$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft File: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft (raw, json) Hash identifier: SyEZewYX/ln+lYUIkuOF/wiGwWdYYCavkQzkjpFZV0w= Subject key identifier: E6:E5:0E:CC:3C:1D:0F:9F:79:A1:BA:FA:09:D2:EF:1C:38:FF:D9:15 Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Certificate serial: 7A6EDBB65C7DD04DC1E6414C995D77498C0D927A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft Manifest number: 0595 Signing time: Wed 25 Mar 2026 21:51:55 +0000 Manifest this update: Wed 25 Mar 2026 21:46:55 +0000 Manifest next update: Thu 26 Mar 2026 21:55:55 +0000 Files and hashes: 1: 34362e3138332e32362e302f32342d3234203d3e2039303039.roa (hash: ckwThy9Ftd6Jb/nTbj53dd12b3F3RSR9Etp8JSW5svM=) 2: 34362e3138332e32342e302f32342d3234203d3e20313432313436.roa (hash: U6sIE1tc5XNg8Vw7jnbxLLCNANnB9wH3voxb1FhuZwc=) 3: 34362e3138332e33302e302f32342d3234203d3e203631333137.roa (hash: pxnqedD3kuwz1m+9x0q4e9R46P3xXGAP6tM7JZr4zqQ=) 4: 34362e3138332e32352e302f32342d3234203d3e203633303233.roa (hash: xQUOQgb0PWc+/72PSNuNhyH/1WTrTU3f/QF4HqRWRbI=) 5: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl (hash: hn6NG7HnTeYQfyRqRReui9AlEpdOj4Wav1uwnOvjNYI=) 6: 34362e3138332e33312e302f32342d3234203d3e203433333530.roa (hash: xgztmir76zbcn1TSqgELAY0RZNOYsv6tbCBjd0ajcKA=) 7: 34362e3138332e32382e302f32342d3234203d3e203239383032.roa (hash: kUcJYnZDGTlKIzzpmv1f5LvT/3qyw3JDmGespkIKDl8=) 8: 34362e3138332e32352e302f32342d3234203d3e20323132323338.roa (hash: P1+0nsQvOjxz4uhyz/dzfXbHlZHNA/BWK3bhubdLlKg=) 9: 34362e3138332e32372e302f32342d3234203d3e20323132323338.roa (hash: hl0LwIkWgXiEYZpFaX3uPN7EPrDq4mPps9alNUssHF4=) 10: 34362e3138332e33302e302f32342d3234203d3e203239383032.roa (hash: 72nHdO4b4bTlOVAl3qEYnqrejyz7ta1anmrlcAXdAWw=) 11: 34362e3138332e32392e302f32342d3234203d3e20383334.roa (hash: cCNMl/j8O4+QWokqGu7uLfEk807f860f4W6iD80yDww=) 12: 34362e3138332e32382e302f32342d3234203d3e203631333137.roa (hash: EQc8ZSWRYu3w3yABE1KT+uLZnchUtUDhUBMKc9gsz8U=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 15:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:6e:db:b6:5c:7d:d0:4d:c1:e6:41:4c:99:5d:77:49:8c:0d:92:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Validity Not Before: Mar 25 21:46:55 2026 GMT Not After : Mar 26 21:55:55 2026 GMT Subject: CN=E6E50ECC3C1D0F9F79A1BAFA09D2EF1C38FFD915 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:aa:aa:78:c9:7b:d1:73:f9:23:4f:f7:dc:b1: bf:f9:7e:22:32:eb:fd:13:1d:9b:62:76:46:82:b3: cf:46:65:2a:8a:07:87:34:e3:3d:d7:bb:9e:c2:08: 5a:69:10:41:e7:c5:2c:58:2e:11:45:09:d6:1c:61: 8b:02:71:7c:ad:14:aa:4b:53:cb:e2:b2:85:15:8c: 8b:9a:3d:34:16:b1:67:e5:d3:0b:a0:51:36:74:0e: 78:dc:a4:d6:e0:3c:06:e3:64:d5:ec:0e:06:86:a6: e0:6e:95:0a:91:be:63:d7:ac:c3:6a:79:92:b8:fd: 18:81:30:e3:be:0f:c9:dc:d3:dd:f9:5a:25:4a:2a: 74:4c:76:f6:23:14:b8:c0:e0:e1:23:71:d3:c1:99: 38:4d:86:19:12:8a:f6:b8:89:5f:23:fa:77:95:e9: e5:73:e1:94:46:1e:b0:3e:02:fb:4b:e9:ec:ca:0a: c1:74:48:e1:0f:82:5d:e3:a3:cc:51:ad:2a:23:0e: 88:67:ba:16:b3:f3:92:3e:aa:b6:1f:ba:16:43:d9: 71:67:63:0b:f5:3b:7d:a0:6a:47:9a:6e:bb:dd:ec: 4f:2b:fd:c0:62:aa:5e:27:9e:31:f6:66:85:ff:93: 81:d5:8e:de:3f:26:4c:33:7d:8e:0d:cf:1f:1f:a1: f9:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:E5:0E:CC:3C:1D:0F:9F:79:A1:BA:FA:09:D2:EF:1C:38:FF:D9:15 X509v3 Authority Key Identifier: keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b0:48:b9:c9:46:fd:0e:b4:72:f5:3d:25:2f:de:cd:e2:ab:3f: 37:8d:eb:8b:b9:82:3e:d8:51:2b:bf:b8:8e:24:6d:a5:04:83: 8a:54:56:b2:78:8f:cc:16:da:46:87:3c:ff:e6:52:ba:8c:ae: 7e:54:92:58:e9:87:ff:6a:9c:d2:5b:69:c9:74:62:8d:3d:77: 42:7d:b3:3a:dc:94:c8:5f:17:1a:3a:ed:b6:dd:87:89:cb:84: c3:e5:3c:01:5f:41:8c:b8:14:1e:59:33:82:fc:6d:6a:73:d7: 4a:65:63:9a:be:16:5c:3a:21:2c:a9:1b:96:53:00:fe:9e:fd: 8d:a1:5b:86:79:d0:3a:6b:d2:06:92:dc:a3:2e:db:0b:06:60: 8a:51:e7:35:97:35:58:81:1b:3d:d4:20:9e:ee:41:de:42:17: 4a:8a:c0:8d:f4:cc:d9:9a:80:2a:b5:99:c4:55:33:9a:3e:37: 4d:ea:59:d3:bf:0e:54:ee:01:4e:d6:f1:15:04:a0:17:a0:08: d6:fb:49:5d:b7:8e:fc:40:75:7e:d8:e9:7f:71:73:e3:df:e9: af:de:39:87:5d:24:27:d6:81:16:b7:89:6f:f5:6f:4d:f8:e0: a6:21:d6:3d:68:23:ca:2e:19:2e:4c:be:4a:7a:12:de:68:c3: 73:fe:20:0a -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUem7btlx90E3B5kFMmV13SYwNknowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj YzY3N2IwMDAeFw0yNjAzMjUyMTQ2NTVaFw0yNjAzMjYyMTU1NTVaMDMxMTAvBgNV BAMTKEU2RTUwRUNDM0MxRDBGOUY3OUExQkFGQTA5RDJFRjFDMzhGRkQ5MTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpqqp4yXvRc/kjT/fcsb/5fiIy 6/0THZtidkaCs89GZSqKB4c04z3Xu57CCFppEEHnxSxYLhFFCdYcYYsCcXytFKpL U8visoUVjIuaPTQWsWfl0wugUTZ0DnjcpNbgPAbjZNXsDgaGpuBulQqRvmPXrMNq eZK4/RiBMOO+D8nc0935WiVKKnRMdvYjFLjA4OEjcdPBmThNhhkSiva4iV8j+neV 6eVz4ZRGHrA+AvtL6ezKCsF0SOEPgl3jo8xRrSojDohnuhaz85I+qrYfuhZD2XFn Ywv1O32gakeabrvd7E8r/cBiql4nnjH2ZoX/k4HVjt4/JkwzfY4Nzx8fofmFAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQU5uUOzDwdD595obr6CdLvHDj/2RUwHwYDVR0j BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0 Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4 bmV3QS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xNmFjYjlhMC02 ZDFlLTRhZTQtOTE3Ny1kOTM4ZTk4MDQzOTUvMC8yNEU1Mzc4OEJENEVGQTIzQjFB ODIwN0I3RTc0QThFMUNDNjc3QjAwLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsEi5yUb9DrRy9T0lL97N 4qs/N43ri7mCPthRK7+4jiRtpQSDilRWsniPzBbaRoc8/+ZSuoyuflSSWOmH/2qc 0ltpyXRijT13Qn2zOtyUyF8XGjrttt2HicuEw+U8AV9BjLgUHlkzgvxtanPXSmVj mr4WXDohLKkbllMA/p79jaFbhnnQOmvSBpLcoy7bCwZgilHnNZc1WIEbPdQgnu5B 3kIXSorAjfTM2ZqAKrWZxFUzmj43TepZ078OVO4BTtbxFQSgF6AI1vtJXbeO/EB1 ftjpf3Fz49/pr945h10kJ9aBFreJb/VvTfjgpiHWPWgjyi4ZLky+SnoS3mjDc/4g Cg== -----END CERTIFICATE-----Generated at Thu Mar 26 02:21:58 2026 by rpki-client