$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft File: IqXYQFPisMMTrx47pRAkZqX3lng.mft (raw, json) Hash identifier: gKVjKUAAtudSRkdrNNm0/yF1sM5MqAUyy2BAEma9Nww= Subject key identifier: 41:E2:4B:A2:22:E4:FB:CA:92:78:D2:D1:ED:89:7C:19:41:9F:0B:27 Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78 Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678 Certificate serial: 019DCFD6B1C7BBC0180C556366E63E015351 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft Manifest number: 0C0F Signing time: Mon 27 Apr 2026 16:47:27 +0000 Manifest this update: Mon 27 Apr 2026 16:47:27 +0000 Manifest next update: Tue 28 Apr 2026 16:47:27 +0000 Files and hashes: 1: 1-Y24DkHX_YS8BQf944IXH_5kays.roa (hash: +VJRpnj8CgCWOeIl5a7z0P70ihS3i/FmFwSi/9utCPo=) 2: IY-cX-MNALu4IC_OTud7vyl-LrA.roa (hash: EREk8HtkB+3C+caNH7Ch6KSJNkDCyci86tLaep5Ej3s=) 3: IqXYQFPisMMTrx47pRAkZqX3lng.crl (hash: MtDfbhTkMruMv7QailquyIEBPoAqNLNDEJL4Xv/ZfBU=) 4: KSxgyXQgmuvgD3hsIbjoWlYRqkk.roa (hash: MfPYx4d8dGraW1R0Aep23IPqwadZP9+eAkLv5cmiWoM=) 5: M6wnPrDmWw7o372pn664G-6XMUM.roa (hash: vz3Xt9QAg5obB1AHMtVF5JrXwk6u3qtnMl8SakINxdQ=) 6: _25UfYuLERvQd7ERXXNW_sly9Oo.roa (hash: mce8PC+zpkQB3aka/bSBor9uJVmt1ZEupgGD8nmRstI=) 7: _6RAmWnPpmERwBYNK-TrrE7oVIA.roa (hash: aa7qoUpTL/t8ummAI7ryHIK1nARbf8cHlGEdf+aw+Hs=) 8: cnvwLGbVEITaoX8cDVSNQAcxcqk.roa (hash: HW2ZpeT6aGnIzGKKy1byADe7gS6Pw3jj7fdnL63L26E=) 9: gr17UYbRi7cQ6eQ9EyDF-CuJIp4.roa (hash: NAQ/vI5+2VgZpVpsxQmGoZaiAZnJI/pT7XEYYA4d1IM=) 10: mwE7644yuRyikfXfTRLC6TQjC0w.roa (hash: KcHRogBcTVnQMGjCpBXC4Xr5iRWrDOZmEHuY1S/TOXA=) 11: rYBbbZbaSpYI3VsNcTxJfCny0P8.roa (hash: dXyRGY+rTBPSQJnVZHUIy5ttKRmSJde9WkRmwq0FUYE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Apr 2026 14:27:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:cf:d6:b1:c7:bb:c0:18:0c:55:63:66:e6:3e:01:53:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678 Validity Not Before: Apr 27 16:47:27 2026 GMT Not After : Apr 28 16:47:27 2026 GMT Subject: CN=41e24ba222e4fbca9278d2d1ed897c19419f0b27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:77:78:ea:3b:14:5e:74:46:88:0a:0a:15:27: 2e:8d:72:66:59:02:d3:75:d0:d7:7e:a0:32:bd:5f: f0:d2:e9:9f:a1:3c:ae:ad:d9:fb:84:2e:8b:53:e2: c0:d1:d0:62:f9:c1:98:08:ce:1a:0c:56:26:63:c3: 90:7b:7a:1d:2d:f1:e0:0e:4a:cb:d7:d2:84:57:99: f4:98:ef:e1:af:85:38:a8:51:02:bc:8b:da:d0:34: 3d:df:50:8e:c5:ef:0d:dd:a2:00:83:ec:67:76:7e: e8:cf:08:2b:02:59:36:f8:42:2d:1a:79:60:9b:94: 31:7b:36:3e:62:8f:f2:4d:52:75:9e:41:a2:a7:0d: cb:c4:5b:f6:76:8a:1a:f1:da:a2:29:0a:17:2a:63: 01:db:fd:9a:99:a3:b2:b4:cb:9a:f1:8e:7c:8a:d9: d4:fb:04:c2:71:f7:e7:25:d8:7c:08:c7:6d:e6:5d: 41:5f:2a:82:e4:55:05:80:17:7c:f2:50:16:c8:29: b2:e9:ee:e6:23:2c:46:93:fb:3c:80:6a:c9:c8:d4: 61:3b:46:0b:3d:8a:fe:ec:31:84:44:f3:9f:e0:2d: 4f:47:ff:d5:c1:c8:21:2b:51:8c:8e:29:b3:85:86: 93:d8:19:13:04:d2:c1:68:30:cf:08:f0:98:4d:dd: 2d:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:E2:4B:A2:22:E4:FB:CA:92:78:D2:D1:ED:89:7C:19:41:9F:0B:27 X509v3 Authority Key Identifier: keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:2b:d7:a8:e0:cb:f1:1c:0c:7c:23:d8:43:81:53:5d:e3:c4: 75:4f:3a:d3:fb:1f:03:c0:84:e3:63:06:9d:39:ef:58:06:6a: a1:31:4e:81:bf:80:bd:f8:48:66:f7:7f:60:46:8f:49:23:63: 75:83:b6:11:7a:1d:1a:4b:c9:8b:22:e7:16:10:d6:a9:df:dd: c0:5b:25:90:e0:2c:a2:24:18:0b:c1:5f:d5:9e:c0:25:82:ff: 55:ad:b4:b4:aa:c7:29:9f:da:aa:0c:6d:56:50:1d:ca:ca:40: 46:17:e8:bb:35:02:bb:29:6b:a4:c8:d2:95:1f:e9:f3:75:36: e6:d7:bc:3e:1b:a5:02:1d:eb:cb:c5:1e:60:a5:aa:9e:ef:11: 1e:1b:4e:e2:8a:e5:41:6f:0d:e8:44:6d:35:bb:72:8f:67:47: 8e:5d:e5:9a:c1:c6:c4:2b:ff:29:6b:3b:99:ac:c6:5d:76:e4: 73:d2:a6:95:e0:d4:c8:7f:17:c0:56:6c:0d:a0:69:12:04:02: b9:59:8d:9c:77:e0:e0:3a:47:f2:b5:0c:10:92:33:3b:93:e1: 18:90:7d:0f:25:f1:25:82:e1:f6:ba:23:4d:70:87:a4:ae:6e: 6a:c7:d2:1b:15:34:5a:33:49:b4:d2:a2:c8:01:b8:6d:f3:19: 62:9b:10:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3P1rHHu8AYDFVjZuY+AVNRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm Nzk2NzgwHhcNMjYwNDI3MTY0NzI3WhcNMjYwNDI4MTY0NzI3WjAzMTEwLwYDVQQD Eyg0MWUyNGJhMjIyZTRmYmNhOTI3OGQyZDFlZDg5N2MxOTQxOWYwYjI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnd46jsUXnRGiAoKFScujXJmWQLT ddDXfqAyvV/w0umfoTyurdn7hC6LU+LA0dBi+cGYCM4aDFYmY8OQe3odLfHgDkrL 19KEV5n0mO/hr4U4qFECvIva0DQ931COxe8N3aIAg+xndn7ozwgrAlk2+EItGnlg m5QxezY+Yo/yTVJ1nkGipw3LxFv2dooa8dqiKQoXKmMB2/2amaOytMua8Y58itnU +wTCcffnJdh8CMdt5l1BXyqC5FUFgBd88lAWyCmy6e7mIyxGk/s8gGrJyNRhO0YL PYr+7DGERPOf4C1PR//VwcghK1GMjimzhYaT2BkTBNLBaDDPCPCYTd0twwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEHiS6Ii5PvKknjS0e2JfBlBnwsnMB8GA1UdIwQY MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt NTkxY2FmNTM2ZWNjLzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUSvXqODL 8RwMfCPYQ4FTXePEdU860/sfA8CE42MGnTnvWAZqoTFOgb+AvfhIZvd/YEaPSSNj dYO2EXodGkvJiyLnFhDWqd/dwFslkOAsoiQYC8Ff1Z7AJYL/Va20tKrHKZ/aqgxt VlAdyspARhfouzUCuylrpMjSlR/p83U25te8PhulAh3ry8UeYKWqnu8RHhtO4orl QW8N6ERtNbtyj2dHjl3lmsHGxCv/KWs7mazGXXbkc9KmleDUyH8XwFZsDaBpEgQC uVmNnHfg4DpH8rUMEJIzO5PhGJB9DyXxJYLh9rojTXCHpK5uasfSGxU0WjNJtNKi yAG4bfMZYpsQaw== -----END CERTIFICATE-----Generated at Mon Apr 27 19:05:25 2026 by rpki-client