$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft File: D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft (raw, json) Hash identifier: mDPUqIuWOPZ+zP6O8UsGzDYX3w8FwI9Zhkn2pGFPMeo= Subject key identifier: C7:B7:61:78:F9:20:9F:A4:C0:D9:C1:38:58:6C:DE:8C:E5:E6:E3:C0 Authority key identifier: D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD Certificate issuer: /CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead Certificate serial: 111132B26AEC1FC9E7F0168B572EF5DB16AEE38D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft Manifest number: 0557 Signing time: Sun 01 Mar 2026 10:17:35 +0000 Manifest this update: Sun 01 Mar 2026 10:12:35 +0000 Manifest next update: Mon 02 Mar 2026 10:32:35 +0000 Files and hashes: 1: 323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa (hash: WwIB1vpX/Ksy3lM5t4KklPIgz20phM5/z2U20FASusY=) 2: D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl (hash: VYCeCSNOG3Z0G9vvcltU6587oHmS72BGvWiRU4y0KIk=) 3: 323030313a3637383a313161303a3a2f34382d3438203d3e203531303139.roa (hash: WTZJrpZtSK56gi8FgUd2AbaB/s6bTUvq5ttS3fRGoxU=) 4: AS51019.asa (hash: Oaa1EvfqOHf6DhtSUIsxpjt+74z+nkVUgLI9NR9q+Vg=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 09:38:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:11:32:b2:6a:ec:1f:c9:e7:f0:16:8b:57:2e:f5:db:16:ae:e3:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead Validity Not Before: Mar 1 10:12:35 2026 GMT Not After : Mar 2 10:32:35 2026 GMT Subject: CN=C7B76178F9209FA4C0D9C138586CDE8CE5E6E3C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:41:90:6c:b1:a5:10:11:de:3f:b3:7f:91:9a: 35:80:a0:cd:f4:3a:75:ab:10:8d:ba:41:22:15:fa: c4:e2:84:22:bb:b3:02:2e:67:28:4c:97:34:f1:b4: 74:d2:a3:fd:2e:61:6f:73:13:2a:8f:14:11:56:6f: 28:d4:cd:a1:7a:e9:20:39:0c:b0:ba:55:7b:23:9a: 07:38:34:11:37:d6:bc:27:41:59:15:12:98:07:98: e9:f2:f9:23:db:ca:4f:cc:08:47:b5:e2:16:ee:a5: f4:5e:6c:40:b7:dc:b1:bc:58:ef:0f:c3:3c:bb:73: ff:9c:49:4d:99:32:22:6f:e1:ac:7f:ac:c7:c4:c2: 7d:04:b2:b7:a0:3f:98:8a:7c:fc:18:2d:62:8b:ea: 14:b1:35:7e:8d:d3:97:84:c4:7c:7e:7d:a0:33:cc: ff:ff:a6:bb:63:e4:be:60:5c:92:88:fa:1a:0c:b7: fa:47:df:2b:ba:b7:61:94:0f:44:2b:c3:18:40:62: 93:31:71:ef:29:3c:44:32:83:7f:ff:2a:99:3e:ea: ac:91:83:52:06:95:55:3f:5d:ff:ba:3e:a6:d0:2a: 3a:ed:2c:06:07:2d:75:bb:bd:5a:fc:40:6d:63:cf: fc:c3:78:45:d9:f6:57:cc:1e:f3:42:11:1d:d9:5c: 98:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B7:61:78:F9:20:9F:A4:C0:D9:C1:38:58:6C:DE:8C:E5:E6:E3:C0 X509v3 Authority Key Identifier: keyid:D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:83:06:87:24:fa:48:21:b8:49:a6:4b:0b:69:48:26:ad:dc: 7f:39:f3:a5:90:e9:86:c7:3c:96:fa:a9:57:c9:12:cc:54:04: d4:3d:bc:98:44:7a:c1:0d:6e:c2:c1:ad:c4:16:3f:5f:a0:a2: b5:aa:90:34:93:1b:87:ab:1d:2e:91:32:35:74:00:8e:cb:91: 04:93:36:c6:8b:bd:53:67:10:57:e2:d6:7f:16:f5:0b:cf:24: be:70:96:7f:31:c5:3a:5b:55:50:60:77:e9:2b:79:98:6d:3c: 82:10:0f:d4:d4:a0:8a:a8:02:c4:e7:6f:18:2e:87:c8:6b:88: d5:dc:d2:01:6e:55:ce:e7:45:7d:68:57:5e:5f:33:f5:9a:ac: 0c:b8:2f:8e:4a:65:49:53:ce:54:65:68:78:f8:b6:c7:1c:0f: 62:c3:16:bb:c1:c7:30:67:01:65:70:7f:eb:12:8b:51:47:f1: 82:13:14:ca:41:a0:b3:04:94:c3:cb:97:30:6c:30:2e:4e:db: ab:7f:4c:b6:fc:b3:78:ff:1c:e0:2c:31:5e:bc:3d:9c:b4:1d: 1c:8f:36:0a:cd:85:69:06:70:c3:70:44:cc:12:9f:ff:d7:a0: 87:eb:e8:c5:39:07:f7:99:39:58:67:0d:4c:1a:5e:0c:1d:09: 50:6d:20:21 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUEREysmrsH8nn8BaLVy712xau440wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZDJmZjA3OTMyYzNmNGMxYjM0NjVmZjRmMGQ5NjQ4NDcz M2UwMmVhZDAeFw0yNjAzMDExMDEyMzVaFw0yNjAzMDIxMDMyMzVaMDMxMTAvBgNV BAMTKEM3Qjc2MTc4RjkyMDlGQTRDMEQ5QzEzODU4NkNERThDRTVFNkUzQzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZQZBssaUQEd4/s3+RmjWAoM30 OnWrEI26QSIV+sTihCK7swIuZyhMlzTxtHTSo/0uYW9zEyqPFBFWbyjUzaF66SA5 DLC6VXsjmgc4NBE31rwnQVkVEpgHmOny+SPbyk/MCEe14hbupfRebEC33LG8WO8P wzy7c/+cSU2ZMiJv4ax/rMfEwn0EsregP5iKfPwYLWKL6hSxNX6N05eExHx+faAz zP//prtj5L5gXJKI+hoMt/pH3yu6t2GUD0QrwxhAYpMxce8pPEQyg3//Kpk+6qyR g1IGlVU/Xf+6PqbQKjrtLAYHLXW7vVr8QG1jz/zDeEXZ9lfMHvNCER3ZXJgDAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUx7dhePkgn6TA2cE4WGzejOXm48AwHwYDVR0j BBgwFoAU0v8Hkyw/TBs0Zf9PDZZIRzPgLq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzIvRDJGRjA3OTMyQzNGNEMxQjM0NjVGRjRGMEQ5NjQ4NDczM0UwMkVBRC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzB2OEhreXdfVEJzMFpmOVBEWlpJUnpQ Z0xxMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00 MTliLTRkYjUtYmJkMy01Y2NhNjMzY2FlM2YvMi9EMkZGMDc5MzJDM0Y0QzFCMzQ2 NUZGNEYwRDk2NDg0NzMzRTAyRUFELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh4MGhyT6SCG4SaZLC2lI Jq3cfznzpZDphsc8lvqpV8kSzFQE1D28mER6wQ1uwsGtxBY/X6CitaqQNJMbh6sd LpEyNXQAjsuRBJM2xou9U2cQV+LWfxb1C88kvnCWfzHFOltVUGB36St5mG08ghAP 1NSgiqgCxOdvGC6HyGuI1dzSAW5VzudFfWhXXl8z9ZqsDLgvjkplSVPOVGVoePi2 xxwPYsMWu8HHMGcBZXB/6xKLUUfxghMUykGgswSUw8uXMGwwLk7bq39MtvyzeP8c 4CwxXrw9nLQdHI82Cs2FaQZww3BEzBKf/9egh+voxTkH95k5WGcNTBpeDB0JUG0g IQ== -----END CERTIFICATE-----Generated at Sun Mar 1 18:16:09 2026 by rpki-client