$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: JJU7tRKCItcc9dbSi9cy6D+Mc0osKaPg4FGcgjvg7fg= Subject key identifier: B7:E4:58:A0:82:BA:5B:60:81:7F:28:7D:3F:6F:7D:31:E7:5F:B7:85 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 732B6A9BD8B3DD4184CF8937EE083C936A3C8D99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: 015D Signing time: Thu 16 Apr 2026 09:04:41 +0000 Manifest this update: Thu 16 Apr 2026 08:59:41 +0000 Manifest next update: Fri 17 Apr 2026 10:18:41 +0000 Files and hashes: 1: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 2: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 3: 326130343a623930343a373230303a3a2f34302d3430203d3e20323131333231.roa (hash: refEY6cMSdDY7cBVUX5w6R5vf51PxokJ+N8DMMimo3o=) 4: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 5: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) 6: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 7: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 8: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 9: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 10: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 11: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 12: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 13: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: L3t+8xrh49ttljJql+HXx8CwJqMAcUE0LbMqk8QICDg=) 14: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 15: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 10:18:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:2b:6a:9b:d8:b3:dd:41:84:cf:89:37:ee:08:3c:93:6a:3c:8d:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Apr 16 08:59:41 2026 GMT Not After : Apr 17 10:18:41 2026 GMT Subject: CN=B7E458A082BA5B60817F287D3F6F7D31E75FB785 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ef:81:30:5e:d9:cf:0c:05:00:0f:10:4b:0b: c2:3d:c6:7e:dd:d7:76:cc:75:a4:92:85:2d:a0:d6: 0f:11:c7:49:4a:93:89:81:70:9c:43:61:0f:af:66: 1b:b9:d6:9d:68:e6:ac:07:81:63:1b:c2:a7:8d:60: 3b:af:44:63:51:5e:d0:6c:17:72:19:86:08:6f:94: a6:ca:ed:14:78:b7:dc:7b:d2:94:d3:a1:24:9d:b7: 76:7e:be:02:41:91:63:df:8b:84:03:bc:58:61:43: f3:43:6a:48:1a:cf:9d:13:86:4a:e9:65:94:40:c8: b4:bb:a9:83:64:2d:4a:36:90:78:23:aa:31:87:c2: 6b:b4:92:74:f5:55:ea:c7:f4:67:42:0c:fe:21:4d: 70:33:4a:2c:0f:c2:ba:f6:83:a0:ba:b0:72:98:c5: 28:f8:6c:13:3c:c4:af:c4:c0:51:01:fd:a4:1d:cf: e8:e6:9f:b5:7e:a8:b5:cb:a7:d8:c8:de:f7:fd:90: 59:9b:e8:95:f2:24:08:e6:58:3f:56:a6:2f:90:0e: 68:d2:a8:42:a0:08:14:a4:4a:72:ba:10:0c:ce:2a: 85:b6:ad:bc:2d:58:6b:9f:15:08:22:75:88:8f:b2: a4:eb:ed:41:ca:52:ab:da:e9:0e:07:5c:4d:2b:24: 88:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:E4:58:A0:82:BA:5B:60:81:7F:28:7D:3F:6F:7D:31:E7:5F:B7:85 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:53:2c:9b:ab:85:a0:53:e8:8f:0f:ef:b1:62:bb:a4:fb:70: 7c:1e:cd:df:0e:33:7a:88:d4:de:d8:d9:fc:6f:09:1f:46:b7: 9b:bb:a2:a7:f2:94:ea:7b:00:be:e3:5f:50:d6:07:bc:2c:f5: 35:14:bf:10:79:1c:a4:92:95:81:a4:cd:ab:42:09:a3:14:da: 6f:0a:7f:85:05:67:54:74:6b:d1:03:0e:9a:02:6f:07:8b:f3: 56:07:b2:c7:a0:10:5d:50:73:90:8d:f6:6b:7f:cd:6b:97:7a: 84:de:0f:8c:d2:07:8a:86:82:73:31:06:cf:0e:4b:82:6c:2f: 08:2e:77:b6:2a:f1:c2:a8:36:de:91:75:7a:31:db:1a:98:53: 0e:72:58:dd:84:66:53:6b:13:e7:80:cd:1b:3c:d1:9b:25:5c: d9:72:0f:76:6e:c5:98:52:15:d6:3a:ea:d3:1d:38:24:27:a0: b8:3b:6c:c4:d1:e5:fd:51:74:f0:57:8f:b4:2c:15:16:b7:7c: 63:77:fc:67:c1:22:5b:50:b1:5a:5f:5d:6c:00:2e:66:d2:ab: ec:d8:4c:e2:4e:61:7c:c9:1f:52:c7:92:4b:25:03:06:15:c9: 60:a1:a1:8b:b2:9f:17:ec:37:8e:16:81:96:df:dc:71:f8:a5: 08:20:3b:59 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUcytqm9iz3UGEz4k37gg8k2o8jZkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNjA0MTYwODU5NDFaFw0yNjA0MTcxMDE4NDFaMDMxMTAvBgNV BAMTKEI3RTQ1OEEwODJCQTVCNjA4MTdGMjg3RDNGNkY3RDMxRTc1RkI3ODUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm74EwXtnPDAUADxBLC8I9xn7d 13bMdaSShS2g1g8Rx0lKk4mBcJxDYQ+vZhu51p1o5qwHgWMbwqeNYDuvRGNRXtBs F3IZhghvlKbK7RR4t9x70pTToSSdt3Z+vgJBkWPfi4QDvFhhQ/NDakgaz50Thkrp ZZRAyLS7qYNkLUo2kHgjqjGHwmu0knT1VerH9GdCDP4hTXAzSiwPwrr2g6C6sHKY xSj4bBM8xK/EwFEB/aQdz+jmn7V+qLXLp9jI3vf9kFmb6JXyJAjmWD9Wpi+QDmjS qEKgCBSkSnK6EAzOKoW2rbwtWGufFQgidYiPsqTr7UHKUqva6Q4HXE0rJIhnAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQUt+RYoIK6W2CBfyh9P299Medft4UwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQBRUyybq4WgU+iPD++xYruk+3B8Hs3fDjN6iNTe2Nn8bwkfRrebu6Kn8pTq ewC+419Q1ge8LPU1FL8QeRykkpWBpM2rQgmjFNpvCn+FBWdUdGvRAw6aAm8Hi/NW B7LHoBBdUHOQjfZrf81rl3qE3g+M0geKhoJzMQbPDkuCbC8ILne2KvHCqDbekXV6 MdsamFMOcljdhGZTaxPngM0bPNGbJVzZcg92bsWYUhXWOurTHTgkJ6C4O2zE0eX9 UXTwV4+0LBUWt3xjd/xnwSJbULFaX11sAC5m0qvs2EziTmF8yR9Sx5JLJQMGFclg oaGLsp8X7DeOFoGW39xx+KUIIDtZ -----END CERTIFICATE-----Generated at Thu Apr 16 23:55:05 2026 by rpki-client