$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft File: ER1oFDdScdGjy9EhVdsR0r1BqNM.mft (raw, json) Hash identifier: XYeCERG6QdfN7Q6u7Q1BNlL5RckQiIUjqxzskSMb/Ow= Subject key identifier: 2C:7E:CC:6F:A9:CE:B3:D6:20:6C:9D:53:2F:19:E6:B0:79:53:CE:60 Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3 Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3 Certificate serial: 019DD019C7D3802C10C959853836D92CC783 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft Manifest number: 17A3 Signing time: Mon 27 Apr 2026 18:00:43 +0000 Manifest this update: Mon 27 Apr 2026 18:00:43 +0000 Manifest next update: Tue 28 Apr 2026 18:00:43 +0000 Files and hashes: 1: 8ZTbVFN88ElJOvnxpynWkBywvcU.roa (hash: Zi7aMmYsFeMT6y4m/OMRvzAw9FlwVPNAsEeEWMyssQs=) 2: 9gyIdfYx-vxaH69AuzYIu8sS7ec.roa (hash: vsh4e/kwYxBt1mO0Ld2w2nU9VsbUvL0v+cSn3CZdKv4=) 3: D4HmthbydYoqExoa56VFIbe7J5A.roa (hash: 1gmVpoixHN/Zn+8HJ6YdrukA3JeRxcEeBWZ/2aGh+ps=) 4: DKZJyriLpkX0P03xQILHD2FwZEo.roa (hash: x6vx2AQsWgf7sMGXLXxiRwrb7PArAVgKRPBlJd4ah10=) 5: ER1oFDdScdGjy9EhVdsR0r1BqNM.crl (hash: p5rx22wiHXKaDT/LU6nH2RA3uAb/GXhVmWHlB22wvOM=) 6: HRwCntz8pHEtM7UJXh-KwEbXi3w.roa (hash: CKUDXMyXov9Gbf/ygH+HewYMwNtReJO+UQotN2JyBXQ=) 7: Haim4aY9ShmCS1epcJRa3-rRRmM.roa (hash: AQeMZQUR+w1eyhT+kYpVEnNYoo0tXgoBt1LUUZT+/W4=) 8: Ka2f0_rG4AuXnvi8TQgXMBJzKOE.roa (hash: HTLBGDTB6awokEWRy6DjReQvfOLjCmwPODXPDvHGn+A=) 9: LdJkopqk4m9ubmHzk4T29FnhG7o.roa (hash: Qx8FwqyP4Rxw7vIMwqfqa4V2zeYK7+dz+yeOugc8QVI=) 10: S3K9bo4j9NjF6L9mhwIsz-LYyHg.roa (hash: FX7C0FNczXeRPZms4zyJ1OukTZNK4zd0GhG7vBTsBvg=) 11: UWgtqXah3liJx-awsYUK3XIS54c.roa (hash: nisX/PCjG49hPGc2ySAUn3J0MxV+pv8+T78d4GdNMSs=) 12: _d7ohj2Ako_tiSFSE9-jnGs0uoI.roa (hash: mf32LDbJ2Su5F5H62P0/F/PId5oq7GFGgkD8WKRwmPw=) 13: f5svUnEK1n30wRVLtixbJDS7pZM.roa (hash: sILbepz7GhK0jGMQ48sIN5LBYx9eYZB9voFGWkXvx60=) 14: iK87eJg7y-_rcG1D3z4FzaXgRNE.roa (hash: uVYEVS9koySJoZQhAK0q3w5qAE9/nwHY2ro0Er3WEZY=) 15: mcS4SdpuWVbabfdpCB_tOwct_TA.roa (hash: hcfOoUJHvls1DL90VCIcUIUdeQTL2YjVgbYPY6TdJAA=) 16: nXrADfBP6wNtRforv4w6KFdo1Ns.roa (hash: PAoowx6zHYeOj9TxBp8LwY6JFAj6/p0gXZ/G0XMc/dg=) 17: tDoaGy6SLh3swARR-izxiYVQMmU.roa (hash: lZCnqmwKcNoIj9hNP0txhfT3ExuUcH8dWLkUpGjDKzc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 28 Apr 2026 17:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:d0:19:c7:d3:80:2c:10:c9:59:85:38:36:d9:2c:c7:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3 Validity Not Before: Apr 27 18:00:43 2026 GMT Not After : Apr 28 18:00:43 2026 GMT Subject: CN=2c7ecc6fa9ceb3d6206c9d532f19e6b07953ce60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ff:4d:c8:a4:d6:16:bf:3d:99:7e:5b:58:f6: df:bd:63:1a:7d:f1:ac:05:d6:38:4f:fb:6f:ec:cd: da:6d:2c:7d:e1:02:63:bb:ff:77:db:fc:e0:31:6d: 21:29:ac:ea:41:c9:fc:57:b0:e9:94:a4:83:35:45: 0a:b5:cc:27:c3:e6:8a:1f:b1:b3:40:fe:48:5d:a8: b5:f8:07:d2:1e:fd:ee:00:b6:1f:74:05:41:5e:ac: 91:6f:46:08:73:f1:a0:f4:4d:0b:66:4c:e1:c6:16: ef:ef:94:92:52:a1:17:15:3b:10:51:8e:ed:84:38: 60:a5:09:d2:08:53:22:ab:55:8a:25:f6:96:20:75: 71:67:47:db:7f:54:cc:65:0a:20:17:86:02:59:8c: 38:9d:aa:61:9f:01:7e:7e:91:55:61:d3:26:0d:a0: de:9c:34:79:3b:6a:c3:5b:79:50:19:ff:ca:17:f2: f9:25:29:78:51:ac:df:ef:30:5f:b9:ce:6a:34:24: fd:f0:99:80:fb:7f:83:69:d2:af:d0:63:81:52:6c: 21:fa:2f:b3:06:0f:6c:47:47:b6:63:19:dd:74:43: c1:9b:28:ef:e0:70:a3:07:c5:dd:f4:47:ee:56:c9: 35:e5:15:0a:4b:8c:ae:ac:86:16:5e:34:7c:f2:75: e4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:7E:CC:6F:A9:CE:B3:D6:20:6C:9D:53:2F:19:E6:B0:79:53:CE:60 X509v3 Authority Key Identifier: keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:33:d3:0f:a8:42:34:58:6f:a5:7b:a9:0c:4e:22:53:42:ce: 3a:45:be:db:e4:8a:89:a5:e6:d8:13:bc:ce:ed:e2:3c:d9:5d: fa:f8:a0:17:a0:92:7d:c4:08:de:59:73:5d:1b:91:f6:00:b1: fc:10:12:62:a3:26:6a:94:ce:b5:f4:67:f6:e9:79:0c:20:a2: c4:80:d9:3b:b3:27:d9:6c:c4:c7:cd:1d:ed:d1:2d:93:cc:5c: ed:e8:34:c4:ab:8a:21:f4:3c:aa:11:32:17:67:14:ee:b2:06: d7:b6:22:1b:c9:30:1f:55:9b:3d:df:79:9c:37:c0:1b:f6:e7: 4c:08:0b:53:2a:15:8b:5a:7a:d7:58:66:9b:ed:4f:3d:42:25: 2f:6e:75:2f:24:a1:ec:7f:79:12:f0:63:81:64:1a:d5:79:e8: b1:62:f3:64:4c:3f:46:73:72:d1:88:4f:5b:57:d4:aa:85:18: 15:f9:59:fa:bf:42:66:16:0c:50:52:2a:df:37:52:64:1d:a1: 49:f6:c2:4e:76:67:03:26:d6:2d:df:c3:d5:6e:4d:90:00:bf: 8a:46:45:2f:96:5a:93:93:b6:23:24:6c:a7:99:3b:f6:af:f1: a7:7b:1d:78:9e:19:bf:7d:ac:ba:8f:fe:95:91:8e:41:ce:10: 85:0c:6c:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ3QGcfTgCwQyVmFODbZLMeDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0 MWE4ZDMwHhcNMjYwNDI3MTgwMDQzWhcNMjYwNDI4MTgwMDQzWjAzMTEwLwYDVQQD EygyYzdlY2M2ZmE5Y2ViM2Q2MjA2YzlkNTMyZjE5ZTZiMDc5NTNjZTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv9NyKTWFr89mX5bWPbfvWMaffGs BdY4T/tv7M3abSx94QJju/932/zgMW0hKazqQcn8V7DplKSDNUUKtcwnw+aKH7Gz QP5IXai1+AfSHv3uALYfdAVBXqyRb0YIc/Gg9E0LZkzhxhbv75SSUqEXFTsQUY7t hDhgpQnSCFMiq1WKJfaWIHVxZ0fbf1TMZQogF4YCWYw4naphnwF+fpFVYdMmDaDe nDR5O2rDW3lQGf/KF/L5JSl4Uazf7zBfuc5qNCT98JmA+3+DadKv0GOBUmwh+i+z Bg9sR0e2YxnddEPBmyjv4HCjB8Xd9EfuVsk15RUKS4yurIYWXjR88nXk4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCx+zG+pzrPWIGydUy8Z5rB5U85gMB8GA1UdIwQY MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt MjcxZDI1ZTIwNTc0LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0 LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtDPTD6hC NFhvpXupDE4iU0LOOkW+2+SKiaXm2BO8zu3iPNld+vigF6CSfcQI3llzXRuR9gCx /BASYqMmapTOtfRn9ul5DCCixIDZO7Mn2WzEx80d7dEtk8xc7eg0xKuKIfQ8qhEy F2cU7rIG17YiG8kwH1WbPd95nDfAG/bnTAgLUyoVi1p611hmm+1PPUIlL251LySh 7H95EvBjgWQa1XnosWLzZEw/RnNy0YhPW1fUqoUYFflZ+r9CZhYMUFIq3zdSZB2h SfbCTnZnAybWLd/D1W5NkAC/ikZFL5Zak5O2IyRsp5k79q/xp3sdeJ4Zv32suo/+ lZGOQc4QhQxsuQ== -----END CERTIFICATE-----Generated at Mon Apr 27 20:12:59 2026 by rpki-client