$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft File: pnhXc98xO5FxG_a8WxSezCRrnok.mft (raw, json) Hash identifier: FWDDQNEWODij7S85dFI3UiRaW4uGaT5hWAUDgdct6Yo= Subject key identifier: F4:67:CA:A5:04:6B:4C:30:C8:F5:4C:5D:B2:28:A6:24:CC:EB:C2:26 Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Certificate serial: 019D2996D8B53B2967BFC10DB36347ED792C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft Manifest number: 1651 Signing time: Thu 26 Mar 2026 10:00:44 +0000 Manifest this update: Thu 26 Mar 2026 10:00:44 +0000 Manifest next update: Fri 27 Mar 2026 10:00:44 +0000 Files and hashes: 1: 3U7B-AnDLcxVr4hQgcRtH3bY-Mc.roa (hash: 3EM7kaqylIIwfXdPOEw0QjuIVj1MmMgs2rs+igLT96s=) 2: C8g7Pi5B0RKpnrlAYnkGNfdVaNI.roa (hash: wxMFCVvSA3tdy7i3OaSOQ9SIAg2wmBIcYz9jkUGPtlk=) 3: Ine_1lLdl47bEMn6aiw9Axcdsgo.roa (hash: S/r8lpXeW/d857boj4AgP81lqUx6Xba1Zs9uDln2Uuk=) 4: L9nqjZgCKM_h4eShTqHdEr9Np6c.roa (hash: m3EOAebEcr3Ec2NVZh7NKfNA+27GisIbFErRrtFBX6k=) 5: MAC77AGiw2eaAoPXZSbuYQ5o9Cc.roa (hash: ghyy8oG2hGKa4y9DRVajZ2XWsgYoOvFgJh6c1yjrEXg=) 6: NanNAKKpriw1xLHpXZYYWO89_ic.roa (hash: vJoNpzNu5goOWjEeID9l0AJGNtpWeDH6gI91uoAnwIk=) 7: O6JDbaslrGOSZKrdtuCBt6ssF94.roa (hash: 8ty72z4beTGAGlxyLGLA0AACx0Qa5f/MkundTg5sepM=) 8: _d125rYs_YgWJE2199BRmZF843k.roa (hash: m5skVkixBC7cNTKqYmRl5Rw3Fyg0ZkEkKEj4MY2KXTY=) 9: dDB5YY9PZuYzIK0czNYk6awWuOU.roa (hash: B1+NRVwOUhTIMmxV8tnE89O/MNjbHirt4Fghn1v7gaE=) 10: euqS42j1OAh5nOlyn6iGDlUghrI.roa (hash: imMqy2oe/VSAfOYacDS+F5V24AlsU8Ttm5UT/4dybaA=) 11: pnhXc98xO5FxG_a8WxSezCRrnok.crl (hash: NIjKhow0zUgwZZQmkigijfafIexUfNkeBdma0pD8Rqg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 27 Mar 2026 09:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:29:96:d8:b5:3b:29:67:bf:c1:0d:b3:63:47:ed:79:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Validity Not Before: Mar 26 10:00:44 2026 GMT Not After : Mar 27 10:00:44 2026 GMT Subject: CN=f467caa5046b4c30c8f54c5db228a624ccebc226 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e0:2c:a6:cd:e8:a0:90:08:04:3c:55:27:85: 55:49:8a:5e:58:5b:96:c4:a2:87:2e:dd:9a:95:1c: c0:c7:f5:3b:43:42:7f:60:76:b3:9b:e8:fd:bb:08: 51:75:0b:7c:1d:d1:68:dc:e0:c6:03:74:8a:9e:e5: 03:2e:ac:95:ff:6f:ae:78:af:f4:5b:d8:c7:60:47: a1:2f:c7:c8:52:cb:c2:d0:53:bd:78:be:99:d6:66: 72:ee:8c:f0:8e:2e:5c:bb:1a:7f:f0:2e:85:e9:45: 63:fd:81:e0:1e:7c:7e:21:ac:18:66:72:01:99:8a: 74:10:f1:9b:5e:38:c2:6d:9e:93:5e:a8:93:fb:5a: 68:7d:7f:80:bd:d6:08:ff:66:55:0e:c5:3f:8a:6e: 0b:3c:72:d4:38:ea:98:b6:d5:ba:89:95:04:0c:32: 1a:d6:7b:a5:23:29:0f:60:57:34:3e:56:b4:81:4c: 00:2e:17:0c:2a:0c:6e:ae:0e:fa:3a:04:f0:f0:54: 54:ed:56:18:fd:5e:9b:cb:ed:62:d2:d5:19:44:c0: be:13:03:b0:27:c2:00:08:1c:a0:84:f5:92:51:1d: dd:72:35:78:70:e6:24:60:aa:99:03:90:81:f5:a5: 1b:89:bd:83:27:18:2d:77:66:f7:ee:78:24:05:d8: e9:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:67:CA:A5:04:6B:4C:30:C8:F5:4C:5D:B2:28:A6:24:CC:EB:C2:26 X509v3 Authority Key Identifier: keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:82:7b:b8:ef:ab:c3:7d:63:03:5e:c1:ef:d8:61:ff:f2:87: a3:4c:f0:85:e3:00:32:85:8a:32:90:31:04:d6:43:5f:3d:ef: e7:3d:40:2c:4e:40:6e:d2:fa:f2:35:38:db:5c:54:6d:c2:5a: fa:34:b4:3f:b7:35:11:e4:b1:2d:27:f0:28:90:b4:ef:97:12: a6:e1:30:3d:59:35:0a:59:c2:ec:27:5e:e9:a6:e7:3f:47:6a: 58:ce:9e:97:df:17:cc:0a:fb:0b:b0:f8:00:60:e7:6d:2b:8f: 1e:a6:d1:16:0f:4c:31:6f:1c:e6:8d:5f:00:3b:8a:f4:0e:cc: 0e:a0:0c:79:c0:3c:5b:9f:5d:5c:d6:11:22:5f:94:2f:ba:fd: 44:ae:99:ad:00:e6:8e:77:dc:ec:9b:cb:de:5f:07:7f:b3:b5: c8:19:03:bd:c0:79:b6:18:73:fd:70:4a:94:2e:08:23:c0:f0: 96:0d:62:4c:95:63:cf:d8:fc:52:03:a5:69:da:f5:e0:b1:02: 81:f0:ec:23:01:55:e5:a7:99:42:2b:fa:01:a6:21:57:1d:9a: 33:79:55:28:89:a3:71:a9:54:63:8a:a3:43:3d:b0:59:fc:00: 29:df:24:b3:8e:17:a7:4e:8b:16:59:7e:0d:2a:c5:a9:f4:27: 71:d9:cf:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0plti1Oylnv8ENs2NH7XksMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2 YjllODkwHhcNMjYwMzI2MTAwMDQ0WhcNMjYwMzI3MTAwMDQ0WjAzMTEwLwYDVQQD EyhmNDY3Y2FhNTA0NmI0YzMwYzhmNTRjNWRiMjI4YTYyNGNjZWJjMjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Asps3ooJAIBDxVJ4VVSYpeWFuW xKKHLt2alRzAx/U7Q0J/YHazm+j9uwhRdQt8HdFo3ODGA3SKnuUDLqyV/2+ueK/0 W9jHYEehL8fIUsvC0FO9eL6Z1mZy7ozwji5cuxp/8C6F6UVj/YHgHnx+IawYZnIB mYp0EPGbXjjCbZ6TXqiT+1pofX+AvdYI/2ZVDsU/im4LPHLUOOqYttW6iZUEDDIa 1nulIykPYFc0Pla0gUwALhcMKgxurg76OgTw8FRU7VYY/V6by+1i0tUZRMC+EwOw J8IACByghPWSUR3dcjV4cOYkYKqZA5CB9aUbib2DJxgtd2b37ngkBdjpvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRnyqUEa0wwyPVMXbIopiTM68ImMB8GA1UdIwQY MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt ZDc1ODY5YzBjNzFlLzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4J7uO+r w31jA17B79hh//KHo0zwheMAMoWKMpAxBNZDXz3v5z1ALE5AbtL68jU421xUbcJa +jS0P7c1EeSxLSfwKJC075cSpuEwPVk1ClnC7Cde6abnP0dqWM6el98XzAr7C7D4 AGDnbSuPHqbRFg9MMW8c5o1fADuK9A7MDqAMecA8W59dXNYRIl+UL7r9RK6ZrQDm jnfc7JvL3l8Hf7O1yBkDvcB5thhz/XBKlC4II8Dwlg1iTJVjz9j8UgOladr14LEC gfDsIwFV5aeZQiv6AaYhVx2aM3lVKImjcalUY4qjQz2wWfwAKd8ks44Xp06LFll+ DSrFqfQncdnP6A== -----END CERTIFICATE-----Generated at Thu Mar 26 15:04:32 2026 by rpki-client