Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: 9/mk6cfiNqr6NBE9q7v8cp1yxEVEW8JirT/6Dy+44TM=
Subject key identifier: 50:E3:00:C3:CB:E2:4C:83:24:08:26:E5:43:B3:A1:D7:2F:2A:B8:94
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 0197B8211CFDA1F3C1DFC4413538CAB040E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0913
Signing time: Sat 28 Jun 2025 20:01:07 +0000
Manifest this update: Sat 28 Jun 2025 20:01:07 +0000
Manifest next update: Sun 29 Jun 2025 20:01:07 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: N4crXvUXmPKx80c2gDHs9nXxIHEYlzNi0drFa5ubaCc=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:21:1c:fd:a1:f3:c1:df:c4:41:35:38:ca:b0:40:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Jun 28 20:01:07 2025 GMT
Not After : Jun 29 20:01:07 2025 GMT
Subject: CN=50e300c3cbe24c83240826e543b3a1d72f2ab894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b2:2f:46:f3:9f:83:7a:3b:a3:7a:39:19:91:
45:55:71:44:97:de:a4:97:78:a0:f0:01:f2:cb:3a:
fd:9a:f3:c0:6a:4d:8e:80:5f:34:67:0d:0a:eb:eb:
bc:1f:da:45:c7:41:40:ff:aa:9d:ce:fe:a1:00:8b:
8d:73:ed:28:49:92:b6:d7:92:fa:28:a4:38:4d:18:
3f:28:08:0a:51:f0:d1:89:49:90:1f:e8:dc:1f:72:
84:2c:a2:e4:7e:97:d0:28:96:6c:a7:6c:b2:1f:8e:
d1:f6:1f:fe:a3:94:51:7c:bf:12:6d:5d:48:80:de:
8f:0d:f6:7e:de:8a:54:ca:55:c1:7d:06:bd:24:d2:
86:21:8e:ec:c5:39:d0:52:d3:bc:01:03:cf:05:52:
89:72:f3:58:76:ad:6d:2f:4e:d6:bd:82:4b:e2:e6:
d9:40:d9:12:16:71:10:02:f8:d2:52:50:75:7e:6d:
c2:66:c7:3d:5e:8a:21:35:db:23:a4:46:d4:98:a1:
0e:f6:62:df:77:dd:70:67:ad:8d:1b:3d:23:2e:05:
05:08:a7:2c:96:30:0d:e6:59:75:ae:1b:32:10:5b:
1b:22:1b:d3:3a:1d:d8:4f:74:19:03:64:e1:22:97:
7b:a2:a9:9c:f7:bd:11:99:08:5d:2e:b5:44:78:0a:
53:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E3:00:C3:CB:E2:4C:83:24:08:26:E5:43:B3:A1:D7:2F:2A:B8:94
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:14:cb:f7:83:27:66:9f:71:1c:60:63:7e:43:6a:9e:71:f2:
32:0c:c5:1b:3a:a7:5e:5a:a8:13:db:32:4d:cc:6d:5f:6b:54:
69:4d:2b:c6:84:65:5b:ed:8b:a2:00:29:83:42:91:09:1e:33:
60:7b:82:c7:c7:5f:9f:3a:6c:81:22:56:38:79:b0:40:96:1e:
7b:02:71:d5:04:17:c2:c0:4b:33:71:28:41:43:f4:da:3a:70:
be:21:35:cb:93:6e:a2:87:d7:6a:9d:75:37:38:73:c1:19:b4:
58:89:64:b8:c0:87:a7:f6:9a:86:cf:23:e3:83:5a:75:0f:e0:
f1:22:66:cb:bd:39:66:a6:a1:83:71:fb:ca:e9:a4:91:26:1d:
07:c6:f6:5f:4a:cb:fd:d6:26:fd:0c:41:be:21:7a:ff:63:30:
63:17:9a:c9:73:14:f3:8a:ab:11:6d:74:4f:ee:db:cf:15:34:
4a:be:c9:7a:83:9b:46:a1:f4:13:98:d8:23:a4:ca:b0:a4:d2:
ee:ce:10:fd:58:db:a4:9e:ec:b5:29:14:60:2e:43:1e:df:9f:
09:a9:c4:16:7c:ba:28:d0:f4:8b:80:5d:5e:11:d7:d1:b8:87:
ac:a3:de:01:df:52:67:ae:0c:96:43:df:41:4a:76:b6:6a:44:
1a:0d:ab:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IRz9ofPB38RBNTjKsEDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwNjI4MjAwMTA3WhcNMjUwNjI5MjAwMTA3WjAzMTEwLwYDVQQD
Eyg1MGUzMDBjM2NiZTI0YzgzMjQwODI2ZTU0M2IzYTFkNzJmMmFiODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLIvRvOfg3o7o3o5GZFFVXFEl96k
l3ig8AHyyzr9mvPAak2OgF80Zw0K6+u8H9pFx0FA/6qdzv6hAIuNc+0oSZK215L6
KKQ4TRg/KAgKUfDRiUmQH+jcH3KELKLkfpfQKJZsp2yyH47R9h/+o5RRfL8SbV1I
gN6PDfZ+3opUylXBfQa9JNKGIY7sxTnQUtO8AQPPBVKJcvNYdq1tL07WvYJL4ubZ
QNkSFnEQAvjSUlB1fm3CZsc9XoohNdsjpEbUmKEO9mLfd91wZ62NGz0jLgUFCKcs
ljAN5ll1rhsyEFsbIhvTOh3YT3QZA2ThIpd7oqmc970RmQhdLrVEeApTowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDjAMPL4kyDJAgm5UOzodcvKriUMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxTL94Mn
Zp9xHGBjfkNqnnHyMgzFGzqnXlqoE9syTcxtX2tUaU0rxoRlW+2LogApg0KRCR4z
YHuCx8dfnzpsgSJWOHmwQJYeewJx1QQXwsBLM3EoQUP02jpwviE1y5NuoofXap11
NzhzwRm0WIlkuMCHp/aahs8j44NadQ/g8SJmy705Zqahg3H7yumkkSYdB8b2X0rL
/dYm/QxBviF6/2MwYxeayXMU84qrEW10T+7bzxU0Sr7JeoObRqH0E5jYI6TKsKTS
7s4Q/VjbpJ7stSkUYC5DHt+fCanEFny6KND0i4BdXhHX0biHrKPeAd9SZ64MlkPf
QUp2tmpEGg2rxw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:39:36 2025 by rpki-client