$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft File: bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft (raw, json) Hash identifier: FBky5Y+qVJ+Qr3kQomObDnKRmJkzpvkpnOz3iSpBA9w= Subject key identifier: 85:3A:44:DF:82:4F:40:95:99:7B:D6:A5:F4:CC:BB:03:5E:86:96:17 Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29 Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129 Certificate serial: 019DCED0C129FCB9433EF6403F2E844B8002 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft Manifest number: 1964 Signing time: Mon 27 Apr 2026 12:01:20 +0000 Manifest this update: Mon 27 Apr 2026 12:01:20 +0000 Manifest next update: Tue 28 Apr 2026 12:01:20 +0000 Files and hashes: 1: TjYcJALyGbmW-x31ry7QsUvdQtQ.roa (hash: knhLPKVdJjwTBCuKiy0BNSL8TQGPgiu2tFYYWRO2204=) 2: baEkayAg80jmYDBU-ExaHSLpuaI.roa (hash: nAErtQy9uElHFQjfJS5ckQ4epiwL6hvpsQEYN9BEeqw=) 3: bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl (hash: AgUIuLMR+2/Zn8uYd9s5fRX0DgOXkqW5TAhz4ADp5Go=) 4: cGs3UaDvGLQ1Q_TQpZAPaINt4Es.roa (hash: W7uHnT9KoPvCIjHy/wyMQaAb03AUeFyxBB7Do1XvIvI=) 5: ebSZBecc7df92SgP59-y12trz8Y.roa (hash: eWLHCXv7jbIrxX4dZcu1pV/1wCL3MzIiRwN/vf2jitQ=) 6: nmGtGkrhBfqxDaqozTHEU7woU_8.roa (hash: myNlScXFtUNhqDOYxLDED2mEeSRwem2M2mluAw2qbGU=) 7: oRALtbh2nuCRd23sDYqfy35X5z0.roa (hash: jC6NP1kM59PVY3etFPE/j9NV0XqouvnOb2E4RPSGrX4=) 8: pI2S2lg5Mevtnr1gNuhTMLXlTZk.roa (hash: 5cp4WqQX2Fq4/2gG8NNXNJQnzkTkhV+uz8kgPR8ik8M=) 9: pUi-gLSXqZ0JaQPDBRSSYpMiavg.roa (hash: BVbd5i0a2oHy3QrO+gV4ifjJEQxi06QcvV9UBgsyx9E=) 10: rWySjgHmxws3lM6jmie75S8CDBw.roa (hash: At0oBHsNt1VyqDJTW3hMzgCfUrv9SJ/hPxisShjHIa0=) 11: yYjK6TLqyOsG3tmiBYFMP1Aoexg.roa (hash: 3ZWyZKdoBkHem28rqJLRhRuGSLJ2oX1IHJZHOWmP0p0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Apr 2026 12:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:ce:d0:c1:29:fc:b9:43:3e:f6:40:3f:2e:84:4b:80:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129 Validity Not Before: Apr 27 12:01:20 2026 GMT Not After : Apr 28 12:01:20 2026 GMT Subject: CN=853a44df824f4095997bd6a5f4ccbb035e869617 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:fe:2e:19:fa:d2:56:3e:7e:1a:12:c7:da:3d: 0a:f3:05:c5:71:a7:24:ae:ff:e9:22:df:a5:62:6a: 53:81:d7:08:53:ff:c6:73:e9:a8:bf:01:94:c7:0e: a5:bd:a2:b1:72:6d:37:9b:d5:74:00:e6:c9:07:fa: 2a:92:f4:a4:11:52:16:0a:c8:79:a4:58:4a:cd:ee: b6:c5:2e:fe:37:9c:a2:19:10:0c:f3:ac:45:65:82: 5a:62:52:a0:89:ad:5f:f2:94:8f:9e:ff:06:cc:fa: c7:b2:7f:68:ae:71:2f:68:89:4c:1e:63:24:d5:a7: 47:55:9f:5b:6c:a4:14:3d:86:78:0f:5f:e3:fb:b1: 9b:ee:06:4b:81:d7:f5:c5:1c:ea:b9:32:3a:13:c8: 71:56:59:04:23:e6:84:04:12:87:78:31:6c:46:6d: a5:f2:47:de:01:c5:83:54:f4:e0:b9:91:bd:4a:d0: 19:08:ef:0d:03:d5:aa:49:9b:38:03:d6:f1:11:37: 28:a3:9f:50:8d:46:18:a1:2a:24:1f:7f:b9:6f:7c: 6b:2d:d6:e7:ff:d7:3f:df:3f:1a:47:c1:33:56:9d: f9:95:50:dd:e9:b2:a0:a1:6d:cb:80:8f:a9:5f:ce: 13:7c:75:cb:3e:61:26:fa:37:b8:84:2f:b7:cf:11: 62:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:3A:44:DF:82:4F:40:95:99:7B:D6:A5:F4:CC:BB:03:5E:86:96:17 X509v3 Authority Key Identifier: keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:f7:58:39:12:85:04:c8:d4:48:03:ea:72:02:67:f2:a6:17: a1:b4:d6:57:89:25:d1:45:5e:6b:f4:69:11:5f:9c:30:8f:91: 90:72:84:85:ad:8c:75:f3:1b:f4:cc:be:17:a6:c1:3f:63:5e: 36:2e:64:41:7a:9a:a4:95:e5:19:e5:c9:06:9d:86:bd:06:cf: e5:d3:c7:d4:48:19:b8:68:e8:95:58:5b:2a:b7:1d:81:37:87: 20:10:3b:9a:bb:fe:da:57:30:3b:6b:e4:a4:6f:1d:7f:b6:93: b0:7f:b9:ec:9c:b8:b6:b2:be:42:30:b5:a0:ec:87:7a:2c:5d: c8:27:0b:b6:2b:79:c8:27:a8:17:23:e0:7e:a5:ad:49:2e:27: f9:a9:d9:a5:7e:22:a0:83:8c:ba:24:a3:7d:13:64:80:09:51: 2d:ad:de:55:c8:b0:a8:47:2d:64:ab:d9:1d:f5:b6:6c:e6:d8: d3:0e:a5:93:6d:ec:77:f6:d6:8f:4e:3f:18:2b:a6:29:2a:53: 4c:51:54:0d:11:04:8f:44:1e:90:f7:91:0d:7c:5b:5f:f0:fd: e1:2c:f6:b6:85:c9:75:38:94:b8:4d:59:47:f5:09:e0:60:79: 80:3f:df:28:85:23:6e:36:a2:2f:d8:9b:82:2f:e1:f7:fe:d7: f4:97:57:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3O0MEp/LlDPvZAPy6ES4ACMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0 YjUxMjkwHhcNMjYwNDI3MTIwMTIwWhcNMjYwNDI4MTIwMTIwWjAzMTEwLwYDVQQD Eyg4NTNhNDRkZjgyNGY0MDk1OTk3YmQ2YTVmNGNjYmIwMzVlODY5NjE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0v4uGfrSVj5+GhLH2j0K8wXFcack rv/pIt+lYmpTgdcIU//Gc+movwGUxw6lvaKxcm03m9V0AObJB/oqkvSkEVIWCsh5 pFhKze62xS7+N5yiGRAM86xFZYJaYlKgia1f8pSPnv8GzPrHsn9ornEvaIlMHmMk 1adHVZ9bbKQUPYZ4D1/j+7Gb7gZLgdf1xRzquTI6E8hxVlkEI+aEBBKHeDFsRm2l 8kfeAcWDVPTguZG9StAZCO8NA9WqSZs4A9bxETcoo59QjUYYoSokH3+5b3xrLdbn /9c/3z8aR8EzVp35lVDd6bKgoW3LgI+pX84TfHXLPmEm+je4hC+3zxFidwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIU6RN+CT0CVmXvWpfTMuwNehpYXMB8GA1UdIwQY MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt YmYzYjIxYTI3MGYyLzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/dYORKF BMjUSAPqcgJn8qYXobTWV4kl0UVea/RpEV+cMI+RkHKEha2MdfMb9My+F6bBP2Ne Ni5kQXqapJXlGeXJBp2GvQbP5dPH1EgZuGjolVhbKrcdgTeHIBA7mrv+2lcwO2vk pG8df7aTsH+57Jy4trK+QjC1oOyHeixdyCcLtit5yCeoFyPgfqWtSS4n+anZpX4i oIOMuiSjfRNkgAlRLa3eVciwqEctZKvZHfW2bObY0w6lk23sd/bWj04/GCumKSpT TFFUDREEj0QekPeRDXxbX/D94Sz2toXJdTiUuE1ZR/UJ4GB5gD/fKIUjbjaiL9ib gi/h9/7X9JdXnQ== -----END CERTIFICATE-----Generated at Mon Apr 27 18:39:57 2026 by rpki-client