$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft File: OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft (raw, json) Hash identifier: OX6lqDC/YVE/gTU1W7rMc4aKLGn6yI3sXHVo5SXKXDE= Subject key identifier: 59:BB:71:1A:A6:57:46:27:31:5E:71:12:77:12:81:2F:CF:A9:0C:88 Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Certificate serial: 019D97E2602826DFFC76BAFDA24811055665 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft Manifest number: 18D1 Signing time: Thu 16 Apr 2026 20:01:28 +0000 Manifest this update: Thu 16 Apr 2026 20:01:28 +0000 Manifest next update: Fri 17 Apr 2026 20:01:28 +0000 Files and hashes: 1: 1wr8QIeSM3CIv5J7uap933hLaGs.roa (hash: Y6lFO4ooFEDBG8EOKNjhhaIJIuCCzVgscAraR7wX8B4=) 2: 4nJ0h3kxVoLTGLl-KMMdIGNO3U4.roa (hash: yXSTzPv+VSMPQEsmFJQmVgwkS8AYD6u5M83BtbV+VIE=) 3: 5h7nMBydUVPaOlFP-jldFT3enCQ.roa (hash: +rXXd2KMjjrhcbSdyv1pypNJANUYaaOEd90M4umJew8=) 4: EdrkWbcqLRMSNrh6Sa5x5mnTLPc.roa (hash: Fk5tDegQkNWmVnCc3SYJvszlVAARBSOO/qIaE+GvEdY=) 5: FOt64C6RCxN5JGIdYYt0-jp9RJQ.roa (hash: tamHBKuLjpWpXY8LQK286Mn5I3Q0OVkX8D4lvECCpD8=) 6: LTj2PGdyu1TZVch3WwkoLN3benA.roa (hash: 0uIInrnjr5BRMLrYPZ3TlKAb12B+T0z8Pu5nxkwhOwA=) 7: OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl (hash: 1diVJp2x6VesaebfXW70lFPYJc4k73LX+qFyrwwmWZo=) 8: OR9wB6bWiqsZvjqNRRbC11UhrBA.roa (hash: BLhfuTsmrrfMXC8Lx4hjGsCFS5Q2HKcD1UJlTtem6+U=) 9: UJVwk9mntlMFjdR5x6Gz4DwAego.roa (hash: Y9Qzk1ZJNkQeeN5SL4rk7tJNNAoeHg7LXp+c5rv1kJY=) 10: XIxZD227ioGX0cqqVFAINXLyX6Q.roa (hash: sDleWGEf+rrGs4/hbX/4+JTQcRgaaTHiE45KWqHpF+s=) 11: XkdalcQg6hGFzhglm3gQzCnpww4.roa (hash: 8jItQEffXXa+ZvcKZLLyn2RNT/EfLCbVUQe+TOkVNeM=) 12: YWsBcXgsO8gZFuZAgXqc8mQzIPQ.roa (hash: FIq3otCEvunZWYD7V3EpFGXTGzchT90RBkn3PHEPtpE=) 13: fPatpWdNAbZy6ojdptQs2lNi1EE.roa (hash: X9tWk7+bmsyMGDUglxjA0jdRl4uO9c2P7cIjkiKVhfo=) 14: fny2WANL9Kakl_hzClrFytLGIbA.roa (hash: Li0zLoSXMQkOWimSeqYniHU5WmqmT1OGtibQ573h2wE=) 15: lqG4TiS1VcHtRo5hXtYqEofYXQY.roa (hash: lQ0va2Pv+RAccp1R5C/OndWZWgx6m66STBo/DZ6jbSw=) 16: snScws96TnQnAtgCESncYf2cHQI.roa (hash: Rg061AAdsDJTEuVCFaKulmhMa2nYwQQcIJgWuXh/KyU=) 17: zyiTueEsxpcD3PrX5wVtwGJMZ_Y.roa (hash: 7R1f/73J/Qx3gYsQEvvU8YVQZND5dDU9/Elan9+1kYw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 20:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:97:e2:60:28:26:df:fc:76:ba:fd:a2:48:11:05:56:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Validity Not Before: Apr 16 20:01:28 2026 GMT Not After : Apr 17 20:01:28 2026 GMT Subject: CN=59bb711aa6574627315e71127712812fcfa90c88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b0:5b:bc:3a:06:cb:a2:5c:e6:f0:8a:ae:b9: 42:a4:fa:fe:b5:24:55:eb:45:f7:56:65:d3:83:a6: e5:f7:84:12:0e:03:02:4f:6c:b0:4b:6b:ea:28:ef: 22:fc:a3:c2:a0:68:22:ce:dc:85:dd:2a:a6:b1:ea: 2b:2a:d5:e6:3c:00:e8:82:e9:cf:17:db:78:b4:68: 6e:ef:82:b4:53:2e:6d:53:65:01:8b:48:75:83:76: 34:f6:2a:87:dd:69:8c:dd:3f:23:c5:9d:b5:a2:72: 09:e8:25:a4:24:fd:f0:21:bd:33:f2:b6:29:40:23: d2:10:98:e1:f4:bb:1c:14:22:9e:a0:e7:a7:67:45: dc:8b:a1:f9:63:86:c0:61:64:1e:35:f6:da:ba:c4: 70:67:d1:24:50:ef:f9:8e:fe:49:48:53:bd:ac:81: a1:57:b1:41:18:63:4c:a4:dd:b6:0e:29:97:f7:f1: 6f:52:9a:e9:09:aa:6e:2b:8c:91:e5:66:7c:19:27: 37:f2:52:5e:58:a5:7f:c9:d8:1b:c7:de:85:ca:70: e4:41:b1:d7:3f:b7:48:75:4c:94:0c:11:0d:aa:2e: f2:5d:66:bc:29:e7:a5:37:3e:3c:1f:f3:01:57:5b: ab:d7:87:c8:ea:cd:2d:b2:8d:3a:61:67:bc:c1:c4: 01:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:BB:71:1A:A6:57:46:27:31:5E:71:12:77:12:81:2F:CF:A9:0C:88 X509v3 Authority Key Identifier: keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:bb:aa:a7:17:82:3b:26:4f:d8:89:2c:be:d1:fd:41:35:67: 2b:9a:74:ae:79:61:14:ee:a0:54:f7:46:cd:c1:97:47:09:f6: 2b:5d:a1:0b:e0:39:95:9c:9a:fb:41:3e:a0:56:9e:7e:21:8d: 6f:ba:f2:f8:44:19:eb:78:04:dd:06:6b:f1:0d:94:d7:98:29: dc:85:00:f6:18:b6:09:b6:67:69:6c:b4:0a:46:ad:1b:0a:30: ff:e7:77:8b:c8:ec:6b:b6:3d:5c:1a:ca:0d:d8:4f:ef:2d:37: ca:12:cd:32:d0:85:ad:13:71:2a:a7:67:34:ba:49:d0:88:9f: 04:de:56:b2:da:e0:4a:5e:2e:a8:3f:10:64:2e:eb:66:6e:c2: 67:06:69:76:30:54:36:18:70:06:66:00:4c:91:53:9c:f7:5b: 03:b3:f0:98:92:f4:19:17:cc:f6:0a:ff:3b:87:67:9b:ee:fd: 52:06:cb:1a:4d:4f:6f:04:70:e5:74:13:01:79:b5:57:3d:59: d3:81:56:a0:ff:a3:77:ed:05:23:5d:9e:09:f3:a5:e6:1f:59: bd:d1:6a:8d:e9:f2:7f:3d:0b:22:6c:95:27:50:99:ef:72:5e: 56:22:d2:44:fd:c1:fe:bd:db:1c:f5:ec:34:a2:34:91:cd:5d: a6:f5:24:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2X4mAoJt/8drr9okgRBVZlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm OGNiZDgwHhcNMjYwNDE2MjAwMTI4WhcNMjYwNDE3MjAwMTI4WjAzMTEwLwYDVQQD Eyg1OWJiNzExYWE2NTc0NjI3MzE1ZTcxMTI3NzEyODEyZmNmYTkwYzg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbBbvDoGy6Jc5vCKrrlCpPr+tSRV 60X3VmXTg6bl94QSDgMCT2ywS2vqKO8i/KPCoGgiztyF3SqmseorKtXmPADogunP F9t4tGhu74K0Uy5tU2UBi0h1g3Y09iqH3WmM3T8jxZ21onIJ6CWkJP3wIb0z8rYp QCPSEJjh9LscFCKeoOenZ0Xci6H5Y4bAYWQeNfbausRwZ9EkUO/5jv5JSFO9rIGh V7FBGGNMpN22DimX9/FvUprpCapuK4yR5WZ8GSc38lJeWKV/ydgbx96FynDkQbHX P7dIdUyUDBENqi7yXWa8KeelNz48H/MBV1ur14fI6s0tso06YWe8wcQBwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFm7cRqmV0YnMV5xEncSgS/PqQyIMB8GA1UdIwQY MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt NjA5YTQ4YjJiMTRkLzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv7uqpxeC OyZP2IksvtH9QTVnK5p0rnlhFO6gVPdGzcGXRwn2K12hC+A5lZya+0E+oFaefiGN b7ry+EQZ63gE3QZr8Q2U15gp3IUA9hi2CbZnaWy0CkatGwow/+d3i8jsa7Y9XBrK DdhP7y03yhLNMtCFrRNxKqdnNLpJ0IifBN5WstrgSl4uqD8QZC7rZm7CZwZpdjBU NhhwBmYATJFTnPdbA7PwmJL0GRfM9gr/O4dnm+79UgbLGk1PbwRw5XQTAXm1Vz1Z 04FWoP+jd+0FI12eCfOl5h9ZvdFqjenyfz0LImyVJ1CZ73JeViLSRP3B/r3bHPXs NKI0kc1dpvUk+Q== -----END CERTIFICATE-----Generated at Fri Apr 17 04:13:13 2026 by rpki-client