Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: h6q2xueo/cFp/Fq7C7N0zsuZOqo7Re1i4XDk/9m6Ujo=
Subject key identifier: BF:7D:7A:82:02:D0:32:EF:09:26:AC:47:EC:5B:AC:91:23:1B:47:91
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 01974A0CD6ECE71F5002CC2CB97A61FC878E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 08DA
Signing time: Sat 07 Jun 2025 11:00:44 +0000
Manifest this update: Sat 07 Jun 2025 11:00:44 +0000
Manifest next update: Sun 08 Jun 2025 11:00:44 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: ELN8dLzMmewkLmeW1Pq7T2NABW3aTzDY3pW9Yp38QE0=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:0c:d6:ec:e7:1f:50:02:cc:2c:b9:7a:61:fc:87:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Jun 7 11:00:44 2025 GMT
Not After : Jun 8 11:00:44 2025 GMT
Subject: CN=bf7d7a8202d032ef0926ac47ec5bac91231b4791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c9:36:4e:4f:02:8f:38:eb:59:d8:b0:da:ae:
f0:26:d6:48:71:78:69:7e:88:38:38:dc:b6:db:09:
d9:d2:91:b0:bc:a9:29:6e:c4:19:be:2f:f3:1e:cb:
3b:24:d8:ea:6a:ae:d6:0d:de:81:24:7d:78:ed:3d:
9a:7e:a0:08:a2:b4:18:1c:1f:52:1b:e5:dc:a9:96:
e0:ad:1d:7b:de:b5:cd:fa:b3:3e:4b:2e:b6:19:a9:
17:9c:de:91:7a:81:43:bf:26:a7:1f:72:61:99:e5:
a7:61:81:06:3d:b7:29:07:20:bd:a8:17:ca:5f:04:
cb:37:99:9f:b3:a1:ee:c6:37:c3:fa:5d:81:f7:02:
2a:2e:de:dc:be:68:a6:1b:2b:a3:92:13:e3:45:96:
cc:9a:49:88:a0:3c:96:9c:18:6b:80:72:37:9a:18:
b4:ac:ae:26:8f:95:33:47:43:b5:2b:b5:43:92:25:
87:ba:f1:de:1a:56:33:84:1d:aa:57:0e:31:70:ca:
eb:2e:9e:82:38:79:14:3f:86:ef:62:2e:c3:c9:38:
61:10:03:89:be:be:df:b6:65:82:43:f5:8b:fb:c7:
a7:25:b7:7f:8b:00:f8:4b:4d:20:67:28:05:0c:0f:
21:a2:86:22:0c:27:89:c4:09:55:69:87:03:de:0c:
9b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7D:7A:82:02:D0:32:EF:09:26:AC:47:EC:5B:AC:91:23:1B:47:91
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:6d:14:0d:f9:df:08:39:d2:25:aa:4d:2d:26:de:67:d5:41:
84:16:97:f3:02:0c:24:a1:bc:57:7b:b5:e1:03:88:81:0a:e3:
6b:35:90:e8:1e:b5:d8:8e:4f:9d:06:0d:5a:92:e7:f8:1b:05:
c0:69:0b:9b:13:b9:7d:b7:31:78:f2:38:43:95:4d:0d:ce:9c:
02:e9:06:3c:88:be:93:6c:01:69:38:5e:4d:a4:14:0b:fb:d5:
25:20:b5:fb:2d:9c:93:72:76:a2:31:4d:41:18:fb:a9:f3:a5:
db:e2:b1:d7:4a:db:31:ee:5d:f7:29:b6:92:ce:55:15:15:fc:
b1:c4:8d:97:45:c9:15:3b:3a:9d:df:dd:8c:ab:60:00:65:19:
59:7a:7e:f9:ff:60:ec:3e:ac:14:5f:88:44:7e:70:4a:ff:bf:
20:38:bf:b7:49:05:c2:59:df:6e:af:16:5e:78:a7:7a:96:1b:
66:b1:0a:2f:80:ed:b4:c6:11:3b:bd:b9:ea:21:2f:6b:19:91:
11:9c:33:29:ac:5a:69:75:4a:74:f9:fe:c7:8b:f0:b9:34:36:
41:5b:43:63:4f:ab:e4:68:3b:e4:0a:93:4f:85:3a:f0:36:cd:
dd:d9:c3:a0:e7:3c:78:4a:ab:e2:ad:d5:84:cf:46:30:29:ae:
15:4c:24:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDNbs5x9QAswsuXph/IeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwNjA3MTEwMDQ0WhcNMjUwNjA4MTEwMDQ0WjAzMTEwLwYDVQQD
EyhiZjdkN2E4MjAyZDAzMmVmMDkyNmFjNDdlYzViYWM5MTIzMWI0NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnck2Tk8CjzjrWdiw2q7wJtZIcXhp
fog4ONy22wnZ0pGwvKkpbsQZvi/zHss7JNjqaq7WDd6BJH147T2afqAIorQYHB9S
G+XcqZbgrR173rXN+rM+Sy62GakXnN6ReoFDvyanH3JhmeWnYYEGPbcpByC9qBfK
XwTLN5mfs6HuxjfD+l2B9wIqLt7cvmimGyujkhPjRZbMmkmIoDyWnBhrgHI3mhi0
rK4mj5UzR0O1K7VDkiWHuvHeGlYzhB2qVw4xcMrrLp6COHkUP4bvYi7DyThhEAOJ
vr7ftmWCQ/WL+8enJbd/iwD4S00gZygFDA8hooYiDCeJxAlVaYcD3gybtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL99eoIC0DLvCSasR+xbrJEjG0eRMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaG0UDfnf
CDnSJapNLSbeZ9VBhBaX8wIMJKG8V3u14QOIgQrjazWQ6B612I5PnQYNWpLn+BsF
wGkLmxO5fbcxePI4Q5VNDc6cAukGPIi+k2wBaTheTaQUC/vVJSC1+y2ck3J2ojFN
QRj7qfOl2+Kx10rbMe5d9ym2ks5VFRX8scSNl0XJFTs6nd/djKtgAGUZWXp++f9g
7D6sFF+IRH5wSv+/IDi/t0kFwlnfbq8WXninepYbZrEKL4DttMYRO7256iEvaxmR
EZwzKaxaaXVKdPn+x4vwuTQ2QVtDY0+r5Gg75AqTT4U68DbN3dnDoOc8eEqr4q3V
hM9GMCmuFUwkVQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:12:47 2025 by rpki-client