$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft File: 520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json) Hash identifier: syQrsxlK0FMAGzm8kfO85PRGFNJ+3TqBHgCU8JvkNYc= Subject key identifier: E4:45:44:67:60:BE:F7:7C:D9:EB:8F:43:C9:28:87:21:AF:08:F6:C6 Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Certificate serial: 019D99D05E358FD0A27DFE5CD4BE024B3A35 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft Manifest number: 13AF Signing time: Fri 17 Apr 2026 05:01:02 +0000 Manifest this update: Fri 17 Apr 2026 05:01:02 +0000 Manifest next update: Sat 18 Apr 2026 05:01:02 +0000 Files and hashes: 1: 1dfOhFGT4Rz19mHWVabW0kWxTss.roa (hash: Rjg1gNguWYpEwGKvfk1H+hd0eMsqKT2A4N+C2/8Q+uQ=) 2: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: vXNJWUMkscm23Y08efbAXgsNNCrJT2i01fjRIBCYPLU=) 3: 7EPxlfzuNdNfziGNw3Hj7EoZj1Q.roa (hash: fYUfx118C/cw672kHDWSH3DD1Ik9WuMEeaQ/qAV9tYE=) 4: 9EzrkfCb3685-QENXXhTIl2uZz4.roa (hash: 4o0MB77YQKRQiZHQrZxR1nkb/HsRFN1Kq0iR4K53WZA=) 5: DVIKLwP8b0UVJE_X0Zz4hLCMFmU.roa (hash: 2ROrixfhF0UtgJihhtThPaEztRX+VVHt8WTM1ZfZQ1o=) 6: Fn3txwFOnsHfJqp3dmOvAMcvgHc.roa (hash: 0tFPd6mFP89u9IcgrQmVyEuYoDxe9S4zwwRr4qndNks=) 7: RqZv9lI-beWajs98dICrEK2DwUM.roa (hash: z0DWSEDfb+oWc/lkT9R9ehjWWb2y0A0CPcHglnAYRf8=) 8: Ud0XI3ub85_CL2l55YZW3cXrctA.roa (hash: 2gMJyy7om8/uY1IqvCz0ubvDeUV63nAu6cUom48+3U0=) 9: ao5k8aMHz2Rr-UFohnKN0Vsy0ts.roa (hash: qeXz8tDdKItxGK8qtWsvUAbM0Ooz+MmMiDN8cvBIyTQ=) 10: bbXWGNkALy-ajnXnVwsq6VcslC8.roa (hash: lOmBCerqz+GglurufDI5e+15DQVwzjxcTvAfkACkLYE=) 11: jTMEUhkl6sKPDlW6gGgXZsH4VwQ.roa (hash: bLe2Zk8IquF+7aI/fXPQxZklmLIeFhH3W5DkdYCydQA=) 12: r-NoE_XHTABnwPRM9GdFHoEeHJo.roa (hash: qsD5Rt9CKRxXFQG5JSeN7cqv7sQvsG2HbFGsWmdhdi8=) 13: rIIpXZCn7E3HgJjpCaYYUR4k6ZI.roa (hash: Vvylnj2QqF4AFfq4GCTBxANmDk4TfXB5W5GNlTLI/Qw=) 14: rp3l1DRMo7bxNlcekPEumkx_Cu4.roa (hash: cvH000yVT30CU4NGwC5k2pFAaWGJcYLG4wfqKOyLWIU=) 15: s9E0mrs6RE5G3diI6qJ2dNaQlCY.roa (hash: ALHEFczsxrK3P9zm6czuHQOWsz9Vxib3j6fIwRLXdsA=) 16: smuPovOHBHHaIAv32qcc0ZyhNkQ.roa (hash: HcQ/8p3eoCWjnnKfMtVzm8focRBIq46dCnVV7vdjMxQ=) 17: v94LL-qGGgahldRNvzQc-ZVS3KI.roa (hash: a3YAXYAGQiNiI/eRCe9RKvTaP1hHvgR2d27wk4bq6Cw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 05:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:99:d0:5e:35:8f:d0:a2:7d:fe:5c:d4:be:02:4b:3a:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Validity Not Before: Apr 17 05:01:02 2026 GMT Not After : Apr 18 05:01:02 2026 GMT Subject: CN=e445446760bef77cd9eb8f43c9288721af08f6c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:b1:aa:3e:62:7e:5e:94:48:48:5f:7a:24:19: f5:f5:e8:5a:5e:ad:12:3a:09:02:47:9c:ff:58:51: c9:83:1d:2e:2e:b7:6b:a0:4b:25:ae:a0:77:ee:28: 97:6b:70:12:61:81:44:59:34:7e:72:41:80:3a:3e: e5:e5:34:60:90:4a:ae:b4:69:0a:bd:ce:09:98:01: 9f:b7:1a:b7:a2:0f:41:9e:8b:3d:5e:a0:6c:54:71: eb:b4:8b:04:52:be:8c:4f:08:f0:e2:e9:88:8a:63: 06:38:da:29:3f:65:db:4e:d2:9c:08:6c:9b:c4:5c: 74:23:5c:a0:9f:01:de:a6:09:74:24:f9:6f:0e:20: 7d:84:e7:99:f5:c8:6e:73:a3:bc:6a:7c:85:c5:98: 88:a6:75:dd:5e:52:c3:e9:77:36:a6:5e:df:f2:41: b7:9c:26:ff:1b:45:1e:d8:86:14:d5:0b:35:7e:ab: 90:cb:09:59:74:72:34:e1:ce:dd:29:b1:75:02:c6: 50:91:15:0d:dd:29:67:30:24:54:1a:7b:a6:1d:99: 0c:bc:1c:8a:9e:24:f8:b3:63:e6:47:89:a9:78:f6: f2:5a:de:a9:33:4f:a5:1a:69:02:4c:e1:03:da:e2: 92:61:aa:ef:dc:b0:c2:bb:a7:b9:5d:8c:8e:c9:dd: 02:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:45:44:67:60:BE:F7:7C:D9:EB:8F:43:C9:28:87:21:AF:08:F6:C6 X509v3 Authority Key Identifier: keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:f8:c6:4e:2c:7b:a9:03:af:85:7b:ca:d8:1f:6f:e0:3a:cc: e0:40:ba:59:2b:22:8e:1b:72:f8:44:19:ee:5f:04:ad:03:c0: 8d:56:7e:bc:25:29:c6:54:a3:1b:94:ab:c9:00:62:94:a4:95: ed:7a:72:0a:a4:ee:45:c2:a8:32:de:d2:07:e8:52:60:11:80: 3e:89:73:88:bc:14:43:ef:01:cb:b1:8e:e2:f2:20:a7:1c:b2: 54:1a:c5:87:3a:7f:bd:56:b2:dd:83:c3:2f:18:b4:42:9a:00: 10:e3:0a:2f:0d:a9:57:9c:73:a0:07:a1:6c:cc:14:9a:cf:e3: 26:61:2a:d6:08:9a:82:ad:d4:d9:4c:a8:58:12:7a:91:60:0e: 68:66:a1:13:df:28:2f:4b:48:d4:56:14:33:2d:fe:0b:1e:cd: 3f:79:30:85:c7:1d:66:74:88:ae:d9:3c:dc:e1:f5:67:bb:a6: b0:8c:f6:01:bb:74:06:80:b2:21:66:19:dd:63:71:bc:b3:46: 3c:1c:a0:ec:52:cd:30:a1:c4:0c:2f:85:11:41:43:82:94:a8: 2d:4d:19:8c:ee:d7:82:5d:c8:ad:6c:6d:fe:a9:27:bc:fd:65: c9:50:8b:74:73:ef:ea:24:3a:2f:35:99:98:c0:b0:aa:9b:87: 63:a3:97:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2Z0F41j9Ciff5c1L4CSzo1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx OGM5YmMwHhcNMjYwNDE3MDUwMTAyWhcNMjYwNDE4MDUwMTAyWjAzMTEwLwYDVQQD EyhlNDQ1NDQ2NzYwYmVmNzdjZDllYjhmNDNjOTI4ODcyMWFmMDhmNmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrGqPmJ+XpRISF96JBn19ehaXq0S OgkCR5z/WFHJgx0uLrdroEslrqB37iiXa3ASYYFEWTR+ckGAOj7l5TRgkEqutGkK vc4JmAGftxq3og9Bnos9XqBsVHHrtIsEUr6MTwjw4umIimMGONopP2XbTtKcCGyb xFx0I1ygnwHepgl0JPlvDiB9hOeZ9chuc6O8anyFxZiIpnXdXlLD6Xc2pl7f8kG3 nCb/G0Ue2IYU1Qs1fquQywlZdHI04c7dKbF1AsZQkRUN3SlnMCRUGnumHZkMvByK niT4s2PmR4mpePbyWt6pM0+lGmkCTOED2uKSYarv3LDCu6e5XYyOyd0ChQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFORFRGdgvvd82euPQ8kohyGvCPbGMB8GA1UdIwQY MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5 LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPjGTix7 qQOvhXvK2B9v4DrM4EC6WSsijhty+EQZ7l8ErQPAjVZ+vCUpxlSjG5SryQBilKSV 7XpyCqTuRcKoMt7SB+hSYBGAPolziLwUQ+8By7GO4vIgpxyyVBrFhzp/vVay3YPD Lxi0QpoAEOMKLw2pV5xzoAehbMwUms/jJmEq1giagq3U2UyoWBJ6kWAOaGahE98o L0tI1FYUMy3+Cx7NP3kwhccdZnSIrtk83OH1Z7umsIz2Abt0BoCyIWYZ3WNxvLNG PByg7FLNMKHEDC+FEUFDgpSoLU0ZjO7Xgl3IrWxt/qknvP1lyVCLdHPv6iQ6LzWZ mMCwqpuHY6OX9w== -----END CERTIFICATE-----Generated at Fri Apr 17 10:49:20 2026 by rpki-client