$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft File: Y2O7ZYlfOlSksyShDHmsmO_ioco.mft (raw, json) Hash identifier: EV7+SfY2kHge0Eo9qIbtwkYkqGUB5IMXDEMP+7w5X9o= Subject key identifier: 32:11:A2:28:BB:41:AC:82:CA:95:11:0C:41:DC:66:FB:CC:EE:04:9F Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca Certificate serial: 019CAB34B3A957164210EBECC8BA7E594C87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft Manifest number: 11A7 Signing time: Sun 01 Mar 2026 21:01:23 +0000 Manifest this update: Sun 01 Mar 2026 21:01:23 +0000 Manifest next update: Mon 02 Mar 2026 21:01:23 +0000 Files and hashes: 1: 0qcRgVORJ6l9UlTI2CKPLzjbfog.roa (hash: wvJhHDw0n2QTgzGbPUH8xt0FfoOscXlBHhG0tJvFt98=) 2: 2EkuPAqVHEWEKp6ASw2K5zmACQk.roa (hash: n72y5YkbbuFUJAYmxmxnzR7f3ZsUZLnhTxeGIE67Cko=) 3: LKqcV__iHBkuJmHBTgVTMKe7jfs.roa (hash: LzRNG01pbqOOrg9Ke+0IrSjljXKIcSklaBxsB5gc1AU=) 4: PxxNVNL5BOB3QrAZZvS5ahJKLOQ.roa (hash: tFLry/v07lnhSlHBjf2oO0BxwozcI2XhOgOvdmFzcjY=) 5: SsMemxNz7WwrgOi2t4J5keskOjc.roa (hash: 8tN8540PpdeEqrMWMweCLc0iyV0lekQaB3DsFO3PEyM=) 6: U74ViGODTud33ngPAmj4w73NK6o.roa (hash: 8g7ud1guSPB+L+sklXn8DfQQ/RtzcbmpgZcJ8hWX/2M=) 7: Y2O7ZYlfOlSksyShDHmsmO_ioco.crl (hash: 3EYNo8Z1TmGH3uZPMdehm4tNjXrbtJsx6SbeRFM7vog=) 8: ajUdjtPuTYK4cJ-GDNgzwU_V7QU.roa (hash: zq0p6TTpyxJr1rlBswAzuDS0To2T7g83akxmSzfwXWY=) 9: esQiMgPaySQVW0k54pO3jc5Zyuc.roa (hash: 2aftWcOZmt2bVeY6qt170y22emZnUo4u4rs+oiqH7rU=) 10: n9NpVtjQ4CgC347DPdZBbkrl1rk.roa (hash: F/VcD/rkVFmMD8EIR8zYpeskYz8L7PTmG19l/6//DPo=) 11: qzDK1lhCM39SxM8PACxbyKkom_M.roa (hash: nfWxgyb2gt4+A8mM3hL0XhTI+0dXdf9+3PuS2IdhMMY=) 12: v94NxlhLC5JfK0F3wlDeGhiXIaM.roa (hash: t3kxnuazBFVu5n7erK9ZnDyudXKzRMRhXRP6VbC6QIE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 15:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:ab:34:b3:a9:57:16:42:10:eb:ec:c8:ba:7e:59:4c:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca Validity Not Before: Mar 1 21:01:23 2026 GMT Not After : Mar 2 21:01:23 2026 GMT Subject: CN=3211a228bb41ac82ca95110c41dc66fbccee049f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ab:8f:ca:dd:32:8e:36:e9:52:c9:3c:af:e4: ed:1a:03:35:39:f1:69:e4:6a:80:6a:a3:3b:1a:ef: 3e:c2:e3:84:56:63:9a:c0:ea:8e:2f:8b:e1:32:3e: c0:ed:6f:64:a7:95:85:fb:79:fb:24:21:48:94:d0: 73:ba:9c:ec:2f:e8:3a:1f:5f:98:c3:a0:23:3f:37: a7:20:35:2d:a4:34:7d:5e:5e:e8:68:07:a8:1f:5b: da:68:ac:5a:61:d8:b9:72:20:b8:4b:64:94:01:0c: e9:60:7f:ef:e7:5e:ec:9f:78:1b:20:e4:ef:33:2a: f7:dd:ef:8a:fb:0c:7f:b7:17:4b:e2:f4:74:27:06: 5f:b8:ba:19:ad:29:d7:fa:64:69:41:e3:16:18:5b: 32:c2:5a:16:e9:27:e9:4b:8f:43:8f:46:e2:bd:ba: 5a:01:3a:5b:22:1b:5e:54:c5:80:ff:e4:e8:49:3c: d9:fd:4b:87:fe:66:1f:3d:bc:d4:0a:78:3e:22:6c: e0:b2:9c:7e:a7:34:db:eb:3e:13:74:b1:e7:42:ee: 51:65:90:ab:22:32:a0:d0:f1:50:e0:0b:6e:9f:6c: 6f:e7:a3:a4:69:26:c6:fc:37:3c:94:f3:92:b5:4e: ce:57:7f:7d:31:3f:e1:b2:90:9f:d3:f3:47:4a:ab: 48:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:11:A2:28:BB:41:AC:82:CA:95:11:0C:41:DC:66:FB:CC:EE:04:9F X509v3 Authority Key Identifier: keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:ca:22:04:1b:e8:dd:28:2f:25:f0:68:11:13:6e:25:30:5c: ff:3c:78:81:86:6b:56:f4:48:ae:30:92:02:f7:56:81:05:56: 0e:35:47:6f:fd:34:41:b9:ff:d1:24:0b:56:36:d5:ea:80:2d: 51:ca:b1:b2:82:9c:f3:ea:5c:e2:e0:68:ab:3e:ea:49:6e:7d: 5a:ac:23:98:1b:68:51:bb:4d:27:4d:df:84:0c:24:26:1c:4a: 1f:72:09:e5:0b:8c:54:b0:ef:0c:57:13:0a:c1:d7:a3:e4:1c: 6d:fd:48:f1:c2:d4:5e:c6:4e:e6:c6:ce:a4:e3:f5:40:aa:9a: 34:d4:1d:a3:24:8d:7c:76:79:d4:55:7c:10:96:66:16:8f:55: 98:7d:56:73:21:b7:63:95:5b:9d:8a:5e:48:4c:4f:ef:75:87: 1c:56:bb:30:63:87:89:ca:2e:70:5f:95:18:9c:c2:36:88:b2: 00:09:67:68:6b:67:56:89:73:c4:e2:cc:2a:9e:8f:7e:66:2f: d7:26:26:df:5d:80:ae:b3:33:8f:87:9a:ba:fb:b6:f0:5b:7a: 78:7c:a4:ed:41:68:0f:99:bb:bd:b7:7b:c3:3f:31:0e:54:75: 2f:09:f6:91:81:80:d9:50:02:a6:80:33:2a:ca:1a:3f:ff:50: c1:93:29:4d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZyrNLOpVxZCEOvsyLp+WUyHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl MmExY2EwHhcNMjYwMzAxMjEwMTIzWhcNMjYwMzAyMjEwMTIzWjAzMTEwLwYDVQQD EygzMjExYTIyOGJiNDFhYzgyY2E5NTExMGM0MWRjNjZmYmNjZWUwNDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzauPyt0yjjbpUsk8r+TtGgM1OfFp 5GqAaqM7Gu8+wuOEVmOawOqOL4vhMj7A7W9kp5WF+3n7JCFIlNBzupzsL+g6H1+Y w6AjPzenIDUtpDR9Xl7oaAeoH1vaaKxaYdi5ciC4S2SUAQzpYH/v517sn3gbIOTv Myr33e+K+wx/txdL4vR0JwZfuLoZrSnX+mRpQeMWGFsywloW6SfpS49Dj0bivbpa ATpbIhteVMWA/+ToSTzZ/UuH/mYfPbzUCng+Imzgspx+pzTb6z4TdLHnQu5RZZCr IjKg0PFQ4Atun2xv56OkaSbG/Dc8lPOStU7OV399MT/hspCf0/NHSqtIKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDIRoii7QayCypURDEHcZvvM7gSfMB8GA1UdIwQY MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt YTZjYTQ1NGRiMmQ3LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3 LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYcoiBBvo 3SgvJfBoERNuJTBc/zx4gYZrVvRIrjCSAvdWgQVWDjVHb/00Qbn/0SQLVjbV6oAt UcqxsoKc8+pc4uBoqz7qSW59WqwjmBtoUbtNJ03fhAwkJhxKH3IJ5QuMVLDvDFcT CsHXo+Qcbf1I8cLUXsZO5sbOpOP1QKqaNNQdoySNfHZ51FV8EJZmFo9VmH1WcyG3 Y5VbnYpeSExP73WHHFa7MGOHicoucF+VGJzCNoiyAAlnaGtnVolzxOLMKp6PfmYv 1yYm312ArrMzj4eauvu28Ft6eHyk7UFoD5m7vbd7wz8xDlR1Lwn2kYGA2VACpoAz KsoaP/9QwZMpTQ== -----END CERTIFICATE-----Generated at Mon Mar 2 00:22:52 2026 by rpki-client