$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft File: OklF5GdkAp0lgdggwzc_pEWFVTk.mft (raw, json) Hash identifier: kjYPwQC2O3yhVZAx5RC9Qeu2loc/B5Z79QxqdUREwdE= Subject key identifier: 75:20:1D:86:E6:89:66:4A:3B:03:BA:96:16:87:B3:12:8F:56:76:3B Authority key identifier: 3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39 Certificate issuer: /CN=3a4945e46764029d2581d820c3373fa445855539 Certificate serial: 019D29CEE140C567113C476D9A4D08BEA9C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft Manifest number: 189A Signing time: Thu 26 Mar 2026 11:01:57 +0000 Manifest this update: Thu 26 Mar 2026 11:01:57 +0000 Manifest next update: Fri 27 Mar 2026 11:01:57 +0000 Files and hashes: 1: 0273NJ6iQvZTgyuMash3xOhPLj8.roa (hash: 4bykyvzdYlZRg3u7BKzjHELAB3KL3rC2juBQve+S7UU=) 2: 78Cs8FmR3BIH_U5LsGqewvTlDV8.roa (hash: Z1dE+G16ehwR1QYJ/Luwdk+orufuAf1qVWJAWByx1UU=) 3: 9ieasZqKBlr3lokENCedNiqsCIM.roa (hash: TDVoR875fUbuSNWGAFsbE/WCEgXPy5Nn5pq79JskxQQ=) 4: 9xohe0WrdtI7HVhoFYevFGaGlbc.roa (hash: JlRzOAenO4QPVaHIwuTlBW/1CKfl7RhsHIL/eBfeU2g=) 5: MD4cosIRi9elPGst52tPGWVVXgQ.roa (hash: uQ5E7La04dxcXCsqGXXrY+8iqi3ww+c05QuoQOajMIE=) 6: OklF5GdkAp0lgdggwzc_pEWFVTk.crl (hash: KCWSCcDMnw5ESyKpuP+Y0JXzPWWVmYWLUEuA4OcbHwQ=) 7: PrbXCFhVtFkWUcwdTHxrF95uYDo.roa (hash: qYxwfpMga93RAf62Cr8sXnqP6qDnonu8QcpFUw5HhJ8=) 8: aa9c3i_QmzIlTyi0XFZwJXrmq48.roa (hash: HcRPfUnw0rt8gf5+bGCJq0Ra7n/YA9e5E/2HwqC6qHA=) 9: pdrRYgteZLUMBCQJIc10YC36u-o.roa (hash: fx4ol1jSVjOBVf92RkrVydBgXb8sh/pU0bwRASzDz2U=) 10: pj8mJKqUF_T2Ou11ZZQsgbjDNYQ.roa (hash: fs3ur5x7vbxGo0xyTuilMeKyac+Lx5FJiRM1jXFcziw=) 11: vI4OFivT89O9243mI_1fzU94Pao.roa (hash: vkj2cXgQH1KS/H+As5+qw6+hxQEc0denm5Wi71uvRzE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 27 Mar 2026 09:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:29:ce:e1:40:c5:67:11:3c:47:6d:9a:4d:08:be:a9:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a4945e46764029d2581d820c3373fa445855539 Validity Not Before: Mar 26 11:01:57 2026 GMT Not After : Mar 27 11:01:57 2026 GMT Subject: CN=75201d86e689664a3b03ba961687b3128f56763b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:59:78:11:e7:c2:29:77:0d:25:89:66:64:8d: 6c:93:80:0b:02:2a:88:be:2d:31:11:35:f1:8c:79: 98:d0:54:b0:3e:4c:97:b7:f4:c7:d5:ba:e2:36:9c: 15:b0:8d:47:97:67:30:ae:da:b6:49:04:b4:76:e5: 96:44:0c:13:d1:00:65:3d:9e:95:cc:ce:4d:01:c7: 91:70:0d:37:a8:14:d4:b3:3f:23:38:e8:5f:f1:9f: 78:2d:88:8a:c6:c1:d7:5f:23:d7:a2:ed:4e:11:86: 1a:b9:39:99:c3:d9:4f:a9:51:c8:c3:5a:e5:55:73: 28:76:f3:e8:78:57:b0:20:c7:49:47:f0:9a:1e:f6: 58:03:8f:67:78:2a:1c:b3:c4:08:a2:69:e4:08:ba: a0:a9:46:c8:34:6f:28:8a:99:70:2e:58:12:29:61: bd:92:7e:c7:f8:d4:9f:88:f8:3d:ba:d9:08:bb:1c: 25:0b:22:77:28:05:bf:99:fe:63:aa:74:91:3f:b2: e2:ff:0d:33:51:56:8f:0f:75:6c:0a:08:8f:6a:a7: 9c:5d:26:83:d2:49:76:67:0e:8b:47:6d:d9:51:be: c3:cc:47:19:01:dd:b3:20:bb:24:9c:48:69:5b:e9: ed:d9:dd:cf:45:09:29:a8:f3:38:88:10:a1:a2:6d: c2:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:20:1D:86:E6:89:66:4A:3B:03:BA:96:16:87:B3:12:8F:56:76:3B X509v3 Authority Key Identifier: keyid:3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:a9:6e:f3:6d:bd:63:62:46:84:3b:b3:93:7d:6e:ee:7e:03: f7:d2:2a:2e:5d:fe:05:1c:aa:c0:1c:c2:ec:6c:4b:b7:b1:8e: 7e:c6:5f:f2:ba:4d:10:2e:36:1f:98:e4:65:7c:77:e3:55:63: 0c:a8:ab:b4:e2:a2:1b:20:fc:0d:5a:3b:d6:1b:92:be:4c:c2: 52:46:bd:f1:48:dd:e5:e6:79:06:fd:c3:e1:a6:d7:11:dd:a3: c3:fb:8b:56:ad:5c:4b:27:45:f0:c9:e7:89:07:59:92:2c:b9: c6:f2:ae:59:a9:d5:bd:9d:3c:bd:d3:20:bc:32:32:06:0f:36: ee:a4:ad:7a:c7:58:30:e6:2d:62:38:c0:5c:47:12:d8:ca:f4: e1:be:da:e9:ce:78:e2:d0:56:27:56:04:5e:42:7f:09:64:b0: 09:00:ce:9e:97:ae:45:9d:d0:aa:68:68:7c:6c:fa:b8:a8:4f: ad:6a:21:c7:83:0d:ef:7b:e4:2d:15:18:29:28:02:62:76:55: e2:7a:47:64:4b:c1:04:35:6b:6c:a8:bc:e4:ad:d4:dd:6f:02: 44:a4:e7:ca:2d:1f:93:de:eb:e8:9c:0e:69:2c:36:91:95:f1: dd:73:93:99:8e:1c:79:6b:3a:ba:22:aa:67:64:6e:60:23:ae: 8d:c0:54:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0pzuFAxWcRPEdtmk0IvqnJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDk0NWU0Njc2NDAyOWQyNTgxZDgyMGMzMzczZmE0NDU4 NTU1MzkwHhcNMjYwMzI2MTEwMTU3WhcNMjYwMzI3MTEwMTU3WjAzMTEwLwYDVQQD Eyg3NTIwMWQ4NmU2ODk2NjRhM2IwM2JhOTYxNjg3YjMxMjhmNTY3NjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Fl4EefCKXcNJYlmZI1sk4ALAiqI vi0xETXxjHmY0FSwPkyXt/TH1briNpwVsI1Hl2cwrtq2SQS0duWWRAwT0QBlPZ6V zM5NAceRcA03qBTUsz8jOOhf8Z94LYiKxsHXXyPXou1OEYYauTmZw9lPqVHIw1rl VXModvPoeFewIMdJR/CaHvZYA49neCocs8QIomnkCLqgqUbING8oiplwLlgSKWG9 kn7H+NSfiPg9utkIuxwlCyJ3KAW/mf5jqnSRP7Li/w0zUVaPD3VsCgiPaqecXSaD 0kl2Zw6LR23ZUb7DzEcZAd2zILsknEhpW+nt2d3PRQkpqPM4iBChom3CEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHUgHYbmiWZKOwO6lhaHsxKPVnY7MB8GA1UdIwQY MBaAFDpJReRnZAKdJYHYIMM3P6RFhVU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1Njgt MzM2YWM5NDU2NDY0LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1NjgtMzM2YWM5NDU2NDY0 LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO6lu8229 Y2JGhDuzk31u7n4D99IqLl3+BRyqwBzC7GxLt7GOfsZf8rpNEC42H5jkZXx341Vj DKirtOKiGyD8DVo71huSvkzCUka98Ujd5eZ5Bv3D4abXEd2jw/uLVq1cSydF8Mnn iQdZkiy5xvKuWanVvZ08vdMgvDIyBg827qStesdYMOYtYjjAXEcS2Mr04b7a6c54 4tBWJ1YEXkJ/CWSwCQDOnpeuRZ3QqmhofGz6uKhPrWohx4MN73vkLRUYKSgCYnZV 4npHZEvBBDVrbKi85K3U3W8CRKTnyi0fk97r6JwOaSw2kZXx3XOTmY4ceWs6uiKq Z2RuYCOujcBUtw== -----END CERTIFICATE-----Generated at Thu Mar 26 19:24:23 2026 by rpki-client