Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: Qbyb+/j1UxUlQLJ44eysk4AervqlE2X2t06+TfHATXw=
Subject key identifier: 21:FB:A2:EA:1A:47:9F:86:38:8E:4C:5C:72:99:1A:23:3D:F4:C8:69
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019673AFFDB5877773A7897581254ACCCF3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 086B
Signing time: Sat 26 Apr 2025 20:00:35 +0000
Manifest this update: Sat 26 Apr 2025 20:00:35 +0000
Manifest next update: Sun 27 Apr 2025 20:00:35 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: TP+JQ0p8PPEtS+WGXCS8F/iOAX5KLbU9sAjJOr4OsEQ=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:73:af:fd:b5:87:77:73:a7:89:75:81:25:4a:cc:cf:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Apr 26 20:00:35 2025 GMT
Not After : Apr 27 20:00:35 2025 GMT
Subject: CN=21fba2ea1a479f86388e4c5c72991a233df4c869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7d:80:cf:b5:00:d9:9e:5a:99:36:64:7d:39:
45:92:cd:d0:e2:71:7c:44:06:ff:9b:f6:3b:5e:a9:
26:18:14:c2:48:9f:ed:5f:ff:38:4d:45:50:ed:dd:
19:80:63:9f:7e:d5:d0:6c:53:b4:06:e9:c9:93:01:
66:ef:f2:fd:83:c2:21:b1:0c:23:4e:15:54:88:b5:
bf:b8:e4:69:cf:6b:41:1c:0c:79:93:a3:e1:dc:49:
98:3f:b4:69:74:f2:25:10:ce:20:58:05:42:ba:19:
fb:8f:fa:1c:4d:bf:59:83:2e:11:e9:2f:b2:f9:01:
7e:cf:42:8f:4f:05:50:e3:24:89:8b:ef:73:e7:56:
f8:2e:c8:fe:a4:f2:e1:5a:ed:2d:91:13:83:5f:d7:
43:dc:ee:ce:e5:96:1b:d2:11:7a:1e:eb:b2:44:92:
f5:41:68:dd:4a:b8:48:bd:5c:96:cf:83:0f:8f:c5:
f8:1b:ff:67:55:4b:bd:ba:b5:9f:01:24:87:92:d3:
f1:22:9a:f3:18:fd:ec:20:b8:65:42:7b:54:dd:12:
17:60:ff:4c:34:c1:89:10:dd:11:cb:46:c7:fd:39:
98:cc:02:28:d3:c1:b3:b1:b4:0d:6a:62:e8:0e:3b:
e0:12:3f:cb:68:b6:71:06:61:f1:5a:f3:0c:fc:5b:
d1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FB:A2:EA:1A:47:9F:86:38:8E:4C:5C:72:99:1A:23:3D:F4:C8:69
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:06:5e:14:32:f9:a9:1c:0b:a2:fe:38:13:39:aa:f7:ca:45:
7a:f8:a0:4c:02:50:69:ff:ff:e4:c0:04:e0:15:31:8e:49:6b:
bd:a6:a9:86:0e:c0:60:71:3e:aa:1d:74:44:38:3e:da:53:22:
56:7b:9e:e5:76:41:ed:f7:3c:af:99:f0:1c:a4:2a:ed:03:51:
6f:d8:cd:8c:8e:5c:5d:1e:f8:d7:8c:89:a5:89:09:6b:2e:7a:
ac:54:c3:a0:50:54:a4:16:09:32:64:b3:09:5f:a4:55:4c:bd:
7d:4f:c7:00:3e:b3:e6:8e:ae:cf:e4:fa:f0:88:c4:ac:fe:ae:
a8:18:a9:2f:aa:79:20:0b:66:e8:48:21:f2:e7:ba:31:1d:7e:
3e:82:a9:26:08:a8:3e:4a:c2:81:6c:6b:2a:bc:09:33:1b:ba:
8f:fd:ac:a8:4a:3f:72:8e:e6:43:91:78:d2:08:9d:ce:cb:b0:
6c:c8:b6:7e:97:48:ce:87:b7:3c:34:31:a0:53:c0:34:ef:00:
37:3d:fb:55:7f:22:63:78:a3:a6:87:96:53:69:1d:ff:9f:43:
2e:30:1b:3f:05:5a:3f:9a:d5:01:30:e4:cf:f5:92:91:38:80:
35:67:60:ef:23:74:e5:e7:a5:00:e0:3f:0a:2a:c4:23:6a:23:
f5:b4:43:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZzr/21h3dzp4l1gSVKzM86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwNDI2MjAwMDM1WhcNMjUwNDI3MjAwMDM1WjAzMTEwLwYDVQQD
EygyMWZiYTJlYTFhNDc5Zjg2Mzg4ZTRjNWM3Mjk5MWEyMzNkZjRjODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX2Az7UA2Z5amTZkfTlFks3Q4nF8
RAb/m/Y7XqkmGBTCSJ/tX/84TUVQ7d0ZgGOfftXQbFO0BunJkwFm7/L9g8IhsQwj
ThVUiLW/uORpz2tBHAx5k6Ph3EmYP7RpdPIlEM4gWAVCuhn7j/ocTb9Zgy4R6S+y
+QF+z0KPTwVQ4ySJi+9z51b4Lsj+pPLhWu0tkRODX9dD3O7O5ZYb0hF6HuuyRJL1
QWjdSrhIvVyWz4MPj8X4G/9nVUu9urWfASSHktPxIprzGP3sILhlQntU3RIXYP9M
NMGJEN0Ry0bH/TmYzAIo08GzsbQNamLoDjvgEj/LaLZxBmHxWvMM/FvR3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCH7ouoaR5+GOI5MXHKZGiM99MhpMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcgZeFDL5
qRwLov44Ezmq98pFevigTAJQaf//5MAE4BUxjklrvaaphg7AYHE+qh10RDg+2lMi
Vnue5XZB7fc8r5nwHKQq7QNRb9jNjI5cXR7414yJpYkJay56rFTDoFBUpBYJMmSz
CV+kVUy9fU/HAD6z5o6uz+T68IjErP6uqBipL6p5IAtm6Egh8ue6MR1+PoKpJgio
PkrCgWxrKrwJMxu6j/2sqEo/co7mQ5F40gidzsuwbMi2fpdIzoe3PDQxoFPANO8A
Nz37VX8iY3ijpoeWU2kd/59DLjAbPwVaP5rVATDkz/WSkTiANWdg7yN05eelAOA/
CirEI2oj9bRDYg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:36:48 2025 by rpki-client