$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft File: 42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft (raw, json) Hash identifier: MFoP/WHb46rZmS0Vi+vnxrBGSgZCGMa5O0EPmWSIUX8= Subject key identifier: E4:3D:73:72:3F:8D:D8:8F:7D:DB:65:1C:7C:91:2F:E6:AC:DB:13:CA Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57 Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057 Certificate serial: 640EC150A942825BA80ED6348A3186CDC95A3B85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft Manifest number: 020A Signing time: Sun 19 Oct 2025 09:23:32 +0000 Manifest this update: Sun 19 Oct 2025 09:18:32 +0000 Manifest next update: Mon 20 Oct 2025 12:07:32 +0000 Files and hashes: 1: 42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl (hash: UbsVYhn3D8Xa1DJyRUOdlbkSaS4CduML4Bx+6iVc5XM=) 2: 326130623a346530343a626565663a3a2f34382d3438203d3e203236393534.roa (hash: dXSnrOSsmksjfaruQTR4onccvLxLXawLPmHLDP+0pZ0=) 3: 3139352e39352e3134392e302f32342d3234203d3e203236393534.roa (hash: 4RKcXrOywUF2n3zLGUholuQfQjsDw3jfgXGtm0jfONU=) 4: 326130623a346530343a3a2f34382d3438203d3e203236393534.roa (hash: kjCVplBQIQWTrk/MT/vsXbIMmP0BY/AuB2NZAKC1i00=) 5: 36322e3138322e3139322e302f32312d3234203d3e203432353332.roa (hash: 3uX+IJtCK1auUN/owB303ntI6bBy0+b5ouSYztCnTmQ=) 6: 5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer (hash: xVnvGBOQAGx7ddcmxacteZKEbUgAqtkW3B5rWiVC4Gw=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 12:07:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:0e:c1:50:a9:42:82:5b:a8:0e:d6:34:8a:31:86:cd:c9:5a:3b:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057 Validity Not Before: Oct 19 09:18:32 2025 GMT Not After : Oct 20 12:07:32 2025 GMT Subject: CN=E43D73723F8DD88F7DDB651C7C912FE6ACDB13CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:0c:a9:bc:bd:b6:7b:9e:d6:0e:cd:c9:37:6b: 99:ba:48:92:40:19:8f:5b:9c:0f:02:57:e4:2b:6f: 9b:cd:c2:60:50:fa:92:70:9a:c3:e5:9d:5a:69:16: 57:8c:75:32:14:c0:0d:61:bd:8d:30:34:92:bf:97: a0:6d:f6:4a:09:ff:81:f2:7a:fd:41:14:70:74:fb: a2:da:40:f9:b6:89:93:e2:b3:b0:63:06:95:70:1b: f7:26:5e:c2:f6:58:00:df:f5:0e:eb:e0:2e:22:d1: f5:77:46:b5:c6:3f:17:5a:b7:4a:be:56:a4:7c:81: 23:f7:67:dc:68:24:95:8b:2e:fb:0b:dd:64:cc:a6: 8f:6d:40:f5:6c:3e:3c:ae:20:dd:88:ff:27:ac:46: 70:d3:ea:39:de:09:ab:54:af:cf:25:4a:da:58:41: b4:ae:c7:a1:a7:b5:c6:e6:fe:df:1f:ed:e2:4e:ec: b4:a3:48:46:c2:14:07:b2:83:00:b5:1f:e9:82:fc: 0c:d2:f6:f2:1f:09:8d:72:b6:aa:45:41:22:9a:9e: 10:ed:66:2c:1e:41:68:78:38:22:66:0f:1b:5c:7f: 03:2c:0c:37:bf:e1:2d:0c:1e:e3:3b:a0:e9:06:b6: 3b:20:dc:ec:34:a2:dc:46:86:e3:5e:71:37:ad:c8: b1:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:3D:73:72:3F:8D:D8:8F:7D:DB:65:1C:7C:91:2F:E6:AC:DB:13:CA X509v3 Authority Key Identifier: keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:1d:bf:3d:19:71:3b:16:f3:51:1e:f2:5f:24:0d:28:90:54: 06:ed:38:0b:ef:1f:a2:c5:3c:50:ae:e9:db:ac:a0:6f:30:f4: 73:3b:64:41:98:29:11:cc:3e:2a:69:d6:3c:73:91:ff:59:ad: 15:dd:f0:6d:da:29:6d:ee:9c:81:80:42:13:51:1d:67:a5:7a: eb:bd:99:dc:ac:3c:3e:83:68:f7:09:19:d3:75:28:7a:97:c0: f9:9a:b3:05:f2:55:8c:d6:1c:8e:85:ca:b0:97:82:bd:4b:ba: 91:1a:fe:cd:b0:1e:c8:90:5a:dd:d0:13:1d:0f:76:bd:99:45: 73:33:0e:05:6a:7d:f5:8d:cd:34:48:e9:2f:72:f2:9a:c9:92: b9:75:ab:46:4e:34:5b:9a:c6:29:ac:8e:d3:12:2c:99:58:37: f2:84:d4:d0:5c:cc:81:3a:96:2f:92:3c:16:11:a4:b4:89:a6: cf:fa:e3:e5:57:8e:e9:93:15:f9:99:a2:57:49:f8:b9:25:b4: 9e:bb:39:97:af:80:ed:1f:e9:42:69:c3:93:56:cb:f8:22:9c: e4:db:70:77:27:06:ec:4c:ab:49:20:86:93:d8:e3:46:6a:ab: c2:60:fa:3e:db:a3:1d:ca:f3:b6:2c:bc:4e:51:fe:03:09:96: a8:8e:ee:5d -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUZA7BUKlCgluoDtY0ijGGzclaO4UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi ZjNhODA1NzAeFw0yNTEwMTkwOTE4MzJaFw0yNTEwMjAxMjA3MzJaMDMxMTAvBgNV BAMTKEU0M0Q3MzcyM0Y4REQ4OEY3RERCNjUxQzdDOTEyRkU2QUNEQjEzQ0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuDKm8vbZ7ntYOzck3a5m6SJJA GY9bnA8CV+Qrb5vNwmBQ+pJwmsPlnVppFleMdTIUwA1hvY0wNJK/l6Bt9koJ/4Hy ev1BFHB0+6LaQPm2iZPis7BjBpVwG/cmXsL2WADf9Q7r4C4i0fV3RrXGPxdat0q+ VqR8gSP3Z9xoJJWLLvsL3WTMpo9tQPVsPjyuIN2I/yesRnDT6jneCatUr88lStpY QbSux6Gntcbm/t8f7eJO7LSjSEbCFAeygwC1H+mC/AzS9vIfCY1ytqpFQSKanhDt ZiweQWh4OCJmDxtcfwMsDDe/4S0MHuM7oOkGtjsg3Ow0otxGhuNecTetyLE5AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQU5D1zcj+N2I9922UcfJEv5qzbE8owHwYDVR0j BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4 NmdGYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04 YmE1LTQ3OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC80MkU1MDhGQkE4OTYwRjQ4MDcx QjExOUFDQ0JGNTdCREJGM0E4MDU3Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJh2/PRlxOxbzUR7yXyQN KJBUBu04C+8fosU8UK7p26ygbzD0cztkQZgpEcw+KmnWPHOR/1mtFd3wbdopbe6c gYBCE1EdZ6V6672Z3Kw8PoNo9wkZ03UoepfA+ZqzBfJVjNYcjoXKsJeCvUu6kRr+ zbAeyJBa3dATHQ92vZlFczMOBWp99Y3NNEjpL3LymsmSuXWrRk40W5rGKayO0xIs mVg38oTU0FzMgTqWL5I8FhGktImmz/rj5VeO6ZMV+ZmiV0n4uSW0nrs5l6+A7R/p QmnDk1bL+CKc5NtwdycG7EyrSSCGk9jjRmqrwmD6PtujHcrztiy8TlH+AwmWqI7u XQ== -----END CERTIFICATE-----Generated at Sun Oct 19 22:26:01 2025 by rpki-client