$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft File: 520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json) Hash identifier: zxlkmdfcHdpzRhVZASfIMdZrfg9lZndlBOGflhldK1U= Subject key identifier: 57:9F:76:08:8F:5C:1E:FF:9F:94:C3:C0:DE:D2:62:9A:57:8F:54:96 Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Certificate serial: 019DB0FD0C208F8BFDD40E06DA065E57AA1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft Manifest number: 13BB Signing time: Tue 21 Apr 2026 17:01:06 +0000 Manifest this update: Tue 21 Apr 2026 17:01:06 +0000 Manifest next update: Wed 22 Apr 2026 17:01:06 +0000 Files and hashes: 1: 1dfOhFGT4Rz19mHWVabW0kWxTss.roa (hash: Rjg1gNguWYpEwGKvfk1H+hd0eMsqKT2A4N+C2/8Q+uQ=) 2: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: T9hK+ZQ7wK+91Zf9ZHGBn+Rzh8F7ZCLDxsfsLNXrXH0=) 3: 7EPxlfzuNdNfziGNw3Hj7EoZj1Q.roa (hash: fYUfx118C/cw672kHDWSH3DD1Ik9WuMEeaQ/qAV9tYE=) 4: 9EzrkfCb3685-QENXXhTIl2uZz4.roa (hash: 4o0MB77YQKRQiZHQrZxR1nkb/HsRFN1Kq0iR4K53WZA=) 5: DVIKLwP8b0UVJE_X0Zz4hLCMFmU.roa (hash: 2ROrixfhF0UtgJihhtThPaEztRX+VVHt8WTM1ZfZQ1o=) 6: Fn3txwFOnsHfJqp3dmOvAMcvgHc.roa (hash: 0tFPd6mFP89u9IcgrQmVyEuYoDxe9S4zwwRr4qndNks=) 7: RqZv9lI-beWajs98dICrEK2DwUM.roa (hash: z0DWSEDfb+oWc/lkT9R9ehjWWb2y0A0CPcHglnAYRf8=) 8: Ud0XI3ub85_CL2l55YZW3cXrctA.roa (hash: 2gMJyy7om8/uY1IqvCz0ubvDeUV63nAu6cUom48+3U0=) 9: ao5k8aMHz2Rr-UFohnKN0Vsy0ts.roa (hash: qeXz8tDdKItxGK8qtWsvUAbM0Ooz+MmMiDN8cvBIyTQ=) 10: bbXWGNkALy-ajnXnVwsq6VcslC8.roa (hash: lOmBCerqz+GglurufDI5e+15DQVwzjxcTvAfkACkLYE=) 11: jTMEUhkl6sKPDlW6gGgXZsH4VwQ.roa (hash: bLe2Zk8IquF+7aI/fXPQxZklmLIeFhH3W5DkdYCydQA=) 12: r-NoE_XHTABnwPRM9GdFHoEeHJo.roa (hash: qsD5Rt9CKRxXFQG5JSeN7cqv7sQvsG2HbFGsWmdhdi8=) 13: rIIpXZCn7E3HgJjpCaYYUR4k6ZI.roa (hash: Vvylnj2QqF4AFfq4GCTBxANmDk4TfXB5W5GNlTLI/Qw=) 14: rp3l1DRMo7bxNlcekPEumkx_Cu4.roa (hash: cvH000yVT30CU4NGwC5k2pFAaWGJcYLG4wfqKOyLWIU=) 15: s9E0mrs6RE5G3diI6qJ2dNaQlCY.roa (hash: ALHEFczsxrK3P9zm6czuHQOWsz9Vxib3j6fIwRLXdsA=) 16: smuPovOHBHHaIAv32qcc0ZyhNkQ.roa (hash: HcQ/8p3eoCWjnnKfMtVzm8focRBIq46dCnVV7vdjMxQ=) 17: v94LL-qGGgahldRNvzQc-ZVS3KI.roa (hash: a3YAXYAGQiNiI/eRCe9RKvTaP1hHvgR2d27wk4bq6Cw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 22 Apr 2026 14:21:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:b0:fd:0c:20:8f:8b:fd:d4:0e:06:da:06:5e:57:aa:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Validity Not Before: Apr 21 17:01:06 2026 GMT Not After : Apr 22 17:01:06 2026 GMT Subject: CN=579f76088f5c1eff9f94c3c0ded2629a578f5496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:cb:c0:58:75:b3:00:4d:eb:17:44:51:72:88: af:81:61:fe:ac:49:95:81:c9:6d:89:b9:cd:05:de: 90:56:e7:87:b9:89:67:b1:29:39:d3:6d:00:01:34: 77:f8:60:13:c0:17:91:16:15:02:79:3b:cc:26:a4: 07:1d:0e:4e:c1:be:db:47:3d:b8:30:0a:51:51:dc: 90:41:f1:56:65:b2:20:c8:3f:87:04:9b:9d:35:78: f5:3e:27:26:07:9e:b3:d4:51:4c:97:d8:9b:a9:10: 8e:7a:9d:37:43:b0:ab:f4:1c:06:09:a8:46:11:0f: 56:16:c1:f8:a4:36:f6:5e:1b:aa:40:e3:1b:95:61: a6:b3:56:b0:50:fc:54:c2:77:fc:61:3e:ed:b0:24: 5e:a3:c0:a3:44:6d:8c:65:cd:4b:4b:0b:5d:48:e7: 1a:f2:14:e2:15:a9:07:1b:3f:85:e3:97:66:8e:28: 00:da:68:a0:80:ba:8d:51:fa:3c:2c:9f:9f:08:dc: 22:a1:a0:1a:31:f9:2a:c2:fb:28:02:f1:11:bf:ce: dd:7c:0e:ee:07:a6:c7:9d:7b:08:dc:0c:1b:a4:25: 0d:1f:bf:b3:c1:dc:d9:c4:34:7e:09:f0:d2:d8:0d: 1c:b7:ae:43:a9:d0:2f:89:7d:a4:4a:21:7b:b6:f5: fa:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:9F:76:08:8F:5C:1E:FF:9F:94:C3:C0:DE:D2:62:9A:57:8F:54:96 X509v3 Authority Key Identifier: keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:de:cb:24:38:a7:f5:04:10:3c:95:0d:f8:61:c4:3a:f2:2c: dc:28:05:f8:c3:4f:c5:27:f1:6e:d6:62:25:cb:81:40:44:ca: 2b:f7:67:b1:b1:b2:58:20:98:03:ea:be:28:75:83:b0:7c:be: 2b:aa:12:9e:2d:0f:48:1b:26:a6:32:81:6b:0c:2d:84:09:07: d9:70:2c:f9:52:0c:bd:0c:3f:0d:a2:44:df:ad:88:a6:ad:33: 1a:00:ab:1b:b5:5b:a1:9b:3c:68:9b:b7:60:c3:67:f3:b7:a1: 1a:7e:de:3e:dc:05:b3:be:bd:98:7c:a3:39:78:c6:56:75:9a: 1b:1e:90:72:fb:bc:03:80:90:29:9c:96:3f:5d:53:5d:2a:df: 52:7f:de:43:be:53:19:3a:b1:58:0f:ed:a9:e6:42:5f:6a:44: 18:b2:39:0f:f7:2d:6b:87:67:48:57:23:ba:1d:e4:d0:b1:26: bd:86:0b:f7:aa:e3:af:b7:35:db:4c:e4:95:6a:47:cf:27:71: 81:af:42:57:81:8c:7e:91:6f:b6:ef:49:f3:73:4e:7f:cc:26: 5b:c3:6d:56:1f:97:25:1f:95:a9:21:ff:0b:7a:72:16:27:31: 7c:f0:00:2c:19:99:36:74:09:84:98:d8:67:4b:1c:ee:40:b8: 91:9c:1d:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2w/Qwgj4v91A4G2gZeV6odMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx OGM5YmMwHhcNMjYwNDIxMTcwMTA2WhcNMjYwNDIyMTcwMTA2WjAzMTEwLwYDVQQD Eyg1NzlmNzYwODhmNWMxZWZmOWY5NGMzYzBkZWQyNjI5YTU3OGY1NDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcvAWHWzAE3rF0RRcoivgWH+rEmV gcltibnNBd6QVueHuYlnsSk5020AATR3+GATwBeRFhUCeTvMJqQHHQ5Owb7bRz24 MApRUdyQQfFWZbIgyD+HBJudNXj1PicmB56z1FFMl9ibqRCOep03Q7Cr9BwGCahG EQ9WFsH4pDb2XhuqQOMblWGms1awUPxUwnf8YT7tsCReo8CjRG2MZc1LSwtdSOca 8hTiFakHGz+F45dmjigA2miggLqNUfo8LJ+fCNwioaAaMfkqwvsoAvERv87dfA7u B6bHnXsI3AwbpCUNH7+zwdzZxDR+CfDS2A0ct65DqdAviX2kSiF7tvX6uwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFefdgiPXB7/n5TDwN7SYppXj1SWMB8GA1UdIwQY MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5 LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASt7LJDin 9QQQPJUN+GHEOvIs3CgF+MNPxSfxbtZiJcuBQETKK/dnsbGyWCCYA+q+KHWDsHy+ K6oSni0PSBsmpjKBawwthAkH2XAs+VIMvQw/DaJE362Ipq0zGgCrG7VboZs8aJu3 YMNn87ehGn7ePtwFs769mHyjOXjGVnWaGx6Qcvu8A4CQKZyWP11TXSrfUn/eQ75T GTqxWA/tqeZCX2pEGLI5D/cta4dnSFcjuh3k0LEmvYYL96rjr7c120zklWpHzydx ga9CV4GMfpFvtu9J83NOf8wmW8NtVh+XJR+VqSH/C3pyFicxfPAALBmZNnQJhJjY Z0sc7kC4kZwdaA== -----END CERTIFICATE-----Generated at Tue Apr 21 19:08:09 2026 by rpki-client