$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft File: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft (raw, json) Hash identifier: nmYnDB99i3ghxmfoUM7PE3CtIO16sF7zOw3Kq5/bcUQ= Subject key identifier: 19:26:2D:9B:D7:54:6F:66:44:09:58:96:C6:56:2F:73:33:E9:FB:60 Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Certificate serial: 156B6E25797DE6F639F3CF86057D2C5CD31A9896 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft Manifest number: 04D3 Signing time: Wed 25 Mar 2026 16:46:08 +0000 Manifest this update: Wed 25 Mar 2026 16:41:08 +0000 Manifest next update: Thu 26 Mar 2026 20:14:08 +0000 Files and hashes: 1: 34352e3134362e3136322e302f32342d3234203d3e203138363331.roa (hash: mQKE/0/NnV539NSoXtVCOp3+AeXahl8sUnLhuxaZN7o=) 2: 5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl (hash: udjijBGXiE5Y1oLYCcYdvPbq83cC5jOnHmIfky9oheM=) 3: 34352e3134362e3136302e302f32332d3233203d3e203437343437.roa (hash: 31YTnxmdtZ2cp3Cw9rcOHPD6ZzrVs4b/Az5vMfbmmIM=) 4: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (hash: dEyrefnnKSg66lfx459XJ2SroTggGi4go9Zp+DRZdvU=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 20:14:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:6b:6e:25:79:7d:e6:f6:39:f3:cf:86:05:7d:2c:5c:d3:1a:98:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3 Validity Not Before: Mar 25 16:41:08 2026 GMT Not After : Mar 26 20:14:08 2026 GMT Subject: CN=19262D9BD7546F6644095896C6562F7333E9FB60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ba:2d:fb:a2:85:31:d0:e0:0b:23:a7:07:1d: bb:1f:63:31:7f:37:11:39:16:d2:63:b1:5b:89:60: 01:ff:b2:01:f0:10:c5:e9:d5:61:ef:18:8c:a6:ca: 5b:c5:15:d8:11:d3:2c:45:ed:42:af:71:83:0f:72: e7:cd:7a:ca:9f:56:25:ea:37:03:e0:23:59:d2:9f: 37:0a:ba:53:ec:bf:9d:89:44:94:78:ff:53:85:cb: b9:41:bf:13:bc:2d:39:b4:30:fc:c6:07:23:70:65: 79:53:f8:c0:62:63:e5:70:60:6f:fe:fe:e8:52:ab: 3b:de:e1:c3:07:a3:0e:43:05:a2:f4:d5:3b:7d:b1: b0:8a:cd:15:52:2b:9b:70:9a:15:88:b2:cd:58:74: 45:d0:43:ae:4f:8b:65:6c:09:10:45:bc:75:97:87: ef:2e:c0:a8:40:8a:1f:65:44:ea:67:d8:9e:d2:8e: db:cb:b8:ef:59:6b:22:39:48:8c:b3:4d:74:d6:10: 5c:56:f7:26:bf:89:fe:7c:34:55:7a:6a:09:bc:cd: e8:22:d0:22:7f:38:88:e5:f4:ec:49:58:c8:00:83: 57:7b:74:f8:25:88:1a:b1:5d:2f:30:b6:fa:9b:0b: 50:df:fa:f2:ba:45:0b:6e:7a:db:46:4a:a7:9c:3d: a9:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:26:2D:9B:D7:54:6F:66:44:09:58:96:C6:56:2F:73:33:E9:FB:60 X509v3 Authority Key Identifier: keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:0b:25:cb:bc:3b:bc:ac:92:cb:93:32:27:d8:9c:06:b8:23: e6:16:bd:bb:5a:87:22:75:b7:fa:7c:fa:ba:ce:41:e0:65:17: 41:6e:3e:e4:a4:ed:59:d5:81:b4:16:11:d8:d2:c8:e3:a4:51: f0:a6:07:54:c1:ee:52:2b:59:98:67:29:60:96:10:1d:b4:e5: f0:a5:34:99:11:8a:7a:aa:e2:94:88:d5:d3:f7:08:c4:4e:a1: 89:40:72:35:0a:57:30:0d:02:25:41:de:27:e4:d3:a2:a9:b9: 35:60:72:3c:a2:02:a3:2f:b4:e1:f6:28:94:bf:f8:40:79:41: 51:54:b6:25:f5:36:43:98:17:88:fc:f9:0e:f0:2c:8f:0a:57: 44:b5:31:61:48:71:69:47:6f:7d:6d:0a:6c:45:3f:07:f7:8a: 96:33:fe:90:77:88:dc:b1:4b:40:99:d8:8a:a8:96:bf:74:a4: 0e:20:52:20:d0:6f:7c:dc:ea:16:2f:54:93:ae:83:af:03:80: 1c:fe:75:cf:74:b5:13:5c:40:13:5c:c5:f9:a8:a4:8b:ca:36: 24:f7:30:7f:3f:b0:9e:be:a2:a2:4d:fc:17:31:30:26:74:62: 6a:37:09:1b:67:86:69:8b:0c:05:98:e7:0a:fc:1f:9b:ba:b9: 8e:53:d5:92 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUFWtuJXl95vY588+GBX0sXNMamJYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm MjYwNzNjMzAeFw0yNjAzMjUxNjQxMDhaFw0yNjAzMjYyMDE0MDhaMDMxMTAvBgNV BAMTKDE5MjYyRDlCRDc1NDZGNjY0NDA5NTg5NkM2NTYyRjczMzNFOUZCNjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPui37ooUx0OALI6cHHbsfYzF/ NxE5FtJjsVuJYAH/sgHwEMXp1WHvGIymylvFFdgR0yxF7UKvcYMPcufNesqfViXq NwPgI1nSnzcKulPsv52JRJR4/1OFy7lBvxO8LTm0MPzGByNwZXlT+MBiY+VwYG/+ /uhSqzve4cMHow5DBaL01Tt9sbCKzRVSK5twmhWIss1YdEXQQ65Pi2VsCRBFvHWX h+8uwKhAih9lROpn2J7SjtvLuO9ZayI5SIyzTXTWEFxW9ya/if58NFV6agm8zegi 0CJ/OIjl9OxJWMgAg1d7dPgliBqxXS8wtvqbC1Df+vK6RQtuettGSqecPakRAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUGSYtm9dUb2ZECViWxlYvczPp+2AwHwYDVR0j BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K Z2M4TS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZmUyYjI3YS0x ZWM1LTRhYjctOTc4ZS02ZGE5Y2Y5ZjM3OTAvMC81REVGRTA5MjJGNEY1NTI3MERD RDVDMDhGMDRGMUM3QkYyNjA3M0MzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsQsly7w7vKySy5MyJ9ic Brgj5ha9u1qHInW3+nz6us5B4GUXQW4+5KTtWdWBtBYR2NLI46RR8KYHVMHuUitZ mGcpYJYQHbTl8KU0mRGKeqrilIjV0/cIxE6hiUByNQpXMA0CJUHeJ+TToqm5NWBy PKICoy+04fYolL/4QHlBUVS2JfU2Q5gXiPz5DvAsjwpXRLUxYUhxaUdvfW0KbEU/ B/eKljP+kHeI3LFLQJnYiqiWv3SkDiBSINBvfNzqFi9Uk66DrwOAHP51z3S1E1xA E1zF+aiki8o2JPcwfz+wnr6iok38FzEwJnRiajcJG2eGaYsMBZjnCvwfm7q5jlPV kg== -----END CERTIFICATE-----Generated at Thu Mar 26 12:52:32 2026 by rpki-client