$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft File: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft (raw, json) Hash identifier: 98XE38h0dPDg6zMNLMuBgK1bBff8jahWcdf3cN39aoU= Subject key identifier: BF:3F:46:D2:54:88:19:4A:40:32:83:50:D5:2E:AF:F4:E3:AE:EE:13 Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f Certificate serial: 019D0A42F492B5A9AD3539662E61DDC2FE0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft Manifest number: 18A2 Signing time: Fri 20 Mar 2026 08:00:53 +0000 Manifest this update: Fri 20 Mar 2026 08:00:53 +0000 Manifest next update: Sat 21 Mar 2026 08:00:53 +0000 Files and hashes: 1: 0ld9oICrjkM9PiOBYi7PkCMaP7g.roa (hash: 7pPoPeKMxfAld72vWaWuaU3WiGoLWbNKS8HJfbCj2GY=) 2: 1BFQM936y9WGcLJKwy60Wg2ag-8.roa (hash: NTbQFXMY5QSvW0BgWqBt3HeqiX8tXZPRJi0IS+SKq2s=) 3: DT8TXPB7Zoh4Y9JFFdsSZ2RIgLg.roa (hash: cdCtaCnFbbokb4IxB6SbsLXr+yswcQckTbmvZnS/sJA=) 4: H3d0QP653F6Jo-epVSXBiVH1h6k.roa (hash: B2NZF4jz4UwnLzA3KbDxjNp0EF7Qv4Th+B09WImKi2I=) 5: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl (hash: xTIXwxmi31lqLsUz91eJYLF3GQ3Ct+JSz58WwnS4l08=) 6: O2mRnCNeDokP5q-PUWLd28D1SG8.roa (hash: XL7s2EUC28zeBKoJlmCFsu+5IjkYrbxfH3a9YMWon60=) 7: XPPuMgWRNY1QAnjWn2LftTc8cH4.roa (hash: LqWi3Xbli/jxxlx74n8O7L6EJtxaJ1UA0GYHmPMDyEU=) 8: ZRr2QwcqGgt_EOiTtMFoE-lkmow.roa (hash: SIg3ToChfd1+8YW/rxSI4oA419Stw5Sb9StcFL22beM=) 9: dY6eqUD4ykA92I5VKqHmYTX3q88.roa (hash: uvlx5CXBvfA8EWdxrFvclZnKJJH1HmhxtH5z6Fa+fBo=) 10: hCjWTJUhp9C-lxxCdRV4Jwzm4mk.roa (hash: ECwHPN5lxdIugX2ttk1L3l/uci2ps9CeCy1VAcBMeQs=) 11: lERL5Mrj2Bt3hRDr7br_N3d-JkE.roa (hash: /A5fyVRtCeR1gSok1lWq8T+wbRAaNz8PoEuYxSfdZSU=) 12: lWQXyxEJYv9OPJsRSSX1CCPbFb8.roa (hash: qyL/Gv6WkVcsE18337JVKs2VK9z6GTYDQ6GMJ2m3/WQ=) 13: whyP5FxoblHoIHhMTAeqWb1jp8w.roa (hash: a7SodNhSARcbHydA3wymHLN4IRqMOWIhBwT2PU/EoPc=) 14: zd2dqaKa6O4wz9TxJzSxhbKbteU.roa (hash: Sv1+bPBughIj/le0hfMKADppbA91Co/u0NeJGW/Uifs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 21 Mar 2026 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:0a:42:f4:92:b5:a9:ad:35:39:66:2e:61:dd:c2:fe:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f Validity Not Before: Mar 20 08:00:53 2026 GMT Not After : Mar 21 08:00:53 2026 GMT Subject: CN=bf3f46d25488194a40328350d52eaff4e3aeee13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:89:3b:46:c3:64:b7:a4:65:f7:0a:83:14:cf: 5c:ab:21:88:0d:57:6a:c5:a3:4e:94:8a:a1:c9:78: 57:03:c9:47:ca:6b:b3:53:8c:d9:bf:29:96:52:53: d2:88:5f:42:4f:72:57:f1:8c:f7:57:2a:d4:b3:18: 85:77:79:b1:52:0b:0d:bc:64:d2:8b:58:e4:f3:bc: 18:4d:03:31:67:b8:64:6a:3c:73:68:16:c7:71:a4: 48:70:82:4c:9a:72:dc:84:5e:6f:75:05:d8:62:e4: 14:d1:05:7a:9e:ea:11:53:32:0d:e6:5a:b3:6d:51: 50:90:89:81:64:f1:8a:c9:c2:7d:0a:3c:dd:e4:c1: 50:16:a1:66:62:c7:d2:ba:e9:1f:2d:33:e5:1e:ad: a1:8b:e7:8a:83:5c:30:7c:d8:f7:5a:90:fd:88:b6: cb:50:ed:68:89:55:ee:ad:20:1b:c5:d7:0d:de:fc: a7:a7:94:58:a5:12:73:8d:11:50:91:86:2b:12:52: 32:ba:94:f9:e5:b0:e6:66:ba:e3:57:2b:58:18:00: 4d:22:f4:0f:12:24:0e:54:93:a0:31:d9:0b:24:2b: 36:67:89:80:3e:62:01:71:f4:b2:b1:09:39:7a:6d: 31:10:20:32:9e:7f:ca:96:a5:18:c3:0e:9a:e7:af: 02:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:3F:46:D2:54:88:19:4A:40:32:83:50:D5:2E:AF:F4:E3:AE:EE:13 X509v3 Authority Key Identifier: keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:66:8d:f7:eb:91:8c:9d:a6:fc:31:1a:a2:4b:4a:d3:7d:2d: 5c:a5:46:92:9b:cc:36:1b:fc:f7:b2:2d:5f:ab:49:19:98:32: 76:05:45:8f:b8:2d:73:f2:06:09:86:e0:eb:8e:09:87:fc:47: e9:40:f1:ef:5c:ca:da:27:af:2e:a0:18:08:4b:62:62:da:d4: 22:78:f3:8d:4a:d0:5d:16:d2:64:d9:83:0a:a9:1d:cd:41:8d: f9:cb:0f:82:24:89:44:64:58:67:d2:10:2f:c0:31:a6:40:a4: 12:55:01:77:a5:b3:80:16:bd:f8:c1:2a:f0:00:5c:87:a2:97: e8:dc:59:01:8d:93:2d:93:43:2e:d3:69:fd:99:f0:8d:b5:68: 42:53:b2:21:3c:f2:f8:13:52:c6:6e:f5:c0:fe:95:a2:83:a1: 5e:14:2c:cf:4b:31:b2:c3:7d:91:c3:bb:c3:d0:28:e4:4c:d3: 43:16:da:67:f4:cd:f4:c3:8c:95:83:28:55:c6:dd:2f:36:60: 61:d1:67:26:f7:7c:1c:5c:c9:73:9e:7e:2e:de:bc:b1:19:28: eb:99:c1:84:18:cd:f8:4c:bf:ba:84:e3:56:e0:c4:19:c2:10: c5:69:52:4f:69:29:e2:dd:de:c4:86:43:60:be:b4:bc:48:b8: 09:7e:df:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0KQvSStamtNTlmLmHdwv4MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2 NGRlMGYwHhcNMjYwMzIwMDgwMDUzWhcNMjYwMzIxMDgwMDUzWjAzMTEwLwYDVQQD EyhiZjNmNDZkMjU0ODgxOTRhNDAzMjgzNTBkNTJlYWZmNGUzYWVlZTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4k7RsNkt6Rl9wqDFM9cqyGIDVdq xaNOlIqhyXhXA8lHymuzU4zZvymWUlPSiF9CT3JX8Yz3VyrUsxiFd3mxUgsNvGTS i1jk87wYTQMxZ7hkajxzaBbHcaRIcIJMmnLchF5vdQXYYuQU0QV6nuoRUzIN5lqz bVFQkImBZPGKycJ9Cjzd5MFQFqFmYsfSuukfLTPlHq2hi+eKg1wwfNj3WpD9iLbL UO1oiVXurSAbxdcN3vynp5RYpRJzjRFQkYYrElIyupT55bDmZrrjVytYGABNIvQP EiQOVJOgMdkLJCs2Z4mAPmIBcfSysQk5em0xECAynn/KlqUYww6a568CgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL8/RtJUiBlKQDKDUNUur/Tjru4TMB8GA1UdIwQY MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt MTJlYzIyYzljNWEyLzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArmaN9+uR jJ2m/DEaoktK030tXKVGkpvMNhv897ItX6tJGZgydgVFj7gtc/IGCYbg644Jh/xH 6UDx71zK2ievLqAYCEtiYtrUInjzjUrQXRbSZNmDCqkdzUGN+csPgiSJRGRYZ9IQ L8AxpkCkElUBd6WzgBa9+MEq8ABch6KX6NxZAY2TLZNDLtNp/ZnwjbVoQlOyITzy +BNSxm71wP6VooOhXhQsz0sxssN9kcO7w9Ao5EzTQxbaZ/TN9MOMlYMoVcbdLzZg YdFnJvd8HFzJc55+Lt68sRko65nBhBjN+Ey/uoTjVuDEGcIQxWlST2kp4t3exIZD YL60vEi4CX7fEg== -----END CERTIFICATE-----Generated at Fri Mar 20 11:57:47 2026 by rpki-client