$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft File: 656E4422ABF129649200EB019A815F2B12236E92.mft (raw, json) Hash identifier: ZGag82mNNo8D5yipwGjwVI1IDPr2Wm3Efwo8QcZE2CM= Subject key identifier: A9:70:F3:D8:3E:B0:AB:65:5D:9A:B1:5C:50:90:54:FD:CB:11:DB:FE Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92 Certificate issuer: /CN=656E4422ABF129649200EB019A815F2B12236E92 Certificate serial: 1A6785F5F6D3DECFB6A7329B89D678825646CB7B Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer Subject info access: rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft Manifest number: 0258 Signing time: Thu 16 Apr 2026 15:01:06 +0000 Manifest this update: Thu 16 Apr 2026 14:56:06 +0000 Manifest next update: Fri 17 Apr 2026 15:43:06 +0000 Files and hashes: 1: 34352e3133322e3139302e302f32342d3234203d3e2030.roa (hash: 9ieyP3BjwnrGT7jHWN0miv3BwxPneURkOZZD4j2C8Tw=) 2: 3134372e32382e31302e302f32332d3234203d3e203437303635.roa (hash: +6IGfj4KE5Fon357Mz4hY46Lj0lkrQVIhXV3Upqg2+Y=) 3: 656E4422ABF129649200EB019A815F2B12236E92.crl (hash: KRJILaPBp6IHlOhyXgU5HDlesH9YDdcDJOoy08SgcWA=) 4: 34352e3133322e3139312e302f32342d3234203d3e2033393730.roa (hash: piR0xY2W/Fg7dFVRqqqeApVksNlAZNhoOxCqAZQ09I0=) 5: 3134372e32382e31302e302f32332d3234203d3e2039343334.roa (hash: JX8MZMidVpDvMl1kvP+85ppT/iMcv1vVMBW6voLjwXs=) Validation: OK Signature path: rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 03:46:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:67:85:f5:f6:d3:de:cf:b6:a7:32:9b:89:d6:78:82:56:46:cb:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92 Validity Not Before: Apr 16 14:56:06 2026 GMT Not After : Apr 17 15:43:06 2026 GMT Subject: CN=A970F3D83EB0AB655D9AB15C509054FDCB11DBFE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:06:b1:21:bf:4a:5d:c2:38:bc:cb:e4:bf:e3: 36:d5:7a:ab:77:16:32:82:d0:fa:28:04:0d:97:10: 20:4a:85:1c:1f:34:1b:84:b1:65:68:11:05:8f:a9: 86:73:9d:f2:82:ed:35:1a:bb:2e:98:68:cc:8e:e4: 3a:29:f4:65:67:29:cb:81:41:55:29:57:56:89:89: fa:1b:a1:72:a8:a4:3f:06:ef:4b:23:22:da:ad:2d: 59:d2:5b:33:34:c4:3c:d5:1d:da:51:ec:40:4d:ae: ea:04:0c:69:52:65:c2:72:8b:5b:a1:81:37:a9:cb: 59:40:f3:f2:b3:a9:32:d6:ca:75:0f:ea:ee:cd:84: f9:66:c7:5f:bf:79:38:f6:e5:fc:6e:9f:2d:fc:56: 0a:fd:55:d3:7e:06:e8:0a:a2:20:ea:71:29:82:5e: ad:22:ed:b2:69:82:cd:69:06:d6:72:ef:f0:76:2e: 04:ae:c3:3a:fb:fb:4e:74:af:f1:54:64:cf:7c:48: 0b:66:5b:7d:f4:23:44:28:f2:81:71:ed:1b:31:33: e5:db:3f:e4:3d:0b:80:c2:d7:71:73:b8:49:bc:f6: 45:f9:01:72:2e:23:e6:9e:bb:76:c8:a6:df:17:4b: b0:77:e4:64:95:11:35:3d:17:21:de:5c:4a:2e:1c: ca:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:70:F3:D8:3E:B0:AB:65:5D:9A:B1:5C:50:90:54:FD:CB:11:DB:FE X509v3 Authority Key Identifier: keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl Authority Information Access: CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer Subject Information Access: Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:3d:7f:53:1b:e1:be:17:f0:34:01:9e:62:4d:53:ab:b4:9b: df:a5:d9:62:df:42:75:47:e0:7c:1f:21:52:15:4e:f3:63:0d: d5:00:86:33:1a:f5:a2:cb:b3:ab:1b:d3:38:ab:1f:ec:72:6c: 56:9f:50:98:d7:e7:b8:3d:4b:c8:a5:b1:6b:df:54:dd:81:85: c1:e8:01:8a:67:da:a0:29:ff:0f:41:da:9d:4c:7e:48:45:96: 2d:63:f0:8b:87:90:09:2c:57:92:cd:89:a2:ae:b8:46:08:a2: de:92:aa:6a:cc:44:26:1b:23:93:43:40:f7:d3:94:ae:25:07: 9c:0f:f7:71:1a:18:7a:89:ec:8c:c5:2b:c6:4e:a6:61:28:6f: a9:f7:bf:a1:91:d1:ea:bf:1a:85:1c:6c:b8:c1:40:2c:6c:c2: 61:9e:1f:62:ed:5e:0e:0c:03:58:33:e6:1d:f6:7d:16:97:e0: d6:c9:bf:7b:c1:b2:c8:08:21:b8:93:a0:f2:15:91:0b:35:f9: d9:e9:5e:93:18:e5:01:bf:2b:72:97:54:d2:31:cb:98:87:45: cc:d0:1b:cd:a0:73:f5:7c:98:a2:45:4f:d7:f3:04:2e:85:b8: 59:9a:12:cc:0a:21:8b:6b:83:de:2c:8b:fe:69:11:c2:3d:95: c2:79:8b:42 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUGmeF9fbT3s+2pzKbidZ4glZGy3swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx MjIzNkU5MjAeFw0yNjA0MTYxNDU2MDZaFw0yNjA0MTcxNTQzMDZaMDMxMTAvBgNV BAMTKEE5NzBGM0Q4M0VCMEFCNjU1RDlBQjE1QzUwOTA1NEZEQ0IxMURCRkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnBrEhv0pdwji8y+S/4zbVeqt3 FjKC0PooBA2XECBKhRwfNBuEsWVoEQWPqYZznfKC7TUauy6YaMyO5Dop9GVnKcuB QVUpV1aJifoboXKopD8G70sjItqtLVnSWzM0xDzVHdpR7EBNruoEDGlSZcJyi1uh gTepy1lA8/KzqTLWynUP6u7NhPlmx1+/eTj25fxuny38Vgr9VdN+BugKoiDqcSmC Xq0i7bJpgs1pBtZy7/B2LgSuwzr7+050r/FUZM98SAtmW330I0Qo8oFx7RsxM+Xb P+Q9C4DC13FzuEm89kX5AXIuI+aeu3bIpt8XS7B35GSVETU9FyHeXEouHMqVAgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQUqXDz2D6wq2VdmrFcUJBU/csR2/4wHwYDVR0j BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5 Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL2tyaWxsLnJn Lm5ldC9yZXBvL3Jwa2ktYmVhY29ucy1jYS8wLzY1NkU0NDIyQUJGMTI5NjQ5MjAw RUIwMTlBODE1RjJCMTIyMzZFOTIubWZ0MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADAVBggrBgEFBQcB CAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAbPX9TG+G+F/A0AZ5iTVOr tJvfpdli30J1R+B8HyFSFU7zYw3VAIYzGvWiy7OrG9M4qx/scmxWn1CY1+e4PUvI pbFr31TdgYXB6AGKZ9qgKf8PQdqdTH5IRZYtY/CLh5AJLFeSzYmirrhGCKLekqpq zEQmGyOTQ0D305SuJQecD/dxGhh6ieyMxSvGTqZhKG+p97+hkdHqvxqFHGy4wUAs bMJhnh9i7V4ODANYM+Yd9n0Wl+DWyb97wbLICCG4k6DyFZELNfnZ6V6TGOUBvyty l1TSMcuYh0XM0BvNoHP1fJiiRU/X8wQuhbhZmhLMCiGLa4PeLIv+aRHCPZXCeYtC -----END CERTIFICATE-----Generated at Thu Apr 16 23:55:05 2026 by rpki-client