Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft
File: 37H24AFTpJGGEbFLawP2gS7YikM.mft (raw, json)
Hash identifier: AeqTXa6WYUob3A25cve33EUriB0Aw+DRKEklSAFhpIw=
Subject key identifier: 73:E7:11:B3:82:41:D4:34:27:D7:19:17:9E:54:35:24:B3:63:5D:58
Authority key identifier: DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
Certificate issuer: /CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Certificate serial: 019CAC473D437B0BD989FA8137724C87678F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft
Manifest number: 1153
Signing time: Mon 02 Mar 2026 02:01:15 +0000
Manifest this update: Mon 02 Mar 2026 02:01:15 +0000
Manifest next update: Tue 03 Mar 2026 02:01:15 +0000
Files and hashes: 1: 37H24AFTpJGGEbFLawP2gS7YikM.crl (hash: IaA3z7stpPAGOPSs221s66jtKeLQ6fCjwvTrnqaBCYs=)
2: s4MXyoEwG-08l7mCex8n1oZlKNg.roa (hash: TjcQrgRhczeAsupZUJPvwDW+irjRAPP5FOM3bVoCysg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft
rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:3d:43:7b:0b:d9:89:fa:81:37:72:4c:87:67:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Validity
Not Before: Mar 2 02:01:15 2026 GMT
Not After : Mar 3 02:01:15 2026 GMT
Subject: CN=73e711b38241d43427d719179e543524b3635d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b7:20:56:95:96:e8:de:3b:2d:5d:c4:69:7f:
56:55:29:9e:7f:3c:c5:bd:7e:ea:fc:25:d9:91:5d:
35:f2:83:7c:e4:5d:24:cb:da:c4:2e:b3:99:fd:0e:
76:e2:9d:2d:21:57:f0:37:40:d0:cc:68:ba:ac:b9:
7d:95:22:11:4a:db:b5:ae:72:5e:01:5d:48:3f:61:
bb:bb:10:f0:11:d5:69:41:f4:a1:dc:eb:eb:18:ab:
46:78:b6:3e:c2:a8:b1:3a:59:0d:62:79:9e:6e:1e:
a1:27:a0:0b:92:64:34:84:f3:8a:12:25:df:2c:54:
ff:f4:6e:72:4b:64:0b:37:de:ba:3d:e9:4d:07:86:
7b:24:d8:a2:69:f6:60:04:5c:51:b3:a7:fb:77:d5:
64:75:44:af:a6:30:54:54:94:6e:2b:a8:58:44:a8:
79:6b:69:60:dc:21:4b:f1:ae:73:e6:1a:34:7a:58:
95:d8:30:78:6b:a2:68:e8:51:d1:10:b8:fd:64:ce:
f8:7e:72:a6:15:1c:ba:2b:d3:76:de:19:60:6f:a1:
89:9e:c0:43:7a:13:f3:8e:9f:41:80:d4:86:f7:31:
f2:97:89:16:dd:16:a2:c3:7e:68:0e:05:6f:43:76:
f8:e2:c8:09:fa:ae:6b:5f:c4:df:67:ba:da:95:0d:
1e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E7:11:B3:82:41:D4:34:27:D7:19:17:9E:54:35:24:B3:63:5D:58
X509v3 Authority Key Identifier:
keyid:DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:2b:6f:13:ad:86:89:d1:d5:48:1d:11:21:f0:ee:97:a6:33:
d3:68:a7:10:92:e8:5c:8d:f1:14:9e:a0:b0:9e:33:9d:3c:8b:
55:7c:c0:bf:3e:3d:7f:d8:44:a6:58:42:90:4d:9f:ac:d0:7c:
f5:6c:bb:e7:f5:52:3f:c7:31:c5:22:a5:31:e9:e4:56:19:cb:
aa:75:90:4b:12:00:91:0c:f0:4c:75:6b:49:d4:5a:5b:cf:92:
ad:0c:59:b4:d3:91:d8:a9:49:46:79:a2:04:e1:e4:c1:87:f2:
97:7d:d9:48:b0:ed:48:44:cd:22:95:3e:36:34:82:fc:67:32:
48:3c:d1:27:1b:4b:ce:06:e2:0c:c8:af:1e:5d:28:96:4c:5c:
44:c4:c3:3d:b0:ed:4f:17:e0:4e:13:ac:28:64:a1:85:f3:c5:
87:86:14:6e:10:3f:5f:52:54:42:67:19:91:58:df:45:28:2f:
0b:93:25:58:29:58:34:57:27:0b:1a:78:18:df:42:cc:0e:09:
c4:70:07:2a:07:0e:cb:08:1d:a2:21:f8:75:6c:da:d6:a6:8e:
da:bf:85:35:2f:50:3c:7f:05:c1:ad:f2:97:c5:11:40:5a:08:
22:22:81:a3:5b:64:cc:50:17:ec:32:e0:74:73:8d:ed:ce:f9:
f0:fb:9a:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRz1DewvZifqBN3JMh2ePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjFmNmUwMDE1M2E0OTE4NjExYjE0YjZiMDNmNjgxMmVk
ODhhNDMwHhcNMjYwMzAyMDIwMTE1WhcNMjYwMzAzMDIwMTE1WjAzMTEwLwYDVQQD
Eyg3M2U3MTFiMzgyNDFkNDM0MjdkNzE5MTc5ZTU0MzUyNGIzNjM1ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7cgVpWW6N47LV3EaX9WVSmefzzF
vX7q/CXZkV018oN85F0ky9rELrOZ/Q524p0tIVfwN0DQzGi6rLl9lSIRStu1rnJe
AV1IP2G7uxDwEdVpQfSh3OvrGKtGeLY+wqixOlkNYnmebh6hJ6ALkmQ0hPOKEiXf
LFT/9G5yS2QLN966PelNB4Z7JNiiafZgBFxRs6f7d9VkdUSvpjBUVJRuK6hYRKh5
a2lg3CFL8a5z5ho0eliV2DB4a6Jo6FHRELj9ZM74fnKmFRy6K9N23hlgb6GJnsBD
ehPzjp9BgNSG9zHyl4kW3Raiw35oDgVvQ3b44sgJ+q5rX8TfZ7ralQ0efwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPnEbOCQdQ0J9cZF55UNSSzY11YMB8GA1UdIwQY
MBaAFN+x9uABU6SRhhGxS2sD9oEu2IpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEt
ODEwNjI3ZmIyNjcxLzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEtODEwNjI3ZmIyNjcx
LzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcStvE62G
idHVSB0RIfDul6Yz02inEJLoXI3xFJ6gsJ4znTyLVXzAvz49f9hEplhCkE2frNB8
9Wy75/VSP8cxxSKlMenkVhnLqnWQSxIAkQzwTHVrSdRaW8+SrQxZtNOR2KlJRnmi
BOHkwYfyl33ZSLDtSETNIpU+NjSC/GcySDzRJxtLzgbiDMivHl0olkxcRMTDPbDt
TxfgThOsKGShhfPFh4YUbhA/X1JUQmcZkVjfRSgvC5MlWClYNFcnCxp4GN9CzA4J
xHAHKgcOywgdoiH4dWza1qaO2r+FNS9QPH8Fwa3yl8URQFoIIiKBo1tkzFAX7DLg
dHON7c758Pua1w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:16:27 2026 by rpki-client