Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          SQPSdxkfS8vx0yzpVN91+Ny0CV/98C5OhCv4UZm/va4=
Subject key identifier:   04:C5:8B:61:14:E1:2D:4A:B6:04:21:A1:3B:29:B7:85:DE:2F:05:D9
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       0197D28591508FB0C21A5D3119F01191B0BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          1025
Signing time:             Thu 03 Jul 2025 23:00:58 +0000
Manifest this update:     Thu 03 Jul 2025 23:00:58 +0000
Manifest next update:     Fri 04 Jul 2025 23:00:58 +0000
Files and hashes:         1: 0RQ-WrGaW_a3SUMuIWvBi3re8Us.roa (hash: Vm0Yp0DBpXgsUlIoix2wYlP8daTTxgpllg8xunuDANo=)
                          2: 2c-138nK4yanjA_nFYFgRI3qkq8.roa (hash: eVkYs1Oz0s5AD5JOgKA2ZQfEyufJILyJFXY8+OH1Q4o=)
                          3: 3KNmMvvNnWz-gbQdS7pSD6NeSj8.roa (hash: 19Nj6yvWJYRr/APzHhAxi9EkGzAdWa0wPSZ7epiybNI=)
                          4: AWu3FimnriCBdHwo3g5MMDT1qE4.roa (hash: mO4hJXcIgDGlzI8xRSm/HtygAZ7WHc+oV+0VaCAIGc0=)
                          5: Giz24KLfpQkd7xs-DD95CPsPmOY.roa (hash: KQH/GuWZf651hnMRpwoGbmUFOnlVdGar78D6Hk0TRqM=)
                          6: Ls5gcPMX-M4WgeGybLOeWexgrwI.roa (hash: ddCFP8hel+nThr/Av/RaZ8w2aK3ehVlzvIwAydR9dmQ=)
                          7: N6KXHzVWixEktWPnU9eEkzBiRXA.roa (hash: ZeBA7mXHpgozatB0IZbSJ9v+AumsoGr7uGRE7BfY82k=)
                          8: WisrqhFtyIb2JbL0GIaBAVHWLTE.roa (hash: Y/GRGegzBf5aloGYHapUwpHTKh2vmOFKcBbghRvqMYw=)
                          9: dGrI4BE8oPWh3DjqR5EL1omnmFE.roa (hash: fh9dXwWPLeOX+9MGqs4zz/wpDF+snGcI3Q6bKbn3R34=)
                          10: fgKPPdW8bX1X6qK_GJWLhKliu3w.roa (hash: KwDL7D8DQXv/HgQm93E74+FZwYXZspxr0ZPQdGjc5BA=)
                          11: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: 8yBmfijyQRqrKA6q3FPT2JHRgIIpmWX1wPnbplu+W8g=)
                          12: jWe_TvIhj5dH5Ux2vCS3uvPznoc.roa (hash: NDB0B6hhi9OkQwxq6X1dXNT80uauDo2rv8POlRS3xgc=)
                          13: lVD1-s3z_VEryG-EOJaasXYliY0.roa (hash: h8oMIjXYTJbKfdwIFG8fjlG+UgURPlIi2HuuI8oOKSE=)
                          14: lwed3ihcQQrFsvv8k908fUPl3CM.roa (hash: Ug53jrAOg0K9fodJftRbAh41xK8TfAJeCOUBqHsGwb8=)
                          15: o7aaJIA1Lgq0zCdQCsOjEWzmMK0.roa (hash: WUPkYWF0I4A0srltNNQaHCMFjlD7ESqkAZxhm9FU4mI=)
                          16: q90aS9463wXYf4Sgoia8t4bKeN8.roa (hash: hvm9v4WmHwSkZ/edm7ru3afucj0r+/esuU2s4VhpOe8=)
                          17: qj6JzLV6yUCof1sB2xKr6dnriHk.roa (hash: OwtdnJIJzWn+DFiZhfavSFxynDXz7xR6fT1mm0Xe21w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 17:39:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d2:85:91:50:8f:b0:c2:1a:5d:31:19:f0:11:91:b0:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jul  3 23:00:58 2025 GMT
            Not After : Jul  4 23:00:58 2025 GMT
        Subject: CN=04c58b6114e12d4ab60421a13b29b785de2f05d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:6e:64:eb:56:eb:c7:a9:85:0f:43:34:16:26:
                    13:15:ee:bc:a3:95:c5:1c:dd:00:64:66:f1:f2:5d:
                    e1:a4:de:c0:d2:97:f6:84:1a:91:b0:67:51:67:50:
                    f7:a6:8d:04:0c:12:64:a1:27:52:da:2c:67:36:55:
                    01:54:ee:07:f8:28:a3:65:98:fd:5d:20:97:10:7c:
                    bb:72:3c:10:3c:c4:0b:1d:8a:f2:7e:10:f5:6d:9d:
                    aa:e1:ee:4a:26:82:36:59:66:30:bf:a9:ad:88:53:
                    2f:3d:96:18:18:45:a9:d6:f8:6a:86:ef:74:d4:3c:
                    ad:ad:43:65:cf:84:37:e9:df:a9:72:46:63:7a:ac:
                    06:f5:8b:11:92:1a:4e:ae:a2:7e:c3:bf:06:79:39:
                    d9:54:09:58:37:7a:9c:89:e8:a5:57:19:85:72:27:
                    98:28:d8:d9:bd:fb:49:ef:79:9c:e2:65:26:24:89:
                    b4:46:41:d4:c7:20:a0:2b:af:38:ea:10:00:65:c6:
                    85:05:9c:39:fa:49:e7:ac:eb:c5:b7:f4:04:ce:2b:
                    7b:aa:99:e0:20:f9:25:5a:3b:b3:2d:b6:55:48:2b:
                    cb:82:79:22:9b:d1:c6:59:62:e7:a2:e5:7e:04:8e:
                    63:0f:e4:60:0b:ee:f6:37:29:86:25:6f:86:aa:5d:
                    d5:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:C5:8B:61:14:E1:2D:4A:B6:04:21:A1:3B:29:B7:85:DE:2F:05:D9
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:9e:92:80:29:a7:c9:ab:2f:0c:49:fb:4b:2e:12:f4:ac:c2:
         3c:96:6f:96:10:fe:43:0d:a4:67:95:a4:e7:77:79:94:9a:43:
         b2:f3:e9:48:6d:8d:83:95:4b:70:82:c0:63:19:e6:0d:78:fc:
         19:2d:58:18:36:e0:de:35:24:76:b9:4f:6d:ff:b9:06:cf:08:
         f9:18:8d:9f:c0:4d:ec:49:df:75:a1:ed:c3:f8:f4:6c:49:88:
         e5:1a:3e:d8:1a:3c:62:43:a1:93:d3:d3:88:dd:b4:76:a6:12:
         5a:e0:8f:db:d5:86:6b:08:a6:72:97:b2:69:12:7a:8a:04:2f:
         2f:b9:58:09:ce:f7:d9:fb:17:fb:86:e9:78:cd:3b:90:7d:4c:
         47:6f:34:b1:1a:2e:0b:8b:52:43:e5:cb:0c:57:54:e2:10:87:
         b2:33:cc:f2:f6:4d:38:39:1b:46:3c:fe:68:d7:94:0c:1a:87:
         7c:e6:75:2b:1d:2f:c8:81:96:a7:df:65:00:79:e4:76:60:52:
         0c:5a:eb:25:6d:a8:d4:03:50:e0:6c:fe:42:c3:e8:cf:5f:29:
         4e:3d:d5:3c:e7:3e:79:40:d4:ae:6d:7c:a5:4e:82:00:3e:ac:
         8f:9c:82:66:af:13:1c:56:92:7f:d3:df:0a:ea:e2:79:7d:45:
         33:88:ec:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfShZFQj7DCGl0xGfARkbC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjUwNzAzMjMwMDU4WhcNMjUwNzA0MjMwMDU4WjAzMTEwLwYDVQQD
EygwNGM1OGI2MTE0ZTEyZDRhYjYwNDIxYTEzYjI5Yjc4NWRlMmYwNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW5k61brx6mFD0M0FiYTFe68o5XF
HN0AZGbx8l3hpN7A0pf2hBqRsGdRZ1D3po0EDBJkoSdS2ixnNlUBVO4H+CijZZj9
XSCXEHy7cjwQPMQLHYryfhD1bZ2q4e5KJoI2WWYwv6mtiFMvPZYYGEWp1vhqhu90
1DytrUNlz4Q36d+pckZjeqwG9YsRkhpOrqJ+w78GeTnZVAlYN3qcieilVxmFcieY
KNjZvftJ73mc4mUmJIm0RkHUxyCgK6846hAAZcaFBZw5+knnrOvFt/QEzit7qpng
IPklWjuzLbZVSCvLgnkim9HGWWLnouV+BI5jD+RgC+72NymGJW+Gql3V1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATFi2EU4S1KtgQhoTspt4XeLwXZMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiZ6SgCmn
yasvDEn7Sy4S9KzCPJZvlhD+Qw2kZ5Wk53d5lJpDsvPpSG2Ng5VLcILAYxnmDXj8
GS1YGDbg3jUkdrlPbf+5Bs8I+RiNn8BN7EnfdaHtw/j0bEmI5Ro+2Bo8YkOhk9PT
iN20dqYSWuCP29WGawimcpeyaRJ6igQvL7lYCc732fsX+4bpeM07kH1MR280sRou
C4tSQ+XLDFdU4hCHsjPM8vZNODkbRjz+aNeUDBqHfOZ1Kx0vyIGWp99lAHnkdmBS
DFrrJW2o1ANQ4Gz+QsPoz18pTj3VPOc+eUDUrm18pU6CAD6sj5yCZq8THFaSf9Pf
CurieX1FM4jsWQ==
-----END CERTIFICATE-----
Generated at Fri Jul 4 01:40:19 2025 by rpki-client