Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          GAo4P4EMsOpvuJFmIA98AJMd4l0mm48BWMM/sD3jThI=
Subject key identifier:   55:8D:1D:39:9B:8E:16:88:E0:6D:46:B6:E9:AC:F8:5B:49:6D:78:3E
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019CBADE1548CE8978C96A9C8D644B1467B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          12B1
Signing time:             Wed 04 Mar 2026 22:00:42 +0000
Manifest this update:     Wed 04 Mar 2026 22:00:42 +0000
Manifest next update:     Thu 05 Mar 2026 22:00:42 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: M111OkmiBpJgeRv49bZyUQhnlo2NGroRng6dwhDSZC0=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 05 Mar 2026 19:55:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ba:de:15:48:ce:89:78:c9:6a:9c:8d:64:4b:14:67:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Mar  4 22:00:42 2026 GMT
            Not After : Mar  5 22:00:42 2026 GMT
        Subject: CN=558d1d399b8e1688e06d46b6e9acf85b496d783e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:71:a7:9b:04:11:eb:ec:a7:04:7c:f7:69:bb:
                    7b:e1:01:1b:52:54:e4:dd:ea:59:b3:4f:25:c0:b0:
                    95:da:37:59:92:90:7e:8c:52:cf:f5:45:41:58:4f:
                    0f:d5:9b:fc:ab:9c:6d:b1:ea:11:62:6d:49:9d:d1:
                    99:24:de:5e:d9:b5:6d:19:bd:60:33:5a:be:15:8a:
                    3e:08:c3:35:e3:7e:3b:ba:dc:fe:bd:ef:10:d9:45:
                    1e:da:57:41:c6:ee:08:fc:0d:4f:77:c5:2a:b6:34:
                    15:01:fa:f2:d9:bf:6b:7b:55:1c:f4:4c:bf:35:17:
                    80:bd:0b:7e:a0:ca:f3:5f:62:b1:ed:c5:2b:f4:7e:
                    3c:09:ff:56:27:79:03:e1:7c:00:6c:d5:69:c8:3f:
                    b3:5a:7c:31:20:0a:9d:0b:3e:de:f0:3b:d0:f1:87:
                    77:34:b9:ce:d1:a4:42:3c:b5:fc:18:ff:d9:9e:7a:
                    81:28:29:d3:39:43:20:35:ac:82:5e:09:be:a9:bc:
                    bd:0b:8c:38:7e:a2:c5:3f:bd:71:7a:0f:25:9e:55:
                    73:a5:23:81:d3:6a:b0:a9:f8:cf:a6:c2:66:73:98:
                    8f:1a:86:cf:b1:56:b2:df:7d:48:b5:d9:8e:96:c1:
                    0a:7a:f5:8b:dd:42:fb:5a:f7:f6:ff:60:19:af:1d:
                    f0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:8D:1D:39:9B:8E:16:88:E0:6D:46:B6:E9:AC:F8:5B:49:6D:78:3E
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:c3:32:a7:17:8c:22:53:88:f6:79:b8:07:7b:a1:eb:5a:b4:
         24:08:55:a3:5a:9b:b2:63:a4:bc:31:e2:ec:4c:cd:78:5e:f3:
         f9:e7:7f:bd:39:ff:07:11:e0:f0:44:c5:74:a6:68:75:71:80:
         b9:c7:d7:9b:19:ad:09:e7:60:43:f4:af:74:a7:8f:ff:30:26:
         da:19:9a:66:d1:63:6e:8d:67:fc:4b:6b:a4:bb:ad:23:8b:d2:
         4b:14:1d:a9:31:49:e1:e9:77:da:73:41:42:43:37:4f:7c:95:
         3b:1d:38:26:b0:52:c0:4d:84:3c:e2:be:86:74:aa:49:38:a2:
         89:f0:cd:f0:ff:cc:0d:6d:b8:df:ac:ec:7f:9c:16:af:cf:4e:
         55:8e:7c:d4:52:6a:96:42:05:bf:0c:07:9f:92:01:26:5a:f7:
         04:93:6b:bf:64:76:a4:06:7a:8a:97:f7:98:b9:da:e2:df:2a:
         b4:c1:15:30:82:f7:21:db:0a:08:75:ec:d5:f8:25:12:89:13:
         f3:5f:19:e7:97:8b:6d:f4:c6:b5:e6:af:1e:64:8e:47:ff:6f:
         63:f5:08:fa:f4:4e:c3:c7:1d:37:06:c7:11:18:af:14:ef:95:
         a8:83:8c:d9:97:85:4a:8a:cd:cf:9d:3e:10:75:e0:76:16:80:
         74:a2:39:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZy63hVIzol4yWqcjWRLFGeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzA0MjIwMDQyWhcNMjYwMzA1MjIwMDQyWjAzMTEwLwYDVQQD
Eyg1NThkMWQzOTliOGUxNjg4ZTA2ZDQ2YjZlOWFjZjg1YjQ5NmQ3ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XGnmwQR6+ynBHz3abt74QEbUlTk
3epZs08lwLCV2jdZkpB+jFLP9UVBWE8P1Zv8q5xtseoRYm1JndGZJN5e2bVtGb1g
M1q+FYo+CMM14347utz+ve8Q2UUe2ldBxu4I/A1Pd8UqtjQVAfry2b9re1Uc9Ey/
NReAvQt+oMrzX2Kx7cUr9H48Cf9WJ3kD4XwAbNVpyD+zWnwxIAqdCz7e8DvQ8Yd3
NLnO0aRCPLX8GP/ZnnqBKCnTOUMgNayCXgm+qby9C4w4fqLFP71xeg8lnlVzpSOB
02qwqfjPpsJmc5iPGobPsVay331ItdmOlsEKevWL3UL7Wvf2/2AZrx3wSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWNHTmbjhaI4G1Gtums+FtJbXg+MB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcMypxeM
IlOI9nm4B3uh61q0JAhVo1qbsmOkvDHi7EzNeF7z+ed/vTn/BxHg8ETFdKZodXGA
ucfXmxmtCedgQ/SvdKeP/zAm2hmaZtFjbo1n/EtrpLutI4vSSxQdqTFJ4el32nNB
QkM3T3yVOx04JrBSwE2EPOK+hnSqSTiiifDN8P/MDW2436zsf5wWr89OVY581FJq
lkIFvwwHn5IBJlr3BJNrv2R2pAZ6ipf3mLna4t8qtMEVMIL3IdsKCHXs1fglEokT
818Z55eLbfTGteavHmSOR/9vY/UI+vROw8cdNwbHERivFO+VqIOM2ZeFSorNz50+
EHXgdhaAdKI5tA==
-----END CERTIFICATE-----