$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft File: 98A87CAD5B710890A9528F166F4202393824E6B8.mft (raw, json) Hash identifier: zFJ6bpAa29UKjxno+nWu4OH83+WnlqN6JLyYw51H0BQ= Subject key identifier: 3D:1E:C1:37:59:59:EA:82:00:2E:3B:33:D5:DD:86:62:E1:8D:82:C3 Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8 Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8 Certificate serial: 0C40BDAF882A09FADE7C39A0556A700D359A47E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft Manifest number: 0535 Signing time: Wed 25 Mar 2026 11:39:27 +0000 Manifest this update: Wed 25 Mar 2026 11:34:27 +0000 Manifest next update: Thu 26 Mar 2026 12:33:27 +0000 Files and hashes: 1: 39342e3132362e3233322e302f32342d3234203d3e203438303730.roa (hash: VIdYFIOIqW5zJ3T1LDGwWjmJ764XjM+ac+86S8Ja5hk=) 2: 326131313a353730373a3a2f33322d3332203d3e203438303730.roa (hash: 242POLRepYH713AUptOGvBkM/JpRNVCsIm5BodQGTyY=) 3: 39342e3132362e3233332e302f32342d3234203d3e203438303730.roa (hash: /8dVa93viKNoM1pCJooeH0rtbsVAVvDJFpjlC3WNZyI=) 4: 326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa (hash: IiLsd5rWyRAEtPC2BRNztBwgXOWFkCLAq6FHsMnhQxg=) 5: 39342e3132362e3233362e302f32342d3234203d3e203438303730.roa (hash: ma+wlMqMsb7J0TC2Gy822cEZS57hTDfS/GzCjZsgQ1k=) 6: 0E4EBC431E3513FC3F641DB880E2B2FE1D040A30.cer (hash: Pc4F216M/oD/fxZDUk8HLynWg8D1IQ0ANHs5N2ZC0VQ=) 7: 39342e3132362e3233382e302f32342d3234203d3e203438303730.roa (hash: EEtfGKQPQ42nFzzdsRfixi4zKQ5tTYPEdAQ1iAcmdE4=) 8: 39342e3132362e3233352e302f32342d3234203d3e203438303730.roa (hash: S5WIAkzllTXfMiWpREUuucFgM0BSw7Pb5gT995rR5+k=) 9: 39342e3132362e3233392e302f32342d3234203d3e203438303730.roa (hash: NDHvIIcUiAk7uX5boyMA8yHxKUGe6BZWK+cptlXNnOA=) 10: 39342e3132362e3233372e302f32342d3234203d3e203438303730.roa (hash: SY6OvQv9R/Ut8R5yFxdy0RVK/9dKsg8ZwmC3iNS9Rpw=) 11: 39342e3132362e3233342e302f32342d3234203d3e203438303730.roa (hash: wQ/YXS5V0WqyAz3I38Grxwtf2vC7Tnq0YU0pMolmNpk=) 12: 326131313a353730303a3a2f33322d3332203d3e203438303730.roa (hash: Fqs+xGh2wCPoRebx3WWGGz8gG+3wDYrzV+eGaABVra0=) 13: 98A87CAD5B710890A9528F166F4202393824E6B8.crl (hash: /sy074ALiiFiCz+5ZfmQKl4qXRZj3HXwmN7lXH7j0EA=) 14: AS48070.asa (hash: 5MT6ORI/F8ffsUlifpuRiZkf4qUWanqmxrgKmyiz55A=) 15: 326131313a353730373a61613a3a2f34382d3438203d3e203438303730.roa (hash: JswRhPyDtXHdt3LcnGr0rU+2WVgkSTrzy91w1+vHXG0=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 12:33:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:40:bd:af:88:2a:09:fa:de:7c:39:a0:55:6a:70:0d:35:9a:47:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8 Validity Not Before: Mar 25 11:34:27 2026 GMT Not After : Mar 26 12:33:27 2026 GMT Subject: CN=3D1EC1375959EA82002E3B33D5DD8662E18D82C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:da:99:1f:c3:82:a1:3e:9f:c2:97:1e:17:04: 05:0e:f8:e3:74:d9:d2:31:fc:34:6c:40:ec:58:ee: 5c:83:a5:0d:48:0d:f7:c0:5b:fd:f7:dc:9d:36:33: f3:0e:8a:c1:6b:a8:fe:fb:82:d1:68:9c:88:36:f0: df:f1:99:44:71:e7:1d:8f:c6:61:f2:2b:53:d3:a9: ea:56:36:72:ed:82:50:b9:53:16:f4:95:67:2e:8c: 10:7d:53:60:38:63:a4:24:83:15:41:8b:68:e4:52: b8:5b:bd:ee:a3:a0:56:d8:f1:2a:0a:68:c3:bf:a4: 30:5c:89:46:28:2b:35:cb:9e:f9:3e:fa:0b:7e:99: ab:3f:18:fe:38:e0:9a:f1:e3:83:99:28:56:d5:a0: 35:5f:aa:35:52:f8:3d:26:4b:f6:f3:1d:72:24:2e: b5:16:a9:5f:67:ad:4a:e7:d7:56:95:33:cd:a1:49: 24:41:18:d6:f0:ac:dc:bd:e0:41:1c:06:2a:aa:a0: 61:26:1a:2a:3d:9f:91:86:c7:43:34:8f:20:db:00: 58:30:f0:dd:7e:4c:2b:e0:58:b5:d6:3b:fc:ca:47: 4d:02:64:e1:c0:e8:f8:0a:7a:ec:61:c6:6f:52:b6: 8d:5e:de:0c:83:2a:b4:37:28:1f:7e:e6:0e:13:37: 04:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:1E:C1:37:59:59:EA:82:00:2E:3B:33:D5:DD:86:62:E1:8D:82:C3 X509v3 Authority Key Identifier: keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:bc:c0:75:08:f6:34:e1:10:a1:99:d4:00:76:32:31:69:75: f1:f6:52:ff:5f:bf:b7:82:ca:23:b4:66:1e:b9:f5:ca:45:6c: f7:ca:92:58:f8:d2:39:4d:45:c1:84:59:fd:54:38:f4:89:cd: bc:b0:94:45:67:c0:f6:12:b9:47:bf:ad:f6:ca:21:b7:a7:70: 4a:0e:0a:e6:da:87:83:ee:5b:f0:09:aa:5d:e0:a7:4d:39:db: 39:dc:9c:0e:01:2c:50:34:bc:c1:67:66:2d:98:f4:cf:18:43: 6a:41:c1:8c:28:77:95:50:40:47:4b:53:cf:ae:08:be:c3:65: ce:58:ce:b9:08:f0:49:38:9d:ef:13:02:54:9d:13:39:d1:08: eb:41:b2:6c:83:af:8a:db:9e:f1:68:c0:f3:10:cc:b2:fe:1b: ee:2d:8a:02:8f:93:4c:ce:7f:15:9a:0e:45:c9:3f:c6:dd:96: 69:d9:79:29:25:cf:51:cd:35:75:34:89:cd:9e:37:06:86:bc: bb:ed:e1:8b:0e:b3:ae:cd:11:3d:01:aa:87:6f:89:e2:02:96: 0b:08:ae:e6:e0:97:74:74:a5:93:4e:87:1b:eb:b6:16:aa:84: ff:8e:0c:1a:be:cc:fd:98:2f:99:63:8f:20:92:fd:2d:68:cf: 0b:02:a8:d0 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUDEC9r4gqCfrefDmgVWpwDTWaR+YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz ODI0ZTZiODAeFw0yNjAzMjUxMTM0MjdaFw0yNjAzMjYxMjMzMjdaMDMxMTAvBgNV BAMTKDNEMUVDMTM3NTk1OUVBODIwMDJFM0IzM0Q1REQ4NjYyRTE4RDgyQzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq2pkfw4KhPp/Clx4XBAUO+ON0 2dIx/DRsQOxY7lyDpQ1IDffAW/333J02M/MOisFrqP77gtFonIg28N/xmURx5x2P xmHyK1PTqepWNnLtglC5Uxb0lWcujBB9U2A4Y6QkgxVBi2jkUrhbve6joFbY8SoK aMO/pDBciUYoKzXLnvk++gt+mas/GP444Jrx44OZKFbVoDVfqjVS+D0mS/bzHXIk LrUWqV9nrUrn11aVM82hSSRBGNbwrNy94EEcBiqqoGEmGio9n5GGx0M0jyDbAFgw 8N1+TCvgWLXWO/zKR00CZOHA6PgKeuxhxm9Sto1e3gyDKrQ3KB9+5g4TNwQHAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUPR7BN1lZ6oIALjsz1d2GYuGNgsMwHwYDVR0j BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn azVyZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kY2UxOTZmZS00 YjFhLTQ2ZWEtOWM5NS00YWYxMjk2NGE0OWQvMC85OEE4N0NBRDVCNzEwODkwQTk1 MjhGMTY2RjQyMDIzOTM4MjRFNkI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb7zAdQj2NOEQoZnUAHYy MWl18fZS/1+/t4LKI7RmHrn1ykVs98qSWPjSOU1FwYRZ/VQ49InNvLCURWfA9hK5 R7+t9soht6dwSg4K5tqHg+5b8AmqXeCnTTnbOdycDgEsUDS8wWdmLZj0zxhDakHB jCh3lVBAR0tTz64IvsNlzljOuQjwSTid7xMCVJ0TOdEI60GybIOvitue8WjA8xDM sv4b7i2KAo+TTM5/FZoORck/xt2Wadl5KSXPUc01dTSJzZ43Boa8u+3hiw6zrs0R PQGqh2+J4gKWCwiu5uCXdHSlk06HG+u2FqqE/44MGr7M/ZgvmWOPIJL9LWjPCwKo 0A== -----END CERTIFICATE-----Generated at Thu Mar 26 06:55:48 2026 by rpki-client