$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft File: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft (raw, json) Hash identifier: OAVykaFNvDsgsSB3aEgDDzGmcyISFaGW78jE0YGi/Z0= Subject key identifier: D7:FF:61:F6:55:2C:87:C5:93:F6:79:83:E0:53:23:4C:38:0E:64:69 Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Certificate serial: 0D7C631A03F691EA28C40EEA52B14A923CE369C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft Manifest number: 036B Signing time: Sun 29 Jun 2025 00:34:13 +0000 Manifest this update: Sun 29 Jun 2025 00:29:13 +0000 Manifest next update: Mon 30 Jun 2025 00:49:13 +0000 Files and hashes: 1: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (hash: VqRU0PsdkYcQlfLEqZmAkEPw8yvo7sqFgCP45AzG5Gs=) 2: 34352e3134362e3136322e302f32342d3234203d3e203138363331.roa (hash: C/6HJC1mRnTjt5un9I/ly/ex3eg1Ngny62cwbLuyXag=) 3: 34352e3134362e3136302e302f32332d3233203d3e203437343437.roa (hash: RhIjHNXayp0tS4DN32atD6aHafLrHUAz0HkdV618CRY=) 4: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl (hash: nTuf152DNhlYZj2KRkUzdQcELwbZJuysPNcoO7Gnphw=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 30 Jun 2025 00:49:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:7c:63:1a:03:f6:91:ea:28:c4:0e:ea:52:b1:4a:92:3c:e3:69:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Validity Not Before: Jun 29 00:29:13 2025 GMT Not After : Jun 30 00:49:13 2025 GMT Subject: CN=D7FF61F6552C87C593F67983E053234C380E6469 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:92:1f:4f:3a:c4:99:8b:b5:6f:1f:53:77:18: 92:dd:65:77:4f:11:30:f3:7c:d6:91:d7:f5:24:2d: bd:bd:a8:9f:3b:18:74:37:2b:f8:f6:11:8a:79:ad: 71:49:09:67:77:8a:ce:83:4b:e0:b3:a4:d7:3d:04: e0:e5:21:6e:8c:ac:92:0f:c5:7e:7d:c5:0b:70:a3: fe:80:e9:5c:7a:44:f3:a4:1e:11:22:4e:b4:92:86: 80:22:24:d5:7e:c2:60:5d:0d:b3:71:44:18:62:bb: 19:63:d7:c6:70:07:06:0e:78:ff:55:c9:8c:dc:41: d1:bb:eb:bb:f3:3e:e8:ee:8b:a0:9d:03:98:e5:f8: 64:bb:9a:6b:58:89:2d:b0:6e:fa:c8:82:4b:1f:19: 87:2b:d9:20:ed:62:61:72:2d:fb:17:15:93:dc:be: 8a:b2:83:5c:61:4f:35:6e:a9:ca:42:cf:34:e1:d9: bb:bb:9e:dc:8f:59:13:6e:73:eb:e7:44:be:b1:7c: de:d9:46:5a:70:0a:aa:47:f0:b1:2f:88:30:87:0c: 2c:bd:ea:14:ab:11:b8:56:07:65:9d:10:ad:77:be: 11:a0:a6:79:35:16:5a:46:1b:82:e3:1d:a4:82:bc: 2c:01:bc:ce:bc:49:69:47:17:a9:5e:b8:89:6f:07: 15:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:FF:61:F6:55:2C:87:C5:93:F6:79:83:E0:53:23:4C:38:0E:64:69 X509v3 Authority Key Identifier: keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:2f:fa:59:86:c5:f6:41:52:58:aa:a3:cf:09:09:48:19:1d: 03:71:a3:b4:d3:0a:3b:94:f5:7e:8b:18:75:04:c4:a9:c3:7a: 65:3f:f2:45:9b:89:03:72:82:91:d5:9d:d7:1f:3d:6d:c2:86: 97:ef:29:36:a0:03:8e:7f:96:17:9d:6a:c6:48:65:3c:f6:c3: 78:8b:e9:f7:b0:ea:90:aa:6d:a2:2c:43:fc:9b:f2:51:f8:9f: 77:56:f1:75:53:c4:97:28:4e:10:0c:07:26:d5:6b:43:40:e7: b1:1e:e5:40:e0:f0:46:43:95:25:c1:bc:12:cf:06:11:49:cd: a0:c7:05:ff:f9:12:61:f6:00:41:d7:df:3a:43:f4:3a:6f:15: cd:5d:8f:f0:8a:89:b2:2a:1b:e1:f8:6d:8d:dd:94:e7:2e:ee: 7d:32:40:7e:47:1d:50:ee:b0:57:30:0d:ed:1d:d9:99:2a:66: b3:6e:87:54:6b:8e:ab:71:d6:ab:3b:0f:6b:f0:8d:e1:0e:f3: 2b:b7:54:31:1c:af:50:6c:05:a5:8d:13:bd:b7:3b:59:66:c4: bf:30:c2:52:86:c7:04:20:26:6a:d6:1f:f1:4c:91:d5:58:22: 83:ec:54:5a:3d:8c:07:96:48:c4:08:87:eb:6b:92:96:ce:6a: 81:55:7e:bb -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUDXxjGgP2keooxA7qUrFKkjzjackwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm MjYwNzNjMzAeFw0yNTA2MjkwMDI5MTNaFw0yNTA2MzAwMDQ5MTNaMDMxMTAvBgNV BAMTKEQ3RkY2MUY2NTUyQzg3QzU5M0Y2Nzk4M0UwNTMyMzRDMzgwRTY0NjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRkh9POsSZi7VvH1N3GJLdZXdP ETDzfNaR1/UkLb29qJ87GHQ3K/j2EYp5rXFJCWd3is6DS+CzpNc9BODlIW6MrJIP xX59xQtwo/6A6Vx6RPOkHhEiTrSShoAiJNV+wmBdDbNxRBhiuxlj18ZwBwYOeP9V yYzcQdG767vzPujui6CdA5jl+GS7mmtYiS2wbvrIgksfGYcr2SDtYmFyLfsXFZPc voqyg1xhTzVuqcpCzzTh2bu7ntyPWRNuc+vnRL6xfN7ZRlpwCqpH8LEviDCHDCy9 6hSrEbhWB2WdEK13vhGgpnk1FlpGG4LjHaSCvCwBvM68SWlHF6leuIlvBxVJAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQU1/9h9lUsh8WT9nmD4FMjTDgOZGkwHwYDVR0j BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K Z2M4TS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZmUyYjI3YS0x ZWM1LTRhYjctOTc4ZS02ZGE5Y2Y5ZjM3OTAvMC81REVGRTA5MjJGNEY1NTI3MERD RDVDMDhGMDRGMUM3QkYyNjA3M0MzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALy/6WYbF9kFSWKqjzwkJ SBkdA3GjtNMKO5T1fosYdQTEqcN6ZT/yRZuJA3KCkdWd1x89bcKGl+8pNqADjn+W F51qxkhlPPbDeIvp97DqkKptoixD/JvyUfifd1bxdVPElyhOEAwHJtVrQ0DnsR7l QODwRkOVJcG8Es8GEUnNoMcF//kSYfYAQdffOkP0Om8VzV2P8IqJsiob4fhtjd2U 5y7ufTJAfkcdUO6wVzAN7R3ZmSpms26HVGuOq3HWqzsPa/CN4Q7zK7dUMRyvUGwF pY0Tvbc7WWbEvzDCUobHBCAmatYf8UyR1Vgig+xUWj2MB5ZIxAiH62uSls5qgVV+ uw== -----END CERTIFICATE-----Generated at Sun Jun 29 18:14:40 2025 by rpki-client