$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft File: IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft (raw, json) Hash identifier: DPpw/hWDBA3MHe1j5z29iAt8iFLQipqxRBAzxvQBpHY= Subject key identifier: 27:FA:79:70:DD:E6:B1:8C:42:A3:58:0F:5D:21:B0:E5:FF:3C:03:EE Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Certificate serial: 019D2EBDAB88623099CF7320C8CD60816DCF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft Manifest number: 1894 Signing time: Fri 27 Mar 2026 10:01:15 +0000 Manifest this update: Fri 27 Mar 2026 10:01:15 +0000 Manifest next update: Sat 28 Mar 2026 10:01:15 +0000 Files and hashes: 1: BNGMVvTZ1XawSMPOVaywEKgFz8w.roa (hash: WMt9Jn62xWAvsFJt6BLgLhIXnUKvtSHXK/jsLiQ9wc0=) 2: IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl (hash: YZ4QrAqL7qiwBHuFaqSX/5NdNICWWLCAWmFfvhB8iCw=) 3: J_k_uJydXhJKkAPBLn_Xr9EpYmw.roa (hash: bMaFsCf1Hj+guhXQdkk7ZJ24ZgANPSnkOncPj3CW1pQ=) 4: S9D_ZvZP7Y2SyyqdAWt1mGxtagE.roa (hash: hH6PHrAp3gX28fWUuJtWpjV+rB9bYio8w3wI6R4XHQI=) 5: YPhzzBUAAD8W6PxdQ8Eo6J_1Xlo.roa (hash: QJjVxTN7Kd8ed1QYD92fFHesTbkRe6gyeZIi3S6D0so=) 6: Z8UyJlJrz_tPx2Lzi2wtF6sRSoY.roa (hash: pZEmU7QBOi+LmI67NMxNilqE5KRHfsee+sRCVmykeWE=) 7: gw26QBwPzQF9bT3yyu20z1tgJyk.roa (hash: iuHp19gpWORmcmt7JfC/koJtOp0jpGQxA/LoBFKsFao=) 8: mdj55pZO6nRDbpPFsXBoK-GkNU8.roa (hash: JU7FZwf7hl0KcJAATQ/by5oF+/xX9ntEZw2LOkX+3S0=) 9: n70k782e6Gxq_-Hc2YO_idjOcAs.roa (hash: 9xPDUcAeeZeb+V1tJdiN4n6+fuVQh1F2hwH4+x4MOiQ=) 10: pX4-zHrOaGGZmLrFodKOqsDRVt8.roa (hash: oNNoPaGL9tiGcsnmh6pVkfSYR8zyTqJrDL9WChZzfdA=) 11: vqLY8AJRdwBNZp1vMAKBzj7hYMk.roa (hash: QScIVVTzvA87+g4pWqcXEROo6Uo1IppOyeJM8oSgj8s=) 12: xgHR7y7J0aGtYD0R9jhr6WJbZm8.roa (hash: CHXV05nQbB5KxwYkctbAeeyJMsjXN6ysG0w+cPnzH+Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 28 Mar 2026 10:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:2e:bd:ab:88:62:30:99:cf:73:20:c8:cd:60:81:6d:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Validity Not Before: Mar 27 10:01:15 2026 GMT Not After : Mar 28 10:01:15 2026 GMT Subject: CN=27fa7970dde6b18c42a3580f5d21b0e5ff3c03ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:98:d2:fd:7e:80:78:24:0c:65:d0:58:0d:0d: 48:55:c6:f1:41:5b:66:f3:b8:5b:93:cb:73:fa:ba: bd:99:72:6b:31:74:65:29:c2:d6:a8:2f:34:1f:11: e2:85:86:b3:51:33:1f:87:0e:d9:10:00:89:c6:bd: 1d:b8:97:27:ec:de:3a:ef:ba:c4:46:c6:bb:38:b4: 0b:3b:32:f1:ee:0e:1a:67:b8:36:c4:f4:52:f2:04: 04:9f:3b:f5:b1:42:40:b1:cb:c6:92:0a:3e:74:20: f8:bd:28:2f:00:24:a9:ad:b9:b2:df:1a:a6:1b:5c: 4d:06:22:99:c5:1c:8d:30:e1:bf:72:f2:a5:79:3d: ea:d4:dc:37:1e:d2:e9:c5:4f:e8:20:7a:5e:c1:55: 5e:2d:2e:35:b4:c3:ef:d7:cd:7b:21:8d:c4:95:fd: 5f:33:fe:d1:86:c3:7d:54:0b:a0:73:7b:01:3c:90: 36:d7:25:df:24:ec:8b:5c:a6:94:35:8a:c5:4b:41: 81:75:bc:bf:93:f8:77:e1:eb:3e:68:05:7b:43:e6: 6e:ae:67:39:0b:f2:1c:53:52:dd:43:69:c2:74:e0: ae:2c:f9:00:e9:f9:f2:0a:f8:dd:c5:a9:a6:13:1d: 2c:02:a6:4f:28:b9:37:ca:ff:cd:a1:d5:ee:30:97: 68:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:FA:79:70:DD:E6:B1:8C:42:A3:58:0F:5D:21:B0:E5:FF:3C:03:EE X509v3 Authority Key Identifier: keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:fc:3f:25:84:4c:51:f3:41:ee:55:bc:f5:35:cd:d1:3a:fd: 35:bd:61:ab:0d:ea:aa:39:10:bb:0e:35:16:44:67:5b:a2:af: 47:2e:45:e3:05:14:e1:d0:59:2a:6a:18:9d:8d:24:fb:ae:ad: 4a:9b:f5:53:84:1a:2e:d8:b5:df:40:78:d0:fb:7a:ed:a1:1e: 11:77:e6:82:f9:85:f8:17:93:c8:ab:34:52:0e:68:11:ac:f6: d2:55:d4:21:4f:e0:e5:83:08:e0:d7:3e:e3:4d:e6:16:0b:28: 49:72:6d:82:58:35:81:56:b6:b8:c9:7b:a6:ad:8d:2f:c8:4b: 9a:86:bc:a9:8d:d6:a7:f9:4d:4d:90:d5:07:ee:1b:97:41:7f: c9:4f:55:70:9a:e4:09:c3:e4:ce:be:54:06:de:45:20:43:c5: b2:26:b1:00:76:ad:2c:f5:85:0a:26:21:ed:3c:45:f2:c3:1e: 6a:ce:0c:7b:c9:dd:f1:96:d7:fd:4e:33:f8:66:7d:2b:57:e9: 57:53:1f:f5:21:cc:d4:9f:f9:05:6d:94:ef:c5:b9:d6:c7:f6: 91:85:86:3e:bb:2e:1d:80:74:62:4b:5d:dd:0c:f1:81:27:95: cd:61:12:dc:eb:9a:1a:18:9f:29:ae:7b:57:45:14:bd:cd:7a: 7f:11:1e:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0uvauIYjCZz3MgyM1ggW3PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj ZmQwNjIwHhcNMjYwMzI3MTAwMTE1WhcNMjYwMzI4MTAwMTE1WjAzMTEwLwYDVQQD EygyN2ZhNzk3MGRkZTZiMThjNDJhMzU4MGY1ZDIxYjBlNWZmM2MwM2VlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JjS/X6AeCQMZdBYDQ1IVcbxQVtm 87hbk8tz+rq9mXJrMXRlKcLWqC80HxHihYazUTMfhw7ZEACJxr0duJcn7N4677rE Rsa7OLQLOzLx7g4aZ7g2xPRS8gQEnzv1sUJAscvGkgo+dCD4vSgvACSprbmy3xqm G1xNBiKZxRyNMOG/cvKleT3q1Nw3HtLpxU/oIHpewVVeLS41tMPv1817IY3Elf1f M/7RhsN9VAugc3sBPJA21yXfJOyLXKaUNYrFS0GBdby/k/h34es+aAV7Q+Zurmc5 C/IcU1LdQ2nCdOCuLPkA6fnyCvjdxammEx0sAqZPKLk3yv/NodXuMJdojQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCf6eXDd5rGMQqNYD10hsOX/PAPuMB8GA1UdIwQY MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt NjU0ZGQ2NDQyY2U0LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0 LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATPw/JYRM UfNB7lW89TXN0Tr9Nb1hqw3qqjkQuw41FkRnW6KvRy5F4wUU4dBZKmoYnY0k+66t Spv1U4QaLti130B40Pt67aEeEXfmgvmF+BeTyKs0Ug5oEaz20lXUIU/g5YMI4Nc+ 403mFgsoSXJtglg1gVa2uMl7pq2NL8hLmoa8qY3Wp/lNTZDVB+4bl0F/yU9VcJrk CcPkzr5UBt5FIEPFsiaxAHatLPWFCiYh7TxF8sMeas4Me8nd8ZbX/U4z+GZ9K1fp V1Mf9SHM1J/5BW2U78W51sf2kYWGPrsuHYB0Yktd3QzxgSeVzWES3OuaGhifKa57 V0UUvc16fxEeTA== -----END CERTIFICATE-----Generated at Fri Mar 27 16:10:19 2026 by rpki-client