Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          wdzcqOH1ydkQglhHZUnFpzlyH3LzUySaEy7odWy36EM=
Subject key identifier:   3E:00:A8:52:56:D3:8A:40:43:A8:7C:D7:D4:04:0C:3B:03:72:29:4F
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019EC74BA706FF08DE246D28F1D010632B11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          13C2
Signing time:             Sun 14 Jun 2026 18:01:24 +0000
Manifest this update:     Sun 14 Jun 2026 18:01:24 +0000
Manifest next update:     Mon 15 Jun 2026 18:01:24 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          3: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          4: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          5: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          6: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          7: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          8: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          9: RTPP9X2zvoR_qL8VtqZr6WEHKzw.roa (hash: bz39/MS5H8r1qd18PCFQ3+2kRu1MJoP1Vd1Xyr//BW0=)
                          10: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          11: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          12: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          13: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          14: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: euSnJ/CabFoi4/Nw63nNtRGiwE4TRJN69DhRF40112w=)
                          15: htqKUhJyQNt1qA3G44rlxCxq60M.roa (hash: id0wxN4WW72w7KuwB5zxXQt9wJQv2b/0iQarjkgrnuM=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 15 Jun 2026 13:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c7:4b:a7:06:ff:08:de:24:6d:28:f1:d0:10:63:2b:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun 14 18:01:24 2026 GMT
            Not After : Jun 15 18:01:24 2026 GMT
        Subject: CN=3e00a85256d38a4043a87cd7d4040c3b0372294f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:42:67:30:60:37:89:48:9c:bb:45:d8:78:df:
                    e0:d1:54:d7:f8:09:00:7c:76:07:09:45:66:56:8c:
                    a8:18:88:8b:b8:76:7b:79:20:8d:5c:17:6c:28:c3:
                    df:fc:a4:c7:06:95:10:d7:88:a2:cd:8b:91:e1:0e:
                    98:28:7d:65:a6:0b:96:3a:cf:b0:45:21:f1:2e:89:
                    b6:7f:ab:63:18:a9:57:ca:0e:3a:4c:10:f7:ec:ce:
                    c2:72:35:f8:1c:fb:03:20:c1:09:d3:a6:3b:83:f1:
                    46:42:58:c1:6b:a6:3d:8d:a9:31:65:3d:b1:df:94:
                    5e:46:bf:a3:14:e9:97:c2:e9:96:d7:62:ea:53:8d:
                    f2:ca:15:02:5f:ce:81:1f:cc:87:69:05:1e:ec:96:
                    a3:bb:75:a6:82:a5:9e:40:d3:22:68:19:7f:8c:ef:
                    db:1a:cd:9a:3f:46:ca:86:46:05:cc:2b:34:71:3f:
                    3b:f9:21:2b:83:a6:38:c8:4c:96:d7:00:7d:17:d2:
                    be:7d:6d:99:9e:9d:d3:53:42:25:2d:14:d8:05:94:
                    d7:ba:a2:b7:e9:0d:a2:fd:c4:48:0b:1f:85:80:75:
                    63:2b:0c:b9:93:f1:70:1d:6b:db:56:ee:f7:0b:cf:
                    28:6e:dc:c7:38:3c:8a:e2:ee:e9:c5:f2:7a:de:27:
                    6c:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:00:A8:52:56:D3:8A:40:43:A8:7C:D7:D4:04:0C:3B:03:72:29:4F
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:4d:44:90:32:72:44:50:55:08:d0:59:f3:1b:53:4e:42:b2:
         c2:39:72:59:f1:25:5c:bf:8b:31:68:f6:d1:4c:ff:ab:94:0b:
         ab:6e:aa:26:7a:a5:5f:1d:a3:3a:f8:9b:da:69:be:da:66:98:
         43:b1:73:87:cf:2b:b5:88:f6:8d:6a:1c:2e:af:c6:85:d0:3b:
         50:54:2f:5f:10:8c:94:b3:2d:56:70:24:13:51:57:41:9c:6e:
         52:72:6f:f5:1c:88:3f:7c:0c:ad:0d:f6:36:3e:27:d8:fc:14:
         40:b0:90:a7:eb:b7:4e:2a:10:e4:ef:03:49:23:75:c1:71:01:
         56:9a:b2:2e:65:2f:64:17:1b:be:bd:24:a4:6e:23:9e:21:b6:
         e7:a0:0e:93:d5:ee:02:2f:71:b4:0c:35:04:be:0d:4b:1f:f6:
         df:94:de:1f:4c:0d:10:48:b5:14:33:b0:b0:6f:7a:97:23:60:
         c7:ab:17:c2:dc:07:4a:ac:97:aa:63:a7:cb:cd:c9:96:79:a7:
         52:7e:f7:f2:65:38:ba:66:e4:94:6d:7b:c2:d9:18:85:6b:f5:
         bf:af:73:91:ef:c9:1e:ec:b7:4e:a3:71:84:35:96:8c:d7:1c:
         5b:cd:f7:83:da:7a:e6:2f:52:13:78:f3:32:80:f8:1f:03:87:
         43:ad:12:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7HS6cG/wjeJG0o8dAQYysRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNjE0MTgwMTI0WhcNMjYwNjE1MTgwMTI0WjAzMTEwLwYDVQQD
EygzZTAwYTg1MjU2ZDM4YTQwNDNhODdjZDdkNDA0MGMzYjAzNzIyOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkJnMGA3iUicu0XYeN/g0VTX+AkA
fHYHCUVmVoyoGIiLuHZ7eSCNXBdsKMPf/KTHBpUQ14iizYuR4Q6YKH1lpguWOs+w
RSHxLom2f6tjGKlXyg46TBD37M7CcjX4HPsDIMEJ06Y7g/FGQljBa6Y9jakxZT2x
35ReRr+jFOmXwumW12LqU43yyhUCX86BH8yHaQUe7Jaju3WmgqWeQNMiaBl/jO/b
Gs2aP0bKhkYFzCs0cT87+SErg6Y4yEyW1wB9F9K+fW2Znp3TU0IlLRTYBZTXuqK3
6Q2i/cRICx+FgHVjKwy5k/FwHWvbVu73C88obtzHODyK4u7pxfJ63ids2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4AqFJW04pAQ6h819QEDDsDcilPMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARU1EkDJy
RFBVCNBZ8xtTTkKywjlyWfElXL+LMWj20Uz/q5QLq26qJnqlXx2jOvib2mm+2maY
Q7Fzh88rtYj2jWocLq/GhdA7UFQvXxCMlLMtVnAkE1FXQZxuUnJv9RyIP3wMrQ32
Nj4n2PwUQLCQp+u3TioQ5O8DSSN1wXEBVpqyLmUvZBcbvr0kpG4jniG256AOk9Xu
Ai9xtAw1BL4NSx/235TeH0wNEEi1FDOwsG96lyNgx6sXwtwHSqyXqmOny83Jlnmn
Un738mU4umbklG17wtkYhWv1v69zke/JHuy3TqNxhDWWjNccW833g9p65i9SE3jz
MoD4HwOHQ60S9A==
-----END CERTIFICATE-----
Generated at Sun Jun 14 22:17:25 2026 by rpki-client