$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft File: 521525856CBBA6D9D2254221C280DC930734AAB8.mft (raw, json) Hash identifier: jFS32uLinVXGnBR6wDn5La47J1tR3qoE4pE+t2+NoL4= Subject key identifier: FF:7E:66:5C:B6:8D:22:38:74:AB:A7:23:A1:C4:B2:C6:6F:55:DC:3E Authority key identifier: 52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 Certificate issuer: /CN=521525856CBBA6D9D2254221C280DC930734AAB8 Certificate serial: 65393CEEB5E6AC140793ED2942B2468A8173F10D Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft Manifest number: 0142 Signing time: Sun 01 Mar 2026 21:03:32 +0000 Manifest this update: Sun 01 Mar 2026 20:58:32 +0000 Manifest next update: Mon 02 Mar 2026 23:57:32 +0000 Files and hashes: 1: 326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa (hash: rOXq6KopS7nNrxLenr0thMMbHkGjihkrbeGzvVQ4fNc=) 2: 326130363a613030333a3a2f34382d3438203d3e20323030363736.roa (hash: PNV+6g1yuxZfiOErO1rlD/OjvHSDnl045B3ycAeUEw8=) 3: 326130363a613030333a623030623a3a2f34382d3438203d3e20323030363736.roa (hash: kunZD4UEEwcG2nc99Wb+xz1yK+IdIm7SjegbAra8chc=) 4: 521525856CBBA6D9D2254221C280DC930734AAB8.crl (hash: 2nJE97IAA9yEVHabyNlixQKCJM2oMf/kGIjAc/Jj+J8=) 5: 326130363a613030333a666666663a3a2f34382d3438203d3e203530373535.roa (hash: HVzJ9R68GMwZO9EL/DI2ZLp1a+F6uNrFmfl8+YGeZKc=) 6: 39342e32342e3130382e302f32342d3234203d3e20323030363736.roa (hash: hbkkIcLL2dVYKU+9BKXYxvOgTE4cVlfb37zj8sIKpS0=) 7: 326130363a613030333a313333373a3a2f34382d3438203d3e20323030363736.roa (hash: qr/bfrnor+1gB61vuOA1czljaK/VRJBauBs1U2EbENw=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 23:57:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:39:3c:ee:b5:e6:ac:14:07:93:ed:29:42:b2:46:8a:81:73:f1:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=521525856CBBA6D9D2254221C280DC930734AAB8 Validity Not Before: Mar 1 20:58:32 2026 GMT Not After : Mar 2 23:57:32 2026 GMT Subject: CN=FF7E665CB68D223874ABA723A1C4B2C66F55DC3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:3d:c7:10:6f:a3:f2:b2:48:9c:48:df:df:a6: bf:5a:ef:7a:72:0c:49:b4:cf:a4:a9:a9:aa:e8:e8: f8:2e:c0:eb:ca:5a:2e:71:27:83:20:31:36:a3:35: 38:bc:fd:d8:17:b7:1e:80:15:53:d9:67:51:f0:7f: 80:00:08:07:dc:08:22:8b:53:ee:89:eb:cb:b2:10: 84:0f:45:e3:ae:67:0c:2c:53:d0:f3:5a:b6:4e:83: 32:84:08:3b:37:c0:68:57:90:c6:75:48:90:6b:5e: 61:d9:78:a2:86:24:3e:23:62:57:1f:f2:f6:21:13: 67:5b:10:7e:87:9c:be:5f:6a:36:32:c6:6e:ec:a9: fc:12:ce:ff:1a:17:b5:3d:2e:f7:00:42:ce:ef:12: c5:9b:ad:7c:ba:03:05:6c:9c:a9:1f:60:46:b8:45: 45:37:5c:45:f0:52:df:63:43:be:67:60:dd:03:c9: 44:ab:d0:ed:3d:f9:1a:a9:fa:38:7f:65:a6:02:f2: 83:df:8b:9c:06:91:c2:20:05:1d:7f:8b:92:4a:ea: c0:e5:c2:f5:97:dc:e1:bc:4d:26:bb:05:83:f4:5b: 73:ea:71:64:27:a9:fb:b7:72:53:92:39:3e:71:66: 00:29:08:82:75:a9:a6:0f:c6:20:64:df:a5:f0:c3: 42:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:7E:66:5C:B6:8D:22:38:74:AB:A7:23:A1:C4:B2:C6:6F:55:DC:3E X509v3 Authority Key Identifier: keyid:52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:32:2d:8a:8a:eb:7c:b8:30:2a:b4:93:89:05:d5:cf:a3:27: 1f:34:f3:e0:18:ed:79:aa:5a:44:28:5b:8e:28:0d:a6:8a:b4: f4:41:36:65:1b:67:14:ee:37:d3:6e:c0:13:a7:22:ad:5f:0c: 16:80:b2:ea:03:11:56:8e:e2:d7:24:73:83:fe:70:08:e8:49: 51:af:b1:ab:e8:90:36:4a:6d:10:df:7c:7e:8c:7a:69:07:cb: 34:67:4a:ac:ac:6a:9b:9c:30:5f:69:5a:1f:7f:33:7f:7e:14: 54:44:48:74:04:c9:0a:ce:5c:50:06:2d:c3:50:28:eb:6e:b1: a6:77:22:4c:d5:9e:7b:59:7a:5b:bd:30:0f:d4:a8:7d:b3:5f: b9:d0:6c:0e:55:1f:a1:56:6c:a7:e6:69:e9:3b:bc:3f:35:1a: 76:88:15:7a:26:27:f4:bf:fe:90:55:b7:d4:9d:c9:9b:fc:63: 00:dc:98:14:9a:a6:88:39:a2:44:a2:b7:5b:63:20:24:8c:be: fe:8d:5e:31:a4:86:c9:05:fa:bf:d9:43:c0:bf:3e:95:ca:a8: 12:5d:9b:1b:9e:25:f9:3d:e3:cb:3a:9f:9d:3f:c4:b6:3f:86: 07:17:e8:62:40:b3:6c:2c:ad:bd:ad:30:d2:48:ff:ac:a3:9e: 44:89:11:14 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIUZTk87rXmrBQHk+0pQrJGioFz8Q0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMw NzM0QUFCODAeFw0yNjAzMDEyMDU4MzJaFw0yNjAzMDIyMzU3MzJaMDMxMTAvBgNV BAMTKEZGN0U2NjVDQjY4RDIyMzg3NEFCQTcyM0ExQzRCMkM2NkY1NURDM0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCePccQb6PyskicSN/fpr9a73py DEm0z6Spqaro6PguwOvKWi5xJ4MgMTajNTi8/dgXtx6AFVPZZ1Hwf4AACAfcCCKL U+6J68uyEIQPReOuZwwsU9DzWrZOgzKECDs3wGhXkMZ1SJBrXmHZeKKGJD4jYlcf 8vYhE2dbEH6HnL5fajYyxm7sqfwSzv8aF7U9LvcAQs7vEsWbrXy6AwVsnKkfYEa4 RUU3XEXwUt9jQ75nYN0DyUSr0O09+Rqp+jh/ZaYC8oPfi5wGkcIgBR1/i5JK6sDl wvWX3OG8TSa7BYP0W3PqcWQnqfu3clOSOT5xZgApCIJ1qaYPxiBk36Xww0J3AgMB AAGjggJ3MIICczAdBgNVHQ4EFgQU/35mXLaNIjh0q6cjocSyxm9V3D4wHwYDVR0j BBgwFoAUUhUlhWy7ptnSJUIhwoDckwc0qrgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1 Y2U3LzQvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0QUFCOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0 QUFCOC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWNhM2NhNi0z NGNjLTQ3NzItYmFjMC1hMzVkZDAxOTVjZTcvNC81MjE1MjU4NTZDQkJBNkQ5RDIy NTQyMjFDMjgwREM5MzA3MzRBQUI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYjItiorrfLgwKrSTiQXV z6MnHzTz4BjteapaRChbjigNpoq09EE2ZRtnFO43027AE6cirV8MFoCy6gMRVo7i 1yRzg/5wCOhJUa+xq+iQNkptEN98fox6aQfLNGdKrKxqm5wwX2laH38zf34UVERI dATJCs5cUAYtw1Ao626xpnciTNWee1l6W70wD9SofbNfudBsDlUfoVZsp+Zp6Tu8 PzUadogVeiYn9L/+kFW31J3Jm/xjANyYFJqmiDmiRKK3W2MgJIy+/o1eMaSGyQX6 v9lDwL8+lcqoEl2bG54l+T3jyzqfnT/Etj+GBxfoYkCzbCytva0w0kj/rKOeRIkR FA== -----END CERTIFICATE-----Generated at Mon Mar 2 07:42:11 2026 by rpki-client