$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft File: iawKy_23onTvNsFvWGCtoqJHBpc.mft (raw, json) Hash identifier: bhxGEoICujb4seefNrEUFANFgOdZcuOhrNqUm0Rxa9w= Subject key identifier: 42:08:D1:1A:70:B7:7F:F8:14:52:22:B3:CA:51:1C:A4:28:99:57:A3 Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97 Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697 Certificate serial: 019CE5918AA3966811808B58768CB6F0739D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft Manifest number: 1856 Signing time: Fri 13 Mar 2026 05:00:46 +0000 Manifest this update: Fri 13 Mar 2026 05:00:46 +0000 Manifest next update: Sat 14 Mar 2026 05:00:46 +0000 Files and hashes: 1: 8_MkA_mT9KIdkBcNq59qKHbc9ho.roa (hash: E24Q5XRNZzYhaFekHtHmSqKUrlGX20Uvqt/+tLWhFo4=) 2: 8dz0TrMtwzys9aId9S0iNBUOM6I.roa (hash: QLXQgTisSL5o9NDXTvqc31xSu43P2bWSnl0Mbj1LxKA=) 3: ATr9on9NXfN5KaeCexdDhihuhvE.roa (hash: fRmU0RyX9cmxFGh6vh7b2kq/1xI8atRRIR73j9hG4+Y=) 4: JSGXBtXBDhU1ugyi_XXHVVOXM3E.roa (hash: arGn6FJKM/5X/KQBvvmxnfiup95zCVTz6MKIcb88dnA=) 5: JutDRiQZPtkgRNn4DbKRtcU159k.roa (hash: TBfVgKnr15EdS367udNkZsLjUZkCmwigL6STK1CGALk=) 6: WYjaPZyXn9OqgdQ9oF2UyH6UZxY.roa (hash: EVCumPjXA28vp5ehPKHe+PCdpvR77Tfj3/cbydnM+o0=) 7: XXTLAzTN8ORt_-RYCj2-8C6GR00.roa (hash: 6BDh84FsMhXUtXLJgFo0Xh10o5gPmpg2C2PNspUTVCk=) 8: iawKy_23onTvNsFvWGCtoqJHBpc.crl (hash: bmDQfapY/2APZXWUIiEGBisIhYGRA2jp5hM//ue4+O4=) 9: m6mcSmpfmNAj9RbqZcHLhm1-GBQ.roa (hash: p83WPoiu14c7eyRfswAFJNoQrZPR/HEj5misljpRM2U=) 10: nkHJQxs3RvxryxXyywwLA5kWGDI.roa (hash: VuLzAxuuKrma6aeyKBkCPTnFtqwkCI2Bh/sV0lxF7Jc=) 11: vzjiQ62-Ida16ZpmsWaWVB-3g8U.roa (hash: jsH0jmCurlULuLa9fBp8xexVcDJDX4+DOBZF+vtnAlE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 14 Mar 2026 00:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:e5:91:8a:a3:96:68:11:80:8b:58:76:8c:b6:f0:73:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697 Validity Not Before: Mar 13 05:00:46 2026 GMT Not After : Mar 14 05:00:46 2026 GMT Subject: CN=4208d11a70b77ff8145222b3ca511ca4289957a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:f7:ed:ee:7c:65:76:e0:de:25:64:56:ca:f5: 3a:56:e5:7d:0e:78:93:8d:11:a7:ad:ec:cd:f0:67: eb:a2:fc:b3:86:39:b9:f2:14:0c:d3:fe:da:05:dd: 33:14:1d:f5:da:ed:9a:b9:9b:60:4f:b6:c2:18:16: 92:15:7e:a8:44:5b:cd:27:ff:be:1d:c8:4e:a3:19: a0:68:ad:21:27:93:24:97:a3:94:b0:9a:d1:e9:9a: 87:74:08:17:ca:ba:36:f2:e4:6d:76:29:d2:3e:dc: 00:da:d6:2d:4c:5c:1b:84:0a:d9:e0:48:a3:4f:4f: 26:b3:32:8e:ce:ef:ff:3c:67:19:df:38:b1:38:f4: e6:a4:55:f8:bb:72:ef:5b:c9:f9:f4:db:25:ed:a1: 81:3d:7e:c8:d1:a7:69:fe:2c:1a:c9:f4:0e:dc:d5: 3d:5c:3a:e3:31:39:6b:19:51:6c:8c:29:6f:7c:9f: 75:55:40:6d:42:bc:28:22:ed:86:4b:31:17:75:f6: 51:65:1e:5a:7e:35:dc:5a:88:f9:79:90:43:25:60: 04:da:07:61:a6:3d:0c:6f:7a:2b:27:d3:62:bf:19: d6:ac:03:14:e8:93:a5:98:ee:6d:f3:cd:bf:9b:8c: 20:9a:44:e2:ee:55:3d:d1:dd:27:e4:c8:b1:0b:f9: d2:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:08:D1:1A:70:B7:7F:F8:14:52:22:B3:CA:51:1C:A4:28:99:57:A3 X509v3 Authority Key Identifier: keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:f9:28:8d:f2:75:56:81:6b:f7:13:6e:07:72:d7:2f:a3:32: 61:c9:2a:86:24:e4:c0:2d:dc:cb:b6:00:36:d0:8c:da:ff:65: d5:62:0f:e6:65:38:66:05:76:e5:10:d4:0a:42:6b:67:d3:c0: 1f:09:51:ae:52:5a:98:47:e4:9d:8f:bb:56:50:64:f0:4a:7c: 09:0f:09:4a:f3:eb:5b:01:76:44:04:ad:e5:f5:09:e7:d4:87: ed:ca:2f:73:12:31:0a:16:a2:fd:b0:62:56:c7:b9:79:ff:26: c4:11:37:54:7f:cc:44:5b:57:f1:06:24:77:82:bb:f5:b4:df: 47:2f:d4:6f:39:ff:2c:22:cb:95:9b:85:20:d3:16:0d:50:09: b4:1c:94:75:f9:2c:cd:bc:1b:4d:f8:58:a9:a5:4e:f7:c4:8a: ad:ca:be:a8:8b:cc:13:83:91:ca:cc:f9:12:af:83:98:0d:2a: 60:0f:4d:22:f9:8e:44:72:a4:aa:e2:3f:dd:c0:34:d6:24:48: 1d:1a:bc:59:76:95:28:3b:29:c8:a3:b3:22:66:ab:58:98:15: 48:c7:e7:5e:7c:80:dd:7b:50:b6:4d:44:de:1f:13:59:fc:df: e2:b3:e5:4e:f6:12:34:a1:cc:78:77:c2:51:fe:7a:3d:8e:22: a6:3a:ef:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZzlkYqjlmgRgItYdoy28HOdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0 NzA2OTcwHhcNMjYwMzEzMDUwMDQ2WhcNMjYwMzE0MDUwMDQ2WjAzMTEwLwYDVQQD Eyg0MjA4ZDExYTcwYjc3ZmY4MTQ1MjIyYjNjYTUxMWNhNDI4OTk1N2EzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPft7nxlduDeJWRWyvU6VuV9DniT jRGnrezN8Gfrovyzhjm58hQM0/7aBd0zFB312u2auZtgT7bCGBaSFX6oRFvNJ/++ HchOoxmgaK0hJ5Mkl6OUsJrR6ZqHdAgXyro28uRtdinSPtwA2tYtTFwbhArZ4Eij T08mszKOzu//PGcZ3zixOPTmpFX4u3LvW8n59Nsl7aGBPX7I0adp/iwayfQO3NU9 XDrjMTlrGVFsjClvfJ91VUBtQrwoIu2GSzEXdfZRZR5afjXcWoj5eZBDJWAE2gdh pj0Mb3orJ9NivxnWrAMU6JOlmO5t882/m4wgmkTi7lU90d0n5MixC/nS2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEII0Rpwt3/4FFIis8pRHKQomVejMB8GA1UdIwQY MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt ZDRkYmY3MDY2ZmQzLzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHfkojfJ1 VoFr9xNuB3LXL6MyYckqhiTkwC3cy7YANtCM2v9l1WIP5mU4ZgV25RDUCkJrZ9PA HwlRrlJamEfknY+7VlBk8Ep8CQ8JSvPrWwF2RASt5fUJ59SH7covcxIxChai/bBi Vse5ef8mxBE3VH/MRFtX8QYkd4K79bTfRy/Ubzn/LCLLlZuFINMWDVAJtByUdfks zbwbTfhYqaVO98SKrcq+qIvME4ORysz5Eq+DmA0qYA9NIvmORHKkquI/3cA01iRI HRq8WXaVKDspyKOzImarWJgVSMfnXnyA3XtQtk1E3h8TWfzf4rPlTvYSNKHMeHfC Uf56PY4ipjrvGA== -----END CERTIFICATE-----Generated at Fri Mar 13 09:45:27 2026 by rpki-client