$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft File: F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft (raw, json) Hash identifier: 46lPby1cQmj9uy/ANxIjfn88IKcuBizfGkntNWrxl8g= Subject key identifier: 0E:CD:A1:8F:F5:54:8F:65:B7:1E:BE:B5:16:73:84:69:80:A6:A6:F7 Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad Certificate serial: 29250157434B0E7498B079B34BA5222D20D14E3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft Manifest number: 0588 Signing time: Sun 19 Oct 2025 00:21:33 +0000 Manifest this update: Sun 19 Oct 2025 00:16:33 +0000 Manifest next update: Mon 20 Oct 2025 00:37:33 +0000 Files and hashes: 1: 326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa (hash: 2qiBxfK+UGsXjYXrt6Cm3jSdVu6qoZhGBCRhmjYUhjg=) 2: 34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa (hash: 5zFYerIngzLwSwbeiiGPHVQadLBE1/J7oEEXeFR/OFM=) 3: F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl (hash: h6tgKmaTami0v6jqbYQ5hZI7LREDvzS9qfyX8QCu4tE=) 4: 34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa (hash: ht90MUomGkgWhJETWF0rvugOS8SI8qvW9OndsUlGu80=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 00:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:25:01:57:43:4b:0e:74:98:b0:79:b3:4b:a5:22:2d:20:d1:4e:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad Validity Not Before: Oct 19 00:16:33 2025 GMT Not After : Oct 20 00:37:33 2025 GMT Subject: CN=0ECDA18FF5548F65B71EBEB51673846980A6A6F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:ff:2e:d2:87:9d:b5:32:05:b4:b2:98:8d:3e: 1b:2d:ae:d1:b1:55:43:93:a9:75:93:38:16:a3:ab: e2:68:eb:4b:5f:af:75:93:05:6c:b0:3d:b8:a1:16: 7a:d3:4a:2d:f5:ab:b0:46:6e:e0:42:ca:5e:13:d4: ad:58:0f:8c:bb:9d:0a:ae:ac:86:66:eb:5d:73:2c: d0:49:20:fe:42:11:73:09:0b:2f:67:de:31:3b:75: 07:68:64:82:9e:ac:fe:5a:28:0f:14:5a:03:64:d6: 82:86:98:6b:7d:0c:c6:78:f5:e9:e5:08:86:ff:8d: 19:f0:9d:c3:c9:97:70:44:72:01:02:3a:b3:41:c6: 39:bb:74:63:af:07:54:b3:95:30:43:18:62:5c:d3: 73:9c:c1:72:da:2b:0a:87:bf:18:0d:5b:06:64:d5: b2:57:60:ca:66:36:b4:c1:21:0f:f1:7f:37:fd:51: 2b:34:2a:41:0d:81:b8:d5:d3:f6:ab:4c:8d:58:4c: 81:3e:8b:92:bd:ab:a0:c0:63:a6:4a:bb:54:77:a2: 5a:68:74:01:65:5b:73:e5:66:19:80:3d:f5:a8:06: 0c:3f:58:1d:8b:2a:8f:64:52:ce:a4:f2:1f:38:85: 95:54:2d:f7:d1:ea:94:47:8a:ba:7d:46:ae:e8:a8: d9:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:CD:A1:8F:F5:54:8F:65:B7:1E:BE:B5:16:73:84:69:80:A6:A6:F7 X509v3 Authority Key Identifier: keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:e0:20:19:9a:37:b3:3b:10:a4:ed:3b:84:5d:bf:b5:ee:27: da:4d:09:4e:80:b9:c9:a5:8b:c8:03:88:00:b7:3e:5a:1f:d5: 4c:81:0e:71:9c:8b:71:d2:6d:c9:0a:b1:a1:ba:60:50:f8:75: 93:33:03:59:8c:a7:5c:47:da:b4:36:62:9d:bb:f0:cb:79:fa: a1:b4:58:86:a2:4b:97:94:0a:58:92:93:5d:f0:91:6e:ad:bc: f0:fe:27:aa:9e:b7:df:73:a5:43:3b:fb:a8:3d:15:22:84:45: 31:60:f2:11:91:4f:d8:84:52:99:33:5e:98:74:0c:9f:b1:61: 74:43:96:c2:54:4a:f9:e1:97:d1:0e:a2:ac:ff:07:8d:8a:c1: 43:ab:24:72:1d:51:50:7e:dd:5a:51:1e:b0:3b:68:34:58:49: de:1d:fe:c1:aa:4e:6e:3d:71:4e:f7:20:8b:63:51:ba:bc:2a: c9:a9:a2:e0:85:5e:dc:8f:a2:ee:71:84:59:21:a8:66:ee:82: d8:bb:3c:a1:58:e3:5a:8d:69:35:82:6a:c7:c0:2d:38:10:45: f0:6b:9f:8b:f2:31:19:70:96:75:42:45:99:df:04:c9:d7:12: 95:a5:14:1f:a3:1c:b7:34:77:f6:c3:a9:56:04:79:d0:6e:db: 0d:48:62:1c -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUKSUBV0NLDnSYsHmzS6UiLSDRTjswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx NjJlMWFhZDAeFw0yNTEwMTkwMDE2MzNaFw0yNTEwMjAwMDM3MzNaMDMxMTAvBgNV BAMTKDBFQ0RBMThGRjU1NDhGNjVCNzFFQkVCNTE2NzM4NDY5ODBBNkE2RjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl/y7Sh521MgW0spiNPhstrtGx VUOTqXWTOBajq+Jo60tfr3WTBWywPbihFnrTSi31q7BGbuBCyl4T1K1YD4y7nQqu rIZm611zLNBJIP5CEXMJCy9n3jE7dQdoZIKerP5aKA8UWgNk1oKGmGt9DMZ49enl CIb/jRnwncPJl3BEcgECOrNBxjm7dGOvB1SzlTBDGGJc03OcwXLaKwqHvxgNWwZk 1bJXYMpmNrTBIQ/xfzf9USs0KkENgbjV0/arTI1YTIE+i5K9q6DAY6ZKu1R3olpo dAFlW3PlZhmAPfWoBgw/WB2LKo9kUs6k8h84hZVULffR6pRHirp9Rq7oqNlhAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUDs2hj/VUj2W3Hr61FnOEaYCmpvcwHwYDVR0j BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0 OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ dUdxMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9iZjUyZDgxNC0z ZDJmLTRkZjQtODE0MC1kZmI1MzBmNzQ5MTIvMC9GMjlGQkFCNERCODY3RjZCRDlB N0VGRjZBQTU1RDk4QzE2MkUxQUFELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZeAgGZo3szsQpO07hF2/ te4n2k0JToC5yaWLyAOIALc+Wh/VTIEOcZyLcdJtyQqxobpgUPh1kzMDWYynXEfa tDZinbvwy3n6obRYhqJLl5QKWJKTXfCRbq288P4nqp6333OlQzv7qD0VIoRFMWDy EZFP2IRSmTNemHQMn7FhdEOWwlRK+eGX0Q6irP8HjYrBQ6skch1RUH7dWlEesDto NFhJ3h3+wapObj1xTvcgi2NRurwqyami4IVe3I+i7nGEWSGoZu6C2Ls8oVjjWo1p NYJqx8AtOBBF8Gufi/IxGXCWdUJFmd8EydcSlaUUH6MctzR39sOpVgR50G7bDUhi HA== -----END CERTIFICATE-----Generated at Sun Oct 19 17:30:37 2025 by rpki-client