$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: Yf9daR9h5+pcUX//kYgF2ZXiDMJ0yN2AzW56zbbDF1s= Subject key identifier: 7B:32:C9:90:96:AB:11:16:5D:21:4A:1C:77:3C:AD:A8:AF:B0:26:99 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 1203018E8F6346D5E708D72D9A93B24DDEDB02FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: 08 Signing time: Mon 04 Aug 2025 10:03:58 +0000 Manifest this update: Mon 04 Aug 2025 09:58:58 +0000 Manifest next update: Tue 05 Aug 2025 12:24:58 +0000 Files and hashes: 1: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 2: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 3: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 4: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 5: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 6: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 7: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 8: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: qfEGKzzwc+68sk7OPyz6zAcFRVtxTSOuXvhKucDp3sY=) 9: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 10: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 11: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 12: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) 13: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 14: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 05 Aug 2025 12:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:03:01:8e:8f:63:46:d5:e7:08:d7:2d:9a:93:b2:4d:de:db:02:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Aug 4 09:58:58 2025 GMT Not After : Aug 5 12:24:58 2025 GMT Subject: CN=7B32C99096AB11165D214A1C773CADA8AFB02699 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a9:cd:3f:16:47:72:77:2e:0a:2e:4f:3a:67: 70:dd:d8:fe:7a:4f:10:2c:dd:db:5d:5b:2c:9b:ca: d7:4e:89:13:1b:20:a3:8c:d3:d0:0a:2c:d4:33:9a: 44:5e:a4:b6:c2:6d:74:70:29:11:00:28:dc:ca:2b: 0f:f5:fb:f1:52:49:e1:39:ea:08:7a:e0:48:3a:ec: 78:27:bd:88:f8:8d:2c:be:83:99:84:48:54:ee:33: 31:2b:c8:33:96:ee:7a:21:c0:d7:cc:e0:f7:61:7c: 6f:70:7e:33:56:02:60:62:0a:6e:b9:11:05:93:12: e8:57:82:af:67:4e:39:87:49:9c:fc:7f:d1:60:99: ee:c3:79:0e:4f:42:35:a7:53:a2:16:b0:6b:4e:60: 06:d5:75:70:81:af:9a:3c:ad:39:cd:e1:ed:bd:59: e4:0e:08:52:8d:b8:16:89:c6:a1:2b:b9:64:01:84: cf:a9:21:e3:c9:75:be:7e:05:40:89:06:72:2d:b7: ca:e9:96:c2:0b:6c:b8:f3:db:3f:0e:31:cb:de:4f: f7:04:98:b8:50:da:46:a0:5e:0e:b3:33:32:ab:09: e5:f0:f2:17:67:e5:a2:a8:00:8a:e3:18:bd:a3:6b: 6d:c1:c5:87:2b:8b:54:19:f7:a5:1b:47:5b:7b:6e: 3b:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:32:C9:90:96:AB:11:16:5D:21:4A:1C:77:3C:AD:A8:AF:B0:26:99 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:ee:1e:dc:a9:6f:18:5f:7c:ee:a8:1a:75:e8:e3:3e:6e:c9: 17:a0:5c:8a:60:e2:10:d3:ac:da:a9:f5:a9:3b:48:44:56:26: 7f:a8:f0:88:38:02:bd:1b:b5:fd:e2:ec:bf:6a:f5:24:28:67: ee:7d:af:08:79:65:64:05:55:f2:89:70:26:68:fa:cf:04:ff: d2:29:be:c2:4d:74:7e:e6:48:56:a9:ee:c9:10:3e:d1:e7:99: 36:9e:e4:eb:cb:d6:0c:3a:1a:da:37:49:aa:d5:00:cc:cc:bf: f0:ad:50:39:d7:95:c4:2e:bb:44:b0:b3:67:26:82:0b:27:9f: 02:7f:ed:e2:29:48:4f:11:cb:f2:13:23:9c:ce:d6:fd:34:db: 27:37:18:c8:46:9f:c0:b4:2e:2f:9c:43:af:0a:99:cb:55:22: 74:b2:9c:2d:07:4b:c5:17:fc:55:66:52:4f:3d:0a:a2:ad:c9: 3c:e2:15:13:32:7f:3d:7e:ed:84:a6:e5:ac:5a:e0:42:e0:ef: ce:f6:1e:22:65:6c:55:d0:ca:d1:70:79:d9:10:6d:5b:68:5a: 3c:0c:95:62:58:c6:02:b4:46:3c:80:90:04:86:a7:f3:16:c6: 83:95:2c:76:5e:f4:90:5b:6b:c7:1a:11:42:4d:17:f6:d2:af: b2:86:ca:6c -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUEgMBjo9jRtXnCNctmpOyTd7bAv8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNTA4MDQwOTU4NThaFw0yNTA4MDUxMjI0NThaMDMxMTAvBgNV BAMTKDdCMzJDOTkwOTZBQjExMTY1RDIxNEExQzc3M0NBREE4QUZCMDI2OTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTqc0/Fkdydy4KLk86Z3Dd2P56 TxAs3dtdWyybytdOiRMbIKOM09AKLNQzmkRepLbCbXRwKREAKNzKKw/1+/FSSeE5 6gh64Eg67HgnvYj4jSy+g5mESFTuMzEryDOW7nohwNfM4PdhfG9wfjNWAmBiCm65 EQWTEuhXgq9nTjmHSZz8f9Fgme7DeQ5PQjWnU6IWsGtOYAbVdXCBr5o8rTnN4e29 WeQOCFKNuBaJxqEruWQBhM+pIePJdb5+BUCJBnItt8rplsILbLjz2z8OMcveT/cE mLhQ2kagXg6zMzKrCeXw8hdn5aKoAIrjGL2ja23BxYcri1QZ96UbR1t7bjtHAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQUezLJkJarERZdIUocdzytqK+wJpkwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQB87h7cqW8YX3zuqBp16OM+bskXoFyKYOIQ06zaqfWpO0hEViZ/qPCIOAK9 G7X94uy/avUkKGfufa8IeWVkBVXyiXAmaPrPBP/SKb7CTXR+5khWqe7JED7R55k2 nuTry9YMOhraN0mq1QDMzL/wrVA515XELrtEsLNnJoILJ58Cf+3iKUhPEcvyEyOc ztb9NNsnNxjIRp/AtC4vnEOvCpnLVSJ0spwtB0vFF/xVZlJPPQqirck84hUTMn89 fu2EpuWsWuBC4O/O9h4iZWxV0MrRcHnZEG1baFo8DJViWMYCtEY8gJAEhqfzFsaD lSx2XvSQW2vHGhFCTRf20q+yhsps -----END CERTIFICATE-----Generated at Mon Aug 4 15:59:05 2025 by rpki-client