$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft File: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft (raw, json) Hash identifier: AZT31FW5HKneS2E96UkF29a0Q3/8ipxb6nlUYzmd/zE= Subject key identifier: 3E:3D:33:F1:2F:63:9A:3C:0B:EF:EC:91:F1:03:9C:95:E0:84:BE:A0 Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Certificate serial: 4BA795F059C50286139F795F7F4522C4677EECD9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft Manifest number: 03C9 Signing time: Sun 07 Sep 2025 22:03:57 +0000 Manifest this update: Sun 07 Sep 2025 21:58:57 +0000 Manifest next update: Mon 08 Sep 2025 22:52:57 +0000 Files and hashes: 1: 34352e3134362e3136302e302f32332d3233203d3e203437343437.roa (hash: RhIjHNXayp0tS4DN32atD6aHafLrHUAz0HkdV618CRY=) 2: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (hash: VqRU0PsdkYcQlfLEqZmAkEPw8yvo7sqFgCP45AzG5Gs=) 3: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl (hash: 9ShXAngoLVO36Es2PAjKtNiR4M1BjfVkQHCxj5Rhkz0=) 4: 34352e3134362e3136322e302f32342d3234203d3e203138363331.roa (hash: C/6HJC1mRnTjt5un9I/ly/ex3eg1Ngny62cwbLuyXag=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Sep 2025 22:52:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:a7:95:f0:59:c5:02:86:13:9f:79:5f:7f:45:22:c4:67:7e:ec:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Validity Not Before: Sep 7 21:58:57 2025 GMT Not After : Sep 8 22:52:57 2025 GMT Subject: CN=3E3D33F12F639A3C0BEFEC91F1039C95E084BEA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:35:55:32:1c:ab:64:d2:29:ec:2c:80:0a:21: 5a:ee:64:58:65:23:8b:e9:d7:ae:c8:e6:9a:44:a7: 16:c6:24:b1:b0:c2:27:1b:19:b3:88:e9:e2:e6:8a: 4e:59:9e:2c:d2:db:69:24:a7:7d:ad:94:08:75:9b: 55:df:2f:64:89:35:61:81:43:cf:2b:bd:3c:0b:eb: 54:1a:0a:43:3b:ab:25:24:6c:b5:69:21:69:7b:8d: 5f:69:da:11:61:e1:1e:c9:b2:da:a6:10:38:73:d4: 51:9b:19:f2:44:7f:04:3b:73:54:70:67:ef:95:9c: 4a:b9:40:88:7d:d1:b9:e8:0d:b3:de:f1:c1:04:a1: 4f:c7:df:b9:a3:65:fe:05:06:c4:ab:10:8e:3e:05: fe:75:17:eb:2a:62:59:78:ef:52:93:35:98:ad:c9: 3b:d7:92:a8:06:87:b5:41:e5:89:ad:a4:95:35:bc: 43:85:2b:06:11:59:45:3f:42:d5:23:47:bc:6f:b1: 0b:56:e3:04:46:31:f9:a9:ed:22:c9:8e:b3:5b:72: 55:c9:b7:44:55:9a:85:9d:c9:97:89:aa:24:02:63: ab:88:4d:49:dc:f2:a1:a4:7c:71:34:cb:0d:1c:9e: 7b:d5:ee:50:25:33:08:31:03:94:81:29:7d:c4:da: 8e:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:3D:33:F1:2F:63:9A:3C:0B:EF:EC:91:F1:03:9C:95:E0:84:BE:A0 X509v3 Authority Key Identifier: keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:35:16:f0:18:8e:19:74:8e:2a:96:65:7e:ac:06:10:6e:6b: 3f:08:57:ac:94:4b:51:50:91:82:8b:92:19:90:f5:40:ee:87: 4f:16:ab:b8:0d:8d:9f:f2:0a:96:83:f4:6a:70:55:67:4b:c9: 81:fa:d8:44:fe:34:4f:25:55:00:72:23:fd:48:e4:e3:37:67: 5b:bd:dc:f1:cc:6e:b1:b5:ff:16:20:72:6e:43:92:e1:6b:5c: cf:cd:bb:43:e4:e2:68:78:d9:99:c5:63:59:e3:27:d4:b4:6d: 38:7e:2f:dd:10:c7:d7:4f:89:db:4f:55:c9:bd:ac:89:a2:36: 44:82:f2:e9:12:50:19:63:e6:45:02:af:27:e0:8b:db:fd:d5: 5a:71:9f:44:c8:4b:7e:32:e3:f8:1f:cf:bf:6a:3a:82:9f:64: 82:d2:18:1a:49:90:22:85:d5:b3:ab:0c:7f:4f:24:a1:89:f2: 40:5e:d6:84:9b:59:bf:48:4b:b1:92:38:32:04:5a:af:7d:88: da:96:df:a5:ef:f8:d4:f5:d6:36:b9:d9:2c:85:ad:a0:8d:9d: 38:45:6e:bc:80:0f:41:fb:45:03:30:10:e7:64:79:98:ea:aa: 55:e3:b7:e2:e8:26:aa:8a:f6:ae:da:88:ca:f0:b0:b9:41:c0: 71:a4:cc:84 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUS6eV8FnFAoYTn3lff0UixGd+7NkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm MjYwNzNjMzAeFw0yNTA5MDcyMTU4NTdaFw0yNTA5MDgyMjUyNTdaMDMxMTAvBgNV BAMTKDNFM0QzM0YxMkY2MzlBM0MwQkVGRUM5MUYxMDM5Qzk1RTA4NEJFQTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiNVUyHKtk0insLIAKIVruZFhl I4vp167I5ppEpxbGJLGwwicbGbOI6eLmik5ZnizS22kkp32tlAh1m1XfL2SJNWGB Q88rvTwL61QaCkM7qyUkbLVpIWl7jV9p2hFh4R7JstqmEDhz1FGbGfJEfwQ7c1Rw Z++VnEq5QIh90bnoDbPe8cEEoU/H37mjZf4FBsSrEI4+Bf51F+sqYll471KTNZit yTvXkqgGh7VB5YmtpJU1vEOFKwYRWUU/QtUjR7xvsQtW4wRGMfmp7SLJjrNbclXJ t0RVmoWdyZeJqiQCY6uITUnc8qGkfHE0yw0cnnvV7lAlMwgxA5SBKX3E2o61AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUPj0z8S9jmjwL7+yR8QOcleCEvqAwHwYDVR0j BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K Z2M4TS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZmUyYjI3YS0x ZWM1LTRhYjctOTc4ZS02ZGE5Y2Y5ZjM3OTAvMC81REVGRTA5MjJGNEY1NTI3MERD RDVDMDhGMDRGMUM3QkYyNjA3M0MzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoDUW8BiOGXSOKpZlfqwG EG5rPwhXrJRLUVCRgouSGZD1QO6HTxaruA2Nn/IKloP0anBVZ0vJgfrYRP40TyVV AHIj/Ujk4zdnW73c8cxusbX/FiBybkOS4Wtcz827Q+TiaHjZmcVjWeMn1LRtOH4v 3RDH10+J209Vyb2siaI2RILy6RJQGWPmRQKvJ+CL2/3VWnGfRMhLfjLj+B/Pv2o6 gp9kgtIYGkmQIoXVs6sMf08koYnyQF7WhJtZv0hLsZI4MgRar32I2pbfpe/41PXW NrnZLIWtoI2dOEVuvIAPQftFAzAQ52R5mOqqVeO34ugmqor2rtqIyvCwuUHAcaTM hA== -----END CERTIFICATE-----Generated at Mon Sep 8 14:03:03 2025 by rpki-client