$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft File: AOT2p3Not87P5nIgtDZXax4Aiuw.mft (raw, json) Hash identifier: g66PWYrvuIh8aFUtbH8cwDNL4fGWitqTOI01X1+7G30= Subject key identifier: B3:73:FC:AB:94:E6:5B:F8:C4:AD:9E:EF:79:40:A3:CE:86:AD:97:63 Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec Certificate serial: 019D9962BC4195082BEB50A7A2F7A56CA6B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft Manifest number: 19C4 Signing time: Fri 17 Apr 2026 03:01:17 +0000 Manifest this update: Fri 17 Apr 2026 03:01:17 +0000 Manifest next update: Sat 18 Apr 2026 03:01:17 +0000 Files and hashes: 1: 1-7-GRl1DpJL9MX_Eh7vVlgQAtds.roa (hash: qBQ+Yv34RT+76LqwEUvZMWK4vq87p/Tm5N2E03sJUtE=) 2: 8JQ0VF5qvrtIdP5kzOpKrpQ4c_Q.roa (hash: 8Cz/nfpNgRo73mnZrpsPG4yB6fA8zTsiRnBVo7ed97c=) 3: AOT2p3Not87P5nIgtDZXax4Aiuw.crl (hash: 5sj7Tg2YqBeIliunTxMZU7RmWI7uwYcSfxHcjWlaULc=) 4: CP1700xQhoIo0eqZb96w49fwMZU.roa (hash: FhGMMmXWb4O7zbwANRuKCF/ES8PwzOmEkZV99iTN5xU=) 5: Iz8oQHvYY4N1cu4pgE3299ogM34.roa (hash: GTn6Y+DWEw4+IcATVORnDqgcpHWD0i8V9c7BBTnRM3U=) 6: MQ0e7OQgina0hHLbzkJJI7ocRMY.roa (hash: lYlPT7y2KTJ0qjKzQaLtDJlIn+M8xo18ZCJuzXN583Y=) 7: VcGOwSBLa8MeclenBwYCnJTkc6Q.roa (hash: ZpKqr8OOjlncepBvaT8KeQio9IThw68qGgH8coHhuVI=) 8: gF0x-IgTBvCJCERAByN93AH9MjM.roa (hash: f9L9sZ2MryoARd93KF5kcE6ImNuSL3mNiWJ8yZc3d58=) 9: hGF5HckbV_mO1zNnnUvLaxvGgg0.roa (hash: LswWVKDsb8V0ubfBEeUCi7BkiOP6J97pjosqCGNORUk=) 10: oPPgaBYxfthIjxyRNKKvuQhADcA.roa (hash: vJpx4imZl2f0ZsJVLjSi4WZMmzQUNNlQIXHfoEUu3/k=) 11: tDS2Cs2obRP0GxSw9_zcJ3O6_H8.roa (hash: 6+3w2X7QmyZajlkvHT3Z32O7WpWvoPyxaW4Oqr2oNl8=) 12: v3K9UBCZQXetZHCASn_v-Er6z80.roa (hash: M01ADTQv5+WF8EwvS7wZ9W7tolykwshPsb2JjYqw3EQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 22:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:99:62:bc:41:95:08:2b:eb:50:a7:a2:f7:a5:6c:a6:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec Validity Not Before: Apr 17 03:01:17 2026 GMT Not After : Apr 18 03:01:17 2026 GMT Subject: CN=b373fcab94e65bf8c4ad9eef7940a3ce86ad9763 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:03:f6:46:8f:f8:bd:ff:02:cf:52:39:92:63: b3:b4:a0:6e:3d:b5:29:1b:b3:cc:75:f2:35:a9:d0: 41:8f:72:8f:00:5f:f0:21:7d:ea:3f:eb:cf:84:bd: 7a:26:17:06:53:47:52:17:0e:86:df:7e:a6:ae:dc: e4:b9:f9:fe:d6:7d:6c:83:13:a5:77:26:12:e0:8b: b9:3a:ef:bf:8a:6c:96:8e:89:a2:f4:fa:5a:45:23: ed:3c:68:43:83:08:af:7e:a0:d7:8f:cd:da:79:74: 3d:79:dd:0f:f0:83:b3:01:bd:0b:11:26:ea:d1:10: 4d:de:88:4e:78:03:61:a1:40:69:c9:92:e1:d5:e5: a9:63:33:67:7e:d0:15:5c:6c:a4:d3:56:c0:eb:74: 23:6a:8e:04:9a:93:e1:e3:0e:f8:30:14:37:a7:41: 56:85:24:7a:69:be:fe:2a:3a:5f:6a:89:fd:33:a0: 5d:90:84:33:33:de:ca:eb:be:64:16:00:90:d2:54: 08:07:34:e0:44:2b:49:7f:9a:67:8e:6b:38:94:65: 1d:d9:ff:d6:e9:43:1f:22:c2:56:2b:e2:69:f0:5e: 58:8c:58:9a:67:77:b7:da:7f:70:c0:38:cd:be:60: 60:3c:16:f1:4f:d0:d0:83:fc:6f:cd:e7:b6:b0:11: b3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:73:FC:AB:94:E6:5B:F8:C4:AD:9E:EF:79:40:A3:CE:86:AD:97:63 X509v3 Authority Key Identifier: keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:cd:8f:cd:d0:b2:6c:74:23:79:e6:7c:82:2f:72:42:6e:59: c6:3f:8c:dc:2d:a0:c3:26:a0:80:fe:d9:5b:f6:71:f5:81:c6: aa:14:fb:bd:2f:97:12:9d:02:10:ea:29:bd:59:85:14:e9:9a: 14:e7:1f:c9:25:88:46:20:15:32:77:7b:58:ee:64:fe:7a:94: d2:57:58:b4:9c:e2:ea:94:24:e4:3e:d2:b2:69:3b:f4:da:98: 1e:18:80:8a:cb:e6:5b:78:f9:d4:38:c8:22:e5:e7:63:46:72: 88:6d:df:89:7b:46:2f:c9:05:7c:32:50:92:b1:81:d4:9d:c4: b4:65:41:a9:ea:7c:9b:c7:f7:24:67:63:77:2c:77:1e:ac:c8: d5:07:e0:7c:60:29:09:0b:97:32:dd:c1:73:ff:75:2e:57:aa: 82:c0:8e:5b:ca:51:61:15:b4:b3:07:15:e5:47:63:2c:eb:a7: 9f:fb:71:26:a5:8a:a0:ad:cb:c9:62:4c:69:a9:1b:07:d1:03: cf:da:c3:3e:a9:5f:f0:51:28:cf:30:0a:2d:55:7e:6e:20:46: aa:de:1c:7c:1d:24:8a:45:ce:7f:3e:1d:1c:b7:b4:31:47:89: f0:6f:da:32:9d:82:3d:74:9a:a8:67:26:0e:25:5c:1c:10:4f: f9:df:b8:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2ZYrxBlQgr61CnovelbKa1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw MDhhZWMwHhcNMjYwNDE3MDMwMTE3WhcNMjYwNDE4MDMwMTE3WjAzMTEwLwYDVQQD EyhiMzczZmNhYjk0ZTY1YmY4YzRhZDllZWY3OTQwYTNjZTg2YWQ5NzYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQP2Ro/4vf8Cz1I5kmOztKBuPbUp G7PMdfI1qdBBj3KPAF/wIX3qP+vPhL16JhcGU0dSFw6G336mrtzkufn+1n1sgxOl dyYS4Iu5Ou+/imyWjomi9PpaRSPtPGhDgwivfqDXj83aeXQ9ed0P8IOzAb0LESbq 0RBN3ohOeANhoUBpyZLh1eWpYzNnftAVXGyk01bA63Qjao4EmpPh4w74MBQ3p0FW hSR6ab7+Kjpfaon9M6BdkIQzM97K675kFgCQ0lQIBzTgRCtJf5pnjms4lGUd2f/W 6UMfIsJWK+Jp8F5YjFiaZ3e32n9wwDjNvmBgPBbxT9DQg/xvzee2sBGzKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLNz/KuU5lv4xK2e73lAo86GrZdjMB8GA1UdIwQY MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt YjA3ZDg0MTZhZTRhLzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhs2PzdCy bHQjeeZ8gi9yQm5Zxj+M3C2gwyaggP7ZW/Zx9YHGqhT7vS+XEp0CEOopvVmFFOma FOcfySWIRiAVMnd7WO5k/nqU0ldYtJzi6pQk5D7Ssmk79NqYHhiAisvmW3j51DjI IuXnY0ZyiG3fiXtGL8kFfDJQkrGB1J3EtGVBqep8m8f3JGdjdyx3HqzI1QfgfGAp CQuXMt3Bc/91LleqgsCOW8pRYRW0swcV5UdjLOunn/txJqWKoK3LyWJMaakbB9ED z9rDPqlf8FEozzAKLVV+biBGqt4cfB0kikXOfz4dHLe0MUeJ8G/aMp2CPXSaqGcm DiVcHBBP+d+4Jw== -----END CERTIFICATE-----Generated at Fri Apr 17 06:34:01 2026 by rpki-client