$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: c96wYlYtN9q1J0gGZBuAlajmjMBEnZ0a7JrHGKxcggA= Subject key identifier: DB:27:BE:59:1C:FE:C6:FF:75:62:C2:B0:67:04:C7:F5:E4:65:8F:F5 Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019DCE62A217B9035CA98193C6F0DF12A60A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 0BA9 Signing time: Mon 27 Apr 2026 10:01:03 +0000 Manifest this update: Mon 27 Apr 2026 10:01:03 +0000 Manifest next update: Tue 28 Apr 2026 10:01:03 +0000 Files and hashes: 1: 3JNAFPmuRusA7_P1cHUrpNc8ZWQ.roa (hash: zKy+aXsrA8Z978tqaQi0ynXqJW9mllBBtqQYt4mz8gc=) 2: 3eP-ZYKR74zQteZxg-jYK68KuKU.roa (hash: rI+Q6O08EYSoWZw7Ks588qVsTWbvSuHUC1dp2GQPsEg=) 3: Px4XmExl2QONyqSP6s8-qLoIeoI.roa (hash: reA0XoIHBbZsGAjNzRWT9dW+9757Ms5dgcUGYfnrDi8=) 4: SY0oaouPknTSy2MmGqSQOcOco4Q.roa (hash: HRxdYO/Iechw+UCcupxpKvFHOwFwn4JRjC6eMfFT/dQ=) 5: TQgAk-kjCmuvz2eqWr757vit-aI.roa (hash: lmDr2ZoodOyQIYq1JnmRLGHdUSfi5+BCh4SAfh571Mk=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: QVKRZBwd9CiYeiJ22PyFCmdxn2XGrZc8iEqiNKqqkm4=) 7: b4bnSjrxkGqwlr0zkoxcOijmFkc.roa (hash: fQuLS072q+zjmBm2EgGlUmemoEePNKD15HIZM6Eyfw4=) 8: cwwhcNpzOg_pmBszouIx8h2CHRU.roa (hash: vBJrQQ0ItgE86n69h/fkj396ErwZyqxGCsEUUVNAzdI=) 9: hlAbpQnKYaIDHrjCT-1lNBwSXu0.roa (hash: BILz2oAMGgMF6vZP6W3jaxaaHIODVkHC+m/GaL33QlM=) 10: kPZtrooPlOyF8jQupuEU9Gy1bJQ.roa (hash: KtcI+6F6qPHzsOZYQ0EOD+pODuibLz2OAgS4M/a6Aq4=) 11: oLlQgePRk9yvcOlL0Fl_a56u9H4.roa (hash: Wqock9cGRbZPQGtCkafIuYZm7FqajUuA17fJ83OGRks=) 12: otDdauzK1pDpIELnjnezw5Wgbks.roa (hash: PkYGbseDQrN+XnOme6deJeEpgE/JFmyzszNd7IeDEBs=) 13: qPI1ggc-eoyI91LAejwAAyCD3rI.roa (hash: tWlcYblK/ohLjpwsq6RKKOq9sGO2SDlm/NJl1KT1Ji8=) 14: qyLbFsRIe8Jd6sG2DI_BiTtP7io.roa (hash: yTz+vrd5+uJTzoZ6RiYw+CeRxkudUElCAIqfmUpkz54=) 15: rQn2WRp_5UNupaC6UAipqauzOpI.roa (hash: V779a6mTTAXptosRzFipPRD6TSrcHWeP9YRr7LrdpBM=) 16: vMyjTCsIRe0V7qqYSqRKgQhGULM.roa (hash: V42mkCmxs+ZvZ6Tmc6moy5eFcyohGVGWyhDhVpPXGok=) 17: xp9MuE3K7E-Sb2HgnwhKc3yErto.roa (hash: 9FJKEkYOHXVi/GiMh+ZQtwPZthuSJbC+u80wUEZ5uBo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Apr 2026 10:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:ce:62:a2:17:b9:03:5c:a9:81:93:c6:f0:df:12:a6:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Apr 27 10:01:03 2026 GMT Not After : Apr 28 10:01:03 2026 GMT Subject: CN=db27be591cfec6ff7562c2b06704c7f5e4658ff5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9d:9b:74:0a:c0:a2:1d:0d:b4:66:e3:79:93: cf:31:c7:a1:ef:5d:8f:9c:df:71:c4:45:41:56:b2: e3:84:e0:31:66:0f:7c:5c:63:79:fa:25:ec:ef:22: 19:ea:dc:aa:91:c5:fd:2e:03:f3:53:b4:bc:6f:b6: d1:21:7b:12:7a:71:a0:8c:0e:18:2f:bd:e1:6a:77: 7f:f2:5d:fb:45:48:27:f0:dd:a8:03:63:a5:8d:86: 59:db:bc:c6:63:a5:38:d5:25:87:43:29:01:18:6d: 40:dc:12:60:09:da:cd:7d:11:a6:b0:24:bd:1d:11: f3:36:0d:aa:7f:4f:cb:ab:1b:9f:77:f7:66:1f:c4: e1:b5:b0:a3:fd:e2:ef:07:37:06:45:bc:cc:da:d1: f2:0b:b0:fc:88:35:c7:3f:ef:fa:a0:08:c3:4e:58: 79:c3:73:08:ed:27:97:e8:4c:51:f3:8f:9f:82:0e: 85:12:7e:c9:cc:51:2b:7b:08:ca:99:21:29:ac:dd: 81:98:90:8b:4c:26:b7:8f:29:c7:da:b0:d5:17:cb: 91:7d:5d:17:98:99:71:38:21:4d:92:b6:f7:46:aa: c3:45:1b:52:ed:36:bb:78:8e:b2:4e:ed:36:63:2f: 6b:b4:cf:f5:43:6e:87:20:e2:30:2a:8f:15:16:06: fe:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:27:BE:59:1C:FE:C6:FF:75:62:C2:B0:67:04:C7:F5:E4:65:8F:F5 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:b4:f1:09:74:82:9a:78:42:b6:d0:1e:05:7c:2b:2c:5b:f5: 77:53:37:1b:83:47:fd:a4:00:1f:05:f8:66:0c:6d:f2:7b:d2: ed:2a:95:c2:a5:16:bc:79:72:f8:f0:cb:6b:35:2b:2f:55:64: 59:29:0b:42:30:f0:42:a3:bb:d8:6f:b8:06:e3:38:aa:4a:70: d1:28:5b:1b:11:71:59:fe:69:06:c2:8b:a8:8b:a6:45:6e:c3: c1:80:e8:b5:d5:96:d1:c5:be:50:b9:c7:41:c0:31:a5:03:d2: 0f:7b:3d:26:91:94:78:f9:2d:91:29:4b:55:79:66:09:ff:98: 6b:a1:48:b6:8a:0c:3d:25:9f:be:db:bc:a8:29:b8:56:77:39: ed:02:d0:8a:ce:51:5b:ad:00:1c:2c:d0:9c:e9:ab:e5:22:4e: eb:5c:1b:62:7b:8d:7e:47:8c:49:c4:b3:2c:0c:79:c1:5a:3d: 5d:c6:76:20:c6:0a:39:66:46:2c:1b:48:6e:48:e7:f1:de:f7: d7:09:af:4c:d6:13:31:2e:69:de:d2:1a:54:f9:8a:ab:cf:d8: 21:e4:cc:db:84:83:83:ed:02:ba:2e:f8:3d:5e:43:b6:1f:41: db:25:1c:a3:5f:b2:4c:2b:49:fa:72:68:f9:84:1b:74:9c:70: 17:fc:85:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3OYqIXuQNcqYGTxvDfEqYKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjYwNDI3MTAwMTAzWhcNMjYwNDI4MTAwMTAzWjAzMTEwLwYDVQQD EyhkYjI3YmU1OTFjZmVjNmZmNzU2MmMyYjA2NzA0YzdmNWU0NjU4ZmY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq52bdArAoh0NtGbjeZPPMceh712P nN9xxEVBVrLjhOAxZg98XGN5+iXs7yIZ6tyqkcX9LgPzU7S8b7bRIXsSenGgjA4Y L73hand/8l37RUgn8N2oA2OljYZZ27zGY6U41SWHQykBGG1A3BJgCdrNfRGmsCS9 HRHzNg2qf0/Lqxufd/dmH8ThtbCj/eLvBzcGRbzM2tHyC7D8iDXHP+/6oAjDTlh5 w3MI7SeX6ExR84+fgg6FEn7JzFErewjKmSEprN2BmJCLTCa3jynH2rDVF8uRfV0X mJlxOCFNkrb3RqrDRRtS7Ta7eI6yTu02Yy9rtM/1Q26HIOIwKo8VFgb+2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNsnvlkc/sb/dWLCsGcEx/XkZY/1MB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcbTxCXSC mnhCttAeBXwrLFv1d1M3G4NH/aQAHwX4Zgxt8nvS7SqVwqUWvHly+PDLazUrL1Vk WSkLQjDwQqO72G+4BuM4qkpw0ShbGxFxWf5pBsKLqIumRW7DwYDotdWW0cW+ULnH QcAxpQPSD3s9JpGUePktkSlLVXlmCf+Ya6FItooMPSWfvtu8qCm4Vnc57QLQis5R W60AHCzQnOmr5SJO61wbYnuNfkeMScSzLAx5wVo9XcZ2IMYKOWZGLBtIbkjn8d73 1wmvTNYTMS5p3tIaVPmKq8/YIeTM24SDg+0Cui74PV5Dth9B2yUco1+yTCtJ+nJo +YQbdJxwF/yFjg== -----END CERTIFICATE-----Generated at Mon Apr 27 18:36:35 2026 by rpki-client