Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: OBqtVdt3JdxQqPak0MDClI2rp4hjLoIA0uPmEHJM9JU=
Subject key identifier: 2A:32:E3:2B:2E:DF:D5:44:E7:46:93:9B:97:02:52:70:63:12:D1:FF
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019D3940E4920D00865A1E90EFFF94A99313
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0BED
Signing time: Sun 29 Mar 2026 11:00:47 +0000
Manifest this update: Sun 29 Mar 2026 11:00:47 +0000
Manifest next update: Mon 30 Mar 2026 11:00:47 +0000
Files and hashes: 1: A_5M0CfXYUUC_BjsX_wFA_AapkY.roa (hash: UxtCMoKmpdBbD3cNYjI3Iakd8mHfIDVh+Sc1KrYzV8A=)
2: QTj2rWtF102-zkq4FB91dVQDunM.roa (hash: 1lI8W4TaqEFSyMRF8rItgY5NGvTzSeJ9vEchB5jfowo=)
3: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: MpQNOS1PtXlmj4myvM6mjwdCX9j1JoCGCYtgaEu7N0M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:e4:92:0d:00:86:5a:1e:90:ef:ff:94:a9:93:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Mar 29 11:00:47 2026 GMT
Not After : Mar 30 11:00:47 2026 GMT
Subject: CN=2a32e32b2edfd544e746939b970252706312d1ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:89:b5:d5:a9:3b:52:e1:17:c4:3a:7f:de:b5:
89:b3:22:ba:fa:9d:5d:19:07:ff:de:77:f1:20:ae:
ac:80:f1:fa:b1:50:e1:41:0b:23:25:da:e2:b8:33:
73:f2:fb:45:3f:6f:bf:18:a8:c2:c6:27:2e:b2:5b:
dd:b3:b2:95:65:40:4e:12:c7:46:e6:b5:11:3a:d5:
7c:f3:c9:e9:d6:a9:23:82:9c:1f:d8:19:07:d3:f0:
3e:58:c9:34:9a:1d:eb:89:b9:d3:01:3f:f5:65:52:
b2:ff:15:2c:ad:0d:b5:ec:34:32:b0:71:8c:db:b4:
13:16:9c:26:28:47:c4:13:cc:4a:cb:6d:5f:3b:69:
7c:0d:9f:13:d9:ac:ae:eb:7b:f4:db:fe:ce:af:4e:
23:f6:d4:f3:f7:8c:7f:85:b1:50:bb:2c:9c:30:d0:
42:e5:11:c6:c6:77:2e:c2:14:67:9b:59:5c:ad:c6:
5f:03:91:42:22:ef:1b:12:38:11:9d:05:1e:ed:dd:
72:2f:ea:d7:89:9f:91:0f:b9:f6:f2:4c:7e:1b:f5:
4d:61:8c:1e:e2:18:1c:e7:e4:0b:89:29:08:bb:cc:
7e:57:11:26:8b:d8:5b:dc:cb:8d:af:85:d3:36:0d:
a6:f2:60:f3:26:0d:bd:3a:4e:88:8c:27:64:69:c0:
be:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:32:E3:2B:2E:DF:D5:44:E7:46:93:9B:97:02:52:70:63:12:D1:FF
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:29:4f:04:81:f3:13:9c:29:3c:f4:8f:25:dc:81:4e:99:3f:
98:b1:cb:e9:0a:61:d5:ad:16:26:58:d0:53:10:a0:24:80:45:
97:ed:0d:e8:9f:cf:09:21:99:25:19:9e:5d:41:1c:63:9f:dc:
6e:21:f6:3a:25:6f:63:b8:41:79:8a:98:64:0d:fd:fe:0b:7d:
f0:e0:fb:fe:a5:cb:84:53:24:1e:30:9a:b5:7a:61:2b:e3:8a:
56:4d:fd:cb:09:ef:1f:d3:b4:df:0f:d5:35:d7:f6:89:95:55:
80:f7:61:73:1b:31:98:77:b6:b8:dd:76:72:0e:2d:cc:86:f6:
27:6b:79:d0:60:dc:5d:ae:6c:6f:5c:fb:87:55:07:f9:c1:be:
de:f0:d3:54:fd:c2:81:f2:40:ed:7a:8a:5e:c9:db:13:f1:88:
df:f8:27:7d:41:0a:23:43:df:4c:6b:08:b8:71:66:4e:8a:87:
01:7f:5b:56:36:eb:4d:b4:0c:74:27:55:3f:79:82:2d:85:73:
93:c5:f3:29:3a:d9:f9:42:c4:e5:d3:86:de:35:86:94:ea:44:
44:62:62:f6:a0:48:ef:27:ff:67:dc:f2:b9:16:b4:40:40:e5:
0a:58:91:2f:e9:91:d3:2f:cd:be:c6:97:b0:b2:f3:8c:70:58:
1c:84:30:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QOSSDQCGWh6Q7/+UqZMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjYwMzI5MTEwMDQ3WhcNMjYwMzMwMTEwMDQ3WjAzMTEwLwYDVQQD
EygyYTMyZTMyYjJlZGZkNTQ0ZTc0NjkzOWI5NzAyNTI3MDYzMTJkMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyom11ak7UuEXxDp/3rWJsyK6+p1d
GQf/3nfxIK6sgPH6sVDhQQsjJdriuDNz8vtFP2+/GKjCxicuslvds7KVZUBOEsdG
5rUROtV888np1qkjgpwf2BkH0/A+WMk0mh3ribnTAT/1ZVKy/xUsrQ217DQysHGM
27QTFpwmKEfEE8xKy21fO2l8DZ8T2ayu63v02/7Or04j9tTz94x/hbFQuyycMNBC
5RHGxncuwhRnm1lcrcZfA5FCIu8bEjgRnQUe7d1yL+rXiZ+RD7n28kx+G/VNYYwe
4hgc5+QLiSkIu8x+VxEmi9hb3MuNr4XTNg2m8mDzJg29Ok6IjCdkacC+JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoy4ysu39VE50aTm5cCUnBjEtH/MB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALClPBIHz
E5wpPPSPJdyBTpk/mLHL6Qph1a0WJljQUxCgJIBFl+0N6J/PCSGZJRmeXUEcY5/c
biH2OiVvY7hBeYqYZA39/gt98OD7/qXLhFMkHjCatXphK+OKVk39ywnvH9O03w/V
Ndf2iZVVgPdhcxsxmHe2uN12cg4tzIb2J2t50GDcXa5sb1z7h1UH+cG+3vDTVP3C
gfJA7XqKXsnbE/GI3/gnfUEKI0PfTGsIuHFmToqHAX9bVjbrTbQMdCdVP3mCLYVz
k8XzKTrZ+ULE5dOG3jWGlOpERGJi9qBI7yf/Z9zyuRa0QEDlCliRL+mR0y/NvsaX
sLLzjHBYHIQwCg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:28:26 2026 by rpki-client