Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: B1iHjXi749qbbeOOxSIdGgEEq79mKU5DhJQbUQLBKPM=
Subject key identifier: C9:38:94:88:5D:EC:52:A7:7B:0E:B6:FB:44:14:2B:AA:8E:99:C2:E8
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019E4F585705C6D52E8C7763CD7A5B29718D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0C7D
Signing time: Fri 22 May 2026 11:00:49 +0000
Manifest this update: Fri 22 May 2026 11:00:49 +0000
Manifest next update: Sat 23 May 2026 11:00:49 +0000
Files and hashes: 1: A_5M0CfXYUUC_BjsX_wFA_AapkY.roa (hash: UxtCMoKmpdBbD3cNYjI3Iakd8mHfIDVh+Sc1KrYzV8A=)
2: QTj2rWtF102-zkq4FB91dVQDunM.roa (hash: 1lI8W4TaqEFSyMRF8rItgY5NGvTzSeJ9vEchB5jfowo=)
3: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: Mc2gOrz/WNxwEubmlp6yPv76MIcp1tvP4MSIjg0QPfM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:58:57:05:c6:d5:2e:8c:77:63:cd:7a:5b:29:71:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: May 22 11:00:49 2026 GMT
Not After : May 23 11:00:49 2026 GMT
Subject: CN=c93894885dec52a77b0eb6fb44142baa8e99c2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:68:60:1b:8a:e6:ad:5d:29:18:46:fe:b1:5f:
3f:14:65:f6:7b:2c:5b:ac:0c:a6:2f:d6:46:19:e7:
56:f3:68:bb:fa:f5:c7:70:82:db:16:1d:f1:19:2f:
56:bb:0d:4d:79:f5:48:5d:bd:cf:08:74:d4:20:ec:
84:7d:cc:03:ff:77:9f:28:27:56:46:83:dd:66:a2:
c1:75:7a:e8:6d:fe:74:f8:36:13:27:ed:0b:34:f6:
e0:26:12:79:39:2a:88:e4:19:43:18:55:7a:a9:7e:
eb:6f:0f:73:fa:60:db:54:84:6d:ca:8f:86:fb:c9:
f3:1d:70:19:18:8d:54:55:f7:e9:50:4b:77:ea:5a:
17:a2:71:1f:0a:95:85:87:da:19:ab:6c:00:80:02:
8c:cd:d3:4f:88:56:ec:9f:87:26:1b:cd:1c:2c:4d:
e2:10:53:80:28:81:3b:e0:bb:33:d8:ad:fa:ca:99:
6b:f8:43:9b:d3:b0:6d:ab:f9:df:f3:a4:ad:20:31:
b2:6b:1e:ae:9e:4a:2d:66:87:85:d0:45:36:7c:93:
e0:27:da:f4:1b:66:13:1c:0a:af:0d:23:05:4a:f4:
0c:7d:96:6c:50:9e:4a:a2:03:03:6a:97:30:78:af:
cc:a4:77:1a:6b:e8:ab:de:cd:6e:ba:2a:78:b0:a8:
71:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:38:94:88:5D:EC:52:A7:7B:0E:B6:FB:44:14:2B:AA:8E:99:C2:E8
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:90:9f:9f:61:02:41:ef:5f:35:04:da:10:a9:6c:ab:ad:5a:
ab:06:57:3b:ef:73:9e:4d:49:85:b5:1d:a3:87:a3:2c:3f:8b:
32:7b:91:a3:a9:38:e8:92:4f:05:3b:97:30:04:77:74:5c:d4:
c2:f2:02:09:4a:ea:dc:2b:17:9e:dc:93:d3:5f:55:ec:04:52:
88:63:11:b9:18:e6:4a:8c:c6:ea:65:1e:25:dc:59:a5:76:2b:
c6:7b:0f:0a:4d:15:fd:eb:bd:87:99:b8:7a:13:89:3b:05:d7:
a1:b6:5d:85:ec:43:51:ea:8c:16:da:b9:c7:2d:3d:c1:3c:09:
13:13:71:4c:33:fa:47:93:57:79:2a:83:58:57:33:04:7a:3a:
60:32:4e:21:73:61:bf:0f:c3:62:b0:a3:c1:72:8c:d3:24:d4:
68:3f:2a:67:a3:3c:c6:15:40:05:46:4b:94:72:ae:00:6a:f3:
4d:cd:dd:4e:ac:4f:bb:9e:1f:5c:23:6e:23:cb:76:a3:4d:b8:
7d:5a:68:e2:b1:6f:2b:56:60:d1:36:43:f6:19:ed:9b:e0:5b:
27:dc:11:10:11:af:d2:9a:9c:c8:77:d5:f1:1d:38:e3:25:e1:
26:7c:e9:2f:26:ad:8c:1c:04:f2:46:54:e1:55:51:6b:ae:ca:
17:61:e2:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ5PWFcFxtUujHdjzXpbKXGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjYwNTIyMTEwMDQ5WhcNMjYwNTIzMTEwMDQ5WjAzMTEwLwYDVQQD
EyhjOTM4OTQ4ODVkZWM1MmE3N2IwZWI2ZmI0NDE0MmJhYThlOTljMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGhgG4rmrV0pGEb+sV8/FGX2eyxb
rAymL9ZGGedW82i7+vXHcILbFh3xGS9Wuw1NefVIXb3PCHTUIOyEfcwD/3efKCdW
RoPdZqLBdXrobf50+DYTJ+0LNPbgJhJ5OSqI5BlDGFV6qX7rbw9z+mDbVIRtyo+G
+8nzHXAZGI1UVffpUEt36loXonEfCpWFh9oZq2wAgAKMzdNPiFbsn4cmG80cLE3i
EFOAKIE74Lsz2K36yplr+EOb07Btq/nf86StIDGyax6unkotZoeF0EU2fJPgJ9r0
G2YTHAqvDSMFSvQMfZZsUJ5KogMDapcweK/MpHcaa+ir3s1uuip4sKhxYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMk4lIhd7FKnew62+0QUK6qOmcLoMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjpCfn2EC
Qe9fNQTaEKlsq61aqwZXO+9znk1JhbUdo4ejLD+LMnuRo6k46JJPBTuXMAR3dFzU
wvICCUrq3CsXntyT019V7ARSiGMRuRjmSozG6mUeJdxZpXYrxnsPCk0V/eu9h5m4
ehOJOwXXobZdhexDUeqMFtq5xy09wTwJExNxTDP6R5NXeSqDWFczBHo6YDJOIXNh
vw/DYrCjwXKM0yTUaD8qZ6M8xhVABUZLlHKuAGrzTc3dTqxPu54fXCNuI8t2o024
fVpo4rFvK1Zg0TZD9hntm+BbJ9wREBGv0pqcyHfV8R044yXhJnzpLyatjBwE8kZU
4VVRa67KF2HiLw==
-----END CERTIFICATE-----
Generated at Fri May 22 16:06:11 2026 by rpki-client