$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft File: D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft (raw, json) Hash identifier: NI5iPh7LCif3tJb/hD40st4Z9deTzUXhToHbBY5iHyA= Subject key identifier: C7:7C:95:D1:CB:38:89:99:42:F7:BF:9A:2E:FB:24:AE:86:0B:78:8B Authority key identifier: D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD Certificate issuer: /CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead Certificate serial: 248A3676B5343CE1E058CA7A59DCA4F99E8D5B01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft Manifest number: 0578 Signing time: Wed 25 Mar 2026 12:46:56 +0000 Manifest this update: Wed 25 Mar 2026 12:41:56 +0000 Manifest next update: Thu 26 Mar 2026 13:36:56 +0000 Files and hashes: 1: 323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa (hash: WwIB1vpX/Ksy3lM5t4KklPIgz20phM5/z2U20FASusY=) 2: 323030313a3637383a313161303a3a2f34382d3438203d3e203531303139.roa (hash: WTZJrpZtSK56gi8FgUd2AbaB/s6bTUvq5ttS3fRGoxU=) 3: D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl (hash: n58XYk+fodTgJjxvUe+GHCe1larxjiYKwV2KJyutUC8=) 4: AS51019.asa (hash: Oaa1EvfqOHf6DhtSUIsxpjt+74z+nkVUgLI9NR9q+Vg=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 13:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:8a:36:76:b5:34:3c:e1:e0:58:ca:7a:59:dc:a4:f9:9e:8d:5b:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead Validity Not Before: Mar 25 12:41:56 2026 GMT Not After : Mar 26 13:36:56 2026 GMT Subject: CN=C77C95D1CB38899942F7BF9A2EFB24AE860B788B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0f:0c:5a:f6:94:ff:f1:46:83:3d:3e:34:6e: 45:d7:5f:e6:ed:05:cd:d1:77:a7:05:b1:c6:cd:2a: fc:4b:e2:c6:8d:06:6c:08:7c:42:ae:ea:8d:79:3d: bf:be:f9:52:d6:2a:27:e6:9b:e8:5d:d1:04:cd:fb: 27:a0:91:27:c6:46:6c:08:f9:43:98:29:3e:ba:9d: af:8a:74:58:ec:a0:09:b1:ff:84:b7:7c:f4:2d:40: 35:96:1e:93:72:2c:33:c2:05:57:89:7f:27:0b:06: 6a:e8:4f:6e:5d:78:04:93:1f:cf:0a:b1:d0:30:a3: 61:da:b2:c6:40:bb:0b:27:66:93:08:14:2a:91:4f: c5:53:e9:02:89:81:4e:4d:ea:b7:ba:6e:de:82:04: 97:0b:04:ce:35:0c:d7:bf:6c:60:26:8a:39:72:f9: 20:93:bb:6e:e8:b0:81:9b:30:17:3b:10:b1:53:96: e2:a1:3e:cf:62:ca:0b:b8:c1:1c:91:76:bc:de:fb: 5e:6a:79:47:d6:78:bc:d5:bd:36:a6:5d:9b:ed:6b: 48:fb:c5:b1:ab:7f:87:1d:28:33:fa:e5:d0:6f:78: 64:52:d8:ee:47:98:85:a3:46:82:74:f5:bc:43:3d: 78:70:25:e7:8c:bc:71:5d:04:f4:6a:65:29:0f:1e: 6c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:7C:95:D1:CB:38:89:99:42:F7:BF:9A:2E:FB:24:AE:86:0B:78:8B X509v3 Authority Key Identifier: keyid:D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:79:3e:3e:03:3d:6a:54:76:29:a1:0a:e9:5b:c9:49:79:82: 29:50:2d:5f:44:d7:01:1a:e4:83:60:c9:98:59:84:e3:3f:76: 0f:7a:5a:4b:d9:27:b1:38:3e:f4:35:7e:72:0d:7e:54:2f:58: ce:97:dc:bb:d6:26:d5:a0:70:0a:c1:cb:d7:7e:b0:e7:06:bc: 16:cf:bf:1c:0a:b2:56:cd:73:74:b0:c3:4c:fa:e8:06:48:15: 42:29:88:7d:a3:e3:86:55:01:ea:5c:5f:91:ca:89:1f:b6:60: 1f:f1:a1:88:4b:46:6a:98:00:24:3f:e5:06:79:d6:16:8d:ce: 8b:b0:e0:a7:4b:54:b2:e6:a6:bd:c5:b1:5c:88:10:4d:56:90: 2d:a3:f3:b5:5e:e7:3d:ed:56:77:8e:f6:d3:00:38:81:c8:31: c1:83:63:24:de:e3:24:83:42:f6:a5:30:dd:f5:05:3a:26:e1: 41:ad:c3:1b:f7:f4:85:42:76:1b:d2:b9:4c:8c:b4:9e:2c:0a: 79:a2:61:7a:3c:49:f3:91:63:10:3f:2e:ba:ae:68:46:4a:8a: dd:ba:47:4a:b2:4b:c7:98:b6:95:93:40:32:f3:29:d4:f5:7b: 76:bf:bf:ea:6b:09:ca:f2:12:32:59:59:b8:db:b5:c3:ce:ce: 41:2c:72:31 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUJIo2drU0POHgWMp6Wdyk+Z6NWwEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZDJmZjA3OTMyYzNmNGMxYjM0NjVmZjRmMGQ5NjQ4NDcz M2UwMmVhZDAeFw0yNjAzMjUxMjQxNTZaFw0yNjAzMjYxMzM2NTZaMDMxMTAvBgNV BAMTKEM3N0M5NUQxQ0IzODg5OTk0MkY3QkY5QTJFRkIyNEFFODYwQjc4OEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYDwxa9pT/8UaDPT40bkXXX+bt Bc3Rd6cFscbNKvxL4saNBmwIfEKu6o15Pb+++VLWKifmm+hd0QTN+yegkSfGRmwI +UOYKT66na+KdFjsoAmx/4S3fPQtQDWWHpNyLDPCBVeJfycLBmroT25deASTH88K sdAwo2HassZAuwsnZpMIFCqRT8VT6QKJgU5N6re6bt6CBJcLBM41DNe/bGAmijly +SCTu27osIGbMBc7ELFTluKhPs9iygu4wRyRdrze+15qeUfWeLzVvTamXZvta0j7 xbGrf4cdKDP65dBveGRS2O5HmIWjRoJ09bxDPXhwJeeMvHFdBPRqZSkPHmz5AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUx3yV0cs4iZlC97+aLvskroYLeIswHwYDVR0j BBgwFoAU0v8Hkyw/TBs0Zf9PDZZIRzPgLq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzIvRDJGRjA3OTMyQzNGNEMxQjM0NjVGRjRGMEQ5NjQ4NDczM0UwMkVBRC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzB2OEhreXdfVEJzMFpmOVBEWlpJUnpQ Z0xxMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00 MTliLTRkYjUtYmJkMy01Y2NhNjMzY2FlM2YvMi9EMkZGMDc5MzJDM0Y0QzFCMzQ2 NUZGNEYwRDk2NDg0NzMzRTAyRUFELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmnk+PgM9alR2KaEK6VvJ SXmCKVAtX0TXARrkg2DJmFmE4z92D3paS9knsTg+9DV+cg1+VC9Yzpfcu9Ym1aBw CsHL136w5wa8Fs+/HAqyVs1zdLDDTProBkgVQimIfaPjhlUB6lxfkcqJH7ZgH/Gh iEtGapgAJD/lBnnWFo3Oi7Dgp0tUsuamvcWxXIgQTVaQLaPztV7nPe1Wd4720wA4 gcgxwYNjJN7jJINC9qUw3fUFOibhQa3DG/f0hUJ2G9K5TIy0niwKeaJhejxJ85Fj ED8uuq5oRkqK3bpHSrJLx5i2lZNAMvMp1PV7dr+/6msJyvISMllZuNu1w87OQSxy MQ== -----END CERTIFICATE-----Generated at Wed Mar 25 23:07:56 2026 by rpki-client