$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft File: ymRB2dgH4NeM51IToQNADuFKfNw.mft (raw, json) Hash identifier: NFN5uXoAsHMsXzfznCaQUajMSBWBeBOJqkGoNIRGfSI= Subject key identifier: 07:31:DF:1B:10:AC:3C:39:23:A7:8A:01:BE:6F:C8:14:C2:FF:54:4F Authority key identifier: CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC Certificate issuer: /CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc Certificate serial: 019CABD984F1035236F9B3EBDBBCD07E1B68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft Manifest number: 03C8 Signing time: Mon 02 Mar 2026 00:01:25 +0000 Manifest this update: Mon 02 Mar 2026 00:01:25 +0000 Manifest next update: Tue 03 Mar 2026 00:01:25 +0000 Files and hashes: 1: 0Oic1IcERTEb5DlaPzbn0th6N50.roa (hash: bDlBbgczPM559YYoDu7tlNakooG/ffcXd8tnjCuBkcE=) 2: 22VKqsoF6YnHioFgIyM1cB53zy8.roa (hash: ARfo70H8qjNrnmwt7+R6arxwp4fmQrb5Zru8EDN1xxc=) 3: 3p_wd6vJjZUyWJtHMCK8ESOv_AE.roa (hash: PxepYwEvTDnK7OgAV3Azq1CJ9rgZFmA7S3U2X7fVhUI=) 4: 5gYY22Jz1wKNyzXN9Gt_xzvZSfY.roa (hash: 5wrEQMdQmaY0xkABdOrQufd1yopCOpthee6ppiUQDI8=) 5: 80iCgpPXOpxj2QuyhWAAhLXssPg.roa (hash: R9I/2lsnefslGYRmmPeJiUGqHF+AhkybIV+mxlt9CnQ=) 6: CwMnrmC4gxvJOxo4ISqJ8a_D-4o.roa (hash: OFDhWVpTOVd8Jw30rGitjHqq/rmUoGlO3xXz+liY4TE=) 7: E-oIiGlZfX5hqiKQXtKucjllYUk.roa (hash: lyqop0HaLt07HWCMdbsYQ/bfLgKyF02QQKQwg4136FM=) 8: FVXQwmYUOfA-cy8XiaHN8ohstLo.roa (hash: KoIZnDM2RImr+Wy3ZdTY9y9ejiMX27DEBwUolXbHWds=) 9: HvmqBtWUYMGFh5C-KyBSOzuc75c.roa (hash: i4C3k1sm5mmjzNZsvd78LY+nyVs9jkbVVK2+DN/cqVE=) 10: Y76_y_xLVztNK39T96pu_rBSKLo.roa (hash: 9BvqRt1UWnSCDtktvQou5BOZ1pz9BvWMZVJv4pDcqvs=) 11: YmcjwNy-2Q2cF2RUKbteJIF4zfc.roa (hash: zD4f/kaHp2DURR07uKQMW1jZdmkie967aQyuFRXFV34=) 12: _XT64j01zWROH09NkPv4593FiP8.roa (hash: oxJjTVUjM45ccLtDfR5Z4/WLBZW/py7h9lJaETFZdpc=) 13: bj44VJDQrpOwawRUkessJ1R8jYY.roa (hash: z80ifPC0ZLzcF5tnL4jWIKImO3qEDSXM3xUBgVNcb54=) 14: crkhxGWkgmwG_-vobiP0N73TayI.roa (hash: HhQ6usYG3RK7Np90x4q/JofxoV9ftVupdPb8WruxpMw=) 15: gpmKeKSdu4P8fyG-FV5jxZupaHc.roa (hash: XMF8G4sRkLuyi87lc6ccIATt2gmpyKahxczUcJ2Z9rc=) 16: rKS9FaM6Qt0Ms5YBUHAjfIaHFX8.roa (hash: eCTO0OljowtR9aX2ozemU+6YK6WKceHzqOl/CJ0iOhA=) 17: ymRB2dgH4NeM51IToQNADuFKfNw.crl (hash: Jfq3GRbEvqOAP0dxXKpdetq4UPz8h64wslKCZNhCfcw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Mar 2026 00:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:ab:d9:84:f1:03:52:36:f9:b3:eb:db:bc:d0:7e:1b:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc Validity Not Before: Mar 2 00:01:25 2026 GMT Not After : Mar 3 00:01:25 2026 GMT Subject: CN=0731df1b10ac3c3923a78a01be6fc814c2ff544f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:06:40:16:ac:1a:73:89:c2:4a:23:4c:a2:1f: 23:03:b6:d1:95:2a:a9:d0:21:81:d5:fb:1b:3d:5b: 3a:7a:ee:b9:04:1a:00:25:35:62:3f:9d:28:94:84: 22:7d:11:0a:dc:7f:8e:8c:de:2e:8c:4a:cc:26:43: da:c0:00:e7:47:0f:d4:84:b5:ad:1f:5a:32:47:76: bf:f2:12:dc:b4:12:68:38:31:bc:1b:d5:6d:7d:fb: af:5a:43:e1:69:a4:3e:66:a0:15:aa:70:77:56:72: 91:20:dc:d1:e8:85:7c:99:bd:1c:c3:95:b2:ca:f3: de:15:14:eb:3c:97:45:6f:0a:31:1f:92:14:9c:56: 22:cb:d6:11:87:70:49:b3:8b:8f:6e:34:90:11:e5: a5:10:c5:f9:0b:cf:4b:b9:71:14:73:60:96:ea:09: 90:f1:a9:6c:f1:af:59:ff:f5:69:b7:c5:7e:53:e7: ef:d2:9e:15:b6:88:d7:6d:b4:df:50:8f:e8:15:7b: a4:2b:ed:39:5c:53:70:13:c5:d2:c4:84:47:c5:88: 90:5d:35:2b:6f:7b:94:29:a6:c8:f7:ad:22:08:52: 2d:fd:a7:e8:9b:ea:cd:09:b9:21:a3:32:99:03:55: 23:0e:28:e0:d9:9b:90:cc:2b:bc:25:25:2b:f8:56: 7b:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:31:DF:1B:10:AC:3C:39:23:A7:8A:01:BE:6F:C8:14:C2:FF:54:4F X509v3 Authority Key Identifier: keyid:CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:3a:1c:b6:75:be:6f:ee:1a:e1:44:19:e2:5e:3f:88:c3:a0: c5:f8:05:df:47:fd:9a:e8:cc:ef:c8:ab:07:da:97:30:f0:b0: 15:ee:99:7b:f0:51:1c:7f:ec:ab:64:d5:bf:1f:9d:58:ef:d9: c9:b0:40:ba:e1:93:c8:ab:43:f0:0b:46:7e:fa:00:1b:9e:fc: 7f:1d:09:5d:47:38:74:ff:19:6b:2d:32:24:82:de:5a:d3:7f: 03:10:64:75:ca:e1:0a:6a:77:8d:83:54:8f:c6:9a:78:28:a0: fb:59:c3:dd:9e:01:6d:48:b6:dc:06:aa:6a:53:62:51:cc:6d: 39:43:ca:66:87:4c:ee:8b:00:ff:2b:6f:67:5b:ea:d2:7c:ad: 95:45:f5:ee:7a:e9:c9:63:e3:cd:0f:c4:8e:6c:f4:88:8b:a2: 3d:eb:f1:7d:e7:f5:37:a2:a2:98:03:f9:6d:d3:72:41:2a:92: 72:ff:51:dd:f6:fa:3b:7e:ba:00:9f:65:85:dc:44:57:24:4e: 1a:57:a4:d3:8a:65:b3:d7:5b:84:19:c6:5e:79:ae:9c:8f:04: 3d:a0:39:b0:4d:b5:71:f2:6c:69:62:d4:42:86:8c:32:60:f3: b3:f7:a2:f4:a9:ab:b2:d0:a3:bb:14:6c:b7:a4:8d:e6:e3:67: 95:c7:a0:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZyr2YTxA1I2+bPr27zQfhtoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNjQ0MWQ5ZDgwN2UwZDc4Y2U3NTIxM2ExMDM0MDBlZTE0 YTdjZGMwHhcNMjYwMzAyMDAwMTI1WhcNMjYwMzAzMDAwMTI1WjAzMTEwLwYDVQQD EygwNzMxZGYxYjEwYWMzYzM5MjNhNzhhMDFiZTZmYzgxNGMyZmY1NDRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAZAFqwac4nCSiNMoh8jA7bRlSqp 0CGB1fsbPVs6eu65BBoAJTViP50olIQifREK3H+OjN4ujErMJkPawADnRw/UhLWt H1oyR3a/8hLctBJoODG8G9VtffuvWkPhaaQ+ZqAVqnB3VnKRINzR6IV8mb0cw5Wy yvPeFRTrPJdFbwoxH5IUnFYiy9YRh3BJs4uPbjSQEeWlEMX5C89LuXEUc2CW6gmQ 8als8a9Z//Vpt8V+U+fv0p4VtojXbbTfUI/oFXukK+05XFNwE8XSxIRHxYiQXTUr b3uUKabI960iCFIt/afom+rNCbkhozKZA1UjDijg2ZuQzCu8JSUr+FZ7FwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAcx3xsQrDw5I6eKAb5vyBTC/1RPMB8GA1UdIwQY MBaAFMpkQdnYB+DXjOdSE6EDQA7hSnzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYt MmUyOGI5NjQ5OGE5LzEveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYtMmUyOGI5NjQ5OGE5 LzEveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALDoctnW+ b+4a4UQZ4l4/iMOgxfgF30f9mujM78irB9qXMPCwFe6Ze/BRHH/sq2TVvx+dWO/Z ybBAuuGTyKtD8AtGfvoAG578fx0JXUc4dP8Zay0yJILeWtN/AxBkdcrhCmp3jYNU j8aaeCig+1nD3Z4BbUi23AaqalNiUcxtOUPKZodM7osA/ytvZ1vq0nytlUX17nrp yWPjzQ/Ejmz0iIuiPevxfef1N6KimAP5bdNyQSqScv9R3fb6O366AJ9lhdxEVyRO Glek04pls9dbhBnGXnmunI8EPaA5sE21cfJsaWLUQoaMMmDzs/ei9KmrstCjuxRs t6SN5uNnlceg9A== -----END CERTIFICATE-----Generated at Mon Mar 2 10:38:22 2026 by rpki-client