$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft File: AOT2p3Not87P5nIgtDZXax4Aiuw.mft (raw, json) Hash identifier: YAfPX02OuyLRbWc+0YdqmQwhrRTiH22AywlrAxIbieg= Subject key identifier: 5F:D7:5B:7F:9A:19:B2:39:EB:91:F5:75:72:F3:D2:67:BF:69:4B:FB Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec Certificate serial: 019D3308529B2F575581CF70B51EA2143321 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft Manifest number: 198F Signing time: Sat 28 Mar 2026 06:01:16 +0000 Manifest this update: Sat 28 Mar 2026 06:01:16 +0000 Manifest next update: Sun 29 Mar 2026 06:01:16 +0000 Files and hashes: 1: 1-7-GRl1DpJL9MX_Eh7vVlgQAtds.roa (hash: qBQ+Yv34RT+76LqwEUvZMWK4vq87p/Tm5N2E03sJUtE=) 2: 8JQ0VF5qvrtIdP5kzOpKrpQ4c_Q.roa (hash: 8Cz/nfpNgRo73mnZrpsPG4yB6fA8zTsiRnBVo7ed97c=) 3: AOT2p3Not87P5nIgtDZXax4Aiuw.crl (hash: dhdmrXOp72w8T2gfCa9R7OF7kivzGwkLS3F75105Hrs=) 4: CP1700xQhoIo0eqZb96w49fwMZU.roa (hash: FhGMMmXWb4O7zbwANRuKCF/ES8PwzOmEkZV99iTN5xU=) 5: Iz8oQHvYY4N1cu4pgE3299ogM34.roa (hash: GTn6Y+DWEw4+IcATVORnDqgcpHWD0i8V9c7BBTnRM3U=) 6: MQ0e7OQgina0hHLbzkJJI7ocRMY.roa (hash: lYlPT7y2KTJ0qjKzQaLtDJlIn+M8xo18ZCJuzXN583Y=) 7: VcGOwSBLa8MeclenBwYCnJTkc6Q.roa (hash: ZpKqr8OOjlncepBvaT8KeQio9IThw68qGgH8coHhuVI=) 8: gF0x-IgTBvCJCERAByN93AH9MjM.roa (hash: f9L9sZ2MryoARd93KF5kcE6ImNuSL3mNiWJ8yZc3d58=) 9: hGF5HckbV_mO1zNnnUvLaxvGgg0.roa (hash: LswWVKDsb8V0ubfBEeUCi7BkiOP6J97pjosqCGNORUk=) 10: oPPgaBYxfthIjxyRNKKvuQhADcA.roa (hash: vJpx4imZl2f0ZsJVLjSi4WZMmzQUNNlQIXHfoEUu3/k=) 11: tDS2Cs2obRP0GxSw9_zcJ3O6_H8.roa (hash: 6+3w2X7QmyZajlkvHT3Z32O7WpWvoPyxaW4Oqr2oNl8=) 12: v3K9UBCZQXetZHCASn_v-Er6z80.roa (hash: M01ADTQv5+WF8EwvS7wZ9W7tolykwshPsb2JjYqw3EQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 29 Mar 2026 00:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:33:08:52:9b:2f:57:55:81:cf:70:b5:1e:a2:14:33:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec Validity Not Before: Mar 28 06:01:16 2026 GMT Not After : Mar 29 06:01:16 2026 GMT Subject: CN=5fd75b7f9a19b239eb91f57572f3d267bf694bfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:80:72:f5:49:6b:47:06:3a:18:a5:ff:1c:3c: a2:70:6f:58:2f:51:45:fc:96:59:a0:05:df:2e:88: d3:8b:a2:f5:48:0d:49:78:9a:18:70:7b:41:d6:e4: c2:d4:b1:52:01:f2:61:6b:1e:63:b2:4e:3b:2c:41: 18:ef:cc:6f:84:82:d7:45:3d:b0:15:fc:b9:0c:7b: c9:02:45:39:ec:b8:f4:0e:cf:64:35:be:d1:2a:77: a9:2f:80:f1:5e:00:79:74:1d:0b:0d:83:d4:19:8b: 36:f8:e0:f1:43:54:fd:86:24:98:bf:cd:4d:3b:5f: 7c:44:7d:1e:95:ff:04:39:0e:f8:d2:72:f7:18:fe: b1:b2:92:6a:a2:5b:0d:08:08:2b:3f:fd:f7:b9:9a: ae:a8:7e:f2:a8:f1:40:72:82:b2:63:a0:e8:a0:dd: 3f:19:db:75:6c:a0:9b:59:99:d3:62:aa:5e:78:b2: 85:83:f2:fa:a0:bc:62:9b:c0:be:0b:75:63:2b:47: 9c:3b:29:af:fa:32:67:a0:13:0d:3e:36:78:11:76: b4:7e:e9:83:81:86:6d:85:cf:d9:49:53:99:2a:7a: ad:fc:27:4b:63:4e:2b:45:62:89:92:91:eb:92:9d: be:c6:f8:a0:31:3b:91:ae:15:ee:be:3f:8d:56:47: d1:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:D7:5B:7F:9A:19:B2:39:EB:91:F5:75:72:F3:D2:67:BF:69:4B:FB X509v3 Authority Key Identifier: keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:88:d8:89:c4:96:8a:64:cd:09:74:33:3d:00:f5:4b:b0:e6: c5:8f:b3:b9:c0:a1:c5:43:14:f5:52:ec:21:64:21:0e:17:ad: 26:e7:62:e2:6f:66:78:ab:f0:1f:35:20:c1:ca:dc:d2:9d:f2: 64:d6:8c:c5:1c:24:f0:32:d6:a0:17:a7:3b:98:45:b9:3c:0f: b8:c3:62:33:4f:ee:da:09:b9:87:56:ac:1d:b6:18:e6:80:13: 29:53:4c:f8:ff:b7:b1:60:e7:99:2c:51:15:d2:a5:7c:42:cf: a8:3e:e3:89:84:64:26:e3:34:2b:8d:38:a6:9c:07:eb:2e:57: 74:ad:3d:14:c2:a8:30:b0:73:67:2c:72:07:20:4d:40:04:4a: 84:dd:4f:5d:6d:35:1b:83:17:9d:7a:8c:96:14:bf:bb:5d:ee: a4:27:17:f3:ac:20:5e:10:db:57:5d:e4:67:f4:50:4e:50:b6: 57:e7:d6:ca:f5:6c:a5:eb:47:b2:20:79:ad:dd:0c:6f:ad:70: 42:18:9d:10:5a:3b:e5:92:83:98:73:b4:46:e9:ec:e2:45:2e: 5c:4f:cd:b0:b0:a8:2e:43:29:0b:20:ef:41:b2:67:19:0f:d0: af:80:05:b2:cf:d1:6d:fc:99:7f:8d:f4:5e:db:1f:73:70:fa: 24:ca:7a:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0zCFKbL1dVgc9wtR6iFDMhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw MDhhZWMwHhcNMjYwMzI4MDYwMTE2WhcNMjYwMzI5MDYwMTE2WjAzMTEwLwYDVQQD Eyg1ZmQ3NWI3ZjlhMTliMjM5ZWI5MWY1NzU3MmYzZDI2N2JmNjk0YmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYBy9UlrRwY6GKX/HDyicG9YL1FF /JZZoAXfLojTi6L1SA1JeJoYcHtB1uTC1LFSAfJhax5jsk47LEEY78xvhILXRT2w Ffy5DHvJAkU57Lj0Ds9kNb7RKnepL4DxXgB5dB0LDYPUGYs2+ODxQ1T9hiSYv81N O198RH0elf8EOQ740nL3GP6xspJqolsNCAgrP/33uZquqH7yqPFAcoKyY6DooN0/ Gdt1bKCbWZnTYqpeeLKFg/L6oLxim8C+C3VjK0ecOymv+jJnoBMNPjZ4EXa0fumD gYZthc/ZSVOZKnqt/CdLY04rRWKJkpHrkp2+xvigMTuRrhXuvj+NVkfR8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF/XW3+aGbI565H1dXLz0me/aUv7MB8GA1UdIwQY MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt YjA3ZDg0MTZhZTRhLzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn4jYicSW imTNCXQzPQD1S7DmxY+zucChxUMU9VLsIWQhDhetJudi4m9meKvwHzUgwcrc0p3y ZNaMxRwk8DLWoBenO5hFuTwPuMNiM0/u2gm5h1asHbYY5oATKVNM+P+3sWDnmSxR FdKlfELPqD7jiYRkJuM0K404ppwH6y5XdK09FMKoMLBzZyxyByBNQARKhN1PXW01 G4MXnXqMlhS/u13upCcX86wgXhDbV13kZ/RQTlC2V+fWyvVspetHsiB5rd0Mb61w QhidEFo75ZKDmHO0Runs4kUuXE/NsLCoLkMpCyDvQbJnGQ/Qr4AFss/RbfyZf430 Xtsfc3D6JMp67g== -----END CERTIFICATE-----Generated at Sat Mar 28 10:05:28 2026 by rpki-client