$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft File: D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft (raw, json) Hash identifier: KXNp6yJHEM85qoIY228r9ej8BcpL4cZmsMFobQ88Qm4= Subject key identifier: 7E:5A:74:A7:1D:1E:69:5E:E7:86:B9:49:B9:35:37:E0:55:EB:51:81 Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44 Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444 Certificate serial: 46AFD616C6DCF5D2A9619732A1F33A8019C5EE34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft Manifest number: 04FA Signing time: Tue 21 Oct 2025 19:37:40 +0000 Manifest this update: Tue 21 Oct 2025 19:32:40 +0000 Manifest next update: Wed 22 Oct 2025 22:43:40 +0000 Files and hashes: 1: D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl (hash: WTXokhwAymDBYfSZNfNtjN3BQ493WcxZ/OkdJqHtue4=) 2: 37382e32342e3132342e302f32342d3234203d3e20343031383338.roa (hash: VrnH5tIT+SOLQ0xUmgz8lDea4v1K04gWY5bP4L4H/fY=) 3: 39332e39322e32312e302f32342d3234203d3e203631333137.roa (hash: fW+zXQmtdqPL01ivRHM0ry5dwDotUJmdzQHE3ZemyUE=) 4: 34352e38362e39342e302f32342d3234203d3e2039303039.roa (hash: gq03q2PZTenb5MfLZJOhv7nheUzD9xSGdvhncjMBFfc=) 5: 39332e39322e31392e302f32342d3234203d3e203631333137.roa (hash: bCly8plczaq5qd0H9MlQ1Z8xZKSunOI/jFWKgR1UqBg=) 6: 37382e32342e3132312e302f32342d3234203d3e203631333137.roa (hash: PNy4BBOReJ4B4LRwKHBjnzscIyK0n1F3JT7zrSI8uHw=) 7: 34352e38362e39322e302f32342d3234203d3e20323039313831.roa (hash: gFPXsCrn7VghMZpPQmlNius+Qe9koRj6iqpgIDQpOY8=) 8: 37382e32342e3132322e302f32342d3234203d3e2037303138.roa (hash: RiGLyTpjx/lhYnZMR/g3INSwpo5JHGzbqqOnRRhQZa8=) 9: 39332e39322e31382e302f32342d3234203d3e20343031383338.roa (hash: UH0UP25o3U70TKOGCO5ZzwtVViIjPRoBTmf/0ZejDTc=) 10: 39332e39322e31382e302f32342d3234203d3e203534333339.roa (hash: WMxtcl2Ju6TLrgTtLUBAyAfGF8Gn9pZV9umXAbbzoJo=) 11: 37382e32342e3132352e302f32342d3234203d3e203534333339.roa (hash: 8J7vWDZA6CwD0N0heCZfxarZkaHc987rZNDTEoRqJuw=) 12: 37382e32342e3132362e302f32332d3234203d3e203131343236.roa (hash: daBRkHJPjnP4DyHn4IivnK1qaHgtIwZJtESS0iOn6Xk=) 13: 37382e32342e3132322e302f32342d3234203d3e20343031383338.roa (hash: QSDJ1+8SgpwSggscxtnEW0fE8nG/Mt5ZyXJ/C5BJhqQ=) 14: 39332e39322e32322e302f32332d3234203d3e20343031383338.roa (hash: ZR3NimLfDuSVrHX3TIHZtfUL9Oft/y6YDT0lI8Ay4iU=) 15: 39332e39322e32302e302f32342d3234203d3e2035353131.roa (hash: 7VcdQni9NXqci+IjZbxirF6Td9GD5nyYwAr4qpAAeg4=) 16: 37382e32342e3132332e302f32342d3234203d3e2037303138.roa (hash: yLm71OTqDFRdyl2jt+hmsZQmui0MjgACYd0QbV3wZ9U=) 17: 37382e32342e3132352e302f32342d3234203d3e20343031383338.roa (hash: qgaqtIbvWlmZK0f99yeifoHSkIPhxGYhski+5gJ4Rv4=) 18: 39332e39322e32322e302f32332d3234203d3e203534333339.roa (hash: 88A6WN8qi/A8Ut9i/zPgFdBiGIl+iAKvU5wxlPcUnB8=) 19: 37382e32342e3132332e302f32342d3234203d3e20343031383338.roa (hash: XbX1Gid500oTFj6vAef29FZUEz5FTkMATGNQOQiD6pY=) 20: 37382e32342e3132342e302f32342d3234203d3e203534333339.roa (hash: Jmas5KP8U8YtPnq0n93kzfbv6wwue5du0IC/hUNUQy4=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 22 Oct 2025 14:12:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:af:d6:16:c6:dc:f5:d2:a9:61:97:32:a1:f3:3a:80:19:c5:ee:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444 Validity Not Before: Oct 21 19:32:40 2025 GMT Not After : Oct 22 22:43:40 2025 GMT Subject: CN=7E5A74A71D1E695EE786B949B93537E055EB5181 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d5:43:1d:30:b8:dd:1d:a1:56:a2:7d:df:7c: d9:e5:7d:8b:30:d3:dd:c5:d7:0d:dc:b5:20:23:bc: 2c:73:10:8c:02:55:ce:1d:25:b2:bd:d3:aa:99:d6: c2:a6:5c:39:56:59:23:b5:77:cb:e0:4a:b6:ad:33: fa:90:9f:86:0c:00:67:c6:de:40:ea:53:0c:0b:bf: 38:c7:ab:17:1c:de:59:51:b8:6c:5e:f3:86:9e:d9: 74:87:59:94:be:0e:2f:e3:9e:8a:23:d7:bd:9b:ce: 79:ef:57:77:8a:a8:55:cd:02:a5:85:df:ae:16:c2: 4c:cd:2f:26:46:d2:27:39:f1:bf:2c:19:8a:50:ab: 1e:ed:23:6c:df:1e:a7:51:00:ff:58:0c:99:e4:68: bd:05:d8:a1:d5:d2:85:50:fd:4c:81:45:8a:3f:a0: 45:2c:ff:09:e5:49:c9:0e:a2:03:fc:a9:6a:e2:84: d3:89:3d:8f:71:07:ba:d3:f2:ea:dc:e1:9a:57:0d: ae:be:2d:67:38:48:19:f5:ef:0b:88:af:fd:fc:1f: 1c:13:2c:83:50:24:7e:fd:48:ce:2f:4a:e4:d0:f6: 23:b8:07:61:99:25:fc:46:31:81:68:8c:b3:6d:aa: 76:5c:fe:52:27:6f:dd:9e:c4:20:d9:17:ba:6d:68: 13:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:5A:74:A7:1D:1E:69:5E:E7:86:B9:49:B9:35:37:E0:55:EB:51:81 X509v3 Authority Key Identifier: keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:42:12:57:ca:8c:0f:9b:61:7c:c6:d4:2b:8d:c8:19:26:c0: 2d:37:9a:15:54:26:54:82:5d:60:81:ea:5f:19:45:b6:0a:c7: 82:68:2c:40:88:a6:00:63:de:17:01:ba:13:b8:6a:21:f2:0c: d8:17:d7:78:83:eb:4f:15:7f:a7:5a:9e:f1:ba:93:0b:4b:d6: 68:0f:08:4e:bb:23:66:7f:ae:e6:a2:1c:5c:d0:5f:b5:14:6c: de:1a:8c:ea:89:07:ac:98:43:a5:be:66:bb:3f:45:39:21:04: d7:78:ae:12:42:f5:04:be:c9:58:28:73:ec:93:05:f2:af:49: dd:00:37:b8:73:99:bc:66:1a:84:7b:fb:19:a7:aa:63:ec:04: 3a:82:80:0a:16:da:61:90:81:6d:37:e3:7c:7b:59:bf:6e:5f: 5b:bd:b4:52:eb:b0:ca:2e:a3:3a:e5:a2:e8:94:15:e6:8e:f1: f1:4e:a2:53:b2:6a:74:88:e3:8b:64:95:82:18:9e:4d:85:50: 4c:0f:cb:69:e3:6f:db:6f:cd:f2:93:23:38:ef:9b:74:9c:cb: 24:3e:31:01:50:8b:df:54:42:a3:17:f1:92:20:1b:0a:9d:e7: 5e:6b:af:bd:13:7a:e7:f8:af:ba:79:8e:19:bf:7b:64:d8:5f: 6d:10:d6:57 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIURq/WFsbc9dKpYZcyofM6gBnF7jQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm YWRhMzQ0NDAeFw0yNTEwMjExOTMyNDBaFw0yNTEwMjIyMjQzNDBaMDMxMTAvBgNV BAMTKDdFNUE3NEE3MUQxRTY5NUVFNzg2Qjk0OUI5MzUzN0UwNTVFQjUxODEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC71UMdMLjdHaFWon3ffNnlfYsw 093F1w3ctSAjvCxzEIwCVc4dJbK906qZ1sKmXDlWWSO1d8vgSratM/qQn4YMAGfG 3kDqUwwLvzjHqxcc3llRuGxe84ae2XSHWZS+Di/jnooj172bznnvV3eKqFXNAqWF 364WwkzNLyZG0ic58b8sGYpQqx7tI2zfHqdRAP9YDJnkaL0F2KHV0oVQ/UyBRYo/ oEUs/wnlSckOogP8qWrihNOJPY9xB7rT8urc4ZpXDa6+LWc4SBn17wuIr/38HxwT LINQJH79SM4vSuTQ9iO4B2GZJfxGMYFojLNtqnZc/lInb92exCDZF7ptaBPHAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUflp0px0eaV7nhrlJuTU34FXrUYEwHwYDVR0j BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5 NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y YU5FUS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hNTIyYTUyZi02 NTM0LTQxNjUtYTZhNy1lZjlmNzRlZjk0MzEvMS9EMDFCQTAxM0JDMUU2RDg2RjBE NkQ1OEVBRkE1NEUyN0ZBREEzNDQ0Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUISV8qMD5thfMbUK43I GSbALTeaFVQmVIJdYIHqXxlFtgrHgmgsQIimAGPeFwG6E7hqIfIM2BfXeIPrTxV/ p1qe8bqTC0vWaA8ITrsjZn+u5qIcXNBftRRs3hqM6okHrJhDpb5muz9FOSEE13iu EkL1BL7JWChz7JMF8q9J3QA3uHOZvGYahHv7GaeqY+wEOoKAChbaYZCBbTfjfHtZ v25fW720Uuuwyi6jOuWi6JQV5o7x8U6iU7JqdIjji2SVghieTYVQTA/LaeNv22/N 8pMjOO+bdJzLJD4xAVCL31RCoxfxkiAbCp3nXmuvvRN65/ivunmOGb97ZNhfbRDW Vw== -----END CERTIFICATE-----Generated at Tue Oct 21 23:06:56 2025 by rpki-client