$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft File: rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft (raw, json) Hash identifier: xHTFOeAUrelz84Oai36wls47DLSr/nXUSHzGF5Szado= Subject key identifier: 59:57:28:96:80:3D:42:58:B4:B8:6C:40:9E:E6:BA:1A:81:51:F3:62 Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5 Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5 Certificate serial: 019D0EC4CF65E063245849693E53174BA16D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft Manifest number: 18CA Signing time: Sat 21 Mar 2026 05:01:12 +0000 Manifest this update: Sat 21 Mar 2026 05:01:12 +0000 Manifest next update: Sun 22 Mar 2026 05:01:12 +0000 Files and hashes: 1: 5tvSeHfT9tQJaY_leFHXuR2yBH0.roa (hash: OssF5KxzdAdA0MRGmFSLEWiP4GOcYF7Td/3FVSiYLEA=) 2: Mq1u4qOomlUhefV0SWNzTRUmwps.roa (hash: +L1VEPPNNBt0OXhwf9f0heC994bRdJErni2gxksz1MM=) 3: NMfbsowFqcogPMg6cAeG3w9cjq0.roa (hash: uFoj7c/4SsWRnxgjbLgJrGS7fytT/Dv79U+edW6MDx8=) 4: Nc3Qv6HWCUL0coHdhzehCvqorjQ.roa (hash: 1cr7/XMm8bJJ1VGTZJBo+emXZtefD8zXujejZu9BwnE=) 5: RR27K07yWL9CEikVOiFjQqRGZNs.roa (hash: 14UKepul1FckjtbpGFg4sLFjoo9u1Ovj2wbZ+nk3TbY=) 6: RiJbycN_HnEaFdxBy-0QqogHp9w.roa (hash: HrWeheuaH2PNBF70Yz5xTkWSf+oor2QnLluzhSuwnU8=) 7: deTEkBZi5H7AIejV16ysjHwAbxY.roa (hash: l0JbGg+HLxrf5Ag/2z2pTojVken0ajBmDjhItX+Hm3I=) 8: f36wSuri4isgGvRNSVH6JQhVoXQ.roa (hash: yoPRFfkeY6wwCb2HhFYtsNc5bsYeGXcwftlwYv52l3Q=) 9: hPDJ7bwWMVeeA66R-Nm66UMAI3I.roa (hash: S6FoRCGZ+2A7ou0QqZgDgmiPo527/Z9rU6I1qlBMQXY=) 10: ocHryKy0JCZoZXuWFydbiaPAXvA.roa (hash: VJkfS4R1R0/kVOkQFygl/eqzEOXMlTWCdbkGDaHwbCQ=) 11: pGPZirCKZzbNWc11cAMZui5y53g.roa (hash: x16id1SP+uWE4b9i/PFLiuYNReYseV++lthZDwFfk5U=) 12: pKSlP4qI-iIWoFFAgY7hZYUI5lE.roa (hash: fJiLeKrrQ0jkNTOG3gU1SfB8kCZt5PRpsv9OHklxoM8=) 13: qltZRt6yv2xmd-YFzKK4-T95t70.roa (hash: ouYg4rusjDVFIksWY2y+Jv/jtKdXu+HEE/CHgFLthz4=) 14: rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl (hash: Vo6w8ngiiXfY5BzIgYVURP9N9Ftqoxz2IbI7eQ3m6JA=) 15: sQ8qQg5RChJp9JsfMBZ7VZwT8WE.roa (hash: obNWII8S7VxaHifOdhDpl8/q/V3M1i4VuliV8Z+MBow=) 16: xEZpztI8Y0E6cyemzVq5Z-wuhOo.roa (hash: u+3SjeAOl+6UrQqTlnssUl6vP9Yo7S40vvVos+ddEsc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 22 Mar 2026 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:0e:c4:cf:65:e0:63:24:58:49:69:3e:53:17:4b:a1:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5 Validity Not Before: Mar 21 05:01:12 2026 GMT Not After : Mar 22 05:01:12 2026 GMT Subject: CN=59572896803d4258b4b86c409ee6ba1a8151f362 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0c:f2:52:bc:89:72:a0:55:06:0c:f0:56:9e: 94:91:eb:01:ed:4f:a6:6d:03:95:3c:15:7d:48:9f: 65:92:c1:95:b4:7d:f5:04:35:aa:96:7c:4e:54:b6: 4b:be:97:98:4a:02:15:ae:ec:be:87:c9:35:ac:76: 46:3f:5d:7a:c3:84:c3:50:6d:75:27:b7:8b:64:a7: 45:83:ab:32:b9:40:ea:0f:6f:e4:55:b2:96:a2:b3: ed:de:b4:bb:da:38:5f:ae:f5:4f:bc:fd:35:d3:0a: cf:5e:2b:7c:57:4f:8f:7b:e1:94:a0:34:bb:c7:98: 1a:aa:54:b2:5c:6b:9e:f9:be:d7:2f:d2:80:41:e1: d1:2e:aa:65:3d:71:b1:26:cc:6c:37:b8:4b:de:1b: d2:b9:9e:2c:99:35:43:c3:46:8e:e1:04:d8:82:1c: 12:10:75:56:84:52:79:35:0a:7c:17:65:7a:e1:f7: e1:27:04:a2:bb:2b:39:9a:5e:2c:65:e7:d9:ff:64: 8a:fb:11:6a:d6:a0:98:ed:86:63:2f:f1:8d:b6:ed: 83:92:dc:2f:c4:a4:23:84:a8:0f:e9:3d:ed:88:65: 53:08:bf:54:b3:20:8a:5f:55:25:cf:20:e7:25:8e: 2d:18:51:38:f1:78:85:93:a5:c3:2a:58:6a:88:54: 63:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:57:28:96:80:3D:42:58:B4:B8:6C:40:9E:E6:BA:1A:81:51:F3:62 X509v3 Authority Key Identifier: keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:6f:e7:be:7a:66:5f:43:9e:d1:62:f5:70:06:04:50:f0:d1: db:21:b5:f8:25:4a:0f:55:93:e5:2d:e0:f1:02:4d:8e:a5:21: 52:24:77:94:be:35:aa:b3:8d:f7:9a:88:fc:46:7b:37:18:04: 12:e2:a3:28:eb:fd:d0:a9:6e:af:34:73:16:45:70:8a:04:76: 31:07:c2:ff:24:53:3a:58:de:06:f4:86:79:ad:ac:bf:03:b2: 96:04:e1:b9:4d:50:09:f8:dd:6c:0c:d2:49:f0:48:b7:4a:10: 08:ec:f6:c2:93:0a:fa:53:46:aa:7b:31:cc:65:87:61:5c:23: fb:00:6d:8c:cb:59:2f:8f:37:77:10:5e:df:4b:57:56:3c:f9: 38:21:78:1d:a9:21:42:99:be:57:2a:16:3d:87:b3:78:40:63: 2f:ef:e7:69:60:c8:82:9f:55:a9:01:39:f7:f5:d9:8d:dc:55: 8e:71:b9:fa:32:5a:db:79:8c:4a:43:34:d2:79:94:ab:cf:a0: 64:3c:f4:de:12:81:44:94:0f:82:40:bf:a0:e6:28:6f:22:4a: a8:64:16:e7:99:70:da:e3:ce:bf:47:fe:8b:df:bf:3c:c1:6a: 47:b4:29:49:e0:e2:6b:e3:99:61:cb:c3:7d:ac:f0:cc:4a:76: 04:48:3e:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0OxM9l4GMkWElpPlMXS6FtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3 MjAyZDUwHhcNMjYwMzIxMDUwMTEyWhcNMjYwMzIyMDUwMTEyWjAzMTEwLwYDVQQD Eyg1OTU3Mjg5NjgwM2Q0MjU4YjRiODZjNDA5ZWU2YmExYTgxNTFmMzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQzyUryJcqBVBgzwVp6UkesB7U+m bQOVPBV9SJ9lksGVtH31BDWqlnxOVLZLvpeYSgIVruy+h8k1rHZGP116w4TDUG11 J7eLZKdFg6syuUDqD2/kVbKWorPt3rS72jhfrvVPvP010wrPXit8V0+Pe+GUoDS7 x5gaqlSyXGue+b7XL9KAQeHRLqplPXGxJsxsN7hL3hvSuZ4smTVDw0aO4QTYghwS EHVWhFJ5NQp8F2V64ffhJwSiuys5ml4sZefZ/2SK+xFq1qCY7YZjL/GNtu2Dktwv xKQjhKgP6T3tiGVTCL9UsyCKX1UlzyDnJY4tGFE48XiFk6XDKlhqiFRjhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFlXKJaAPUJYtLhsQJ7muhqBUfNiMB8GA1UdIwQY MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct YzUxNWYzNTRjYzVhLzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJm/nvnpm X0Oe0WL1cAYEUPDR2yG1+CVKD1WT5S3g8QJNjqUhUiR3lL41qrON95qI/EZ7NxgE EuKjKOv90KlurzRzFkVwigR2MQfC/yRTOljeBvSGea2svwOylgThuU1QCfjdbAzS SfBIt0oQCOz2wpMK+lNGqnsxzGWHYVwj+wBtjMtZL483dxBe30tXVjz5OCF4Hakh Qpm+VyoWPYezeEBjL+/naWDIgp9VqQE59/XZjdxVjnG5+jJa23mMSkM00nmUq8+g ZDz03hKBRJQPgkC/oOYobyJKqGQW55lw2uPOv0f+i9+/PMFqR7QpSeDia+OZYcvD fazwzEp2BEg+gA== -----END CERTIFICATE-----Generated at Sat Mar 21 13:41:05 2026 by rpki-client