$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft File: 521525856CBBA6D9D2254221C280DC930734AAB8.mft (raw, json) Hash identifier: pwfCnpbEQBTkulRUFjZZd1IFB+BUUgat6CmFB0NfLL8= Subject key identifier: D2:1A:52:48:D4:AB:5A:F7:74:E3:15:45:07:AF:E5:17:79:F0:3E:C3 Authority key identifier: 52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 Certificate issuer: /CN=521525856CBBA6D9D2254221C280DC930734AAB8 Certificate serial: 36A6780B6367D17D50DA97611DB458013CBB853C Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft Manifest number: 2B Signing time: Mon 04 Aug 2025 05:41:03 +0000 Manifest this update: Mon 04 Aug 2025 05:36:03 +0000 Manifest next update: Tue 05 Aug 2025 09:21:03 +0000 Files and hashes: 1: 326130363a613030333a666666663a3a2f34382d3438203d3e203530373535.roa (hash: HVzJ9R68GMwZO9EL/DI2ZLp1a+F6uNrFmfl8+YGeZKc=) 2: 521525856CBBA6D9D2254221C280DC930734AAB8.crl (hash: B6d3JeWz46oMvmnd+e4D1F4IN/NL+Kgjom/WbB3HCyQ=) 3: 326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa (hash: rOXq6KopS7nNrxLenr0thMMbHkGjihkrbeGzvVQ4fNc=) 4: 39342e32342e3130382e302f32342d3234203d3e20323030363736.roa (hash: hbkkIcLL2dVYKU+9BKXYxvOgTE4cVlfb37zj8sIKpS0=) 5: 326130363a613030333a3a2f34382d3438203d3e20323030363736.roa (hash: PNV+6g1yuxZfiOErO1rlD/OjvHSDnl045B3ycAeUEw8=) 6: 326130363a613030333a313333373a3a2f34382d3438203d3e20323030363736.roa (hash: qr/bfrnor+1gB61vuOA1czljaK/VRJBauBs1U2EbENw=) 7: 326130363a613030333a623030623a3a2f34382d3438203d3e20323030363736.roa (hash: kunZD4UEEwcG2nc99Wb+xz1yK+IdIm7SjegbAra8chc=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 05 Aug 2025 09:21:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:a6:78:0b:63:67:d1:7d:50:da:97:61:1d:b4:58:01:3c:bb:85:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=521525856CBBA6D9D2254221C280DC930734AAB8 Validity Not Before: Aug 4 05:36:03 2025 GMT Not After : Aug 5 09:21:03 2025 GMT Subject: CN=D21A5248D4AB5AF774E3154507AFE51779F03EC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:c6:e2:73:45:85:9c:de:1b:d6:ef:d9:13:de: 88:6b:70:34:d3:32:74:92:b0:be:f4:4e:f2:b2:7e: e6:6b:26:c6:eb:41:2b:8a:cf:7b:60:d8:c4:e4:52: cd:f5:4b:87:e4:79:77:b6:0a:f9:52:7f:81:8f:09: c0:5b:ba:81:f8:50:14:66:c4:9d:c9:8a:7a:68:ec: 84:9c:88:a2:f6:b6:53:71:95:12:9a:46:e0:8a:5e: 7d:66:45:c0:b9:68:2a:4d:4f:52:a8:cc:8c:be:38: b4:c4:9c:a8:3c:d2:8d:6d:e3:5c:83:4c:41:f0:62: 51:63:f9:22:7f:fc:fe:52:10:10:5f:ed:2b:89:25: 89:ed:f0:3b:05:fb:07:53:33:26:59:25:79:27:2b: 00:bc:9d:17:7e:d5:4d:4d:74:10:de:be:6f:8b:90: 49:51:ca:da:5c:9c:52:88:d3:3a:9d:a4:4c:86:a9: 59:c8:21:5a:af:21:6e:b1:88:4c:c8:a0:24:00:13: 61:6a:0e:a6:b5:a1:a2:42:9c:a0:dd:54:3e:72:11: d5:6e:da:a4:36:98:f7:8c:10:89:3e:83:f6:97:ce: e9:8e:a3:60:94:1a:10:29:7f:9a:44:c4:b5:fb:14: 36:45:32:e1:f3:3d:2e:b5:2b:fd:51:90:ce:c2:65: 57:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:1A:52:48:D4:AB:5A:F7:74:E3:15:45:07:AF:E5:17:79:F0:3E:C3 X509v3 Authority Key Identifier: keyid:52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:d4:15:35:4a:04:9b:7a:44:f8:58:bd:bd:cb:c5:66:46:9a: 9f:d8:94:89:9b:8f:5c:7a:03:20:fd:c7:e7:f3:5e:cd:e0:37: fa:d6:4c:52:39:d3:df:f9:f9:fb:19:35:a6:4f:ac:76:ad:0e: 71:d0:b4:67:cf:88:6e:30:05:79:a6:34:db:06:19:c1:f5:16: ba:5e:9f:d0:5e:a2:11:85:8f:73:ea:93:51:cc:f5:7e:d2:72: b3:fd:ba:2e:5b:93:7b:b8:7b:da:38:aa:4f:3d:b4:ae:53:d3: a2:b2:88:3a:50:6f:80:01:b7:d1:ec:1b:b7:b3:94:f9:90:c7: 63:ca:73:29:04:1e:86:22:53:9a:df:c3:7b:5f:9f:f5:1c:8f: b5:7b:f5:e1:42:43:ed:18:71:9e:ad:29:47:f0:d0:67:6f:41: 70:53:29:14:41:f6:20:16:04:c8:2b:1c:98:23:71:47:aa:7f: 4f:57:9f:01:76:65:ec:a0:74:8d:45:bc:9a:a3:c7:e2:e9:ab: 5f:9c:ab:e8:83:11:7c:f1:a6:50:8f:fc:b8:12:5c:15:ea:e1: bf:e5:7c:8e:b3:5b:1b:4b:30:a4:bd:a0:7e:b2:1f:67:bd:b0: fe:44:3c:a7:df:db:f9:3b:a3:1e:e7:0e:b4:d9:ac:01:1c:bb: d2:bb:6d:5b -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIUNqZ4C2Nn0X1Q2pdhHbRYATy7hTwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMw NzM0QUFCODAeFw0yNTA4MDQwNTM2MDNaFw0yNTA4MDUwOTIxMDNaMDMxMTAvBgNV BAMTKEQyMUE1MjQ4RDRBQjVBRjc3NEUzMTU0NTA3QUZFNTE3NzlGMDNFQzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSxuJzRYWc3hvW79kT3ohrcDTT MnSSsL70TvKyfuZrJsbrQSuKz3tg2MTkUs31S4fkeXe2CvlSf4GPCcBbuoH4UBRm xJ3Jinpo7ISciKL2tlNxlRKaRuCKXn1mRcC5aCpNT1KozIy+OLTEnKg80o1t41yD TEHwYlFj+SJ//P5SEBBf7SuJJYnt8DsF+wdTMyZZJXknKwC8nRd+1U1NdBDevm+L kElRytpcnFKI0zqdpEyGqVnIIVqvIW6xiEzIoCQAE2FqDqa1oaJCnKDdVD5yEdVu 2qQ2mPeMEIk+g/aXzumOo2CUGhApf5pExLX7FDZFMuHzPS61K/1RkM7CZVe/AgMB AAGjggJ3MIICczAdBgNVHQ4EFgQU0hpSSNSrWvd04xVFB6/lF3nwPsMwHwYDVR0j BBgwFoAUUhUlhWy7ptnSJUIhwoDckwc0qrgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1 Y2U3LzQvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0QUFCOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0 QUFCOC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWNhM2NhNi0z NGNjLTQ3NzItYmFjMC1hMzVkZDAxOTVjZTcvNC81MjE1MjU4NTZDQkJBNkQ5RDIy NTQyMjFDMjgwREM5MzA3MzRBQUI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP9QVNUoEm3pE+Fi9vcvF Zkaan9iUiZuPXHoDIP3H5/NezeA3+tZMUjnT3/n5+xk1pk+sdq0OcdC0Z8+IbjAF eaY02wYZwfUWul6f0F6iEYWPc+qTUcz1ftJys/26LluTe7h72jiqTz20rlPTorKI OlBvgAG30ewbt7OU+ZDHY8pzKQQehiJTmt/De1+f9RyPtXv14UJD7Rhxnq0pR/DQ Z29BcFMpFEH2IBYEyCscmCNxR6p/T1efAXZl7KB0jUW8mqPH4umrX5yr6IMRfPGm UI/8uBJcFerhv+V8jrNbG0swpL2gfrIfZ72w/kQ8p9/b+TujHucOtNmsARy70rtt Ww== -----END CERTIFICATE-----Generated at Mon Aug 4 18:56:28 2025 by rpki-client