$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft File: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft (raw, json) Hash identifier: kpwKAQct6tO0teAnRHmnXD+yKVr8mXsx53Zg7tG+OLA= Subject key identifier: 06:0F:FC:A3:9F:A1:11:82:90:C8:94:D8:64:18:4F:4C:92:11:FA:04 Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Certificate serial: 6FC51ECF2E649AA252FCFFC001692365E2D3CEA9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft Manifest number: 0400 Signing time: Sun 19 Oct 2025 14:21:39 +0000 Manifest this update: Sun 19 Oct 2025 14:16:39 +0000 Manifest next update: Mon 20 Oct 2025 15:06:39 +0000 Files and hashes: 1: 34352e3134362e3136322e302f32342d3234203d3e203138363331.roa (hash: C/6HJC1mRnTjt5un9I/ly/ex3eg1Ngny62cwbLuyXag=) 2: 34352e3134362e3136302e302f32332d3233203d3e203437343437.roa (hash: RhIjHNXayp0tS4DN32atD6aHafLrHUAz0HkdV618CRY=) 3: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl (hash: 2p8mu1TX7hSxh6Vm+C8eOmztKXlpIV0sK5yuBOCNI0w=) 4: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (hash: dEyrefnnKSg66lfx459XJ2SroTggGi4go9Zp+DRZdvU=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 11:18:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:c5:1e:cf:2e:64:9a:a2:52:fc:ff:c0:01:69:23:65:e2:d3:ce:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Validity Not Before: Oct 19 14:16:39 2025 GMT Not After : Oct 20 15:06:39 2025 GMT Subject: CN=060FFCA39FA1118290C894D864184F4C9211FA04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:f8:76:a8:d2:06:49:86:1f:63:93:9b:05:21: 71:23:ad:46:e6:4f:35:9f:54:1e:5b:ae:d4:34:c5: e9:e3:f4:31:e5:35:18:7c:af:78:3e:86:27:a3:22: be:c8:38:d9:be:78:fa:1a:13:71:ec:43:bf:1d:a0: 6b:cf:d6:44:8a:b5:ed:61:24:e3:e0:a0:89:e0:99: 80:9e:5b:1a:50:54:d0:7d:04:2d:57:a7:b0:0c:ff: a7:85:c3:f8:04:a4:1a:e4:5f:4a:04:2a:a5:be:6b: ed:20:d7:51:ef:b1:de:3d:0d:74:70:ef:e5:31:1c: 7a:d6:34:c8:43:e7:91:98:de:ee:d3:b3:65:3b:76: 79:17:bf:6d:b4:b7:ce:6b:80:c3:36:f2:75:69:40: a9:65:e5:9a:44:c3:1b:80:75:d4:9b:f5:b3:cc:10: f4:43:aa:9b:5b:39:dd:cd:d3:b3:9a:cc:dd:ee:de: cc:57:f1:09:df:21:53:01:9f:bc:57:be:e8:46:05: 1f:e2:8a:0b:b3:dd:f1:65:29:fe:c5:79:61:2b:42: ca:86:d2:36:33:3c:fc:a2:bd:8c:a2:34:49:3a:f3: a9:94:ee:0a:2e:15:a4:71:81:d0:ef:7f:a3:88:13: 31:6f:3e:e5:58:1c:0c:4d:21:15:92:0b:11:f5:1a: 91:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:0F:FC:A3:9F:A1:11:82:90:C8:94:D8:64:18:4F:4C:92:11:FA:04 X509v3 Authority Key Identifier: keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:e8:a4:a2:75:fe:b9:17:6b:91:a3:28:15:0d:69:13:46:08: 17:3d:47:b3:9b:0f:27:58:9b:98:57:10:75:3e:16:eb:3f:ff: 5a:ac:de:da:1e:90:f3:66:01:cc:67:9f:f7:dc:88:61:1c:f6: d6:e9:90:fc:55:b9:7b:90:96:e5:c1:bc:bc:09:ba:a6:92:2d: 70:08:dd:4a:98:d4:37:40:56:8b:61:4a:ba:7c:24:11:03:23: 35:ab:aa:7f:43:19:9b:bd:30:bf:38:ff:7c:8d:10:dc:ba:27: 53:23:7b:09:ff:28:a4:fa:f6:80:5e:1b:11:09:2f:2d:ad:7f: e5:ba:8f:24:ad:57:ec:fa:de:97:b4:87:ab:4a:f1:b3:b2:67: 94:04:df:25:cd:a4:7c:de:0f:45:de:63:98:46:06:d1:a2:f7: 5b:bc:d8:7d:b2:6d:76:f9:d9:5a:4a:37:72:9c:bc:2b:35:52: 0f:81:5b:6d:fb:93:1e:eb:9d:c3:df:9c:b1:32:95:7f:bf:60: 5a:4e:ab:74:e1:47:c5:b2:a9:a4:c1:ea:97:f8:3e:3a:23:a1: 74:f3:12:7a:69:fa:2b:50:96:5b:f5:ca:25:92:cf:b2:a2:99: 00:6d:b9:7f:3d:95:a9:48:d7:87:5d:70:61:8e:f0:a2:ff:79: b8:6d:73:dc -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUb8Uezy5kmqJS/P/AAWkjZeLTzqkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm MjYwNzNjMzAeFw0yNTEwMTkxNDE2MzlaFw0yNTEwMjAxNTA2MzlaMDMxMTAvBgNV BAMTKDA2MEZGQ0EzOUZBMTExODI5MEM4OTREODY0MTg0RjRDOTIxMUZBMDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT+Hao0gZJhh9jk5sFIXEjrUbm TzWfVB5brtQ0xenj9DHlNRh8r3g+hiejIr7IONm+ePoaE3HsQ78doGvP1kSKte1h JOPgoIngmYCeWxpQVNB9BC1Xp7AM/6eFw/gEpBrkX0oEKqW+a+0g11Hvsd49DXRw 7+UxHHrWNMhD55GY3u7Ts2U7dnkXv220t85rgMM28nVpQKll5ZpEwxuAddSb9bPM EPRDqptbOd3N07OazN3u3sxX8QnfIVMBn7xXvuhGBR/iiguz3fFlKf7FeWErQsqG 0jYzPPyivYyiNEk686mU7gouFaRxgdDvf6OIEzFvPuVYHAxNIRWSCxH1GpH7AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUBg/8o5+hEYKQyJTYZBhPTJIR+gQwHwYDVR0j BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K Z2M4TS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZmUyYjI3YS0x ZWM1LTRhYjctOTc4ZS02ZGE5Y2Y5ZjM3OTAvMC81REVGRTA5MjJGNEY1NTI3MERD RDVDMDhGMDRGMUM3QkYyNjA3M0MzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYuikonX+uRdrkaMoFQ1p E0YIFz1Hs5sPJ1ibmFcQdT4W6z//Wqze2h6Q82YBzGef99yIYRz21umQ/FW5e5CW 5cG8vAm6ppItcAjdSpjUN0BWi2FKunwkEQMjNauqf0MZm70wvzj/fI0Q3LonUyN7 Cf8opPr2gF4bEQkvLa1/5bqPJK1X7Prel7SHq0rxs7JnlATfJc2kfN4PRd5jmEYG 0aL3W7zYfbJtdvnZWko3cpy8KzVSD4FbbfuTHuudw9+csTKVf79gWk6rdOFHxbKp pMHql/g+OiOhdPMSemn6K1CWW/XKJZLPsqKZAG25fz2VqUjXh11wYY7wov95uG1z 3A== -----END CERTIFICATE-----Generated at Sun Oct 19 19:53:55 2025 by rpki-client