+ih7PoxAFqGaPVl+C8X9ZgiiDHI0QIbu3tG9Pc4ARqDgn0f1x+S8QCUxkmRFW epEOKB170FgFX1KiPoj8/PfCaqJ2PEBriRVbAQdGoSJ3XqRpUZVVSPNUk9nhVkpt 0u8hE4/Ks8gtfdFCYfrQkXgfNaJlmxkR8+Zzm5N1dSzVN7Leq+QLgrmwkDDKy4Pw rg== -----END CERTIFICATE-----Generated at Thu Jun 4 18:18:00 2026 by rpki-client