$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft File: h3itgWjgnPktTgSYJX-OnOq_BpI.mft (raw, json) Hash identifier: dGGAGDmUEA5ztJ+/QI2zLRGwcasUsZrv45aENrmKAbA= Subject key identifier: F7:60:C2:80:CA:62:7A:85:6B:74:57:A6:14:9C:EC:F3:6F:8C:3D:DD Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92 Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692 Certificate serial: 019D322C33ABF1045F015DE82EF5669F7B9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft Manifest number: 18AD Signing time: Sat 28 Mar 2026 02:00:50 +0000 Manifest this update: Sat 28 Mar 2026 02:00:50 +0000 Manifest next update: Sun 29 Mar 2026 02:00:50 +0000 Files and hashes: 1: 1-cQy_siX062tFLZkeCmyCEUYxQs.roa (hash: M1tvA2BwBUz9tHkqC8JXVgPLd87OHSLvHcZQsEKJENI=) 2: 1DvNK1UEfocldcVoSCDz4-rQCu0.roa (hash: W9AE3etelZntnhp0Syb26y14LnYuyubNeRnjY+KTeic=) 3: 2osfvL67DJoldSiDF4PR7UDb-Fk.asa (hash: pYfpBcJ4cmAcBPsCiYsmdDQ6g93wwl6UaITv0MdLIHE=) 4: 8Q_WyzdZiQckSphgAZIR0v5tHg0.roa (hash: 4fsTe8wbJQmrMv3rGh5NswgG+t+NcVBW7ToId469YgA=) 5: Dt3MJu0uPuH3qq0XGW7lqKsKInY.roa (hash: R0j8gqdXiZr3Lr8QUwpYhsHJ5zeSfVefNgsAEnI0AMw=) 6: FqNQkwV2PkUHvMVmXxQ_4Xh4Z4A.asa (hash: hkpJ0WmcrDsxGzzWcZrOMxEr2e+VC3Rb+eENHFvnu7o=) 7: MmIYb8wrP1LfxhIufZ51w4snAKI.roa (hash: e/pt+I42So6GjGCNLA7r6mnp1Eja3WS/XZO4IhLmB8E=) 8: PzoJn7JmNA7HLgDJj3qABg4rdIg.roa (hash: Pu8elV3ASkAhzzlLq5cnqoeSEZGr98s46wDdEgSzMVE=) 9: Rs1lwHsOhORTbpOYC0DdvHoRuG4.roa (hash: 2ldj5+OjHEBz42EYRxs+dDbaX+fxjP+Yz7ZHeTr6lGA=) 10: SeUVAtbk1hrN2JyKOxE8q4V1UTY.roa (hash: lPG+lMbFgVTXYsR4V2gK2L1a28JoQEgQzgLbi/Qank4=) 11: VBhBA4HiRVMlJSOniY0KYh9CTd0.roa (hash: HSJ8X00wLW6S9kJDTwwCoC+4KhX2XIDhiS0S4EkH16Y=) 12: eLLgkJY0LUjDQzm5GuuyzsHUdO8.roa (hash: 5HseyNnROV3cBPGdpH59V7rf9Io+o9Vye7FV9A2XVfo=) 13: h3itgWjgnPktTgSYJX-OnOq_BpI.crl (hash: W6KSNDbWTksIvuhVlmCI2kt0w9sTxrB1SHLZlsCu0+A=) 14: ohXc6oE7ElG-Ajtu7o45-cHtKak.roa (hash: g5o8dbjGn0yFQ7IxAtC49wzuYTWKouvuonHavYlfl2k=) 15: qJ3niIVK-kPpD_FGpR52CMp181s.roa (hash: Y2wZT3A9wJBPyVW0IAHlhorwA/qR0rpoglN3HNURHyM=) 16: qi7DumYqOb_2Ji68qci3HXVuXwA.roa (hash: LWnpe3rZCe4uDNXUTaaSpU6AS5hw8Cx+t5qYkabhaNM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 29 Mar 2026 00:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:32:2c:33:ab:f1:04:5f:01:5d:e8:2e:f5:66:9f:7b:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692 Validity Not Before: Mar 28 02:00:50 2026 GMT Not After : Mar 29 02:00:50 2026 GMT Subject: CN=f760c280ca627a856b7457a6149cecf36f8c3ddd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:0e:71:96:3b:76:81:c9:56:dd:dc:69:8f:9c: 9d:b7:1e:2e:5f:9a:56:b5:c3:96:06:8d:18:83:1c: e1:f4:79:eb:57:65:f7:81:f4:f0:1f:32:9a:5b:26: 93:7b:7e:3a:ce:d2:ab:0b:92:85:71:97:9a:38:c3: ad:5b:5e:d3:3e:30:18:41:7b:53:6b:cc:97:7e:ec: 9a:be:44:21:e5:a0:49:a4:40:03:d7:ba:ce:99:f1: 22:ad:ea:0d:6a:c5:e3:c8:47:8d:8a:83:0d:5e:05: ea:fc:ff:b7:1b:09:1f:5b:2f:3f:5e:c6:75:31:e3: de:11:03:54:70:96:f4:6b:38:0b:3e:3c:40:94:47: a9:7b:e2:a9:c4:d8:a9:89:92:1e:7b:25:22:f5:3f: 9c:c4:6e:55:1d:f0:6a:da:ac:c8:0d:8e:50:c3:8d: e6:af:56:8a:40:71:b4:ab:2c:c9:4d:c0:a9:67:aa: e1:99:05:61:6e:c2:5d:86:3b:9b:fc:5d:9f:43:ea: af:e6:56:ec:88:f4:d9:dd:a3:8d:fe:1c:c1:bd:6a: 52:35:32:f1:a1:29:a7:cb:16:74:76:ee:38:8f:56: ed:5d:f4:fa:db:e8:98:a2:77:e3:8e:cb:c9:4a:93: 13:c6:e4:d2:af:b8:88:e7:95:aa:cb:2c:23:35:6c: cb:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:60:C2:80:CA:62:7A:85:6B:74:57:A6:14:9C:EC:F3:6F:8C:3D:DD X509v3 Authority Key Identifier: keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:de:03:ce:bc:59:1c:c9:5f:7f:86:a1:dc:f4:c1:96:94:69: f8:f9:01:da:e7:0b:8e:9d:c0:61:15:cf:90:ee:2a:c4:34:7a: 35:58:04:f2:de:e6:bd:a3:c7:77:7f:59:5a:2e:fd:f5:6c:2d: c1:2c:16:58:f1:5a:5d:69:a5:f9:d3:63:02:b3:85:29:a8:28: f4:e9:55:fd:b0:20:96:50:d2:de:24:c0:76:1f:d4:73:87:37: 77:b6:d3:e3:38:87:3b:40:ff:8f:2b:7e:51:97:12:1a:18:4d: db:d9:d2:3d:bf:3a:88:6e:0b:ca:7d:df:4b:24:1a:f0:39:4d: 3f:06:74:1b:8a:0a:f3:41:d8:e8:26:21:27:78:27:5f:38:33: b3:35:84:9b:db:61:86:95:a9:13:b5:0c:01:aa:5a:4a:e2:80: f8:2e:27:c3:b1:92:4d:32:eb:b3:1c:6a:a0:b8:e9:ee:4e:09: 38:4d:cf:e7:fc:df:0f:6f:11:7c:ff:30:c0:f0:83:f1:60:da: 5c:1c:87:c3:a0:e1:12:c9:a4:b0:d6:6c:9c:41:61:f4:1c:6c: 66:1b:e4:c8:d6:97:77:81:69:b0:ea:09:80:f3:a7:72:44:b0: 1e:4a:0a:bc:29:e2:14:f6:87:44:06:03:8e:6c:cd:10:ef:d3: e9:c2:eb:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0yLDOr8QRfAV3oLvVmn3ubMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi ZjA2OTIwHhcNMjYwMzI4MDIwMDUwWhcNMjYwMzI5MDIwMDUwWjAzMTEwLwYDVQQD EyhmNzYwYzI4MGNhNjI3YTg1NmI3NDU3YTYxNDljZWNmMzZmOGMzZGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng5xljt2gclW3dxpj5ydtx4uX5pW tcOWBo0Ygxzh9HnrV2X3gfTwHzKaWyaTe346ztKrC5KFcZeaOMOtW17TPjAYQXtT a8yXfuyavkQh5aBJpEAD17rOmfEireoNasXjyEeNioMNXgXq/P+3GwkfWy8/XsZ1 MePeEQNUcJb0azgLPjxAlEepe+KpxNipiZIeeyUi9T+cxG5VHfBq2qzIDY5Qw43m r1aKQHG0qyzJTcCpZ6rhmQVhbsJdhjub/F2fQ+qv5lbsiPTZ3aON/hzBvWpSNTLx oSmnyxZ0du44j1btXfT62+iYonfjjsvJSpMTxuTSr7iI55WqyywjNWzLgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPdgwoDKYnqFa3RXphSc7PNvjD3dMB8GA1UdIwQY MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt YWE5ZDY5MTgxMWU3LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3 LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqd4DzrxZ HMlff4ah3PTBlpRp+PkB2ucLjp3AYRXPkO4qxDR6NVgE8t7mvaPHd39ZWi799Wwt wSwWWPFaXWml+dNjArOFKago9OlV/bAgllDS3iTAdh/Uc4c3d7bT4ziHO0D/jyt+ UZcSGhhN29nSPb86iG4Lyn3fSyQa8DlNPwZ0G4oK80HY6CYhJ3gnXzgzszWEm9th hpWpE7UMAapaSuKA+C4nw7GSTTLrsxxqoLjp7k4JOE3P5/zfD28RfP8wwPCD8WDa XByHw6DhEsmksNZsnEFh9BxsZhvkyNaXd4FpsOoJgPOnckSwHkoKvCniFPaHRAYD jmzNEO/T6cLr5w== -----END CERTIFICATE-----Generated at Sat Mar 28 10:43:31 2026 by rpki-client