$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft File: OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft (raw, json) Hash identifier: 804M7xCnp41eTmyL4owsYiqdXlkxyusHM6b8QQ4G+YM= Subject key identifier: 84:76:0B:38:7F:E9:0F:85:7D:C2:F9:20:D4:CF:64:F4:C4:A4:CE:84 Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Certificate serial: 019D37525C9BE0FD18196A6E135209B41E13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft Manifest number: 189F Signing time: Sun 29 Mar 2026 02:00:37 +0000 Manifest this update: Sun 29 Mar 2026 02:00:37 +0000 Manifest next update: Mon 30 Mar 2026 02:00:37 +0000 Files and hashes: 1: 1wr8QIeSM3CIv5J7uap933hLaGs.roa (hash: Y6lFO4ooFEDBG8EOKNjhhaIJIuCCzVgscAraR7wX8B4=) 2: 4nJ0h3kxVoLTGLl-KMMdIGNO3U4.roa (hash: yXSTzPv+VSMPQEsmFJQmVgwkS8AYD6u5M83BtbV+VIE=) 3: 5h7nMBydUVPaOlFP-jldFT3enCQ.roa (hash: +rXXd2KMjjrhcbSdyv1pypNJANUYaaOEd90M4umJew8=) 4: EdrkWbcqLRMSNrh6Sa5x5mnTLPc.roa (hash: Fk5tDegQkNWmVnCc3SYJvszlVAARBSOO/qIaE+GvEdY=) 5: FOt64C6RCxN5JGIdYYt0-jp9RJQ.roa (hash: tamHBKuLjpWpXY8LQK286Mn5I3Q0OVkX8D4lvECCpD8=) 6: LTj2PGdyu1TZVch3WwkoLN3benA.roa (hash: 0uIInrnjr5BRMLrYPZ3TlKAb12B+T0z8Pu5nxkwhOwA=) 7: OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl (hash: vsrnBUA56xo4zNITtRkMXLjOfkrTREdlcouyCPG8WKw=) 8: OR9wB6bWiqsZvjqNRRbC11UhrBA.roa (hash: BLhfuTsmrrfMXC8Lx4hjGsCFS5Q2HKcD1UJlTtem6+U=) 9: UJVwk9mntlMFjdR5x6Gz4DwAego.roa (hash: Y9Qzk1ZJNkQeeN5SL4rk7tJNNAoeHg7LXp+c5rv1kJY=) 10: XIxZD227ioGX0cqqVFAINXLyX6Q.roa (hash: sDleWGEf+rrGs4/hbX/4+JTQcRgaaTHiE45KWqHpF+s=) 11: XkdalcQg6hGFzhglm3gQzCnpww4.roa (hash: 8jItQEffXXa+ZvcKZLLyn2RNT/EfLCbVUQe+TOkVNeM=) 12: YWsBcXgsO8gZFuZAgXqc8mQzIPQ.roa (hash: FIq3otCEvunZWYD7V3EpFGXTGzchT90RBkn3PHEPtpE=) 13: fPatpWdNAbZy6ojdptQs2lNi1EE.roa (hash: X9tWk7+bmsyMGDUglxjA0jdRl4uO9c2P7cIjkiKVhfo=) 14: fny2WANL9Kakl_hzClrFytLGIbA.roa (hash: Li0zLoSXMQkOWimSeqYniHU5WmqmT1OGtibQ573h2wE=) 15: lqG4TiS1VcHtRo5hXtYqEofYXQY.roa (hash: lQ0va2Pv+RAccp1R5C/OndWZWgx6m66STBo/DZ6jbSw=) 16: snScws96TnQnAtgCESncYf2cHQI.roa (hash: Rg061AAdsDJTEuVCFaKulmhMa2nYwQQcIJgWuXh/KyU=) 17: zyiTueEsxpcD3PrX5wVtwGJMZ_Y.roa (hash: 7R1f/73J/Qx3gYsQEvvU8YVQZND5dDU9/Elan9+1kYw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 30 Mar 2026 02:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:37:52:5c:9b:e0:fd:18:19:6a:6e:13:52:09:b4:1e:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Validity Not Before: Mar 29 02:00:37 2026 GMT Not After : Mar 30 02:00:37 2026 GMT Subject: CN=84760b387fe90f857dc2f920d4cf64f4c4a4ce84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c9:df:b9:d9:50:6e:e8:6f:20:54:0d:75:51: ed:f1:d9:9a:1d:b4:41:67:d7:dd:db:ca:6d:36:f5: d1:48:58:ef:ca:2f:11:e6:41:db:6d:14:9c:d8:ca: bf:f0:08:a3:68:53:dd:4b:47:a0:cc:cc:53:85:2b: ba:fe:e3:c5:33:4d:bf:cf:0e:a5:8e:3e:f5:ad:33: 08:8f:df:a1:fe:39:f4:ba:69:45:18:bd:70:03:a3: 83:a6:ba:42:11:47:98:64:0a:ba:c0:34:38:ec:12: 27:e7:81:51:4b:97:01:29:48:20:b0:bf:71:c4:ed: ef:bc:3b:f8:df:bc:25:46:b2:88:f7:ed:c8:3a:3d: 09:6a:09:0e:c3:a6:02:31:bf:41:c2:eb:41:29:a7: a8:1f:a6:09:79:9d:d1:c8:db:fa:08:38:84:45:24: 44:3d:57:f0:6b:41:7e:e1:f1:c9:b7:c5:93:8e:6f: 4c:ac:35:4d:b8:0a:91:5a:b8:68:07:98:77:18:ee: b2:f6:15:51:1b:d8:27:09:e9:c8:ca:5a:f8:cc:40: 71:04:96:d1:d4:eb:cf:68:6d:92:c9:94:79:7b:d2: 42:7d:c7:a3:5a:ec:98:3b:a7:48:90:e5:d9:8b:54: f2:c2:bb:f0:d4:47:a7:c0:16:a6:45:9c:e2:c5:1e: e6:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:76:0B:38:7F:E9:0F:85:7D:C2:F9:20:D4:CF:64:F4:C4:A4:CE:84 X509v3 Authority Key Identifier: keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:59:05:7d:5b:6c:6d:ed:5a:e1:d0:44:19:14:12:6c:bb:db: d5:f4:56:71:f1:4a:ee:25:88:9d:19:da:b2:b7:c3:d4:3b:32: f1:6f:77:7a:ef:39:3d:eb:3f:20:f7:39:44:e2:aa:b1:94:41: 4a:aa:10:1e:d5:62:a3:c8:23:52:7a:84:fc:ef:e9:44:ca:f1: 3b:df:26:31:1b:07:d4:eb:85:25:6a:99:0b:44:17:f6:3d:20: 5d:38:35:8b:78:92:83:79:d4:e2:31:35:f4:26:ed:89:a1:52: af:b0:3e:0e:99:b7:68:00:de:8d:27:20:8d:8b:e5:f7:f3:8f: 6b:17:55:7d:ae:f2:68:a8:0a:a1:a0:5d:e1:42:52:9d:6d:e6: 85:0b:76:bc:c2:43:77:eb:4a:4d:3b:e1:50:55:b5:13:e5:32: 2e:8e:1f:7b:b5:85:37:21:37:4d:f5:a0:62:cb:25:15:fa:c5: d2:2c:9a:b4:56:d5:f0:68:6b:07:f8:2e:09:81:82:41:ff:a9: a6:d4:23:3b:e5:0d:4b:fa:5e:f7:c4:a3:59:57:e2:1c:fe:1d: 31:7a:9c:7e:64:8a:98:c8:a7:9a:64:4c:cf:92:58:3b:0f:59: 45:be:17:a5:f2:d9:43:f8:f6:6e:76:1e:4c:35:3b:87:30:26: 56:04:41:e5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ03Ulyb4P0YGWpuE1IJtB4TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm OGNiZDgwHhcNMjYwMzI5MDIwMDM3WhcNMjYwMzMwMDIwMDM3WjAzMTEwLwYDVQQD Eyg4NDc2MGIzODdmZTkwZjg1N2RjMmY5MjBkNGNmNjRmNGM0YTRjZTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocnfudlQbuhvIFQNdVHt8dmaHbRB Z9fd28ptNvXRSFjvyi8R5kHbbRSc2Mq/8AijaFPdS0egzMxThSu6/uPFM02/zw6l jj71rTMIj9+h/jn0umlFGL1wA6ODprpCEUeYZAq6wDQ47BIn54FRS5cBKUggsL9x xO3vvDv437wlRrKI9+3IOj0JagkOw6YCMb9BwutBKaeoH6YJeZ3RyNv6CDiERSRE PVfwa0F+4fHJt8WTjm9MrDVNuAqRWrhoB5h3GO6y9hVRG9gnCenIylr4zEBxBJbR 1OvPaG2SyZR5e9JCfcejWuyYO6dIkOXZi1Tywrvw1EenwBamRZzixR7mAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIR2Czh/6Q+FfcL5INTPZPTEpM6EMB8GA1UdIwQY MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt NjA5YTQ4YjJiMTRkLzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnlkFfVts be1a4dBEGRQSbLvb1fRWcfFK7iWInRnasrfD1Dsy8W93eu85Pes/IPc5ROKqsZRB SqoQHtVio8gjUnqE/O/pRMrxO98mMRsH1OuFJWqZC0QX9j0gXTg1i3iSg3nU4jE1 9CbtiaFSr7A+Dpm3aADejScgjYvl9/OPaxdVfa7yaKgKoaBd4UJSnW3mhQt2vMJD d+tKTTvhUFW1E+UyLo4fe7WFNyE3TfWgYsslFfrF0iyatFbV8GhrB/guCYGCQf+p ptQjO+UNS/pe98SjWVfiHP4dMXqcfmSKmMinmmRMz5JYOw9ZRb4XpfLZQ/j2bnYe TDU7hzAmVgRB5Q== -----END CERTIFICATE-----Generated at Sun Mar 29 12:36:08 2026 by rpki-client