Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: 1ogl8X3Cz5/+nXEqw18m6PPzMf6XyagchQ3pcqxYOhU=
Subject key identifier: 54:0C:09:CA:6B:96:DF:15:9A:85:89:27:E3:ED:50:6A:72:C0:F7:3A
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 0199C569F87D3DD54FD340FE28148DEDD1AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0A23
Signing time: Wed 08 Oct 2025 20:01:20 +0000
Manifest this update: Wed 08 Oct 2025 20:01:20 +0000
Manifest next update: Thu 09 Oct 2025 20:01:20 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: 8ejgOCWVYS4OYn2EVwDm5nl+OHgWPy/NNZvzoKWTGi4=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c5:69:f8:7d:3d:d5:4f:d3:40:fe:28:14:8d:ed:d1:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Oct 8 20:01:20 2025 GMT
Not After : Oct 9 20:01:20 2025 GMT
Subject: CN=540c09ca6b96df159a858927e3ed506a72c0f73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3c:50:02:84:f5:16:dc:2a:e7:ea:27:5f:b2:
bc:39:c0:c4:5e:bb:3d:0e:c5:78:7c:a2:f4:0e:f0:
e3:e9:30:25:d6:c9:00:31:06:fa:14:e7:7a:de:05:
ff:c9:78:34:d9:87:fb:28:8c:ad:78:fe:87:da:79:
37:1b:84:71:3f:80:91:18:13:f9:23:51:0d:fd:25:
1a:dc:3a:d0:29:b6:f8:4d:e1:6e:c2:13:14:6b:d0:
87:04:1c:88:b4:c5:27:6a:f8:d5:21:67:cf:08:81:
a2:a4:44:88:a7:fb:a1:9d:f0:14:87:4c:5b:00:f5:
cc:96:67:7c:92:8a:c1:ce:5e:04:0e:df:a8:8c:f5:
26:7c:ad:87:08:e5:c8:80:e4:92:da:da:26:64:d6:
6e:da:53:f0:e8:2b:40:c6:41:40:b1:67:7c:02:b6:
fd:70:13:59:e2:1d:1e:43:c2:c1:61:e7:70:e2:18:
ed:f0:d4:9e:74:98:3e:7e:4a:57:3c:d4:20:3e:25:
7b:46:f8:16:56:23:67:14:22:82:b7:94:f6:02:91:
43:b2:6c:4a:98:fc:ce:61:d5:25:8d:54:99:f8:f8:
8f:a6:6a:9c:ae:07:6d:cd:f6:b2:c3:c6:ec:a4:0f:
07:85:76:8d:fb:b1:7d:fa:eb:7f:38:02:6c:2a:09:
4e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:0C:09:CA:6B:96:DF:15:9A:85:89:27:E3:ED:50:6A:72:C0:F7:3A
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:78:b6:35:93:18:ec:9c:ef:51:1c:ae:d9:3e:06:89:9d:9b:
3c:e7:7a:dd:62:61:bf:ea:91:fb:4b:ff:8f:60:d9:d4:34:8c:
d6:69:9b:02:ac:49:0f:c7:40:22:94:84:bc:dc:6d:2a:dc:78:
aa:01:62:35:bf:61:70:4a:98:0d:2c:71:bd:6c:9e:da:38:45:
ee:23:40:d8:22:14:af:e5:3f:1c:eb:19:e9:f7:4a:63:6b:bf:
d1:db:ec:74:4d:b1:fc:d1:09:c8:0c:ac:cb:b9:b0:ac:bf:16:
8a:23:79:d9:2f:9c:2b:01:5d:10:57:31:ff:2f:2f:3b:33:d2:
51:74:18:a2:e0:13:f7:09:48:d7:9e:6d:48:51:02:2d:57:1d:
54:2a:81:61:f6:e4:df:f3:09:1a:32:e2:65:0a:25:b8:fb:b7:
f0:84:c1:71:c4:5f:fa:65:02:bd:f2:ef:3f:1d:dd:74:a3:6b:
7b:13:67:26:57:91:86:48:a9:08:2e:e4:54:5a:cd:ac:e8:87:
28:bb:1a:9e:88:c9:c4:2c:88:a0:cf:b7:27:84:f0:4d:31:be:
9d:5e:03:91:c9:c2:52:d4:0f:25:07:fd:70:39:d1:be:3f:e1:
ca:b9:30:1b:ad:7b:5f:ab:0a:e8:66:dc:ed:c8:eb:8e:cf:8e:
05:99:6a:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZnFafh9PdVP00D+KBSN7dGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUxMDA4MjAwMTIwWhcNMjUxMDA5MjAwMTIwWjAzMTEwLwYDVQQD
Eyg1NDBjMDljYTZiOTZkZjE1OWE4NTg5MjdlM2VkNTA2YTcyYzBmNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jxQAoT1Ftwq5+onX7K8OcDEXrs9
DsV4fKL0DvDj6TAl1skAMQb6FOd63gX/yXg02Yf7KIyteP6H2nk3G4RxP4CRGBP5
I1EN/SUa3DrQKbb4TeFuwhMUa9CHBByItMUnavjVIWfPCIGipESIp/uhnfAUh0xb
APXMlmd8korBzl4EDt+ojPUmfK2HCOXIgOSS2tomZNZu2lPw6CtAxkFAsWd8Arb9
cBNZ4h0eQ8LBYedw4hjt8NSedJg+fkpXPNQgPiV7RvgWViNnFCKCt5T2ApFDsmxK
mPzOYdUljVSZ+PiPpmqcrgdtzfayw8bspA8HhXaN+7F9+ut/OAJsKglOswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQMCcprlt8VmoWJJ+PtUGpywPc6MB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqXi2NZMY
7JzvURyu2T4GiZ2bPOd63WJhv+qR+0v/j2DZ1DSM1mmbAqxJD8dAIpSEvNxtKtx4
qgFiNb9hcEqYDSxxvWye2jhF7iNA2CIUr+U/HOsZ6fdKY2u/0dvsdE2x/NEJyAys
y7mwrL8WiiN52S+cKwFdEFcx/y8vOzPSUXQYouAT9wlI155tSFECLVcdVCqBYfbk
3/MJGjLiZQoluPu38ITBccRf+mUCvfLvPx3ddKNrexNnJleRhkipCC7kVFrNrOiH
KLsanojJxCyIoM+3J4TwTTG+nV4DkcnCUtQPJQf9cDnRvj/hyrkwG617X6sK6Gbc
7cjrjs+OBZlq9g==
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:25:21 2025 by rpki-client