Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          EkwgeH4J73V4Y32lYHV3hsvuay6CrxeVWWop8a1v7eQ=
Subject key identifier:   A1:D5:CE:B5:0E:2F:4A:41:DA:1E:68:AB:C5:7F:4F:7F:8C:76:ED:AA
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019D30ABB26089A3F3970454181014B6B597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          12EE
Signing time:             Fri 27 Mar 2026 19:00:51 +0000
Manifest this update:     Fri 27 Mar 2026 19:00:51 +0000
Manifest next update:     Sat 28 Mar 2026 19:00:51 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: xNEsCERxJ7FsoN0azxyZdJwK0Umlamwm0ES/18uEPeE=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Mar 2026 15:47:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:30:ab:b2:60:89:a3:f3:97:04:54:18:10:14:b6:b5:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Mar 27 19:00:51 2026 GMT
            Not After : Mar 28 19:00:51 2026 GMT
        Subject: CN=a1d5ceb50e2f4a41da1e68abc57f4f7f8c76edaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:69:ad:57:ad:74:b8:11:84:5f:2e:54:c0:95:
                    a5:f7:79:00:aa:84:fc:9c:e2:06:2d:8e:13:03:f6:
                    79:7b:9a:d6:24:1a:e5:5e:45:3e:15:c1:72:f3:72:
                    2f:c7:ac:66:73:c6:67:4f:bf:eb:ff:7d:69:a4:1d:
                    d6:d9:f8:95:1d:fa:86:28:7f:01:64:bf:74:e2:cd:
                    2d:d1:7e:28:c6:ab:1a:b3:02:4f:1e:f4:01:5f:d7:
                    d2:6c:59:ec:c0:2a:33:38:fd:28:5d:be:68:83:54:
                    58:7e:f0:fd:eb:2a:1a:36:f9:6c:c5:06:49:b3:17:
                    c3:d3:b0:0e:03:46:18:1c:b2:ab:eb:e5:cf:36:1f:
                    ed:ad:e6:f7:34:44:48:bf:8a:b6:a2:e7:d0:7b:3f:
                    e2:be:1e:52:c2:7f:aa:4f:47:48:0b:b0:40:cf:eb:
                    eb:37:9b:5c:7c:6b:13:74:d0:c7:1f:92:e2:a6:29:
                    fb:a1:d1:ee:81:b9:00:d4:c8:11:76:e9:77:22:ae:
                    6c:3c:f5:4e:16:bf:d8:19:02:21:bc:85:91:09:7c:
                    1f:b4:4f:b8:96:2c:84:89:a2:1e:19:e8:43:c7:2c:
                    4e:c2:a8:45:d4:3e:ef:90:d4:2b:8b:01:f7:8e:fd:
                    a7:f1:95:0a:c6:1c:27:50:37:c3:9e:6c:8b:04:bf:
                    23:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:D5:CE:B5:0E:2F:4A:41:DA:1E:68:AB:C5:7F:4F:7F:8C:76:ED:AA
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:de:f6:b5:66:69:ea:35:56:fc:df:bc:11:5b:a3:b5:63:64:
         25:bb:67:a6:c5:53:13:71:06:16:60:e1:78:24:80:32:29:80:
         66:3c:10:28:1d:00:d0:6e:63:23:1f:98:3b:13:80:32:03:df:
         73:57:40:3d:e4:ea:d0:dc:30:37:4b:52:c1:a6:7e:e8:d5:e8:
         29:e5:af:21:97:b8:13:17:e6:5e:a6:b8:44:5a:c6:88:a2:5e:
         4b:4d:34:4f:00:f2:56:ab:ce:da:b0:ae:31:8f:90:5e:07:9e:
         28:7a:d2:8d:4e:ee:00:24:70:1f:06:fb:97:35:5b:eb:cb:92:
         2d:c7:5a:d7:77:26:5b:cc:40:22:31:e6:77:23:0f:74:5c:7e:
         8a:41:24:a4:95:4d:bc:c8:ec:2d:73:bf:bd:25:aa:d3:95:93:
         a2:bd:6b:52:1a:73:01:c8:34:ef:e2:42:26:8d:f4:2d:5d:d7:
         e9:70:e3:b8:b6:af:cc:b0:e4:5b:bb:ae:92:49:ba:cd:95:28:
         05:1a:6e:4f:b9:36:4a:b0:e9:34:76:f3:5b:e1:5d:37:a8:a8:
         5c:2e:f0:e9:cf:15:fe:4d:8a:22:1b:5b:28:88:fc:52:46:93:
         8e:9e:b2:71:4d:e5:65:0a:26:98:dc:5a:f3:03:3a:d7:02:a8:
         b1:f0:26:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0wq7JgiaPzlwRUGBAUtrWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzI3MTkwMDUxWhcNMjYwMzI4MTkwMDUxWjAzMTEwLwYDVQQD
EyhhMWQ1Y2ViNTBlMmY0YTQxZGExZTY4YWJjNTdmNGY3ZjhjNzZlZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWmtV610uBGEXy5UwJWl93kAqoT8
nOIGLY4TA/Z5e5rWJBrlXkU+FcFy83Ivx6xmc8ZnT7/r/31ppB3W2fiVHfqGKH8B
ZL904s0t0X4oxqsaswJPHvQBX9fSbFnswCozOP0oXb5og1RYfvD96yoaNvlsxQZJ
sxfD07AOA0YYHLKr6+XPNh/treb3NERIv4q2oufQez/ivh5Swn+qT0dIC7BAz+vr
N5tcfGsTdNDHH5Lipin7odHugbkA1MgRdul3Iq5sPPVOFr/YGQIhvIWRCXwftE+4
liyEiaIeGehDxyxOwqhF1D7vkNQriwH3jv2n8ZUKxhwnUDfDnmyLBL8joQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHVzrUOL0pB2h5oq8V/T3+Mdu2qMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAat72tWZp
6jVW/N+8EVujtWNkJbtnpsVTE3EGFmDheCSAMimAZjwQKB0A0G5jIx+YOxOAMgPf
c1dAPeTq0NwwN0tSwaZ+6NXoKeWvIZe4ExfmXqa4RFrGiKJeS000TwDyVqvO2rCu
MY+QXgeeKHrSjU7uACRwHwb7lzVb68uSLcda13cmW8xAIjHmdyMPdFx+ikEkpJVN
vMjsLXO/vSWq05WTor1rUhpzAcg07+JCJo30LV3X6XDjuLavzLDkW7uukkm6zZUo
BRpuT7k2SrDpNHbzW+FdN6ioXC7w6c8V/k2KIhtbKIj8UkaTjp6ycU3lZQommNxa
8wM61wKosfAmww==
-----END CERTIFICATE-----