
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: V7OQTDUp/Yss/GmSjX8XCzL4J6mXB6tZrlQzut0X9+8=
Subject key identifier: E3:56:4E:34:34:86:8C:50:48:D6:EF:A7:F1:76:80:2F:F7:51:39:44
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019F37177FF594F7159D0B1C0F82C4EABE58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0CF5
Signing time: Mon 06 Jul 2026 11:01:54 +0000
Manifest this update: Mon 06 Jul 2026 11:01:54 +0000
Manifest next update: Tue 07 Jul 2026 11:01:54 +0000
Files and hashes: 1: A_5M0CfXYUUC_BjsX_wFA_AapkY.roa (hash: UxtCMoKmpdBbD3cNYjI3Iakd8mHfIDVh+Sc1KrYzV8A=)
2: QTj2rWtF102-zkq4FB91dVQDunM.roa (hash: 1lI8W4TaqEFSyMRF8rItgY5NGvTzSeJ9vEchB5jfowo=)
3: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: 5CYIrIyXfWkrMKvuvQto2iBKXfF8kv+Cnovn0NS/TRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 Jul 2026 11:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:37:17:7f:f5:94:f7:15:9d:0b:1c:0f:82:c4:ea:be:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Jul 6 11:01:54 2026 GMT
Not After : Jul 7 11:01:54 2026 GMT
Subject: CN=e3564e3434868c5048d6efa7f176802ff7513944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8e:38:27:a9:cd:a2:f0:a6:be:35:7e:b3:1e:
88:42:5d:6f:4e:27:60:4a:95:4e:e0:a1:33:50:0a:
5f:df:8b:4a:2c:66:ea:a6:05:9b:8f:07:03:ce:6d:
c9:67:8f:9a:92:63:8e:65:7c:50:64:6a:f2:78:6a:
c1:b2:58:05:26:cd:a9:5d:f9:64:57:05:df:de:29:
ce:e6:e5:33:06:e3:44:f4:f2:45:76:2f:d4:e5:75:
b1:79:06:a7:6f:18:d7:f9:9b:fe:e9:40:54:b9:87:
17:60:e3:30:e2:76:fc:4d:d6:a3:71:d1:ee:a0:ed:
95:d2:73:ba:3b:db:e9:2d:11:08:47:6e:05:48:f3:
cf:18:d4:1a:c6:aa:45:3f:3b:e9:ec:e6:2c:f3:84:
12:b5:28:74:63:14:62:fe:0a:b7:8c:d9:e2:17:99:
79:d3:fd:c2:12:61:8d:99:f2:17:34:2c:c8:e4:33:
36:54:b5:43:20:bf:1d:65:34:93:35:c0:5f:93:8b:
67:85:02:fe:ed:5a:4e:44:0d:d9:67:07:ea:70:0d:
bf:19:86:62:ef:cb:00:45:c3:74:05:0e:40:58:98:
d8:d0:1a:93:c1:2f:15:fe:42:57:f8:f1:48:e8:2e:
73:06:75:04:11:9c:27:f9:5c:e8:f5:c4:4c:11:fa:
e8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:56:4E:34:34:86:8C:50:48:D6:EF:A7:F1:76:80:2F:F7:51:39:44
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:5b:1e:3e:33:a3:ce:77:d5:e2:ff:e5:6f:b3:52:59:48:91:
59:ca:99:a0:a7:6a:ea:82:fc:38:dc:13:d7:4c:63:0b:e0:f1:
e6:de:0a:96:28:51:a6:cf:61:53:37:2f:c4:81:a0:61:44:92:
b4:40:12:81:96:95:02:f4:06:4f:f0:f6:09:b8:be:dc:e1:fd:
19:79:36:12:9e:4b:e3:a0:84:be:3b:08:76:36:48:0b:48:a6:
12:03:7d:c0:ba:05:0d:c4:10:18:1d:2a:15:2c:a5:08:b8:c3:
41:d9:23:ea:82:99:16:2d:44:ca:b4:65:95:77:24:45:3b:9e:
8b:33:53:f7:b7:a0:97:74:90:0c:36:63:1f:d7:f7:df:ca:1a:
0a:e1:a5:83:cb:a5:c6:91:3d:41:7d:ef:91:9e:73:88:02:51:
0d:a2:8c:91:8b:9a:c3:1c:82:a4:7c:54:f4:75:d8:a2:23:f4:
a7:f1:a0:6f:ee:7a:27:a0:f8:15:7a:be:0e:15:a6:09:d6:d4:
1f:16:1b:87:75:fc:34:92:80:2f:d3:e8:03:27:24:07:9f:64:
8c:6d:45:27:5c:93:5a:dc:3b:13:86:01:ef:71:9c:3d:ba:53:
d8:9f:4d:d5:8a:6b:50:e3:61:c7:30:e4:92:a1:ad:80:df:14:
74:b3:db:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ83F3/1lPcVnQscD4LE6r5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjYwNzA2MTEwMTU0WhcNMjYwNzA3MTEwMTU0WjAzMTEwLwYDVQQD
EyhlMzU2NGUzNDM0ODY4YzUwNDhkNmVmYTdmMTc2ODAyZmY3NTEzOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno44J6nNovCmvjV+sx6IQl1vTidg
SpVO4KEzUApf34tKLGbqpgWbjwcDzm3JZ4+akmOOZXxQZGryeGrBslgFJs2pXflk
VwXf3inO5uUzBuNE9PJFdi/U5XWxeQanbxjX+Zv+6UBUuYcXYOMw4nb8TdajcdHu
oO2V0nO6O9vpLREIR24FSPPPGNQaxqpFPzvp7OYs84QStSh0YxRi/gq3jNniF5l5
0/3CEmGNmfIXNCzI5DM2VLVDIL8dZTSTNcBfk4tnhQL+7VpORA3ZZwfqcA2/GYZi
78sARcN0BQ5AWJjY0BqTwS8V/kJX+PFI6C5zBnUEEZwn+Vzo9cRMEfrocwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONWTjQ0hoxQSNbvp/F2gC/3UTlEMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUFsePjOj
znfV4v/lb7NSWUiRWcqZoKdq6oL8ONwT10xjC+Dx5t4KlihRps9hUzcvxIGgYUSS
tEASgZaVAvQGT/D2Cbi+3OH9GXk2Ep5L46CEvjsIdjZIC0imEgN9wLoFDcQQGB0q
FSylCLjDQdkj6oKZFi1EyrRllXckRTueizNT97egl3SQDDZjH9f338oaCuGlg8ul
xpE9QX3vkZ5ziAJRDaKMkYuawxyCpHxU9HXYoiP0p/Ggb+56J6D4FXq+DhWmCdbU
HxYbh3X8NJKAL9PoAyckB59kjG1FJ1yTWtw7E4YB73GcPbpT2J9N1YprUONhxzDk
kqGtgN8UdLPbkA==
-----END CERTIFICATE-----
Generated at Mon Jul 6 19:25:43 2026 by rpki-client