$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft File: rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft (raw, json) Hash identifier: tRil91p3NysnoqGB76mwhuA4gM68GZTtiAxaMDkKgZE= Subject key identifier: BF:F8:45:76:22:F2:E8:92:AC:1A:D2:83:8B:A3:85:93:D0:5A:B2:E8 Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5 Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5 Certificate serial: 019D25F13ECD46CD80E997828579EF6F476B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft Manifest number: 18D6 Signing time: Wed 25 Mar 2026 17:01:00 +0000 Manifest this update: Wed 25 Mar 2026 17:01:00 +0000 Manifest next update: Thu 26 Mar 2026 17:01:00 +0000 Files and hashes: 1: 5tvSeHfT9tQJaY_leFHXuR2yBH0.roa (hash: OssF5KxzdAdA0MRGmFSLEWiP4GOcYF7Td/3FVSiYLEA=) 2: Mq1u4qOomlUhefV0SWNzTRUmwps.roa (hash: +L1VEPPNNBt0OXhwf9f0heC994bRdJErni2gxksz1MM=) 3: NMfbsowFqcogPMg6cAeG3w9cjq0.roa (hash: uFoj7c/4SsWRnxgjbLgJrGS7fytT/Dv79U+edW6MDx8=) 4: Nc3Qv6HWCUL0coHdhzehCvqorjQ.roa (hash: 1cr7/XMm8bJJ1VGTZJBo+emXZtefD8zXujejZu9BwnE=) 5: RR27K07yWL9CEikVOiFjQqRGZNs.roa (hash: 14UKepul1FckjtbpGFg4sLFjoo9u1Ovj2wbZ+nk3TbY=) 6: RiJbycN_HnEaFdxBy-0QqogHp9w.roa (hash: HrWeheuaH2PNBF70Yz5xTkWSf+oor2QnLluzhSuwnU8=) 7: deTEkBZi5H7AIejV16ysjHwAbxY.roa (hash: l0JbGg+HLxrf5Ag/2z2pTojVken0ajBmDjhItX+Hm3I=) 8: f36wSuri4isgGvRNSVH6JQhVoXQ.roa (hash: yoPRFfkeY6wwCb2HhFYtsNc5bsYeGXcwftlwYv52l3Q=) 9: hPDJ7bwWMVeeA66R-Nm66UMAI3I.roa (hash: S6FoRCGZ+2A7ou0QqZgDgmiPo527/Z9rU6I1qlBMQXY=) 10: ocHryKy0JCZoZXuWFydbiaPAXvA.roa (hash: VJkfS4R1R0/kVOkQFygl/eqzEOXMlTWCdbkGDaHwbCQ=) 11: pGPZirCKZzbNWc11cAMZui5y53g.roa (hash: x16id1SP+uWE4b9i/PFLiuYNReYseV++lthZDwFfk5U=) 12: pKSlP4qI-iIWoFFAgY7hZYUI5lE.roa (hash: fJiLeKrrQ0jkNTOG3gU1SfB8kCZt5PRpsv9OHklxoM8=) 13: qltZRt6yv2xmd-YFzKK4-T95t70.roa (hash: ouYg4rusjDVFIksWY2y+Jv/jtKdXu+HEE/CHgFLthz4=) 14: rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl (hash: qDeY/wSA4sGikMP8I2f+AByUNw8Wmkc+ovtYD7fZb9s=) 15: sQ8qQg5RChJp9JsfMBZ7VZwT8WE.roa (hash: obNWII8S7VxaHifOdhDpl8/q/V3M1i4VuliV8Z+MBow=) 16: xEZpztI8Y0E6cyemzVq5Z-wuhOo.roa (hash: u+3SjeAOl+6UrQqTlnssUl6vP9Yo7S40vvVos+ddEsc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 15:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:25:f1:3e:cd:46:cd:80:e9:97:82:85:79:ef:6f:47:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5 Validity Not Before: Mar 25 17:01:00 2026 GMT Not After : Mar 26 17:01:00 2026 GMT Subject: CN=bff8457622f2e892ac1ad2838ba38593d05ab2e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:fc:1a:e9:da:35:46:2f:e8:24:c0:5e:96:b3: 9b:f2:6b:34:d0:f5:33:35:d5:4f:df:5d:0b:29:9d: 11:ee:71:75:f5:f9:a0:94:68:a6:ed:0f:04:88:34: f2:5c:9d:35:39:8d:50:7c:6d:83:0b:da:87:49:91: a6:66:a9:e7:8a:59:88:77:a9:b1:16:05:e7:c5:cb: 83:7f:25:7a:d0:d4:79:d4:02:db:08:98:89:b9:36: 49:8d:00:0e:c5:ed:99:d3:5b:30:64:07:21:37:e8: 4a:ca:96:d6:aa:e7:21:9b:19:bf:f6:8d:11:f9:55: 52:9b:6d:33:39:44:b0:90:6f:04:5f:f0:ff:4a:59: eb:19:64:e2:83:ad:77:eb:aa:d0:40:a9:1a:e3:42: 73:f6:3c:0a:17:77:3c:15:d3:ed:60:96:e4:f8:df: 7d:6d:8a:ad:12:db:67:06:76:2c:35:c7:66:ee:3b: de:26:77:70:ff:8e:25:a2:b3:3f:23:5e:1c:e7:2b: f6:42:7d:ad:26:5c:ec:67:cb:3c:ed:47:f8:0f:29: 4b:02:6b:c6:1c:3d:43:98:34:0d:5e:7a:c5:6e:b6: 39:50:33:8b:db:bd:f8:dc:f7:89:26:96:b1:f4:6a: 54:2a:68:0a:81:d9:7f:62:24:80:ac:54:93:e3:92: 7a:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:F8:45:76:22:F2:E8:92:AC:1A:D2:83:8B:A3:85:93:D0:5A:B2:E8 X509v3 Authority Key Identifier: keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:85:09:18:44:a7:4f:ec:5a:26:04:09:15:0e:5b:f8:d3:12: 78:58:ce:37:15:a9:7e:3b:ae:00:78:d5:6d:19:53:1a:c8:1d: 3a:19:44:89:ce:69:42:c1:17:dc:85:54:b6:c6:ca:4e:e6:e4: 04:94:c1:92:be:f1:79:29:de:27:42:54:bf:25:2e:84:c0:24: 93:ea:b2:0f:63:4e:b7:47:89:97:55:0e:4a:4c:44:21:0d:7d: 22:86:34:d1:85:e4:22:1b:e4:82:0e:17:88:a1:dd:aa:c7:0a: 95:59:b1:b3:79:fd:4f:31:8e:d1:22:88:de:22:df:8b:0e:3a: 37:09:1e:f1:ca:dd:4d:c6:75:fc:a3:33:4f:37:4e:ba:04:50: d3:97:76:8f:9e:9f:53:b0:17:73:ae:2a:a6:e6:af:cb:c2:17: 32:65:f2:60:24:84:54:59:cb:40:c2:f2:3f:f0:5c:2e:db:45: fd:d5:66:5c:67:1f:03:9d:90:60:b9:51:24:96:f7:62:e3:1d: a5:12:92:36:a0:da:f4:7a:ce:46:5e:32:5b:4f:d5:dd:bf:b7: 0f:ed:95:52:d5:c9:17:95:59:2e:f7:5f:87:46:ea:24:d2:ce: 7e:57:dd:34:fd:69:2b:39:f5:77:ed:26:dc:4d:9d:32:00:ed: 56:14:a8:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0l8T7NRs2A6ZeChXnvb0drMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3 MjAyZDUwHhcNMjYwMzI1MTcwMTAwWhcNMjYwMzI2MTcwMTAwWjAzMTEwLwYDVQQD EyhiZmY4NDU3NjIyZjJlODkyYWMxYWQyODM4YmEzODU5M2QwNWFiMmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/wa6do1Ri/oJMBelrOb8ms00PUz NdVP310LKZ0R7nF19fmglGim7Q8EiDTyXJ01OY1QfG2DC9qHSZGmZqnnilmId6mx FgXnxcuDfyV60NR51ALbCJiJuTZJjQAOxe2Z01swZAchN+hKypbWquchmxm/9o0R +VVSm20zOUSwkG8EX/D/SlnrGWTig61366rQQKka40Jz9jwKF3c8FdPtYJbk+N99 bYqtEttnBnYsNcdm7jveJndw/44lorM/I14c5yv2Qn2tJlzsZ8s87Uf4DylLAmvG HD1DmDQNXnrFbrY5UDOL27343PeJJpax9GpUKmgKgdl/YiSArFST45J6XQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/4RXYi8uiSrBrSg4ujhZPQWrLoMB8GA1UdIwQY MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct YzUxNWYzNTRjYzVhLzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsYUJGESn T+xaJgQJFQ5b+NMSeFjONxWpfjuuAHjVbRlTGsgdOhlEic5pQsEX3IVUtsbKTubk BJTBkr7xeSneJ0JUvyUuhMAkk+qyD2NOt0eJl1UOSkxEIQ19IoY00YXkIhvkgg4X iKHdqscKlVmxs3n9TzGO0SKI3iLfiw46Nwke8crdTcZ1/KMzTzdOugRQ05d2j56f U7AXc64qpuavy8IXMmXyYCSEVFnLQMLyP/BcLttF/dVmXGcfA52QYLlRJJb3YuMd pRKSNqDa9HrORl4yW0/V3b+3D+2VUtXJF5VZLvdfh0bqJNLOflfdNP1pKzn1d+0m 3E2dMgDtVhSosA== -----END CERTIFICATE-----Generated at Thu Mar 26 02:30:24 2026 by rpki-client