$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft File: 98A87CAD5B710890A9528F166F4202393824E6B8.mft (raw, json) Hash identifier: 6eL631uNzFANFWx4wWm5d2whxRTMAQ7uEs+dywVUFVk= Subject key identifier: 42:EE:3F:B5:B3:68:AB:38:4A:6E:EB:28:80:F5:68:FC:19:E6:8A:40 Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8 Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8 Certificate serial: 5FAA2EB5F3F9B0F5D808CC7B9BBE1C6CF35F81F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft Manifest number: 0539 Signing time: Sat 28 Mar 2026 08:09:27 +0000 Manifest this update: Sat 28 Mar 2026 08:04:27 +0000 Manifest next update: Sun 29 Mar 2026 11:56:27 +0000 Files and hashes: 1: 39342e3132362e3233352e302f32342d3234203d3e203438303730.roa (hash: S5WIAkzllTXfMiWpREUuucFgM0BSw7Pb5gT995rR5+k=) 2: AS48070.asa (hash: 5MT6ORI/F8ffsUlifpuRiZkf4qUWanqmxrgKmyiz55A=) 3: 326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa (hash: IiLsd5rWyRAEtPC2BRNztBwgXOWFkCLAq6FHsMnhQxg=) 4: 39342e3132362e3233322e302f32342d3234203d3e203438303730.roa (hash: VIdYFIOIqW5zJ3T1LDGwWjmJ764XjM+ac+86S8Ja5hk=) 5: 39342e3132362e3233342e302f32342d3234203d3e203438303730.roa (hash: wQ/YXS5V0WqyAz3I38Grxwtf2vC7Tnq0YU0pMolmNpk=) 6: 326131313a353730373a3a2f33322d3332203d3e203438303730.roa (hash: 242POLRepYH713AUptOGvBkM/JpRNVCsIm5BodQGTyY=) 7: 39342e3132362e3233382e302f32342d3234203d3e203438303730.roa (hash: EEtfGKQPQ42nFzzdsRfixi4zKQ5tTYPEdAQ1iAcmdE4=) 8: 39342e3132362e3233332e302f32342d3234203d3e203438303730.roa (hash: /8dVa93viKNoM1pCJooeH0rtbsVAVvDJFpjlC3WNZyI=) 9: 39342e3132362e3233362e302f32342d3234203d3e203438303730.roa (hash: ma+wlMqMsb7J0TC2Gy822cEZS57hTDfS/GzCjZsgQ1k=) 10: 39342e3132362e3233372e302f32342d3234203d3e203438303730.roa (hash: SY6OvQv9R/Ut8R5yFxdy0RVK/9dKsg8ZwmC3iNS9Rpw=) 11: 326131313a353730373a61613a3a2f34382d3438203d3e203438303730.roa (hash: JswRhPyDtXHdt3LcnGr0rU+2WVgkSTrzy91w1+vHXG0=) 12: 326131313a353730303a3a2f33322d3332203d3e203438303730.roa (hash: Fqs+xGh2wCPoRebx3WWGGz8gG+3wDYrzV+eGaABVra0=) 13: 39342e3132362e3233392e302f32342d3234203d3e203438303730.roa (hash: NDHvIIcUiAk7uX5boyMA8yHxKUGe6BZWK+cptlXNnOA=) 14: 98A87CAD5B710890A9528F166F4202393824E6B8.crl (hash: m/u6wc++8cKVbGfZSdZ7fhuZDB6NiIC9Hx7p0v52EX4=) 15: 0E4EBC431E3513FC3F641DB880E2B2FE1D040A30.cer (hash: Pc4F216M/oD/fxZDUk8HLynWg8D1IQ0ANHs5N2ZC0VQ=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 29 Mar 2026 00:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:aa:2e:b5:f3:f9:b0:f5:d8:08:cc:7b:9b:be:1c:6c:f3:5f:81:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8 Validity Not Before: Mar 28 08:04:27 2026 GMT Not After : Mar 29 11:56:27 2026 GMT Subject: CN=42EE3FB5B368AB384A6EEB2880F568FC19E68A40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:cc:4a:83:b7:be:de:46:57:c3:20:4b:c7:e9: 0a:2f:e8:c7:e5:c0:5c:1c:b5:19:6d:2b:8f:e6:71: 3f:c7:42:51:f1:1d:af:d5:78:e4:50:f3:6f:b2:66: e4:0e:ce:b9:1e:27:7a:61:fb:36:da:0b:ca:86:80: 01:bd:b7:e6:1a:25:3a:75:dd:01:2b:e7:3d:b5:13: 51:6a:a9:fc:30:fa:c8:5a:0d:e7:02:5d:fe:5c:e8: 5f:d8:60:ea:0e:0e:c4:17:01:20:cf:6f:65:47:4f: 6e:49:a7:93:cd:c3:40:6b:ae:f3:2c:49:49:8b:cd: e2:6d:e0:ba:d5:10:31:ba:4b:4e:79:8f:64:86:89: 1e:b1:ec:39:5a:62:d2:e5:05:5d:b6:f4:95:a6:42: 49:da:3e:41:04:91:3c:f3:4c:6b:c0:f7:12:bd:0a: b3:fb:bf:28:80:49:bb:5f:e5:ed:b7:e4:8d:62:2c: 09:91:07:64:34:b4:cc:91:71:c6:fa:f1:79:bc:1d: cd:07:da:41:ee:7c:aa:81:e5:7f:bf:19:4c:e7:71: 8d:6b:2f:8d:74:a0:72:38:81:ac:47:8c:6a:1a:52: e4:ab:44:53:11:9e:de:46:b5:a0:f9:24:36:be:92: b7:20:dd:cc:a9:50:eb:c0:17:21:a6:34:81:d8:de: 66:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:EE:3F:B5:B3:68:AB:38:4A:6E:EB:28:80:F5:68:FC:19:E6:8A:40 X509v3 Authority Key Identifier: keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:6b:00:99:db:5b:77:8e:d4:aa:50:8a:1a:55:22:dc:c8:2c: 50:b7:1f:62:cf:b8:6d:0c:66:10:cf:10:36:bb:56:c9:a5:4d: 6c:cb:29:3b:66:74:5d:dd:c0:18:e2:47:0d:29:2d:00:08:ec: a3:ba:95:8d:cd:cf:0c:29:2c:67:5e:7e:a7:cf:39:8a:20:8e: ee:f4:88:84:75:03:db:c9:d8:5f:29:8f:57:61:5a:1e:85:0d: bf:3f:fc:75:c8:67:3f:b0:0f:a1:fd:60:40:5b:0a:f2:81:cf: 17:88:40:92:4d:9d:b9:b5:98:34:90:c7:79:94:7d:a0:41:72: ef:28:91:de:a7:5c:af:e1:d5:4f:ae:47:ef:4f:65:ee:da:6e: 91:ba:b3:d7:37:4e:ba:39:b7:7e:77:f1:1b:2b:db:7d:f7:19: 20:d2:53:55:76:67:b9:69:e8:eb:c8:52:bf:a3:a3:6e:d6:a7: 88:9a:ca:ab:37:b6:dd:81:83:c9:4b:78:7d:81:26:d9:70:a0: 60:e5:94:17:a2:e4:04:74:f2:ab:d6:9e:d9:7d:13:3c:77:8f: 15:67:12:22:69:e0:e2:e8:2e:80:ac:b8:dd:78:fd:e1:0a:72: fa:93:9e:99:8f:f7:51:53:85:17:60:84:da:b1:f0:2d:da:0e: 75:42:79:a4 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUX6outfP5sPXYCMx7m74cbPNfgfUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz ODI0ZTZiODAeFw0yNjAzMjgwODA0MjdaFw0yNjAzMjkxMTU2MjdaMDMxMTAvBgNV BAMTKDQyRUUzRkI1QjM2OEFCMzg0QTZFRUIyODgwRjU2OEZDMTlFNjhBNDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAzEqDt77eRlfDIEvH6Qov6Mfl wFwctRltK4/mcT/HQlHxHa/VeORQ82+yZuQOzrkeJ3ph+zbaC8qGgAG9t+YaJTp1 3QEr5z21E1Fqqfww+shaDecCXf5c6F/YYOoODsQXASDPb2VHT25Jp5PNw0BrrvMs SUmLzeJt4LrVEDG6S055j2SGiR6x7DlaYtLlBV229JWmQknaPkEEkTzzTGvA9xK9 CrP7vyiASbtf5e235I1iLAmRB2Q0tMyRccb68Xm8Hc0H2kHufKqB5X+/GUzncY1r L410oHI4gaxHjGoaUuSrRFMRnt5GtaD5JDa+krcg3cypUOvAFyGmNIHY3mZtAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUQu4/tbNoqzhKbusogPVo/BnmikAwHwYDVR0j BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn azVyZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kY2UxOTZmZS00 YjFhLTQ2ZWEtOWM5NS00YWYxMjk2NGE0OWQvMC85OEE4N0NBRDVCNzEwODkwQTk1 MjhGMTY2RjQyMDIzOTM4MjRFNkI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2sAmdtbd47UqlCKGlUi 3MgsULcfYs+4bQxmEM8QNrtWyaVNbMspO2Z0Xd3AGOJHDSktAAjso7qVjc3PDCks Z15+p885iiCO7vSIhHUD28nYXymPV2FaHoUNvz/8dchnP7APof1gQFsK8oHPF4hA kk2dubWYNJDHeZR9oEFy7yiR3qdcr+HVT65H709l7tpukbqz1zdOujm3fnfxGyvb ffcZINJTVXZnuWno68hSv6OjbtaniJrKqze23YGDyUt4fYEm2XCgYOWUF6LkBHTy q9ae2X0TPHePFWcSImng4ugugKy43Xj94Qpy+pOemY/3UVOFF2CE2rHwLdoOdUJ5 pA== -----END CERTIFICATE-----Generated at Sat Mar 28 10:46:52 2026 by rpki-client