Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: MKGH4MF5yLODRF11btO1kvJ0r3HROuFLgtUyYgaqAvM=
Subject key identifier: 32:A1:26:28:19:47:1C:1E:D4:5F:31:A7:DB:9E:6E:95:32:16:F6:95
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 019CAC47522E7240746C90F0487D183ECB8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0BA4
Signing time: Mon 02 Mar 2026 02:01:21 +0000
Manifest this update: Mon 02 Mar 2026 02:01:21 +0000
Manifest next update: Tue 03 Mar 2026 02:01:21 +0000
Files and hashes: 1: A_5M0CfXYUUC_BjsX_wFA_AapkY.roa (hash: UxtCMoKmpdBbD3cNYjI3Iakd8mHfIDVh+Sc1KrYzV8A=)
2: QTj2rWtF102-zkq4FB91dVQDunM.roa (hash: 1lI8W4TaqEFSyMRF8rItgY5NGvTzSeJ9vEchB5jfowo=)
3: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: pIlQD/+N4qrd4mpG8/vqxND2/+hoFm2/FsxGOlU4hYc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:52:2e:72:40:74:6c:90:f0:48:7d:18:3e:cb:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Mar 2 02:01:21 2026 GMT
Not After : Mar 3 02:01:21 2026 GMT
Subject: CN=32a1262819471c1ed45f31a7db9e6e953216f695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:fd:6a:24:8e:3a:82:2b:23:6f:14:bb:cb:
b0:a8:b8:3a:db:20:39:80:1d:c7:e7:08:be:22:91:
9c:34:c9:26:6d:59:66:9a:cb:85:5e:81:b6:80:da:
46:a6:90:bc:05:ee:bd:1b:85:3e:44:43:15:36:4e:
c5:00:3f:a1:e2:eb:c5:ec:a3:62:1b:91:29:c4:42:
14:b3:49:57:88:80:a1:6f:a0:dc:13:d9:91:09:71:
63:e2:13:ff:d9:74:89:f8:56:83:ab:ae:1f:68:0b:
21:62:3a:53:e4:cb:cd:07:07:e4:c0:b9:13:a4:d2:
5c:f7:37:38:71:8a:f2:34:9a:d5:df:d8:30:9d:87:
02:fa:71:d0:a7:ba:0d:94:67:ac:16:ae:9f:46:c7:
1e:be:30:d6:16:78:48:5b:03:c9:9d:01:76:87:d7:
59:82:19:b4:20:71:52:5e:6c:95:f2:fe:62:86:1c:
20:07:6e:94:f1:dd:b1:8f:d1:b2:dc:83:b8:da:4a:
43:cb:ae:23:06:04:f0:5b:7c:6f:48:29:89:cd:87:
f5:2d:10:2f:5f:14:90:46:0b:34:9f:52:5d:bf:df:
c6:bf:2b:41:90:ad:c0:e8:d7:2e:8f:b5:ad:01:d6:
9e:be:9d:7a:44:c6:79:ac:53:76:de:53:8a:39:3d:
44:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A1:26:28:19:47:1C:1E:D4:5F:31:A7:DB:9E:6E:95:32:16:F6:95
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:66:f0:c3:41:19:2f:7f:3b:10:0b:35:99:7a:18:28:ff:98:
13:e9:ad:c0:70:39:56:6d:d0:25:6c:7c:c2:e6:4a:96:ec:33:
07:0d:79:fb:b0:9d:a2:09:80:df:4d:72:cb:52:46:ad:98:b1:
af:48:56:e8:89:bf:9a:c5:13:a0:46:c0:df:81:f1:d3:ab:af:
6a:56:b6:4c:ea:ce:a2:09:8e:b0:a9:8d:d9:7e:2f:fe:b6:0b:
26:e9:6f:c7:c8:43:af:56:6b:3b:2b:49:f6:f0:97:f2:0e:dd:
e0:67:65:63:73:f3:5e:44:a9:e3:3a:58:17:23:0c:c1:fd:f1:
fb:54:43:45:46:f4:6d:fa:43:97:b5:9b:6c:cb:04:2f:d7:3d:
28:36:50:43:2f:6e:08:b3:a9:f3:ad:8f:1c:c4:55:9b:38:e3:
f1:2f:27:05:77:69:4f:ea:2b:9d:2b:a7:73:df:3b:d5:67:05:
fd:57:d6:d5:47:25:a3:bd:68:a5:7c:46:91:c2:8c:ad:36:f2:
4f:76:d1:42:cb:30:2e:31:77:cc:a5:91:f1:46:61:7c:e1:5c:
9a:34:87:03:23:14:57:d7:0d:97:f5:2a:77:c3:1f:4e:98:fe:
ce:a6:de:97:0b:bb:25:fe:32:27:74:35:56:b8:ef:28:ba:8e:
2e:86:36:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR1IuckB0bJDwSH0YPsuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjYwMzAyMDIwMTIxWhcNMjYwMzAzMDIwMTIxWjAzMTEwLwYDVQQD
EygzMmExMjYyODE5NDcxYzFlZDQ1ZjMxYTdkYjllNmU5NTMyMTZmNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4v9aiSOOoIrI28Uu8uwqLg62yA5
gB3H5wi+IpGcNMkmbVlmmsuFXoG2gNpGppC8Be69G4U+REMVNk7FAD+h4uvF7KNi
G5EpxEIUs0lXiIChb6DcE9mRCXFj4hP/2XSJ+FaDq64faAshYjpT5MvNBwfkwLkT
pNJc9zc4cYryNJrV39gwnYcC+nHQp7oNlGesFq6fRscevjDWFnhIWwPJnQF2h9dZ
ghm0IHFSXmyV8v5ihhwgB26U8d2xj9Gy3IO42kpDy64jBgTwW3xvSCmJzYf1LRAv
XxSQRgs0n1Jdv9/GvytBkK3A6Ncuj7WtAdaevp16RMZ5rFN23lOKOT1EtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKhJigZRxwe1F8xp9uebpUyFvaVMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADWbww0EZ
L387EAs1mXoYKP+YE+mtwHA5Vm3QJWx8wuZKluwzBw15+7CdogmA301yy1JGrZix
r0hW6Im/msUToEbA34Hx06uvala2TOrOogmOsKmN2X4v/rYLJulvx8hDr1ZrOytJ
9vCX8g7d4GdlY3PzXkSp4zpYFyMMwf3x+1RDRUb0bfpDl7WbbMsEL9c9KDZQQy9u
CLOp862PHMRVmzjj8S8nBXdpT+ornSunc9871WcF/VfW1Uclo71opXxGkcKMrTby
T3bRQsswLjF3zKWR8UZhfOFcmjSHAyMUV9cNl/Uqd8MfTpj+zqbelwu7Jf4yJ3Q1
VrjvKLqOLoY2zg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:10:11 2026 by rpki-client