$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json) Hash identifier: ryM1Eedz3MmC2mBnURL5w5yfrGPp8rg3ftFEMI/vUj8= Subject key identifier: 01:E7:93:28:89:48:78:80:67:5D:44:9A:3B:FB:92:DC:F2:F6:BF:58 Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019E8F132D1A47D591A80ED886960407CEF0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft Manifest number: 1959 Signing time: Wed 03 Jun 2026 20:00:59 +0000 Manifest this update: Wed 03 Jun 2026 20:00:59 +0000 Manifest next update: Thu 04 Jun 2026 20:00:59 +0000 Files and hashes: 1: 1-dAYLfzEcuSnLWMiLXXSdIwT4rU.roa (hash: WhA4jtvtbE79AQa3IJODloRRuW4QHZIWAX/A32JL7m4=) 2: GOmV_75Dv1jwn9wiVioc2BSPZTo.roa (hash: pRTwblvRoqzlcA6ZsWJlwN1cr9uhPXOkl31rFqoTMf8=) 3: NklSIVNcNIWeMyDnmkM31BBhz1c.roa (hash: UKSW2BDTyMNTJDzhPRFU+Wzj1R5uLkgmHOPWx5CWEqQ=) 4: W4UHRrBQAt50eiIa0aXkDS2q-jI.roa (hash: wJtHrvfPjqzoQaYOzEJ/TBfUCsO/TaG3P+SEUHqq3Ig=) 5: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: eKly0kQlUrGsLDfne2tszU1TmVwLgG/ior5IS0K4kg0=) 6: _5CTbNuX6fLN7jDqdj1oQp0kARc.roa (hash: Ha0LgykvjQP+9qGPn28IFIuJ0yQRLEpHe1bDMbGiuiE=) 7: _YOXL7ZxwGLyAFtXgmbGoGmsxw0.roa (hash: oYcEDHMjBaLjLdS2+cnHZQVD1ORy9f2L160BSTCgJ4c=) 8: itgrIp1NxpdNbAgMEeQKpbEmf5o.roa (hash: Js4lM2igXS9YqpQe0RjS4UXqcJs8/ISJx7M/fH+77eg=) 9: lxIA5T6ig6P82Z6FpI76sa5r9Hk.roa (hash: 3LHUUi612Oq28/k9MVav0SeJK2Lmj7BOxrV2xdjlDis=) 10: szXceV_8JO0f_7ooL6S8iduW9xI.roa (hash: xeJBYCAXDOSNVRxdgWGAZ1ipDc3y7H3KXIsJs1D2FK4=) 11: xnSiVa_Qi8Hl5xGaTydyCAcB4Q4.roa (hash: SWwZIzY753Ls9csZNqAI1seyxm1jJEeEibvAi3lb+6E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Jun 2026 20:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9e:8f:13:2d:1a:47:d5:91:a8:0e:d8:86:96:04:07:ce:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Jun 3 20:00:59 2026 GMT Not After : Jun 4 20:00:59 2026 GMT Subject: CN=01e7932889487880675d449a3bfb92dcf2f6bf58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:1e:c5:a7:c5:54:e7:0f:0d:fc:61:fd:cc:b6: e5:94:bc:ef:e6:c2:47:20:0b:48:87:7a:25:27:f1: a9:02:61:68:76:9a:b7:a1:69:e9:ce:c2:53:16:49: 16:14:39:12:48:9a:f5:70:f7:e2:dd:f0:d2:71:19: f3:b1:fd:ca:c5:6b:20:7f:a9:fe:c6:be:fd:45:98: fa:bf:da:c3:7f:cb:ed:0f:42:31:97:17:8f:52:8c: 0f:07:4b:3d:1e:58:58:2a:55:70:19:cf:7b:b2:be: d5:ae:65:47:c9:99:18:e9:41:17:51:9f:dc:c2:ab: 3f:45:23:90:1b:b9:06:7c:d3:71:27:69:ab:70:8c: 1d:00:a6:4e:c3:ff:ec:2d:c5:77:11:9a:76:d4:82: 92:2d:f8:fb:af:c8:fb:97:e9:63:e6:c7:63:df:43: 68:d1:9d:42:0c:b5:f3:18:ff:a6:17:59:53:ff:c0: 90:7a:11:cb:ec:d6:75:53:a0:3d:c8:21:a2:84:68: ee:28:c3:88:50:4f:2b:1c:81:7e:9e:5f:ef:50:f1: bc:43:ba:c6:58:21:ef:87:81:02:42:73:31:cc:f0: 18:f1:09:75:1f:0d:3c:66:c9:92:57:04:92:43:6c: 2b:46:15:b6:51:18:7b:c8:80:6d:56:ae:87:8b:8d: 09:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:E7:93:28:89:48:78:80:67:5D:44:9A:3B:FB:92:DC:F2:F6:BF:58 X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:ca:ae:28:57:1b:25:38:03:45:c0:9b:7e:b1:b7:42:90:eb: e0:88:93:22:c5:55:a2:27:33:43:0b:16:de:98:a7:3c:f7:48: 15:05:df:b7:f8:7c:b5:60:c6:06:60:cd:76:70:0e:20:1b:ed: 4d:3a:02:f2:1d:4e:99:42:a2:46:91:54:b1:b7:14:84:d2:f3: 41:90:0f:4d:33:2b:c1:b3:b2:47:69:eb:73:ee:4a:32:f3:cc: 55:3b:97:fa:c9:1a:3e:d6:ac:7b:32:6f:bc:b4:63:26:5b:4b: 41:7a:40:a0:74:e5:3d:ff:ea:7b:c2:d4:88:9d:aa:d1:44:0c: d8:2f:44:9d:9a:9e:a0:46:4c:22:86:96:8d:b4:15:59:c0:07: 15:83:9e:70:6f:a6:cf:38:ae:d1:f9:6b:b5:cc:c4:ba:84:b2: e8:55:0c:ce:c6:6f:87:f4:3c:52:c9:db:04:a3:7e:96:9e:ce: 95:24:bf:4e:dc:84:3e:67:bb:30:04:ec:9e:e3:a0:79:f2:32: e5:e0:93:97:68:4f:74:5b:4c:fd:57:27:33:14:b9:a7:31:4a: a7:21:7e:d2:bf:81:84:eb:53:d6:d0:43:1b:14:fc:72:8c:ba: 71:d0:d9:5f:3f:56:6c:af:74:ca:3b:4c:6d:02:c2:83:06:77: 37:cd:8c:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ6PEy0aR9WRqA7YhpYEB87wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjYwNjAzMjAwMDU5WhcNMjYwNjA0MjAwMDU5WjAzMTEwLwYDVQQD EygwMWU3OTMyODg5NDg3ODgwNjc1ZDQ0OWEzYmZiOTJkY2YyZjZiZjU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB7Fp8VU5w8N/GH9zLbllLzv5sJH IAtIh3olJ/GpAmFodpq3oWnpzsJTFkkWFDkSSJr1cPfi3fDScRnzsf3KxWsgf6n+ xr79RZj6v9rDf8vtD0IxlxePUowPB0s9HlhYKlVwGc97sr7VrmVHyZkY6UEXUZ/c wqs/RSOQG7kGfNNxJ2mrcIwdAKZOw//sLcV3EZp21IKSLfj7r8j7l+lj5sdj30No 0Z1CDLXzGP+mF1lT/8CQehHL7NZ1U6A9yCGihGjuKMOIUE8rHIF+nl/vUPG8Q7rG WCHvh4ECQnMxzPAY8Ql1Hw08ZsmSVwSSQ2wrRhW2URh7yIBtVq6Hi40JuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAHnkyiJSHiAZ11Emjv7ktzy9r9YMB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq8quKFcb JTgDRcCbfrG3QpDr4IiTIsVVoiczQwsW3pinPPdIFQXft/h8tWDGBmDNdnAOIBvt TToC8h1OmUKiRpFUsbcUhNLzQZAPTTMrwbOyR2nrc+5KMvPMVTuX+skaPtasezJv vLRjJltLQXpAoHTlPf/qe8LUiJ2q0UQM2C9EnZqeoEZMIoaWjbQVWcAHFYOecG+m zziu0flrtczEuoSy6FUMzsZvh/Q8UsnbBKN+lp7OlSS/TtyEPme7MATsnuOgefIy 5eCTl2hPdFtM/VcnMxS5pzFKpyF+0r+BhOtT1tBDGxT8coy6cdDZXz9WbK90yjtM bQLCgwZ3N82MLw== -----END CERTIFICATE-----Generated at Thu Jun 4 05:17:46 2026 by rpki-client