$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: lusKBpSDgNSV0AcV//gvnPn3kGPtMg4NdsxAUVcUt9M= Subject key identifier: B9:FC:E8:D5:B8:7B:1B:51:D9:F2:97:02:CD:97:55:2E:5E:CF:45:7A Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019CAA21B6CFE98B13709DE16CFD717CDDDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 1361 Signing time: Sun 01 Mar 2026 16:01:01 +0000 Manifest this update: Sun 01 Mar 2026 16:01:01 +0000 Manifest next update: Mon 02 Mar 2026 16:01:01 +0000 Files and hashes: 1: 9ThI9Z7soYxz8aK7SxBvxoPEOX4.roa (hash: 2FCnysFwLOl4zVeb97SHJ1QvBKVL+gw4QmS3UAORjFk=) 2: BsMfnzrxddpnmFQ8FtiqLN4hIRw.roa (hash: GbFN7H89aII0f8FiIff5RGaJGPYoV9OOEoYuPkHE93c=) 3: C67-QabxkPaVhoCKelfc7gJ1hK8.roa (hash: 0WW6NyrxV5VH4o1lj6kLTZOdEKPeDBs7ouwPQd+hBHw=) 4: F9-SxyIQIDP0T_L82XSaWh-dz-8.roa (hash: xq0esTvybmQE92rRBw7ldOk97wFXJ2Dn8bPKN1sbBN4=) 5: GXCfAVmuuL63Oe4dOVqYkc3Wuzg.roa (hash: L3MDEpVumA01FdWvikqD5sE8kkEXPwKtDKdz6KqfMnQ=) 6: RY0bArq-jZLzZUGQCt7VtVQ1eP8.roa (hash: nOIDnyfWMWKkEgKPjDc9li7leEEkKMO7ZYw+RINdMRI=) 7: WNwct_JeSUw9EGnGt5EMmHO1qnA.roa (hash: 8JESbBJVZwKNLtuuBYLAyN1yjWX+0RJfMcx4iiDnUQ0=) 8: aOPciO2i4pfhYNx8M-BLAat6K88.roa (hash: 23mtM/XEA4F6fUISXd4S0ZErct8gDmnUbBNFqEeBNOc=) 9: br-MdcUGAgIJZ2jokAIrGgvBgVg.roa (hash: nAJrJwXFm0eNNJbUiUMkYMOpV3Mo7gqR8CqVePMN9SA=) 10: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: khgFuGVJoTKGhAuNHx9MHOKf37EbPQRxZBRkKqtsSdQ=) 11: p3gPfuFdg2rqrSBfl0UDEUdNbjM.roa (hash: bWC6ioqLuy3JQURX6TTBBncQtFn3EtAYrnrtm+JIq5g=) 12: qoJxh9RoMci9r1884qksasXONeQ.roa (hash: b1P5hF2MWBN0Il3GucTyqyanvw/mWve+jbkBZTYW4xQ=) 13: zByDWqzQes6Qf_5yruyAW6l4NA8.roa (hash: 4mGvD80bIUslVCK/Nf88S+YHOSjLonqjJpu89t+7Om0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 15:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:aa:21:b6:cf:e9:8b:13:70:9d:e1:6c:fd:71:7c:dd:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Mar 1 16:01:01 2026 GMT Not After : Mar 2 16:01:01 2026 GMT Subject: CN=b9fce8d5b87b1b51d9f29702cd97552e5ecf457a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:a2:d4:46:27:82:65:5d:85:4b:62:85:d4:9d: c3:be:f0:73:ed:d7:1f:b0:9b:2f:89:6f:d5:08:1b: 8f:f2:aa:02:1d:ba:89:3e:78:d0:89:b7:a7:38:a3: cf:7c:9a:df:53:8c:c6:7e:08:16:7e:ac:13:c8:48: dd:a2:7a:9f:01:66:55:7e:18:fc:84:62:89:1b:ad: a9:ab:eb:21:5e:73:e4:50:4f:a8:35:03:6d:17:54: 32:5f:2e:52:60:88:3b:46:5a:40:09:24:f5:ac:4a: d7:a3:57:ad:c3:7c:d2:ba:b2:06:78:e9:db:47:86: a9:53:22:56:5f:58:3a:e5:c6:17:c7:47:08:33:a0: 02:11:19:9d:81:3c:47:d5:6d:d9:90:f5:92:31:74: 39:61:48:83:f0:be:58:a0:3e:11:7a:07:b8:e6:81: 40:f3:61:94:b0:bc:09:4a:86:27:8a:52:68:80:9d: 65:35:da:c4:8c:8b:f7:d2:df:a6:2b:c6:f4:ff:de: 35:0a:0f:ea:03:13:9c:db:af:df:63:49:56:50:35: f5:b4:19:8d:7b:22:b7:22:7c:f7:16:02:28:6d:de: 71:34:d4:b2:6b:fe:24:23:a5:ce:66:a3:63:a0:81: 95:d9:ad:08:51:0a:f1:25:c4:a5:4b:47:8a:2d:3b: 5f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:FC:E8:D5:B8:7B:1B:51:D9:F2:97:02:CD:97:55:2E:5E:CF:45:7A X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:18:81:02:0e:f6:07:9e:aa:2d:e4:47:db:86:99:51:57:d3: fe:c4:ff:75:b6:b0:58:bf:b8:2f:1f:02:68:ad:b6:bc:89:22: 68:31:d5:32:f7:b9:90:18:41:69:9d:29:09:0e:ab:fa:b1:1d: d2:84:90:2b:b3:d2:13:31:d8:c2:ea:57:0f:ed:db:03:86:91: 4e:08:f9:e3:7b:e3:5f:1d:8e:76:31:8c:7b:64:54:ca:d2:73: 02:6d:c7:95:16:83:7b:c4:ed:34:79:4a:d9:82:6a:43:69:45: 51:da:98:9e:2b:b7:d1:28:16:c4:e6:ca:d9:0a:4d:d9:d8:91: 06:b2:b1:05:18:8f:76:8d:74:8b:79:24:73:ff:76:b4:c6:50: b7:64:bd:4c:bc:8e:15:99:36:cb:d2:99:0c:d8:6c:7e:1f:7b: 34:4f:13:88:c0:be:6c:b9:ba:4d:0e:c7:74:41:08:24:b1:da: 54:3b:ed:35:02:34:61:3d:39:94:58:f1:b2:4d:05:bc:a1:fd: 74:5e:76:09:94:71:8b:a2:f6:ad:b4:1d:d6:a3:e0:fd:ba:92: 77:9d:97:a1:f0:f8:64:2c:97:a6:e2:ee:42:e3:34:00:dc:28: e4:af:a0:77:ae:c7:b6:80:e3:4f:85:d0:37:e5:84:ed:45:2e: be:eb:0e:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZyqIbbP6YsTcJ3hbP1xfN3cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjYwMzAxMTYwMTAxWhcNMjYwMzAyMTYwMTAxWjAzMTEwLwYDVQQD EyhiOWZjZThkNWI4N2IxYjUxZDlmMjk3MDJjZDk3NTUyZTVlY2Y0NTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aLURieCZV2FS2KF1J3DvvBz7dcf sJsviW/VCBuP8qoCHbqJPnjQibenOKPPfJrfU4zGfggWfqwTyEjdonqfAWZVfhj8 hGKJG62pq+shXnPkUE+oNQNtF1QyXy5SYIg7RlpACST1rErXo1etw3zSurIGeOnb R4apUyJWX1g65cYXx0cIM6ACERmdgTxH1W3ZkPWSMXQ5YUiD8L5YoD4Rege45oFA 82GUsLwJSoYnilJogJ1lNdrEjIv30t+mK8b0/941Cg/qAxOc26/fY0lWUDX1tBmN eyK3Inz3FgIobd5xNNSya/4kI6XOZqNjoIGV2a0IUQrxJcSlS0eKLTtf4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLn86NW4extR2fKXAs2XVS5ez0V6MB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQRiBAg72 B56qLeRH24aZUVfT/sT/dbawWL+4Lx8CaK22vIkiaDHVMve5kBhBaZ0pCQ6r+rEd 0oSQK7PSEzHYwupXD+3bA4aRTgj543vjXx2OdjGMe2RUytJzAm3HlRaDe8TtNHlK 2YJqQ2lFUdqYniu30SgWxObK2QpN2diRBrKxBRiPdo10i3kkc/92tMZQt2S9TLyO FZk2y9KZDNhsfh97NE8TiMC+bLm6TQ7HdEEIJLHaVDvtNQI0YT05lFjxsk0FvKH9 dF52CZRxi6L2rbQd1qPg/bqSd52XofD4ZCyXpuLuQuM0ANwo5K+gd67HtoDjT4XQ N+WE7UUuvusOQw== -----END CERTIFICATE-----Generated at Sun Mar 1 21:56:19 2026 by rpki-client