$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft File: 5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft (raw, json) Hash identifier: 23BKYuC3Fb/zfaL429aIAu0mb2zKeCdC7+qeVFWj62I= Subject key identifier: 3A:80:23:25:D1:4A:A5:E9:70:96:D9:AC:92:42:97:15:81:B1:1B:88 Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe Certificate serial: 6DFC865BFB1560364DDF198A828626DA60F5081B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft Manifest number: 05EC Signing time: Sat 28 Mar 2026 04:10:38 +0000 Manifest this update: Sat 28 Mar 2026 04:05:38 +0000 Manifest next update: Sun 29 Mar 2026 06:24:38 +0000 Files and hashes: 1: 34352e38312e35362e302f32342d3234203d3e20383334.roa (hash: RvBwqpsMFaC4kQ3VLDNfZDDqspDe1yGNu+5Eo3ESLBg=) 2: 34352e38312e35392e302f32342d3234203d3e20323132333834.roa (hash: Z55LDvJNhjuOlIMhPU51UoeT0VK3qlu4pE/EHJdIaDE=) 3: 34352e38312e35382e302f32342d3234203d3e203133333335.roa (hash: q1odFkTeiB/pBEbWg5JpQkAxpmrH9S0QmR2/CtllItc=) 4: 5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl (hash: CEiJqfZy8uYOmckdEXlcDGAcn6hKRdqNWM2REGm3dpo=) 5: 326130393a643634303a3a2f32392d3239203d3e20313938333435.roa (hash: 2ZJoizA2XrGcopsLwhs8oaMaqFtkP0G9iClmvxEJgnM=) 6: 34352e38312e35392e302f32342d3234203d3e20323131343339.roa (hash: PzQrEpsLL9icV7+wAMJ22TsUek+9+7dTOPFgPD6vtOM=) 7: 34352e38312e35382e302f32342d3234203d3e20323039323432.roa (hash: UKvcqUxUrgd2F0qduNt/9nJuPUaDtCItgdXC0fI9BhQ=) 8: 34352e38312e35372e302f32342d3234203d3e203631333137.roa (hash: wLY+uAAZaapza9rnm+rvcKy/RGqb5OINBZoQF5pW50I=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 29 Mar 2026 04:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:fc:86:5b:fb:15:60:36:4d:df:19:8a:82:86:26:da:60:f5:08:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe Validity Not Before: Mar 28 04:05:38 2026 GMT Not After : Mar 29 06:24:38 2026 GMT Subject: CN=3A802325D14AA5E97096D9AC9242971581B11B88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:61:73:06:5a:1e:12:d9:1b:0c:fe:f6:cf:80: 92:de:51:0b:6d:7d:d8:8f:5f:46:57:70:99:95:c5: 13:7e:d9:77:7c:3c:14:61:95:c8:61:ae:56:d0:0a: bc:fa:4a:12:39:85:df:f5:eb:3b:4c:a0:f9:11:ce: 35:f4:d3:5c:bd:ec:35:dc:9c:69:fe:ca:26:40:25: b9:86:c4:58:a4:01:a5:67:4b:a5:99:5b:d3:4e:c8: f4:8e:ea:fd:49:0e:fd:54:ea:a7:fa:58:9f:6a:58: ab:06:f9:f2:c5:dd:33:c1:10:3f:95:58:64:ee:76: 67:4e:f3:6f:01:80:9e:07:97:f2:51:c6:4b:72:94: dc:fa:fc:9e:f2:ce:7b:8f:5b:c8:52:6e:9d:8a:7e: 27:1e:23:02:2f:b8:48:97:7f:e9:40:39:f0:2d:5b: cb:b6:3f:4d:af:c5:77:dd:d9:9c:1d:d3:a3:f5:3f: 98:45:c5:ea:9e:ee:6b:e6:d2:a6:a3:71:dd:35:18: cb:81:24:1f:85:62:a6:5a:32:ab:57:a2:35:fc:b8: b6:29:a3:b0:3e:a0:03:3e:2d:83:c7:16:47:f5:08: d3:d4:02:0c:b4:f1:91:8c:32:08:dd:3e:80:2a:b5: aa:c3:cd:ab:63:da:d5:fe:a2:b0:76:9c:de:6f:0d: 71:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:80:23:25:D1:4A:A5:E9:70:96:D9:AC:92:42:97:15:81:B1:1B:88 X509v3 Authority Key Identifier: keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:f2:01:4d:a6:bf:95:f3:f4:2c:df:e8:05:05:7c:e6:f2:33: b9:48:97:45:3e:64:59:9e:86:4a:82:38:b5:b8:58:c5:83:e5: 01:4a:47:76:84:48:2c:46:7e:5d:a7:57:07:36:ea:c2:53:69: 4a:8a:62:12:a6:63:d2:1d:b1:e4:09:30:2d:f9:40:fa:46:50: 3b:40:6f:a8:58:f2:3e:c2:db:ef:ae:15:39:43:b4:8d:4b:e2: fb:e3:5d:11:ad:6e:c9:1b:dc:93:18:ae:2c:fc:e0:c6:34:8f: 9e:18:30:09:93:f7:dd:2d:3a:12:c8:fd:f3:67:0f:27:9c:c9: 0e:cd:af:60:56:9b:b8:69:88:6d:da:53:dd:9f:8e:68:0c:88: dc:c0:79:0b:22:e7:0b:6f:90:aa:98:63:d0:3c:6d:d6:47:2e: 91:bf:f5:b1:63:69:cb:3d:ae:ee:07:8f:4a:90:8b:b4:a3:d5: b6:a7:66:ff:0e:11:ee:f3:c1:19:9d:07:ae:fa:a0:2d:d5:9d: c0:f5:5a:f4:78:c0:3f:59:2b:38:8a:6a:75:b7:51:98:16:07: 51:e2:7e:86:b0:a7:3c:b3:2a:b8:a4:b3:5d:96:79:8f:bd:84: 67:e5:b8:67:97:6e:a9:fb:40:ad:19:07:a8:42:f7:4f:4e:c4: ce:7f:26:11 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUbfyGW/sVYDZN3xmKgoYm2mD1CBswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy ZTkwZGRmZTAeFw0yNjAzMjgwNDA1MzhaFw0yNjAzMjkwNjI0MzhaMDMxMTAvBgNV BAMTKDNBODAyMzI1RDE0QUE1RTk3MDk2RDlBQzkyNDI5NzE1ODFCMTFCODgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5YXMGWh4S2RsM/vbPgJLeUQtt fdiPX0ZXcJmVxRN+2Xd8PBRhlchhrlbQCrz6ShI5hd/16ztMoPkRzjX001y97DXc nGn+yiZAJbmGxFikAaVnS6WZW9NOyPSO6v1JDv1U6qf6WJ9qWKsG+fLF3TPBED+V WGTudmdO828BgJ4Hl/JRxktylNz6/J7yznuPW8hSbp2KficeIwIvuEiXf+lAOfAt W8u2P02vxXfd2Zwd06P1P5hFxeqe7mvm0qajcd01GMuBJB+FYqZaMqtXojX8uLYp o7A+oAM+LYPHFkf1CNPUAgy08ZGMMgjdPoAqtarDzatj2tX+orB2nN5vDXGFAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUOoAjJdFKpelwltmskkKXFYGxG4gwHwYDVR0j BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2 UTNmNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9iZjI0NTY3Yi03 YTc0LTRjMWYtYWE4NS1kZDI0YWY3M2NjYmIvMC81REEzMjE1QUJGQTQ2MjFENTc3 MDlGODM4QTkyODAxRjJFOTBEREZFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/IBTaa/lfP0LN/oBQV8 5vIzuUiXRT5kWZ6GSoI4tbhYxYPlAUpHdoRILEZ+XadXBzbqwlNpSopiEqZj0h2x 5AkwLflA+kZQO0BvqFjyPsLb764VOUO0jUvi++NdEa1uyRvckxiuLPzgxjSPnhgw CZP33S06Esj982cPJ5zJDs2vYFabuGmIbdpT3Z+OaAyI3MB5CyLnC2+Qqphj0Dxt 1kcukb/1sWNpyz2u7gePSpCLtKPVtqdm/w4R7vPBGZ0HrvqgLdWdwPVa9HjAP1kr OIpqdbdRmBYHUeJ+hrCnPLMquKSzXZZ5j72EZ+W4Z5duqftArRkHqEL3T07Ezn8m EQ== -----END CERTIFICATE-----Generated at Sat Mar 28 11:48:57 2026 by rpki-client