$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft File: s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft (raw, json) Hash identifier: xXbRb0dwHJvU+4g0YXXnN109v1jBajiarQSa87nmn0A= Subject key identifier: 53:62:F1:8C:08:9F:BD:14:CB:97:93:7E:BA:CF:95:5B:0D:75:1B:00 Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019DA41CEE9B1E03A3D7820E647EB13A1975 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft Manifest number: 18EA Signing time: Sun 19 Apr 2026 05:00:52 +0000 Manifest this update: Sun 19 Apr 2026 05:00:52 +0000 Manifest next update: Mon 20 Apr 2026 05:00:52 +0000 Files and hashes: 1: 3qg1KGc8omoslEG7jKlx4gx_LhQ.roa (hash: TnGs+EX2f9uQeebTem+/sfQFkc/zmqJQ5dURkVKi/n4=) 2: 4KsNQpqZCzqF5DWTGMqSZIdafk4.roa (hash: LOn9PMfVYWd9yqbUArMEkf8C7kjYf3BgWxcSoG8pKwI=) 3: 6GTkHhvGaHh_ppvgJMPn5q-SDT4.roa (hash: zOLVYqNLZkRsHu25N50zDbPPg1XzLp1BrOsPiOu+9z8=) 4: 6JxXQsPP5HeOd-zrinJyzOvxbvk.roa (hash: avnYdM5iKLHNYRmn2VZGG+0Rulxb30BrgSNse/s1Stw=) 5: Lm2Fdw-4HY59cWTBR1AYmOLC0Mk.roa (hash: SNGqheW6LsNlSg4kHxkvmFfi6Fzh2bEiE379f5CYZNA=) 6: N18aROBQ19Wj6Kdi3-iQ5c6OfeA.roa (hash: ezUkbSC7P3mO/d4z+5YndvD9aLmtqZ6KOctd3R4dOws=) 7: OUOP2IJYsVbNI_PTNHQ12RVMoDI.roa (hash: BnGONzncD2wwl5KKt6nDn2hcjBqGU1Umy1qq2TndNLU=) 8: X5qhIZ7xGCMvKQfZQrbeuOZ9uf8.roa (hash: i3DUL5+61b/Yr3dFWew0V6gv0s7RuSUIeTUfltYEFJs=) 9: Zjh5y2Kd8cSRzdszQnign9Lz3l4.roa (hash: TMEeISdGQlH/KULrec6oWy2p2scTUrKdaSvlMRJx3eE=) 10: g-q-xyU0r6niX_HcUqMnHfOWVQg.roa (hash: 3EYAH+TPHIG5maEa02mmMDsDD6AUBoN3T8wtoxwbwEg=) 11: iO24D_W0B1UjBwRFlQ8CdPgIqgs.roa (hash: VKTFC+1OrvrVs+DP4mHHKFLGZKyqteGaSW/b1eEAqMs=) 12: jytqbvPB7p4L3yG-M73X311CEZM.roa (hash: OoChTy3t+Ypl0/yoHt/yN9OFfFbQL1CiSDqOkSSFy9Y=) 13: qzIbIOdweY6pocYgDw-BYpuwt2k.roa (hash: RCGDZNml0heHLSfAzhIyGN2imnWRjKRBHXZrfhyhHtA=) 14: s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl (hash: 4pByBMcV7CJ7TfPqN8pwmmOdzjokAU2VBEg8LLav55E=) 15: x3SzmyzLt8OYyGIP7YYKzeSx1t0.roa (hash: aW1SwGzhZKDv9vTg+ztGzAN+MHGjx+qNx1xNIM7zvvM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Apr 2026 02:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:a4:1c:ee:9b:1e:03:a3:d7:82:0e:64:7e:b1:3a:19:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Apr 19 05:00:52 2026 GMT Not After : Apr 20 05:00:52 2026 GMT Subject: CN=5362f18c089fbd14cb97937ebacf955b0d751b00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:3e:f2:4f:e1:dc:40:5a:43:ed:38:e3:db:b3: c2:bb:fa:49:df:e4:0b:a9:0a:ea:27:97:32:ef:23: b4:8f:8c:ae:bc:be:18:c1:53:18:d7:17:2d:6e:a9: c9:8b:14:09:d5:6c:85:41:9a:e0:2f:38:7f:68:70: 73:0f:62:36:e4:f8:7b:c7:a9:24:03:b1:a1:0b:17: aa:fd:ac:2e:93:60:39:3c:63:6f:1a:0b:5d:36:52: da:bc:7e:b7:8a:2f:8e:b9:34:9a:07:fb:0b:5e:88: 9e:36:3e:11:c1:76:f6:e1:fe:bd:1b:9a:ab:f8:b8: 6d:c2:9d:a7:d0:a3:ff:8c:85:4b:14:6f:53:e1:49: fa:c0:5e:e0:5a:a1:94:50:1a:b2:d4:e1:cd:6f:90: 80:fb:0f:40:83:fb:0e:b0:c8:2f:89:af:96:c0:55: a4:0f:e3:fa:d7:f5:c8:9e:71:25:30:3b:06:f5:f6: 78:1a:6f:3b:6b:4f:2a:98:f8:a9:6b:9d:b7:4a:c6: 1c:7f:45:5a:8f:fb:8f:2f:1d:93:b2:15:be:2b:5e: 4b:3a:8d:00:cc:6d:5a:a1:e0:c0:a4:1b:be:8b:b4: 3c:31:0c:61:08:3a:2b:3b:09:c9:4c:72:b1:dd:dd: 21:60:cf:bb:48:32:73:31:14:88:27:43:8e:77:ce: e6:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:62:F1:8C:08:9F:BD:14:CB:97:93:7E:BA:CF:95:5B:0D:75:1B:00 X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:2b:6c:14:30:40:8b:94:d4:9c:d9:4e:cd:6e:88:7d:0b:70: 9a:ad:1a:eb:50:23:83:d3:22:2d:af:f8:0f:4b:4c:f2:33:48: 0c:15:f5:ba:3e:f7:eb:f1:32:f2:22:c9:f6:6d:72:43:4f:9e: 8a:24:e4:68:d1:ca:32:4c:31:c5:92:c9:3d:e4:86:c7:fb:1f: db:3a:16:9c:10:65:80:b6:de:d6:98:b5:1a:b8:12:0f:34:ca: 68:71:c4:e9:35:e8:ff:b2:04:eb:3c:44:e2:45:01:1d:94:60: 37:1c:17:6e:ce:45:d6:cb:c2:79:e3:fa:54:2b:f3:84:1a:b0: 9f:8e:5b:95:91:b3:06:96:9a:25:1b:b5:99:e1:60:4c:75:88: 7a:bd:22:9b:2c:ca:92:a2:bc:ae:30:be:79:42:6f:4a:78:2b: 09:9a:9d:77:67:27:3c:7e:b4:59:ff:e8:3b:4b:17:27:08:b0: 2c:df:3a:db:e1:45:4e:78:0a:3b:60:b5:78:5b:a2:71:40:3e: 10:e8:5e:c5:9d:3a:36:13:79:3e:7f:e5:6d:38:e5:d0:1a:b5: 2a:dd:0d:35:5f:f9:30:27:17:2c:47:58:e9:f1:de:6b:ac:7f: 5c:c6:c9:bc:1b:9c:5f:6c:f6:28:71:f6:4f:33:9e:a7:28:25: 4c:de:c8:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2kHO6bHgOj14IOZH6xOhl1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwNDE5MDUwMDUyWhcNMjYwNDIwMDUwMDUyWjAzMTEwLwYDVQQD Eyg1MzYyZjE4YzA4OWZiZDE0Y2I5NzkzN2ViYWNmOTU1YjBkNzUxYjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj7yT+HcQFpD7Tjj27PCu/pJ3+QL qQrqJ5cy7yO0j4yuvL4YwVMY1xctbqnJixQJ1WyFQZrgLzh/aHBzD2I25Ph7x6kk A7GhCxeq/awuk2A5PGNvGgtdNlLavH63ii+OuTSaB/sLXoieNj4RwXb24f69G5qr +Lhtwp2n0KP/jIVLFG9T4Un6wF7gWqGUUBqy1OHNb5CA+w9Ag/sOsMgvia+WwFWk D+P61/XInnElMDsG9fZ4Gm87a08qmPipa523SsYcf0Vaj/uPLx2TshW+K15LOo0A zG1aoeDApBu+i7Q8MQxhCDorOwnJTHKx3d0hYM+7SDJzMRSIJ0OOd87mjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFNi8YwIn70Uy5eTfrrPlVsNdRsAMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApCtsFDBA i5TUnNlOzW6IfQtwmq0a61Ajg9MiLa/4D0tM8jNIDBX1uj736/Ey8iLJ9m1yQ0+e iiTkaNHKMkwxxZLJPeSGx/sf2zoWnBBlgLbe1pi1GrgSDzTKaHHE6TXo/7IE6zxE 4kUBHZRgNxwXbs5F1svCeeP6VCvzhBqwn45blZGzBpaaJRu1meFgTHWIer0imyzK kqK8rjC+eUJvSngrCZqdd2cnPH60Wf/oO0sXJwiwLN862+FFTngKO2C1eFuicUA+ EOhexZ06NhN5Pn/lbTjl0Bq1Kt0NNV/5MCcXLEdY6fHea6x/XMbJvBucX2z2KHH2 TzOepyglTN7ILA== -----END CERTIFICATE-----Generated at Sun Apr 19 08:28:11 2026 by rpki-client