Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          pwIy31XpyhXDZYLw+ytXD3VEqYH+SrfSJJYT2PvAk1M=
Subject key identifier:   D5:A2:D2:AC:6D:FF:E4:30:AA:69:12:50:48:A4:04:74:10:FD:2D:B3
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019C717BD32694087DAC843DBC0D1120B8D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          128B
Signing time:             Wed 18 Feb 2026 16:01:06 +0000
Manifest this update:     Wed 18 Feb 2026 16:01:06 +0000
Manifest next update:     Thu 19 Feb 2026 16:01:06 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: h2pVdoEWv471p2WXk2xnRwoqZjYZyD4RoDJ9uDEl7iE=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Feb 2026 15:25:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:71:7b:d3:26:94:08:7d:ac:84:3d:bc:0d:11:20:b8:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Feb 18 16:01:06 2026 GMT
            Not After : Feb 19 16:01:06 2026 GMT
        Subject: CN=d5a2d2ac6dffe430aa69125048a4047410fd2db3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e2:f5:26:d8:a3:3e:ac:58:30:e8:ee:03:12:
                    93:38:a6:21:12:64:b8:59:97:58:16:5a:8b:bd:d4:
                    f8:35:84:9e:73:15:1a:0f:c8:db:37:0f:bc:c7:39:
                    76:ed:74:20:f2:89:24:d7:5d:fc:c3:0c:06:28:a9:
                    85:af:1f:0a:78:12:ea:8f:12:e3:c2:5d:d1:c5:ab:
                    2b:9b:6a:13:de:e0:c7:52:78:a1:4f:f0:ed:ae:f6:
                    6c:56:4f:ec:1b:2b:bc:fc:7a:f6:80:0f:6b:f8:4c:
                    a8:f7:be:18:c8:5d:a7:af:56:4d:c1:c2:da:43:28:
                    f2:b0:9b:2e:88:45:cb:b8:97:b9:96:c2:75:de:22:
                    1b:83:de:90:df:e4:3d:01:51:2f:92:fe:35:6d:fc:
                    71:ab:fd:30:f0:f9:45:e8:0a:65:f6:18:d6:f0:8e:
                    16:31:8f:79:c3:08:5a:f8:61:d0:45:1c:18:6f:5f:
                    c9:bb:1f:bd:43:87:9b:ec:de:17:97:49:18:e6:56:
                    2f:e3:85:22:64:71:f7:4a:b5:bf:87:9a:2c:48:9b:
                    87:b8:13:a8:6e:cd:63:cf:00:23:d6:37:40:3e:17:
                    88:66:5d:b3:cf:cc:9e:8f:26:1e:26:fb:a4:aa:91:
                    7e:a1:73:3a:02:32:1d:f3:2a:38:b6:77:ca:0d:86:
                    b3:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:A2:D2:AC:6D:FF:E4:30:AA:69:12:50:48:A4:04:74:10:FD:2D:B3
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:23:7a:c4:fe:49:4f:bf:52:10:3b:a1:1a:33:4f:68:82:de:
         0e:af:37:48:94:ac:b1:6a:40:24:14:11:38:43:b1:c3:c3:35:
         84:e1:bc:17:6a:09:0e:85:d6:be:bf:49:49:34:8f:9f:8a:59:
         30:69:58:93:4f:78:a2:a3:38:c9:db:80:dd:56:ac:4c:82:f4:
         e6:c4:41:78:9f:97:49:bc:39:2d:15:e5:6d:69:ff:7e:47:ad:
         72:36:c1:20:fd:6c:eb:00:f8:ed:9a:90:4b:8b:40:81:aa:30:
         98:0d:c6:2c:b8:d7:aa:63:1d:bf:ee:2b:dc:a6:4c:e9:df:1b:
         15:fa:78:0f:66:3d:43:3b:73:47:66:91:c0:73:1d:3a:cb:8d:
         4d:5a:ee:60:59:ba:f4:09:87:3f:b2:d5:1e:e5:f0:6c:2f:ed:
         9d:9c:e3:f9:49:c1:75:db:37:52:8d:f5:e0:fc:af:26:b8:e5:
         f2:84:48:ff:77:33:f4:5c:00:e9:a5:fd:e2:f9:a4:93:19:2e:
         de:28:25:31:3c:f8:92:2e:b2:59:e8:c2:cb:c2:d0:35:fc:93:
         71:34:6e:4f:e4:6e:16:db:95:de:99:43:e2:83:5a:a1:49:be:
         74:cf:3d:94:0a:ce:d8:bf:08:4b:44:e4:7d:3a:ef:45:34:da:
         4e:24:45:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZxxe9MmlAh9rIQ9vA0RILjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMjE4MTYwMTA2WhcNMjYwMjE5MTYwMTA2WjAzMTEwLwYDVQQD
EyhkNWEyZDJhYzZkZmZlNDMwYWE2OTEyNTA0OGE0MDQ3NDEwZmQyZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueL1JtijPqxYMOjuAxKTOKYhEmS4
WZdYFlqLvdT4NYSecxUaD8jbNw+8xzl27XQg8okk1138wwwGKKmFrx8KeBLqjxLj
wl3Rxasrm2oT3uDHUnihT/DtrvZsVk/sGyu8/Hr2gA9r+Eyo974YyF2nr1ZNwcLa
QyjysJsuiEXLuJe5lsJ13iIbg96Q3+Q9AVEvkv41bfxxq/0w8PlF6Apl9hjW8I4W
MY95wwha+GHQRRwYb1/Jux+9Q4eb7N4Xl0kY5lYv44UiZHH3SrW/h5osSJuHuBOo
bs1jzwAj1jdAPheIZl2zz8yejyYeJvukqpF+oXM6AjId8yo4tnfKDYaznwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWi0qxt/+QwqmkSUEikBHQQ/S2zMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArSN6xP5J
T79SEDuhGjNPaILeDq83SJSssWpAJBQROEOxw8M1hOG8F2oJDoXWvr9JSTSPn4pZ
MGlYk094oqM4yduA3VasTIL05sRBeJ+XSbw5LRXlbWn/fketcjbBIP1s6wD47ZqQ
S4tAgaowmA3GLLjXqmMdv+4r3KZM6d8bFfp4D2Y9QztzR2aRwHMdOsuNTVruYFm6
9AmHP7LVHuXwbC/tnZzj+UnBdds3Uo314PyvJrjl8oRI/3cz9FwA6aX94vmkkxku
3iglMTz4ki6yWejCy8LQNfyTcTRuT+RuFtuV3plD4oNaoUm+dM89lArO2L8IS0Tk
fTrvRTTaTiRF7g==
-----END CERTIFICATE-----