$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft File: 42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft (raw, json) Hash identifier: 6xMQD6hoIunGeikiwPuHOEP1Vr5ZTsr+IxgDHvYgSzw= Subject key identifier: 92:3C:7B:83:CA:37:7F:57:7B:DF:BC:EA:43:09:4C:A6:5E:8C:35:75 Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57 Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057 Certificate serial: 38FFB781BBF226D4976D3024A68C46E879ABD2FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft Manifest number: 02E3 Signing time: Wed 25 Mar 2026 18:40:03 +0000 Manifest this update: Wed 25 Mar 2026 18:35:03 +0000 Manifest next update: Thu 26 Mar 2026 21:27:03 +0000 Files and hashes: 1: 3139352e39352e3134392e302f32342d3234203d3e203236393534.roa (hash: 4RKcXrOywUF2n3zLGUholuQfQjsDw3jfgXGtm0jfONU=) 2: 326130623a346530343a3a2f34382d3438203d3e203236393534.roa (hash: kjCVplBQIQWTrk/MT/vsXbIMmP0BY/AuB2NZAKC1i00=) 3: 42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl (hash: 5QQAAuTgOPPbEmG51hU5hXbg7s8Ul/fZv9tqfFHSuK0=) 4: 5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer (hash: KLMAAGLbr0Xn0CNtT7Cq0S7+Z/B5KUATg37kk2hyDU4=) 5: 326130623a346530343a34323a3a2f34382d3438203d3e203236393534.roa (hash: J0sU27KhsWLAQskvnilOEJPNfUn6f6vWuMhZwx5IsPQ=) 6: 3139352e39352e3134392e302f32342d3234203d3e203331383938.roa (hash: nIlM4wp0iNBT5SN8C9VsrwDGSOsVnjaNLplEtHDOmPI=) 7: 326130623a346530343a646561643a3a2f34382d3438203d3e203331383938.roa (hash: V5g1oVVpactG3mKu8PF61hy91x6gtyEU1mTZQLj69yk=) 8: 326130623a346530343a626565663a3a2f34382d3438203d3e203236393534.roa (hash: dXSnrOSsmksjfaruQTR4onccvLxLXawLPmHLDP+0pZ0=) 9: 36322e3138322e3139322e302f32312d3234203d3e203432353332.roa (hash: 3uX+IJtCK1auUN/owB303ntI6bBy0+b5ouSYztCnTmQ=) 10: 326130623a346530343a646561643a3a2f34382d3438203d3e203236393534.roa (hash: baWQi1OtzFs3EXfopwYbyPRpvtk3lpDNhJaB1/yO3UE=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 15:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:ff:b7:81:bb:f2:26:d4:97:6d:30:24:a6:8c:46:e8:79:ab:d2:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057 Validity Not Before: Mar 25 18:35:03 2026 GMT Not After : Mar 26 21:27:03 2026 GMT Subject: CN=923C7B83CA377F577BDFBCEA43094CA65E8C3575 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d1:07:20:15:5c:1a:41:9e:d3:5b:5f:3c:e4: 15:40:c9:8d:f5:76:21:26:b9:e8:7b:b3:4d:7d:69: 4f:92:43:f0:04:02:63:71:24:cc:79:18:ff:6f:a6: 2f:df:28:6f:c8:4e:86:77:9f:9b:16:92:9c:c2:0f: 45:c2:a6:0a:7e:37:31:8d:c7:de:fb:74:87:39:fc: 79:3a:3e:34:69:e5:69:c9:cc:53:ec:1f:59:a3:c4: 19:6a:f3:ac:53:17:07:21:de:c6:03:2f:ae:7b:09: e3:db:1e:d4:3a:cc:4c:f8:73:e8:1b:be:02:86:00: f8:30:b7:3d:4f:03:07:47:ad:c1:18:ae:b5:ab:58: bf:d6:9f:db:f3:eb:6c:b1:ba:91:e2:6b:ce:7d:d7: 14:9d:f6:07:87:28:fa:bc:1c:1f:19:d9:48:7f:92: b3:2e:c4:f1:06:34:67:85:a1:8a:f2:9e:2d:9a:6d: c1:c8:71:73:49:ee:2e:e4:aa:83:81:10:73:d8:76: 5b:e4:00:d6:0b:f5:23:10:ba:b4:fa:c3:9c:df:90: 6b:ba:ae:4f:d9:d8:a3:71:8e:e5:e8:d6:53:01:29: 99:d6:2f:81:64:84:7e:28:5a:9c:48:fc:19:d8:c4: 43:d5:af:b8:72:79:4b:48:6f:14:5f:8c:4a:a3:dd: ad:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:3C:7B:83:CA:37:7F:57:7B:DF:BC:EA:43:09:4C:A6:5E:8C:35:75 X509v3 Authority Key Identifier: keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:2d:38:af:14:8e:19:ed:78:f5:cb:a1:79:80:0c:01:50:ec: 80:93:25:88:73:65:e5:1b:93:1a:b1:ce:3c:50:ac:7a:01:d1: 67:cd:67:45:13:65:9e:4b:73:39:e1:3a:d0:0b:77:f3:9b:5c: 56:e2:da:6a:47:d0:09:57:d1:05:a5:ad:2f:9b:3a:f0:2b:20: 6f:25:1f:4a:01:92:36:a5:f4:39:22:9a:59:1c:71:50:dc:10: 36:5a:39:9e:0d:a4:1f:b8:d9:9e:5b:31:09:dd:4d:de:25:7e: 58:c0:1f:33:f6:45:db:56:85:c7:53:c1:71:f8:c4:ce:f4:dd: 00:27:db:f9:1e:ff:73:e0:2b:22:48:e3:6f:7a:19:15:30:ff: bc:66:30:94:19:10:5f:7e:f2:bb:4c:fa:5f:55:d5:d7:a9:75: 9d:c7:6a:9c:57:5e:78:e7:6f:25:87:d0:78:0d:aa:19:ab:00: 82:ca:a2:99:16:04:ad:d2:ba:ab:4b:1a:77:1d:cb:f0:67:4d: 41:7a:5a:b9:8b:9d:55:27:80:3c:8e:d4:25:e6:19:8a:b3:ab: 52:69:56:71:10:7e:fb:82:34:73:ec:18:16:50:2d:bb:83:ca: 1f:9d:e2:58:f1:a4:a6:08:21:da:6f:e5:0f:c2:ad:cd:c9:b2: 29:e7:7f:fd -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUOP+3gbvyJtSXbTAkpoxG6Hmr0v8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi ZjNhODA1NzAeFw0yNjAzMjUxODM1MDNaFw0yNjAzMjYyMTI3MDNaMDMxMTAvBgNV BAMTKDkyM0M3QjgzQ0EzNzdGNTc3QkRGQkNFQTQzMDk0Q0E2NUU4QzM1NzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz0QcgFVwaQZ7TW1885BVAyY31 diEmueh7s019aU+SQ/AEAmNxJMx5GP9vpi/fKG/IToZ3n5sWkpzCD0XCpgp+NzGN x977dIc5/Hk6PjRp5WnJzFPsH1mjxBlq86xTFwch3sYDL657CePbHtQ6zEz4c+gb vgKGAPgwtz1PAwdHrcEYrrWrWL/Wn9vz62yxupHia8591xSd9geHKPq8HB8Z2Uh/ krMuxPEGNGeFoYryni2abcHIcXNJ7i7kqoOBEHPYdlvkANYL9SMQurT6w5zfkGu6 rk/Z2KNxjuXo1lMBKZnWL4FkhH4oWpxI/BnYxEPVr7hyeUtIbxRfjEqj3a0rAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUkjx7g8o3f1d737zqQwlMpl6MNXUwHwYDVR0j BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4 NmdGYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04 YmE1LTQ3OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC80MkU1MDhGQkE4OTYwRjQ4MDcx QjExOUFDQ0JGNTdCREJGM0E4MDU3Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoy04rxSOGe149cuheYAM AVDsgJMliHNl5RuTGrHOPFCsegHRZ81nRRNlnktzOeE60At385tcVuLaakfQCVfR BaWtL5s68CsgbyUfSgGSNqX0OSKaWRxxUNwQNlo5ng2kH7jZnlsxCd1N3iV+WMAf M/ZF21aFx1PBcfjEzvTdACfb+R7/c+ArIkjjb3oZFTD/vGYwlBkQX37yu0z6X1XV 16l1ncdqnFdeeOdvJYfQeA2qGasAgsqimRYErdK6q0sadx3L8GdNQXpauYudVSeA PI7UJeYZirOrUmlWcRB++4I0c+wYFlAtu4PKH53iWPGkpggh2m/lD8KtzcmyKed/ /Q== -----END CERTIFICATE-----Generated at Wed Mar 25 23:20:50 2026 by rpki-client