$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft File: pnhXc98xO5FxG_a8WxSezCRrnok.mft (raw, json) Hash identifier: 471SNCQPP0E2F/RPX0lYz/8JDbTyozhnoZoLcn/jxG0= Subject key identifier: 41:41:0D:6D:87:57:DF:CD:43:5B:76:6D:13:CF:84:45:1E:81:F8:DF Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Certificate serial: 019DD49BFC9DA74B0167D41244D242EEB876 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft Manifest number: 16AA Signing time: Tue 28 Apr 2026 15:01:25 +0000 Manifest this update: Tue 28 Apr 2026 15:01:25 +0000 Manifest next update: Wed 29 Apr 2026 15:01:25 +0000 Files and hashes: 1: 3U7B-AnDLcxVr4hQgcRtH3bY-Mc.roa (hash: 3EM7kaqylIIwfXdPOEw0QjuIVj1MmMgs2rs+igLT96s=) 2: C8g7Pi5B0RKpnrlAYnkGNfdVaNI.roa (hash: wxMFCVvSA3tdy7i3OaSOQ9SIAg2wmBIcYz9jkUGPtlk=) 3: Ine_1lLdl47bEMn6aiw9Axcdsgo.roa (hash: S/r8lpXeW/d857boj4AgP81lqUx6Xba1Zs9uDln2Uuk=) 4: L9nqjZgCKM_h4eShTqHdEr9Np6c.roa (hash: m3EOAebEcr3Ec2NVZh7NKfNA+27GisIbFErRrtFBX6k=) 5: MAC77AGiw2eaAoPXZSbuYQ5o9Cc.roa (hash: ghyy8oG2hGKa4y9DRVajZ2XWsgYoOvFgJh6c1yjrEXg=) 6: NanNAKKpriw1xLHpXZYYWO89_ic.roa (hash: vJoNpzNu5goOWjEeID9l0AJGNtpWeDH6gI91uoAnwIk=) 7: O6JDbaslrGOSZKrdtuCBt6ssF94.roa (hash: 8ty72z4beTGAGlxyLGLA0AACx0Qa5f/MkundTg5sepM=) 8: Wvbb_a2COrZy8u2YHT4IAcPCo7A.roa (hash: JCvZpNcLMyYDQVI9nqJFb7h8bZSYYqo2EDX3T4my9ww=) 9: _d125rYs_YgWJE2199BRmZF843k.roa (hash: m5skVkixBC7cNTKqYmRl5Rw3Fyg0ZkEkKEj4MY2KXTY=) 10: dDB5YY9PZuYzIK0czNYk6awWuOU.roa (hash: B1+NRVwOUhTIMmxV8tnE89O/MNjbHirt4Fghn1v7gaE=) 11: jLQvt7xt7c45_vSreDahi9DVpRY.roa (hash: ehpV8kVezAA0EZ6tWKcBeH2QxQBoWNRqgByIZ4i/lv8=) 12: pnhXc98xO5FxG_a8WxSezCRrnok.crl (hash: soF69+DzJUz1UiyO9mNslGS+21aF2D31cPUnQ6Bik5s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 29 Apr 2026 14:21:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:d4:9b:fc:9d:a7:4b:01:67:d4:12:44:d2:42:ee:b8:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89 Validity Not Before: Apr 28 15:01:25 2026 GMT Not After : Apr 29 15:01:25 2026 GMT Subject: CN=41410d6d8757dfcd435b766d13cf84451e81f8df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:be:90:68:71:c6:da:5d:ff:17:b2:cf:a0:fc: f0:1c:92:0c:2d:ff:48:d7:2f:53:bf:f7:65:c4:33: 45:30:56:ae:54:a7:bb:a4:ee:b7:2d:88:6c:42:82: a7:32:23:54:86:ac:95:df:73:9e:82:0d:ea:2d:56: 79:96:b7:0b:76:94:e4:0f:49:a9:20:fd:63:85:28: 67:71:0a:fa:0a:9a:1d:32:49:19:18:a5:fb:ac:bf: e3:47:95:27:06:89:92:29:a4:06:bd:ba:95:cd:d6: 64:92:7b:01:e2:5f:32:50:bd:57:a4:01:c7:6b:54: bc:36:31:58:67:79:ac:a5:a5:a0:5e:c3:8f:4d:5f: 28:4e:ce:b6:8b:c5:09:ca:c9:1e:08:0b:82:c7:4b: c7:74:25:98:7f:bb:b5:8a:5c:9e:61:f5:bb:c4:77: ec:dd:6d:6b:6f:8b:9b:67:80:97:89:b4:80:97:c1: 08:0e:bb:a5:b7:27:4f:35:5e:8d:f4:a8:89:fd:7c: a8:3b:ea:55:74:c8:90:f8:e6:3e:a8:36:fc:a1:a3: 83:e4:a1:40:60:1d:c4:e6:7f:b2:f0:79:b8:60:44: d0:5c:64:ad:e5:73:4a:8f:ef:88:92:83:d4:5d:b9: fc:90:21:1e:39:18:be:f4:6c:86:37:92:37:23:6f: 1f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:41:0D:6D:87:57:DF:CD:43:5B:76:6D:13:CF:84:45:1E:81:F8:DF X509v3 Authority Key Identifier: keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:fd:d1:1e:a4:af:37:aa:27:9e:8c:11:26:1d:59:ec:cf:5e: 5c:e7:08:4b:54:17:95:fd:f4:c8:cb:46:84:8a:46:0a:cf:f6: f2:51:1e:b5:47:49:ca:94:04:cc:27:d5:22:23:41:c7:83:db: 7a:d7:75:b1:d2:aa:4f:3f:20:8a:07:d3:5c:cd:1f:bf:e8:4c: c8:4f:de:27:11:27:98:b6:72:d0:a3:97:c5:0b:9e:90:c5:8d: 0e:1a:af:9b:79:a6:4b:de:db:8a:34:e8:41:e6:e6:90:f1:dc: 6f:7b:c6:54:92:78:d3:ac:93:2c:fe:86:dc:aa:e7:2f:97:34: 56:06:45:ed:fc:4c:0e:55:0c:f0:13:40:2c:70:e1:67:18:7f: 98:76:4e:68:9f:bf:75:d3:c3:13:0f:8c:65:39:f9:a9:bb:df: 02:da:18:fa:c6:ac:f3:07:95:9c:5c:44:12:97:09:f6:6c:63: 6c:63:84:92:5a:d8:0f:75:61:37:37:81:37:02:71:65:df:87: ad:38:f3:a9:05:2f:9c:04:ed:07:6d:bc:1a:fe:6f:ff:03:84: a9:05:68:cc:b0:80:08:47:7b:97:1f:54:35:c3:63:7b:d6:00: d0:3f:3a:a0:62:3a:60:9e:0c:20:9e:d5:1c:d1:05:cf:f3:dd: 82:4f:f4:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3Um/ydp0sBZ9QSRNJC7rh2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2 YjllODkwHhcNMjYwNDI4MTUwMTI1WhcNMjYwNDI5MTUwMTI1WjAzMTEwLwYDVQQD Eyg0MTQxMGQ2ZDg3NTdkZmNkNDM1Yjc2NmQxM2NmODQ0NTFlODFmOGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3L6QaHHG2l3/F7LPoPzwHJIMLf9I 1y9Tv/dlxDNFMFauVKe7pO63LYhsQoKnMiNUhqyV33Oegg3qLVZ5lrcLdpTkD0mp IP1jhShncQr6CpodMkkZGKX7rL/jR5UnBomSKaQGvbqVzdZkknsB4l8yUL1XpAHH a1S8NjFYZ3mspaWgXsOPTV8oTs62i8UJyskeCAuCx0vHdCWYf7u1ilyeYfW7xHfs 3W1rb4ubZ4CXibSAl8EIDrultydPNV6N9KiJ/XyoO+pVdMiQ+OY+qDb8oaOD5KFA YB3E5n+y8Hm4YETQXGSt5XNKj++IkoPUXbn8kCEeORi+9GyGN5I3I28fSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEFBDW2HV9/NQ1t2bRPPhEUegfjfMB8GA1UdIwQY MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt ZDc1ODY5YzBjNzFlLzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEv3RHqSv N6onnowRJh1Z7M9eXOcIS1QXlf30yMtGhIpGCs/28lEetUdJypQEzCfVIiNBx4Pb etd1sdKqTz8gigfTXM0fv+hMyE/eJxEnmLZy0KOXxQuekMWNDhqvm3mmS97bijTo QebmkPHcb3vGVJJ406yTLP6G3KrnL5c0VgZF7fxMDlUM8BNALHDhZxh/mHZOaJ+/ ddPDEw+MZTn5qbvfAtoY+sas8weVnFxEEpcJ9mxjbGOEklrYD3VhNzeBNwJxZd+H rTjzqQUvnATtB228Gv5v/wOEqQVozLCACEd7lx9UNcNje9YA0D86oGI6YJ4MIJ7V HNEFz/Pdgk/0gA== -----END CERTIFICATE-----Generated at Wed Apr 29 00:03:25 2026 by rpki-client