$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft File: FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft (raw, json) Hash identifier: lu9yBDzlcWrSP+8CKjbsDuMdCeiXRi4unMca0XAGlec= Subject key identifier: 99:B9:49:38:62:F5:AA:F4:CF:FE:F5:D0:C6:61:4F:E3:E1:F7:C9:62 Authority key identifier: FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07 Certificate issuer: /CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907 Certificate serial: 3B7D47A9198A040B6ECEA353B04DE499CEF51DCE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft Manifest number: 21 Signing time: Thu 16 Apr 2026 23:24:00 +0000 Manifest this update: Thu 16 Apr 2026 23:19:00 +0000 Manifest next update: Sat 18 Apr 2026 03:13:00 +0000 Files and hashes: 1: 3138352e3230302e3230392e302f32342d3234203d3e203136353039.roa (hash: CuXfjWH6sNSmDX0CVenmxSFqV6xo/B4MPUYw4r8/ALk=) 2: FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl (hash: qz4HauMSoqxcAClZuLd0uoP+vdPAyN56peQHtCh2s6A=) 3: 3138352e3230302e3231312e302f32342d3234203d3e203136353039.roa (hash: gHl9NlfVjA+KTXiLSEpXJhNXImzXFqsKFvp5vKD6g+c=) 4: 3138352e3230302e3231302e302f32342d3234203d3e203137353631.roa (hash: G6lIA/eIW9SxYnXkDwa8m2NW9IQOTL6PtYyIcf8oEII=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 22:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:7d:47:a9:19:8a:04:0b:6e:ce:a3:53:b0:4d:e4:99:ce:f5:1d:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907 Validity Not Before: Apr 16 23:19:00 2026 GMT Not After : Apr 18 03:13:00 2026 GMT Subject: CN=99B9493862F5AAF4CFFEF5D0C6614FE3E1F7C962 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:77:9c:2a:79:06:ae:3e:b9:20:b2:00:a4:8b: cb:01:92:bd:a5:f1:c1:88:1f:08:b5:20:f4:97:b5: 5f:4d:ac:88:6c:db:fd:ed:01:95:ee:7b:7f:1b:36: d5:f3:d1:d9:a2:2c:a4:e8:08:b5:be:2d:3c:96:0f: 35:a2:9e:d2:26:2c:e9:63:b5:d5:28:b5:9b:54:f5: 7d:39:01:85:6e:a0:c0:31:ac:b9:44:fa:1d:b9:35: 12:f5:7c:e6:fd:81:dd:8b:07:9d:82:f1:2b:49:4c: c2:d8:50:9a:38:7e:0f:4f:8a:94:f1:88:65:16:66: b3:ec:a9:e9:14:a4:65:67:b0:b0:0c:32:19:2e:1c: b8:ea:c3:8b:80:aa:24:01:cf:6e:f5:6c:5f:3d:77: c7:df:03:c8:a7:b0:5f:4c:36:d0:ab:8c:59:d0:19: 02:fd:01:43:4d:b3:26:c5:6f:19:56:c5:c0:10:d7: b1:e7:5b:b1:d9:61:4d:f1:eb:b9:64:1c:0d:1b:7b: 39:bb:00:a9:10:97:e9:48:d5:b5:1e:a4:1c:b2:f1: fb:a2:82:a4:7a:83:dc:ce:db:b2:65:b3:13:e9:97: 5f:39:58:58:07:4c:bd:be:d1:21:e6:cb:90:e2:dc: f9:ed:79:2c:d6:22:3d:76:f5:07:3c:20:83:5e:4b: d1:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:B9:49:38:62:F5:AA:F4:CF:FE:F5:D0:C6:61:4F:E3:E1:F7:C9:62 X509v3 Authority Key Identifier: keyid:FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:55:a6:78:07:b4:14:b3:7b:90:42:58:4b:5d:d3:e0:ca:98: b3:7d:b4:c1:75:e2:12:8c:cc:57:87:fd:29:c3:77:b9:ce:37: 62:ca:d4:39:11:8b:4b:38:ab:f9:98:be:48:6f:08:25:cc:a6: b8:9f:57:d6:61:db:05:01:2f:0e:c4:d3:3a:3e:a7:fe:36:3c: 21:88:15:ed:d0:27:fd:54:53:5e:11:a2:0d:b4:d4:c8:54:4c: 11:d1:94:82:d3:58:7f:78:1e:88:7c:ad:dc:75:49:a4:d0:73: a6:a2:52:f4:1d:cf:06:14:29:4b:17:28:5b:77:18:fa:a5:3e: e1:22:3e:03:ec:83:cc:70:93:b0:d8:de:e5:b9:e9:06:d7:f7: 4a:90:db:6a:a7:9a:06:2b:6e:57:23:a3:46:8d:f8:47:29:65: b2:25:21:94:b3:c2:28:2a:89:0f:e2:cf:98:04:2a:ec:88:52: bd:98:2f:3d:c2:01:e1:1c:08:bd:0d:a5:ac:7c:a5:7a:0c:8d: 59:e2:6a:d7:6d:f2:59:af:2d:e7:31:52:84:82:dc:25:5b:8e: bb:a3:a1:13:86:5e:6a:ee:1f:5d:8c:57:82:d6:03:77:54:c0: 06:4b:28:92:a5:35:ea:f3:f6:e7:37:ac:5b:59:b7:8d:a3:82: 9d:7c:37:7a -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUO31HqRmKBAtuzqNTsE3kmc71Hc4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZmRkZWU5MDhhOWFkMmRmYmUzMmZmMzViNDAyYTVhYjIx OThkYzkwNzAeFw0yNjA0MTYyMzE5MDBaFw0yNjA0MTgwMzEzMDBaMDMxMTAvBgNV BAMTKDk5Qjk0OTM4NjJGNUFBRjRDRkZFRjVEMEM2NjE0RkUzRTFGN0M5NjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdd5wqeQauPrkgsgCki8sBkr2l 8cGIHwi1IPSXtV9NrIhs2/3tAZXue38bNtXz0dmiLKToCLW+LTyWDzWintImLOlj tdUotZtU9X05AYVuoMAxrLlE+h25NRL1fOb9gd2LB52C8StJTMLYUJo4fg9PipTx iGUWZrPsqekUpGVnsLAMMhkuHLjqw4uAqiQBz271bF89d8ffA8insF9MNtCrjFnQ GQL9AUNNsybFbxlWxcAQ17HnW7HZYU3x67lkHA0bezm7AKkQl+lI1bUepByy8fui gqR6g9zO27JlsxPpl185WFgHTL2+0SHmy5Di3PnteSzWIj129Qc8IINeS9GdAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUmblJOGL1qvTP/vXQxmFP4+H3yWIwHwYDVR0j BBgwFoAU/d7pCKmtLfvjL/NbQCpashmNyQcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1 NmI2LzMvRkRERUU5MDhBOUFEMkRGQkUzMkZGMzVCNDAyQTVBQjIxOThEQzkwNy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL19kN3BDS210TGZ2akxfTmJRQ3Bhc2ht TnlRYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9iZTQxNzA0Zi03 ODE1LTRmMmMtYTUwMy01OGFlMDhlNTU2YjYvMy9GRERFRTkwOEE5QUQyREZCRTMy RkYzNUI0MDJBNUFCMjE5OERDOTA3Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclWmeAe0FLN7kEJYS13T 4MqYs320wXXiEozMV4f9KcN3uc43YsrUORGLSzir+Zi+SG8IJcymuJ9X1mHbBQEv DsTTOj6n/jY8IYgV7dAn/VRTXhGiDbTUyFRMEdGUgtNYf3geiHyt3HVJpNBzpqJS 9B3PBhQpSxcoW3cY+qU+4SI+A+yDzHCTsNje5bnpBtf3SpDbaqeaBituVyOjRo34 RyllsiUhlLPCKCqJD+LPmAQq7IhSvZgvPcIB4RwIvQ2lrHylegyNWeJq123yWa8t 5zFShILcJVuOu6OhE4Zeau4fXYxXgtYDd1TABksokqU16vP25zesW1m3jaOCnXw3 eg== -----END CERTIFICATE-----Generated at Fri Apr 17 04:35:29 2026 by rpki-client