Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: meLrJvZDSFu179NyV1sfdhGuCswcADQfwSyXO203Iwg=
Subject key identifier: 1A:B0:1A:85:03:25:F2:D8:52:C1:F1:8F:C9:CB:C0:10:32:43:E0:7B
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019D29CE60A3B005828B10ABF5D8DD5D02DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0BE5
Signing time: Thu 26 Mar 2026 11:01:24 +0000
Manifest this update: Thu 26 Mar 2026 11:01:24 +0000
Manifest next update: Fri 27 Mar 2026 11:01:24 +0000
Files and hashes: 1: A_5M0CfXYUUC_BjsX_wFA_AapkY.roa (hash: UxtCMoKmpdBbD3cNYjI3Iakd8mHfIDVh+Sc1KrYzV8A=)
2: QTj2rWtF102-zkq4FB91dVQDunM.roa (hash: 1lI8W4TaqEFSyMRF8rItgY5NGvTzSeJ9vEchB5jfowo=)
3: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: CPS1dVzJ+2w62wBGDex4GLGcpw/e0k4n9Wl1Cn/LZT0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:60:a3:b0:05:82:8b:10:ab:f5:d8:dd:5d:02:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Mar 26 11:01:24 2026 GMT
Not After : Mar 27 11:01:24 2026 GMT
Subject: CN=1ab01a850325f2d852c1f18fc9cbc0103243e07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a7:fb:e1:71:2e:3f:5f:fc:6f:fc:78:25:2e:
7d:7d:e2:fa:83:e6:a2:0e:a1:78:8d:42:89:52:94:
2f:d9:49:f2:76:9b:05:b7:1d:1c:23:07:91:0f:6e:
a9:2d:86:7a:90:b1:49:52:2d:d4:ce:97:9a:60:a4:
3a:f7:d1:13:36:36:1f:95:50:2b:6f:64:33:12:43:
5a:b2:c8:c6:18:10:9f:7c:13:0c:f2:27:c5:d3:61:
e2:1c:6a:51:af:69:a0:12:a3:17:07:e5:ec:93:80:
9c:56:42:cb:52:02:ce:3c:48:d5:89:60:b6:5a:e0:
c1:b2:33:3c:d3:a0:fa:b2:dd:4e:d2:a9:2d:f0:f6:
4e:5c:b2:53:71:63:9c:65:08:c7:cc:01:7b:39:0e:
85:08:ee:a2:26:ad:16:87:b4:b8:8c:0d:7e:1c:e9:
2c:5a:41:7c:70:ea:2d:01:fc:96:f6:54:50:47:6c:
f5:ec:2c:f6:e7:12:42:a0:09:41:53:ed:91:ab:d2:
56:c5:e4:15:6f:23:af:bd:17:58:d3:a2:29:eb:6c:
55:ca:4a:16:2e:3b:8c:ac:fc:a6:68:56:22:00:f1:
71:a8:ee:2e:68:45:8e:73:6a:07:7e:a4:6c:00:c8:
af:ef:a1:d6:a6:b0:8b:65:08:73:c3:7d:0e:b0:5d:
b9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B0:1A:85:03:25:F2:D8:52:C1:F1:8F:C9:CB:C0:10:32:43:E0:7B
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:a2:8c:a3:4f:2c:89:28:d8:69:64:c7:01:3c:27:5c:c1:54:
bf:3c:5a:33:45:04:79:da:3f:98:30:33:1a:44:63:c9:ba:b0:
29:87:5d:b8:f8:d4:91:0c:c2:7c:d9:6c:77:4f:fc:0b:18:a7:
16:99:76:b6:b9:01:c6:fd:13:0d:1a:8a:ca:08:e8:81:44:50:
82:6f:17:ef:6c:2b:ef:4a:14:56:d3:56:14:89:1d:c5:ed:bc:
20:e8:3e:0f:89:cf:d7:2a:cb:70:fb:73:fe:7e:f0:c1:be:9f:
de:27:aa:ab:5a:8a:3c:55:3a:b5:44:6e:12:b0:88:52:7e:ce:
b6:8f:7d:11:da:0f:9f:5f:5a:ac:1e:e6:d1:94:c8:b2:35:d2:
ce:b5:48:66:8b:e2:a3:cd:c1:5f:45:5a:3b:4c:3b:16:c5:04:
2a:30:8d:17:71:94:aa:cc:dd:e0:96:8e:25:03:29:46:df:53:
48:78:3e:73:ee:68:3c:a2:78:4f:95:bf:c3:71:ae:b7:d9:57:
36:65:c7:cb:6a:90:40:93:dd:dc:1b:82:51:c5:cf:32:74:47:
db:b6:83:39:6d:d8:ca:c8:f9:e6:71:51:dc:c4:98:0c:35:80:
36:52:0c:68:ab:36:e1:71:06:e4:95:cc:6b:0f:0a:7f:79:68:
75:93:6d:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzmCjsAWCixCr9djdXQLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjYwMzI2MTEwMTI0WhcNMjYwMzI3MTEwMTI0WjAzMTEwLwYDVQQD
EygxYWIwMWE4NTAzMjVmMmQ4NTJjMWYxOGZjOWNiYzAxMDMyNDNlMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKf74XEuP1/8b/x4JS59feL6g+ai
DqF4jUKJUpQv2UnydpsFtx0cIweRD26pLYZ6kLFJUi3UzpeaYKQ699ETNjYflVAr
b2QzEkNassjGGBCffBMM8ifF02HiHGpRr2mgEqMXB+Xsk4CcVkLLUgLOPEjViWC2
WuDBsjM806D6st1O0qkt8PZOXLJTcWOcZQjHzAF7OQ6FCO6iJq0Wh7S4jA1+HOks
WkF8cOotAfyW9lRQR2z17Cz25xJCoAlBU+2Rq9JWxeQVbyOvvRdY06Ip62xVykoW
LjuMrPymaFYiAPFxqO4uaEWOc2oHfqRsAMiv76HWprCLZQhzw30OsF25qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqwGoUDJfLYUsHxj8nLwBAyQ+B7MB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY6KMo08s
iSjYaWTHATwnXMFUvzxaM0UEedo/mDAzGkRjybqwKYdduPjUkQzCfNlsd0/8Cxin
Fpl2trkBxv0TDRqKygjogURQgm8X72wr70oUVtNWFIkdxe28IOg+D4nP1yrLcPtz
/n7wwb6f3ieqq1qKPFU6tURuErCIUn7Oto99EdoPn19arB7m0ZTIsjXSzrVIZovi
o83BX0VaO0w7FsUEKjCNF3GUqszd4JaOJQMpRt9TSHg+c+5oPKJ4T5W/w3Gut9lX
NmXHy2qQQJPd3BuCUcXPMnRH27aDOW3Yysj55nFR3MSYDDWANlIMaKs24XEG5JXM
aw8Kf3lodZNtsg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:22:38 2026 by rpki-client