Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: JU8H4Q1noP+KksGIXMj0wNIRUNVjvBkQtw1j/ufGo44=
Subject key identifier: BC:EE:42:7D:36:89:87:C6:AC:D4:94:FB:FF:7F:55:46:41:96:C2:74
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019A4E86B8DA4E19D0A81BB18AE330ED75C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0A6A
Signing time: Tue 04 Nov 2025 11:00:43 +0000
Manifest this update: Tue 04 Nov 2025 11:00:43 +0000
Manifest next update: Wed 05 Nov 2025 11:00:43 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: 8wQEq+PLOjnha5feTYjKlTG88mMsrn85+v9qVP23+Rk=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:b8:da:4e:19:d0:a8:1b:b1:8a:e3:30:ed:75:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Nov 4 11:00:43 2025 GMT
Not After : Nov 5 11:00:43 2025 GMT
Subject: CN=bcee427d368987c6acd494fbff7f55464196c274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6f:09:45:78:a0:4e:ab:e6:15:6d:99:e8:a8:
4b:e8:c7:05:82:70:8f:ec:9e:0e:5d:72:e2:a5:db:
c3:6a:01:e5:54:d0:29:b6:d6:c1:d1:4e:98:1d:a2:
16:2b:22:c5:04:a8:29:ed:0a:1d:1e:06:cd:ee:43:
c0:14:f7:c5:c0:d6:29:08:d7:5f:47:52:36:b0:2d:
26:41:bd:1f:fe:bf:43:0a:e4:3a:91:83:51:7c:c6:
4f:4a:e3:da:05:63:7d:b2:90:25:75:ba:e0:a9:e9:
c3:3d:95:4a:88:e6:20:e2:9d:56:b1:fa:f2:ba:4b:
4c:2c:74:16:9d:e8:c1:1a:cb:8c:30:12:f4:8d:16:
1e:aa:ae:ad:01:cc:ce:36:6a:9d:b4:58:83:0f:94:
a7:a1:7d:52:f6:09:33:b0:b1:50:9e:6b:5e:65:82:
0a:d0:d7:15:ba:43:28:37:52:20:6e:3a:b1:a3:e5:
d7:2a:19:f9:48:92:dc:41:a2:5c:b9:38:00:6e:66:
0b:94:04:2e:6d:15:84:a1:f5:b2:5e:e2:2c:2f:d8:
90:a7:5d:32:85:8e:55:7f:5f:7c:05:65:26:76:aa:
4a:a9:db:86:4f:3c:6d:0d:c0:d2:dd:f4:11:8f:6e:
f8:39:69:ec:33:7b:8a:b5:cf:e3:98:ba:d2:f1:2e:
bb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EE:42:7D:36:89:87:C6:AC:D4:94:FB:FF:7F:55:46:41:96:C2:74
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:e4:6e:6d:69:6a:64:2c:fd:a3:20:d5:45:74:ca:42:1a:20:
e1:73:f0:dd:f4:3f:37:33:53:cc:50:1f:6c:6b:94:5d:47:3c:
9f:18:e8:08:38:b0:2c:4e:8e:f5:49:67:d0:94:81:34:9f:0a:
1a:d9:d3:70:df:b5:4a:68:c1:53:c5:b7:9a:1c:fb:25:0b:07:
f2:a0:31:9d:87:30:f4:e2:f5:57:d3:32:01:78:ae:38:c6:a1:
fd:65:32:7e:b9:27:34:39:3e:f3:15:e8:84:09:80:fc:bb:2d:
32:51:1a:4f:7f:58:4a:ae:67:f7:16:e8:24:75:79:ae:14:5f:
63:55:dc:7e:c5:9c:56:b0:68:bc:07:49:c9:6e:d6:8c:0b:91:
8f:ad:da:3e:76:4a:0a:e3:ae:64:a4:b2:49:ba:43:6d:1d:17:
e8:f1:55:a6:b5:45:01:ec:20:68:67:00:c5:21:09:47:73:1e:
e8:de:0c:1e:e6:a5:34:14:ed:c7:f0:3c:b3:01:29:6f:22:ba:
69:03:f4:e7:9c:2a:06:fc:78:f4:6f:53:d3:35:60:c2:df:8f:
7e:35:c1:87:c7:ba:f1:6b:81:0c:29:0c:0f:2b:f5:c9:31:89:
87:e0:21:60:06:fc:39:26:3b:a5:12:ff:76:9d:fa:c8:e3:08:
0c:23:4a:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhrjaThnQqBuxiuMw7XXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUxMTA0MTEwMDQzWhcNMjUxMTA1MTEwMDQzWjAzMTEwLwYDVQQD
EyhiY2VlNDI3ZDM2ODk4N2M2YWNkNDk0ZmJmZjdmNTU0NjQxOTZjMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G8JRXigTqvmFW2Z6KhL6McFgnCP
7J4OXXLipdvDagHlVNApttbB0U6YHaIWKyLFBKgp7QodHgbN7kPAFPfFwNYpCNdf
R1I2sC0mQb0f/r9DCuQ6kYNRfMZPSuPaBWN9spAldbrgqenDPZVKiOYg4p1Wsfry
uktMLHQWnejBGsuMMBL0jRYeqq6tAczONmqdtFiDD5SnoX1S9gkzsLFQnmteZYIK
0NcVukMoN1Igbjqxo+XXKhn5SJLcQaJcuTgAbmYLlAQubRWEofWyXuIsL9iQp10y
hY5Vf198BWUmdqpKqduGTzxtDcDS3fQRj274OWnsM3uKtc/jmLrS8S67CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzuQn02iYfGrNSU+/9/VUZBlsJ0MB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgORubWlq
ZCz9oyDVRXTKQhog4XPw3fQ/NzNTzFAfbGuUXUc8nxjoCDiwLE6O9Uln0JSBNJ8K
GtnTcN+1SmjBU8W3mhz7JQsH8qAxnYcw9OL1V9MyAXiuOMah/WUyfrknNDk+8xXo
hAmA/LstMlEaT39YSq5n9xboJHV5rhRfY1XcfsWcVrBovAdJyW7WjAuRj63aPnZK
CuOuZKSySbpDbR0X6PFVprVFAewgaGcAxSEJR3Me6N4MHualNBTtx/A8swEpbyK6
aQP055wqBvx49G9T0zVgwt+PfjXBh8e68WuBDCkMDyv1yTGJh+AhYAb8OSY7pRL/
dp36yOMIDCNKmQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:38 2025 by rpki-client