$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json) Hash identifier: Oc0Y/HsL9sUhRpNovZEw1bDUlk02q/QGpu9hboeo93A= Subject key identifier: 17:39:9B:C5:73:55:C9:0C:D2:F3:AA:D3:57:D6:0E:E3:27:17:39:25 Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019D99CFE7AB4002B1F77D11B24665F216D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft Manifest number: 18DA Signing time: Fri 17 Apr 2026 05:00:32 +0000 Manifest this update: Fri 17 Apr 2026 05:00:32 +0000 Manifest next update: Sat 18 Apr 2026 05:00:32 +0000 Files and hashes: 1: 1-dAYLfzEcuSnLWMiLXXSdIwT4rU.roa (hash: WhA4jtvtbE79AQa3IJODloRRuW4QHZIWAX/A32JL7m4=) 2: GOmV_75Dv1jwn9wiVioc2BSPZTo.roa (hash: pRTwblvRoqzlcA6ZsWJlwN1cr9uhPXOkl31rFqoTMf8=) 3: NklSIVNcNIWeMyDnmkM31BBhz1c.roa (hash: UKSW2BDTyMNTJDzhPRFU+Wzj1R5uLkgmHOPWx5CWEqQ=) 4: W4UHRrBQAt50eiIa0aXkDS2q-jI.roa (hash: wJtHrvfPjqzoQaYOzEJ/TBfUCsO/TaG3P+SEUHqq3Ig=) 5: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: RCsshIhxURdAO2h/g2NnzvSnZrTDh+sYM41iu1G3Y+k=) 6: _5CTbNuX6fLN7jDqdj1oQp0kARc.roa (hash: Ha0LgykvjQP+9qGPn28IFIuJ0yQRLEpHe1bDMbGiuiE=) 7: _YOXL7ZxwGLyAFtXgmbGoGmsxw0.roa (hash: oYcEDHMjBaLjLdS2+cnHZQVD1ORy9f2L160BSTCgJ4c=) 8: itgrIp1NxpdNbAgMEeQKpbEmf5o.roa (hash: Js4lM2igXS9YqpQe0RjS4UXqcJs8/ISJx7M/fH+77eg=) 9: lxIA5T6ig6P82Z6FpI76sa5r9Hk.roa (hash: 3LHUUi612Oq28/k9MVav0SeJK2Lmj7BOxrV2xdjlDis=) 10: szXceV_8JO0f_7ooL6S8iduW9xI.roa (hash: xeJBYCAXDOSNVRxdgWGAZ1ipDc3y7H3KXIsJs1D2FK4=) 11: xnSiVa_Qi8Hl5xGaTydyCAcB4Q4.roa (hash: SWwZIzY753Ls9csZNqAI1seyxm1jJEeEibvAi3lb+6E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 22:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:99:cf:e7:ab:40:02:b1:f7:7d:11:b2:46:65:f2:16:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Apr 17 05:00:32 2026 GMT Not After : Apr 18 05:00:32 2026 GMT Subject: CN=17399bc57355c90cd2f3aad357d60ee327173925 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b2:a8:04:36:ef:1a:93:68:c2:c1:fb:42:f7: 1f:b6:a6:91:56:27:8c:14:8e:35:c4:c9:97:8c:f4: a2:86:32:ef:38:fc:43:fe:0c:1e:94:67:33:12:2c: 41:44:9d:2f:6d:28:52:d0:cb:1f:6f:b3:3d:61:57: aa:a1:d0:1e:73:26:46:c3:71:4b:a2:b3:6b:77:4f: 4b:81:e2:35:99:1d:23:9e:e4:5f:74:e3:d1:65:07: b7:4b:6d:ad:88:15:16:19:43:e8:18:8e:74:57:7e: da:a3:5a:64:4e:28:86:fa:8c:b3:28:15:d6:23:22: 1f:70:bf:6a:9f:3b:14:7e:fe:61:60:d4:56:04:a5: a7:cc:85:52:62:ab:3c:08:50:a1:eb:65:43:d5:1d: 05:f5:e5:94:c6:4e:80:36:b7:c1:0c:c0:6c:db:f6: aa:99:8c:a7:b2:47:c2:5e:71:81:34:2d:55:f4:35: bb:3e:e2:60:28:fe:e1:e2:77:fb:b2:20:f2:af:d3: fa:90:d2:0e:3d:fb:47:50:bc:d6:ba:77:3e:84:ba: 3b:2c:19:04:12:ba:65:f4:14:eb:b6:59:8b:99:44: 18:37:f5:5c:49:66:99:1f:20:b0:c3:8d:d3:98:3c: 95:8a:52:a4:53:3f:37:a3:af:b0:42:50:62:cd:b3: 6c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:39:9B:C5:73:55:C9:0C:D2:F3:AA:D3:57:D6:0E:E3:27:17:39:25 X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:d3:be:61:3a:76:d0:49:7f:ae:16:f2:10:7d:fb:91:0a:41: a6:9f:bb:6a:7f:bc:a3:1c:1c:fb:59:2b:34:88:6c:20:59:fb: 90:e0:4f:e5:6a:15:08:ef:cb:5c:13:c2:ff:9d:a2:e7:a4:0f: 47:c6:4b:58:9e:a7:f1:bd:f3:4c:25:f1:c1:d8:71:4c:d8:35: 80:9c:8a:89:2b:5a:1b:60:8f:a8:d2:61:2c:04:d2:f7:0b:88: 07:f6:11:18:a7:6d:07:88:4e:c0:1a:09:d9:83:76:81:4f:dc: 62:d1:a8:50:6b:63:2a:62:55:c0:d6:72:44:d8:44:7a:5a:8d: 5b:e3:33:4f:85:bc:e2:eb:80:9b:f2:df:10:3f:09:b0:42:dc: ff:fd:da:35:93:76:b4:cf:24:8a:7a:11:2b:38:2a:b1:9e:32: bd:48:b3:96:b4:58:d8:bd:c9:15:f3:d0:eb:74:7a:c6:76:91: 0d:34:e4:e6:c5:3a:6d:0f:cd:30:36:0d:19:7b:3c:29:89:89: 9f:3d:58:4a:a8:60:23:df:16:45:e2:aa:96:36:16:5d:0f:83: 7c:78:74:c7:4c:69:25:cd:91:58:ce:96:4a:7f:0f:e1:d1:15: 45:91:42:a3:23:b1:15:47:d0:d4:9e:9c:a1:92:72:66:86:fa: 77:3c:04:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2Zz+erQAKx930RskZl8hbWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjYwNDE3MDUwMDMyWhcNMjYwNDE4MDUwMDMyWjAzMTEwLwYDVQQD EygxNzM5OWJjNTczNTVjOTBjZDJmM2FhZDM1N2Q2MGVlMzI3MTczOTI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7KoBDbvGpNowsH7QvcftqaRVieM FI41xMmXjPSihjLvOPxD/gwelGczEixBRJ0vbShS0Msfb7M9YVeqodAecyZGw3FL orNrd09LgeI1mR0jnuRfdOPRZQe3S22tiBUWGUPoGI50V37ao1pkTiiG+oyzKBXW IyIfcL9qnzsUfv5hYNRWBKWnzIVSYqs8CFCh62VD1R0F9eWUxk6ANrfBDMBs2/aq mYynskfCXnGBNC1V9DW7PuJgKP7h4nf7siDyr9P6kNIOPftHULzWunc+hLo7LBkE Erpl9BTrtlmLmUQYN/VcSWaZHyCww43TmDyVilKkUz83o6+wQlBizbNsIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBc5m8VzVckM0vOq01fWDuMnFzklMB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeNO+YTp2 0El/rhbyEH37kQpBpp+7an+8oxwc+1krNIhsIFn7kOBP5WoVCO/LXBPC/52i56QP R8ZLWJ6n8b3zTCXxwdhxTNg1gJyKiStaG2CPqNJhLATS9wuIB/YRGKdtB4hOwBoJ 2YN2gU/cYtGoUGtjKmJVwNZyRNhEelqNW+MzT4W84uuAm/LfED8JsELc//3aNZN2 tM8kinoRKzgqsZ4yvUizlrRY2L3JFfPQ63R6xnaRDTTk5sU6bQ/NMDYNGXs8KYmJ nz1YSqhgI98WReKqljYWXQ+DfHh0x0xpJc2RWM6WSn8P4dEVRZFCoyOxFUfQ1J6c oZJyZob6dzwEXw== -----END CERTIFICATE-----Generated at Fri Apr 17 08:05:55 2026 by rpki-client