$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft File: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft (raw, json) Hash identifier: IFdcX/2SZ32r+Mk4Srl8RmiDzbQBpLXLutEl83YuBfo= Subject key identifier: 72:90:FC:B1:E9:07:25:22:F3:42:FD:F8:A2:C0:25:28:39:99:F9:D8 Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Certificate serial: 53313B55985791D41115F0FC29E5C08128BF36A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft Manifest number: 014A Signing time: Wed 05 Nov 2025 04:47:20 +0000 Manifest this update: Wed 05 Nov 2025 04:42:20 +0000 Manifest next update: Thu 06 Nov 2025 06:31:20 +0000 Files and hashes: 1: 326130653a666434353a326535303a3a2f34382d3438203d3e20323135333730.roa (hash: S2x/glwBFQqLmSWyNwtm4qEtJyulbbnFBue99o2JPS8=) 2: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (hash: AiP13DNBwIkSFzdQdSir0FYGd4okcKOcyfxhs/nt0mM=) 3: 326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa (hash: OBdYMpDCrnydUqYR/9aR6OWDxV3xrASuK04QdHbbnp4=) 4: 326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa (hash: 9ztDCaU6aAMVKVrLFNLTSsl1A84X7CinJDw99b10Wgk=) 5: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (hash: fCahoT0DASmE4L0CnNku4FHnUTfBEMsJKaoRBnEvKJY=) 6: 326130653a666434353a326633303a3a2f34382d3438203d3e20323039333130.roa (hash: Ah9wB6P+J6/u6bq6IHZMWUCN9kLwcy3+ovMQjaM+Mjs=) 7: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl (hash: CqKS+lPOk4llu+9r6s/QnjAP8JuG0WHYdTdr7MXD2mg=) 8: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (hash: lpEMU1X1JLSHAOWUFG4frUPhBZsu7LhlBnijuGC43xs=) 9: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (hash: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 03:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:31:3b:55:98:57:91:d4:11:15:f0:fc:29:e5:c0:81:28:bf:36:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Validity Not Before: Nov 5 04:42:20 2025 GMT Not After : Nov 6 06:31:20 2025 GMT Subject: CN=7290FCB1E9072522F342FDF8A2C025283999F9D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:1e:3f:31:16:bf:b5:b0:34:a9:31:2b:0b:63: 0e:94:01:da:6a:49:8b:bf:24:43:71:44:5f:c3:ce: 57:c0:ef:f1:c0:49:91:87:d4:0c:fa:9e:cf:1d:2c: 2b:25:ca:cc:f0:23:57:c5:46:56:ed:a6:c3:10:42: ef:3a:4d:9c:27:34:a0:26:a8:1c:f2:f2:c9:67:50: cb:13:d8:88:0e:94:07:68:3f:7b:a6:76:aa:62:c1: 69:d9:87:22:63:73:d7:80:af:a8:5f:5f:b3:f8:14: 36:e8:57:ed:9f:a4:c4:c6:2b:26:73:c2:fd:11:08: 83:68:e3:16:0a:52:77:1e:88:5f:c3:21:72:6e:75: c8:f5:c0:aa:05:f2:70:53:25:a5:0a:a8:c4:b8:56: 76:a9:6e:e9:1b:a8:7e:18:88:bf:15:27:9a:90:e7: 57:ad:4e:ad:53:6b:97:cf:1a:2f:c6:1a:0f:06:5b: 47:d5:7b:0a:8b:25:b8:38:09:3b:84:e2:a4:56:5b: 44:0e:c2:11:19:e7:4a:40:c6:59:5c:fd:d1:82:45: 43:f3:fa:f7:ee:63:90:92:49:f3:c1:64:7b:a9:43: d9:c0:ca:3d:42:ba:f0:86:77:c5:0d:de:64:8f:c7: d3:b7:c5:d0:19:a7:a5:1e:ed:49:b1:f7:09:fc:37: f7:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:90:FC:B1:E9:07:25:22:F3:42:FD:F8:A2:C0:25:28:39:99:F9:D8 X509v3 Authority Key Identifier: keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:e9:50:87:05:61:e4:41:32:5d:3c:5e:ae:b7:87:03:e4:6c: 17:f7:36:ee:8e:6b:fc:d5:59:f7:fb:94:f2:69:f2:44:c3:17: 9d:e7:84:bc:c4:c4:2d:4e:12:da:a5:8f:b0:83:f1:26:2a:89: b9:d7:a0:1a:9c:e8:a0:2a:37:76:c6:ea:28:c1:e8:15:a9:05: 6b:b5:7c:99:a8:4b:6b:da:fc:eb:6d:c8:1b:67:ad:97:3b:c0: db:31:24:c4:6e:44:1c:27:90:b7:08:a8:a1:11:54:e6:b3:c4: b0:54:e3:ee:03:32:0f:7b:01:1d:72:d2:3e:2a:a0:68:e2:00: ef:14:9d:ce:dd:7a:23:6d:01:19:4a:8c:a4:62:da:c8:31:47: a3:fd:8c:90:29:31:35:22:b7:6b:b8:bd:85:f8:d9:d5:d6:06: d1:f3:ca:78:45:22:dd:5a:d9:13:e0:ea:6b:70:b8:8f:dc:80: d4:2a:40:7b:6b:21:86:a9:a2:e9:e4:1a:c2:72:20:f1:e8:1d: 17:fd:0a:41:a5:40:82:2f:6f:6d:31:8a:66:f2:8f:1b:6d:7f: 76:47:a1:3a:17:81:02:cf:fc:a2:db:e8:f1:ac:fc:a3:5b:4e: 7c:de:24:77:4e:c6:ed:9a:45:2f:e1:9a:a8:29:36:61:b1:d4: 6d:58:77:24 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUUzE7VZhXkdQRFfD8KeXAgSi/NqMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw OWVhMzk4NTAeFw0yNTExMDUwNDQyMjBaFw0yNTExMDYwNjMxMjBaMDMxMTAvBgNV BAMTKDcyOTBGQ0IxRTkwNzI1MjJGMzQyRkRGOEEyQzAyNTI4Mzk5OUY5RDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrHj8xFr+1sDSpMSsLYw6UAdpq SYu/JENxRF/DzlfA7/HASZGH1Az6ns8dLCslyszwI1fFRlbtpsMQQu86TZwnNKAm qBzy8slnUMsT2IgOlAdoP3umdqpiwWnZhyJjc9eAr6hfX7P4FDboV+2fpMTGKyZz wv0RCINo4xYKUnceiF/DIXJudcj1wKoF8nBTJaUKqMS4VnapbukbqH4YiL8VJ5qQ 51etTq1Ta5fPGi/GGg8GW0fVewqLJbg4CTuE4qRWW0QOwhEZ50pAxllc/dGCRUPz +vfuY5CSSfPBZHupQ9nAyj1CuvCGd8UN3mSPx9O3xdAZp6Ue7Umx9wn8N/dRAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUcpD8sekHJSLzQv34osAlKDmZ+dgwHwYDVR0j BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1 YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu cU9ZVS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZGZiMzBjYS1l MWMyLTQ5MjEtYjA1NC1kNGFmMDkxNjVhZjEvMC83RjIxNkY0OUEzQjlBODRBMEU4 NUU4MEEyQzQyODc0RjA5RUEzOTg1Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu+lQhwVh5EEyXTxerreH A+RsF/c27o5r/NVZ9/uU8mnyRMMXneeEvMTELU4S2qWPsIPxJiqJudegGpzooCo3 dsbqKMHoFakFa7V8mahLa9r8623IG2etlzvA2zEkxG5EHCeQtwiooRFU5rPEsFTj 7gMyD3sBHXLSPiqgaOIA7xSdzt16I20BGUqMpGLayDFHo/2MkCkxNSK3a7i9hfjZ 1dYG0fPKeEUi3VrZE+Dqa3C4j9yA1CpAe2shhqmi6eQawnIg8egdF/0KQaVAgi9v bTGKZvKPG21/dkehOheBAs/8otvo8az8o1tOfN4kd07G7ZpFL+GaqCk2YbHUbVh3 JA== -----END CERTIFICATE-----Generated at Wed Nov 5 11:46:08 2025 by rpki-client