$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft File: lBZrcEhD09l1QJXIOpG0k4KCAKI.mft (raw, json) Hash identifier: 0GKF1JrlzjksFQdiUgFbKpF8yQAtp+Mj2JZF+SsoSPY= Subject key identifier: 6E:DD:6D:A4:13:35:94:76:17:E3:13:13:3A:C6:EF:F0:C6:5F:0D:67 Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2 Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2 Certificate serial: 019D2F62774E17F5A5851AFB870881710F18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft Manifest number: 194D Signing time: Fri 27 Mar 2026 13:01:15 +0000 Manifest this update: Fri 27 Mar 2026 13:01:15 +0000 Manifest next update: Sat 28 Mar 2026 13:01:15 +0000 Files and hashes: 1: F8c1izE-9RJV-qYbebPoSy0OO04.roa (hash: R4SfTxNG21QdwRjkrLqrgaOvhx8zK8zawB+KroMpRRM=) 2: KHKpEj2THKj58bA0t2ta3IDNpvE.roa (hash: Pq1zZUJA84ZOxc7RlsG24SrZSENVQ5pv+oFLBtS7LdY=) 3: S-qA9-nsT_74A0PxMdu9MD1fVzE.roa (hash: Wen8UtWVVMVXMhV1GUrx8/4Tw9qB9gvB3JFZi7kWILc=) 4: Xp1cuH5GckRebQbl04bBVOXl9c0.roa (hash: G9DoetqG3+uFPEjScRTeA6vdZfkVk+8JEJjCMtB7vJ4=) 5: cjuW9zHucIxHadivGPbPdZXZ_58.roa (hash: +/HavscS0K4ByxH8Sd+pAVMLMiLtpvePtkXZTD1HVWg=) 6: ckfmY3WSPr_4BWpV0qlaPUwbu8I.roa (hash: rA5xc/5hb1tqN7XSQMe8RP1nVeaWX6f+VPTMMamNxv0=) 7: kHJAbRZAn8BmDoNVsIR_1TrPdwU.roa (hash: MQR9UxJH6mrGqbSYbaZNH4TCjTvPKDgCy2uSCTLGIl4=) 8: lBZrcEhD09l1QJXIOpG0k4KCAKI.crl (hash: 91kwOQ2udEpu0E0NL6Bzuv7kIFnlXoinpQAh3AOSzkY=) 9: oFjLnFx0PgjFBuwtiF_MYSFpqmA.roa (hash: VK+JXOgRMBfH6LlIiFROL5a7HEYqeypevfrTL4MJN2k=) 10: qd72DKJaICZWiagHwebWP0vFOJ8.roa (hash: /V0/an8AE34Kq1g8LUh0t2FSys6TP8h7lRi/4uGrR90=) 11: tzdUVDYS3OHwMrXXdtLM-vAaw8M.roa (hash: uF0Li5lv3J1pHIyW/fznYQy0uM8WILwKnjHcwOAJFEM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 28 Mar 2026 10:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:2f:62:77:4e:17:f5:a5:85:1a:fb:87:08:81:71:0f:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94166b704843d3d9754095c83a91b493828200a2 Validity Not Before: Mar 27 13:01:15 2026 GMT Not After : Mar 28 13:01:15 2026 GMT Subject: CN=6edd6da41335947617e313133ac6eff0c65f0d67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:20:03:08:b2:94:90:71:78:88:2d:49:b6:1a: d2:f6:9b:2d:60:0a:d3:57:35:29:7a:ff:e9:11:c3: 03:85:2f:56:1a:93:c0:f1:82:22:7c:d6:75:08:c7: 0d:12:3e:aa:cd:8a:38:38:e2:c0:55:a0:55:6d:f5: 1c:53:94:e7:0c:91:bc:c8:b2:23:33:42:b0:07:9d: 8c:4d:04:04:0e:2f:bc:10:7b:01:af:6c:d6:40:76: 18:b6:29:50:7e:f8:46:40:a3:52:b5:99:f8:66:f7: 10:a1:18:9d:55:91:21:c4:4b:a7:e9:da:92:64:7e: be:77:48:e7:9b:2c:5b:81:a9:0a:84:ec:3f:ec:3c: 00:e0:69:74:b8:19:c9:c8:b7:47:68:b3:27:08:56: 9b:1b:fe:78:1a:59:76:ff:86:40:34:cf:a9:b7:96: 19:2d:b1:73:2e:bd:c4:75:18:3d:72:1e:5a:0c:b0: a1:17:c3:d6:fb:9a:bb:3c:15:56:72:c1:9d:9e:5f: 6d:db:f8:3b:a8:73:ec:4c:38:e1:38:d5:ca:dc:ab: 4c:24:c0:7f:19:e6:b4:af:47:dd:f6:8e:3b:7c:99: 9b:4c:8c:8f:a3:56:fe:9b:00:6d:c5:57:f4:26:27: 85:bb:71:c1:b2:d1:23:97:cc:14:56:85:d9:22:6d: bd:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:DD:6D:A4:13:35:94:76:17:E3:13:13:3A:C6:EF:F0:C6:5F:0D:67 X509v3 Authority Key Identifier: keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:50:51:a0:fd:38:b2:d6:cc:65:28:b8:72:2f:66:dd:b7:0b: 91:cf:a2:04:3b:7c:95:80:e3:98:81:5b:37:f3:60:b3:74:4a: 8c:50:5d:1c:cb:8d:e4:a7:a6:0e:24:0b:2a:8f:4a:c3:ca:af: 70:49:e3:84:dc:41:70:b6:6d:5f:39:3a:5e:78:9d:74:62:70: 73:a8:80:33:34:5a:b7:6b:ad:68:9a:4d:81:d0:1c:88:7a:5b: 8a:d1:d0:98:5a:29:ff:5b:7b:82:95:ec:79:a2:06:0f:a6:97: 3f:ce:e5:b1:09:44:ae:c4:d5:fd:2f:84:8f:63:a0:ae:7d:99: 05:f2:29:6d:d4:ec:79:b6:9f:1d:4b:a0:9c:b1:94:ce:08:3b: ec:02:cb:39:a0:ed:63:14:9c:9d:5b:1a:aa:bc:52:6a:f0:70: 96:ae:26:c3:63:59:26:ff:95:47:4e:b3:af:0d:37:43:fb:b3: 97:46:23:96:6a:5d:73:18:77:02:3c:f5:91:96:3d:51:66:1b: 39:ab:41:bc:b1:21:32:9b:dd:94:ad:93:a9:88:08:48:05:47: f0:be:fd:39:00:a9:48:81:fc:c5:3d:b4:99:26:fe:21:bb:ab: e5:4d:2d:10:a1:b8:7a:fe:fd:64:9f:35:8b:c8:1e:bf:7d:78: 9a:ce:68:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0vYndOF/WlhRr7hwiBcQ8YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4 MjAwYTIwHhcNMjYwMzI3MTMwMTE1WhcNMjYwMzI4MTMwMTE1WjAzMTEwLwYDVQQD Eyg2ZWRkNmRhNDEzMzU5NDc2MTdlMzEzMTMzYWM2ZWZmMGM2NWYwZDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyADCLKUkHF4iC1JthrS9pstYArT VzUpev/pEcMDhS9WGpPA8YIifNZ1CMcNEj6qzYo4OOLAVaBVbfUcU5TnDJG8yLIj M0KwB52MTQQEDi+8EHsBr2zWQHYYtilQfvhGQKNStZn4ZvcQoRidVZEhxEun6dqS ZH6+d0jnmyxbgakKhOw/7DwA4Gl0uBnJyLdHaLMnCFabG/54Gll2/4ZANM+pt5YZ LbFzLr3EdRg9ch5aDLChF8PW+5q7PBVWcsGdnl9t2/g7qHPsTDjhONXK3KtMJMB/ Gea0r0fd9o47fJmbTIyPo1b+mwBtxVf0JieFu3HBstEjl8wUVoXZIm29rQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG7dbaQTNZR2F+MTEzrG7/DGXw1nMB8GA1UdIwQY MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt NGJlMThlZjEyOGI0LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0 LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAClBRoP04 stbMZSi4ci9m3bcLkc+iBDt8lYDjmIFbN/Ngs3RKjFBdHMuN5KemDiQLKo9Kw8qv cEnjhNxBcLZtXzk6XniddGJwc6iAMzRat2utaJpNgdAciHpbitHQmFop/1t7gpXs eaIGD6aXP87lsQlErsTV/S+Ej2Ogrn2ZBfIpbdTsebafHUugnLGUzgg77ALLOaDt YxScnVsaqrxSavBwlq4mw2NZJv+VR06zrw03Q/uzl0Yjlmpdcxh3Ajz1kZY9UWYb OatBvLEhMpvdlK2TqYgISAVH8L79OQCpSIH8xT20mSb+Ibur5U0tEKG4ev79ZJ81 i8gev314ms5oew== -----END CERTIFICATE-----Generated at Fri Mar 27 16:09:57 2026 by rpki-client