$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft File: iawKy_23onTvNsFvWGCtoqJHBpc.mft (raw, json) Hash identifier: iLP627PzPr0jsLQoiH90GFMsbgVdbLGQsGr7CDWoLwk= Subject key identifier: BB:CC:38:B0:55:6E:12:2C:83:6F:21:FD:80:C9:A0:9A:68:FA:71:8A Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97 Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697 Certificate serial: 019DCD4F98D9B0DF0BF3CAEB3A186FBF8C49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft Manifest number: 18CE Signing time: Mon 27 Apr 2026 05:00:38 +0000 Manifest this update: Mon 27 Apr 2026 05:00:38 +0000 Manifest next update: Tue 28 Apr 2026 05:00:38 +0000 Files and hashes: 1: 8_MkA_mT9KIdkBcNq59qKHbc9ho.roa (hash: E24Q5XRNZzYhaFekHtHmSqKUrlGX20Uvqt/+tLWhFo4=) 2: 8dz0TrMtwzys9aId9S0iNBUOM6I.roa (hash: QLXQgTisSL5o9NDXTvqc31xSu43P2bWSnl0Mbj1LxKA=) 3: ATr9on9NXfN5KaeCexdDhihuhvE.roa (hash: fRmU0RyX9cmxFGh6vh7b2kq/1xI8atRRIR73j9hG4+Y=) 4: JSGXBtXBDhU1ugyi_XXHVVOXM3E.roa (hash: arGn6FJKM/5X/KQBvvmxnfiup95zCVTz6MKIcb88dnA=) 5: JutDRiQZPtkgRNn4DbKRtcU159k.roa (hash: TBfVgKnr15EdS367udNkZsLjUZkCmwigL6STK1CGALk=) 6: WYjaPZyXn9OqgdQ9oF2UyH6UZxY.roa (hash: EVCumPjXA28vp5ehPKHe+PCdpvR77Tfj3/cbydnM+o0=) 7: XXTLAzTN8ORt_-RYCj2-8C6GR00.roa (hash: 6BDh84FsMhXUtXLJgFo0Xh10o5gPmpg2C2PNspUTVCk=) 8: iawKy_23onTvNsFvWGCtoqJHBpc.crl (hash: m8FIhufZDuZeohRbZ1yqCO+E3+C+I/sH9nKjp9YuuNc=) 9: m6mcSmpfmNAj9RbqZcHLhm1-GBQ.roa (hash: p83WPoiu14c7eyRfswAFJNoQrZPR/HEj5misljpRM2U=) 10: nkHJQxs3RvxryxXyywwLA5kWGDI.roa (hash: VuLzAxuuKrma6aeyKBkCPTnFtqwkCI2Bh/sV0lxF7Jc=) 11: vzjiQ62-Ida16ZpmsWaWVB-3g8U.roa (hash: jsH0jmCurlULuLa9fBp8xexVcDJDX4+DOBZF+vtnAlE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Apr 2026 05:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:cd:4f:98:d9:b0:df:0b:f3:ca:eb:3a:18:6f:bf:8c:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697 Validity Not Before: Apr 27 05:00:38 2026 GMT Not After : Apr 28 05:00:38 2026 GMT Subject: CN=bbcc38b0556e122c836f21fd80c9a09a68fa718a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:72:6f:ab:31:7f:a8:f8:9c:2c:68:3e:e3:c9: 28:0a:25:ed:58:48:43:9f:fe:05:52:ac:97:ac:8d: eb:4e:73:e6:90:9b:13:8b:7d:3c:5d:fe:36:a9:bd: de:6f:4d:25:df:2b:69:55:b6:0f:65:34:ad:49:98: 0a:65:9b:bc:1f:68:42:2e:14:38:d4:22:92:d6:43: 64:73:d9:90:55:df:fe:8c:c6:b2:f0:4f:ef:9a:64: 83:f8:ac:6a:e2:b2:d7:af:2a:b4:fe:d1:ad:e1:97: a0:e1:39:a2:22:98:e9:55:05:4c:49:6c:ed:08:50: 51:d4:8b:92:74:53:60:e0:4d:6d:62:16:85:7a:93: 5a:e9:05:fc:8d:1d:ee:0f:c3:4f:b5:e5:30:d8:d1: cc:ca:d5:5a:13:20:29:45:1c:6b:41:99:86:90:8e: 7d:6c:f7:e4:15:bb:47:c1:8a:56:e5:99:a3:89:b7: a5:61:75:17:72:c0:e2:85:d2:36:3e:14:6c:2e:3d: 18:5d:9f:16:23:ae:52:3f:3a:ca:ae:f6:ef:92:0f: 3a:9c:bf:ed:aa:69:db:0c:63:3e:bc:09:fc:f8:fb: 9f:1a:b5:1d:4f:a1:d9:2c:3f:f8:49:0c:fc:c3:ea: 8f:29:09:e0:34:d2:a3:5a:0e:5e:bc:73:6f:6b:41: ea:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:CC:38:B0:55:6E:12:2C:83:6F:21:FD:80:C9:A0:9A:68:FA:71:8A X509v3 Authority Key Identifier: keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:53:0c:84:d7:08:3b:b4:a1:e5:cf:db:a0:c9:5a:7c:bd:62: 30:4d:27:e6:f5:b6:34:4d:7d:d6:96:4a:fe:cb:b3:58:98:8a: 81:62:b3:07:59:e7:74:47:3f:dc:a0:b7:09:ea:58:d1:25:90: 98:81:1e:14:96:37:be:06:43:2e:74:36:d3:d5:f5:88:9a:3a: f5:0f:63:c2:d1:09:91:0d:d9:6c:7b:cd:1b:96:ae:4d:a1:81: ce:02:ff:2f:5f:39:b6:e7:94:39:0d:23:52:6a:51:c6:01:9f: 2c:d7:e1:a9:31:57:81:81:f1:85:7c:bc:c9:40:4c:7a:f1:12: c8:68:47:84:e9:24:9f:dc:24:62:24:b5:d4:a5:cf:25:3f:b9: 28:8d:1c:cb:29:2b:35:86:a4:15:a3:1a:ad:ef:b7:ea:9f:94: 11:8d:50:14:5e:3b:30:b8:46:80:78:30:29:62:aa:fe:74:7d: dd:a6:b5:99:b2:ec:22:2b:04:80:65:17:29:ef:c1:a4:3e:ac: 82:c9:2e:8e:de:b1:50:fb:56:00:55:78:ba:30:5b:87:30:a0: 54:ba:4b:3d:a5:ed:08:db:34:45:69:71:5b:7e:fd:9c:bc:95: 70:e8:8d:06:16:16:b6:db:3e:e5:38:9e:4f:15:38:26:a7:59: dd:b1:66:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3NT5jZsN8L88rrOhhvv4xJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0 NzA2OTcwHhcNMjYwNDI3MDUwMDM4WhcNMjYwNDI4MDUwMDM4WjAzMTEwLwYDVQQD EyhiYmNjMzhiMDU1NmUxMjJjODM2ZjIxZmQ4MGM5YTA5YTY4ZmE3MThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHJvqzF/qPicLGg+48koCiXtWEhD n/4FUqyXrI3rTnPmkJsTi308Xf42qb3eb00l3ytpVbYPZTStSZgKZZu8H2hCLhQ4 1CKS1kNkc9mQVd/+jMay8E/vmmSD+Kxq4rLXryq0/tGt4Zeg4TmiIpjpVQVMSWzt CFBR1IuSdFNg4E1tYhaFepNa6QX8jR3uD8NPteUw2NHMytVaEyApRRxrQZmGkI59 bPfkFbtHwYpW5ZmjibelYXUXcsDihdI2PhRsLj0YXZ8WI65SPzrKrvbvkg86nL/t qmnbDGM+vAn8+PufGrUdT6HZLD/4SQz8w+qPKQngNNKjWg5evHNva0HqjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLvMOLBVbhIsg28h/YDJoJpo+nGKMB8GA1UdIwQY MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt ZDRkYmY3MDY2ZmQzLzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnlMMhNcI O7Sh5c/boMlafL1iME0n5vW2NE191pZK/suzWJiKgWKzB1nndEc/3KC3CepY0SWQ mIEeFJY3vgZDLnQ209X1iJo69Q9jwtEJkQ3ZbHvNG5auTaGBzgL/L185tueUOQ0j UmpRxgGfLNfhqTFXgYHxhXy8yUBMevESyGhHhOkkn9wkYiS11KXPJT+5KI0cyykr NYakFaMare+36p+UEY1QFF47MLhGgHgwKWKq/nR93aa1mbLsIisEgGUXKe/BpD6s gskujt6xUPtWAFV4ujBbhzCgVLpLPaXtCNs0RWlxW379nLyVcOiNBhYWtts+5Tie TxU4JqdZ3bFmIQ== -----END CERTIFICATE-----Generated at Mon Apr 27 14:34:14 2026 by rpki-client