$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json) Hash identifier: oTDJGnf2374C/pFuTZs80h1gqRNOiy7vweMMp8dawIU= Subject key identifier: 5B:43:51:F6:5A:6F:C8:7C:AA:73:E0:69:F6:70:50:3A:12:14:BF:4B Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019CAA5926AC09950DBE74AFBCF3E76A9275 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft Manifest number: 185E Signing time: Sun 01 Mar 2026 17:01:35 +0000 Manifest this update: Sun 01 Mar 2026 17:01:35 +0000 Manifest next update: Mon 02 Mar 2026 17:01:35 +0000 Files and hashes: 1: 1-dAYLfzEcuSnLWMiLXXSdIwT4rU.roa (hash: WhA4jtvtbE79AQa3IJODloRRuW4QHZIWAX/A32JL7m4=) 2: GOmV_75Dv1jwn9wiVioc2BSPZTo.roa (hash: pRTwblvRoqzlcA6ZsWJlwN1cr9uhPXOkl31rFqoTMf8=) 3: NklSIVNcNIWeMyDnmkM31BBhz1c.roa (hash: UKSW2BDTyMNTJDzhPRFU+Wzj1R5uLkgmHOPWx5CWEqQ=) 4: W4UHRrBQAt50eiIa0aXkDS2q-jI.roa (hash: wJtHrvfPjqzoQaYOzEJ/TBfUCsO/TaG3P+SEUHqq3Ig=) 5: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: rupOp4J0ZxUb4Qnb6AOhLsX9HzUxNOPn0Egfx9MQ8AU=) 6: _5CTbNuX6fLN7jDqdj1oQp0kARc.roa (hash: Ha0LgykvjQP+9qGPn28IFIuJ0yQRLEpHe1bDMbGiuiE=) 7: _YOXL7ZxwGLyAFtXgmbGoGmsxw0.roa (hash: oYcEDHMjBaLjLdS2+cnHZQVD1ORy9f2L160BSTCgJ4c=) 8: itgrIp1NxpdNbAgMEeQKpbEmf5o.roa (hash: Js4lM2igXS9YqpQe0RjS4UXqcJs8/ISJx7M/fH+77eg=) 9: lxIA5T6ig6P82Z6FpI76sa5r9Hk.roa (hash: 3LHUUi612Oq28/k9MVav0SeJK2Lmj7BOxrV2xdjlDis=) 10: szXceV_8JO0f_7ooL6S8iduW9xI.roa (hash: xeJBYCAXDOSNVRxdgWGAZ1ipDc3y7H3KXIsJs1D2FK4=) 11: xnSiVa_Qi8Hl5xGaTydyCAcB4Q4.roa (hash: SWwZIzY753Ls9csZNqAI1seyxm1jJEeEibvAi3lb+6E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 17:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:aa:59:26:ac:09:95:0d:be:74:af:bc:f3:e7:6a:92:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Mar 1 17:01:35 2026 GMT Not After : Mar 2 17:01:35 2026 GMT Subject: CN=5b4351f65a6fc87caa73e069f670503a1214bf4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:77:9d:0f:85:93:79:57:69:1c:b5:cb:40:47: e3:87:72:e6:a6:67:59:f6:92:82:2e:34:a6:39:c9: 16:e4:45:eb:05:a1:d8:03:8a:cb:fe:0a:6a:86:c6: 79:51:ae:5a:e3:67:f4:57:8d:8b:0b:95:c5:2f:4b: c4:83:db:81:b9:b5:4b:6b:98:7b:80:4f:d6:d1:6e: f1:3a:23:2d:f3:6c:4e:02:9c:0a:60:8f:50:18:87: 8d:15:68:43:f3:2c:2b:92:72:e4:50:bf:8c:e0:21: d3:2d:94:8e:23:e3:08:ae:d5:3c:61:4a:d5:06:02: dc:90:58:eb:88:c5:ef:cd:00:75:cb:d6:70:17:c8: 38:0e:4d:d9:c0:6d:35:6a:ec:9a:e4:c6:04:30:ef: d9:25:3d:c8:0b:f8:74:3a:ea:a9:f0:82:8f:f6:3e: 0a:de:32:70:5e:01:4e:19:22:7f:18:0c:4f:6b:85: 7a:4a:d3:8d:03:c6:bc:86:81:8f:9f:94:cb:ff:76: cc:d6:7b:d2:af:c0:38:7e:3d:99:69:86:d0:c9:71: 98:5b:5a:94:3f:27:ab:06:2c:35:09:e9:92:94:03: e0:13:2e:16:0e:fb:10:06:08:f7:e5:e3:8e:c0:29: 1e:d6:4d:76:a5:e4:a3:e2:3b:b9:25:fa:d9:53:5e: 42:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:43:51:F6:5A:6F:C8:7C:AA:73:E0:69:F6:70:50:3A:12:14:BF:4B X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:19:f2:2e:b2:e8:3d:b8:9a:37:f8:54:3c:11:b0:9d:f7:12: e8:c2:fc:be:51:f4:65:50:68:3e:52:3b:7f:43:52:90:66:7c: 86:11:bb:d9:8f:b7:30:9c:04:82:43:b6:5a:12:2b:e8:3f:b3: 92:34:6a:29:1a:a5:20:8a:c4:72:f3:18:45:45:56:a0:1f:76: e9:c1:a0:42:36:61:20:8e:cc:bc:23:e6:ad:6e:ab:69:76:e0: 78:11:f1:94:99:ff:fc:17:4a:17:0a:09:8f:7a:d4:53:8d:df: e2:ed:3c:8c:73:85:20:2b:10:71:d5:dd:d9:ee:54:e3:3d:ef: 7d:57:6c:30:21:a6:d8:dd:19:4a:1a:ce:6e:2e:ab:65:e6:ad: 82:8e:0d:93:4f:3b:57:80:b1:44:a8:8e:bb:08:be:c8:7f:64: c1:4c:7a:cf:64:e3:60:c1:f3:4b:5a:f9:ca:92:40:41:88:85: fa:05:eb:8d:59:21:12:e6:84:b6:cf:21:fa:20:9f:4c:38:65: 0d:ab:f0:18:ce:bf:16:6c:14:9a:dd:83:8a:a1:5e:8f:b2:d4: fe:4c:ec:cc:24:48:e8:65:67:78:ca:66:47:e4:c7:de:a5:48: 57:63:19:f8:e1:cb:0a:e9:a0:cc:17:51:24:27:c7:f7:5e:04: 7d:75:80:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZyqWSasCZUNvnSvvPPnapJ1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjYwMzAxMTcwMTM1WhcNMjYwMzAyMTcwMTM1WjAzMTEwLwYDVQQD Eyg1YjQzNTFmNjVhNmZjODdjYWE3M2UwNjlmNjcwNTAzYTEyMTRiZjRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznedD4WTeVdpHLXLQEfjh3LmpmdZ 9pKCLjSmOckW5EXrBaHYA4rL/gpqhsZ5Ua5a42f0V42LC5XFL0vEg9uBubVLa5h7 gE/W0W7xOiMt82xOApwKYI9QGIeNFWhD8ywrknLkUL+M4CHTLZSOI+MIrtU8YUrV BgLckFjriMXvzQB1y9ZwF8g4Dk3ZwG01auya5MYEMO/ZJT3IC/h0Ouqp8IKP9j4K 3jJwXgFOGSJ/GAxPa4V6StONA8a8hoGPn5TL/3bM1nvSr8A4fj2ZaYbQyXGYW1qU PyerBiw1CemSlAPgEy4WDvsQBgj35eOOwCke1k12peSj4ju5JfrZU15CNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFtDUfZab8h8qnPgafZwUDoSFL9LMB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABRnyLrLo PbiaN/hUPBGwnfcS6ML8vlH0ZVBoPlI7f0NSkGZ8hhG72Y+3MJwEgkO2WhIr6D+z kjRqKRqlIIrEcvMYRUVWoB926cGgQjZhII7MvCPmrW6raXbgeBHxlJn//BdKFwoJ j3rUU43f4u08jHOFICsQcdXd2e5U4z3vfVdsMCGm2N0ZShrObi6rZeatgo4Nk087 V4CxRKiOuwi+yH9kwUx6z2TjYMHzS1r5ypJAQYiF+gXrjVkhEuaEts8h+iCfTDhl DavwGM6/FmwUmt2DiqFej7LU/kzszCRI6GVneMpmR+TH3qVIV2MZ+OHLCumgzBdR JCfH914EfXWA4A== -----END CERTIFICATE-----Generated at Mon Mar 2 02:07:22 2026 by rpki-client