
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File: gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier: CMz0mzRlAc0/2qrOnmgIZA0TkSstrSHJbVAJ06VpG7I=
Subject key identifier: DE:57:F8:D8:0B:D3:A2:1C:51:0A:95:63:A1:DC:FA:5B:A8:A6:BB:B8
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 019D3C42F7069356C9114BA81BCC1FB525BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number: 12F4
Signing time: Mon 30 Mar 2026 01:01:54 +0000
Manifest this update: Mon 30 Mar 2026 01:01:54 +0000
Manifest next update: Tue 31 Mar 2026 01:01:54 +0000
Files and hashes: 1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: LMioz0L0vPzDbcXmUytE/dgfWkgk9Kt8VWbb5c/dwfY=)
16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3c:42:f7:06:93:56:c9:11:4b:a8:1b:cc:1f:b5:25:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Mar 30 01:01:54 2026 GMT
Not After : Mar 31 01:01:54 2026 GMT
Subject: CN=de57f8d80bd3a21c510a9563a1dcfa5ba8a6bbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1b:0d:40:c0:b7:08:f1:d5:a9:7d:95:84:8f:
35:81:d7:9e:35:a7:00:33:af:a5:6a:2b:44:00:17:
61:32:36:67:b8:86:93:8d:45:b0:88:9f:05:b3:ef:
ab:cb:c8:f5:ca:f0:e7:20:da:c8:c8:1c:15:5e:63:
31:a4:85:f1:8e:46:52:7a:e8:3c:4a:c4:1c:b0:10:
06:64:11:21:29:53:e5:c0:31:90:f2:bd:92:b2:80:
2b:75:75:2c:8f:9e:6e:93:5e:e3:57:ba:25:28:39:
6f:9e:02:a1:67:a3:af:c1:59:c8:30:36:c7:32:85:
11:33:7e:a9:9f:10:f3:0b:2c:b9:b8:88:12:16:21:
6a:2f:f3:d8:42:0d:fb:09:5b:ed:a0:23:a1:49:66:
9a:91:62:ac:9f:50:5c:e1:bd:d8:d4:8d:f9:c1:f1:
62:07:8e:12:9c:07:a5:2a:70:32:6e:21:90:a9:21:
57:12:74:91:7e:59:98:e0:eb:fa:a5:e5:1c:58:dc:
23:14:2d:11:05:0a:71:01:c0:e9:a6:da:d3:de:ee:
5f:da:4d:1f:8b:2f:98:6f:34:50:e3:e1:58:52:15:
f3:e7:11:3a:6b:89:a3:ed:b4:c6:ed:21:d1:f0:06:
48:fd:b4:ef:d9:ab:33:73:d3:3b:cb:d6:ff:49:c3:
8e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:57:F8:D8:0B:D3:A2:1C:51:0A:95:63:A1:DC:FA:5B:A8:A6:BB:B8
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:41:27:93:e4:57:8a:6e:f6:fa:f7:58:5c:44:4f:dc:de:d7:
87:39:34:08:72:dc:81:84:fe:a2:de:9b:49:0a:f6:e3:14:34:
84:54:33:01:35:00:5e:8c:ba:23:aa:5f:19:8b:ce:fb:de:94:
7e:2c:d8:dc:c8:74:86:cc:4d:f5:3f:5f:c7:c2:92:5d:d2:b3:
65:fc:2e:36:f8:25:d6:46:14:9d:03:0b:6f:7b:fe:80:bd:0a:
d3:e5:68:a1:f4:a5:fc:3d:8f:01:eb:33:bd:6a:57:bd:db:0c:
f4:67:1d:7e:ea:ac:73:5d:a5:33:03:ae:f5:03:b0:a7:3d:5e:
a1:97:9c:0f:18:1a:cb:e0:a8:85:0f:01:4f:35:a9:f0:f1:04:
b7:89:36:d8:39:0c:c6:5f:4b:26:31:d5:b6:bd:6c:cb:61:5e:
80:89:02:a8:ae:96:fa:e4:98:70:dc:ef:00:a0:43:8b:95:c2:
f1:bf:99:03:b5:77:0d:dd:d9:7a:ff:89:eb:0d:c1:9f:df:bd:
9b:8a:80:a7:8d:c0:bd:b0:df:b4:d4:a7:b7:d8:9f:cb:ed:00:
4a:cf:94:91:80:b7:24:96:e7:e0:90:01:58:75:67:3d:a4:38:
e0:a4:85:f1:7f:ab:a0:3e:75:6a:2c:4a:cd:ee:75:0c:9e:e1:
3d:62:d2:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ08QvcGk1bJEUuoG8wftSW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzMwMDEwMTU0WhcNMjYwMzMxMDEwMTU0WjAzMTEwLwYDVQQD
EyhkZTU3ZjhkODBiZDNhMjFjNTEwYTk1NjNhMWRjZmE1YmE4YTZiYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphsNQMC3CPHVqX2VhI81gdeeNacA
M6+laitEABdhMjZnuIaTjUWwiJ8Fs++ry8j1yvDnINrIyBwVXmMxpIXxjkZSeug8
SsQcsBAGZBEhKVPlwDGQ8r2SsoArdXUsj55uk17jV7olKDlvngKhZ6OvwVnIMDbH
MoURM36pnxDzCyy5uIgSFiFqL/PYQg37CVvtoCOhSWaakWKsn1Bc4b3Y1I35wfFi
B44SnAelKnAybiGQqSFXEnSRflmY4Ov6peUcWNwjFC0RBQpxAcDpptrT3u5f2k0f
iy+YbzRQ4+FYUhXz5xE6a4mj7bTG7SHR8AZI/bTv2aszc9M7y9b/ScOO2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5X+NgL06IcUQqVY6Hc+luopru4MB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkEnk+RX
im72+vdYXERP3N7Xhzk0CHLcgYT+ot6bSQr24xQ0hFQzATUAXoy6I6pfGYvO+96U
fizY3Mh0hsxN9T9fx8KSXdKzZfwuNvgl1kYUnQMLb3v+gL0K0+VoofSl/D2PAesz
vWpXvdsM9Gcdfuqsc12lMwOu9QOwpz1eoZecDxgay+CohQ8BTzWp8PEEt4k22DkM
xl9LJjHVtr1sy2FegIkCqK6W+uSYcNzvAKBDi5XC8b+ZA7V3Dd3Zev+J6w3Bn9+9
m4qAp43AvbDftNSnt9ify+0ASs+UkYC3JJbn4JABWHVnPaQ44KSF8X+roD51aixK
ze51DJ7hPWLSGg==
-----END CERTIFICATE-----
Generated at Mon Mar 30 09:28:09 2026 by rpki-client