$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft File: 9zQlckyuJz8pYwYNyGXG8LBCXK0.mft (raw, json) Hash identifier: Y6oa7uHCiLLPwyGdtxgpUSv70PElIMjRCUAo567zFHc= Subject key identifier: A3:4A:1D:D8:0A:A2:28:FC:7E:38:D8:A9:35:36:AF:A6:B2:7F:B6:30 Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad Certificate serial: 019D9886A3AAAE9D9BA3250725BA359D0627 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft Manifest number: 02A3 Signing time: Thu 16 Apr 2026 23:00:53 +0000 Manifest this update: Thu 16 Apr 2026 23:00:53 +0000 Manifest next update: Fri 17 Apr 2026 23:00:53 +0000 Files and hashes: 1: 1E8AiSnlYGPXbOfAXqZEBvdti0Q.roa (hash: zg4/KmKPBBnWqoo6XqmqqOeEWKX38ZMsmowwS7V3CsY=) 2: 9zQlckyuJz8pYwYNyGXG8LBCXK0.crl (hash: iqbNh+Of6C8QfCxTpizggVh08GIrnGsu+Xym//N8vPc=) 3: AvhSVHbyFsNJfn-87fA7oHcica0.roa (hash: JjNvwI8D/DTZ5Kz60xSRCIvB7TZ/neKfvnL3MZ2ZTSU=) 4: GG4z91MdDpV2DBV_RNPbWkwIoJw.roa (hash: Eqt3BxDIeVAQpNBJJYqmZDf6uBVXq8wo47BPWDDy060=) 5: IDaB4QRCh7bNLOMPnckPg5zcOzM.roa (hash: xXBnKlpTinvrp0RhxiHrGrTuEu3qhcErapcrqhwSfb0=) 6: KF0QvzJGblVPKQsNf06hZ3SB34U.roa (hash: beoVL4CcUiF/X+RqTuUlwhqclMvthXIihpSTECe+GcU=) 7: L6Ra25CjKp_mEEvb6fnLzB9z48Y.roa (hash: gAYyNL8en1bwIuDNmy096pQ8EjEcbk/vtZcx5FewlIM=) 8: ZmA7YXk1EXie8V8IljOsrQAeVMc.roa (hash: KfN3YtXoCnYtbOhys/L3JbGSTPU3Jpxa1rNO5rVZaaM=) 9: _OsxCQ1e4_ibO69prTBr0y__bJ0.roa (hash: jyzI1ocjI/t6Rr16QFOtQXXWn6pUug9g1eA1+Oe0GVs=) 10: adb_NQqDE2btKs5IvofM8ruzaqs.roa (hash: mZd2SOSViUwqdouzHTAAV8V8TgiRqrWPvi7A8y6abkk=) 11: hbHoK0o2p6Bt0sMLz48Nn7EIEws.roa (hash: AabyFao1094cA8E0S9PcCwFVPGA7d1c7Y+W9MYMaIkQ=) 12: iCAoTJ6_FbKXxlsZVDeLJRceNFg.roa (hash: bMQFyA/DfiURPI0ApEpZ777S9eYeQRmm3uEDLrIS7DM=) 13: iNlyy6fzG-pZXJKLvpBU9XAYkVo.roa (hash: S8q8QiAGEz7MV6+djxO4YwhYaC2j/vE52wvZ9iUEIgY=) 14: rTCIQuB8b5-23Fe16EFzxOkFAo0.roa (hash: 85dTReYxmMkhMzb7ZnE2kpCceaZUsUjOdsiOl8VJLKg=) 15: vTVExLKhWEraxLaHbYbF-5rPbAY.roa (hash: OkUaeri0ORy5KS5pNVCt7QDJ9Jtk+GKFKqYmDLuRx/Q=) 16: wMIGg_895xsUud_tObIdM45E8XQ.roa (hash: LP5aF2JP0E54B5AqB2G8lcqC6PTsBN6TaHhp9g0P2hY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 Apr 2026 22:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:98:86:a3:aa:ae:9d:9b:a3:25:07:25:ba:35:9d:06:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad Validity Not Before: Apr 16 23:00:53 2026 GMT Not After : Apr 17 23:00:53 2026 GMT Subject: CN=a34a1dd80aa228fc7e38d8a93536afa6b27fb630 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:0d:24:21:0e:e5:b4:ea:5d:24:48:7c:41:2d: 65:87:4b:9e:a8:97:01:90:bd:2e:df:a3:58:98:ee: cb:2e:d1:30:36:ac:9f:ae:b1:89:fc:2b:f4:cc:f7: 61:2a:7e:96:58:c3:24:4e:5d:8f:7f:6a:a3:bf:4f: 02:82:b6:c4:cf:57:13:02:41:82:14:e4:8e:5b:a0: a9:b8:69:fd:59:f2:bb:f2:73:e7:34:69:46:e9:30: 90:14:fb:18:51:cc:4a:7d:8e:eb:e6:60:8a:b3:c7: aa:41:f1:e5:dd:62:ab:ad:18:e2:30:22:7d:34:49: 82:22:1d:1b:b4:a0:85:24:90:99:15:a8:6c:93:db: 1a:e8:c1:15:b4:41:d9:27:20:fb:92:cf:69:aa:e4: ab:b4:e8:b9:06:d0:07:7c:0b:ed:49:af:7e:05:63: d0:dc:23:02:8b:91:92:3b:5e:4d:49:1f:57:52:8a: 41:28:dd:be:86:5d:3d:25:4d:f0:b4:09:a4:41:c6: 20:3c:55:22:f3:0c:9f:36:7e:89:95:d8:43:92:3c: 3b:d1:d0:07:10:8b:e8:d7:90:7a:78:09:48:a7:fe: ae:00:04:e2:7c:18:a4:fe:26:15:62:41:a8:c1:0e: ec:ac:9b:97:07:e8:6c:4e:09:52:b4:c1:da:89:8f: 27:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:4A:1D:D8:0A:A2:28:FC:7E:38:D8:A9:35:36:AF:A6:B2:7F:B6:30 X509v3 Authority Key Identifier: keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:68:57:71:98:a1:69:22:0b:a6:e2:f4:f0:c9:00:2b:c0:d3: e5:09:dd:24:c0:fd:fe:38:c4:28:b3:c8:fd:85:88:92:09:93: ba:da:8d:94:ec:28:65:e0:26:0a:5b:20:a8:c2:1e:e1:af:e2: f7:4e:ae:d3:5b:ae:7e:f6:96:b0:d0:8e:2f:b5:78:d6:d8:d8: cc:ad:c8:1f:57:0f:d5:1a:bd:5d:0f:0d:8d:b4:76:89:b1:d1: 7b:73:1a:79:5e:54:db:b3:80:93:0a:c0:0a:f2:9e:99:28:20: 42:fd:e2:b4:bc:2b:4b:0e:5e:b0:ee:b9:a1:ef:c5:45:b4:26: 5a:b3:1b:6c:ce:7c:c8:f5:64:9f:31:a3:70:c7:55:5c:01:d8: 8f:8d:f0:9b:80:57:b9:27:2d:3f:9e:b2:4b:7f:d7:cd:ee:a4: 8a:96:ee:57:9f:f5:e1:78:1d:53:eb:8e:77:b1:c2:0e:e6:33: 6f:13:3b:a2:23:2c:1a:42:4f:0f:d7:e0:bb:9d:e4:d8:4c:2e: 94:da:3c:e2:fd:4f:5b:96:66:54:d4:9e:1a:c0:b1:2a:83:22: 14:1b:64:b9:a6:8e:4e:22:6c:04:78:6b:d1:a7:69:c6:10:c8: 01:1c:a4:48:f7:ae:2b:d5:82:17:59:f8:49:e6:76:7f:d5:99: 50:02:34:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2YhqOqrp2boyUHJbo1nQYnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0 MjVjYWQwHhcNMjYwNDE2MjMwMDUzWhcNMjYwNDE3MjMwMDUzWjAzMTEwLwYDVQQD EyhhMzRhMWRkODBhYTIyOGZjN2UzOGQ4YTkzNTM2YWZhNmIyN2ZiNjMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Q0kIQ7ltOpdJEh8QS1lh0ueqJcB kL0u36NYmO7LLtEwNqyfrrGJ/Cv0zPdhKn6WWMMkTl2Pf2qjv08CgrbEz1cTAkGC FOSOW6CpuGn9WfK78nPnNGlG6TCQFPsYUcxKfY7r5mCKs8eqQfHl3WKrrRjiMCJ9 NEmCIh0btKCFJJCZFahsk9sa6MEVtEHZJyD7ks9pquSrtOi5BtAHfAvtSa9+BWPQ 3CMCi5GSO15NSR9XUopBKN2+hl09JU3wtAmkQcYgPFUi8wyfNn6JldhDkjw70dAH EIvo15B6eAlIp/6uAATifBik/iYVYkGowQ7srJuXB+hsTglStMHaiY8n8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKNKHdgKoij8fjjYqTU2r6ayf7YwMB8GA1UdIwQY MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt ZTg3MWIyMTc5MGRlLzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfmhXcZih aSILpuL08MkAK8DT5QndJMD9/jjEKLPI/YWIkgmTutqNlOwoZeAmClsgqMIe4a/i 906u01uufvaWsNCOL7V41tjYzK3IH1cP1Rq9XQ8NjbR2ibHRe3MaeV5U27OAkwrA CvKemSggQv3itLwrSw5esO65oe/FRbQmWrMbbM58yPVknzGjcMdVXAHYj43wm4BX uSctP56yS3/Xze6kipbuV5/14XgdU+uOd7HCDuYzbxM7oiMsGkJPD9fgu53k2Ewu lNo84v1PW5ZmVNSeGsCxKoMiFBtkuaaOTiJsBHhr0adpxhDIARykSPeuK9WCF1n4 SeZ2f9WZUAI0cw== -----END CERTIFICATE-----Generated at Fri Apr 17 07:17:16 2026 by rpki-client