Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          jT87Ce2E5KgnFUXM60JyF4urPUqVgkoRJM6VrzU5Wwo=
Subject key identifier:   0C:14:4B:7B:9E:A5:F6:96:D1:DA:05:EF:AD:25:83:74:23:CF:E8:43
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019D13B487ED416F89C33C7A060765486E63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          12DF
Signing time:             Sun 22 Mar 2026 04:01:31 +0000
Manifest this update:     Sun 22 Mar 2026 04:01:31 +0000
Manifest next update:     Mon 23 Mar 2026 04:01:31 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: MbPFUErUVS/HOZRadGFqsyaH3IgCOzvVQQlwRSEd6AI=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 23 Mar 2026 04:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:13:b4:87:ed:41:6f:89:c3:3c:7a:06:07:65:48:6e:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Mar 22 04:01:31 2026 GMT
            Not After : Mar 23 04:01:31 2026 GMT
        Subject: CN=0c144b7b9ea5f696d1da05efad25837423cfe843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:2e:84:40:e8:11:6b:99:77:3e:5f:9a:17:99:
                    94:d8:03:6b:8e:80:7b:c8:7b:b5:95:9f:6e:73:cf:
                    de:b2:34:56:8b:5e:c2:13:fc:f5:b0:a4:26:ce:13:
                    dd:34:c4:d9:e2:3d:11:79:e7:8c:48:79:00:7a:73:
                    49:74:17:9d:94:c0:1d:b1:37:e5:49:94:28:10:73:
                    d4:41:50:5b:cf:87:ab:a9:d6:92:94:15:66:24:9d:
                    20:db:bb:eb:44:95:e3:fd:33:12:bb:72:02:ed:cc:
                    6e:fa:a7:9c:02:f4:93:d7:b1:7e:8d:3b:8c:91:4a:
                    79:59:dc:56:94:36:7b:51:af:b4:84:c2:7c:0b:e5:
                    48:62:a7:3b:78:6c:1a:a5:fb:e5:a1:1f:fe:f7:e8:
                    1b:48:3f:51:8c:ed:f7:a3:55:1b:77:13:56:84:f5:
                    e9:29:56:d8:02:ca:ac:50:01:c7:74:1b:86:55:03:
                    13:30:a3:80:75:1e:1c:33:26:d5:2f:28:46:89:b3:
                    50:3c:a3:a2:df:95:fb:99:68:dc:97:29:d3:f8:8f:
                    71:67:e1:68:18:fe:67:5b:26:4c:91:23:5a:73:e2:
                    a7:1c:ab:97:da:08:98:de:89:c8:d2:d7:b3:8b:6c:
                    0e:d8:8b:c0:14:eb:4b:36:73:a8:8d:a8:56:a9:8c:
                    7f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:14:4B:7B:9E:A5:F6:96:D1:DA:05:EF:AD:25:83:74:23:CF:E8:43
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:07:a5:21:d1:35:19:6a:17:d5:71:37:7a:17:c3:4c:d4:e6:
         5b:8b:ef:58:7b:51:0f:e7:4f:66:6b:e3:a2:cc:bd:21:af:0c:
         52:84:70:25:10:00:6a:01:29:08:73:44:9c:c0:44:4e:5c:68:
         1f:0f:2a:49:95:46:cf:9d:a7:ba:8f:7f:53:90:f6:b4:6d:62:
         04:af:56:63:3b:1d:a2:bd:e8:56:12:d6:f5:59:88:b0:83:7f:
         32:34:46:42:ce:fe:c3:e2:02:78:7c:d4:35:a3:71:eb:22:68:
         97:fb:b0:60:90:31:41:8a:0b:f9:b6:25:56:88:04:3d:92:fb:
         c7:dd:b6:49:cc:74:0a:ce:b4:fe:b1:7b:68:b0:c0:e4:b1:39:
         6f:e1:43:29:a0:35:ba:a2:fc:54:f9:c5:1b:d1:6f:78:10:fe:
         72:f2:27:27:79:45:c4:b8:e1:24:ef:80:5e:fd:8a:0a:d0:a3:
         3f:71:7e:3a:6e:34:92:e3:e5:db:5b:da:e9:09:8d:0b:5f:d0:
         41:cf:7b:1a:6a:0c:90:4e:49:c9:bb:31:60:3c:a6:ab:4f:6f:
         bb:f0:19:d0:0a:2b:de:b1:51:d7:a4:52:8c:dc:ec:a7:1f:b5:
         27:a8:51:ed:eb:36:a4:98:de:63:9c:ca:5c:ed:3b:96:6e:a4:
         41:9c:d9:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0TtIftQW+Jwzx6BgdlSG5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzIyMDQwMTMxWhcNMjYwMzIzMDQwMTMxWjAzMTEwLwYDVQQD
EygwYzE0NGI3YjllYTVmNjk2ZDFkYTA1ZWZhZDI1ODM3NDIzY2ZlODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1y6EQOgRa5l3Pl+aF5mU2ANrjoB7
yHu1lZ9uc8/esjRWi17CE/z1sKQmzhPdNMTZ4j0ReeeMSHkAenNJdBedlMAdsTfl
SZQoEHPUQVBbz4erqdaSlBVmJJ0g27vrRJXj/TMSu3IC7cxu+qecAvST17F+jTuM
kUp5WdxWlDZ7Ua+0hMJ8C+VIYqc7eGwapfvloR/+9+gbSD9RjO33o1UbdxNWhPXp
KVbYAsqsUAHHdBuGVQMTMKOAdR4cMybVLyhGibNQPKOi35X7mWjclynT+I9xZ+Fo
GP5nWyZMkSNac+KnHKuX2giY3onI0tezi2wO2IvAFOtLNnOojahWqYx/mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwUS3uepfaW0doF760lg3Qjz+hDMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVAelIdE1
GWoX1XE3ehfDTNTmW4vvWHtRD+dPZmvjosy9Ia8MUoRwJRAAagEpCHNEnMBETlxo
Hw8qSZVGz52nuo9/U5D2tG1iBK9WYzsdor3oVhLW9VmIsIN/MjRGQs7+w+ICeHzU
NaNx6yJol/uwYJAxQYoL+bYlVogEPZL7x922Scx0Cs60/rF7aLDA5LE5b+FDKaA1
uqL8VPnFG9FveBD+cvInJ3lFxLjhJO+AXv2KCtCjP3F+Om40kuPl21va6QmNC1/Q
Qc97GmoMkE5JybsxYDymq09vu/AZ0Aor3rFR16RSjNzspx+1J6hR7es2pJjeY5zK
XO07lm6kQZzZ1w==
-----END CERTIFICATE-----