$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft File: IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft (raw, json) Hash identifier: EjkhLYH7N8E+qXOxWa5evRIKDYlPq0WJ8oPtCEBLu6Y= Subject key identifier: 41:89:24:AC:1C:5D:39:6E:A5:30:5D:34:5A:9B:16:13:3B:EA:8A:74 Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Certificate serial: 019D9AE30BB23AD0F469F14AA6D7DFE2AC41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft Manifest number: 18CC Signing time: Fri 17 Apr 2026 10:01:04 +0000 Manifest this update: Fri 17 Apr 2026 10:01:04 +0000 Manifest next update: Sat 18 Apr 2026 10:01:04 +0000 Files and hashes: 1: BNGMVvTZ1XawSMPOVaywEKgFz8w.roa (hash: WMt9Jn62xWAvsFJt6BLgLhIXnUKvtSHXK/jsLiQ9wc0=) 2: IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl (hash: I2JnjUlRB13hAcAK+AeqMKsSF4TbCgQnCjF80X6/Q4o=) 3: J_k_uJydXhJKkAPBLn_Xr9EpYmw.roa (hash: bMaFsCf1Hj+guhXQdkk7ZJ24ZgANPSnkOncPj3CW1pQ=) 4: S9D_ZvZP7Y2SyyqdAWt1mGxtagE.roa (hash: hH6PHrAp3gX28fWUuJtWpjV+rB9bYio8w3wI6R4XHQI=) 5: YPhzzBUAAD8W6PxdQ8Eo6J_1Xlo.roa (hash: QJjVxTN7Kd8ed1QYD92fFHesTbkRe6gyeZIi3S6D0so=) 6: Z8UyJlJrz_tPx2Lzi2wtF6sRSoY.roa (hash: pZEmU7QBOi+LmI67NMxNilqE5KRHfsee+sRCVmykeWE=) 7: gw26QBwPzQF9bT3yyu20z1tgJyk.roa (hash: iuHp19gpWORmcmt7JfC/koJtOp0jpGQxA/LoBFKsFao=) 8: mdj55pZO6nRDbpPFsXBoK-GkNU8.roa (hash: JU7FZwf7hl0KcJAATQ/by5oF+/xX9ntEZw2LOkX+3S0=) 9: n70k782e6Gxq_-Hc2YO_idjOcAs.roa (hash: 9xPDUcAeeZeb+V1tJdiN4n6+fuVQh1F2hwH4+x4MOiQ=) 10: pX4-zHrOaGGZmLrFodKOqsDRVt8.roa (hash: oNNoPaGL9tiGcsnmh6pVkfSYR8zyTqJrDL9WChZzfdA=) 11: vqLY8AJRdwBNZp1vMAKBzj7hYMk.roa (hash: QScIVVTzvA87+g4pWqcXEROo6Uo1IppOyeJM8oSgj8s=) 12: xgHR7y7J0aGtYD0R9jhr6WJbZm8.roa (hash: CHXV05nQbB5KxwYkctbAeeyJMsjXN6ysG0w+cPnzH+Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 07:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:9a:e3:0b:b2:3a:d0:f4:69:f1:4a:a6:d7:df:e2:ac:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Validity Not Before: Apr 17 10:01:04 2026 GMT Not After : Apr 18 10:01:04 2026 GMT Subject: CN=418924ac1c5d396ea5305d345a9b16133bea8a74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ec:83:2c:3c:a5:f0:ac:df:a9:21:67:bd:98: ba:a4:b3:39:a7:3a:0f:d4:cc:f5:7b:f0:7f:10:f0: be:c7:d6:de:8e:4f:21:39:87:99:91:ba:11:38:82: a4:e2:ba:4f:76:ce:41:f6:fa:c0:41:02:7f:a6:2b: 5b:dd:7b:bf:ee:44:da:c1:5c:48:56:78:b3:32:c8: 27:23:33:a2:a0:11:fa:6b:61:f7:ea:45:42:5d:c5: 57:20:ee:ef:b3:7a:ab:09:a9:ec:8f:2a:31:19:6d: d0:25:fe:65:ac:a6:2f:bf:0d:62:f4:9a:67:b6:48: c2:e5:e6:89:41:2c:25:7b:9e:33:2e:3c:be:02:aa: 1d:8a:b4:3d:ba:a1:79:50:ca:7d:ac:0e:ce:a6:d8: f2:41:a1:d1:f1:e8:bd:64:8a:7c:4c:6d:d8:18:37: 6f:cb:9e:2d:05:72:f0:1c:45:55:52:87:d5:93:99: 98:26:9c:f3:21:16:e3:6b:e6:e6:ce:6e:a9:e4:db: 8b:be:e8:91:4e:29:40:01:e0:f8:3b:61:0a:89:77: c4:3a:f3:2f:94:6c:57:1b:90:1c:48:d4:ec:ea:de: 3f:7f:f3:c4:91:13:fb:0f:f4:e6:ab:3c:11:8a:9e: bf:70:01:c6:34:55:59:30:31:69:83:10:e6:2c:f8: e0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:89:24:AC:1C:5D:39:6E:A5:30:5D:34:5A:9B:16:13:3B:EA:8A:74 X509v3 Authority Key Identifier: keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:dc:aa:81:6d:ad:8b:8c:8a:41:97:48:0a:78:76:7f:7e:6e: b3:44:31:3d:7f:44:9b:4b:77:24:71:45:46:71:cd:8a:64:a7: 5d:0a:a7:17:70:b6:38:26:e2:0d:cf:f9:e8:0f:d7:e9:d5:09: f2:b8:4e:40:e9:a2:cb:ee:de:6e:28:40:34:a4:d2:d8:67:bf: d3:75:44:4f:40:3d:b1:ca:16:b3:e6:6f:73:dc:09:83:7e:2f: 0c:5a:42:37:db:96:59:03:cd:f7:76:8c:76:4f:bd:3c:86:40: d7:27:d3:d9:0e:1a:0c:bf:b1:98:d3:41:e9:12:01:3a:8d:d1: fc:27:5a:5f:46:5f:41:96:bd:dc:0f:3e:d0:f6:69:62:16:a2: 9c:5a:62:31:5e:10:ab:db:fd:ed:a8:e8:fb:06:3d:c7:d4:35: 04:9b:69:19:91:d9:a6:5d:23:d0:fa:d3:af:2e:f2:ba:19:18: 66:8d:f0:8c:09:ac:58:56:95:48:48:7e:ee:84:1b:16:45:6d: 9b:a6:34:ba:12:9e:90:b8:e1:34:34:66:87:c0:b8:1c:94:38: 57:5a:a4:8f:08:7e:c4:f8:bf:74:de:57:37:0a:9b:37:f3:af: d0:a5:3c:27:cd:12:4c:33:26:ed:b7:ca:da:08:e0:f1:6e:81: 6b:2f:cc:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2a4wuyOtD0afFKptff4qxBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj ZmQwNjIwHhcNMjYwNDE3MTAwMTA0WhcNMjYwNDE4MTAwMTA0WjAzMTEwLwYDVQQD Eyg0MTg5MjRhYzFjNWQzOTZlYTUzMDVkMzQ1YTliMTYxMzNiZWE4YTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uyDLDyl8KzfqSFnvZi6pLM5pzoP 1Mz1e/B/EPC+x9bejk8hOYeZkboROIKk4rpPds5B9vrAQQJ/pitb3Xu/7kTawVxI VnizMsgnIzOioBH6a2H36kVCXcVXIO7vs3qrCansjyoxGW3QJf5lrKYvvw1i9Jpn tkjC5eaJQSwle54zLjy+AqodirQ9uqF5UMp9rA7OptjyQaHR8ei9ZIp8TG3YGDdv y54tBXLwHEVVUofVk5mYJpzzIRbja+bmzm6p5NuLvuiRTilAAeD4O2EKiXfEOvMv lGxXG5AcSNTs6t4/f/PEkRP7D/TmqzwRip6/cAHGNFVZMDFpgxDmLPjgmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEGJJKwcXTlupTBdNFqbFhM76op0MB8GA1UdIwQY MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt NjU0ZGQ2NDQyY2U0LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0 LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9yqgW2t i4yKQZdICnh2f35us0QxPX9Em0t3JHFFRnHNimSnXQqnF3C2OCbiDc/56A/X6dUJ 8rhOQOmiy+7ebihANKTS2Ge/03VET0A9scoWs+Zvc9wJg34vDFpCN9uWWQPN93aM dk+9PIZA1yfT2Q4aDL+xmNNB6RIBOo3R/CdaX0ZfQZa93A8+0PZpYhainFpiMV4Q q9v97ajo+wY9x9Q1BJtpGZHZpl0j0PrTry7yuhkYZo3wjAmsWFaVSEh+7oQbFkVt m6Y0uhKekLjhNDRmh8C4HJQ4V1qkjwh+xPi/dN5XNwqbN/Ov0KU8J80STDMm7bfK 2gjg8W6Bay/McA== -----END CERTIFICATE-----Generated at Fri Apr 17 15:31:57 2026 by rpki-client