$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft File: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft (raw, json) Hash identifier: b2CbNmIovnYzJMRBgwwODkUSE6sAB1cgDE1JdfP9efA= Subject key identifier: 95:2E:7D:2D:B2:D6:62:B6:B9:76:C0:2B:B3:3E:56:2B:D5:C4:DC:83 Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Certificate serial: 34B0E83F0A526BCDBE3B8D1DDCD6B6F1EFA4FD75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft Manifest number: D1 Signing time: Fri 08 Aug 2025 04:55:18 +0000 Manifest this update: Fri 08 Aug 2025 04:50:18 +0000 Manifest next update: Sat 09 Aug 2025 06:27:18 +0000 Files and hashes: 1: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (hash: fCahoT0DASmE4L0CnNku4FHnUTfBEMsJKaoRBnEvKJY=) 2: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (hash: lpEMU1X1JLSHAOWUFG4frUPhBZsu7LhlBnijuGC43xs=) 3: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (hash: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=) 4: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl (hash: 0fP/cvba/D9h31I8b49uiB5o0BJnPJmnqLRu+6PSuvw=) 5: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (hash: AiP13DNBwIkSFzdQdSir0FYGd4okcKOcyfxhs/nt0mM=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 09 Aug 2025 06:27:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:b0:e8:3f:0a:52:6b:cd:be:3b:8d:1d:dc:d6:b6:f1:ef:a4:fd:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Validity Not Before: Aug 8 04:50:18 2025 GMT Not After : Aug 9 06:27:18 2025 GMT Subject: CN=952E7D2DB2D662B6B976C02BB33E562BD5C4DC83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:a4:12:51:a6:91:9d:33:61:f4:4e:b0:4c:be: 3c:e1:46:56:39:08:43:dc:df:57:84:4e:22:02:62: bc:29:db:87:d4:d5:f6:83:8b:17:49:48:ec:cf:60: b6:46:a9:5f:f9:ff:f8:6c:c6:f3:82:20:07:52:64: d3:8a:d7:36:51:8f:eb:47:0a:f1:f7:ca:03:4a:da: a2:f6:15:5e:69:02:b0:53:ff:8d:5a:6b:e0:12:4c: ea:bd:e0:83:24:75:36:12:26:39:05:34:fc:67:ee: d8:6e:de:74:72:bf:1c:8f:d2:f0:7f:89:9a:34:18: 06:7a:c2:6f:a0:88:51:0e:f7:79:5b:1b:80:e3:56: ae:6d:6c:00:ca:46:7b:60:db:e9:46:f2:2a:4d:94: ae:f5:fd:61:cf:99:df:34:9f:60:f6:87:b7:2c:5b: 69:3b:86:96:ab:25:74:a4:39:35:1c:c6:bf:9c:dc: 02:5f:d4:0f:70:f5:79:41:ed:45:0a:32:f4:3d:73: 06:fb:c8:f1:2b:6f:5f:ca:20:5e:fb:79:95:e8:33: 42:79:cc:a9:25:f8:bb:3f:9f:c8:f7:b3:35:82:7c: da:a9:31:63:05:3e:1d:6a:ea:23:5d:36:40:50:02: 2e:f8:50:e6:03:a6:75:8d:c4:e6:d5:af:31:fb:86: d9:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:2E:7D:2D:B2:D6:62:B6:B9:76:C0:2B:B3:3E:56:2B:D5:C4:DC:83 X509v3 Authority Key Identifier: keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:af:25:10:13:d1:80:9c:cf:66:38:f3:46:1b:16:6d:9d:91: 1c:61:a9:b0:0b:5f:20:86:ba:c5:55:0d:19:f5:2c:43:3c:4a: ff:4f:ed:85:12:42:69:0e:e2:e2:d6:9c:46:51:e2:81:3a:ff: 94:88:4c:ec:80:cd:b5:0a:20:76:07:6a:5d:d8:ab:ca:14:70: 1c:a9:11:d9:90:51:09:ea:1d:86:b8:0d:7b:dd:71:f3:8b:ed: f9:6f:10:61:cf:d6:60:30:38:ac:7d:b4:98:68:66:dd:64:6d: e8:4c:a8:32:30:4f:2a:63:c9:7b:5e:cf:e7:b4:35:4d:62:01: 60:a8:3c:7a:e3:93:46:36:ca:27:f9:50:10:0e:60:71:2b:78: 23:35:35:ab:66:6b:72:fd:b4:b0:44:78:42:57:6c:f0:fd:8c: a2:01:53:b5:22:42:da:65:ee:c8:c2:aa:86:3a:f6:69:7a:3e: f9:68:24:65:e6:e6:48:f0:db:18:04:bb:f8:9e:48:28:ee:5f: 9a:46:40:75:0e:48:ec:43:22:69:be:6f:1a:ef:ca:35:c4:c1: f8:55:5f:4c:30:ec:6d:a2:27:17:19:79:43:6f:e6:3f:29:64: 06:78:4d:3a:b0:2f:26:63:7b:2f:69:a8:23:a3:f1:9b:87:aa: 44:20:9f:a5 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUNLDoPwpSa82+O40d3Na28e+k/XUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw OWVhMzk4NTAeFw0yNTA4MDgwNDUwMThaFw0yNTA4MDkwNjI3MThaMDMxMTAvBgNV BAMTKDk1MkU3RDJEQjJENjYyQjZCOTc2QzAyQkIzM0U1NjJCRDVDNERDODMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDapBJRppGdM2H0TrBMvjzhRlY5 CEPc31eETiICYrwp24fU1faDixdJSOzPYLZGqV/5//hsxvOCIAdSZNOK1zZRj+tH CvH3ygNK2qL2FV5pArBT/41aa+ASTOq94IMkdTYSJjkFNPxn7thu3nRyvxyP0vB/ iZo0GAZ6wm+giFEO93lbG4DjVq5tbADKRntg2+lG8ipNlK71/WHPmd80n2D2h7cs W2k7hparJXSkOTUcxr+c3AJf1A9w9XlB7UUKMvQ9cwb7yPErb1/KIF77eZXoM0J5 zKkl+Ls/n8j3szWCfNqpMWMFPh1q6iNdNkBQAi74UOYDpnWNxObVrzH7htlhAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUlS59LbLWYra5dsArsz5WK9XE3IMwHwYDVR0j BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1 YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu cU9ZVS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZGZiMzBjYS1l MWMyLTQ5MjEtYjA1NC1kNGFmMDkxNjVhZjEvMC83RjIxNkY0OUEzQjlBODRBMEU4 NUU4MEEyQzQyODc0RjA5RUEzOTg1Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVK8lEBPRgJzPZjjzRhsW bZ2RHGGpsAtfIIa6xVUNGfUsQzxK/0/thRJCaQ7i4tacRlHigTr/lIhM7IDNtQog dgdqXdiryhRwHKkR2ZBRCeodhrgNe91x84vt+W8QYc/WYDA4rH20mGhm3WRt6Eyo MjBPKmPJe17P57Q1TWIBYKg8euOTRjbKJ/lQEA5gcSt4IzU1q2Zrcv20sER4Qlds 8P2MogFTtSJC2mXuyMKqhjr2aXo++WgkZebmSPDbGAS7+J5IKO5fmkZAdQ5I7EMi ab5vGu/KNcTB+FVfTDDsbaInFxl5Q2/mPylkBnhNOrAvJmN7L2moI6Pxm4eqRCCf pQ== -----END CERTIFICATE-----Generated at Fri Aug 8 13:08:28 2025 by rpki-client