Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          7qifuB6OA3UU2WhYbhAq5464i7BTYzwKjb5wBVqqWrI=
Subject key identifier:   9F:30:5D:5A:5A:70:54:3D:88:F7:8A:D7:C1:4F:CE:28:9B:D1:B1:0C
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019F3182C62C0239CD32710F0F70D70486D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          13F9
Signing time:             Sun 05 Jul 2026 09:01:21 +0000
Manifest this update:     Sun 05 Jul 2026 09:01:21 +0000
Manifest next update:     Mon 06 Jul 2026 09:01:21 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          3: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          4: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          5: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          6: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          7: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          8: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          9: RTPP9X2zvoR_qL8VtqZr6WEHKzw.roa (hash: bz39/MS5H8r1qd18PCFQ3+2kRu1MJoP1Vd1Xyr//BW0=)
                          10: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          11: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          12: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          13: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          14: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: ZeHN0L85R12/GvRuJ4TbU+zlcDQxn78eNL6BATCWlz4=)
                          15: htqKUhJyQNt1qA3G44rlxCxq60M.roa (hash: id0wxN4WW72w7KuwB5zxXQt9wJQv2b/0iQarjkgrnuM=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 Jul 2026 07:10:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:31:82:c6:2c:02:39:cd:32:71:0f:0f:70:d7:04:86:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jul  5 09:01:21 2026 GMT
            Not After : Jul  6 09:01:21 2026 GMT
        Subject: CN=9f305d5a5a70543d88f78ad7c14fce289bd1b10c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:49:2e:b0:bf:f0:28:d2:69:2a:4c:c4:c8:b1:
                    55:f8:54:90:02:18:22:b7:b9:71:b1:68:53:03:a1:
                    38:be:ee:66:9d:9d:88:ed:35:b4:2a:69:73:d4:71:
                    84:01:3c:0d:ea:41:92:b1:00:8e:33:dc:1b:cc:07:
                    2e:63:36:0c:e1:fe:0d:a9:19:24:4d:2a:70:f6:f9:
                    5b:c6:a9:84:12:e1:30:48:15:0b:f9:da:79:12:8b:
                    38:20:39:dd:a9:d1:84:c3:56:53:c5:f1:cc:ca:4d:
                    f9:16:97:b5:1b:4f:ca:0b:76:56:74:19:ae:71:99:
                    98:9b:17:2c:ee:aa:5b:45:ec:b3:0e:05:a8:6a:6e:
                    ef:6d:70:45:33:f9:1f:de:6e:15:93:44:95:60:7b:
                    95:07:0d:78:f6:f2:54:34:8e:32:35:a2:07:4a:81:
                    d7:30:31:db:0a:f7:6c:aa:87:e6:86:6e:3d:c8:86:
                    71:a5:9c:32:81:6b:43:56:a2:2d:5e:b9:7f:19:16:
                    87:ff:a9:e3:85:c1:5c:05:14:97:84:09:a0:cf:a4:
                    2f:14:85:c6:29:42:00:b7:4c:2f:14:7a:c2:f9:af:
                    34:44:58:8b:e7:a7:e9:43:1b:8e:ce:3e:12:8d:b7:
                    74:81:ea:dc:71:0c:97:cf:0a:33:8f:ba:2e:27:49:
                    e1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:30:5D:5A:5A:70:54:3D:88:F7:8A:D7:C1:4F:CE:28:9B:D1:B1:0C
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:52:46:42:f9:b8:ba:bb:88:6f:81:51:9c:67:ff:a6:98:dd:
         f3:2d:91:76:15:f3:36:9a:5a:6b:d9:70:69:93:bc:c0:ae:7a:
         2e:25:cd:c2:27:b1:33:1c:b7:f9:61:2f:1a:50:6b:f4:53:87:
         59:60:71:8f:f6:a9:64:62:43:ad:51:f8:98:2f:0c:bf:c3:12:
         96:1d:84:64:b5:86:19:5a:9b:21:ed:e4:69:38:b2:cb:7d:56:
         69:e4:42:59:0b:a5:d8:74:e2:71:c5:73:e3:29:b0:de:f0:08:
         0f:62:a6:af:a9:16:1c:8e:11:24:02:1f:55:c3:52:09:62:9b:
         74:18:2e:9b:6c:dd:6c:c2:ef:28:d2:ec:2f:33:03:3a:ca:ff:
         d2:7b:c2:1b:da:45:0e:f3:b4:2e:e3:bd:ba:b7:4f:1b:d0:32:
         c6:11:49:4d:cc:f7:7a:27:0d:e8:b3:d2:bd:fc:28:42:1e:96:
         2b:38:5d:81:ee:db:ba:66:47:dd:54:a9:7d:bf:26:3e:b4:44:
         6f:3b:65:6c:23:3e:04:d4:44:dd:74:6b:f8:2d:6c:23:06:11:
         70:e9:7d:a5:83:dd:db:ad:5e:2e:21:98:ee:92:6e:49:c8:5a:
         7b:0b:06:25:a3:3d:63:1c:e3:f0:4c:c1:22:11:98:61:71:6a:
         21:03:9f:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8xgsYsAjnNMnEPD3DXBIbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNzA1MDkwMTIxWhcNMjYwNzA2MDkwMTIxWjAzMTEwLwYDVQQD
Eyg5ZjMwNWQ1YTVhNzA1NDNkODhmNzhhZDdjMTRmY2UyODliZDFiMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkkusL/wKNJpKkzEyLFV+FSQAhgi
t7lxsWhTA6E4vu5mnZ2I7TW0Kmlz1HGEATwN6kGSsQCOM9wbzAcuYzYM4f4NqRkk
TSpw9vlbxqmEEuEwSBUL+dp5Eos4IDndqdGEw1ZTxfHMyk35Fpe1G0/KC3ZWdBmu
cZmYmxcs7qpbReyzDgWoam7vbXBFM/kf3m4Vk0SVYHuVBw149vJUNI4yNaIHSoHX
MDHbCvdsqofmhm49yIZxpZwygWtDVqItXrl/GRaH/6njhcFcBRSXhAmgz6QvFIXG
KUIAt0wvFHrC+a80RFiL56fpQxuOzj4Sjbd0gerccQyXzwozj7ouJ0nh+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8wXVpacFQ9iPeK18FPziib0bEMMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOVJGQvm4
uruIb4FRnGf/ppjd8y2RdhXzNppaa9lwaZO8wK56LiXNwiexMxy3+WEvGlBr9FOH
WWBxj/apZGJDrVH4mC8Mv8MSlh2EZLWGGVqbIe3kaTiyy31WaeRCWQul2HTiccVz
4ymw3vAID2Kmr6kWHI4RJAIfVcNSCWKbdBgum2zdbMLvKNLsLzMDOsr/0nvCG9pF
DvO0LuO9urdPG9AyxhFJTcz3eicN6LPSvfwoQh6WKzhdge7bumZH3VSpfb8mPrRE
bztlbCM+BNRE3XRr+C1sIwYRcOl9pYPd261eLiGY7pJuSchaewsGJaM9Yxzj8EzB
IhGYYXFqIQOflw==
-----END CERTIFICATE-----
Generated at Sun Jul 5 10:56:22 2026 by rpki-client