$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft File: bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft (raw, json) Hash identifier: NI6FdAu+SsaVfJSW0yLCL3gA13Fv7n086cVirEm39Fg= Subject key identifier: 32:CA:24:10:DC:E9:0D:DA:61:1E:78:B1:86:43:D2:EF:46:60:A6:37 Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03 Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03 Certificate serial: 019D28841A8D3A77392F7436988561626501 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft Manifest number: 13EF Signing time: Thu 26 Mar 2026 05:00:39 +0000 Manifest this update: Thu 26 Mar 2026 05:00:39 +0000 Manifest next update: Fri 27 Mar 2026 05:00:39 +0000 Files and hashes: 1: 5Tkq8wpHcpeGz-f1egqNaUaEly4.roa (hash: UEQegGsLWicDIfmpSCpj13D1XKHb5j/U85IT8bxJWfc=) 2: 9CTRikFmDfftuulzmE7oVg4SrXo.roa (hash: QetHPa6rhiOmzCiHhKi65+JEz8i5R3+PHpMQcXOELTs=) 3: CGlwaarm8XPHSfd_sN3ULyqaKUg.roa (hash: WkoSqWTtOvdRK1F0sTVTQcYIqle5HqEUONAxF4fdu+0=) 4: DWJLSkrTBQVA1mKPBHJjQ0UYwUo.roa (hash: YlvXpp8OBX054sUjgr0G/E8Fj1hyn6n9+pikSmik/yw=) 5: K-Snqx_g_sH4OkoyUvNFtlxX6dY.roa (hash: UtI+N3jVMIi1MfArZauCcNJH+3Px9d37UixMPUZOoTo=) 6: _yP2m6cl8cRwC6MErd0OYqhk9uw.roa (hash: KC1xdvTrCnL148MmuC/CmRUv6swh9y2uLjAWg/EyWgo=) 7: bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl (hash: WbhyWp4rq76oSr52aVTLdSIrBKHdAsSQglAPopD7GqM=) 8: jQ9RMCpwNTwYfimV7ID_rUCi6Jo.roa (hash: epRbU/bf6HhhyAdmIE7JEgeJXVkXi3sclBBNp0SAlwg=) 9: nr9k1CgFTONdLf6R9QxhHnNqn0s.roa (hash: p4nvZA3enPe2lQ5RM8LvTtTA0KKajVqsnKOLaWopgI8=) 10: tdnQohzHZr8uW9f2J4849lgRnNs.roa (hash: R/F7DsXRI6l5OyjK0XOgTrIjrxtiZQtQIcujVHWYsus=) 11: wFfaatQDGVsMpN2fH-zvzPesV3g.roa (hash: 3ZM6HdXkNcqvPo4Y/liQTynJdayCJYTJLnDaTRRsnVI=) 12: wLx0CVIubWTYoCjwsL2Po__MQUM.roa (hash: F8k0Jt+fxP76purtLa3GdhBDmrpeFIZqPR/m/8/wT2Y=) 13: x5Qwhv7R0VHh2__9bUe3MfdsZS8.roa (hash: DGtjPXc9IfmH8Lv2uA77Pdq/vDMpd2Jc/ZwXsO4TcZ0=) 14: yz9kj_FWQhCmpskN-2MCDdY5uBw.roa (hash: cgLL1yo6vIv8E9t7kQH/ixztHSmNjb1gmVnvmFzrVfo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 27 Mar 2026 00:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:28:84:1a:8d:3a:77:39:2f:74:36:98:85:61:62:65:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03 Validity Not Before: Mar 26 05:00:39 2026 GMT Not After : Mar 27 05:00:39 2026 GMT Subject: CN=32ca2410dce90dda611e78b18643d2ef4660a637 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:11:7e:c7:da:c3:63:1a:cf:41:28:08:a8:db: c1:4d:ab:da:54:c0:ba:3f:2a:7f:9b:41:d9:9e:6b: ab:c2:88:3f:b7:a7:ed:fb:7a:28:00:d4:c7:c2:e1: 0c:38:bd:64:ed:f6:3b:a5:39:1b:01:71:42:7a:ce: b9:95:5a:f4:98:9f:b8:a5:f2:9e:42:b8:93:ba:7c: ae:e3:81:07:9e:fb:77:59:48:4d:eb:81:42:3f:d0: 33:cb:dd:d2:f7:70:3f:4e:34:0c:ee:71:83:53:6d: 68:d8:a8:83:57:aa:ca:66:ee:e1:65:bf:0b:93:81: 08:89:b4:b4:9e:61:9c:b6:43:6b:bb:8f:a5:14:93: 46:bc:e9:45:bb:cc:8a:14:84:c1:45:10:6a:58:cb: 81:2f:2b:9a:48:2b:c5:51:bf:7d:ce:05:62:8d:32: 70:d4:ad:ec:4c:e7:b9:6e:f4:0f:23:e0:14:39:8e: ca:14:d5:8b:9e:8a:25:39:39:6a:ed:f3:eb:51:fb: 78:dd:2d:06:98:b6:a1:64:21:1c:c7:5c:83:b1:82: a6:87:62:02:b7:10:9e:34:9d:b9:9c:f5:ce:d6:25: ce:3a:8f:64:bf:0e:52:95:fe:72:c7:6b:8b:55:f0: ff:3f:d9:fe:54:15:82:53:48:b7:8f:d1:d2:45:ce: e7:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:CA:24:10:DC:E9:0D:DA:61:1E:78:B1:86:43:D2:EF:46:60:A6:37 X509v3 Authority Key Identifier: keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:2e:c7:c1:74:5c:15:ab:7c:6b:3d:94:94:57:0a:2b:00:df: 28:4c:3c:a4:5d:ff:56:8e:ba:f9:e2:a4:97:73:91:3a:5e:32: 1d:f0:46:70:84:82:5d:32:52:8a:ac:bb:c3:44:f2:71:05:07: 20:79:ca:86:6f:3f:2f:67:83:ae:d9:a0:a3:cb:7c:29:fb:b9: cf:62:a7:98:8e:97:3c:13:4b:33:24:b4:f7:e7:7e:ec:c3:de: 4b:5e:f1:2c:4d:5f:0c:3f:fa:7c:db:d9:e2:66:b7:b3:74:d4: c5:0d:2e:86:4a:b6:74:30:bd:23:72:69:11:14:01:27:0f:0f: 73:73:29:74:a2:cb:e9:23:ef:d0:17:4b:d2:f0:26:fb:ce:c9: 2c:65:33:03:f5:8b:5f:4f:0d:6f:ce:91:95:c3:2d:dd:47:ba: 5d:fb:f6:41:42:2c:7b:c6:cb:ae:f3:1b:bb:22:26:af:d3:93: 70:06:02:1a:06:3d:fa:66:5a:5f:d0:fb:46:28:a1:e7:bb:1a: 65:d3:88:72:bf:84:7d:89:95:17:64:59:51:d4:2a:85:ec:a8: d4:7e:28:3f:ab:17:f0:13:d8:fa:c0:e8:32:f0:45:93:1d:ae: 9d:15:b1:3a:f8:55:7a:81:de:c0:26:4c:9c:9d:fd:2b:b9:b3: d8:b5:92:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0ohBqNOnc5L3Q2mIVhYmUBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj NjJhMDMwHhcNMjYwMzI2MDUwMDM5WhcNMjYwMzI3MDUwMDM5WjAzMTEwLwYDVQQD EygzMmNhMjQxMGRjZTkwZGRhNjExZTc4YjE4NjQzZDJlZjQ2NjBhNjM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhF+x9rDYxrPQSgIqNvBTavaVMC6 Pyp/m0HZnmurwog/t6ft+3ooANTHwuEMOL1k7fY7pTkbAXFCes65lVr0mJ+4pfKe QriTunyu44EHnvt3WUhN64FCP9Azy93S93A/TjQM7nGDU21o2KiDV6rKZu7hZb8L k4EIibS0nmGctkNru4+lFJNGvOlFu8yKFITBRRBqWMuBLyuaSCvFUb99zgVijTJw 1K3sTOe5bvQPI+AUOY7KFNWLnoolOTlq7fPrUft43S0GmLahZCEcx1yDsYKmh2IC txCeNJ25nPXO1iXOOo9kvw5Slf5yx2uLVfD/P9n+VBWCU0i3j9HSRc7nPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDLKJBDc6Q3aYR54sYZD0u9GYKY3MB8GA1UdIwQY MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt ZTk3MjRhN2E2YmM4LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4 LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANy7HwXRc Fat8az2UlFcKKwDfKEw8pF3/Vo66+eKkl3OROl4yHfBGcISCXTJSiqy7w0TycQUH IHnKhm8/L2eDrtmgo8t8Kfu5z2KnmI6XPBNLMyS09+d+7MPeS17xLE1fDD/6fNvZ 4ma3s3TUxQ0uhkq2dDC9I3JpERQBJw8Pc3MpdKLL6SPv0BdL0vAm+87JLGUzA/WL X08Nb86RlcMt3Ue6Xfv2QUIse8bLrvMbuyImr9OTcAYCGgY9+mZaX9D7Riih57sa ZdOIcr+EfYmVF2RZUdQqheyo1H4oP6sX8BPY+sDoMvBFkx2unRWxOvhVeoHewCZM nJ39K7mz2LWSkQ== -----END CERTIFICATE-----Generated at Thu Mar 26 08:27:37 2026 by rpki-client