Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: wEyKRuIgOkpuaWne4xjEXU23uZFzTNlkTLQ6+JpGGTY=
Subject key identifier: 0F:17:A9:FE:59:25:E2:E8:FB:D6:14:6B:FA:34:AC:31:3A:9A:DE:9A
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 0198C67FB9C197DD03C6F47339E34D3A1882
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 099F
Signing time: Wed 20 Aug 2025 08:01:56 +0000
Manifest this update: Wed 20 Aug 2025 08:01:56 +0000
Manifest next update: Thu 21 Aug 2025 08:01:56 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: Pwy1fKWpJZtgOJdNXUhalI6b+TqOsWid7PZUkWTtXD0=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:7f:b9:c1:97:dd:03:c6:f4:73:39:e3:4d:3a:18:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Aug 20 08:01:56 2025 GMT
Not After : Aug 21 08:01:56 2025 GMT
Subject: CN=0f17a9fe5925e2e8fbd6146bfa34ac313a9ade9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:66:a2:e4:ea:39:be:7a:cc:6c:21:6a:d7:a2:
82:40:40:ab:99:20:06:a8:29:d6:74:3c:ea:ef:d1:
20:f4:48:0f:d9:d2:51:80:a3:f8:4b:d7:e7:ef:c0:
3b:02:eb:80:3a:40:f6:0d:f2:c5:4f:99:50:55:03:
77:ad:61:b4:70:b5:95:8e:eb:84:e3:fe:6f:c4:f7:
bb:3c:fc:29:51:60:de:c0:6e:58:8b:c4:6d:a4:88:
d0:ea:d6:4b:7e:dd:31:a9:bd:39:04:37:28:1b:f5:
ae:ce:f7:93:30:e3:5c:32:77:c2:e0:44:b2:23:23:
79:39:18:35:02:15:fb:df:34:20:f0:7c:cb:c4:53:
8d:66:87:20:5f:0f:e9:8e:59:77:84:23:4b:57:b4:
aa:9b:9e:e1:fd:a3:b6:b0:f9:71:d8:87:fa:f2:b6:
e0:28:86:92:a6:e5:84:0e:bb:a5:4d:ac:2f:00:89:
40:26:d7:20:24:42:be:8c:30:ad:e1:32:cf:20:46:
fd:e3:d7:d5:85:15:eb:44:56:03:3d:63:ea:d9:2e:
ab:da:09:f9:b8:11:53:b9:8d:f4:19:25:d4:c9:93:
7e:0b:ad:36:83:cc:13:31:0d:a4:64:c8:60:30:1f:
58:dc:64:ef:10:d9:15:e6:d4:ca:f7:70:c0:86:8e:
a4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:17:A9:FE:59:25:E2:E8:FB:D6:14:6B:FA:34:AC:31:3A:9A:DE:9A
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:2d:8e:14:37:3d:80:8a:5f:74:bd:6a:5f:0c:4a:4a:5b:51:
65:31:69:a2:db:9b:c2:80:e9:ee:2c:b3:56:b5:9f:17:66:5f:
86:df:ce:5a:8a:4f:2f:1a:17:a0:8d:2d:01:9a:18:bf:18:f3:
78:88:e7:c2:5c:09:31:1f:9a:19:f1:8d:aa:ab:3c:d7:ed:d7:
b8:d2:cf:46:bd:35:2f:49:c2:e2:31:f8:42:62:21:84:f1:e9:
cd:db:19:db:19:ae:57:41:73:62:05:25:a1:02:41:6b:da:e7:
6e:74:95:df:1c:f1:d5:b0:cf:ec:70:95:63:f0:13:95:8a:e5:
b2:52:ad:7a:fb:59:b5:76:dd:dc:47:37:e1:d6:2b:87:d5:b9:
1e:b6:64:24:0c:7c:8e:52:5e:ed:5b:ba:e6:45:aa:8f:9d:7f:
b3:36:14:16:5f:87:8d:88:db:c4:9c:0e:a9:8b:e1:4e:52:94:
39:7e:5f:60:ad:ee:cf:50:08:6a:b4:22:ce:31:51:46:06:4a:
a6:db:a9:d8:08:3d:bc:a9:21:22:f3:3b:2c:50:15:b3:9f:97:
de:b6:4c:5e:92:3c:a7:99:00:2f:eb:fc:1d:f7:98:42:d7:df:
3d:1b:35:03:06:69:02:01:80:44:44:66:74:5c:d5:6b:38:93:
a9:5b:a8:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjGf7nBl90DxvRzOeNNOhiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwODIwMDgwMTU2WhcNMjUwODIxMDgwMTU2WjAzMTEwLwYDVQQD
EygwZjE3YTlmZTU5MjVlMmU4ZmJkNjE0NmJmYTM0YWMzMTNhOWFkZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymai5Oo5vnrMbCFq16KCQECrmSAG
qCnWdDzq79Eg9EgP2dJRgKP4S9fn78A7AuuAOkD2DfLFT5lQVQN3rWG0cLWVjuuE
4/5vxPe7PPwpUWDewG5Yi8RtpIjQ6tZLft0xqb05BDcoG/WuzveTMONcMnfC4ESy
IyN5ORg1AhX73zQg8HzLxFONZocgXw/pjll3hCNLV7Sqm57h/aO2sPlx2If68rbg
KIaSpuWEDrulTawvAIlAJtcgJEK+jDCt4TLPIEb949fVhRXrRFYDPWPq2S6r2gn5
uBFTuY30GSXUyZN+C602g8wTMQ2kZMhgMB9Y3GTvENkV5tTK93DAho6klwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8Xqf5ZJeLo+9YUa/o0rDE6mt6aMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABC2OFDc9
gIpfdL1qXwxKSltRZTFpotubwoDp7iyzVrWfF2Zfht/OWopPLxoXoI0tAZoYvxjz
eIjnwlwJMR+aGfGNqqs81+3XuNLPRr01L0nC4jH4QmIhhPHpzdsZ2xmuV0FzYgUl
oQJBa9rnbnSV3xzx1bDP7HCVY/ATlYrlslKtevtZtXbd3Ec34dYrh9W5HrZkJAx8
jlJe7Vu65kWqj51/szYUFl+HjYjbxJwOqYvhTlKUOX5fYK3uz1AIarQizjFRRgZK
ptup2Ag9vKkhIvM7LFAVs5+X3rZMXpI8p5kAL+v8HfeYQtffPRs1AwZpAgGARERm
dFzVaziTqVuo2g==
-----END CERTIFICATE-----
Generated at Wed Aug 20 13:13:49 2025 by rpki-client