$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: JrgVZP6tRPSLcBTXxAi5JlhpUe0sQQqIZ8nfTW8rUiU= Subject key identifier: A7:23:C5:A1:B9:7C:BF:E4:1F:C8:D9:66:0D:7D:DD:B3:AC:D8:B8:1E Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019D9A3DFF853577E6ED18CBFD048F7EB6A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 0B8E Signing time: Fri 17 Apr 2026 07:00:47 +0000 Manifest this update: Fri 17 Apr 2026 07:00:47 +0000 Manifest next update: Sat 18 Apr 2026 07:00:47 +0000 Files and hashes: 1: 3JNAFPmuRusA7_P1cHUrpNc8ZWQ.roa (hash: zKy+aXsrA8Z978tqaQi0ynXqJW9mllBBtqQYt4mz8gc=) 2: 3eP-ZYKR74zQteZxg-jYK68KuKU.roa (hash: rI+Q6O08EYSoWZw7Ks588qVsTWbvSuHUC1dp2GQPsEg=) 3: Px4XmExl2QONyqSP6s8-qLoIeoI.roa (hash: reA0XoIHBbZsGAjNzRWT9dW+9757Ms5dgcUGYfnrDi8=) 4: SY0oaouPknTSy2MmGqSQOcOco4Q.roa (hash: HRxdYO/Iechw+UCcupxpKvFHOwFwn4JRjC6eMfFT/dQ=) 5: TQgAk-kjCmuvz2eqWr757vit-aI.roa (hash: lmDr2ZoodOyQIYq1JnmRLGHdUSfi5+BCh4SAfh571Mk=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: 33AmZJ8dquW9xnzkfYkPseJ76XHOtpSgfzknUkHZAJw=) 7: b4bnSjrxkGqwlr0zkoxcOijmFkc.roa (hash: fQuLS072q+zjmBm2EgGlUmemoEePNKD15HIZM6Eyfw4=) 8: cwwhcNpzOg_pmBszouIx8h2CHRU.roa (hash: vBJrQQ0ItgE86n69h/fkj396ErwZyqxGCsEUUVNAzdI=) 9: hlAbpQnKYaIDHrjCT-1lNBwSXu0.roa (hash: BILz2oAMGgMF6vZP6W3jaxaaHIODVkHC+m/GaL33QlM=) 10: kPZtrooPlOyF8jQupuEU9Gy1bJQ.roa (hash: KtcI+6F6qPHzsOZYQ0EOD+pODuibLz2OAgS4M/a6Aq4=) 11: oLlQgePRk9yvcOlL0Fl_a56u9H4.roa (hash: Wqock9cGRbZPQGtCkafIuYZm7FqajUuA17fJ83OGRks=) 12: otDdauzK1pDpIELnjnezw5Wgbks.roa (hash: PkYGbseDQrN+XnOme6deJeEpgE/JFmyzszNd7IeDEBs=) 13: qPI1ggc-eoyI91LAejwAAyCD3rI.roa (hash: tWlcYblK/ohLjpwsq6RKKOq9sGO2SDlm/NJl1KT1Ji8=) 14: qyLbFsRIe8Jd6sG2DI_BiTtP7io.roa (hash: yTz+vrd5+uJTzoZ6RiYw+CeRxkudUElCAIqfmUpkz54=) 15: rQn2WRp_5UNupaC6UAipqauzOpI.roa (hash: V779a6mTTAXptosRzFipPRD6TSrcHWeP9YRr7LrdpBM=) 16: vMyjTCsIRe0V7qqYSqRKgQhGULM.roa (hash: V42mkCmxs+ZvZ6Tmc6moy5eFcyohGVGWyhDhVpPXGok=) 17: xp9MuE3K7E-Sb2HgnwhKc3yErto.roa (hash: 9FJKEkYOHXVi/GiMh+ZQtwPZthuSJbC+u80wUEZ5uBo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 Apr 2026 07:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:9a:3d:ff:85:35:77:e6:ed:18:cb:fd:04:8f:7e:b6:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Apr 17 07:00:47 2026 GMT Not After : Apr 18 07:00:47 2026 GMT Subject: CN=a723c5a1b97cbfe41fc8d9660d7dddb3acd8b81e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:08:a9:c1:7d:6d:47:57:b8:19:7c:34:4d:99: 92:37:84:dc:ed:da:62:90:8c:83:a8:60:2c:9f:33: 9a:a8:91:57:b3:b7:4d:0d:95:bc:bd:58:67:17:6a: 0e:b1:f0:fe:ed:85:af:70:aa:88:d2:df:4c:5b:62: 7e:05:84:42:85:0f:81:07:72:b0:cf:45:3f:83:ab: 0c:23:7f:e5:cb:94:52:1b:7b:c8:7d:04:30:c0:be: d7:a6:a2:51:db:14:03:e9:86:8f:69:ee:9c:a4:74: b1:eb:f8:71:55:dd:c9:3d:da:ba:9b:59:66:35:41: 15:f6:94:53:65:29:93:66:d8:4f:30:63:a1:ff:83: b9:d3:c1:42:7e:c1:b1:d7:25:8e:8b:18:79:89:01: dc:ec:68:c1:3c:81:90:22:9f:63:51:51:dc:72:56: 7f:70:15:bc:5a:52:5f:ab:ca:70:16:a4:1d:11:df: 11:3a:90:73:72:31:21:85:e3:0d:5f:72:b1:62:6e: 76:21:ce:98:1a:25:6e:da:20:71:df:d0:94:01:69: c6:45:e6:21:b5:10:83:c3:97:03:ea:aa:e0:2e:ff: 0f:33:b8:96:53:c3:23:6c:25:0a:e8:a2:30:80:a6: 6c:24:0c:64:d6:14:b4:57:d1:14:0e:17:4c:22:51: 03:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:23:C5:A1:B9:7C:BF:E4:1F:C8:D9:66:0D:7D:DD:B3:AC:D8:B8:1E X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:ba:63:74:38:92:57:f4:3b:c0:f7:61:1a:5a:6d:38:d6:82: 20:55:06:fa:0d:40:27:1a:5b:bd:c6:13:5c:31:00:8c:84:cb: ba:4b:5c:b3:c2:51:37:bb:ca:0d:70:22:7e:69:d8:f9:4c:f1: 55:63:05:5a:7f:41:a8:35:f6:10:93:51:95:35:c7:5c:c9:5a: 93:c2:57:a9:c7:6f:06:61:69:31:c6:8e:e9:f7:d0:50:91:ce: 88:8f:53:b6:2a:cc:bb:e1:34:61:54:1a:21:cd:9d:f9:0a:34: ea:9c:d6:4f:6e:b8:87:4f:62:6a:8f:2b:b4:6e:0d:23:cc:1a: b0:fd:51:77:4e:33:12:0b:ce:85:13:5f:8e:59:01:cc:a4:6a: 63:cc:98:05:fc:16:be:a0:e1:bc:7c:a0:dd:c1:85:2e:3b:30: a2:86:08:a4:1c:46:ef:9a:d4:b3:66:49:2f:91:5f:e8:19:a7: fd:a8:03:2c:4b:ec:a3:8a:29:b0:ad:8c:b0:36:c5:39:66:16: 8f:c3:15:10:66:45:62:82:c1:16:2a:5c:da:fa:88:4d:78:88: 86:94:6f:a0:f7:8c:1e:29:70:9a:2a:e1:9f:be:9c:ab:73:20: da:47:8d:9d:7c:4b:8e:7d:fe:41:0d:e3:77:f9:8f:65:a3:56: 38:77:04:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2aPf+FNXfm7RjL/QSPfrahMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjYwNDE3MDcwMDQ3WhcNMjYwNDE4MDcwMDQ3WjAzMTEwLwYDVQQD EyhhNzIzYzVhMWI5N2NiZmU0MWZjOGQ5NjYwZDdkZGRiM2FjZDhiODFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugipwX1tR1e4GXw0TZmSN4Tc7dpi kIyDqGAsnzOaqJFXs7dNDZW8vVhnF2oOsfD+7YWvcKqI0t9MW2J+BYRChQ+BB3Kw z0U/g6sMI3/ly5RSG3vIfQQwwL7XpqJR2xQD6YaPae6cpHSx6/hxVd3JPdq6m1lm NUEV9pRTZSmTZthPMGOh/4O508FCfsGx1yWOixh5iQHc7GjBPIGQIp9jUVHcclZ/ cBW8WlJfq8pwFqQdEd8ROpBzcjEhheMNX3KxYm52Ic6YGiVu2iBx39CUAWnGReYh tRCDw5cD6qrgLv8PM7iWU8MjbCUK6KIwgKZsJAxk1hS0V9EUDhdMIlED1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKcjxaG5fL/kH8jZZg193bOs2LgeMB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLpjdDiS V/Q7wPdhGlptONaCIFUG+g1AJxpbvcYTXDEAjITLuktcs8JRN7vKDXAifmnY+Uzx VWMFWn9BqDX2EJNRlTXHXMlak8JXqcdvBmFpMcaO6ffQUJHOiI9TtirMu+E0YVQa Ic2d+Qo06pzWT264h09iao8rtG4NI8wasP1Rd04zEgvOhRNfjlkBzKRqY8yYBfwW vqDhvHyg3cGFLjswooYIpBxG75rUs2ZJL5Ff6Bmn/agDLEvso4opsK2MsDbFOWYW j8MVEGZFYoLBFipc2vqITXiIhpRvoPeMHilwmirhn76cq3Mg2keNnXxLjn3+QQ3j d/mPZaNWOHcEpw== -----END CERTIFICATE-----Generated at Fri Apr 17 09:43:08 2026 by rpki-client