Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: fsBZ+rs2pKQo+tU3fxK/UVff+LUaSBlPoKbIEiHOAbM=
Subject key identifier: 62:F6:2B:22:6E:1F:DF:8E:4B:43:40:81:1E:9C:4D:10:E2:01:3C:85
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 01987B2DE213BA866936A1C447BF8D55AB87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0978
Signing time: Tue 05 Aug 2025 17:01:01 +0000
Manifest this update: Tue 05 Aug 2025 17:01:01 +0000
Manifest next update: Wed 06 Aug 2025 17:01:01 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: BCR9XXve+SJKKTaPXUUoJweQGtAjcp4Xh0Jr9SBluGo=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7b:2d:e2:13:ba:86:69:36:a1:c4:47:bf:8d:55:ab:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Aug 5 17:01:01 2025 GMT
Not After : Aug 6 17:01:01 2025 GMT
Subject: CN=62f62b226e1fdf8e4b4340811e9c4d10e2013c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:45:1f:1f:61:34:0c:0d:8e:58:05:b6:25:d2:
46:9b:67:48:b8:d1:be:4e:a6:11:08:c2:e4:59:93:
17:26:31:75:31:a7:e7:5c:35:c7:a3:83:cb:6d:78:
5e:98:50:b3:8c:c0:26:81:1f:ef:24:c1:7f:89:54:
15:e8:4c:41:4c:b3:61:36:dc:e0:98:bd:b2:3f:66:
f1:e0:48:83:fc:10:17:68:cd:7d:9d:f7:31:b3:cd:
ee:6d:67:92:5b:d0:fb:cb:8b:c5:85:24:84:04:61:
07:7f:fb:57:28:47:3f:64:16:74:f0:76:32:44:a1:
f7:22:93:26:91:62:e4:2a:a2:b7:b3:7b:ec:83:e8:
a6:27:dd:ac:c0:42:2f:b9:aa:fa:43:e6:1a:bd:56:
32:15:6e:f2:8a:48:88:f5:9e:3a:08:62:ce:4f:98:
10:d2:58:30:26:07:4a:1b:03:25:c0:67:60:71:b5:
ec:35:2c:ae:3a:6a:2b:cf:65:62:73:85:5e:00:02:
27:97:5a:a2:a1:97:f5:01:29:4d:93:59:db:80:65:
6d:37:4e:12:34:4d:c3:cf:7d:0f:18:48:2c:e1:1d:
bf:bb:3d:ec:5f:93:90:6c:01:4a:bd:26:e6:2f:a7:
17:b5:11:68:c7:8b:2d:ee:35:63:d9:09:55:74:03:
16:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F6:2B:22:6E:1F:DF:8E:4B:43:40:81:1E:9C:4D:10:E2:01:3C:85
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:9e:d5:30:4b:31:65:87:1d:7a:51:16:64:7c:49:ea:6d:1d:
3a:6e:a6:e7:86:b4:3c:ae:42:ba:38:16:72:08:f4:73:02:8f:
57:c1:9a:a7:57:71:22:ac:fc:db:94:84:22:b8:b0:86:49:54:
b9:6b:b5:bc:9c:7e:66:9f:f5:8a:e7:fe:fe:b7:02:f1:01:f8:
9f:58:69:40:c5:cb:ad:e2:f6:90:17:4d:12:ec:2b:86:63:3d:
29:0b:c9:46:c9:db:20:c1:5d:52:d8:58:a8:52:2b:42:aa:71:
f3:b3:6e:cb:3f:27:02:d9:b5:6a:e9:42:c5:a1:af:2e:f1:9d:
37:2a:eb:4a:84:bf:2f:de:f1:37:f0:cb:ec:a3:e6:ad:96:20:
08:75:63:fc:e4:08:49:b8:27:fe:e6:ff:77:9c:09:df:1f:74:
74:57:a7:d8:8e:9d:d5:b7:3f:6e:af:6a:d1:96:9c:8f:15:7e:
be:2e:c8:9f:14:e3:01:59:5b:1e:24:15:1f:a5:4c:15:ed:cb:
66:38:3e:34:da:cf:ab:57:8d:41:34:e0:e2:ed:ad:35:de:95:
bf:8d:c1:3c:06:fe:14:de:e3:d4:bf:33:72:21:1e:7c:a4:c3:
51:a8:87:f1:24:c6:50:21:6a:36:6b:31:79:56:0c:18:2f:c4:
c9:3b:35:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7LeITuoZpNqHER7+NVauHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwODA1MTcwMTAxWhcNMjUwODA2MTcwMTAxWjAzMTEwLwYDVQQD
Eyg2MmY2MmIyMjZlMWZkZjhlNGI0MzQwODExZTljNGQxMGUyMDEzYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEUfH2E0DA2OWAW2JdJGm2dIuNG+
TqYRCMLkWZMXJjF1MafnXDXHo4PLbXhemFCzjMAmgR/vJMF/iVQV6ExBTLNhNtzg
mL2yP2bx4EiD/BAXaM19nfcxs83ubWeSW9D7y4vFhSSEBGEHf/tXKEc/ZBZ08HYy
RKH3IpMmkWLkKqK3s3vsg+imJ92swEIvuar6Q+YavVYyFW7yikiI9Z46CGLOT5gQ
0lgwJgdKGwMlwGdgcbXsNSyuOmorz2Vic4VeAAInl1qioZf1ASlNk1nbgGVtN04S
NE3Dz30PGEgs4R2/uz3sX5OQbAFKvSbmL6cXtRFox4st7jVj2QlVdAMW0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGL2KyJuH9+OS0NAgR6cTRDiATyFMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJ7VMEsx
ZYcdelEWZHxJ6m0dOm6m54a0PK5CujgWcgj0cwKPV8Gap1dxIqz825SEIriwhklU
uWu1vJx+Zp/1iuf+/rcC8QH4n1hpQMXLreL2kBdNEuwrhmM9KQvJRsnbIMFdUthY
qFIrQqpx87Nuyz8nAtm1aulCxaGvLvGdNyrrSoS/L97xN/DL7KPmrZYgCHVj/OQI
Sbgn/ub/d5wJ3x90dFen2I6d1bc/bq9q0ZacjxV+vi7InxTjAVlbHiQVH6VMFe3L
Zjg+NNrPq1eNQTTg4u2tNd6Vv43BPAb+FN7j1L8zciEefKTDUaiH8STGUCFqNmsx
eVYMGC/EyTs1CA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:43:44 2025 by rpki-client