$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: K1iS98BLKOyo8cnBD36z4ZsQAPzdBNujuWaGc51Gejc= Subject key identifier: 4D:58:EB:A9:A3:8E:6C:CB:E4:72:09:75:0A:3D:25:77:0B:5A:93:91 Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019D25BA327C8BBE45337845D024BB46C528 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 13A1 Signing time: Wed 25 Mar 2026 16:00:52 +0000 Manifest this update: Wed 25 Mar 2026 16:00:52 +0000 Manifest next update: Thu 26 Mar 2026 16:00:52 +0000 Files and hashes: 1: 9ThI9Z7soYxz8aK7SxBvxoPEOX4.roa (hash: 2FCnysFwLOl4zVeb97SHJ1QvBKVL+gw4QmS3UAORjFk=) 2: BsMfnzrxddpnmFQ8FtiqLN4hIRw.roa (hash: GbFN7H89aII0f8FiIff5RGaJGPYoV9OOEoYuPkHE93c=) 3: C67-QabxkPaVhoCKelfc7gJ1hK8.roa (hash: 0WW6NyrxV5VH4o1lj6kLTZOdEKPeDBs7ouwPQd+hBHw=) 4: F9-SxyIQIDP0T_L82XSaWh-dz-8.roa (hash: xq0esTvybmQE92rRBw7ldOk97wFXJ2Dn8bPKN1sbBN4=) 5: GXCfAVmuuL63Oe4dOVqYkc3Wuzg.roa (hash: L3MDEpVumA01FdWvikqD5sE8kkEXPwKtDKdz6KqfMnQ=) 6: RY0bArq-jZLzZUGQCt7VtVQ1eP8.roa (hash: nOIDnyfWMWKkEgKPjDc9li7leEEkKMO7ZYw+RINdMRI=) 7: WNwct_JeSUw9EGnGt5EMmHO1qnA.roa (hash: 8JESbBJVZwKNLtuuBYLAyN1yjWX+0RJfMcx4iiDnUQ0=) 8: aOPciO2i4pfhYNx8M-BLAat6K88.roa (hash: 23mtM/XEA4F6fUISXd4S0ZErct8gDmnUbBNFqEeBNOc=) 9: br-MdcUGAgIJZ2jokAIrGgvBgVg.roa (hash: nAJrJwXFm0eNNJbUiUMkYMOpV3Mo7gqR8CqVePMN9SA=) 10: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: Ik0uznI/TEe7khCE7C6Par1uNQv5By02nunnowSGRoo=) 11: p3gPfuFdg2rqrSBfl0UDEUdNbjM.roa (hash: bWC6ioqLuy3JQURX6TTBBncQtFn3EtAYrnrtm+JIq5g=) 12: qoJxh9RoMci9r1884qksasXONeQ.roa (hash: b1P5hF2MWBN0Il3GucTyqyanvw/mWve+jbkBZTYW4xQ=) 13: zByDWqzQes6Qf_5yruyAW6l4NA8.roa (hash: 4mGvD80bIUslVCK/Nf88S+YHOSjLonqjJpu89t+7Om0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 15:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:25:ba:32:7c:8b:be:45:33:78:45:d0:24:bb:46:c5:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Mar 25 16:00:52 2026 GMT Not After : Mar 26 16:00:52 2026 GMT Subject: CN=4d58eba9a38e6ccbe47209750a3d25770b5a9391 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:39:f6:c8:90:d2:5b:1c:e4:03:8d:3f:40:50: 4c:30:c1:53:f4:d6:11:0c:46:35:0c:fb:b9:a8:ad: 1b:28:39:42:91:e6:ad:ab:31:9e:13:a7:dd:25:66: 61:b3:50:4e:13:a6:93:02:ff:54:07:0d:86:c3:e9: 2e:5a:c8:80:ea:5a:de:5f:c6:98:e1:e9:a5:33:68: 35:79:8e:73:14:55:48:89:01:9f:1a:35:b2:27:13: 6e:11:39:43:19:eb:5d:40:51:83:10:68:4b:93:96: 09:44:2d:fa:c9:16:7b:bd:17:ab:c9:ab:d5:4e:d0: a8:db:81:35:cd:5f:b8:cd:66:aa:e6:26:23:92:6a: 8f:11:3f:4a:03:83:13:0b:eb:d2:a3:51:71:07:48: 72:7a:4a:42:f1:68:14:d6:8d:a8:82:16:14:cb:55: 82:93:d3:4e:51:ec:2e:0a:85:3d:0b:e5:2f:fd:fe: 85:8f:18:28:d8:84:d0:77:0f:35:72:c3:90:9d:7a: b8:6c:8b:92:aa:1d:a0:ed:d3:77:3a:61:d3:ac:db: a3:b0:b4:00:da:b1:77:45:3c:2f:04:db:45:dc:47: 45:b8:03:0b:3b:5b:25:62:3d:7e:2e:73:0f:b7:9d: 3e:92:b5:d3:33:d1:0d:a7:7a:8e:fc:fa:3d:7c:c4: 06:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:58:EB:A9:A3:8E:6C:CB:E4:72:09:75:0A:3D:25:77:0B:5A:93:91 X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:3f:a0:dc:da:72:d5:cb:08:bc:76:1f:da:51:e9:df:a2:c2: 82:e1:ca:8d:dd:6d:33:2b:b7:9b:f7:f7:5c:a3:a4:b5:6f:3f: 9b:f7:af:35:5b:eb:04:1b:9d:97:98:ff:d5:ed:0b:c3:63:d9: 72:b3:48:81:48:d0:98:32:d7:6e:e8:29:ab:f5:1f:be:aa:61: 46:78:4e:fc:c3:2f:23:09:9b:1f:1d:26:66:33:bd:10:ed:1f: b7:23:db:d4:9c:92:87:f0:e0:4d:60:8a:0f:2a:fb:ea:10:67: d7:63:31:fd:20:8a:a4:24:08:d1:39:42:29:8c:5b:1a:91:fe: ab:ca:a2:18:7f:9e:88:0b:09:ce:7a:14:74:82:10:e4:86:ae: 56:cc:30:cb:71:bb:a5:95:38:f9:0f:aa:e0:cd:30:41:23:d7: ca:77:4b:78:17:c6:d7:d2:97:b6:c7:6a:b2:4e:0f:22:97:d4: 77:e8:e4:7d:09:65:3d:b7:e4:c2:cd:23:ab:88:ca:e7:b4:07: 84:0d:ae:23:8e:17:67:23:43:62:68:2a:35:dc:91:a9:67:a6: 04:b2:ae:7e:c7:16:50:9b:44:3c:f9:a9:e4:97:14:54:17:cc: 17:18:f8:74:ac:f8:6f:e7:73:10:f4:b2:01:9f:47:12:a2:7a: 5b:95:1a:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0lujJ8i75FM3hF0CS7RsUoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjYwMzI1MTYwMDUyWhcNMjYwMzI2MTYwMDUyWjAzMTEwLwYDVQQD Eyg0ZDU4ZWJhOWEzOGU2Y2NiZTQ3MjA5NzUwYTNkMjU3NzBiNWE5MzkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjn2yJDSWxzkA40/QFBMMMFT9NYR DEY1DPu5qK0bKDlCkeatqzGeE6fdJWZhs1BOE6aTAv9UBw2Gw+kuWsiA6lreX8aY 4emlM2g1eY5zFFVIiQGfGjWyJxNuETlDGetdQFGDEGhLk5YJRC36yRZ7vReryavV TtCo24E1zV+4zWaq5iYjkmqPET9KA4MTC+vSo1FxB0hyekpC8WgU1o2oghYUy1WC k9NOUewuCoU9C+Uv/f6Fjxgo2ITQdw81csOQnXq4bIuSqh2g7dN3OmHTrNujsLQA 2rF3RTwvBNtF3EdFuAMLO1slYj1+LnMPt50+krXTM9ENp3qO/Po9fMQGMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1Y66mjjmzL5HIJdQo9JXcLWpORMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALj+g3Npy 1csIvHYf2lHp36LCguHKjd1tMyu3m/f3XKOktW8/m/evNVvrBBudl5j/1e0Lw2PZ crNIgUjQmDLXbugpq/UfvqphRnhO/MMvIwmbHx0mZjO9EO0ftyPb1JySh/DgTWCK Dyr76hBn12Mx/SCKpCQI0TlCKYxbGpH+q8qiGH+eiAsJznoUdIIQ5IauVswwy3G7 pZU4+Q+q4M0wQSPXyndLeBfG19KXtsdqsk4PIpfUd+jkfQllPbfkws0jq4jK57QH hA2uI44XZyNDYmgqNdyRqWemBLKufscWUJtEPPmp5JcUVBfMFxj4dKz4b+dzEPSy AZ9HEqJ6W5Ua0Q== -----END CERTIFICATE-----Generated at Thu Mar 26 00:28:54 2026 by rpki-client