$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: ZQi4coQVB6N3EpUu0XoRpXY/N9zpP4b390Lz8yb3M/c= Subject key identifier: EE:32:2E:23:C9:0A:C3:ED:D2:89:D6:A1:9E:33:58:7C:53:B2:35:66 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 10524CF7FB5524A63FFE9E9161EDC93A047ACFF5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: 01AA Signing time: Sat 13 Jun 2026 02:55:10 +0000 Manifest this update: Sat 13 Jun 2026 02:50:10 +0000 Manifest next update: Sun 14 Jun 2026 06:54:10 +0000 Files and hashes: 1: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) 2: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 3: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 4: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 5: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 6: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 7: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 8: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 9: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 10: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 11: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 12: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 13: 326130343a623930343a373230303a3a2f34302d3430203d3e20323131333231.roa (hash: refEY6cMSdDY7cBVUX5w6R5vf51PxokJ+N8DMMimo3o=) 14: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 15: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: vrip2B4dY3J983pZmIpHGyRNHISmGFIe7DPKSolLS+k=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Jun 2026 06:54:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:52:4c:f7:fb:55:24:a6:3f:fe:9e:91:61:ed:c9:3a:04:7a:cf:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Jun 13 02:50:10 2026 GMT Not After : Jun 14 06:54:10 2026 GMT Subject: CN=EE322E23C90AC3EDD289D6A19E33587C53B23566 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ee:23:f1:ba:bf:70:66:1b:fa:8b:47:07:70: 2f:00:c0:0b:03:ad:7e:54:a0:0b:f3:15:71:6e:75: 0f:ef:b6:cc:ff:5e:f3:7e:92:fa:6e:64:37:b9:66: 24:b3:5a:bb:2e:f6:c0:76:e7:d8:ed:eb:bd:0d:9a: 63:39:3f:df:19:58:7f:01:3c:2a:40:c8:57:db:19: af:15:03:b5:bc:12:3b:e6:55:3f:ed:ae:34:31:f5: 95:60:3f:60:6b:df:08:32:0b:35:e5:2e:a7:3a:04: 92:a7:71:65:bc:63:0d:3d:00:b1:c8:6b:68:3b:f7: f7:99:d0:02:03:a6:84:6b:a3:50:a4:da:2f:36:33: d9:54:29:7b:2b:4a:b2:29:21:6b:b3:0a:11:60:9b: 63:07:06:47:19:2b:91:94:a0:45:6a:c1:0b:c2:31: a9:ff:c9:62:41:c7:c1:09:aa:ae:31:6b:d5:54:18: 5b:53:36:65:f2:87:27:11:e5:4b:5f:87:0f:18:a0: 7c:23:6b:d9:ec:fe:19:de:07:2e:0d:d2:ad:24:43: f3:e9:33:14:6f:6c:8d:28:2e:8a:8c:b5:68:03:7e: 3a:ee:a7:6b:2a:d7:21:38:0b:af:b3:3e:5c:58:9e: c6:58:6f:8e:65:59:0f:ef:70:9d:9f:5c:cf:fa:e3: 5b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:32:2E:23:C9:0A:C3:ED:D2:89:D6:A1:9E:33:58:7C:53:B2:35:66 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:08:0f:f3:28:40:f1:29:00:7e:8f:a5:2f:ee:64:44:f9:56: 5e:aa:2f:93:78:d5:e6:ba:a5:ff:e5:7c:53:05:70:7a:cc:1e: 6c:01:cb:3d:08:e8:a0:cc:68:6f:7e:3e:f2:b7:42:04:c3:f7: 04:81:0b:a6:0b:c1:d1:71:c9:ca:16:cb:3f:11:96:a9:74:9f: 27:34:39:96:0a:84:59:9c:27:09:84:05:fc:f9:12:bc:62:40: 33:d5:e7:8f:59:f6:b2:97:26:a7:38:77:07:5d:fd:79:60:0d: 0e:bd:fc:66:99:a5:09:54:22:24:0f:ea:b9:b9:d8:19:db:d2: 12:aa:e2:03:a3:df:04:97:76:98:f3:2a:11:d8:6e:f0:7a:4f: dd:92:09:a1:c8:da:f9:10:31:9f:b3:e8:49:92:98:eb:7c:7d: e0:f0:62:a2:4b:24:3f:65:16:f8:4d:e1:ed:ec:28:32:ab:20: f3:b8:54:83:f6:77:dd:b3:c5:5c:b2:24:69:1d:0a:ba:ac:b8: 40:4d:76:09:0f:6d:57:56:c3:cc:9b:1b:bb:1b:bf:e7:be:91: 8e:87:0a:79:fe:ed:3f:74:e3:2a:53:4d:6c:51:01:e9:6e:a9: b7:42:5f:f0:9b:e1:64:8d:f4:e4:97:3f:5f:2d:57:80:35:f1: 4f:12:aa:36 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUEFJM9/tVJKY//p6RYe3JOgR6z/UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNjA2MTMwMjUwMTBaFw0yNjA2MTQwNjU0MTBaMDMxMTAvBgNV BAMTKEVFMzIyRTIzQzkwQUMzRUREMjg5RDZBMTlFMzM1ODdDNTNCMjM1NjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ7iPxur9wZhv6i0cHcC8AwAsD rX5UoAvzFXFudQ/vtsz/XvN+kvpuZDe5ZiSzWrsu9sB259jt670NmmM5P98ZWH8B PCpAyFfbGa8VA7W8EjvmVT/trjQx9ZVgP2Br3wgyCzXlLqc6BJKncWW8Yw09ALHI a2g79/eZ0AIDpoRro1Ck2i82M9lUKXsrSrIpIWuzChFgm2MHBkcZK5GUoEVqwQvC Man/yWJBx8EJqq4xa9VUGFtTNmXyhycR5Utfhw8YoHwja9ns/hneBy4N0q0kQ/Pp MxRvbI0oLoqMtWgDfjrup2sq1yE4C6+zPlxYnsZYb45lWQ/vcJ2fXM/641tzAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQU7jIuI8kKw+3SidahnjNYfFOyNWYwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQABCA/zKEDxKQB+j6Uv7mRE+VZeqi+TeNXmuqX/5XxTBXB6zB5sAcs9COig zGhvfj7yt0IEw/cEgQumC8HRccnKFss/EZapdJ8nNDmWCoRZnCcJhAX8+RK8YkAz 1eePWfaylyanOHcHXf15YA0OvfxmmaUJVCIkD+q5udgZ29ISquIDo98El3aY8yoR 2G7wek/dkgmhyNr5EDGfs+hJkpjrfH3g8GKiSyQ/ZRb4TeHt7CgyqyDzuFSD9nfd s8VcsiRpHQq6rLhATXYJD21XVsPMmxu7G7/nvpGOhwp5/u0/dOMqU01sUQHpbqm3 Ql/wm+FkjfTklz9fLVeANfFPEqo2 -----END CERTIFICATE-----Generated at Sat Jun 13 19:04:52 2026 by rpki-client