$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft File: Y2O7ZYlfOlSksyShDHmsmO_ioco.mft (raw, json) Hash identifier: 1Z8/vYApVXUfqvhUP/kpGanVX0QlAA/YtqZPyUAh5R0= Subject key identifier: 90:7A:44:3E:45:21:56:79:2E:05:B3:C2:DE:0F:C3:5F:5E:69:59:DB Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca Certificate serial: 019DCBCFAB9F4417CB72C85EFB7CCF3CCAE6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft Manifest number: 1241 Signing time: Sun 26 Apr 2026 22:01:17 +0000 Manifest this update: Sun 26 Apr 2026 22:01:17 +0000 Manifest next update: Mon 27 Apr 2026 22:01:17 +0000 Files and hashes: 1: 0qcRgVORJ6l9UlTI2CKPLzjbfog.roa (hash: wvJhHDw0n2QTgzGbPUH8xt0FfoOscXlBHhG0tJvFt98=) 2: 2EkuPAqVHEWEKp6ASw2K5zmACQk.roa (hash: n72y5YkbbuFUJAYmxmxnzR7f3ZsUZLnhTxeGIE67Cko=) 3: LKqcV__iHBkuJmHBTgVTMKe7jfs.roa (hash: LzRNG01pbqOOrg9Ke+0IrSjljXKIcSklaBxsB5gc1AU=) 4: MDqkmVq0wqQhfctEVt435BlVKwE.roa (hash: UBeCi32yoKfsLWvPk9g+GRflHLIlJW/EWzv3Gosv9dk=) 5: PxxNVNL5BOB3QrAZZvS5ahJKLOQ.roa (hash: tFLry/v07lnhSlHBjf2oO0BxwozcI2XhOgOvdmFzcjY=) 6: U74ViGODTud33ngPAmj4w73NK6o.roa (hash: 8g7ud1guSPB+L+sklXn8DfQQ/RtzcbmpgZcJ8hWX/2M=) 7: Uu6kgZoXxkmNniYXRrRma31jomI.roa (hash: SRpT2c+ZtineJthFU2Lj326eHBfCWg/PI6AuJE6p0HE=) 8: Y2O7ZYlfOlSksyShDHmsmO_ioco.crl (hash: Pydq+y3vqQJQrQFaTj9WST6QR1sLRCmHoUvARx8OA7M=) 9: ajUdjtPuTYK4cJ-GDNgzwU_V7QU.roa (hash: zq0p6TTpyxJr1rlBswAzuDS0To2T7g83akxmSzfwXWY=) 10: esQiMgPaySQVW0k54pO3jc5Zyuc.roa (hash: 2aftWcOZmt2bVeY6qt170y22emZnUo4u4rs+oiqH7rU=) 11: n9NpVtjQ4CgC347DPdZBbkrl1rk.roa (hash: F/VcD/rkVFmMD8EIR8zYpeskYz8L7PTmG19l/6//DPo=) 12: qzDK1lhCM39SxM8PACxbyKkom_M.roa (hash: nfWxgyb2gt4+A8mM3hL0XhTI+0dXdf9+3PuS2IdhMMY=) 13: zRX49tmJAdaGhaSwlC20v5C1y1M.roa (hash: zxokrlpERmb2O5s52Pr/l/EU3mgyz8SOyXjooOdftYE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 27 Apr 2026 20:17:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:cb:cf:ab:9f:44:17:cb:72:c8:5e:fb:7c:cf:3c:ca:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca Validity Not Before: Apr 26 22:01:17 2026 GMT Not After : Apr 27 22:01:17 2026 GMT Subject: CN=907a443e452156792e05b3c2de0fc35f5e6959db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:4e:e0:d2:3a:8c:ac:aa:f4:72:16:a0:f5:2a: 9e:2c:86:62:5a:0e:12:3a:7b:d6:c7:ca:57:14:e7: 82:00:f6:f6:4b:e5:32:95:53:8f:eb:51:59:a7:71: 8d:f2:c9:e7:fa:98:b8:94:01:16:eb:06:b7:f5:8f: 60:bb:fa:6a:f7:fc:76:5c:4b:e7:67:f8:d7:0f:79: 07:69:2b:2b:2a:81:57:b6:d8:cd:ff:ef:25:8b:a1: 10:a4:15:22:d1:3e:73:18:85:33:37:53:cb:f0:81: 2b:91:d6:0b:40:bf:8b:6d:02:02:c3:f8:c9:d3:cc: 90:0e:bc:08:62:d4:58:e8:3b:0b:c5:8a:ca:43:1e: eb:77:7d:b3:75:21:0d:fb:81:e1:20:34:fb:6d:5d: 12:ef:ef:91:cc:77:9d:ae:7e:4b:64:fb:c7:58:4a: 1a:2e:c6:6c:13:c9:1c:0e:3a:4a:7a:ac:49:31:b8: ba:d2:36:b4:cb:65:1c:16:b5:46:14:5c:96:91:56: 1b:ee:5f:d4:86:be:32:9c:8b:04:5c:8e:96:73:99: cb:b0:2a:3e:34:78:bb:3b:b3:28:52:f3:50:6a:49: 2b:78:ca:66:ef:e4:53:fc:15:00:97:59:33:44:dd: 7c:d0:51:26:13:33:8e:5d:4a:92:9b:f1:b3:4f:34: 8f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:7A:44:3E:45:21:56:79:2E:05:B3:C2:DE:0F:C3:5F:5E:69:59:DB X509v3 Authority Key Identifier: keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:57:fb:bd:b8:b5:a0:6b:42:e4:cc:0c:e4:62:04:fa:9b:19: dc:60:47:20:62:8a:04:fa:13:f0:7c:f8:6e:b5:8a:c4:ae:b6: 73:a4:11:14:51:98:91:a3:ec:cc:c1:71:99:f3:c0:fb:bc:06: 0e:0d:84:fb:c8:42:7f:74:e5:9f:2a:6a:0a:ca:20:27:50:92: 1b:2c:ab:15:b7:58:63:ca:3f:d1:d0:86:df:44:ac:20:99:8c: 64:fb:80:91:df:81:a3:04:ca:a6:54:02:7d:9b:26:60:21:01: 97:ca:9a:a4:73:32:f8:e3:f5:2c:8e:f8:53:6f:a0:54:59:ea: 82:c0:5e:bd:77:59:c8:ad:d3:34:32:33:f5:93:cc:f0:6a:4c: 81:08:4a:d5:7b:c0:72:c3:97:b7:05:b2:16:0a:84:f8:34:cb: 1d:8a:a5:3d:09:72:f2:97:9c:9c:c3:8a:df:4e:81:2b:09:4d: af:3b:0f:9d:f5:32:fb:b7:a7:fb:db:e2:14:0d:42:13:6d:d3: db:5d:72:ef:78:f2:53:44:a8:dc:9d:1d:b0:09:05:ff:47:12: ab:99:d4:33:c4:dc:c2:e5:ca:69:a3:01:9d:45:50:30:a9:70: 31:9a:0d:fd:cc:b2:12:36:d0:66:76:cf:b7:23:44:85:20:ef: c8:84:88:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3Lz6ufRBfLcshe+3zPPMrmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl MmExY2EwHhcNMjYwNDI2MjIwMTE3WhcNMjYwNDI3MjIwMTE3WjAzMTEwLwYDVQQD Eyg5MDdhNDQzZTQ1MjE1Njc5MmUwNWIzYzJkZTBmYzM1ZjVlNjk1OWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU7g0jqMrKr0chag9SqeLIZiWg4S OnvWx8pXFOeCAPb2S+UylVOP61FZp3GN8snn+pi4lAEW6wa39Y9gu/pq9/x2XEvn Z/jXD3kHaSsrKoFXttjN/+8li6EQpBUi0T5zGIUzN1PL8IErkdYLQL+LbQICw/jJ 08yQDrwIYtRY6DsLxYrKQx7rd32zdSEN+4HhIDT7bV0S7++RzHedrn5LZPvHWEoa LsZsE8kcDjpKeqxJMbi60ja0y2UcFrVGFFyWkVYb7l/Uhr4ynIsEXI6Wc5nLsCo+ NHi7O7MoUvNQakkreMpm7+RT/BUAl1kzRN180FEmEzOOXUqSm/GzTzSPCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJB6RD5FIVZ5LgWzwt4Pw19eaVnbMB8GA1UdIwQY MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt YTZjYTQ1NGRiMmQ3LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3 LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMFf7vbi1 oGtC5MwM5GIE+psZ3GBHIGKKBPoT8Hz4brWKxK62c6QRFFGYkaPszMFxmfPA+7wG Dg2E+8hCf3TlnypqCsogJ1CSGyyrFbdYY8o/0dCG30SsIJmMZPuAkd+BowTKplQC fZsmYCEBl8qapHMy+OP1LI74U2+gVFnqgsBevXdZyK3TNDIz9ZPM8GpMgQhK1XvA csOXtwWyFgqE+DTLHYqlPQly8pecnMOK306BKwlNrzsPnfUy+7en+9viFA1CE23T 211y73jyU0So3J0dsAkF/0cSq5nUM8TcwuXKaaMBnUVQMKlwMZoN/cyyEjbQZnbP tyNEhSDvyISIgg== -----END CERTIFICATE-----Generated at Mon Apr 27 02:04:43 2026 by rpki-client