Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          hw4TrXbtUXL8BSCDVrPQX380Xstk7XNPdJ0g8UmcF1E=
Subject key identifier:   26:20:29:81:CE:B7:D1:79:77:A0:6B:A9:F9:00:C4:C7:0C:DD:43:C0
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019CEF036DE482A5C913C3EA5751EC7A6FC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          12CC
Signing time:             Sun 15 Mar 2026 01:01:45 +0000
Manifest this update:     Sun 15 Mar 2026 01:01:45 +0000
Manifest next update:     Mon 16 Mar 2026 01:01:45 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: 884vADWVWPnrcqMg+3727YYVuxRFzms4bzwJEwenIKo=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Mar 2026 01:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ef:03:6d:e4:82:a5:c9:13:c3:ea:57:51:ec:7a:6f:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Mar 15 01:01:45 2026 GMT
            Not After : Mar 16 01:01:45 2026 GMT
        Subject: CN=26202981ceb7d17977a06ba9f900c4c70cdd43c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:b8:cd:03:f9:9f:6c:ce:c7:27:c2:e6:9c:4e:
                    6b:94:d2:b6:96:ea:cc:bb:ad:60:70:e2:ed:d0:27:
                    ce:2c:6f:99:e5:51:f0:f9:3e:f5:f1:cc:53:04:f9:
                    eb:9b:e6:9a:56:19:a3:d9:5b:3f:28:b9:1c:de:05:
                    a2:42:8f:c6:05:e1:42:31:e9:d0:f1:6b:8b:f4:fc:
                    da:90:01:0c:57:68:dc:fb:33:a7:a3:2f:18:be:10:
                    e2:d8:bc:be:08:f3:19:89:58:93:ea:be:68:8a:b3:
                    61:0b:cf:15:d7:08:70:19:32:31:b5:4e:04:70:22:
                    10:61:84:9a:3e:7d:1b:75:79:a9:1b:02:31:1f:c3:
                    2d:a0:bc:78:21:5b:09:d7:e8:09:d5:cc:85:15:7d:
                    3e:74:73:d9:0d:f8:27:eb:bb:db:b8:77:84:d4:40:
                    71:2e:15:75:0f:bf:ba:74:c0:bf:93:1c:a3:e6:8d:
                    10:ce:39:a1:48:48:c6:d1:07:57:d5:10:13:65:dd:
                    95:dc:8c:2a:7c:fa:c3:4d:c6:e3:75:65:72:4b:d2:
                    54:16:34:a2:cc:e4:13:11:b0:68:b7:c7:0a:a8:2f:
                    42:dc:f0:b0:35:bd:95:6d:ea:4f:8f:6c:57:88:f8:
                    66:ac:73:6d:6e:dc:b2:45:c7:32:78:6c:be:30:c3:
                    5b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:20:29:81:CE:B7:D1:79:77:A0:6B:A9:F9:00:C4:C7:0C:DD:43:C0
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:9e:0d:55:79:0a:7f:7b:05:69:e5:db:f0:48:b1:60:37:9e:
         cb:f4:a2:ec:74:44:ce:90:03:e4:65:93:9f:6e:c0:98:d6:8d:
         d2:83:cd:48:0c:be:6a:50:6e:71:e5:43:10:4b:b1:66:4a:76:
         1a:c3:09:ff:e1:3b:73:cc:6b:df:f4:7a:2a:f5:42:a6:dc:57:
         b9:60:ab:cd:91:eb:76:ba:a0:2d:ab:e3:d8:49:31:89:1b:9d:
         90:4f:40:0f:1a:ea:92:32:5a:e6:b1:15:ae:6a:58:10:02:a6:
         3e:0e:a6:57:95:1b:38:2b:b9:10:7d:a0:3d:bc:54:66:b6:69:
         75:d5:af:c6:e7:2b:51:29:15:80:34:51:76:1d:d6:ea:65:31:
         bf:3c:b9:49:ff:1b:33:ba:c1:f8:f4:21:81:b1:3c:63:2e:52:
         d4:af:45:18:23:84:b0:0b:e9:b2:b5:33:81:37:1b:48:46:a5:
         e8:9b:cb:bd:bc:59:c3:41:14:34:71:84:b5:67:5e:3e:83:d8:
         46:26:4c:ac:89:12:e9:c7:43:2c:d7:0e:54:9b:62:8d:11:ba:
         2d:db:a6:21:f7:80:13:a4:cc:f0:36:b2:f8:49:97:ad:99:e4:
         e0:24:33:c7:fd:0d:2f:1e:81:95:ed:b9:18:31:b0:33:c7:01:
         95:83:56:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzvA23kgqXJE8PqV1Hsem/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzE1MDEwMTQ1WhcNMjYwMzE2MDEwMTQ1WjAzMTEwLwYDVQQD
EygyNjIwMjk4MWNlYjdkMTc5NzdhMDZiYTlmOTAwYzRjNzBjZGQ0M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LjNA/mfbM7HJ8LmnE5rlNK2lurM
u61gcOLt0CfOLG+Z5VHw+T718cxTBPnrm+aaVhmj2Vs/KLkc3gWiQo/GBeFCMenQ
8WuL9PzakAEMV2jc+zOnoy8YvhDi2Ly+CPMZiViT6r5oirNhC88V1whwGTIxtU4E
cCIQYYSaPn0bdXmpGwIxH8MtoLx4IVsJ1+gJ1cyFFX0+dHPZDfgn67vbuHeE1EBx
LhV1D7+6dMC/kxyj5o0QzjmhSEjG0QdX1RATZd2V3IwqfPrDTcbjdWVyS9JUFjSi
zOQTEbBot8cKqC9C3PCwNb2VbepPj2xXiPhmrHNtbtyyRccyeGy+MMNbywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYgKYHOt9F5d6BrqfkAxMcM3UPAMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlp4NVXkK
f3sFaeXb8EixYDeey/Si7HREzpAD5GWTn27AmNaN0oPNSAy+alBuceVDEEuxZkp2
GsMJ/+E7c8xr3/R6KvVCptxXuWCrzZHrdrqgLavj2EkxiRudkE9ADxrqkjJa5rEV
rmpYEAKmPg6mV5UbOCu5EH2gPbxUZrZpddWvxucrUSkVgDRRdh3W6mUxvzy5Sf8b
M7rB+PQhgbE8Yy5S1K9FGCOEsAvpsrUzgTcbSEal6JvLvbxZw0EUNHGEtWdePoPY
RiZMrIkS6cdDLNcOVJtijRG6LdumIfeAE6TM8Day+EmXrZnk4CQzx/0NLx6Ble25
GDGwM8cBlYNWaw==
-----END CERTIFICATE-----