$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft File: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft (raw, json) Hash identifier: ietOb9Js9fNEn3JZcd1ArqvQF7/RZxjNduUmfJ2ybxI= Subject key identifier: B8:A6:C8:19:E8:5A:F1:B9:8C:96:83:F7:D3:64:AF:03:BA:87:83:2E Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f Certificate serial: 019D0854976D0C167C3F16DB4D014E89DBB4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft Manifest number: 18A1 Signing time: Thu 19 Mar 2026 23:00:54 +0000 Manifest this update: Thu 19 Mar 2026 23:00:54 +0000 Manifest next update: Fri 20 Mar 2026 23:00:54 +0000 Files and hashes: 1: 0ld9oICrjkM9PiOBYi7PkCMaP7g.roa (hash: 7pPoPeKMxfAld72vWaWuaU3WiGoLWbNKS8HJfbCj2GY=) 2: 1BFQM936y9WGcLJKwy60Wg2ag-8.roa (hash: NTbQFXMY5QSvW0BgWqBt3HeqiX8tXZPRJi0IS+SKq2s=) 3: DT8TXPB7Zoh4Y9JFFdsSZ2RIgLg.roa (hash: cdCtaCnFbbokb4IxB6SbsLXr+yswcQckTbmvZnS/sJA=) 4: H3d0QP653F6Jo-epVSXBiVH1h6k.roa (hash: B2NZF4jz4UwnLzA3KbDxjNp0EF7Qv4Th+B09WImKi2I=) 5: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl (hash: tn3qZ2jkpst/w/GBZUuJxkJdMxZz4TIJlwLZT3qRWA0=) 6: O2mRnCNeDokP5q-PUWLd28D1SG8.roa (hash: XL7s2EUC28zeBKoJlmCFsu+5IjkYrbxfH3a9YMWon60=) 7: XPPuMgWRNY1QAnjWn2LftTc8cH4.roa (hash: LqWi3Xbli/jxxlx74n8O7L6EJtxaJ1UA0GYHmPMDyEU=) 8: ZRr2QwcqGgt_EOiTtMFoE-lkmow.roa (hash: SIg3ToChfd1+8YW/rxSI4oA419Stw5Sb9StcFL22beM=) 9: dY6eqUD4ykA92I5VKqHmYTX3q88.roa (hash: uvlx5CXBvfA8EWdxrFvclZnKJJH1HmhxtH5z6Fa+fBo=) 10: hCjWTJUhp9C-lxxCdRV4Jwzm4mk.roa (hash: ECwHPN5lxdIugX2ttk1L3l/uci2ps9CeCy1VAcBMeQs=) 11: lERL5Mrj2Bt3hRDr7br_N3d-JkE.roa (hash: /A5fyVRtCeR1gSok1lWq8T+wbRAaNz8PoEuYxSfdZSU=) 12: lWQXyxEJYv9OPJsRSSX1CCPbFb8.roa (hash: qyL/Gv6WkVcsE18337JVKs2VK9z6GTYDQ6GMJ2m3/WQ=) 13: whyP5FxoblHoIHhMTAeqWb1jp8w.roa (hash: a7SodNhSARcbHydA3wymHLN4IRqMOWIhBwT2PU/EoPc=) 14: zd2dqaKa6O4wz9TxJzSxhbKbteU.roa (hash: Sv1+bPBughIj/le0hfMKADppbA91Co/u0NeJGW/Uifs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 20 Mar 2026 23:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:08:54:97:6d:0c:16:7c:3f:16:db:4d:01:4e:89:db:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f Validity Not Before: Mar 19 23:00:54 2026 GMT Not After : Mar 20 23:00:54 2026 GMT Subject: CN=b8a6c819e85af1b98c9683f7d364af03ba87832e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d0:d4:1c:01:bb:f7:5b:e7:2d:f6:e5:bd:3d: eb:f2:df:9e:58:8c:d1:10:c8:7d:c7:8c:21:34:b3: 29:a2:d9:e3:e9:10:9c:39:00:30:d3:58:cc:e8:fc: 60:79:2b:20:7c:8c:2d:45:c8:3c:0c:71:20:cc:b4: 46:37:98:36:5e:e5:fc:f5:49:87:35:a7:01:e8:a1: b1:92:14:e5:a3:c3:e9:97:8a:b6:0f:16:8f:30:76: 6f:d8:1a:4f:e1:9d:60:af:14:ad:d0:67:4b:d9:a5: 91:34:62:62:3a:1b:8e:2a:12:bf:9a:bd:a3:7f:a0: 0a:d4:fb:42:28:7b:a4:8f:66:5b:aa:6b:f2:c5:79: bd:89:d4:75:d9:cf:eb:20:cc:a4:f9:b5:91:b1:85: 47:56:d6:8c:0d:c3:e6:35:af:84:a7:83:7c:8a:e2: a1:41:43:3d:e4:00:46:5f:70:d4:e0:de:72:47:e7: 5e:54:1c:67:17:3d:1a:34:31:e2:3b:3e:99:59:19: 26:bd:97:9f:1b:d6:11:b0:bf:59:49:87:2e:8a:25: e0:45:f6:60:43:92:1f:1a:bf:56:db:63:d7:a7:d7: 24:2d:4f:a1:e4:76:b9:48:a6:43:b6:e9:c0:bd:9c: 1c:2c:53:37:e6:5b:1e:92:48:02:c6:dc:e7:5d:38: b2:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:A6:C8:19:E8:5A:F1:B9:8C:96:83:F7:D3:64:AF:03:BA:87:83:2E X509v3 Authority Key Identifier: keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:47:e8:b7:e6:1f:36:87:dd:c7:1b:59:39:c1:78:dc:88:ed: 25:d2:a3:96:77:18:5e:ab:12:9d:78:32:1c:bd:28:c9:22:31: 58:59:9c:03:93:00:5b:bf:5b:1d:0a:95:35:c3:d0:b0:eb:22: ef:f2:ca:bb:ac:bf:b6:e5:31:68:2e:de:27:38:fc:7e:cd:71: eb:9d:15:f8:c0:38:c1:d5:b5:7d:b0:84:01:4b:53:54:c4:b1: 8a:ad:71:91:15:e7:6c:a0:dc:dd:5a:84:eb:f1:5a:fe:50:8b: d8:24:24:a1:ae:91:3c:ab:86:66:89:03:b8:6c:6b:47:43:6f: 80:c4:57:d6:be:f1:97:d5:34:2c:6f:67:cc:ba:61:fa:16:df: 7a:12:0f:53:48:e4:13:e1:ab:8e:59:56:e2:a4:4a:b5:fa:98: f7:2e:c1:29:c3:bc:a2:35:0d:b4:86:ce:2a:2a:57:20:41:f9: 17:1a:2f:8d:c8:e1:3b:1e:60:2b:fe:e5:81:8d:80:1d:bb:46: 57:06:b1:7f:97:f7:ce:81:53:72:f3:6b:f8:d6:1f:12:40:d9: be:3d:e2:8a:b3:3b:e5:b4:fc:4c:0e:ba:c9:44:b2:58:8c:e0: 53:c5:f0:2f:83:8f:05:35:c7:e1:2d:cb:5f:ea:76:43:0a:97: 95:28:54:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0IVJdtDBZ8PxbbTQFOidu0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2 NGRlMGYwHhcNMjYwMzE5MjMwMDU0WhcNMjYwMzIwMjMwMDU0WjAzMTEwLwYDVQQD EyhiOGE2YzgxOWU4NWFmMWI5OGM5NjgzZjdkMzY0YWYwM2JhODc4MzJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9DUHAG791vnLfblvT3r8t+eWIzR EMh9x4whNLMpotnj6RCcOQAw01jM6PxgeSsgfIwtRcg8DHEgzLRGN5g2XuX89UmH NacB6KGxkhTlo8Ppl4q2DxaPMHZv2BpP4Z1grxSt0GdL2aWRNGJiOhuOKhK/mr2j f6AK1PtCKHukj2ZbqmvyxXm9idR12c/rIMyk+bWRsYVHVtaMDcPmNa+Ep4N8iuKh QUM95ABGX3DU4N5yR+deVBxnFz0aNDHiOz6ZWRkmvZefG9YRsL9ZSYcuiiXgRfZg Q5IfGr9W22PXp9ckLU+h5Ha5SKZDtunAvZwcLFM35lsekkgCxtznXTiyNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLimyBnoWvG5jJaD99NkrwO6h4MuMB8GA1UdIwQY MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt MTJlYzIyYzljNWEyLzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACUfot+Yf NofdxxtZOcF43IjtJdKjlncYXqsSnXgyHL0oySIxWFmcA5MAW79bHQqVNcPQsOsi 7/LKu6y/tuUxaC7eJzj8fs1x650V+MA4wdW1fbCEAUtTVMSxiq1xkRXnbKDc3VqE 6/Fa/lCL2CQkoa6RPKuGZokDuGxrR0NvgMRX1r7xl9U0LG9nzLph+hbfehIPU0jk E+GrjllW4qRKtfqY9y7BKcO8ojUNtIbOKipXIEH5FxovjcjhOx5gK/7lgY2AHbtG Vwaxf5f3zoFTcvNr+NYfEkDZvj3iirM75bT8TA66yUSyWIzgU8XwL4OPBTXH4S3L X+p2QwqXlShUYQ== -----END CERTIFICATE-----Generated at Fri Mar 20 09:55:42 2026 by rpki-client