$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft File: 656E4422ABF129649200EB019A815F2B12236E92.mft (raw, json) Hash identifier: xDrmmoZMHLLPxZrcpA7xeX+fPSQLY1q7PUycVeHYxf8= Subject key identifier: 55:13:21:96:33:FB:83:7B:60:AF:E4:16:FE:F5:75:B7:14:F9:2C:65 Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92 Certificate issuer: /CN=656E4422ABF129649200EB019A815F2B12236E92 Certificate serial: 763D8E60E88AF108294241CA59C4325C66B0D024 Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer Subject info access: rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft Manifest number: 01CE Signing time: Wed 05 Nov 2025 01:22:39 +0000 Manifest this update: Wed 05 Nov 2025 01:17:39 +0000 Manifest next update: Thu 06 Nov 2025 04:24:39 +0000 Files and hashes: 1: 656E4422ABF129649200EB019A815F2B12236E92.crl (hash: 3tBjJRux1fSnwI0wFlejXzVtszAZKtnEN8oPv43OAc0=) 2: 34352e3133322e3139312e302f32342d3234203d3e2033393730.roa (hash: piR0xY2W/Fg7dFVRqqqeApVksNlAZNhoOxCqAZQ09I0=) 3: 34352e3133322e3139302e302f32342d3234203d3e2030.roa (hash: 9ieyP3BjwnrGT7jHWN0miv3BwxPneURkOZZD4j2C8Tw=) 4: 3134372e32382e31302e302f32332d3234203d3e2039343334.roa (hash: VtH6E5X9bla/lP/1oDgzLC/IGBeO4Y+MgLQlG/MHRAA=) 5: 3134372e32382e31302e302f32332d3234203d3e203437303635.roa (hash: InllrUkC+i/L8Vq1qSaFZSxY2gcH0Pb1ZOihADOfZw0=) Validation: OK Signature path: rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 19:18:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:3d:8e:60:e8:8a:f1:08:29:42:41:ca:59:c4:32:5c:66:b0:d0:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92 Validity Not Before: Nov 5 01:17:39 2025 GMT Not After : Nov 6 04:24:39 2025 GMT Subject: CN=5513219633FB837B60AFE416FEF575B714F92C65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:ce:69:1c:e5:af:ff:b1:cb:4e:d6:60:02:65: a0:d7:e8:cd:21:7b:81:ca:73:2a:e3:94:5b:27:80: 9b:37:b5:14:57:c8:cb:e2:9f:a3:9d:08:18:5c:d6: 9c:6a:f4:19:54:ca:d7:b6:b9:9c:d1:18:39:ac:24: 69:70:d1:e7:9b:f2:6f:07:12:ee:9a:ef:45:37:99: 0d:69:2f:ad:a3:17:6e:3b:b6:50:13:7f:2c:97:a8: 2b:d3:46:47:5d:f2:a6:9a:9e:eb:73:9c:87:2a:b9: 78:7e:f1:22:67:15:c7:86:c4:b8:66:f2:32:f1:28: 4f:d5:be:ee:a1:2a:a0:a9:d7:3c:6e:4e:e8:1a:90: 29:fe:6b:d4:95:24:9b:66:a5:35:dc:eb:84:a6:ea: d4:1e:c4:1f:a9:b7:ef:e7:1d:fa:b6:f1:cd:b8:03: 55:cd:42:c1:19:7f:23:03:e8:4c:ee:aa:44:65:96: ed:0c:c6:fd:9f:28:7d:9a:e7:c3:cc:37:e2:09:29: aa:8c:5d:22:0f:a8:a0:24:81:93:24:d1:09:18:2d: 2e:d3:04:7e:0b:1f:d4:03:84:f5:f8:1e:e3:85:42: f7:c8:56:eb:f0:da:d5:4e:19:17:96:7f:7a:b9:23: b6:32:3b:4c:f9:08:2c:a3:4a:65:20:c3:61:87:69: 9b:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:13:21:96:33:FB:83:7B:60:AF:E4:16:FE:F5:75:B7:14:F9:2C:65 X509v3 Authority Key Identifier: keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl Authority Information Access: CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer Subject Information Access: Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:17:2e:cf:02:c0:50:c3:be:e7:1c:ab:d9:4e:70:8e:5b:e8: ef:85:8c:56:9e:c2:af:2a:77:98:a2:5b:51:ee:6f:48:ba:d4: f9:43:d5:99:35:97:8b:dd:a1:23:39:05:b9:08:91:a8:04:91: d7:9c:2d:6c:14:c3:1a:e4:d0:e6:9b:2c:ea:f5:4a:61:aa:d3: 98:f4:5e:82:b4:6d:ef:bc:1f:6b:92:a9:95:8b:7b:b6:dd:30: 1f:e3:69:28:2f:f6:d2:c1:62:bb:f3:83:1b:6b:35:9f:f6:38: 9b:6d:86:b4:a2:3f:f6:47:2c:66:b0:42:86:ef:35:78:20:4b: b3:51:02:51:7d:c6:41:17:a2:9f:4b:a7:71:63:72:bf:66:0e: 43:a3:95:d7:2d:cd:da:31:e6:b8:24:11:2b:b6:8c:fa:90:e2: 6f:a1:28:b6:c7:01:7a:28:23:7f:7f:c3:8d:f6:97:52:eb:44: 2c:ef:8a:3e:c9:b8:af:c0:75:76:d3:22:57:e7:74:62:44:cb: aa:2e:f7:5f:dc:30:a1:eb:3d:7b:28:8b:d4:93:5b:86:c1:b2: a1:56:b1:6b:dd:72:cf:bf:00:ea:35:ed:40:09:3c:fd:4a:40: 0e:41:ef:50:30:05:f8:61:8b:dc:b2:96:3b:bf:cb:84:a3:b3: 1c:74:de:e7 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUdj2OYOiK8QgpQkHKWcQyXGaw0CQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx MjIzNkU5MjAeFw0yNTExMDUwMTE3MzlaFw0yNTExMDYwNDI0MzlaMDMxMTAvBgNV BAMTKDU1MTMyMTk2MzNGQjgzN0I2MEFGRTQxNkZFRjU3NUI3MTRGOTJDNjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWzmkc5a//sctO1mACZaDX6M0h e4HKcyrjlFsngJs3tRRXyMvin6OdCBhc1pxq9BlUyte2uZzRGDmsJGlw0eeb8m8H Eu6a70U3mQ1pL62jF247tlATfyyXqCvTRkdd8qaanutznIcquXh+8SJnFceGxLhm 8jLxKE/Vvu6hKqCp1zxuTugakCn+a9SVJJtmpTXc64Sm6tQexB+pt+/nHfq28c24 A1XNQsEZfyMD6EzuqkRllu0Mxv2fKH2a58PMN+IJKaqMXSIPqKAkgZMk0QkYLS7T BH4LH9QDhPX4HuOFQvfIVuvw2tVOGReWf3q5I7YyO0z5CCyjSmUgw2GHaZu1AgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQUVRMhljP7g3tgr+QW/vV1txT5LGUwHwYDVR0j BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5 Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL2tyaWxsLnJn Lm5ldC9yZXBvL3Jwa2ktYmVhY29ucy1jYS8wLzY1NkU0NDIyQUJGMTI5NjQ5MjAw RUIwMTlBODE1RjJCMTIyMzZFOTIubWZ0MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADAVBggrBgEFBQcB CAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCbFy7PAsBQw77nHKvZTnCO W+jvhYxWnsKvKneYoltR7m9IutT5Q9WZNZeL3aEjOQW5CJGoBJHXnC1sFMMa5NDm myzq9UphqtOY9F6CtG3vvB9rkqmVi3u23TAf42koL/bSwWK784MbazWf9jibbYa0 oj/2RyxmsEKG7zV4IEuzUQJRfcZBF6KfS6dxY3K/Zg5Do5XXLc3aMea4JBErtoz6 kOJvoSi2xwF6KCN/f8ON9pdS60Qs74o+ybivwHV20yJX53RiRMuqLvdf3DCh6z17 KIvUk1uGwbKhVrFr3XLPvwDqNe1ACTz9SkAOQe9QMAX4YYvcspY7v8uEo7McdN7n -----END CERTIFICATE-----Generated at Wed Nov 5 15:21:13 2025 by rpki-client