$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft File: F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json) Hash identifier: YF/yaSWoM/6l3ArRbzrD2gSWZulxKNhu1f6kQ83O2l0= Subject key identifier: CA:9A:7E:C6:92:A0:6C:06:7A:E5:9B:A9:8B:E2:A4:B6:65:35:13:C3 Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace Certificate serial: 699F3F8F04580B00183A241D6FB1CC668463DB62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft Manifest number: 0272 Signing time: Sun 19 Oct 2025 13:02:56 +0000 Manifest this update: Sun 19 Oct 2025 12:57:56 +0000 Manifest next update: Mon 20 Oct 2025 13:35:56 +0000 Files and hashes: 1: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: f+mpjOqaslU79Y50Q90tEjaUD2kia4vN2bXcLsJCgJk=) 2: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=) 3: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 8/2mbGbaC4ennlzI7y1e8hUNr9fsr7Pr+/K69/OYKQg=) 4: 326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa (hash: j84/Fm1nc/JJrf9h3dAaKkat+XV/si7APTv6iSnl64I=) 5: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: Nz2k0o2IS41o55idTp4HvK3uNxIMYgMNKvrr57G+kIE=) 6: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=) 7: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=) 8: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=) 9: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=) 10: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: +JU+ydXmMjIBHlt1kVXfkJBGqdmH1ATfk8PRfe8t4Rc=) 11: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=) 12: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=) 13: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 13:35:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:9f:3f:8f:04:58:0b:00:18:3a:24:1d:6f:b1:cc:66:84:63:db:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace Validity Not Before: Oct 19 12:57:56 2025 GMT Not After : Oct 20 13:35:56 2025 GMT Subject: CN=CA9A7EC692A06C067AE59BA98BE2A4B6653513C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:07:ca:69:99:37:69:72:b8:c0:d2:b6:fc:20: f1:1e:42:b3:af:00:64:76:65:a5:0d:8b:8d:ad:bc: a3:94:e3:33:ff:4e:98:fc:6f:bf:82:80:a4:19:27: 88:78:3d:26:ab:e7:94:33:f4:5f:46:2b:e2:28:bb: e8:34:ba:56:c9:6c:e7:9b:8c:7e:26:04:42:2e:b2: c2:28:ff:4d:ab:9a:92:f3:b9:03:6b:03:72:71:01: b3:fa:62:a6:a9:e0:c9:1d:7e:df:f8:ea:24:7a:53: 70:a6:83:9c:de:a3:d8:d4:cc:b3:d8:ef:e5:de:a7: 39:a3:8e:e2:2b:87:f7:8c:f5:38:62:2e:7b:59:9f: 83:e3:85:c8:41:04:a8:13:5f:a9:95:fb:1b:cc:71: d0:87:13:06:71:00:7d:a0:a5:46:a6:4e:6c:28:74: 06:47:31:55:c1:79:d5:d7:59:0a:5a:46:0f:75:b1: f6:c7:9d:54:90:06:28:01:75:59:ae:2c:b8:69:cc: c8:88:8f:a2:f2:b9:5a:80:75:ed:57:a0:d5:1a:a7: 1d:c1:94:45:e8:81:78:be:93:4d:4e:2f:31:b8:6b: af:df:ea:70:e3:89:fc:08:fd:2b:33:ff:07:91:fe: b1:ff:02:ea:00:82:c3:5a:b7:74:24:82:f3:52:cc: 27:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:9A:7E:C6:92:A0:6C:06:7A:E5:9B:A9:8B:E2:A4:B6:65:35:13:C3 X509v3 Authority Key Identifier: keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:3b:98:6f:56:58:e3:33:14:4f:ce:b2:e7:92:3b:0c:e6:1f: cd:8c:11:dc:2e:ee:43:d9:19:0a:de:5d:b4:ff:6c:80:b6:97: 06:df:0a:38:cc:f5:1e:21:7e:17:fb:3a:f3:0b:78:5a:57:4d: a1:68:99:97:7b:7a:1b:98:3a:94:5f:cf:83:7c:e7:db:0f:1b: 97:d8:d8:1a:d0:fc:aa:ed:ad:16:3c:a9:0a:d1:63:8b:f0:c9: 12:83:bc:49:4d:69:ea:fc:18:4e:50:34:aa:67:af:6a:ee:1a: 6e:60:28:16:bc:d8:b6:05:ad:d1:b0:54:0b:69:ee:4a:b7:c6: bb:96:a1:00:02:69:0c:9e:10:2d:68:93:53:81:47:41:28:2f: c8:91:fc:1b:2d:b6:10:7a:2c:9b:2b:cf:55:0b:32:66:2d:89: 69:50:08:f5:9c:37:aa:0f:19:3e:04:db:70:f6:1f:8d:e2:b2: 40:aa:2b:fd:02:5a:da:2a:2e:11:2e:6f:06:aa:c4:72:91:2a: 7e:4b:de:2d:d7:55:df:90:92:69:d5:a0:e7:90:f7:81:ec:99: 58:78:3e:a4:24:12:c2:99:80:fc:4e:d4:db:66:95:9f:0d:f9: 48:5f:82:9f:fe:25:b0:2b:ee:bc:c3:f9:ef:11:4f:9c:37:a8: 86:bb:2b:5b -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUaZ8/jwRYCwAYOiQdb7HMZoRj22IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk YWQyMmFjZTAeFw0yNTEwMTkxMjU3NTZaFw0yNTEwMjAxMzM1NTZaMDMxMTAvBgNV BAMTKENBOUE3RUM2OTJBMDZDMDY3QUU1OUJBOThCRTJBNEI2NjUzNTEzQzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsB8ppmTdpcrjA0rb8IPEeQrOv AGR2ZaUNi42tvKOU4zP/Tpj8b7+CgKQZJ4h4PSar55Qz9F9GK+Iou+g0ulbJbOeb jH4mBEIussIo/02rmpLzuQNrA3JxAbP6Yqap4Mkdft/46iR6U3Cmg5zeo9jUzLPY 7+XepzmjjuIrh/eM9ThiLntZn4PjhchBBKgTX6mV+xvMcdCHEwZxAH2gpUamTmwo dAZHMVXBedXXWQpaRg91sfbHnVSQBigBdVmuLLhpzMiIj6LyuVqAde1XoNUapx3B lEXogXi+k01OLzG4a6/f6nDjifwI/Ssz/weR/rH/AuoAgsNat3QkgvNSzCdbAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUypp+xpKgbAZ65Zupi+KktmU1E8MwHwYDVR0j BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1 YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00 MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4 NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbjuYb1ZY4zMUT86y55I7 DOYfzYwR3C7uQ9kZCt5dtP9sgLaXBt8KOMz1HiF+F/s68wt4WldNoWiZl3t6G5g6 lF/Pg3zn2w8bl9jYGtD8qu2tFjypCtFji/DJEoO8SU1p6vwYTlA0qmevau4abmAo FrzYtgWt0bBUC2nuSrfGu5ahAAJpDJ4QLWiTU4FHQSgvyJH8Gy22EHosmyvPVQsy Zi2JaVAI9Zw3qg8ZPgTbcPYfjeKyQKor/QJa2iouES5vBqrEcpEqfkveLddV35CS adWg55D3geyZWHg+pCQSwpmA/E7U22aVnw35SF+Cn/4lsCvuvMP57xFPnDeohrsr Ww== -----END CERTIFICATE-----Generated at Mon Oct 20 06:29:44 2025 by rpki-client