Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          jHX27iSkRk8w+Jk4VShkwe8sbYwDWjpLnSKCDAh4EiA=
Subject key identifier:   F5:36:27:E9:D9:2E:EA:95:3D:57:93:51:18:37:89:6F:46:5C:1A:66
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019CDBB3023D5EA2953C52653EEDEC055050
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          12C2
Signing time:             Wed 11 Mar 2026 07:01:07 +0000
Manifest this update:     Wed 11 Mar 2026 07:01:07 +0000
Manifest next update:     Thu 12 Mar 2026 07:01:07 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: 1ZvFip+jnXdadSAVzHeo9kDoYVJAJxoSIlOUD4sWx+Q=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Mar 2026 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:db:b3:02:3d:5e:a2:95:3c:52:65:3e:ed:ec:05:50:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Mar 11 07:01:07 2026 GMT
            Not After : Mar 12 07:01:07 2026 GMT
        Subject: CN=f53627e9d92eea953d5793511837896f465c1a66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:2d:2c:93:85:d4:72:07:d4:93:93:9c:c0:a5:
                    28:7d:42:f9:de:5e:97:bc:59:e6:3a:6b:9a:ed:73:
                    73:db:4e:a7:a3:5f:8b:60:03:e6:6f:ef:bc:88:f8:
                    56:9b:64:97:16:bf:02:7a:30:c7:6d:6a:04:41:a9:
                    65:43:1e:ef:84:4a:c1:f3:ec:03:22:50:7a:fa:a3:
                    ec:bf:b3:66:95:ef:5e:7b:08:fc:a7:bd:c8:0d:a3:
                    98:cf:a7:25:db:3c:c3:57:8d:c6:2b:f0:d7:d3:41:
                    c7:c9:ff:79:3f:e1:b7:1a:12:15:40:79:e3:c5:f7:
                    7c:db:ee:7a:25:d0:69:d5:d1:90:32:00:0b:46:19:
                    ba:11:a2:f0:1a:d5:1a:05:c5:98:bd:5e:9f:f0:ee:
                    64:5e:16:1f:09:da:ca:4f:4e:3d:1b:47:ed:91:df:
                    dd:a8:06:a7:f0:62:9f:0e:dc:5f:40:fb:7a:2b:d1:
                    c2:60:dc:a2:9a:e1:f6:2d:ae:91:20:13:15:f4:e9:
                    8b:dd:73:7b:fa:a1:34:8e:2f:79:c1:e8:29:00:db:
                    f8:40:8e:c0:c7:b8:49:a1:92:11:db:64:0d:97:d4:
                    3f:86:a9:fc:92:ce:77:1f:57:49:f7:ba:28:58:60:
                    b5:f7:ed:47:cc:f9:66:08:a9:b5:7f:4a:cc:90:7b:
                    2b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:36:27:E9:D9:2E:EA:95:3D:57:93:51:18:37:89:6F:46:5C:1A:66
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:8a:a0:17:8a:b5:ed:27:d1:df:95:61:31:86:5f:ab:df:eb:
         08:0e:a1:59:8a:60:f8:7a:3d:73:c8:a6:7d:3b:4f:f5:ad:64:
         79:7b:cf:ad:a5:e3:14:fd:b0:d9:f8:fd:6f:7a:3a:aa:fa:18:
         5c:d0:cb:54:2a:86:b6:23:d0:4d:b3:86:76:52:17:42:24:2f:
         ad:91:6b:33:94:9b:a2:43:ae:dc:ac:a6:4e:a9:90:df:b9:2f:
         0c:2e:3e:4c:e7:32:e6:e5:3b:72:4b:a1:70:1d:5e:f3:5b:e3:
         c5:cd:b3:b7:91:6d:9f:c0:ab:70:02:45:8b:93:e1:e5:06:b2:
         bb:d8:10:71:17:36:d4:ac:00:10:05:c5:4f:7b:8c:ef:97:49:
         8c:d1:10:36:60:27:57:53:45:20:2c:bf:62:0d:9e:0e:63:13:
         54:ae:31:a4:f3:66:30:ee:af:42:03:d7:53:40:25:7c:94:21:
         4a:e7:d0:72:87:3d:73:50:95:e8:e4:cc:7c:bb:31:d7:77:26:
         39:c7:50:42:d6:87:d8:02:f5:9e:59:b5:04:af:2c:04:bb:51:
         0a:e1:1a:17:e4:b8:b5:26:b9:00:dc:db:76:0f:8f:64:48:fb:
         b5:81:d9:f4:85:a8:fc:37:fd:5c:aa:49:eb:d2:68:ce:91:a9:
         72:70:ab:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzbswI9XqKVPFJlPu3sBVBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzExMDcwMTA3WhcNMjYwMzEyMDcwMTA3WjAzMTEwLwYDVQQD
EyhmNTM2MjdlOWQ5MmVlYTk1M2Q1NzkzNTExODM3ODk2ZjQ2NWMxYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky0sk4XUcgfUk5OcwKUofUL53l6X
vFnmOmua7XNz206no1+LYAPmb++8iPhWm2SXFr8CejDHbWoEQallQx7vhErB8+wD
IlB6+qPsv7Nmle9eewj8p73IDaOYz6cl2zzDV43GK/DX00HHyf95P+G3GhIVQHnj
xfd82+56JdBp1dGQMgALRhm6EaLwGtUaBcWYvV6f8O5kXhYfCdrKT049G0ftkd/d
qAan8GKfDtxfQPt6K9HCYNyimuH2La6RIBMV9OmL3XN7+qE0ji95wegpANv4QI7A
x7hJoZIR22QNl9Q/hqn8ks53H1dJ97ooWGC19+1HzPlmCKm1f0rMkHsrTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPU2J+nZLuqVPVeTURg3iW9GXBpmMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARYqgF4q1
7SfR35VhMYZfq9/rCA6hWYpg+Ho9c8imfTtP9a1keXvPraXjFP2w2fj9b3o6qvoY
XNDLVCqGtiPQTbOGdlIXQiQvrZFrM5SbokOu3KymTqmQ37kvDC4+TOcy5uU7ckuh
cB1e81vjxc2zt5Ftn8CrcAJFi5Ph5Qayu9gQcRc21KwAEAXFT3uM75dJjNEQNmAn
V1NFICy/Yg2eDmMTVK4xpPNmMO6vQgPXU0AlfJQhSufQcoc9c1CV6OTMfLsx13cm
OcdQQtaH2AL1nlm1BK8sBLtRCuEaF+S4tSa5ANzbdg+PZEj7tYHZ9IWo/Df9XKpJ
69JozpGpcnCrOw==
-----END CERTIFICATE-----