$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.mft File: oSTM3XDz7HYsvWXgTdb3a-I2qKc.mft (raw, json) Hash identifier: gICWrU/PqPUokE6kQbRDxzz1OH03PBctKvWWg8Snv0g= Subject key identifier: 7C:77:31:EC:58:0F:66:21:13:D6:05:2B:28:9B:B8:5E:81:46:46:C1 Authority key identifier: A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7 Certificate issuer: /CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7 Certificate serial: 019DCCAADBE5C4EC3865D90B52C57DB6C4E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.mft Manifest number: 086A Signing time: Mon 27 Apr 2026 02:00:42 +0000 Manifest this update: Mon 27 Apr 2026 02:00:42 +0000 Manifest next update: Tue 28 Apr 2026 02:00:42 +0000 Files and hashes: 1: 1-EbrvxNY7jUJJte1JMBcOC69EBk.roa (hash: /M4gkvV/7tnw4BlBdpuc1viYnL0XhtHAFXwLDGq3QCg=) 2: NjOJ8tUpqLJAAfHhfTTwUysAm7s.roa (hash: 3a42jEcgSU6c6ZDozj7GhmcER8SN0dScIEdBDzntTP4=) 3: OA81K4GFXKVrjD-M584jTyFYST8.roa (hash: C4S9fMtXlXuIFqggmB3QlimOTqdUpyywlGKQgdOtY5w=) 4: YpbC5jk8lzSJpred_IHkkCVUCKE.roa (hash: Zo4+zcIWbT83bhve20wlbO77GzQpKYPsD28KLD9jN8Y=) 5: YxQb53gzYd0iTmUe7A41D-2rnY8.roa (hash: q+Z1iMu62RV5K/wK7fU9JbtFm1jSO7NLnuxYy0Ettbk=) 6: h_aNMTHSod3zvEv_zlqSsdV20TQ.roa (hash: GccHbmvEFlhiHjnJ+i3nG2pD81e9dD/oLrnSrArj6ig=) 7: oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl (hash: qtguuQ/ZPJxtt6CEPAAN9TRRgITYXBEvKECK7PQ+3Bc=) 8: oh53IB-aUH2plypNUq8_qw59tUU.roa (hash: k/rLC3QFD8nEmci+tQAmE7NOGPMxS4KDVOpLNqgFsg4=) 9: ondT0lA34VONX208YudOD0r79Fo.roa (hash: Q5xYjBiSMcwIIASL37DpTBEnCFikNHHBxM8KVMbJfYU=) 10: vyjCA1W9-6KFsgjaGvfzXuiMYLQ.roa (hash: 7JV7egLgY4Bzr/UvgYj0RPwIqhuXjEo3YWECD7QdwW0=) 11: wtolA6HMGVvPA6gYljfUXhGgO9w.roa (hash: 9lH1rM52hRaE2Kxe2ZgcgE2kAZOcfeGaiUJXArzl1qI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.mft rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 27 Apr 2026 23:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:cc:aa:db:e5:c4:ec:38:65:d9:0b:52:c5:7d:b6:c4:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7 Validity Not Before: Apr 27 02:00:42 2026 GMT Not After : Apr 28 02:00:42 2026 GMT Subject: CN=7c7731ec580f662113d6052b289bb85e814646c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:39:f2:17:60:bc:ed:22:17:18:d8:45:f6:58: 4a:df:09:eb:5b:b1:89:a1:29:4f:0d:f8:83:9c:32: 4d:00:bb:04:f2:61:84:6d:0b:c6:59:f9:07:dc:db: d7:b4:84:bd:d6:cb:e0:17:7c:18:fc:33:53:c7:2a: fd:30:be:80:57:11:dd:45:89:ee:76:b0:74:7d:20: 6f:65:22:5e:da:ca:ba:08:08:c8:ff:2a:f4:2c:39: 8f:e5:e1:12:2e:64:39:09:24:6a:69:24:49:2e:d7: 72:9d:ef:78:34:ed:08:72:55:9b:a6:aa:06:a9:02: 16:c8:82:33:a1:60:dc:80:28:5e:c1:73:cb:f5:b2: 2b:61:1d:e0:c4:4c:f0:29:99:d4:4e:b1:41:c2:3d: f9:11:73:f2:d1:81:dc:cc:28:a2:c1:df:8f:c8:d5: 25:00:14:18:85:10:a0:cb:d6:17:cf:eb:8b:a8:5c: ef:29:09:ac:29:97:77:bb:74:2b:4f:f5:61:b0:51: 7e:d0:fd:8e:d7:e4:d2:61:fc:45:cd:12:0d:ed:2d: bd:8e:ae:f0:71:f2:02:19:60:f5:de:97:9b:18:cd: 6a:cb:e6:4b:d0:45:d7:58:4e:62:17:00:01:39:58: f2:bb:83:64:98:b2:95:e2:3f:4d:5e:b5:63:36:a0: ef:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:77:31:EC:58:0F:66:21:13:D6:05:2B:28:9B:B8:5E:81:46:46:C1 X509v3 Authority Key Identifier: keyid:A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:5d:1e:d5:8c:28:bd:75:b8:37:bd:8a:e1:a7:64:ee:2f:27: f2:d0:ba:9f:68:05:1d:56:88:a2:f2:68:5c:a8:f6:8b:14:7a: 87:b9:ce:09:9d:81:21:52:aa:67:91:a7:ae:91:66:4c:be:c7: 07:4c:98:11:c8:01:11:fa:0c:01:4a:e5:2a:cb:64:44:9c:e1: 99:12:64:6e:71:68:a0:0f:da:28:71:78:45:28:9e:06:4b:ad: f5:92:04:54:f5:92:e7:22:2e:81:bd:33:04:0e:fe:b1:a3:77: 37:3d:d2:56:ca:9e:c6:9c:ee:35:c8:e9:e9:df:e8:f5:3e:7b: 59:e5:64:42:65:01:4a:f8:b8:f2:03:dc:47:74:a4:74:a0:a8: 34:53:9e:cd:80:bb:19:6d:be:df:e0:3a:ec:9f:2f:68:b4:50: 4d:e7:04:b5:59:31:49:80:86:c8:69:9c:3b:3d:87:b9:98:95: 54:84:01:dd:29:15:82:16:3c:a5:10:7b:ad:92:f8:cf:1f:3e: d7:58:97:e0:eb:63:2e:f0:53:3e:01:31:f3:ae:6c:16:02:c1: 78:6a:d9:09:ab:57:7b:84:14:49:a4:0d:da:18:fe:46:f7:bd: 72:f8:51:c1:ed:fd:95:99:0e:8d:8c:ea:57:a7:24:43:e5:28: 86:d8:b6:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3MqtvlxOw4ZdkLUsV9tsTmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMjRjY2RkNzBmM2VjNzYyY2JkNjVlMDRkZDZmNzZiZTIz NmE4YTcwHhcNMjYwNDI3MDIwMDQyWhcNMjYwNDI4MDIwMDQyWjAzMTEwLwYDVQQD Eyg3Yzc3MzFlYzU4MGY2NjIxMTNkNjA1MmIyODliYjg1ZTgxNDY0NmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DnyF2C87SIXGNhF9lhK3wnrW7GJ oSlPDfiDnDJNALsE8mGEbQvGWfkH3NvXtIS91svgF3wY/DNTxyr9ML6AVxHdRYnu drB0fSBvZSJe2sq6CAjI/yr0LDmP5eESLmQ5CSRqaSRJLtdyne94NO0IclWbpqoG qQIWyIIzoWDcgChewXPL9bIrYR3gxEzwKZnUTrFBwj35EXPy0YHczCiiwd+PyNUl ABQYhRCgy9YXz+uLqFzvKQmsKZd3u3QrT/VhsFF+0P2O1+TSYfxFzRIN7S29jq7w cfICGWD13pebGM1qy+ZL0EXXWE5iFwABOVjyu4NkmLKV4j9NXrVjNqDv7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHx3MexYD2YhE9YFKyibuF6BRkbBMB8GA1UdIwQY MBaAFKEkzN1w8+x2LL1l4E3W92viNqinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEt N2IzNTM5N2FmMmY3LzEvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEtN2IzNTM5N2FmMmY3 LzEvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmF0e1Ywo vXW4N72K4adk7i8n8tC6n2gFHVaIovJoXKj2ixR6h7nOCZ2BIVKqZ5GnrpFmTL7H B0yYEcgBEfoMAUrlKstkRJzhmRJkbnFooA/aKHF4RSieBkut9ZIEVPWS5yIugb0z BA7+saN3Nz3SVsqexpzuNcjp6d/o9T57WeVkQmUBSvi48gPcR3SkdKCoNFOezYC7 GW2+3+A67J8vaLRQTecEtVkxSYCGyGmcOz2HuZiVVIQB3SkVghY8pRB7rZL4zx8+ 11iX4OtjLvBTPgEx865sFgLBeGrZCatXe4QUSaQN2hj+Rve9cvhRwe39lZkOjYzq V6ckQ+Uohti2EA== -----END CERTIFICATE-----Generated at Mon Apr 27 07:17:27 2026 by rpki-client