Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: q7/GZSBesEr3eYGi1lzJ/1iDgsYBa8cXAJzVOe7aNmo=
Subject key identifier: EF:2C:59:47:00:58:A7:AF:F1:13:91:84:C3:E1:A9:DA:5A:83:FD:46
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019D9BBE2CC3A7348AAD07C7C662DEE08545
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0C20
Signing time: Fri 17 Apr 2026 14:00:24 +0000
Manifest this update: Fri 17 Apr 2026 14:00:24 +0000
Manifest next update: Sat 18 Apr 2026 14:00:24 +0000
Files and hashes: 1: A_5M0CfXYUUC_BjsX_wFA_AapkY.roa (hash: UxtCMoKmpdBbD3cNYjI3Iakd8mHfIDVh+Sc1KrYzV8A=)
2: QTj2rWtF102-zkq4FB91dVQDunM.roa (hash: 1lI8W4TaqEFSyMRF8rItgY5NGvTzSeJ9vEchB5jfowo=)
3: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: BLrufXv3zhqXKY//d4Xl+cSFOSH1AliZivaC5RqpZIY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:be:2c:c3:a7:34:8a:ad:07:c7:c6:62:de:e0:85:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Apr 17 14:00:24 2026 GMT
Not After : Apr 18 14:00:24 2026 GMT
Subject: CN=ef2c59470058a7aff1139184c3e1a9da5a83fd46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:36:4c:70:38:f2:db:94:db:ac:9b:c0:b7:
e8:3c:ed:24:a6:bb:21:85:c7:6d:92:c9:11:9e:e7:
c9:9e:71:87:ce:38:70:0d:8e:4a:1d:0e:27:52:d0:
c8:c6:e9:4c:65:8d:c4:3b:e9:0a:84:5b:b5:63:57:
a6:af:7d:32:6e:69:94:54:b2:de:d2:8e:cd:ac:39:
f6:79:69:5d:5e:e7:af:87:0f:1f:1b:10:f5:c1:4a:
6b:dc:a3:1f:a4:07:73:65:57:82:16:35:db:c6:ce:
5f:a1:d4:85:3e:c2:3d:2b:46:06:93:8d:89:5f:f6:
9b:25:cd:2f:91:08:df:be:46:86:f9:4c:f2:e5:e0:
71:f7:81:da:31:58:e0:95:25:b6:c4:a3:5d:76:25:
91:48:a0:3b:5d:53:f0:57:15:18:32:0a:bd:5d:5f:
a0:13:61:3f:94:fa:c5:a4:dd:62:61:ec:4a:80:a4:
f2:12:64:e1:b5:b8:e1:51:a3:57:94:21:2c:e2:9a:
3d:52:b2:b0:95:e9:1f:51:da:36:72:1a:89:8b:8c:
6a:6d:64:e2:85:07:39:df:a7:cc:ac:8a:0c:cb:eb:
79:6e:50:76:df:42:55:76:d0:53:7d:2e:3e:00:47:
52:b1:6f:9f:cc:50:6a:2a:e0:06:f8:c3:f0:d2:6a:
49:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2C:59:47:00:58:A7:AF:F1:13:91:84:C3:E1:A9:DA:5A:83:FD:46
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:34:cc:a0:22:d3:d0:d8:01:3c:df:5a:d8:d0:28:99:0a:02:
0e:fa:93:6c:7c:aa:fa:41:36:bd:d7:76:1f:e9:44:c3:11:a0:
27:70:12:bc:c0:9d:8d:17:b4:ff:8e:fb:7c:72:94:ac:ed:b0:
c5:55:4d:44:c3:7f:63:e9:9e:b6:7f:7c:c0:89:0e:d4:f8:af:
87:00:86:6b:1d:73:00:76:74:6d:5f:dd:c9:c1:df:16:ab:91:
38:19:01:96:a3:25:13:da:30:90:31:c4:20:5a:c6:eb:6f:26:
5d:04:fe:2c:34:83:d4:e8:ff:99:d3:a5:13:3a:53:0f:61:ea:
b4:0d:90:34:70:8b:f4:f1:f4:c3:3f:6b:14:ec:a6:d0:71:cd:
35:c2:fb:a7:74:73:3d:0e:22:65:9b:28:d6:00:88:2a:a3:b5:
39:2c:df:c5:c7:fd:0f:1c:d3:ec:6f:00:f2:6a:3f:cb:7d:06:
a3:43:21:de:46:7e:29:09:7c:ca:f9:9a:8a:b3:21:80:57:a1:
ba:94:18:b1:92:23:98:ae:bf:41:43:83:9d:22:ff:97:7e:c2:
00:ed:f8:04:53:99:cf:06:6f:81:22:0f:ec:f4:c4:27:54:42:
0d:a4:83:0d:44:1a:fc:f3:d8:37:b0:4c:fe:a3:01:ec:8d:df:
57:03:39:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvizDpzSKrQfHxmLe4IVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjYwNDE3MTQwMDI0WhcNMjYwNDE4MTQwMDI0WjAzMTEwLwYDVQQD
EyhlZjJjNTk0NzAwNThhN2FmZjExMzkxODRjM2UxYTlkYTVhODNmZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Y2THA48tuU26ybwLfoPO0kprsh
hcdtkskRnufJnnGHzjhwDY5KHQ4nUtDIxulMZY3EO+kKhFu1Y1emr30ybmmUVLLe
0o7NrDn2eWldXuevhw8fGxD1wUpr3KMfpAdzZVeCFjXbxs5fodSFPsI9K0YGk42J
X/abJc0vkQjfvkaG+Uzy5eBx94HaMVjglSW2xKNddiWRSKA7XVPwVxUYMgq9XV+g
E2E/lPrFpN1iYexKgKTyEmThtbjhUaNXlCEs4po9UrKwlekfUdo2chqJi4xqbWTi
hQc536fMrIoMy+t5blB230JVdtBTfS4+AEdSsW+fzFBqKuAG+MPw0mpJ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8sWUcAWKev8RORhMPhqdpag/1GMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZzTMoCLT
0NgBPN9a2NAomQoCDvqTbHyq+kE2vdd2H+lEwxGgJ3ASvMCdjRe0/477fHKUrO2w
xVVNRMN/Y+metn98wIkO1PivhwCGax1zAHZ0bV/dycHfFquROBkBlqMlE9owkDHE
IFrG628mXQT+LDSD1Oj/mdOlEzpTD2HqtA2QNHCL9PH0wz9rFOym0HHNNcL7p3Rz
PQ4iZZso1gCIKqO1OSzfxcf9DxzT7G8A8mo/y30Go0Mh3kZ+KQl8yvmairMhgFeh
upQYsZIjmK6/QUODnSL/l37CAO34BFOZzwZvgSIP7PTEJ1RCDaSDDUQa/PPYN7BM
/qMB7I3fVwM58g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:24:21 2026 by rpki-client