$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft File: 8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft (raw, json) Hash identifier: szgYcgSHT9pRKBG3dDiXQS/1Qw5tsExXB1RsmCZncvw= Subject key identifier: 70:E6:A1:5D:5F:FB:21:F8:F2:94:07:E5:02:42:46:13:E8:39:EE:95 Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b Certificate serial: 790CE00060CA4D5F7FFCE75D87E7C73455AB4001 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft Manifest number: 02F0 Signing time: Tue 04 Nov 2025 12:57:06 +0000 Manifest this update: Tue 04 Nov 2025 12:52:06 +0000 Manifest next update: Wed 05 Nov 2025 13:59:06 +0000 Files and hashes: 1: 39312e3139302e3135372e302f32342d3234203d3e20323130383330.roa (hash: uxCs+vRLf89Iqe2Vg3VmQVaqgZcbd6t3ZZRDH3hDvaY=) 2: 3138352e3234302e3130342e302f32342d3234203d3e20323130353338.roa (hash: T9Q1VqRTWLWUsHiQ8nGpX/B35ktvbCl8rYqsuD5dV38=) 3: 3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa (hash: 1BInd1OedKcqXcFEvGswCnCL2u3VREZrv7xXz/oRjOg=) 4: 3231322e3130332e34352e302f32342d3234203d3e2038303735.roa (hash: /wobizd/N69i3RHzZlBg6v322Hg73ZMnV8Mlgts8jew=) 5: 34352e39352e38302e302f32342d3234203d3e203136323736.roa (hash: bUthEn8RkWDu+mbCn/i7I4QSRIrVa3Lzm/HSvFXUnxA=) 6: 34352e39352e38312e302f32342d3234203d3e20383334.roa (hash: CfCdj5k+Lj5zHQCoFXqC9dWCvLUmgOEX9Bq56Zw8pDc=) 7: 3231322e3130332e34362e302f32332d3234203d3e20383334.roa (hash: KXdSlEyWgzgk/M6Mp4m4zNoDfJwL8UmNysyOArD47tw=) 8: 3138352e3234302e3130352e302f32342d3234203d3e203431353634.roa (hash: TlWGN33+lROz/SyNNq5fptfqzBonbreTLNbM3qDOA4Q=) 9: 3231322e3130332e34342e302f32342d3234203d3e20323133393138.roa (hash: qGJQiTgIvP4Ve1lRuA50bfURyANdu4X5JKcPosVvvQA=) 10: 3231322e3130332e34342e302f32342d3234203d3e20323131343834.roa (hash: JBx8ym7JHWLmUGZKmy6bIQw3WR5rhPzAi99IbVvWGag=) 11: 3138352e3234302e3130372e302f32342d3234203d3e203230343733.roa (hash: JMPMOpLF1bcIvbG82aj+pie4xIbRE8z3aJEr+Ha5GDQ=) 12: 8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl (hash: keSJiSQa8JIOYyfW1I5r0tAHk579ON6z+kGku5SXl6M=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 09:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:0c:e0:00:60:ca:4d:5f:7f:fc:e7:5d:87:e7:c7:34:55:ab:40:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b Validity Not Before: Nov 4 12:52:06 2025 GMT Not After : Nov 5 13:59:06 2025 GMT Subject: CN=70E6A15D5FFB21F8F29407E502424613E839EE95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bd:c8:9b:a5:f9:14:1f:9e:7f:fc:a7:32:8b: 6a:1f:31:ac:56:a0:af:28:33:9a:be:93:cc:f7:b1: 8c:67:9b:bb:60:2b:9c:9a:ed:3a:b5:d6:0e:21:fe: 06:b0:33:56:58:eb:a2:e7:07:00:8a:af:2a:07:4c: 9e:a7:fc:be:08:b0:f8:4e:21:9d:c1:c6:39:40:ca: ac:ab:8c:d7:0f:c2:27:70:05:7c:2d:4f:b0:18:51: 62:7d:5a:b1:c9:3e:a0:20:21:ec:6b:f8:8e:38:0a: a8:db:5a:56:d8:a3:4a:c4:51:27:1b:2c:9b:71:37: e6:27:58:cd:c1:db:28:a8:31:4b:a7:6a:8b:22:e9: 19:12:04:b7:a5:82:1d:d9:e8:33:9a:c5:48:d4:d4: 1c:0c:58:05:3b:11:35:cc:94:25:9d:1b:45:41:00: 5b:82:6d:8c:22:1c:1f:74:a1:cd:2f:0d:35:77:4f: 02:b7:2b:60:de:b6:c5:fb:86:ea:80:cc:43:fd:a6: 24:b6:d9:1d:13:b9:7c:4d:5c:b7:3e:46:08:a0:25: 06:81:7b:78:7f:39:ff:06:b4:28:c5:f8:81:9d:cb: 65:c9:9f:fd:51:02:64:cb:7a:f1:53:e3:34:f9:4b: 4b:76:c5:92:b6:82:8e:3c:e0:c3:2f:44:a4:a2:2e: 2f:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:E6:A1:5D:5F:FB:21:F8:F2:94:07:E5:02:42:46:13:E8:39:EE:95 X509v3 Authority Key Identifier: keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:91:38:45:80:b4:df:42:6e:52:5b:98:61:2f:0d:c0:8a:e5: 08:0f:a7:0c:be:74:72:aa:ac:05:ad:8a:83:fe:8d:dc:22:30: 81:c2:ed:41:52:23:64:f3:b8:9f:62:21:44:5e:a1:64:f9:5a: b6:00:52:44:e6:e9:b3:cd:01:fb:cf:7c:0e:c4:28:ff:52:45: e0:1b:46:a0:fc:39:6c:14:3e:82:65:27:a7:aa:5f:3d:76:e8: 8c:51:43:bd:b6:81:19:f2:10:8a:e7:8c:8f:90:14:aa:cd:bb: 10:84:2f:87:8d:dc:35:64:7c:73:9e:3f:90:a1:6d:5e:31:d9: a4:9f:93:12:b0:d8:1d:8c:67:08:a5:17:1c:3b:6c:7d:c4:54: e1:bc:17:6b:11:b7:87:46:38:fa:55:e5:13:55:16:83:a2:ec: ab:2a:8d:8b:03:ec:c1:57:f6:2a:1d:8f:9d:c9:1f:af:ce:e7: 96:cd:a9:5f:18:4b:71:3a:6d:d8:b9:20:7b:39:2f:89:97:02: 6e:b7:52:38:0d:ea:b6:e6:70:43:05:3c:e4:02:83:60:ef:36: ce:b9:b0:5c:2d:fd:0a:99:ba:10:30:22:6a:af:34:6b:b6:05: 65:3b:5a:b1:ca:2c:54:95:13:b1:36:bd:47:f2:1f:f7:4c:c3: 95:8d:b2:74 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUeQzgAGDKTV9//Oddh+fHNFWrQAEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj ZTIzYWQ4YjAeFw0yNTExMDQxMjUyMDZaFw0yNTExMDUxMzU5MDZaMDMxMTAvBgNV BAMTKDcwRTZBMTVENUZGQjIxRjhGMjk0MDdFNTAyNDI0NjEzRTgzOUVFOTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWvcibpfkUH55//Kcyi2ofMaxW oK8oM5q+k8z3sYxnm7tgK5ya7Tq11g4h/gawM1ZY66LnBwCKryoHTJ6n/L4IsPhO IZ3BxjlAyqyrjNcPwidwBXwtT7AYUWJ9WrHJPqAgIexr+I44CqjbWlbYo0rEUScb LJtxN+YnWM3B2yioMUunaosi6RkSBLelgh3Z6DOaxUjU1BwMWAU7ETXMlCWdG0VB AFuCbYwiHB90oc0vDTV3TwK3K2DetsX7huqAzEP9piS22R0TuXxNXLc+RgigJQaB e3h/Of8GtCjF+IGdy2XJn/1RAmTLevFT4zT5S0t2xZK2go484MMvRKSiLi8/AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUcOahXV/7IfjylAflAkJGE+g57pUwHwYDVR0j BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0 anJZcy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84YmZkNjg4Mi1k NmIzLTRhYTgtYmMwYS03MTFkNjhiZDE5OGIvMC84QzEyQjQyNzM4MzJCNDE1NkZF MDA5MkY2QUU3RTVCM0NFMjNBRDhCLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo5E4RYC030JuUluYYS8N wIrlCA+nDL50cqqsBa2Kg/6N3CIwgcLtQVIjZPO4n2IhRF6hZPlatgBSRObps80B +898DsQo/1JF4BtGoPw5bBQ+gmUnp6pfPXbojFFDvbaBGfIQiueMj5AUqs27EIQv h43cNWR8c54/kKFtXjHZpJ+TErDYHYxnCKUXHDtsfcRU4bwXaxG3h0Y4+lXlE1UW g6LsqyqNiwPswVf2Kh2Pnckfr87nls2pXxhLcTpt2LkgezkviZcCbrdSOA3qtuZw QwU85AKDYO82zrmwXC39Cpm6EDAiaq80a7YFZTtascosVJUTsTa9R/If90zDlY2y dA== -----END CERTIFICATE-----Generated at Tue Nov 4 16:45:20 2025 by rpki-client