$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft File: 0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft (raw, json) Hash identifier: 01a0n9uZgbr6Aa59WwCSr5T5n4YALs/TzPr5wTH/kAk= Subject key identifier: 02:C6:54:E9:F0:D8:CD:4B:50:17:C2:F7:E5:C7:A3:E3:52:FB:07:17 Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3 Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3 Certificate serial: 65106736A9D264FD656DA27B910923563CC24219 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft Manifest number: 2B Signing time: Sat 01 Feb 2025 12:35:58 +0000 Manifest this update: Sat 01 Feb 2025 12:30:58 +0000 Manifest next update: Sun 02 Feb 2025 14:12:58 +0000 Files and hashes: 1: 3139342e33342e3235332e302f32342d3234203d3e20323135323837.roa (hash: UVjcJOPoynn3xsUdSCmcs1KkowTSw1I56tsbUhGYHTg=) 2: 38352e3131372e3232382e302f32342d3234203d3e20323132313530.roa (hash: pfmSTee1u3cZjmACBl/YNO8VI3gRYWTr8wb0lfXQGMI=) 3: 3139342e33342e3235322e302f32342d3234203d3e203239383032.roa (hash: MPp6Igfxvoo4H6VVtRMvz7wqXYqi9rOeS8G4+bL/Qls=) 4: 38352e3131372e3233302e302f32342d3234203d3e20323037333838.roa (hash: NLXB2mTDGa3YDb/AnnW0XQvfnA0Ouchpu/TPvnHlwaA=) 5: 38352e3131372e3232392e302f32342d3234203d3e203233343730.roa (hash: HUTmCm2TImDs0Yhhl7hgdJ8IlEK4xOTxiCr+5rFxRZI=) 6: 3138352e3231332e3235312e302f32342d3234203d3e203233343730.roa (hash: AH3oeu7z77VRsoVVR4srUimECF5mJwhXNeKuseb6qFA=) 7: 0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl (hash: 0hmu53EFOGPhmrj8oKdRnWF551D1/9m+lxSS0fwVtoY=) 8: 38352e3131372e3233312e302f32342d3234203d3e2039323332.roa (hash: wxXqnIo8VdPb9Dqirf8u37/+DzCmzUMAlr9dMT37N+Q=) 9: 3138352e3231332e3234382e302f32342d3234203d3e2039323332.roa (hash: yrSC0birtnydpnbjo/rNrx0iogZg2oT/xPc762BHT94=) 10: 3138352e3231332e3235302e302f32342d3234203d3e20323135323837.roa (hash: OuMYxXICssNOZJDRGMEnGTcFO5vZgXdH+8Ld5wKU7zA=) 11: 3139342e33342e3235352e302f32342d3234203d3e203536353934.roa (hash: x2RfjpSN3xicSqXOSngzYM3QyNU0bV4bA1DJ2SOK7nM=) 12: 3139342e33342e3235342e302f32342d3234203d3e20313532363732.roa (hash: hBCTJH2VP/g2W82hp9JFwDkEQwn2f5ZxdgSFMedjM7Q=) 13: 38352e3131372e3233302e302f32342d3234203d3e20323132313530.roa (hash: TNWvmVMYUNTjv7XUOYgDcfltzLMqNiQOo1MP2jb0Lpw=) 14: 3138352e3231332e3234392e302f32342d3234203d3e2039323332.roa (hash: G89TCZp2wvRal+boy+AoEliIkd5asPEmqXLjDSX3AEs=) 15: 38352e3131372e3232382e302f32342d3234203d3e20323037333838.roa (hash: 1/tBNS+kodwg8jeozfe8VuWvUrIAtLdwZSa7YwWGM6g=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 02 Feb 2025 14:12:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:10:67:36:a9:d2:64:fd:65:6d:a2:7b:91:09:23:56:3c:c2:42:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3 Validity Not Before: Feb 1 12:30:58 2025 GMT Not After : Feb 2 14:12:58 2025 GMT Subject: CN=02C654E9F0D8CD4B5017C2F7E5C7A3E352FB0717 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:03:fd:f8:a2:84:6a:49:23:f4:3a:1d:94:94: 28:d9:d3:b7:45:da:58:6b:de:4f:30:7b:5c:3c:be: b8:4d:22:f5:82:b3:33:10:9b:41:c6:c1:25:e1:46: 32:df:7c:79:1b:d9:81:39:c2:5d:4f:60:ac:64:fe: 97:7b:45:24:af:ed:46:4d:be:b3:6e:d1:cf:42:4b: ab:72:cf:c1:d3:bf:47:21:b0:f8:a6:db:62:ff:4e: 9e:a4:7f:02:b6:31:7f:41:6a:7c:f9:5d:5b:a0:b8: 7f:db:c0:e9:c2:4e:96:3b:8a:16:83:3a:1d:fb:56: aa:31:8c:46:18:5a:bf:bf:ad:93:79:10:7e:df:be: d4:e5:a0:2d:21:05:70:a1:95:14:9d:64:56:69:68: a8:a2:45:58:38:50:68:7d:04:a8:a9:a7:cd:4e:cd: 84:35:44:7e:9a:b6:62:78:15:8c:9b:6b:85:72:2c: 5d:79:23:f1:8e:26:04:93:2b:07:65:9c:e9:6e:a6: e9:ff:f4:88:a4:8c:ed:d3:90:4f:97:62:eb:ac:1c: f7:d7:22:c1:c3:69:a5:52:a6:9e:87:ad:de:1c:55: 16:ff:aa:e0:f7:d3:d4:e6:be:d7:dc:c3:42:80:bb: fe:68:a1:bb:a1:8f:02:4b:de:ed:ee:8a:83:63:63: 0d:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:C6:54:E9:F0:D8:CD:4B:50:17:C2:F7:E5:C7:A3:E3:52:FB:07:17 X509v3 Authority Key Identifier: keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:19:fa:fd:16:5d:57:9e:e5:57:5c:a6:6e:4c:d2:d8:fb:3f: 02:d8:af:24:24:6a:92:65:98:32:77:70:19:21:dd:1d:e1:29: d1:65:11:6a:3f:c2:30:ce:2d:98:19:80:f6:42:46:03:0f:13: 49:0c:14:3f:d9:27:ec:bf:c3:f9:70:78:23:ba:48:68:f2:0b: 26:bf:a9:d8:01:30:c9:41:16:25:82:f0:68:e5:04:be:16:e5: a1:8f:dc:2f:16:2d:72:c3:1a:5a:c1:be:ac:3b:af:d7:9b:a8: 6a:78:f5:62:c1:fa:a4:e9:fc:0a:22:8c:a9:f8:70:00:92:84: fe:ab:9a:05:3a:79:eb:33:9b:84:9c:9e:20:ce:10:6f:ef:79: d9:21:31:22:82:25:80:9d:f7:51:62:94:15:2b:0d:cb:17:4e: 7b:e6:7a:43:d3:0a:a1:2d:14:43:39:bd:b5:f4:74:a2:90:ad: 39:c0:81:72:55:d1:52:fb:6d:1b:80:1f:3d:3e:e0:e9:77:5f: 37:b9:52:6c:45:ba:a0:05:54:4c:6d:54:de:e3:a5:9e:7b:d2: ab:86:88:6d:d6:86:12:7d:d8:c8:89:dc:95:81:77:50:de:69: 64:6d:dc:80:e7:e4:35:d6:63:ba:d4:5f:10:b2:b4:8e:2c:d2: 0d:fd:a5:8e -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUZRBnNqnSZP1lbaJ7kQkjVjzCQhkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl ODQxYTRkMzAeFw0yNTAyMDExMjMwNThaFw0yNTAyMDIxNDEyNThaMDMxMTAvBgNV BAMTKDAyQzY1NEU5RjBEOENENEI1MDE3QzJGN0U1QzdBM0UzNTJGQjA3MTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnA/34ooRqSSP0Oh2UlCjZ07dF 2lhr3k8we1w8vrhNIvWCszMQm0HGwSXhRjLffHkb2YE5wl1PYKxk/pd7RSSv7UZN vrNu0c9CS6tyz8HTv0chsPim22L/Tp6kfwK2MX9Banz5XVuguH/bwOnCTpY7ihaD Oh37VqoxjEYYWr+/rZN5EH7fvtTloC0hBXChlRSdZFZpaKiiRVg4UGh9BKipp81O zYQ1RH6atmJ4FYyba4VyLF15I/GOJgSTKwdlnOlupun/9IikjO3TkE+XYuusHPfX IsHDaaVSpp6Hrd4cVRb/quD309Tmvtfcw0KAu/5oobuhjwJL3u3uioNjYw1lAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUAsZU6fDYzUtQF8L35cej41L7BxcwHwYDVR0j BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4 Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o QnBOTS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTEzZGRhNi03 YWRlLTQ0NWQtOGM2ZS00NDhhNzhlNDhjYTEvMS8wRDdGRkFFMzAwREVGMDg3NkJG ODQ4OTBGQjZFQTE3QkU4NDFBNEQzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABn6/RZdV57lV1ymbkzS 2Ps/AtivJCRqkmWYMndwGSHdHeEp0WURaj/CMM4tmBmA9kJGAw8TSQwUP9kn7L/D +XB4I7pIaPILJr+p2AEwyUEWJYLwaOUEvhbloY/cLxYtcsMaWsG+rDuv15uoanj1 YsH6pOn8CiKMqfhwAJKE/quaBTp56zObhJyeIM4Qb+952SExIoIlgJ33UWKUFSsN yxdOe+Z6Q9MKoS0UQzm9tfR0opCtOcCBclXRUvttG4AfPT7g6XdfN7lSbEW6oAVU TG1U3uOlnnvSq4aIbdaGEn3YyInclYF3UN5pZG3cgOfkNdZjutRfELK0jizSDf2l jg== -----END CERTIFICATE-----Generated at Sun Feb 2 06:41:31 2025 by rpki-client