Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          vSeVk8MiiESTKqv01E2+4Km2hJg8ivEcjgY3cq8W45g=
Subject key identifier:   35:B8:7E:57:CC:CB:1C:CC:07:4A:C1:E0:61:19:0D:AD:F8:81:07:E7
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019D8F4D00CE42E7C440A3E548FFF1BCD80C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          131F
Signing time:             Wed 15 Apr 2026 04:01:21 +0000
Manifest this update:     Wed 15 Apr 2026 04:01:21 +0000
Manifest next update:     Thu 16 Apr 2026 04:01:21 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: rXG2AbgGejkwh5D1F+Gd0f70JRnvFswI8GIAz0d+rdE=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 15 Apr 2026 22:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:8f:4d:00:ce:42:e7:c4:40:a3:e5:48:ff:f1:bc:d8:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Apr 15 04:01:21 2026 GMT
            Not After : Apr 16 04:01:21 2026 GMT
        Subject: CN=35b87e57cccb1ccc074ac1e061190dadf88107e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:04:50:33:33:67:f7:e4:ec:fa:b8:f1:9d:bd:
                    58:0f:f7:b4:96:5f:82:fe:af:1c:d2:10:55:58:4f:
                    5b:f4:ad:00:37:c0:e3:ab:83:8f:24:da:34:2c:44:
                    81:ad:b3:0e:70:c4:11:d9:80:7b:a8:b3:e5:74:5e:
                    39:5b:ce:83:9e:41:84:62:1e:8e:41:b4:6e:9f:31:
                    13:50:18:1d:56:0b:cd:2f:31:7b:27:72:86:37:b8:
                    5f:d9:07:73:6c:f6:ac:09:cd:4a:0f:e1:86:3b:ca:
                    c7:b3:79:8e:a7:93:c6:14:c8:ab:cf:76:5d:f0:a7:
                    58:e5:9b:67:74:9f:be:6e:a8:ba:8d:27:65:f7:40:
                    ea:13:ae:c5:47:6a:19:06:24:55:f3:79:fa:96:c5:
                    21:d5:74:68:6b:f0:43:f6:21:66:79:1b:1b:c9:8d:
                    ed:a6:d9:d5:34:b0:12:48:ea:aa:24:b9:c1:3d:0e:
                    54:f9:d4:1b:d7:b4:c6:c9:88:f8:d0:20:75:92:5d:
                    71:32:93:a3:76:63:8c:e0:cf:7d:5b:46:a1:f9:06:
                    e0:81:0e:e4:50:c1:09:b9:13:9a:3a:fe:c1:de:4c:
                    45:7f:0a:aa:7b:7a:79:4f:13:86:7a:01:6d:68:06:
                    ca:4e:ce:38:d6:39:b8:c6:0c:61:76:24:67:98:ab:
                    99:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:B8:7E:57:CC:CB:1C:CC:07:4A:C1:E0:61:19:0D:AD:F8:81:07:E7
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:cf:8a:75:f0:44:42:37:b4:e4:9b:38:84:27:78:e5:4e:cf:
         d5:0f:fc:ba:58:84:ef:f5:b1:49:f0:28:30:e5:cd:4b:f8:1c:
         cf:72:fa:bc:20:5c:9c:71:6f:c1:ce:16:cd:ee:70:73:d6:a2:
         54:87:d6:1c:ac:3a:fc:f1:26:1d:29:72:15:82:3e:d9:d5:f0:
         59:2a:6e:53:ce:bb:1e:44:55:de:b0:b4:1f:07:eb:c8:c2:63:
         d0:f7:ad:0e:b4:f9:1a:eb:21:a0:5e:e9:09:0d:f6:a6:b6:78:
         2b:6a:bc:59:b2:6e:03:53:d9:83:c6:3c:c5:64:e3:97:44:d7:
         83:fc:ff:2f:92:75:2e:9d:27:36:cb:15:01:b1:a8:98:ab:46:
         45:de:ef:f6:db:93:10:80:12:f5:f9:90:c8:00:b9:a5:59:51:
         a1:da:fa:bd:2f:f3:de:64:0a:53:06:7e:1f:90:62:a1:4e:b7:
         39:d5:59:99:eb:fe:a1:ef:28:80:50:4f:d5:a4:77:78:d5:b3:
         0f:88:3b:de:ac:4c:7e:64:05:71:d9:da:cb:65:6d:e0:54:3e:
         03:af:81:52:cc:f2:d0:c8:d4:fd:76:f5:d4:2d:e8:69:30:de:
         bd:af:9b:24:5d:25:82:b6:d6:89:b6:88:63:9c:a4:da:c3:64:
         54:bc:66:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2PTQDOQufEQKPlSP/xvNgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNDE1MDQwMTIxWhcNMjYwNDE2MDQwMTIxWjAzMTEwLwYDVQQD
EygzNWI4N2U1N2NjY2IxY2NjMDc0YWMxZTA2MTE5MGRhZGY4ODEwN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgRQMzNn9+Ts+rjxnb1YD/e0ll+C
/q8c0hBVWE9b9K0AN8Djq4OPJNo0LESBrbMOcMQR2YB7qLPldF45W86DnkGEYh6O
QbRunzETUBgdVgvNLzF7J3KGN7hf2QdzbPasCc1KD+GGO8rHs3mOp5PGFMirz3Zd
8KdY5ZtndJ++bqi6jSdl90DqE67FR2oZBiRV83n6lsUh1XRoa/BD9iFmeRsbyY3t
ptnVNLASSOqqJLnBPQ5U+dQb17TGyYj40CB1kl1xMpOjdmOM4M99W0ah+QbggQ7k
UMEJuROaOv7B3kxFfwqqe3p5TxOGegFtaAbKTs441jm4xgxhdiRnmKuZSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDW4flfMyxzMB0rB4GEZDa34gQfnMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8+KdfBE
Qje05Js4hCd45U7P1Q/8uliE7/WxSfAoMOXNS/gcz3L6vCBcnHFvwc4Wze5wc9ai
VIfWHKw6/PEmHSlyFYI+2dXwWSpuU867HkRV3rC0HwfryMJj0PetDrT5GushoF7p
CQ32prZ4K2q8WbJuA1PZg8Y8xWTjl0TXg/z/L5J1Lp0nNssVAbGomKtGRd7v9tuT
EIAS9fmQyAC5pVlRodr6vS/z3mQKUwZ+H5BioU63OdVZmev+oe8ogFBP1aR3eNWz
D4g73qxMfmQFcdnay2Vt4FQ+A6+BUszy0MjU/Xb11C3oaTDeva+bJF0lgrbWibaI
Y5yk2sNkVLxmTg==
-----END CERTIFICATE-----