$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft File: 5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft (raw, json) Hash identifier: Kx0zr3hjA2bSH3skyum6lX8EjnHALgau4JfFPtGCkYg= Subject key identifier: 49:D4:2F:A9:B8:2D:A9:B2:53:A3:7F:33:D1:5F:13:B4:83:0D:17:1E Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe Certificate serial: 308912B61CF9F124D6251F5A36C8722EAE34D0D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft Manifest number: 0609 Signing time: Sat 18 Apr 2026 17:54:54 +0000 Manifest this update: Sat 18 Apr 2026 17:49:54 +0000 Manifest next update: Sun 19 Apr 2026 19:22:54 +0000 Files and hashes: 1: 34352e38312e35392e302f32342d3234203d3e20323131343339.roa (hash: PzQrEpsLL9icV7+wAMJ22TsUek+9+7dTOPFgPD6vtOM=) 2: 34352e38312e35382e302f32342d3234203d3e203133333335.roa (hash: q1odFkTeiB/pBEbWg5JpQkAxpmrH9S0QmR2/CtllItc=) 3: 34352e38312e35382e302f32342d3234203d3e20323039323432.roa (hash: UKvcqUxUrgd2F0qduNt/9nJuPUaDtCItgdXC0fI9BhQ=) 4: 5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl (hash: iyo7B0c9uXpwXhKxW2ccuZcbLGHwTPHTlFdfH3fHecQ=) 5: 326130393a643634303a3a2f32392d3239203d3e20313938333435.roa (hash: 2ZJoizA2XrGcopsLwhs8oaMaqFtkP0G9iClmvxEJgnM=) 6: 34352e38312e35372e302f32342d3234203d3e203631333137.roa (hash: wLY+uAAZaapza9rnm+rvcKy/RGqb5OINBZoQF5pW50I=) 7: 34352e38312e35392e302f32342d3234203d3e20323132333834.roa (hash: Z55LDvJNhjuOlIMhPU51UoeT0VK3qlu4pE/EHJdIaDE=) 8: 34352e38312e35362e302f32342d3234203d3e20383334.roa (hash: RvBwqpsMFaC4kQ3VLDNfZDDqspDe1yGNu+5Eo3ESLBg=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 19 Apr 2026 19:22:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:89:12:b6:1c:f9:f1:24:d6:25:1f:5a:36:c8:72:2e:ae:34:d0:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe Validity Not Before: Apr 18 17:49:54 2026 GMT Not After : Apr 19 19:22:54 2026 GMT Subject: CN=49D42FA9B82DA9B253A37F33D15F13B4830D171E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b6:86:6f:49:f3:cf:34:d8:44:86:0b:eb:66: b9:85:e3:1e:bf:a8:83:82:fa:e3:a9:61:59:f3:fc: 34:fd:23:54:aa:0d:3e:d2:cb:56:2d:c6:11:80:26: 00:b6:7a:43:06:20:ad:1a:00:57:48:8f:36:31:a2: 14:bf:dd:f1:d1:2a:45:8d:0f:86:b9:7d:dc:a1:1b: 2a:b8:af:f5:56:b2:e8:6a:02:e8:ae:b6:b9:97:57: ac:80:de:48:d4:d8:99:9d:16:1b:c7:b2:6f:de:c5: 01:e6:e0:ac:ab:d9:b2:87:72:ff:24:d3:6a:9a:55: 80:22:0a:c2:a4:fe:39:c8:a4:96:fb:71:0e:2c:46: 7e:13:c1:75:67:32:06:de:27:9e:f1:9d:bf:da:63: f9:49:cd:5e:80:33:a9:0d:37:91:f8:50:2a:69:8f: 3d:72:08:5a:d5:b9:0f:f8:34:69:df:ae:0e:36:5d: 33:29:b5:ba:f5:31:13:7f:7e:28:c6:2e:21:9b:fe: 00:15:fe:5f:80:82:82:eb:d4:01:84:15:04:a8:41: be:d0:77:ba:be:74:3a:4f:8f:28:67:0e:9d:8f:67: 45:35:96:aa:48:76:52:1e:12:b6:71:9c:e4:61:9d: 6a:f0:3f:c8:34:69:07:1b:bc:75:00:2e:46:41:dd: 6f:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:D4:2F:A9:B8:2D:A9:B2:53:A3:7F:33:D1:5F:13:B4:83:0D:17:1E X509v3 Authority Key Identifier: keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:8e:19:48:be:4e:98:ae:18:b8:8b:3a:5e:ed:4c:ba:51:65: b7:4e:60:2c:58:fc:a7:57:f2:b5:2e:d7:f3:f0:39:63:b8:f0: 82:cf:1f:eb:d8:19:dc:94:e8:a8:fb:78:33:a5:97:62:e1:d4: 47:8e:57:b4:54:ad:67:ce:1b:22:10:83:75:67:3a:cf:1b:70: 58:0c:ac:25:d9:dd:67:87:ce:22:c6:fb:42:9d:28:9d:d5:81: 7e:f1:67:b1:2e:15:d9:ab:70:6b:d1:2b:86:61:a1:88:75:59: 81:7c:90:5b:9c:11:70:52:96:dd:6c:51:de:62:10:36:a8:99: a0:f8:dc:88:88:50:2f:eb:90:67:af:b2:af:34:57:9e:32:48: eb:d8:2e:34:6e:57:53:60:0e:94:da:f0:78:97:fa:ef:9d:a7: d2:b8:03:5f:57:a2:43:d0:af:04:9f:73:15:02:86:11:1d:c6: 1f:55:1d:e0:4e:ab:9a:89:39:2d:a1:ef:10:ab:bd:bd:c3:05: fa:da:9b:86:59:fa:c9:0b:89:c1:a7:95:29:e0:b4:15:f2:f8: 88:08:0a:e0:19:b7:91:5b:cd:5a:49:67:46:05:e9:52:37:d4: 31:02:68:98:8d:3f:5f:bb:dd:6a:55:d1:aa:57:c4:61:0c:12: 59:18:28:83 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUMIkSthz58STWJR9aNshyLq400NUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy ZTkwZGRmZTAeFw0yNjA0MTgxNzQ5NTRaFw0yNjA0MTkxOTIyNTRaMDMxMTAvBgNV BAMTKDQ5RDQyRkE5QjgyREE5QjI1M0EzN0YzM0QxNUYxM0I0ODMwRDE3MUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKtoZvSfPPNNhEhgvrZrmF4x6/ qIOC+uOpYVnz/DT9I1SqDT7Sy1YtxhGAJgC2ekMGIK0aAFdIjzYxohS/3fHRKkWN D4a5fdyhGyq4r/VWsuhqAuiutrmXV6yA3kjU2JmdFhvHsm/exQHm4Kyr2bKHcv8k 02qaVYAiCsKk/jnIpJb7cQ4sRn4TwXVnMgbeJ57xnb/aY/lJzV6AM6kNN5H4UCpp jz1yCFrVuQ/4NGnfrg42XTMptbr1MRN/fijGLiGb/gAV/l+AgoLr1AGEFQSoQb7Q d7q+dDpPjyhnDp2PZ0U1lqpIdlIeErZxnORhnWrwP8g0aQcbvHUALkZB3W8tAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUSdQvqbgtqbJTo38z0V8TtIMNFx4wHwYDVR0j BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2 UTNmNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9iZjI0NTY3Yi03 YTc0LTRjMWYtYWE4NS1kZDI0YWY3M2NjYmIvMC81REEzMjE1QUJGQTQ2MjFENTc3 MDlGODM4QTkyODAxRjJFOTBEREZFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhI4ZSL5OmK4YuIs6Xu1M ulFlt05gLFj8p1fytS7X8/A5Y7jwgs8f69gZ3JToqPt4M6WXYuHUR45XtFStZ84b IhCDdWc6zxtwWAysJdndZ4fOIsb7Qp0ondWBfvFnsS4V2atwa9ErhmGhiHVZgXyQ W5wRcFKW3WxR3mIQNqiZoPjciIhQL+uQZ6+yrzRXnjJI69guNG5XU2AOlNrweJf6 752n0rgDX1eiQ9CvBJ9zFQKGER3GH1Ud4E6rmok5LaHvEKu9vcMF+tqbhln6yQuJ waeVKeC0FfL4iAgK4Bm3kVvNWklnRgXpUjfUMQJomI0/X7vdalXRqlfEYQwSWRgo gw== -----END CERTIFICATE-----Generated at Sun Apr 19 11:30:55 2026 by rpki-client