$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft File: hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft (raw, json) Hash identifier: +6HIOzm7/4H3gLdGvxouIr80hNMMmJvrG9s9ir1J2vQ= Subject key identifier: 2B:6E:F2:11:2C:1B:F8:8C:BD:1A:6E:B7:35:51:91:64:28:3A:6A:D6 Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd Certificate serial: 019D2AA932CD5D0E928690CBFACB3C104F31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft Manifest number: 14A9 Signing time: Thu 26 Mar 2026 15:00:24 +0000 Manifest this update: Thu 26 Mar 2026 15:00:24 +0000 Manifest next update: Fri 27 Mar 2026 15:00:24 +0000 Files and hashes: 1: 4xaEdixeinTNAew5f36B5ogFapc.roa (hash: U+lj7Po2vIYbjteMOk724C6A7iSVfdA9w8Qr+wSn2EY=) 2: 6bp5_uY1eTTE0FRpgy0dJ0tGIWA.roa (hash: JQ6e3y/UZad8zx3alMXWmLY2Cs0ywtM7PcyjG1jGvp0=) 3: 8rDvMkxptJnltjzzUCN1e7h2mu0.roa (hash: bN6iyJOU8RYfCqW0mfWStueUrIARdx585ED2RX3ioso=) 4: 9561YDYiFuwA3cK9_Ao81cqPzyw.roa (hash: sI0N1MtQFC1Bs34l2HPoGh51MHvRDzLlzChm4jYV9bI=) 5: IrFs_aYDL98DrBmqXNeImOXYqVs.roa (hash: /du+UzfxF5Oy69bwitaws2QcGuPpQ2q/PzP+2+rlKmc=) 6: Mpb5tIfxbf_t0TleDipa0dPzQfg.roa (hash: dlPOC3LjslO4GRq7Su9TrpsYGXUfWyZVAl7s4ntuJgI=) 7: SnpB0ExR-bCAJLKknHnesUTaAWU.roa (hash: wlr5EY83KcqFkovq8AptI/Jy70VxHPVKk3n5WEh7t3w=) 8: W-auLweCazJVGZa2RWm9KCu-wKE.roa (hash: KDvTseiWMAdzP9ZuSgmWkkWqgGW79SkpbkY25PFZ98s=) 9: ZNVLkE0Hncpo1bsQ8SqkvCmjNMs.roa (hash: ckctwOhfUle+O6fK0mnv5ZMxRNGqbUG5lJdOX3nwnlo=) 10: djAPpFOBLqUtxJOa9UwBPjNac1E.roa (hash: 7Rj31INl1FIcMdN33laOh9K9+J+bHShe/BZUzyt8PUg=) 11: ggV7rBXwprR59jciPQhDDTZxxmQ.roa (hash: I4MtXY7ClGvNcIjMAoHA2mKMcNbnijfTuvNa/n/j6Xw=) 12: hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl (hash: YROc3j4Mw1Qt2ArE040gxIMn42XbgPybla0BvRursww=) 13: nkFmcbj5SRyrAXjUVz7jAMSoyJk.roa (hash: lYeXLJKim2pWsORoTqRVNykk1XTHGi948eQwJ6tFxj4=) 14: pnn2LDubyB-s2_PbTNDUNt7JA_8.roa (hash: vW3hxl2FPzWH44KmHJKXNpZV557F5Hczl/NZRDVCKlg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 27 Mar 2026 15:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:2a:a9:32:cd:5d:0e:92:86:90:cb:fa:cb:3c:10:4f:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd Validity Not Before: Mar 26 15:00:24 2026 GMT Not After : Mar 27 15:00:24 2026 GMT Subject: CN=2b6ef2112c1bf88cbd1a6eb735519164283a6ad6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:8b:9d:db:e9:5c:44:e0:29:fc:52:d7:6f:68: 3b:b1:93:fd:06:6d:e8:77:c1:01:1e:11:77:34:bf: f5:ab:e5:fa:b8:34:f9:75:67:4d:88:2e:f7:1f:3b: 14:11:f4:20:d6:ea:66:22:32:78:22:f7:f0:e1:dc: 47:3c:a8:bf:63:2b:a9:d4:f5:50:2b:13:7a:7b:9b: 74:eb:ae:d0:5a:b1:8a:2e:d1:56:22:ea:ae:dd:d6: a9:37:39:57:23:77:08:bf:99:d4:2d:62:23:c0:6d: 25:43:39:50:3e:b9:8d:d7:47:e2:61:3c:84:31:f2: 9e:6f:60:14:15:14:59:9b:cf:39:1d:60:b5:2d:02: ef:b5:71:b1:a6:86:ae:4d:ae:ac:7b:70:dd:ff:4b: 80:dd:1d:b2:b6:0b:41:b0:2a:0d:39:a9:30:e7:c3: eb:18:a9:6a:a6:ff:f8:1a:a4:80:46:83:a2:d3:73: 36:f9:c9:b4:c6:98:ad:49:2e:8e:ec:c4:1e:74:8a: 3b:19:cd:1e:d0:49:0f:7a:1d:27:35:82:1c:b8:3d: 3d:24:64:b2:0d:6e:67:4c:44:e6:2e:0e:82:35:d4: f2:99:40:de:3e:36:fd:d7:3e:d0:7b:40:01:d5:03: 5b:39:06:aa:1a:3f:56:33:29:1f:5b:3a:36:d1:a0: 91:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:6E:F2:11:2C:1B:F8:8C:BD:1A:6E:B7:35:51:91:64:28:3A:6A:D6 X509v3 Authority Key Identifier: keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:b7:bc:1c:08:97:e1:ad:97:e4:35:4a:79:e8:94:af:ab:5e: a0:31:1a:50:e0:f0:52:10:1e:32:a0:31:df:de:1e:0b:b8:3b: 1c:84:33:a8:f8:11:b3:a1:79:11:1d:0e:07:14:ec:dc:44:fc: d5:f0:1b:07:d7:bc:bc:fe:2a:57:95:5c:7f:86:f5:3c:8e:5d: d9:1f:c4:3d:c1:28:38:33:fb:d1:ef:6c:02:13:a5:e5:61:f4: 69:3c:7f:14:fb:59:1d:f2:fb:65:cf:09:36:b2:5e:9f:59:1c: 14:48:1d:ec:ec:40:8a:1f:bd:b6:ac:72:b2:b8:33:a2:1f:06: fe:f3:23:45:cf:ef:fe:7c:a9:80:ad:ca:db:d3:b3:43:d1:6a: 5f:ab:44:1c:d5:46:4f:3e:79:96:5c:ee:87:c1:cb:38:5c:af: 13:ea:dc:9a:a7:fe:88:02:0b:00:49:01:db:cc:fa:f2:c2:a9: ee:cb:5a:59:f7:43:5e:01:6d:ba:df:40:e1:a9:55:f8:5f:61: 4e:bf:a5:fb:cb:ae:8b:7a:12:bd:90:f9:d1:7c:3b:68:d4:67: a4:ea:3f:d1:65:f6:da:31:62:9f:0f:cd:03:35:65:1d:f6:6c: 21:60:37:57:87:c4:6b:2d:68:59:29:f5:34:4c:68:8d:f8:11: a9:ba:44:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0qqTLNXQ6ShpDL+ss8EE8xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi MmUyY2QwHhcNMjYwMzI2MTUwMDI0WhcNMjYwMzI3MTUwMDI0WjAzMTEwLwYDVQQD EygyYjZlZjIxMTJjMWJmODhjYmQxYTZlYjczNTUxOTE2NDI4M2E2YWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4ud2+lcROAp/FLXb2g7sZP9Bm3o d8EBHhF3NL/1q+X6uDT5dWdNiC73HzsUEfQg1upmIjJ4Ivfw4dxHPKi/Yyup1PVQ KxN6e5t0667QWrGKLtFWIuqu3dapNzlXI3cIv5nULWIjwG0lQzlQPrmN10fiYTyE MfKeb2AUFRRZm885HWC1LQLvtXGxpoauTa6se3Dd/0uA3R2ytgtBsCoNOakw58Pr GKlqpv/4GqSARoOi03M2+cm0xpitSS6O7MQedIo7Gc0e0EkPeh0nNYIcuD09JGSy DW5nTETmLg6CNdTymUDePjb91z7Qe0AB1QNbOQaqGj9WMykfWzo20aCRJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCtu8hEsG/iMvRputzVRkWQoOmrWMB8GA1UdIwQY MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt ZjEyODM1ZjAyNDdiLzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXLe8HAiX 4a2X5DVKeeiUr6teoDEaUODwUhAeMqAx394eC7g7HIQzqPgRs6F5ER0OBxTs3ET8 1fAbB9e8vP4qV5Vcf4b1PI5d2R/EPcEoODP70e9sAhOl5WH0aTx/FPtZHfL7Zc8J NrJen1kcFEgd7OxAih+9tqxysrgzoh8G/vMjRc/v/nypgK3K29OzQ9FqX6tEHNVG Tz55llzuh8HLOFyvE+rcmqf+iAILAEkB28z68sKp7staWfdDXgFtut9A4alV+F9h Tr+l+8uui3oSvZD50Xw7aNRnpOo/0WX22jFinw/NAzVlHfZsIWA3V4fEay1oWSn1 NExojfgRqbpEbw== -----END CERTIFICATE-----Generated at Thu Mar 26 22:14:40 2026 by rpki-client