Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          Ii78T6aqH0hyn2lw71nNTxCpkRG5lJAdbAJ+rY4HkiI=
Subject key identifier:   DA:4A:1E:96:02:F6:01:0C:70:6D:0C:5A:F4:3A:F0:FF:90:FB:88:67
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019D62E1D77254534925B854C52F55DD26EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          1308
Signing time:             Mon 06 Apr 2026 13:01:01 +0000
Manifest this update:     Mon 06 Apr 2026 13:01:01 +0000
Manifest next update:     Tue 07 Apr 2026 13:01:01 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: 1svin3N0iGM9NMTTqtFLg8w4QthqmbNgca+aesYU6LI=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 Apr 2026 10:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:62:e1:d7:72:54:53:49:25:b8:54:c5:2f:55:dd:26:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Apr  6 13:01:01 2026 GMT
            Not After : Apr  7 13:01:01 2026 GMT
        Subject: CN=da4a1e9602f6010c706d0c5af43af0ff90fb8867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ec:7b:9a:8b:71:dd:4c:2b:04:73:2b:b9:eb:
                    2d:63:0b:36:ad:4f:dd:d5:8d:f5:46:83:9b:4c:23:
                    69:a6:b0:3b:9c:15:00:ae:24:1c:0f:7c:cd:5d:82:
                    95:50:10:52:05:d5:48:ef:b7:51:0a:70:51:3f:36:
                    2f:9b:d9:c1:d4:df:6e:c7:e1:fc:0f:41:ce:1c:53:
                    11:b9:39:f0:8d:5b:e8:7f:82:95:1e:a7:a8:07:52:
                    33:07:fa:eb:88:cc:ce:36:08:b9:ce:df:91:46:a3:
                    77:db:b1:f9:ca:9c:6d:03:20:fa:d9:07:55:30:e5:
                    f4:58:94:94:ee:c9:5a:a3:c7:83:30:88:af:21:73:
                    97:1e:e4:90:f8:fc:ef:c4:63:3d:4b:c1:96:b2:8c:
                    51:d4:56:c6:5e:11:eb:b8:0e:8b:7d:05:f1:af:e1:
                    b2:bf:c7:d2:56:67:70:7d:ef:a5:54:84:33:ee:43:
                    92:aa:64:83:b0:da:b2:a1:7c:ec:76:b7:a1:6f:2b:
                    7f:34:e5:a3:2c:23:7c:4e:26:ce:d1:0e:ee:f3:ad:
                    e1:84:0a:dd:01:93:6b:4e:ad:df:b5:ae:23:6d:df:
                    d3:0a:fa:26:99:0c:99:65:14:08:66:2a:9c:d3:89:
                    78:db:45:28:2d:fe:88:73:79:e4:c6:5c:eb:06:a5:
                    0a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:4A:1E:96:02:F6:01:0C:70:6D:0C:5A:F4:3A:F0:FF:90:FB:88:67
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:80:2c:5f:69:71:8b:03:7e:3b:5b:c1:2d:99:d3:d2:7e:69:
         8e:af:e5:b8:27:33:49:34:d2:46:f8:b9:45:eb:19:ce:70:21:
         77:48:fc:0d:54:8c:39:aa:ab:85:0b:a6:d6:e3:c3:8a:39:17:
         64:93:31:cc:a7:63:fa:b8:c9:6e:66:f7:d0:13:e2:75:7e:2d:
         ec:fb:f2:de:7e:b9:ce:36:be:ea:53:20:71:20:a4:be:f6:4d:
         8c:9c:12:af:b9:60:fc:0c:f4:38:7d:56:ce:e1:04:81:64:31:
         0e:7c:ed:55:8d:9d:29:1a:d4:4e:ab:b7:28:ee:b6:35:91:3a:
         cf:2d:58:cf:b5:d2:5f:fe:f7:5a:13:b5:42:ec:62:ab:a0:5d:
         8d:47:b4:1b:2a:2d:cd:74:9a:3e:03:5b:5b:2b:16:69:38:e2:
         c2:3c:73:05:57:40:40:9f:21:0c:1f:9d:56:6b:74:93:b5:51:
         ef:bb:e7:45:b3:30:99:7b:33:16:70:ec:4a:68:2d:25:11:b6:
         d1:b6:e7:cb:5d:1b:0b:f8:ce:7f:b6:bc:24:41:89:8f:db:93:
         20:85:b6:90:96:9c:50:20:47:1a:aa:0b:7e:a7:1c:67:30:0b:
         ff:29:b4:3b:a3:3e:28:ce:81:27:5a:9a:61:77:af:fa:3d:3a:
         f2:72:6f:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1i4ddyVFNJJbhUxS9V3SbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNDA2MTMwMTAxWhcNMjYwNDA3MTMwMTAxWjAzMTEwLwYDVQQD
EyhkYTRhMWU5NjAyZjYwMTBjNzA2ZDBjNWFmNDNhZjBmZjkwZmI4ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOx7motx3UwrBHMruestYws2rU/d
1Y31RoObTCNpprA7nBUAriQcD3zNXYKVUBBSBdVI77dRCnBRPzYvm9nB1N9ux+H8
D0HOHFMRuTnwjVvof4KVHqeoB1IzB/rriMzONgi5zt+RRqN327H5ypxtAyD62QdV
MOX0WJSU7slao8eDMIivIXOXHuSQ+PzvxGM9S8GWsoxR1FbGXhHruA6LfQXxr+Gy
v8fSVmdwfe+lVIQz7kOSqmSDsNqyoXzsdrehbyt/NOWjLCN8TibO0Q7u863hhArd
AZNrTq3fta4jbd/TCvommQyZZRQIZiqc04l420UoLf6Ic3nkxlzrBqUKowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpKHpYC9gEMcG0MWvQ68P+Q+4hnMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4AsX2lx
iwN+O1vBLZnT0n5pjq/luCczSTTSRvi5ResZznAhd0j8DVSMOaqrhQum1uPDijkX
ZJMxzKdj+rjJbmb30BPidX4t7Pvy3n65zja+6lMgcSCkvvZNjJwSr7lg/Az0OH1W
zuEEgWQxDnztVY2dKRrUTqu3KO62NZE6zy1Yz7XSX/73WhO1Quxiq6BdjUe0Gyot
zXSaPgNbWysWaTjiwjxzBVdAQJ8hDB+dVmt0k7VR77vnRbMwmXszFnDsSmgtJRG2
0bbny10bC/jOf7a8JEGJj9uTIIW2kJacUCBHGqoLfqccZzAL/ym0O6M+KM6BJ1qa
YXev+j068nJvCQ==
-----END CERTIFICATE-----