$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json) Hash identifier: wNE7hD6kfGn9ytBWZHODnty2tc0j4CSgFna1l8dy3Js= Subject key identifier: AF:8D:FA:05:72:10:1D:43:AB:5D:59:3F:BC:61:8D:86:FE:3B:49:F1 Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019DA754995851387594B4E5FC296B1466B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft Manifest number: 18E1 Signing time: Sun 19 Apr 2026 20:00:32 +0000 Manifest this update: Sun 19 Apr 2026 20:00:32 +0000 Manifest next update: Mon 20 Apr 2026 20:00:32 +0000 Files and hashes: 1: 1-dAYLfzEcuSnLWMiLXXSdIwT4rU.roa (hash: WhA4jtvtbE79AQa3IJODloRRuW4QHZIWAX/A32JL7m4=) 2: GOmV_75Dv1jwn9wiVioc2BSPZTo.roa (hash: pRTwblvRoqzlcA6ZsWJlwN1cr9uhPXOkl31rFqoTMf8=) 3: NklSIVNcNIWeMyDnmkM31BBhz1c.roa (hash: UKSW2BDTyMNTJDzhPRFU+Wzj1R5uLkgmHOPWx5CWEqQ=) 4: W4UHRrBQAt50eiIa0aXkDS2q-jI.roa (hash: wJtHrvfPjqzoQaYOzEJ/TBfUCsO/TaG3P+SEUHqq3Ig=) 5: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: hQgAtQTe1Mc/I13QX4/TTAk3qWQZcdbuRSDC8u4/3Jg=) 6: _5CTbNuX6fLN7jDqdj1oQp0kARc.roa (hash: Ha0LgykvjQP+9qGPn28IFIuJ0yQRLEpHe1bDMbGiuiE=) 7: _YOXL7ZxwGLyAFtXgmbGoGmsxw0.roa (hash: oYcEDHMjBaLjLdS2+cnHZQVD1ORy9f2L160BSTCgJ4c=) 8: itgrIp1NxpdNbAgMEeQKpbEmf5o.roa (hash: Js4lM2igXS9YqpQe0RjS4UXqcJs8/ISJx7M/fH+77eg=) 9: lxIA5T6ig6P82Z6FpI76sa5r9Hk.roa (hash: 3LHUUi612Oq28/k9MVav0SeJK2Lmj7BOxrV2xdjlDis=) 10: szXceV_8JO0f_7ooL6S8iduW9xI.roa (hash: xeJBYCAXDOSNVRxdgWGAZ1ipDc3y7H3KXIsJs1D2FK4=) 11: xnSiVa_Qi8Hl5xGaTydyCAcB4Q4.roa (hash: SWwZIzY753Ls9csZNqAI1seyxm1jJEeEibvAi3lb+6E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Apr 2026 20:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:a7:54:99:58:51:38:75:94:b4:e5:fc:29:6b:14:66:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Apr 19 20:00:32 2026 GMT Not After : Apr 20 20:00:32 2026 GMT Subject: CN=af8dfa0572101d43ab5d593fbc618d86fe3b49f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:da:64:6b:5e:ad:dc:92:9f:fc:53:ad:7e:4a: 94:d7:88:f2:d5:fb:8b:9c:eb:ea:70:72:21:f1:98: ff:83:ef:1a:4d:b4:45:c0:94:6a:1a:d7:16:b1:4b: e7:26:b4:d1:39:c8:3d:59:76:0b:81:77:73:04:28: b2:49:70:63:16:2b:60:64:04:8c:83:f5:58:61:d9: 68:5c:fb:6f:ce:f8:c0:79:be:f5:91:de:ef:c8:b2: 3a:33:d1:bc:c7:04:0c:2e:e1:0a:47:9a:6f:70:c3: c4:f5:73:8f:9b:0b:d7:b5:df:68:79:cf:42:73:db: 78:51:32:fe:f6:d0:49:6a:ba:57:fb:e9:62:bb:cf: 10:30:34:5f:a1:ce:8e:15:90:57:77:62:b6:b0:09: 20:89:9c:64:a8:c1:42:ef:a6:a5:73:a4:e2:63:63: d4:e6:e1:a0:32:3d:e2:90:6d:b5:be:1e:98:48:58: 6c:f0:f7:68:1a:4b:f4:1c:35:b3:95:7b:2e:65:23: 50:32:e0:f1:f2:a4:3d:98:63:0b:9f:d6:5f:40:36: 6b:e9:62:b9:18:c4:3b:ea:9d:f3:63:30:0a:f9:27: a4:c0:77:74:6a:bb:b0:48:3a:97:c2:c7:4b:40:5d: a1:cd:4e:90:53:52:fc:3d:2e:b5:03:af:21:dd:6c: 82:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:8D:FA:05:72:10:1D:43:AB:5D:59:3F:BC:61:8D:86:FE:3B:49:F1 X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:2d:a7:35:9d:4c:2e:cf:4d:47:cf:57:85:47:d8:a2:80:c2: af:43:47:c7:d5:ef:3c:ee:b8:bb:00:29:8c:cb:e0:a3:63:33: 20:b2:51:e0:4e:fa:85:90:87:0b:68:e6:7d:f5:7c:c4:fb:70: d4:34:4b:11:d2:08:9f:e9:26:d1:93:ca:69:a1:01:4b:d2:a7: 5e:c1:40:fc:8c:c2:46:2f:ee:37:4c:2b:1f:5e:df:84:c6:13: 6e:51:c1:09:fb:63:50:2a:05:94:88:f9:3b:b0:53:e0:2f:63: e8:83:a2:b9:c3:28:5d:9e:be:ee:5a:c5:84:65:b5:5d:f7:b0: 51:2a:df:b6:7e:8b:dc:ca:65:69:2d:3e:96:b7:25:72:fd:c8: 6a:a5:f2:0f:e7:76:d4:97:3a:cb:98:7b:6e:a9:04:ff:9f:c8: c9:df:bc:10:a3:5c:a7:91:e3:93:3d:7c:c4:90:ca:39:87:5b: 85:d2:7e:c4:00:55:d0:18:64:1f:c0:fd:8a:c4:d9:86:1c:8a: e1:0e:27:d9:aa:b9:65:7f:65:ac:79:16:c7:89:d3:07:16:af: 54:08:cb:0d:ad:50:d1:a6:9a:18:04:a4:30:20:15:5f:41:c0: 1f:70:57:cb:59:3e:68:db:59:0c:89:32:2b:21:c6:1f:93:4d: 6a:c9:69:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ2nVJlYUTh1lLTl/ClrFGa0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjYwNDE5MjAwMDMyWhcNMjYwNDIwMjAwMDMyWjAzMTEwLwYDVQQD EyhhZjhkZmEwNTcyMTAxZDQzYWI1ZDU5M2ZiYzYxOGQ4NmZlM2I0OWYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptpka16t3JKf/FOtfkqU14jy1fuL nOvqcHIh8Zj/g+8aTbRFwJRqGtcWsUvnJrTROcg9WXYLgXdzBCiySXBjFitgZASM g/VYYdloXPtvzvjAeb71kd7vyLI6M9G8xwQMLuEKR5pvcMPE9XOPmwvXtd9oec9C c9t4UTL+9tBJarpX++liu88QMDRfoc6OFZBXd2K2sAkgiZxkqMFC76alc6TiY2PU 5uGgMj3ikG21vh6YSFhs8PdoGkv0HDWzlXsuZSNQMuDx8qQ9mGMLn9ZfQDZr6WK5 GMQ76p3zYzAK+SekwHd0aruwSDqXwsdLQF2hzU6QU1L8PS61A68h3WyCswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK+N+gVyEB1Dq11ZP7xhjYb+O0nxMB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACy2nNZ1M Ls9NR89XhUfYooDCr0NHx9XvPO64uwApjMvgo2MzILJR4E76hZCHC2jmffV8xPtw 1DRLEdIIn+km0ZPKaaEBS9KnXsFA/IzCRi/uN0wrH17fhMYTblHBCftjUCoFlIj5 O7BT4C9j6IOiucMoXZ6+7lrFhGW1XfewUSrftn6L3MplaS0+lrclcv3IaqXyD+d2 1Jc6y5h7bqkE/5/Iyd+8EKNcp5Hjkz18xJDKOYdbhdJ+xABV0BhkH8D9isTZhhyK 4Q4n2aq5ZX9lrHkWx4nTBxavVAjLDa1Q0aaaGASkMCAVX0HAH3BXy1k+aNtZDIky KyHGH5NNaslpZA== -----END CERTIFICATE-----Generated at Mon Apr 20 03:26:56 2026 by rpki-client