Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: Q7zKbIKRl1XLSkiP9bJniWAHBVj5CYkKX8QHe+2LpME=
Subject key identifier: AC:6D:DC:C4:AD:00:52:FC:5B:11:3F:61:74:09:65:31:04:B9:29:B2
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 0196BD12C2CFF1F03CB492DBA1A0D604127C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0891
Signing time: Sun 11 May 2025 02:00:45 +0000
Manifest this update: Sun 11 May 2025 02:00:45 +0000
Manifest next update: Mon 12 May 2025 02:00:45 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: 1lp2q49hCaGlVMNDMP0nc2OaMdJdkAJ5P3FYVzt0W/Q=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:12:c2:cf:f1:f0:3c:b4:92:db:a1:a0:d6:04:12:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: May 11 02:00:45 2025 GMT
Not After : May 12 02:00:45 2025 GMT
Subject: CN=ac6ddcc4ad0052fc5b113f617409653104b929b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:33:63:88:58:4e:74:21:d1:2e:fa:9d:20:44:
30:11:c2:10:20:89:2f:47:fd:56:1b:e1:d1:bd:65:
fa:1a:3b:63:4f:6b:d5:ff:61:ba:c6:74:14:1b:27:
07:d9:be:f1:0e:3f:60:92:b1:eb:28:b0:be:f3:c9:
af:a6:03:16:92:48:f0:03:d4:b5:b9:1e:f6:37:33:
1f:94:2f:83:db:a5:bc:a6:1a:b8:a5:1c:57:97:09:
a7:3b:7a:50:eb:58:a6:ff:9a:07:a9:51:4f:5e:b0:
71:7f:29:da:63:f5:17:be:90:3e:73:37:07:fe:b9:
52:9d:18:cc:77:89:55:7a:e8:cd:be:51:38:a3:85:
d1:5b:95:71:10:ea:b0:7c:ae:22:95:7c:05:37:0d:
e6:91:7c:93:97:e1:2e:29:30:75:1b:7c:84:4f:cf:
90:00:63:ec:ab:01:cb:d6:2c:8f:d1:b1:e9:03:a1:
68:e9:42:11:94:21:cc:90:9b:c3:31:8c:24:41:90:
d8:b7:bf:4e:9d:d0:72:af:27:e9:15:49:5c:6d:78:
c9:99:36:03:a7:33:60:df:d4:c8:b9:39:44:46:bc:
a2:a4:8b:8d:d0:6b:63:bc:4e:52:1c:9a:db:9b:12:
4f:65:b9:dd:d7:31:51:42:ed:3b:b0:da:7e:cc:8a:
ee:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:6D:DC:C4:AD:00:52:FC:5B:11:3F:61:74:09:65:31:04:B9:29:B2
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:64:d4:c4:60:81:87:d4:ec:87:e8:fb:61:0f:d3:57:d5:5d:
02:6e:af:1c:a6:c4:30:f2:f1:c5:ce:10:26:4f:88:ea:89:28:
14:1c:59:a1:cb:fe:1d:7d:d3:6c:d3:4c:0d:11:ab:a6:74:de:
a8:7b:93:54:e1:2a:9b:11:ba:85:15:c2:7a:63:d7:ae:2e:bc:
4f:59:d6:f2:91:75:a9:38:67:ef:48:e2:31:bb:2b:9b:d7:59:
8f:5e:ed:c9:72:63:73:48:55:bf:e4:9c:33:f2:2c:32:9b:3f:
3e:a5:e5:07:f5:fc:fe:dd:ed:df:57:a5:31:2c:3e:36:13:70:
24:5a:8b:67:3d:e6:c2:59:26:c8:a5:f0:2d:64:39:47:12:af:
bf:d3:29:74:82:7b:59:aa:7d:c9:81:4f:32:be:f6:34:46:55:
d5:18:a8:7f:98:51:88:e0:f3:00:a7:18:87:4f:66:96:5c:d1:
c6:b8:98:8f:6c:f8:73:5b:a2:cb:ba:fc:dc:0f:d3:3f:a3:50:
de:38:12:c7:5a:52:4d:23:a4:bb:d0:4a:7e:b8:ea:79:37:6a:
06:bc:30:ad:f7:c1:76:ea:8d:dc:ce:06:35:43:ce:84:a5:67:
d3:e5:b9:67:5b:a6:b1:2f:77:d4:44:1f:66:de:08:62:d5:e4:
90:f3:c1:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9EsLP8fA8tJLboaDWBBJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwNTExMDIwMDQ1WhcNMjUwNTEyMDIwMDQ1WjAzMTEwLwYDVQQD
EyhhYzZkZGNjNGFkMDA1MmZjNWIxMTNmNjE3NDA5NjUzMTA0YjkyOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDNjiFhOdCHRLvqdIEQwEcIQIIkv
R/1WG+HRvWX6GjtjT2vV/2G6xnQUGycH2b7xDj9gkrHrKLC+88mvpgMWkkjwA9S1
uR72NzMflC+D26W8phq4pRxXlwmnO3pQ61im/5oHqVFPXrBxfynaY/UXvpA+czcH
/rlSnRjMd4lVeujNvlE4o4XRW5VxEOqwfK4ilXwFNw3mkXyTl+EuKTB1G3yET8+Q
AGPsqwHL1iyP0bHpA6Fo6UIRlCHMkJvDMYwkQZDYt79OndByryfpFUlcbXjJmTYD
pzNg39TIuTlERryipIuN0GtjvE5SHJrbmxJPZbnd1zFRQu07sNp+zIruXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxt3MStAFL8WxE/YXQJZTEEuSmyMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe2TUxGCB
h9Tsh+j7YQ/TV9VdAm6vHKbEMPLxxc4QJk+I6okoFBxZocv+HX3TbNNMDRGrpnTe
qHuTVOEqmxG6hRXCemPXri68T1nW8pF1qThn70jiMbsrm9dZj17tyXJjc0hVv+Sc
M/IsMps/PqXlB/X8/t3t31elMSw+NhNwJFqLZz3mwlkmyKXwLWQ5RxKvv9MpdIJ7
Wap9yYFPMr72NEZV1Riof5hRiODzAKcYh09mllzRxriYj2z4c1uiy7r83A/TP6NQ
3jgSx1pSTSOku9BKfrjqeTdqBrwwrffBduqN3M4GNUPOhKVn0+W5Z1umsS931EQf
Zt4IYtXkkPPBvg==
-----END CERTIFICATE-----
Generated at Sun May 11 08:18:03 2025 by rpki-client