$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.mft File: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.mft (raw, json) Hash identifier: 6NhVPXD7xuJLYbhPAk9DttEHavWiSfMJry6Om8QzMDY= Subject key identifier: 1F:EC:1B:FB:F7:67:72:4C:39:C3:81:28:08:16:39:32:8D:80:AA:0F Authority key identifier: 8B:AD:30:7C:D4:DF:11:01:4E:40:ED:DF:FF:D6:0F:9A:09:E6:E9:5C Certificate issuer: /CN=8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C Certificate serial: 7AE3E5430376B2B77153FD72FDE59936332BBA0F Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.mft Manifest number: 021A Signing time: Mon 20 Oct 2025 06:43:58 +0000 Manifest this update: Mon 20 Oct 2025 06:38:58 +0000 Manifest next update: Tue 21 Oct 2025 09:04:58 +0000 Files and hashes: 1: 326131333a393634343a343030303a3a2f34302d3430203d3e20323034323931.roa (hash: 1o4m8PJbpPTt/WwCt8wMPBTEbmCl+8vcVtrKZbTYjFM=) 2: 326131333a393634343a343061653a3a2f34382d3438203d3e20323034323931.roa (hash: 0Augomo0JPTrdfBB/3ITj/ZgfSBftNdAdE/vOPCbcS0=) 3: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.crl (hash: KZ/DOTlWTJEkT47xKx15gpNl45cEAYKcNuBEsaBiqrA=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.crl rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.mft rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 21 Oct 2025 05:43:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:e3:e5:43:03:76:b2:b7:71:53:fd:72:fd:e5:99:36:33:2b:ba:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C Validity Not Before: Oct 20 06:38:58 2025 GMT Not After : Oct 21 09:04:58 2025 GMT Subject: CN=1FEC1BFBF767724C39C38128081639328D80AA0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:63:7a:14:f9:16:c9:01:f7:d5:c5:e5:44:1b: 7b:80:cd:83:9c:f2:28:06:d6:63:70:8e:7a:cc:a6: 7c:fe:37:a3:58:df:cf:3c:48:03:f7:cb:41:bd:88: 76:93:29:81:21:a7:ae:58:d0:7e:57:6d:b1:b0:c4: 68:80:23:b4:7d:0f:42:cc:46:00:2e:30:a5:c9:27: f0:b4:47:1b:5e:72:29:34:f5:b0:12:6f:b0:b4:b5: 5b:9d:20:f9:03:ea:8c:4c:08:31:07:7c:36:d9:ec: 57:d4:01:c7:49:20:22:6c:dd:57:b9:9a:5d:7b:fd: 02:41:e0:e2:a5:95:a5:41:6c:ba:71:94:a1:7f:23: 16:b6:b5:bd:41:4c:79:15:6a:2e:dc:ac:c6:9d:ff: 28:a8:b8:0c:43:d4:fe:86:7c:91:ee:27:39:a3:38: dc:98:63:0d:5e:32:89:87:59:df:52:79:a0:7e:bc: b9:c9:d1:6f:9b:d8:49:b5:7b:18:ea:1d:14:6d:8b: fa:92:0b:f3:e8:5d:10:a8:4e:eb:57:32:20:2d:25: d4:cf:b0:03:97:8f:74:9e:14:b4:2e:78:28:89:53: e4:34:2e:95:f2:60:45:ba:dc:bc:c9:eb:c5:c0:9e: 6e:7e:42:ab:71:8a:e0:79:1d:c5:ff:33:2b:66:a9: 94:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:EC:1B:FB:F7:67:72:4C:39:C3:81:28:08:16:39:32:8D:80:AA:0F X509v3 Authority Key Identifier: keyid:8B:AD:30:7C:D4:DF:11:01:4E:40:ED:DF:FF:D6:0F:9A:09:E6:E9:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:c5:09:d0:70:c6:e5:e5:65:01:3c:23:80:30:6d:d1:15:22: 3c:77:33:e2:3e:c5:56:8e:c9:15:fc:9f:a7:94:83:35:4c:d1: 4b:14:b4:71:dc:98:1b:3d:2d:ef:7f:c1:a9:df:7d:9a:e6:d9: 68:87:4c:88:68:e8:e6:c0:19:29:01:8d:7e:a6:e2:23:b9:33: ee:a2:af:6f:88:f3:2a:60:d8:75:2b:04:68:eb:cf:57:30:0c: 00:45:81:0b:24:4d:61:2d:95:12:fb:dc:89:b8:70:12:53:5a: b0:c1:08:cc:f8:87:58:2d:fa:db:5d:bf:0e:1c:9e:9f:8f:1a: a0:14:30:ed:a3:e4:9c:56:ea:cb:bb:2b:cc:6d:fb:01:3c:71: 4d:3f:50:51:76:66:61:d0:97:c1:e9:5d:bd:2d:5d:a7:c2:03: 1f:d3:eb:8d:c7:1c:3f:1a:83:7f:10:63:8e:26:db:1f:e0:4d: 41:de:d8:aa:d0:e7:38:77:05:ab:fb:6e:67:bc:5b:4b:17:3d: 8e:35:c7:07:35:06:cd:01:9c:56:f7:54:3e:c4:cb:a2:b9:47: 7e:56:03:4e:88:0f:04:f7:76:0e:44:b0:c6:e6:c4:41:a0:34: 57:ab:40:02:4c:b4:72:88:20:45:3a:91:4a:03:9a:2f:72:c3: 93:01:fd:6e -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIUeuPlQwN2srdxU/1y/eWZNjMrug8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJBRDMwN0NENERGMTEwMTRFNDBFRERGRkZENjBGOUEw OUU2RTk1QzAeFw0yNTEwMjAwNjM4NThaFw0yNTEwMjEwOTA0NThaMDMxMTAvBgNV BAMTKDFGRUMxQkZCRjc2NzcyNEMzOUMzODEyODA4MTYzOTMyOEQ4MEFBMEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOY3oU+RbJAffVxeVEG3uAzYOc 8igG1mNwjnrMpnz+N6NY3888SAP3y0G9iHaTKYEhp65Y0H5XbbGwxGiAI7R9D0LM RgAuMKXJJ/C0Rxtecik09bASb7C0tVudIPkD6oxMCDEHfDbZ7FfUAcdJICJs3Ve5 ml17/QJB4OKllaVBbLpxlKF/Ixa2tb1BTHkVai7crMad/yiouAxD1P6GfJHuJzmj ONyYYw1eMomHWd9SeaB+vLnJ0W+b2Em1exjqHRRti/qSC/PoXRCoTutXMiAtJdTP sAOXj3SeFLQueCiJU+Q0LpXyYEW63LzJ68XAnm5+QqtxiuB5HcX/MytmqZQdAgMB AAGjggKCMIICfjAdBgNVHQ4EFgQUH+wb+/dnckw5w4EoCBY5Mo2Aqg8wHwYDVR0j BBgwFoAUi60wfNTfEQFOQO3f/9YPmgnm6VwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNjVlYWU3NDUtOGFjOS00ZTcxLWJjOTQtZmNiMjYxNzAz Zjk2LzEvOEJBRDMwN0NENERGMTEwMTRFNDBFRERGRkZENjBGOUEwOUU2RTk1Qy5j cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00MDBhLTRm ZDEtYWI4YS1lNzYxNmUyNDViNDkvMC84QkFEMzA3Q0Q0REYxMTAxNEU0MEVEREZG RkQ2MEY5QTA5RTZFOTVDLmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF BzALhn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5 LzY1ZWFlNzQ1LThhYzktNGU3MS1iYzk0LWZjYjI2MTcwM2Y5Ni8xLzhCQUQzMDdD RDRERjExMDE0RTQwRURERkZGRDYwRjlBMDlFNkU5NUMubWZ0MBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIF ADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCrxQnQ cMbl5WUBPCOAMG3RFSI8dzPiPsVWjskV/J+nlIM1TNFLFLRx3JgbPS3vf8Gp332a 5tloh0yIaOjmwBkpAY1+puIjuTPuoq9viPMqYNh1KwRo689XMAwARYELJE1hLZUS +9yJuHASU1qwwQjM+IdYLfrbXb8OHJ6fjxqgFDDto+ScVurLuyvMbfsBPHFNP1BR dmZh0JfB6V29LV2nwgMf0+uNxxw/GoN/EGOOJtsf4E1B3tiq0Oc4dwWr+25nvFtL Fz2ONccHNQbNAZxW91Q+xMuiuUd+VgNOiA8E93YORLDG5sRBoDRXq0ACTLRyiCBF OpFKA5ovcsOTAf1u -----END CERTIFICATE-----Generated at Mon Oct 20 20:53:42 2025 by rpki-client