Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          sK7BsUys3TglfHyJ4Res90kq5HYcszD+926anbBK1mY=
Subject key identifier:   09:CB:6B:31:C7:49:F8:FB:1B:0D:F3:CD:0C:BF:89:6A:34:E3:B2:21
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019ED6BE6E48CB7FA894DCD0FC3706FE7BB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          13CA
Signing time:             Wed 17 Jun 2026 18:01:04 +0000
Manifest this update:     Wed 17 Jun 2026 18:01:04 +0000
Manifest next update:     Thu 18 Jun 2026 18:01:04 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          3: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          4: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          5: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          6: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          7: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          8: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          9: RTPP9X2zvoR_qL8VtqZr6WEHKzw.roa (hash: bz39/MS5H8r1qd18PCFQ3+2kRu1MJoP1Vd1Xyr//BW0=)
                          10: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          11: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          12: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          13: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          14: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: ccrlzIOsLyixtTPw/mTPfcROGXhMKBnCZFWiP6F1lnE=)
                          15: htqKUhJyQNt1qA3G44rlxCxq60M.roa (hash: id0wxN4WW72w7KuwB5zxXQt9wJQv2b/0iQarjkgrnuM=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Jun 2026 17:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:d6:be:6e:48:cb:7f:a8:94:dc:d0:fc:37:06:fe:7b:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun 17 18:01:04 2026 GMT
            Not After : Jun 18 18:01:04 2026 GMT
        Subject: CN=09cb6b31c749f8fb1b0df3cd0cbf896a34e3b221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ec:92:cb:64:43:33:1a:f7:4b:f6:b8:5b:7b:
                    1e:e9:ec:fb:e7:49:d2:34:f7:8c:4c:33:d3:94:4c:
                    09:e1:1a:05:8c:d5:a0:61:db:dd:ab:47:2d:9a:b6:
                    af:c6:96:e3:df:ca:52:44:84:2c:91:f3:a5:95:d2:
                    bf:2b:28:f7:d6:a9:bd:5e:b6:23:b2:50:0b:8b:a6:
                    68:23:a7:60:96:f5:78:3b:8e:d9:5d:3f:f9:ca:ea:
                    5f:5b:c4:21:5d:e3:9c:c5:3e:2c:5e:43:a0:25:83:
                    76:4c:c8:08:6c:6d:15:a6:b0:36:63:4f:91:4a:07:
                    fe:ba:df:c3:fa:47:d0:40:f2:4c:e1:6b:39:8b:39:
                    35:54:e8:08:e5:3c:cc:25:af:1b:f2:82:80:7d:ca:
                    52:08:f1:63:2b:0b:f4:00:e3:e3:ae:f9:1d:c7:ee:
                    df:1e:50:1a:53:c4:61:59:9d:b2:4b:07:c6:29:33:
                    8d:44:c5:a5:a7:9f:6a:50:65:41:dd:c8:89:55:62:
                    e5:15:69:26:68:5c:0b:17:a1:02:70:85:ec:07:83:
                    2c:43:b0:e0:30:7e:41:20:db:f6:79:6e:18:01:13:
                    92:f0:69:40:8e:f6:db:4c:b2:c8:b9:ce:21:e2:f5:
                    39:ca:59:1f:47:51:f9:eb:97:ef:37:df:75:44:9e:
                    d7:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:CB:6B:31:C7:49:F8:FB:1B:0D:F3:CD:0C:BF:89:6A:34:E3:B2:21
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:49:02:ed:ba:99:6a:32:68:46:c6:c0:b4:3b:81:50:ed:5c:
         79:2c:c7:a9:29:ca:28:f2:22:3d:ee:93:8c:2b:d3:1d:82:5b:
         dc:87:72:cb:ed:bc:3a:93:7c:42:7f:9b:4e:34:39:50:d2:b1:
         7b:f9:0a:06:b4:3f:bd:94:70:55:3b:41:50:7b:0c:c1:b8:8e:
         5a:8a:b5:0c:86:cb:36:46:0e:5d:c8:ac:a8:76:36:98:85:e7:
         31:63:62:17:9c:33:97:42:3b:e6:c3:30:f5:da:13:4e:04:2f:
         b5:af:9f:a6:ac:05:8c:ed:dd:9c:e0:42:c9:82:30:79:72:66:
         38:85:5d:62:8b:d8:8e:86:3e:48:06:9a:c5:53:94:29:62:fd:
         56:66:4e:54:e8:a2:db:50:b3:12:4b:b6:cf:d1:db:e9:16:f3:
         ca:af:78:e1:40:8c:6f:86:2d:62:a2:19:d9:32:a8:8e:99:19:
         34:7e:df:c7:6d:2a:88:82:a4:b8:2f:11:61:e2:78:d1:16:18:
         e3:5c:27:bf:66:c6:fa:a9:e9:66:9a:31:31:bf:d8:c0:68:29:
         d1:2f:e2:3e:63:3d:02:d5:73:b8:07:02:8f:50:df:36:fb:4b:
         34:87:e8:00:bc:57:7f:1c:5a:f4:83:ed:5d:8b:4e:3c:fa:16:
         80:e5:87:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7Wvm5Iy3+olNzQ/DcG/nuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNjE3MTgwMTA0WhcNMjYwNjE4MTgwMTA0WjAzMTEwLwYDVQQD
EygwOWNiNmIzMWM3NDlmOGZiMWIwZGYzY2QwY2JmODk2YTM0ZTNiMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOySy2RDMxr3S/a4W3se6ez750nS
NPeMTDPTlEwJ4RoFjNWgYdvdq0ctmravxpbj38pSRIQskfOlldK/Kyj31qm9XrYj
slALi6ZoI6dglvV4O47ZXT/5yupfW8QhXeOcxT4sXkOgJYN2TMgIbG0VprA2Y0+R
Sgf+ut/D+kfQQPJM4Ws5izk1VOgI5TzMJa8b8oKAfcpSCPFjKwv0AOPjrvkdx+7f
HlAaU8RhWZ2ySwfGKTONRMWlp59qUGVB3ciJVWLlFWkmaFwLF6ECcIXsB4MsQ7Dg
MH5BINv2eW4YAROS8GlAjvbbTLLIuc4h4vU5ylkfR1H565fvN991RJ7XnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAnLazHHSfj7Gw3zzQy/iWo047IhMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIEkC7bqZ
ajJoRsbAtDuBUO1ceSzHqSnKKPIiPe6TjCvTHYJb3Idyy+28OpN8Qn+bTjQ5UNKx
e/kKBrQ/vZRwVTtBUHsMwbiOWoq1DIbLNkYOXcisqHY2mIXnMWNiF5wzl0I75sMw
9doTTgQvta+fpqwFjO3dnOBCyYIweXJmOIVdYovYjoY+SAaaxVOUKWL9VmZOVOii
21CzEku2z9Hb6Rbzyq944UCMb4YtYqIZ2TKojpkZNH7fx20qiIKkuC8RYeJ40RYY
41wnv2bG+qnpZpoxMb/YwGgp0S/iPmM9AtVzuAcCj1DfNvtLNIfoALxXfxxa9IPt
XYtOPPoWgOWH1g==
-----END CERTIFICATE-----