$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft File: s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft (raw, json) Hash identifier: or3iiBG4OIzRHGuh3G1X1fNv3Dv3dDPVprKgMSQnqvg= Subject key identifier: 12:FA:4E:24:99:3C:8E:D6:4A:62:1C:81:20:67:87:32:EA:13:80:AC Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019D269635AC4EE13625AA39D1E4DCCA1A1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft Manifest number: 18A9 Signing time: Wed 25 Mar 2026 20:01:11 +0000 Manifest this update: Wed 25 Mar 2026 20:01:11 +0000 Manifest next update: Thu 26 Mar 2026 20:01:11 +0000 Files and hashes: 1: 3qg1KGc8omoslEG7jKlx4gx_LhQ.roa (hash: TnGs+EX2f9uQeebTem+/sfQFkc/zmqJQ5dURkVKi/n4=) 2: 4KsNQpqZCzqF5DWTGMqSZIdafk4.roa (hash: LOn9PMfVYWd9yqbUArMEkf8C7kjYf3BgWxcSoG8pKwI=) 3: 6GTkHhvGaHh_ppvgJMPn5q-SDT4.roa (hash: zOLVYqNLZkRsHu25N50zDbPPg1XzLp1BrOsPiOu+9z8=) 4: 6JxXQsPP5HeOd-zrinJyzOvxbvk.roa (hash: avnYdM5iKLHNYRmn2VZGG+0Rulxb30BrgSNse/s1Stw=) 5: Lm2Fdw-4HY59cWTBR1AYmOLC0Mk.roa (hash: SNGqheW6LsNlSg4kHxkvmFfi6Fzh2bEiE379f5CYZNA=) 6: N18aROBQ19Wj6Kdi3-iQ5c6OfeA.roa (hash: ezUkbSC7P3mO/d4z+5YndvD9aLmtqZ6KOctd3R4dOws=) 7: OUOP2IJYsVbNI_PTNHQ12RVMoDI.roa (hash: BnGONzncD2wwl5KKt6nDn2hcjBqGU1Umy1qq2TndNLU=) 8: X5qhIZ7xGCMvKQfZQrbeuOZ9uf8.roa (hash: i3DUL5+61b/Yr3dFWew0V6gv0s7RuSUIeTUfltYEFJs=) 9: Zjh5y2Kd8cSRzdszQnign9Lz3l4.roa (hash: TMEeISdGQlH/KULrec6oWy2p2scTUrKdaSvlMRJx3eE=) 10: g-q-xyU0r6niX_HcUqMnHfOWVQg.roa (hash: 3EYAH+TPHIG5maEa02mmMDsDD6AUBoN3T8wtoxwbwEg=) 11: iO24D_W0B1UjBwRFlQ8CdPgIqgs.roa (hash: VKTFC+1OrvrVs+DP4mHHKFLGZKyqteGaSW/b1eEAqMs=) 12: jytqbvPB7p4L3yG-M73X311CEZM.roa (hash: OoChTy3t+Ypl0/yoHt/yN9OFfFbQL1CiSDqOkSSFy9Y=) 13: qzIbIOdweY6pocYgDw-BYpuwt2k.roa (hash: RCGDZNml0heHLSfAzhIyGN2imnWRjKRBHXZrfhyhHtA=) 14: s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl (hash: hjJiL+Yf6eMA9A+h7QFmVyAPui0BYXpaiHVP5j6NfvQ=) 15: x3SzmyzLt8OYyGIP7YYKzeSx1t0.roa (hash: aW1SwGzhZKDv9vTg+ztGzAN+MHGjx+qNx1xNIM7zvvM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 15:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:26:96:35:ac:4e:e1:36:25:aa:39:d1:e4:dc:ca:1a:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Mar 25 20:01:11 2026 GMT Not After : Mar 26 20:01:11 2026 GMT Subject: CN=12fa4e24993c8ed64a621c8120678732ea1380ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0c:9f:e5:e9:11:49:e6:7e:38:35:ba:e3:dd: 3b:40:82:8c:b7:95:57:72:d8:67:3b:62:a1:d5:7a: b6:90:b7:33:df:5f:d2:04:8b:af:fe:93:db:e8:6d: 46:7c:d4:98:2c:9a:7c:27:db:27:89:23:4d:af:da: a3:15:44:0a:3a:3e:6b:25:6e:2c:37:25:46:49:cc: f0:28:ef:88:a3:91:3f:d6:f0:b8:06:92:ce:be:60: 40:3d:98:1c:54:f4:3c:7b:1b:a0:19:74:9b:82:ac: dd:2e:bb:1d:f2:15:ba:94:c2:6e:f4:46:ab:2e:6d: 23:f3:21:29:60:31:82:28:b9:c9:b1:5d:d9:05:d2: fa:59:a0:c5:cc:77:bd:89:30:9b:4b:86:0f:01:d8: 80:1b:14:e3:32:7a:a9:0f:b5:ef:76:ee:35:13:42: d7:cf:d1:a2:0e:8d:67:ce:63:cc:40:79:93:2c:af: 45:0d:cd:6a:04:c2:1f:fd:15:6a:6f:6b:b0:04:d0: 7e:03:6f:59:5c:1b:35:49:10:7e:4d:b5:cb:e4:df: 67:fe:ff:85:15:4d:ae:65:96:eb:07:6d:b1:af:73: 53:90:d3:98:0c:cf:39:18:24:0f:73:00:eb:88:ab: c5:8a:7c:c3:85:cc:69:24:d8:f6:84:f8:26:86:61: eb:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:FA:4E:24:99:3C:8E:D6:4A:62:1C:81:20:67:87:32:EA:13:80:AC X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:03:88:1b:f5:39:88:00:2d:ac:5e:1d:41:ee:42:1f:03:aa: 06:95:59:9e:e2:1e:78:5d:e4:aa:47:db:33:3c:08:cb:59:70: 16:95:70:6a:42:ea:6d:d9:89:e1:a2:99:46:f0:a1:95:1b:cd: 99:f8:67:59:29:37:53:71:00:9a:83:bc:7a:eb:53:28:41:da: c8:e9:a6:87:b6:cd:41:ea:2c:d0:b9:61:41:de:37:f7:cb:ac: f8:74:f6:76:63:c1:91:9d:ee:c0:46:7d:11:f1:78:fd:5c:4e: d8:ce:02:b5:18:a8:d8:ca:ec:61:77:52:89:16:f9:67:3d:3a: 51:7c:49:f2:c1:63:28:22:0b:10:4a:e4:4b:3b:ad:05:40:9e: e1:fc:4d:88:55:e5:88:51:b6:c9:9b:b9:fa:4d:c9:a9:2f:d2: a3:ea:b6:29:74:30:ae:58:bd:2c:ca:ef:df:80:be:f6:a0:cb: ef:91:a0:f9:10:2f:60:58:92:08:c4:a8:3d:09:8b:23:86:bd: 8e:0e:83:2f:3a:3c:48:e4:77:80:bf:f9:9b:8f:5b:87:5b:9c: f6:dd:78:31:95:3f:86:83:2a:97:d9:2d:a4:af:0e:ee:5c:fe: ae:cc:e3:fa:e9:dc:d4:46:e6:01:1f:dc:7b:c2:d6:ca:83:f0: 0b:b8:f1:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0mljWsTuE2Jao50eTcyhofMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwMzI1MjAwMTExWhcNMjYwMzI2MjAwMTExWjAzMTEwLwYDVQQD EygxMmZhNGUyNDk5M2M4ZWQ2NGE2MjFjODEyMDY3ODczMmVhMTM4MGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAyf5ekRSeZ+ODW64907QIKMt5VX cthnO2Kh1Xq2kLcz31/SBIuv/pPb6G1GfNSYLJp8J9sniSNNr9qjFUQKOj5rJW4s NyVGSczwKO+Io5E/1vC4BpLOvmBAPZgcVPQ8exugGXSbgqzdLrsd8hW6lMJu9Ear Lm0j8yEpYDGCKLnJsV3ZBdL6WaDFzHe9iTCbS4YPAdiAGxTjMnqpD7Xvdu41E0LX z9GiDo1nzmPMQHmTLK9FDc1qBMIf/RVqb2uwBNB+A29ZXBs1SRB+TbXL5N9n/v+F FU2uZZbrB22xr3NTkNOYDM85GCQPcwDriKvFinzDhcxpJNj2hPgmhmHruwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBL6TiSZPI7WSmIcgSBnhzLqE4CsMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAawOIG/U5 iAAtrF4dQe5CHwOqBpVZnuIeeF3kqkfbMzwIy1lwFpVwakLqbdmJ4aKZRvChlRvN mfhnWSk3U3EAmoO8eutTKEHayOmmh7bNQeos0LlhQd4398us+HT2dmPBkZ3uwEZ9 EfF4/VxO2M4CtRio2MrsYXdSiRb5Zz06UXxJ8sFjKCILEErkSzutBUCe4fxNiFXl iFG2yZu5+k3JqS/So+q2KXQwrli9LMrv34C+9qDL75Gg+RAvYFiSCMSoPQmLI4a9 jg6DLzo8SOR3gL/5m49bh1uc9t14MZU/hoMql9ktpK8O7lz+rszj+unc1EbmAR/c e8LWyoPwC7jxiA== -----END CERTIFICATE-----Generated at Thu Mar 26 02:24:35 2026 by rpki-client