$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft File: Y2O7ZYlfOlSksyShDHmsmO_ioco.mft (raw, json) Hash identifier: GfBqDy6a+MBB3qvbrJKRalyFtr+uRk3+lAFEApct7Aw= Subject key identifier: 1F:43:4E:9F:9A:52:CD:49:1C:45:91:D4:58:1A:9E:68:3A:39:B1:98 Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca Certificate serial: 019D97AA7D9AF5B13FA62728601136631EA5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft Manifest number: 1226 Signing time: Thu 16 Apr 2026 19:00:25 +0000 Manifest this update: Thu 16 Apr 2026 19:00:25 +0000 Manifest next update: Fri 17 Apr 2026 19:00:25 +0000 Files and hashes: 1: 0qcRgVORJ6l9UlTI2CKPLzjbfog.roa (hash: wvJhHDw0n2QTgzGbPUH8xt0FfoOscXlBHhG0tJvFt98=) 2: 2EkuPAqVHEWEKp6ASw2K5zmACQk.roa (hash: n72y5YkbbuFUJAYmxmxnzR7f3ZsUZLnhTxeGIE67Cko=) 3: LKqcV__iHBkuJmHBTgVTMKe7jfs.roa (hash: LzRNG01pbqOOrg9Ke+0IrSjljXKIcSklaBxsB5gc1AU=) 4: MDqkmVq0wqQhfctEVt435BlVKwE.roa (hash: UBeCi32yoKfsLWvPk9g+GRflHLIlJW/EWzv3Gosv9dk=) 5: PxxNVNL5BOB3QrAZZvS5ahJKLOQ.roa (hash: tFLry/v07lnhSlHBjf2oO0BxwozcI2XhOgOvdmFzcjY=) 6: U74ViGODTud33ngPAmj4w73NK6o.roa (hash: 8g7ud1guSPB+L+sklXn8DfQQ/RtzcbmpgZcJ8hWX/2M=) 7: Uu6kgZoXxkmNniYXRrRma31jomI.roa (hash: SRpT2c+ZtineJthFU2Lj326eHBfCWg/PI6AuJE6p0HE=) 8: Y2O7ZYlfOlSksyShDHmsmO_ioco.crl (hash: W7CSDnQm9mKqAUvoZe3GNkdYoTDHat04noBwz1ErYG8=) 9: ajUdjtPuTYK4cJ-GDNgzwU_V7QU.roa (hash: zq0p6TTpyxJr1rlBswAzuDS0To2T7g83akxmSzfwXWY=) 10: esQiMgPaySQVW0k54pO3jc5Zyuc.roa (hash: 2aftWcOZmt2bVeY6qt170y22emZnUo4u4rs+oiqH7rU=) 11: n9NpVtjQ4CgC347DPdZBbkrl1rk.roa (hash: F/VcD/rkVFmMD8EIR8zYpeskYz8L7PTmG19l/6//DPo=) 12: qzDK1lhCM39SxM8PACxbyKkom_M.roa (hash: nfWxgyb2gt4+A8mM3hL0XhTI+0dXdf9+3PuS2IdhMMY=) 13: zRX49tmJAdaGhaSwlC20v5C1y1M.roa (hash: zxokrlpERmb2O5s52Pr/l/EU3mgyz8SOyXjooOdftYE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 19:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:97:aa:7d:9a:f5:b1:3f:a6:27:28:60:11:36:63:1e:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca Validity Not Before: Apr 16 19:00:25 2026 GMT Not After : Apr 17 19:00:25 2026 GMT Subject: CN=1f434e9f9a52cd491c4591d4581a9e683a39b198 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f0:db:2b:6b:f5:4b:62:28:15:3f:a7:f6:de: 50:43:ec:16:a4:a1:78:fb:dd:c3:21:85:c0:86:e7: ac:5f:24:01:64:2c:16:70:a5:28:51:7f:1b:95:bc: 4a:3d:67:c9:78:0d:8f:20:8d:b6:a1:c9:02:4f:2e: f3:40:14:80:1f:11:f7:27:1f:f2:ac:29:80:3c:ec: ab:13:aa:8a:e1:d3:0a:7c:46:be:b5:7c:78:a9:fd: 54:ad:e9:df:e1:05:a5:17:f4:c4:90:b7:f9:bf:6a: fa:26:a0:1a:fb:e3:5b:fe:07:4c:9e:c0:2c:d0:dd: 63:4a:c9:b5:6d:61:91:f4:9a:7b:81:05:a4:fa:58: 44:83:00:49:a5:8d:7b:a5:fa:0f:67:55:08:5c:ed: 5b:04:7c:55:32:68:4c:81:91:80:39:49:3c:e3:98: 9d:a1:60:90:4f:4f:1c:74:c7:f2:d4:57:dc:46:98: 4f:ed:6d:0b:60:f5:be:6e:90:a0:92:15:a0:51:d0: 27:a5:77:3d:28:66:91:b7:0b:1f:3c:ea:ea:e9:b3: 4a:60:10:61:eb:b4:c8:bf:69:dd:0b:5d:b4:c8:9c: ff:91:c4:fb:71:67:58:ef:32:89:df:58:84:5c:3c: 00:ee:5c:9d:93:7f:fa:a1:e0:0c:55:da:79:bd:37: 46:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:43:4E:9F:9A:52:CD:49:1C:45:91:D4:58:1A:9E:68:3A:39:B1:98 X509v3 Authority Key Identifier: keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:14:39:e0:2f:4a:f0:83:17:d0:f9:5a:21:17:73:ed:e9:15: a8:c6:d5:20:db:52:df:3a:8e:f5:18:5f:01:fc:6c:21:55:bd: b5:e7:c6:4f:81:00:53:e3:2f:dd:68:24:f6:f8:34:66:f2:d2: 54:f2:c9:4d:97:28:73:1e:c5:a1:f6:f7:6f:a4:ad:e2:3e:0b: 35:76:f5:da:0b:b7:95:5d:53:f1:8c:01:c3:d3:ad:90:7e:4e: 73:f0:41:cd:cc:36:68:81:d6:4d:52:b4:2a:6e:80:41:cf:e8: 56:f1:c9:09:39:01:11:f4:bc:5a:66:a9:70:b9:15:46:d3:6c: 22:ec:59:0c:7d:1e:1e:62:7c:43:d2:3e:58:f6:d2:1f:e1:1c: 5d:09:1b:dd:3b:67:2f:9a:e0:9e:77:62:48:a7:90:df:04:8e: 51:84:1a:59:36:84:1d:81:bc:77:d0:6e:f7:da:80:3e:f2:ed: 1b:70:8f:55:67:55:97:a6:a3:cc:52:40:d6:25:6f:f9:82:7d: b3:11:fa:12:29:80:e0:1c:49:e3:8e:12:ee:b0:12:16:f5:ce: ec:63:d5:98:ab:c3:e4:80:dd:b6:48:8b:ac:4d:77:bb:79:32: 3b:17:9a:64:6b:87:2d:e5:be:c8:04:8e:89:53:d0:60:94:f9: 86:41:82:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2Xqn2a9bE/picoYBE2Yx6lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl MmExY2EwHhcNMjYwNDE2MTkwMDI1WhcNMjYwNDE3MTkwMDI1WjAzMTEwLwYDVQQD EygxZjQzNGU5ZjlhNTJjZDQ5MWM0NTkxZDQ1ODFhOWU2ODNhMzliMTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufDbK2v1S2IoFT+n9t5QQ+wWpKF4 +93DIYXAhuesXyQBZCwWcKUoUX8blbxKPWfJeA2PII22ockCTy7zQBSAHxH3Jx/y rCmAPOyrE6qK4dMKfEa+tXx4qf1Urenf4QWlF/TEkLf5v2r6JqAa++Nb/gdMnsAs 0N1jSsm1bWGR9Jp7gQWk+lhEgwBJpY17pfoPZ1UIXO1bBHxVMmhMgZGAOUk845id oWCQT08cdMfy1FfcRphP7W0LYPW+bpCgkhWgUdAnpXc9KGaRtwsfPOrq6bNKYBBh 67TIv2ndC120yJz/kcT7cWdY7zKJ31iEXDwA7lydk3/6oeAMVdp5vTdGSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB9DTp+aUs1JHEWR1Fganmg6ObGYMB8GA1UdIwQY MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt YTZjYTQ1NGRiMmQ3LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3 LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxQ54C9K 8IMX0PlaIRdz7ekVqMbVINtS3zqO9RhfAfxsIVW9tefGT4EAU+Mv3Wgk9vg0ZvLS VPLJTZcocx7Fofb3b6St4j4LNXb12gu3lV1T8YwBw9OtkH5Oc/BBzcw2aIHWTVK0 Km6AQc/oVvHJCTkBEfS8WmapcLkVRtNsIuxZDH0eHmJ8Q9I+WPbSH+EcXQkb3Ttn L5rgnndiSKeQ3wSOUYQaWTaEHYG8d9Bu99qAPvLtG3CPVWdVl6ajzFJA1iVv+YJ9 sxH6EimA4BxJ444S7rASFvXO7GPVmKvD5IDdtkiLrE13u3kyOxeaZGuHLeW+yASO iVPQYJT5hkGCyQ== -----END CERTIFICATE-----Generated at Fri Apr 17 02:33:21 2026 by rpki-client