$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft File: s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft (raw, json) Hash identifier: oUK/akjrkXITl0wpC1iMPgkhsfNzrG6nrehkc0rOwqI= Subject key identifier: A9:B4:7C:E0:22:C3:72:85:36:9E:9F:2A:C7:97:27:7A:B3:A8:E0:26 Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019E1DC6FF21845F470C9BE2D395D97A7528 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft Manifest number: 1929 Signing time: Tue 12 May 2026 20:00:40 +0000 Manifest this update: Tue 12 May 2026 20:00:40 +0000 Manifest next update: Wed 13 May 2026 20:00:40 +0000 Files and hashes: 1: 3qg1KGc8omoslEG7jKlx4gx_LhQ.roa (hash: TnGs+EX2f9uQeebTem+/sfQFkc/zmqJQ5dURkVKi/n4=) 2: 4KsNQpqZCzqF5DWTGMqSZIdafk4.roa (hash: LOn9PMfVYWd9yqbUArMEkf8C7kjYf3BgWxcSoG8pKwI=) 3: 6GTkHhvGaHh_ppvgJMPn5q-SDT4.roa (hash: zOLVYqNLZkRsHu25N50zDbPPg1XzLp1BrOsPiOu+9z8=) 4: 6JxXQsPP5HeOd-zrinJyzOvxbvk.roa (hash: avnYdM5iKLHNYRmn2VZGG+0Rulxb30BrgSNse/s1Stw=) 5: Lm2Fdw-4HY59cWTBR1AYmOLC0Mk.roa (hash: SNGqheW6LsNlSg4kHxkvmFfi6Fzh2bEiE379f5CYZNA=) 6: N18aROBQ19Wj6Kdi3-iQ5c6OfeA.roa (hash: ezUkbSC7P3mO/d4z+5YndvD9aLmtqZ6KOctd3R4dOws=) 7: OUOP2IJYsVbNI_PTNHQ12RVMoDI.roa (hash: BnGONzncD2wwl5KKt6nDn2hcjBqGU1Umy1qq2TndNLU=) 8: X5qhIZ7xGCMvKQfZQrbeuOZ9uf8.roa (hash: i3DUL5+61b/Yr3dFWew0V6gv0s7RuSUIeTUfltYEFJs=) 9: Zjh5y2Kd8cSRzdszQnign9Lz3l4.roa (hash: TMEeISdGQlH/KULrec6oWy2p2scTUrKdaSvlMRJx3eE=) 10: g-q-xyU0r6niX_HcUqMnHfOWVQg.roa (hash: 3EYAH+TPHIG5maEa02mmMDsDD6AUBoN3T8wtoxwbwEg=) 11: iO24D_W0B1UjBwRFlQ8CdPgIqgs.roa (hash: VKTFC+1OrvrVs+DP4mHHKFLGZKyqteGaSW/b1eEAqMs=) 12: jytqbvPB7p4L3yG-M73X311CEZM.roa (hash: OoChTy3t+Ypl0/yoHt/yN9OFfFbQL1CiSDqOkSSFy9Y=) 13: qzIbIOdweY6pocYgDw-BYpuwt2k.roa (hash: RCGDZNml0heHLSfAzhIyGN2imnWRjKRBHXZrfhyhHtA=) 14: s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl (hash: uXKCMU/l+w97Y2FqNKS4uJgrwm/S4bNs4ZGN0mvRSHM=) 15: x3SzmyzLt8OYyGIP7YYKzeSx1t0.roa (hash: aW1SwGzhZKDv9vTg+ztGzAN+MHGjx+qNx1xNIM7zvvM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 14:18:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9e:1d:c6:ff:21:84:5f:47:0c:9b:e2:d3:95:d9:7a:75:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: May 12 20:00:40 2026 GMT Not After : May 13 20:00:40 2026 GMT Subject: CN=a9b47ce022c37285369e9f2ac797277ab3a8e026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c6:99:ff:18:da:bc:16:42:dc:7b:98:61:30: b7:e8:a3:4b:d4:be:3e:db:14:f1:41:c6:ba:2e:03: 12:52:31:b8:61:1f:06:8c:2f:97:03:7e:2f:a7:9d: 82:45:8a:7b:82:ec:fe:78:82:eb:90:df:f6:4b:97: 90:a7:f7:45:9d:c1:97:73:16:1c:27:33:4d:85:b4: a8:3f:91:d6:d7:8a:e6:a6:10:90:50:ef:c7:5c:24: c3:3c:3e:3c:eb:96:14:86:68:6a:9c:b2:8c:7a:27: 05:28:11:15:88:90:ef:dd:66:4e:b4:6e:1a:e2:96: e6:06:dc:9f:65:7e:db:b2:25:f8:b8:45:5f:26:c2: 41:ff:ab:91:e3:61:8e:57:13:2c:89:38:c9:79:54: 38:f3:ef:5b:ce:b5:05:4a:26:59:0c:d1:be:60:9a: 0e:87:1b:fb:4b:44:c3:03:c9:2c:c5:db:ba:e9:e1: 09:d4:c2:03:1d:c2:82:ef:02:5f:29:0f:1f:7b:71: 81:c5:4c:f9:02:9b:ee:dd:57:e7:e0:82:12:73:12: 57:5c:52:2e:93:4d:35:b9:89:07:50:47:3f:19:ba: 89:01:60:0c:88:02:7b:51:02:15:37:43:44:0d:2d: 8a:61:fc:07:93:a3:4c:7f:88:4a:72:f1:72:85:0e: 77:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:B4:7C:E0:22:C3:72:85:36:9E:9F:2A:C7:97:27:7A:B3:A8:E0:26 X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:5d:36:ac:2c:0d:97:f2:e6:3a:de:aa:aa:04:d2:1d:51:2f: db:af:1a:93:e2:e9:b3:46:45:0e:2d:72:11:63:3c:1b:b0:4a: 62:f0:84:84:2f:aa:52:30:b8:ec:3e:d1:96:e4:05:dc:09:92: 56:e7:dc:6d:63:4e:1f:8c:aa:a6:aa:6d:7b:fc:05:3d:81:b6: 6d:84:83:d6:a0:c2:b9:2d:e2:01:1c:a7:b7:49:f4:ef:74:f2: a7:2d:26:de:78:0e:08:16:7e:26:09:03:59:b9:f1:d8:de:dd: 2c:77:be:aa:92:d0:e2:77:c8:83:30:d5:fd:b1:37:14:a4:e7: 07:3e:f9:43:77:26:15:8f:26:95:91:95:48:84:b0:f3:3d:2f: 93:99:86:c4:76:3c:91:f9:88:db:7c:52:a1:de:5c:92:f3:f3: 68:9e:52:64:03:10:1d:f0:70:19:b7:e4:5b:4a:6d:b3:d6:d3: 9b:bb:15:ce:41:6e:32:e8:6b:65:ff:bf:91:a8:20:64:54:28: e8:0e:19:83:19:9e:ec:86:e7:99:8e:1d:3e:73:bf:bf:57:68: 7f:e1:47:74:7c:86:d0:bb:8d:e4:1a:e2:aa:7c:ab:4c:77:68: 1e:47:e6:f4:d8:d2:44:ed:a8:09:6e:4f:7e:7e:11:24:6d:e7: 2d:6d:7f:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ4dxv8hhF9HDJvi05XZenUoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwNTEyMjAwMDQwWhcNMjYwNTEzMjAwMDQwWjAzMTEwLwYDVQQD EyhhOWI0N2NlMDIyYzM3Mjg1MzY5ZTlmMmFjNzk3Mjc3YWIzYThlMDI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8aZ/xjavBZC3HuYYTC36KNL1L4+ 2xTxQca6LgMSUjG4YR8GjC+XA34vp52CRYp7guz+eILrkN/2S5eQp/dFncGXcxYc JzNNhbSoP5HW14rmphCQUO/HXCTDPD4865YUhmhqnLKMeicFKBEViJDv3WZOtG4a 4pbmBtyfZX7bsiX4uEVfJsJB/6uR42GOVxMsiTjJeVQ48+9bzrUFSiZZDNG+YJoO hxv7S0TDA8ksxdu66eEJ1MIDHcKC7wJfKQ8fe3GBxUz5Apvu3Vfn4IIScxJXXFIu k001uYkHUEc/GbqJAWAMiAJ7UQIVN0NEDS2KYfwHk6NMf4hKcvFyhQ53/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKm0fOAiw3KFNp6fKseXJ3qzqOAmMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATl02rCwN l/LmOt6qqgTSHVEv268ak+Lps0ZFDi1yEWM8G7BKYvCEhC+qUjC47D7RluQF3AmS VufcbWNOH4yqpqpte/wFPYG2bYSD1qDCuS3iARynt0n073Typy0m3ngOCBZ+JgkD Wbnx2N7dLHe+qpLQ4nfIgzDV/bE3FKTnBz75Q3cmFY8mlZGVSISw8z0vk5mGxHY8 kfmI23xSod5ckvPzaJ5SZAMQHfBwGbfkW0pts9bTm7sVzkFuMuhrZf+/kaggZFQo 6A4Zgxme7IbnmY4dPnO/v1dof+FHdHyG0LuN5BriqnyrTHdoHkfm9NjSRO2oCW5P fn4RJG3nLW1/ww== -----END CERTIFICATE-----Generated at Wed May 13 00:29:22 2026 by rpki-client