$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: KQszDCH4Rm/F90KhZvW9YaKL8pRcUJU8z5cZRodh9mI= Subject key identifier: 1B:BC:1B:9C:22:FC:1E:60:2A:D0:0C:EC:7C:90:87:87:FF:D3:6F:E2 Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019D352D81AB2C4ED1583D51EF9905EE9EDF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 13A9 Signing time: Sat 28 Mar 2026 16:01:07 +0000 Manifest this update: Sat 28 Mar 2026 16:01:07 +0000 Manifest next update: Sun 29 Mar 2026 16:01:07 +0000 Files and hashes: 1: 9ThI9Z7soYxz8aK7SxBvxoPEOX4.roa (hash: 2FCnysFwLOl4zVeb97SHJ1QvBKVL+gw4QmS3UAORjFk=) 2: BsMfnzrxddpnmFQ8FtiqLN4hIRw.roa (hash: GbFN7H89aII0f8FiIff5RGaJGPYoV9OOEoYuPkHE93c=) 3: C67-QabxkPaVhoCKelfc7gJ1hK8.roa (hash: 0WW6NyrxV5VH4o1lj6kLTZOdEKPeDBs7ouwPQd+hBHw=) 4: F9-SxyIQIDP0T_L82XSaWh-dz-8.roa (hash: xq0esTvybmQE92rRBw7ldOk97wFXJ2Dn8bPKN1sbBN4=) 5: GXCfAVmuuL63Oe4dOVqYkc3Wuzg.roa (hash: L3MDEpVumA01FdWvikqD5sE8kkEXPwKtDKdz6KqfMnQ=) 6: RY0bArq-jZLzZUGQCt7VtVQ1eP8.roa (hash: nOIDnyfWMWKkEgKPjDc9li7leEEkKMO7ZYw+RINdMRI=) 7: WNwct_JeSUw9EGnGt5EMmHO1qnA.roa (hash: 8JESbBJVZwKNLtuuBYLAyN1yjWX+0RJfMcx4iiDnUQ0=) 8: aOPciO2i4pfhYNx8M-BLAat6K88.roa (hash: 23mtM/XEA4F6fUISXd4S0ZErct8gDmnUbBNFqEeBNOc=) 9: br-MdcUGAgIJZ2jokAIrGgvBgVg.roa (hash: nAJrJwXFm0eNNJbUiUMkYMOpV3Mo7gqR8CqVePMN9SA=) 10: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: VOxeV+euNXWviGZXzhVS4Q9OwitdZKrUpIKTs9k+WHU=) 11: p3gPfuFdg2rqrSBfl0UDEUdNbjM.roa (hash: bWC6ioqLuy3JQURX6TTBBncQtFn3EtAYrnrtm+JIq5g=) 12: qoJxh9RoMci9r1884qksasXONeQ.roa (hash: b1P5hF2MWBN0Il3GucTyqyanvw/mWve+jbkBZTYW4xQ=) 13: zByDWqzQes6Qf_5yruyAW6l4NA8.roa (hash: 4mGvD80bIUslVCK/Nf88S+YHOSjLonqjJpu89t+7Om0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 29 Mar 2026 13:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:35:2d:81:ab:2c:4e:d1:58:3d:51:ef:99:05:ee:9e:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Mar 28 16:01:07 2026 GMT Not After : Mar 29 16:01:07 2026 GMT Subject: CN=1bbc1b9c22fc1e602ad00cec7c908787ffd36fe2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:52:48:f1:53:13:c8:67:a6:59:ad:34:97:46: 6a:5c:ab:eb:d0:ab:46:c9:ab:56:bd:08:8f:98:c9: 87:cf:cb:78:cd:80:6d:25:a3:2d:f0:0b:95:fc:c4: 9a:fd:24:98:8b:7d:12:26:dd:b0:f1:c6:2c:07:69: 38:e1:5d:99:fc:22:44:7d:70:c2:14:0b:98:2b:d5: 11:47:49:e6:e2:20:49:26:16:fe:e3:a0:dd:fb:fc: 72:e4:89:40:f7:fe:e5:56:1b:68:63:4c:91:cb:9e: f0:30:c7:42:59:32:a2:35:63:3c:d4:5c:80:ee:d6: a7:e3:64:3d:87:68:9f:b7:44:a7:7a:5a:87:4d:1b: f4:cb:19:19:58:09:d4:ee:0a:13:dc:c6:27:0e:09: 10:3d:01:2f:4e:d6:d9:11:61:1f:dd:f7:22:8a:20: dd:0d:c5:42:a8:b5:04:29:fc:c1:3a:17:2e:28:21: 83:4b:23:d0:a0:90:77:4d:df:bf:f1:92:6b:15:fe: f3:a5:c1:49:94:df:69:77:b8:ae:df:e8:06:a2:27: f5:e9:02:84:80:58:e7:c2:5f:61:bf:3b:5d:03:89: 7d:4d:20:25:f3:19:a0:67:a0:b1:89:ac:d2:a6:3d: 53:81:48:b7:3a:2d:61:7a:f4:02:47:9e:48:84:09: 5f:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:BC:1B:9C:22:FC:1E:60:2A:D0:0C:EC:7C:90:87:87:FF:D3:6F:E2 X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:11:a7:ce:af:d0:49:7d:95:19:48:9b:de:3d:57:cb:cc:4f: 78:77:62:8f:39:0b:dc:ee:b9:65:18:db:f8:e6:ad:77:97:8b: f5:2e:da:c9:19:56:3b:2f:fb:94:a1:a0:cd:6e:2e:b2:d0:b9: 02:ef:ea:a3:7a:82:2a:04:20:2b:61:31:9b:88:2e:33:d9:41: ad:b2:35:f0:0f:98:74:ba:51:e1:05:1d:91:9f:a4:6e:45:36: f9:e1:94:be:50:91:37:2f:78:a7:20:5f:be:da:08:65:1a:35: fe:b8:9b:96:a6:4b:e4:e1:d5:f4:dd:80:09:16:de:b2:27:81: af:4d:35:eb:3f:fe:5e:22:62:8c:5b:bc:59:23:0c:75:b2:a2: 4f:27:d8:15:3f:87:b1:b1:4a:85:24:98:cd:5d:cb:fa:cf:57: e9:d4:3c:b9:04:83:e9:6b:d1:a4:e8:4f:d7:0d:bb:c7:c0:12: b7:1d:a1:0f:b8:88:bb:2a:e5:c5:8e:49:11:74:07:54:05:28: f5:d3:b3:03:df:d3:bb:27:fd:b4:7b:15:78:63:8a:c1:82:85: 4d:fc:83:1d:59:27:e6:f5:b2:75:1b:d1:8e:f2:e5:45:5d:81: f1:6a:5e:b7:0d:16:9a:c6:7b:bb:31:2b:75:e2:cd:4e:d4:a0: 70:0d:9d:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ01LYGrLE7RWD1R75kF7p7fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjYwMzI4MTYwMTA3WhcNMjYwMzI5MTYwMTA3WjAzMTEwLwYDVQQD EygxYmJjMWI5YzIyZmMxZTYwMmFkMDBjZWM3YzkwODc4N2ZmZDM2ZmUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFJI8VMTyGemWa00l0ZqXKvr0KtG yatWvQiPmMmHz8t4zYBtJaMt8AuV/MSa/SSYi30SJt2w8cYsB2k44V2Z/CJEfXDC FAuYK9URR0nm4iBJJhb+46Dd+/xy5IlA9/7lVhtoY0yRy57wMMdCWTKiNWM81FyA 7tan42Q9h2ift0SnelqHTRv0yxkZWAnU7goT3MYnDgkQPQEvTtbZEWEf3fciiiDd DcVCqLUEKfzBOhcuKCGDSyPQoJB3Td+/8ZJrFf7zpcFJlN9pd7iu3+gGoif16QKE gFjnwl9hvztdA4l9TSAl8xmgZ6CxiazSpj1TgUi3Oi1hevQCR55IhAlf2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBu8G5wi/B5gKtAM7HyQh4f/02/iMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHRGnzq/Q SX2VGUib3j1Xy8xPeHdijzkL3O65ZRjb+Oatd5eL9S7ayRlWOy/7lKGgzW4ustC5 Au/qo3qCKgQgK2Exm4guM9lBrbI18A+YdLpR4QUdkZ+kbkU2+eGUvlCRNy94pyBf vtoIZRo1/riblqZL5OHV9N2ACRbesieBr0016z/+XiJijFu8WSMMdbKiTyfYFT+H sbFKhSSYzV3L+s9X6dQ8uQSD6WvRpOhP1w27x8AStx2hD7iIuyrlxY5JEXQHVAUo 9dOzA9/Tuyf9tHsVeGOKwYKFTfyDHVkn5vWydRvRjvLlRV2B8Wpetw0WmsZ7uzEr deLNTtSgcA2dDA== -----END CERTIFICATE-----Generated at Sat Mar 28 19:47:36 2026 by rpki-client