$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft File: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft (raw, json) Hash identifier: bOLn3vvKMZDiLsL8rPcTlrqH455NMMtRItOWkO7uiBs= Subject key identifier: 91:D4:17:F4:25:B5:7C:11:F5:C3:95:92:31:86:C0:2B:7D:CD:10:D7 Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Certificate serial: 72C9BA12D2CC3D6AE1250B65D6D33BEE9DF3B5D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft Manifest number: 04BB Signing time: Sun 19 Oct 2025 02:16:35 +0000 Manifest this update: Sun 19 Oct 2025 02:11:35 +0000 Manifest next update: Mon 20 Oct 2025 02:40:35 +0000 Files and hashes: 1: 34362e3138332e32382e302f32342d3234203d3e203631333137.roa (hash: EQc8ZSWRYu3w3yABE1KT+uLZnchUtUDhUBMKc9gsz8U=) 2: 34362e3138332e32352e302f32342d3234203d3e20323132323338.roa (hash: lxi2m0tJ4IwcIv1Qu/mxuwgzf8BGdtHdxfKNM9mKZEQ=) 3: 34362e3138332e32352e302f32342d3234203d3e203633303233.roa (hash: 4jq0qwMJqWtfRUuzz3vPyKHtua4FM5/8Y3cvVGfTKBM=) 4: 34362e3138332e32362e302f32342d3234203d3e2039303039.roa (hash: ii72WRjo+pDoTtYybgLKaFsOG8JUV0CPdunTnf7/tAg=) 5: 34362e3138332e33312e302f32342d3234203d3e20313734.roa (hash: 3Z7e+5TwzBef1b9VYHjpmL+5jzamN8gXYO/wLKWP7lA=) 6: 34362e3138332e32392e302f32342d3234203d3e20383334.roa (hash: 0Syl2RFUWkkZiRGY1Pwqb1zrgJevSvKDh9Tp1/7uXXA=) 7: 24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl (hash: P7jXlaHz0Fx5quZgD8mIJGzs/FgeaBStiku/Nggy9IE=) 8: 34362e3138332e32372e302f32342d3234203d3e20323132323338.roa (hash: MBTQi0HOcbTwY/4fQl+vTOHLOQ2FmR/EhBIZ6Dj3u14=) 9: 34362e3138332e32342e302f32342d3234203d3e20313432313436.roa (hash: U6sIE1tc5XNg8Vw7jnbxLLCNANnB9wH3voxb1FhuZwc=) 10: 34362e3138332e33302e302f32342d3234203d3e203631333137.roa (hash: pxnqedD3kuwz1m+9x0q4e9R46P3xXGAP6tM7JZr4zqQ=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 02:40:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:c9:ba:12:d2:cc:3d:6a:e1:25:0b:65:d6:d3:3b:ee:9d:f3:b5:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00 Validity Not Before: Oct 19 02:11:35 2025 GMT Not After : Oct 20 02:40:35 2025 GMT Subject: CN=91D417F425B57C11F5C395923186C02B7DCD10D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:4a:1b:ae:e2:fa:73:f6:f3:3e:e4:f0:17:9a: ad:fc:56:c6:36:4a:9f:8c:28:45:33:40:95:be:c7: 09:20:e4:81:65:29:10:d4:33:b0:d6:81:98:f1:7d: 03:7b:22:57:ae:fb:47:fa:15:fb:51:6b:fa:b8:1a: 0e:47:52:ef:0e:3c:b5:02:88:28:b2:cb:06:76:cb: bd:69:35:0f:51:0d:69:b2:b1:2b:90:c5:eb:0a:04: 92:42:67:16:c0:da:54:09:cb:c6:37:d8:06:16:9a: fe:c3:28:d0:57:78:11:06:be:d3:f7:38:83:d7:76: 58:45:cc:f7:66:f3:73:1f:cb:cc:e6:00:cd:85:06: 08:4e:bc:04:75:93:ff:72:28:6f:91:bd:de:ef:71: 66:b0:eb:d8:63:f4:c4:66:5c:7c:14:96:9e:0c:33: b8:c1:52:91:7a:15:36:a6:3b:e6:04:0e:28:41:3a: 52:38:20:f9:b9:09:49:86:aa:76:1e:4b:4d:48:10: 40:f0:3b:bc:81:69:98:57:dd:36:3b:a5:65:17:20: 39:14:a6:0f:10:5c:84:c3:c1:1c:88:a5:9e:6c:ad: 7d:8a:e2:8f:88:51:a0:6d:8e:17:67:03:74:4d:b3: b3:45:7e:02:df:21:53:95:82:c2:80:c2:85:71:9c: be:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:D4:17:F4:25:B5:7C:11:F5:C3:95:92:31:86:C0:2B:7D:CD:10:D7 X509v3 Authority Key Identifier: keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:ff:0b:28:69:23:99:cb:01:22:cf:3d:f1:48:aa:38:bb:4f: 71:1d:21:f3:9c:ba:c9:1c:e8:52:1d:88:a1:77:83:59:2c:ca: 98:0e:62:6e:60:23:bc:1a:97:b4:40:61:ad:d8:a5:41:ea:47: 54:20:5f:06:d9:50:d1:b0:b6:34:f1:ac:0c:cf:07:c5:1c:3f: de:cb:db:79:3a:0b:f4:01:25:83:13:ba:73:4e:02:2c:36:de: 1b:ab:01:40:92:a6:a4:46:87:5c:79:8c:fb:b5:85:9e:96:23: 0a:a9:15:8d:a2:75:22:db:bf:ef:bd:88:64:74:c2:aa:ef:65: e8:39:df:47:08:4e:41:ff:d8:d3:37:2f:20:74:0d:ef:54:a8: cc:3d:1a:b8:1f:d4:40:09:2a:72:71:30:20:0e:a0:c4:15:f4: fd:af:ca:68:cf:09:63:fd:ee:5c:0e:d4:87:4b:66:ae:fe:54: 3a:cd:ea:8a:92:d1:e7:be:63:5b:23:3b:70:78:7a:5a:73:88: 06:1e:bf:3c:5e:38:a8:1d:f9:31:99:7c:70:de:f8:3e:6f:5c: c6:cb:ac:f6:9f:4d:b1:f9:d8:42:40:9a:84:b3:84:aa:71:20: e6:2c:f3:df:c0:1c:f6:f2:72:0d:fb:a3:b3:2b:d3:86:53:fc: e5:7a:6a:39 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUcsm6EtLMPWrhJQtl1tM77p3ztdgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj YzY3N2IwMDAeFw0yNTEwMTkwMjExMzVaFw0yNTEwMjAwMjQwMzVaMDMxMTAvBgNV BAMTKDkxRDQxN0Y0MjVCNTdDMTFGNUMzOTU5MjMxODZDMDJCN0RDRDEwRDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHShuu4vpz9vM+5PAXmq38VsY2 Sp+MKEUzQJW+xwkg5IFlKRDUM7DWgZjxfQN7Ileu+0f6FftRa/q4Gg5HUu8OPLUC iCiyywZ2y71pNQ9RDWmysSuQxesKBJJCZxbA2lQJy8Y32AYWmv7DKNBXeBEGvtP3 OIPXdlhFzPdm83Mfy8zmAM2FBghOvAR1k/9yKG+Rvd7vcWaw69hj9MRmXHwUlp4M M7jBUpF6FTamO+YEDihBOlI4IPm5CUmGqnYeS01IEEDwO7yBaZhX3TY7pWUXIDkU pg8QXITDwRyIpZ5srX2K4o+IUaBtjhdnA3RNs7NFfgLfIVOVgsKAwoVxnL6rAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUkdQX9CW1fBH1w5WSMYbAK33NENcwHwYDVR0j BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0 Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4 bmV3QS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xNmFjYjlhMC02 ZDFlLTRhZTQtOTE3Ny1kOTM4ZTk4MDQzOTUvMC8yNEU1Mzc4OEJENEVGQTIzQjFB ODIwN0I3RTc0QThFMUNDNjc3QjAwLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMf8LKGkjmcsBIs898Uiq OLtPcR0h85y6yRzoUh2IoXeDWSzKmA5ibmAjvBqXtEBhrdilQepHVCBfBtlQ0bC2 NPGsDM8HxRw/3svbeToL9AElgxO6c04CLDbeG6sBQJKmpEaHXHmM+7WFnpYjCqkV jaJ1Itu/772IZHTCqu9l6DnfRwhOQf/Y0zcvIHQN71SozD0auB/UQAkqcnEwIA6g xBX0/a/KaM8JY/3uXA7Uh0tmrv5UOs3qipLR575jWyM7cHh6WnOIBh6/PF44qB35 MZl8cN74Pm9cxsus9p9NsfnYQkCahLOEqnEg5izz38Ac9vJyDfujsyvThlP85Xpq OQ== -----END CERTIFICATE-----Generated at Sun Oct 19 17:29:50 2025 by rpki-client