$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft File: dOPDNpcglLGowT1BgWhX0Zejquk.mft (raw, json) Hash identifier: D8fWVG8JGNHSDS0pE8WHj5LghNaQ+v6EfZ+AqykelD4= Subject key identifier: 7A:59:7F:F8:3C:A3:8D:B8:02:63:32:F1:9D:B5:1C:FB:7F:76:FB:5D Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9 Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9 Certificate serial: 019DCCE1F4AE467C1AB7AE5468C0F6A659CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft Manifest number: 1601 Signing time: Mon 27 Apr 2026 03:00:53 +0000 Manifest this update: Mon 27 Apr 2026 03:00:53 +0000 Manifest next update: Tue 28 Apr 2026 03:00:53 +0000 Files and hashes: 1: 1vjKgLyMbmbnD9BN-ENq6mCvpdQ.roa (hash: j6oOw0mW9VGeX6HTh7Pt8Y8xHM75I2sfi2YWe7POauE=) 2: 65FnmspDUVJ9_6QxvLd4l0NA4FE.roa (hash: lgYYkTyMefTXhDS2aNN91oiVE93MHjvbMsoRpFVLAkk=) 3: 6USIsr77ojsfaUkK7p_9yPX50RE.roa (hash: bxePdusDHlOz01oH/vysD1HExvewxm7Ub84+S8jsj6E=) 4: Bh0VhXCtnVTu6NYuZ4a0xAtyxnA.roa (hash: HBYP5wsCK4dtPnx1EHAW2IQhQMnr5dUB/nJJqTK+1C4=) 5: EnU8KLDk0MRS40FVtDjms_Soitw.roa (hash: rcy33n4rwkCj0xCW3i6XJv7RosymyzbT1+UqsgkLw0Q=) 6: Fe1_O6lqpZ4wU51PSyJRl5pRxgs.roa (hash: 3NI8C19YgNRWzyzmt0xuFsZNQ7eEnAdbBiag8O0XRuA=) 7: LcVUnzg476sY0cRj19anqQVr9co.roa (hash: CgyZ8RxzuluDb45z3tYn/fize5wHrZwU9v+utbAlRwk=) 8: QtjndSCGblrfab-ioVOroaNfPN4.roa (hash: 4OpyhaYwVmjq3TRkCJRrHAwNHbosmRoeTn4+UUJfDU8=) 9: dOPDNpcglLGowT1BgWhX0Zejquk.crl (hash: 0muea0KLN3di4dZTj2o/87iCdroU4Wo80q2m7gVJgys=) 10: lC8mVQtZgzYCvFwXFlGkBqCpw84.roa (hash: SarrKRsARvJpAVux4A8mAEIosBVax08KS/WsVU5r/mE=) 11: ooTDK5wBI-XJq8zfv_YSdFU-vlo.roa (hash: xJD4AS2qcydvJ4nIFIToFd7KJeX/bcKOS0Cq1Ky05fE=) 12: sOU9sf_TLtLowD_NZ2t2Nk3oMWk.roa (hash: A6LA4etDI922EmA77PSJlPQnzxugY9xfCjTlpLtEMx0=) 13: usyF6cqpiTZ36Hi-zUV3iBaL6mI.roa (hash: MwwYW4a1c7XEGwwS8SXJYUUEBBLKVu6KJRZWVoJlLQo=) 14: v4wBo_Qz0X5zJTIwb0QZQ9GFZms.roa (hash: IlvU1dySJCzAWqUq3ax3NvMIRPVQQDJqs9utM98mnVw=) 15: y8jNpNhJhN8HEtdIA-w7AJf_i5Q.roa (hash: 8sIOOrWgw4Q4JWzlfJJ/cqOkQmwBNx1SNCCheRpOVMM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 27 Apr 2026 23:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:cc:e1:f4:ae:46:7c:1a:b7:ae:54:68:c0:f6:a6:59:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9 Validity Not Before: Apr 27 03:00:53 2026 GMT Not After : Apr 28 03:00:53 2026 GMT Subject: CN=7a597ff83ca38db8026332f19db51cfb7f76fb5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:55:b4:75:5c:78:54:37:2f:16:71:c1:cf:6b: 2b:56:5a:f9:81:de:80:a7:c6:9a:6a:4f:df:04:7a: 57:8c:d8:cd:18:e1:63:fb:b8:2c:ef:e7:17:c4:b1: 48:d0:c5:40:a8:42:d3:a3:1a:7c:4d:ac:84:d7:1f: d7:03:8b:d0:e2:4f:22:00:ce:16:95:df:a0:d0:26: c1:96:a1:20:b8:81:c2:5c:60:08:c1:fb:05:f9:c2: 49:f4:40:d3:93:a3:1f:e6:4a:a3:ca:99:3e:1a:f2: c8:81:f3:e8:cb:91:5b:0c:94:59:75:74:8b:cf:88: b9:36:08:ad:e1:46:4e:7e:e1:2a:30:81:bb:ae:71: 3a:5c:e4:37:d9:09:c5:d9:8f:b2:ce:c1:94:0f:c7: 83:3b:03:95:9e:88:42:ea:77:6d:cd:65:fd:c1:40: e4:68:d0:d0:ce:a5:97:5b:7c:ab:c8:84:2c:8f:22: 4a:07:2e:4e:64:5a:39:dd:2c:be:c4:1c:cd:8d:89: 63:52:90:dc:ac:b5:74:27:16:3d:99:a1:2b:e9:74: e0:56:78:f5:ad:2d:f1:6e:13:ad:d0:98:0d:3c:f9: 53:c8:82:24:5f:39:88:9c:59:3f:52:bb:c1:40:56: d0:97:84:78:aa:65:70:67:1b:44:e0:88:5b:84:32: 87:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:59:7F:F8:3C:A3:8D:B8:02:63:32:F1:9D:B5:1C:FB:7F:76:FB:5D X509v3 Authority Key Identifier: keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:89:ad:4c:91:d2:79:45:8b:2d:13:71:31:3b:cc:a6:8e:29: aa:1b:b9:87:f8:d7:cb:f8:06:e2:0a:07:f9:69:a9:57:d0:8c: 82:4b:6c:c5:14:23:14:2f:4e:ab:4c:09:d9:1c:ab:0e:d3:ba: 65:c1:11:98:1b:0d:b7:e8:4c:a1:73:38:a4:7e:f0:25:c7:96: 9d:18:54:68:ab:24:b7:9f:fc:40:6b:2d:d2:f0:f6:a8:cc:25: 78:a3:20:c4:bf:24:34:cf:54:9b:34:68:34:e9:be:61:b4:b6: c0:74:9b:81:7c:03:6e:3d:ea:5e:26:41:e4:2c:25:59:f4:12: 60:9d:ff:0d:a2:fe:7f:01:b8:5e:04:5b:60:a0:f0:03:de:fe: 9a:a7:e6:e9:6d:17:7e:bd:e3:be:05:f3:0a:3f:52:3c:9b:c0: 39:42:16:82:cb:19:92:e0:c1:10:4f:6a:24:8c:ec:ad:a4:9f: 27:d4:6e:b7:7d:1a:c2:9e:03:3f:a9:b7:16:47:65:c7:9a:79: d9:40:68:a3:18:95:ee:11:06:e4:d2:69:78:e0:25:ce:5a:ce: 92:b3:e7:38:60:4a:2f:24:c8:87:8a:ea:9f:22:4a:53:df:85: 6f:fe:1c:ef:d3:21:71:40:da:c4:ea:b3:db:ab:50:71:6f:62: 4a:43:81:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3M4fSuRnwat65UaMD2plnOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh M2FhZTkwHhcNMjYwNDI3MDMwMDUzWhcNMjYwNDI4MDMwMDUzWjAzMTEwLwYDVQQD Eyg3YTU5N2ZmODNjYTM4ZGI4MDI2MzMyZjE5ZGI1MWNmYjdmNzZmYjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VW0dVx4VDcvFnHBz2srVlr5gd6A p8aaak/fBHpXjNjNGOFj+7gs7+cXxLFI0MVAqELToxp8TayE1x/XA4vQ4k8iAM4W ld+g0CbBlqEguIHCXGAIwfsF+cJJ9EDTk6Mf5kqjypk+GvLIgfPoy5FbDJRZdXSL z4i5Ngit4UZOfuEqMIG7rnE6XOQ32QnF2Y+yzsGUD8eDOwOVnohC6ndtzWX9wUDk aNDQzqWXW3yryIQsjyJKBy5OZFo53Sy+xBzNjYljUpDcrLV0JxY9maEr6XTgVnj1 rS3xbhOt0JgNPPlTyIIkXzmInFk/UrvBQFbQl4R4qmVwZxtE4IhbhDKHDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHpZf/g8o424AmMy8Z21HPt/dvtdMB8GA1UdIwQY MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt YTZjNDllYjI4Mjg3LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3 LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuYmtTJHS eUWLLRNxMTvMpo4pqhu5h/jXy/gG4goH+WmpV9CMgktsxRQjFC9Oq0wJ2RyrDtO6 ZcERmBsNt+hMoXM4pH7wJceWnRhUaKskt5/8QGst0vD2qMwleKMgxL8kNM9UmzRo NOm+YbS2wHSbgXwDbj3qXiZB5CwlWfQSYJ3/DaL+fwG4XgRbYKDwA97+mqfm6W0X fr3jvgXzCj9SPJvAOUIWgssZkuDBEE9qJIzsraSfJ9Rut30awp4DP6m3Fkdlx5p5 2UBooxiV7hEG5NJpeOAlzlrOkrPnOGBKLyTIh4rqnyJKU9+Fb/4c79MhcUDaxOqz 26tQcW9iSkOBYQ== -----END CERTIFICATE-----Generated at Mon Apr 27 09:15:58 2026 by rpki-client