$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft File: h3itgWjgnPktTgSYJX-OnOq_BpI.mft (raw, json) Hash identifier: rxWz8LyJZpTDHbNC0Rc6jsWyMyKJXOQKP0Odz+TmlSg= Subject key identifier: BB:C5:CD:47:4C:6B:91:B2:90:C3:C5:F1:3A:F3:63:7F:85:D0:04:C3 Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92 Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692 Certificate serial: 019E1C0F8DE917CF71897EFC8538738E4445 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft Manifest number: 1927 Signing time: Tue 12 May 2026 12:00:41 +0000 Manifest this update: Tue 12 May 2026 12:00:41 +0000 Manifest next update: Wed 13 May 2026 12:00:41 +0000 Files and hashes: 1: 1-cQy_siX062tFLZkeCmyCEUYxQs.roa (hash: M1tvA2BwBUz9tHkqC8JXVgPLd87OHSLvHcZQsEKJENI=) 2: 1DvNK1UEfocldcVoSCDz4-rQCu0.roa (hash: W9AE3etelZntnhp0Syb26y14LnYuyubNeRnjY+KTeic=) 3: 2IRQ2tg7AckZC-qaAHhGpj_YvX0.roa (hash: E5vcK/Kzq3X0ZU3ua0SSHujRQ2xDF2dauEaV4Vglvqc=) 4: 2osfvL67DJoldSiDF4PR7UDb-Fk.asa (hash: pYfpBcJ4cmAcBPsCiYsmdDQ6g93wwl6UaITv0MdLIHE=) 5: 8Q_WyzdZiQckSphgAZIR0v5tHg0.roa (hash: 4fsTe8wbJQmrMv3rGh5NswgG+t+NcVBW7ToId469YgA=) 6: Dt3MJu0uPuH3qq0XGW7lqKsKInY.roa (hash: R0j8gqdXiZr3Lr8QUwpYhsHJ5zeSfVefNgsAEnI0AMw=) 7: FqNQkwV2PkUHvMVmXxQ_4Xh4Z4A.asa (hash: hkpJ0WmcrDsxGzzWcZrOMxEr2e+VC3Rb+eENHFvnu7o=) 8: MmIYb8wrP1LfxhIufZ51w4snAKI.roa (hash: e/pt+I42So6GjGCNLA7r6mnp1Eja3WS/XZO4IhLmB8E=) 9: PzoJn7JmNA7HLgDJj3qABg4rdIg.roa (hash: Pu8elV3ASkAhzzlLq5cnqoeSEZGr98s46wDdEgSzMVE=) 10: Rs1lwHsOhORTbpOYC0DdvHoRuG4.roa (hash: 2ldj5+OjHEBz42EYRxs+dDbaX+fxjP+Yz7ZHeTr6lGA=) 11: SeUVAtbk1hrN2JyKOxE8q4V1UTY.roa (hash: lPG+lMbFgVTXYsR4V2gK2L1a28JoQEgQzgLbi/Qank4=) 12: VBhBA4HiRVMlJSOniY0KYh9CTd0.roa (hash: HSJ8X00wLW6S9kJDTwwCoC+4KhX2XIDhiS0S4EkH16Y=) 13: eLLgkJY0LUjDQzm5GuuyzsHUdO8.roa (hash: 5HseyNnROV3cBPGdpH59V7rf9Io+o9Vye7FV9A2XVfo=) 14: h3itgWjgnPktTgSYJX-OnOq_BpI.crl (hash: CEgoTZVAstIQzJ5jtge7/yPkObCpZceuA883yAjHHUs=) 15: ohXc6oE7ElG-Ajtu7o45-cHtKak.roa (hash: g5o8dbjGn0yFQ7IxAtC49wzuYTWKouvuonHavYlfl2k=) 16: qJ3niIVK-kPpD_FGpR52CMp181s.roa (hash: Y2wZT3A9wJBPyVW0IAHlhorwA/qR0rpoglN3HNURHyM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 12:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9e:1c:0f:8d:e9:17:cf:71:89:7e:fc:85:38:73:8e:44:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692 Validity Not Before: May 12 12:00:41 2026 GMT Not After : May 13 12:00:41 2026 GMT Subject: CN=bbc5cd474c6b91b290c3c5f13af3637f85d004c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:71:65:8f:58:90:99:37:d0:e0:c2:b1:3b:6d: 35:69:8d:75:f9:3f:d3:64:51:78:e2:af:09:ae:b4: 0d:28:c3:7d:84:0c:08:69:6e:11:c0:28:f8:69:d1: d1:84:8e:fc:8b:1a:d9:0e:62:ab:1a:17:96:52:0e: ec:eb:24:a2:67:b2:42:0d:d3:b0:1c:bf:97:59:28: ad:03:3a:27:21:b6:29:a9:0a:9f:cc:9d:13:0f:7e: e3:64:90:66:ed:67:cd:60:f2:6b:a1:d7:a4:9d:2f: ab:ad:ad:8a:79:3d:27:15:69:ce:f5:ca:78:cc:b7: 77:f2:3c:8b:3b:cf:0c:63:a5:ef:fc:1d:31:1d:d0: 98:95:e5:4a:8c:8a:ae:d4:31:f8:09:d1:34:a9:59: 92:07:67:ec:eb:d2:5a:35:f6:ad:88:52:d8:16:ef: 27:dd:61:99:87:e5:bd:48:4e:0b:72:b0:9b:f7:fc: 4f:1b:17:b0:9c:a6:dd:44:41:e8:85:fb:2f:2b:b8: 03:02:64:e0:da:a6:f6:d5:db:48:e5:4a:67:b2:8f: a4:78:fe:0f:df:39:15:7b:ae:ba:0a:63:70:8d:0b: 82:76:c9:6e:33:8b:51:02:7b:ad:85:28:9f:c0:af: 78:c2:ba:77:94:2f:62:32:e3:65:28:62:f7:ce:bd: 42:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:C5:CD:47:4C:6B:91:B2:90:C3:C5:F1:3A:F3:63:7F:85:D0:04:C3 X509v3 Authority Key Identifier: keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:6a:c2:b9:d0:42:81:77:e4:fc:3f:7e:d7:9c:25:00:18:e2: d4:c4:86:7e:b6:10:31:42:ef:c8:37:1b:96:07:38:24:4b:75: 0a:8e:e9:4a:b1:45:22:0a:13:97:b0:f3:2f:a5:7a:52:00:fd: 7d:5a:86:10:94:cf:e5:ad:7b:ae:02:89:6e:a8:81:b8:02:df: d1:10:40:e1:15:ba:9d:2f:15:e2:62:37:a1:ed:d6:fa:17:9e: 9b:44:58:76:9a:dc:7f:a3:f1:8a:22:fa:8e:a5:b2:cd:78:30: 3a:c3:15:75:89:b8:f5:4d:9c:51:d0:0f:ed:8b:31:47:d1:dd: f1:5f:61:81:64:a7:9a:88:78:c0:95:76:85:21:13:48:8f:f7: 27:8d:79:47:f0:22:1f:54:73:ee:7b:5b:ed:fd:34:16:08:6f: 09:f4:5f:c9:b9:27:91:5d:75:68:aa:9b:48:14:a1:d4:bc:e7: e2:bc:9a:a7:fa:8a:01:a6:52:8d:5c:30:fe:f0:d0:a5:fa:4c: bb:75:79:54:5c:81:12:21:4c:2d:fc:0b:fb:93:9a:13:07:31: d6:49:cd:4f:46:d0:08:08:67:0e:53:c8:d0:fb:7d:64:72:50: 18:3f:78:6b:83:fa:01:9a:ce:e5:ad:14:18:75:03:8e:5a:80: 50:ce:20:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ4cD43pF89xiX78hThzjkRFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi ZjA2OTIwHhcNMjYwNTEyMTIwMDQxWhcNMjYwNTEzMTIwMDQxWjAzMTEwLwYDVQQD EyhiYmM1Y2Q0NzRjNmI5MWIyOTBjM2M1ZjEzYWYzNjM3Zjg1ZDAwNGMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnFlj1iQmTfQ4MKxO201aY11+T/T ZFF44q8JrrQNKMN9hAwIaW4RwCj4adHRhI78ixrZDmKrGheWUg7s6ySiZ7JCDdOw HL+XWSitAzonIbYpqQqfzJ0TD37jZJBm7WfNYPJrodeknS+rra2KeT0nFWnO9cp4 zLd38jyLO88MY6Xv/B0xHdCYleVKjIqu1DH4CdE0qVmSB2fs69JaNfatiFLYFu8n 3WGZh+W9SE4LcrCb9/xPGxewnKbdREHohfsvK7gDAmTg2qb21dtI5Upnso+keP4P 3zkVe666CmNwjQuCdsluM4tRAnuthSifwK94wrp3lC9iMuNlKGL3zr1CtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLvFzUdMa5GykMPF8TrzY3+F0ATDMB8GA1UdIwQY MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt YWE5ZDY5MTgxMWU3LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3 LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqGrCudBC gXfk/D9+15wlABji1MSGfrYQMULvyDcblgc4JEt1Co7pSrFFIgoTl7DzL6V6UgD9 fVqGEJTP5a17rgKJbqiBuALf0RBA4RW6nS8V4mI3oe3W+heem0RYdprcf6PxiiL6 jqWyzXgwOsMVdYm49U2cUdAP7YsxR9Hd8V9hgWSnmoh4wJV2hSETSI/3J415R/Ai H1Rz7ntb7f00FghvCfRfybknkV11aKqbSBSh1Lzn4ryap/qKAaZSjVww/vDQpfpM u3V5VFyBEiFMLfwL+5OaEwcx1knNT0bQCAhnDlPI0Pt9ZHJQGD94a4P6AZrO5a0U GHUDjlqAUM4gSw== -----END CERTIFICATE-----Generated at Tue May 12 21:22:42 2026 by rpki-client