$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft File: gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json) Hash identifier: XM2PuJwv2yiu0I/NjJ3a/sbnbfp8kD44NTowXVuG9jA= Subject key identifier: A7:8F:98:28:2E:B1:40:93:49:42:F7:F2:DA:B9:04:9A:9E:B6:2B:6D Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Certificate serial: 019D197FAE33435F469AEC6F5D6FE369841B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft Manifest number: 12E2 Signing time: Mon 23 Mar 2026 07:01:31 +0000 Manifest this update: Mon 23 Mar 2026 07:01:31 +0000 Manifest next update: Tue 24 Mar 2026 07:01:31 +0000 Files and hashes: 1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=) 2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=) 3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=) 4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=) 5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=) 6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=) 7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=) 8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=) 9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=) 10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=) 11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=) 12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=) 13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=) 14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=) 15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: 3SkGEz7pRtVAlY0asoLwHSl+jnwCo6zqouUzZloDQ64=) 16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=) 17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 24 Mar 2026 07:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:19:7f:ae:33:43:5f:46:9a:ec:6f:5d:6f:e3:69:84:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Validity Not Before: Mar 23 07:01:31 2026 GMT Not After : Mar 24 07:01:31 2026 GMT Subject: CN=a78f98282eb140934942f7f2dab9049a9eb62b6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e9:a1:05:b9:71:f1:95:d0:e8:28:0a:1a:42: 02:2b:4e:73:16:fa:5a:ce:f2:88:68:07:99:fe:73: 36:23:4e:48:31:9e:c3:bb:e4:70:e5:2e:16:d9:cf: 15:83:dd:cc:7d:e3:fe:70:56:cd:d8:a0:ae:81:80: fd:a8:3f:09:c8:d0:58:ca:32:3a:65:7e:67:20:31: 36:54:13:34:ea:85:b2:f7:e0:f1:38:58:77:c6:5a: 8a:31:53:ee:b6:4d:0b:24:aa:f8:48:d6:da:81:9f: 4a:98:e3:02:97:44:ea:9b:8a:3f:13:d3:86:9d:c2: 35:46:0b:30:b5:aa:49:78:7d:fe:ee:e7:80:2c:4c: cf:24:6d:5e:ad:0e:88:90:1b:01:95:94:c5:77:c1: b7:32:1a:81:d9:34:10:da:f0:0c:08:79:b5:75:bb: 6d:f7:5d:82:5a:bc:e0:cf:09:13:47:c0:3a:f9:e2: ed:0d:ed:7c:f7:ec:37:ca:43:3d:95:3e:0d:b2:a0: 7c:0e:e1:cf:5c:dc:47:b1:16:3b:ab:a2:ac:12:a9: 44:50:62:ca:82:2c:01:7d:51:3b:12:22:0e:c8:4f: ed:85:84:3e:8c:fc:10:10:6a:1e:f6:a4:da:65:28: 62:3f:13:98:05:0e:d2:17:bb:c5:e7:77:07:d5:34: 5c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:8F:98:28:2E:B1:40:93:49:42:F7:F2:DA:B9:04:9A:9E:B6:2B:6D X509v3 Authority Key Identifier: keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:fa:c4:bd:ee:77:e6:e3:cd:3a:c1:78:87:7e:87:17:79:56: b2:d8:ff:56:c2:64:ba:67:3e:7e:c9:2f:c2:73:72:48:b8:53: fe:ee:da:05:8a:5d:53:c0:1d:b1:c4:de:96:1a:c3:86:e6:27: 46:4c:b7:9a:49:4b:38:3a:49:d9:a6:af:c5:ef:66:d6:2f:46: cb:6a:32:1a:13:bf:2f:4e:6e:d2:ba:2c:c4:da:ad:fa:6e:6b: 5b:49:4f:eb:db:28:2d:f3:8e:a0:91:7f:50:56:04:e6:a9:ce: 85:ad:03:84:51:19:64:19:0e:22:8d:86:b0:79:fe:57:2f:2e: 46:af:ae:53:a1:f3:8b:7c:52:2c:62:ff:36:0d:c7:13:f8:ff: fb:54:ca:ef:92:18:1d:af:81:17:08:c3:ea:6d:83:06:56:48: 03:a5:3e:b2:76:e8:07:22:d6:00:45:9e:9b:f2:81:da:40:f8: b2:5f:62:a4:5e:9e:df:5c:24:ce:0b:14:46:50:a0:74:86:50: 57:6b:b1:54:4d:19:de:e4:5e:bd:69:53:fb:7c:69:b9:ff:44: 0e:72:88:e8:37:02:b8:6a:50:5a:fc:7a:fb:af:64:89:00:3a: 0c:fa:f0:68:b6:dc:2c:67:14:de:df:c2:6d:c0:2d:d3:c2:3e: b8:2f:00:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ0Zf64zQ19GmuxvXW/jaYQbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx MTliZDcwHhcNMjYwMzIzMDcwMTMxWhcNMjYwMzI0MDcwMTMxWjAzMTEwLwYDVQQD EyhhNzhmOTgyODJlYjE0MDkzNDk0MmY3ZjJkYWI5MDQ5YTllYjYyYjZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+mhBblx8ZXQ6CgKGkICK05zFvpa zvKIaAeZ/nM2I05IMZ7Du+Rw5S4W2c8Vg93MfeP+cFbN2KCugYD9qD8JyNBYyjI6 ZX5nIDE2VBM06oWy9+DxOFh3xlqKMVPutk0LJKr4SNbagZ9KmOMCl0Tqm4o/E9OG ncI1RgswtapJeH3+7ueALEzPJG1erQ6IkBsBlZTFd8G3MhqB2TQQ2vAMCHm1dbtt 912CWrzgzwkTR8A6+eLtDe189+w3ykM9lT4NsqB8DuHPXNxHsRY7q6KsEqlEUGLK giwBfVE7EiIOyE/thYQ+jPwQEGoe9qTaZShiPxOYBQ7SF7vF53cH1TRcUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKePmCgusUCTSUL38tq5BJqetittMB8GA1UdIwQY MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3 LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAafrEve53 5uPNOsF4h36HF3lWstj/VsJkumc+fskvwnNySLhT/u7aBYpdU8AdscTelhrDhuYn Rky3mklLODpJ2aavxe9m1i9Gy2oyGhO/L05u0rosxNqt+m5rW0lP69soLfOOoJF/ UFYE5qnOha0DhFEZZBkOIo2GsHn+Vy8uRq+uU6Hzi3xSLGL/Ng3HE/j/+1TK75IY Ha+BFwjD6m2DBlZIA6U+snboByLWAEWem/KB2kD4sl9ipF6e31wkzgsURlCgdIZQ V2uxVE0Z3uRevWlT+3xpuf9EDnKI6DcCuGpQWvx6+69kiQA6DPrwaLbcLGcU3t/C bcAt08I+uC8A1Q== -----END CERTIFICATE-----Generated at Mon Mar 23 17:16:34 2026 by rpki-client