Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: rRKKNA8UbspeelDrsYwtnKBQWj0v4cz+TSfdDFBHaY4=
Subject key identifier: 6A:E6:53:69:5E:CE:76:B7:E6:E4:0A:9C:FA:5B:01:1A:25:88:98:9D
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 0198D404B6A60816E724E16761776A39BFE0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 09A6
Signing time: Fri 22 Aug 2025 23:02:15 +0000
Manifest this update: Fri 22 Aug 2025 23:02:15 +0000
Manifest next update: Sat 23 Aug 2025 23:02:15 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: /KytWM8j0G9NscU1faolKgfPr5y+rhdevmr6SBGTDNo=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:04:b6:a6:08:16:e7:24:e1:67:61:77:6a:39:bf:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Aug 22 23:02:15 2025 GMT
Not After : Aug 23 23:02:15 2025 GMT
Subject: CN=6ae653695ece76b7e6e40a9cfa5b011a2588989d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:b1:6a:88:fb:4d:4a:ae:28:57:3e:92:7d:
dd:99:a0:0d:a5:91:f8:77:1a:70:07:31:e7:a7:9e:
c1:02:23:bf:62:83:65:64:58:ac:de:d2:30:a2:35:
95:ad:2b:37:bc:c0:13:af:d4:c3:ec:80:39:f6:f5:
96:83:35:36:3b:f9:1d:59:7e:10:60:eb:aa:e3:b4:
bd:c7:79:5d:3b:d8:44:a5:9f:b5:0a:f3:4e:da:80:
0a:d5:78:86:a4:e9:00:4c:61:3b:34:22:34:72:24:
ac:75:b0:4f:39:3f:6a:cd:ff:e3:58:47:7f:62:aa:
c0:fa:bd:4d:33:6c:18:86:e3:fc:0d:c6:90:57:7d:
c2:2a:72:b8:fd:19:4a:ac:7c:30:29:4a:81:7f:b7:
24:a5:95:6e:2b:ea:73:e6:0d:18:b6:4a:7f:a6:16:
68:31:9b:8f:3d:2e:d9:ab:28:2c:12:62:57:b5:60:
91:d9:69:0e:70:f2:9e:2e:db:d4:bb:57:bd:87:e7:
0b:08:ad:68:69:ca:a2:83:99:c5:f6:ec:39:27:cd:
a5:47:16:4d:00:84:df:92:10:3a:54:8c:5c:0c:df:
56:75:d8:ad:29:42:c4:b4:b8:ee:96:1d:f7:f4:9b:
e0:b6:bc:4d:5d:c8:7c:f7:cd:52:e7:40:d9:4e:d3:
b9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E6:53:69:5E:CE:76:B7:E6:E4:0A:9C:FA:5B:01:1A:25:88:98:9D
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:02:d0:e8:20:2b:6a:e6:ed:26:48:4c:d9:ac:3d:f5:b1:9f:
00:81:76:60:22:4b:16:e2:e8:34:e3:79:5d:68:84:ec:53:e7:
e7:1d:60:ea:9b:5b:90:4a:92:84:5f:c2:94:a6:3c:0a:ea:db:
de:97:1f:85:27:d3:39:92:7c:37:43:22:71:36:de:ee:23:41:
34:ed:c5:40:07:01:22:24:4f:dc:15:d5:9f:e5:c6:89:d5:c9:
a2:1c:fe:18:c8:40:33:a0:7b:eb:39:30:5c:ee:cf:e9:75:99:
e7:16:e7:5a:2a:36:c7:e6:06:b0:b4:13:bb:ab:6a:6d:1c:a4:
02:39:ef:72:b7:37:60:cd:ab:99:84:c8:ba:dd:e1:ad:7e:28:
11:2b:95:3d:80:ad:6d:61:50:10:1e:c6:20:ee:a5:f8:76:e2:
f4:b2:51:de:c9:63:91:71:5b:69:ee:4e:5a:7f:cb:b2:37:5e:
72:b6:1f:c4:21:9e:d8:c1:70:34:64:3b:14:31:3f:58:9a:d8:
8d:d9:25:b2:03:e5:55:04:e1:cd:ed:5d:2d:df:6c:3e:09:52:
09:98:98:a6:26:69:64:9e:00:40:00:90:92:18:b1:fe:a3:d3:
7f:50:85:f3:52:b8:88:aa:e0:37:60:7c:0e:45:e1:ef:f8:cd:
71:ee:5c:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUBLamCBbnJOFnYXdqOb/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwODIyMjMwMjE1WhcNMjUwODIzMjMwMjE1WjAzMTEwLwYDVQQD
Eyg2YWU2NTM2OTVlY2U3NmI3ZTZlNDBhOWNmYTViMDExYTI1ODg5ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur2xaoj7TUquKFc+kn3dmaANpZH4
dxpwBzHnp57BAiO/YoNlZFis3tIwojWVrSs3vMATr9TD7IA59vWWgzU2O/kdWX4Q
YOuq47S9x3ldO9hEpZ+1CvNO2oAK1XiGpOkATGE7NCI0ciSsdbBPOT9qzf/jWEd/
YqrA+r1NM2wYhuP8DcaQV33CKnK4/RlKrHwwKUqBf7ckpZVuK+pz5g0Ytkp/phZo
MZuPPS7ZqygsEmJXtWCR2WkOcPKeLtvUu1e9h+cLCK1oacqig5nF9uw5J82lRxZN
AITfkhA6VIxcDN9WdditKULEtLjulh339JvgtrxNXch8981S50DZTtO5PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrmU2lezna35uQKnPpbARoliJidMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVgLQ6CAr
aubtJkhM2aw99bGfAIF2YCJLFuLoNON5XWiE7FPn5x1g6ptbkEqShF/ClKY8Curb
3pcfhSfTOZJ8N0MicTbe7iNBNO3FQAcBIiRP3BXVn+XGidXJohz+GMhAM6B76zkw
XO7P6XWZ5xbnWio2x+YGsLQTu6tqbRykAjnvcrc3YM2rmYTIut3hrX4oESuVPYCt
bWFQEB7GIO6l+Hbi9LJR3sljkXFbae5OWn/LsjdecrYfxCGe2MFwNGQ7FDE/WJrY
jdklsgPlVQThze1dLd9sPglSCZiYpiZpZJ4AQACQkhix/qPTf1CF81K4iKrgN2B8
DkXh7/jNce5cDA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:20:13 2025 by rpki-client