Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          ywVcAVD5p5JSMAaAtCpi9xhT0qbw9FfUgd5V1K4yOP8=
Subject key identifier:   6E:1D:81:1B:D6:AF:A5:9B:38:DD:02:54:73:72:9D:4B:DF:F0:E8:97
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019E85A1BB5035DDED5A78D2A288CC6C58EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          13A0
Signing time:             Tue 02 Jun 2026 00:00:29 +0000
Manifest this update:     Tue 02 Jun 2026 00:00:29 +0000
Manifest next update:     Wed 03 Jun 2026 00:00:29 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          3: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          4: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          5: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          6: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          7: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          8: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          9: RTPP9X2zvoR_qL8VtqZr6WEHKzw.roa (hash: bz39/MS5H8r1qd18PCFQ3+2kRu1MJoP1Vd1Xyr//BW0=)
                          10: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          11: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          12: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          13: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          14: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: ZpIvpDzq+wLxBw3MPRygzGPKn1vl1DMg1/umtEt8O6k=)
                          15: htqKUhJyQNt1qA3G44rlxCxq60M.roa (hash: id0wxN4WW72w7KuwB5zxXQt9wJQv2b/0iQarjkgrnuM=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jun 2026 16:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:85:a1:bb:50:35:dd:ed:5a:78:d2:a2:88:cc:6c:58:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun  2 00:00:29 2026 GMT
            Not After : Jun  3 00:00:29 2026 GMT
        Subject: CN=6e1d811bd6afa59b38dd025473729d4bdff0e897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:dd:56:ac:60:ab:8a:8c:cc:a6:d9:bb:c6:d1:
                    ab:58:00:99:3c:6c:1e:f4:e3:af:49:54:fa:de:63:
                    ac:2b:19:69:35:78:46:4e:c4:80:e1:95:9e:c0:29:
                    1c:47:7d:ff:52:34:e0:ad:45:03:ab:e5:ea:56:3d:
                    a6:cb:6d:00:ae:a5:6b:5c:5f:64:e0:a8:d5:5b:9c:
                    30:99:f1:69:9d:80:11:59:80:7b:6e:32:87:1f:22:
                    f5:eb:e9:8c:b1:fd:95:f4:76:b9:80:7d:ba:0e:75:
                    be:30:02:79:42:c9:ec:d7:fd:f0:d1:3b:25:67:ef:
                    54:fc:c7:bd:e3:3c:0d:07:3c:bc:81:46:bc:67:61:
                    01:70:e2:46:46:9c:42:a2:3f:2a:e1:1b:44:bd:7c:
                    b6:a3:c2:90:f4:37:a7:ec:2c:c4:d3:32:5b:30:51:
                    b0:45:b5:33:09:ba:33:97:5e:49:78:7f:c0:0f:54:
                    92:0c:bd:9b:74:50:c1:f8:84:29:a7:87:61:41:98:
                    f3:00:8b:2f:94:d2:ed:be:b2:b3:50:d5:56:6c:80:
                    e0:b0:4a:fb:73:70:2a:51:95:e1:dc:1d:3e:70:d6:
                    c2:61:ea:f6:7d:7b:ae:ce:f8:e3:5e:14:2d:d1:87:
                    ce:4a:c3:0d:20:7f:a3:69:fb:89:71:fa:65:84:1f:
                    ef:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:1D:81:1B:D6:AF:A5:9B:38:DD:02:54:73:72:9D:4B:DF:F0:E8:97
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:d0:6d:0b:fa:8e:6d:e4:ba:42:ec:c1:70:6d:5d:99:bc:4e:
         fc:8f:3c:f6:6e:38:c5:ce:1f:da:ac:79:84:24:c2:ea:81:35:
         fd:74:22:d7:52:83:17:19:20:4c:fd:f5:e3:34:b8:b9:fd:00:
         f8:3c:23:1b:08:a8:a6:7d:df:2b:42:63:32:b3:91:de:38:67:
         ac:e2:e9:97:b4:5b:90:33:9f:c8:01:f3:6b:40:73:9b:9a:9a:
         d3:ef:19:de:14:ef:05:49:3d:33:fa:f9:0a:de:29:a1:8f:22:
         50:0d:c8:d6:5c:39:6b:71:8a:79:54:40:4e:d3:21:a0:69:56:
         9b:44:89:89:37:d9:1d:ed:1e:cc:c6:73:fb:3f:0d:85:1c:79:
         66:be:dd:4a:57:dd:94:61:9f:a8:1b:7d:58:6d:cd:b7:0c:0c:
         22:29:34:94:37:78:bb:13:eb:cf:4b:aa:f4:9e:26:36:44:fc:
         a3:79:26:78:eb:23:09:b8:a3:75:fe:62:be:e0:da:04:f5:a1:
         53:57:8a:65:31:b5:b5:8c:37:45:81:9f:da:17:f2:28:42:7e:
         7a:de:84:f9:b1:78:27:f9:4f:73:1c:12:ac:81:8c:7c:0b:2d:
         1d:ba:c1:b1:12:69:10:ad:99:a4:25:0e:79:d2:0a:ad:70:d7:
         80:71:c3:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6FobtQNd3tWnjSoojMbFjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNjAyMDAwMDI5WhcNMjYwNjAzMDAwMDI5WjAzMTEwLwYDVQQD
Eyg2ZTFkODExYmQ2YWZhNTliMzhkZDAyNTQ3MzcyOWQ0YmRmZjBlODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd1WrGCriozMptm7xtGrWACZPGwe
9OOvSVT63mOsKxlpNXhGTsSA4ZWewCkcR33/UjTgrUUDq+XqVj2my20ArqVrXF9k
4KjVW5wwmfFpnYARWYB7bjKHHyL16+mMsf2V9Ha5gH26DnW+MAJ5Qsns1/3w0Tsl
Z+9U/Me94zwNBzy8gUa8Z2EBcOJGRpxCoj8q4RtEvXy2o8KQ9Den7CzE0zJbMFGw
RbUzCbozl15JeH/AD1SSDL2bdFDB+IQpp4dhQZjzAIsvlNLtvrKzUNVWbIDgsEr7
c3AqUZXh3B0+cNbCYer2fXuuzvjjXhQt0YfOSsMNIH+jafuJcfplhB/vvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG4dgRvWr6WbON0CVHNynUvf8OiXMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbNBtC/qO
beS6QuzBcG1dmbxO/I889m44xc4f2qx5hCTC6oE1/XQi11KDFxkgTP314zS4uf0A
+DwjGwiopn3fK0JjMrOR3jhnrOLpl7RbkDOfyAHza0Bzm5qa0+8Z3hTvBUk9M/r5
Ct4poY8iUA3I1lw5a3GKeVRATtMhoGlWm0SJiTfZHe0ezMZz+z8NhRx5Zr7dSlfd
lGGfqBt9WG3NtwwMIik0lDd4uxPrz0uq9J4mNkT8o3kmeOsjCbijdf5ivuDaBPWh
U1eKZTG1tYw3RYGf2hfyKEJ+et6E+bF4J/lPcxwSrIGMfAstHbrBsRJpEK2ZpCUO
edIKrXDXgHHDWQ==
-----END CERTIFICATE-----