Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          i/EmS0cjP+LKUw8isAftObNapxVFwyS5+HITX1m1S0U=
Subject key identifier:   BB:92:26:2B:4E:4B:77:85:41:1D:E8:CF:66:E6:33:EA:5A:64:CE:98
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019CE17E2C7E570CAFDB3E8E35E368F59987
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          12C5
Signing time:             Thu 12 Mar 2026 10:01:08 +0000
Manifest this update:     Thu 12 Mar 2026 10:01:08 +0000
Manifest next update:     Fri 13 Mar 2026 10:01:08 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: 6t6FJn644ZLsj4jciYLbb6nmIzXS/XSdTKlCwz/Ktq4=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Mar 2026 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:e1:7e:2c:7e:57:0c:af:db:3e:8e:35:e3:68:f5:99:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Mar 12 10:01:08 2026 GMT
            Not After : Mar 13 10:01:08 2026 GMT
        Subject: CN=bb92262b4e4b7785411de8cf66e633ea5a64ce98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1d:fc:1d:1e:81:23:16:f6:5a:d3:e0:42:4d:
                    85:6a:ce:ba:53:0a:7f:d9:9f:31:a2:75:f8:bd:7c:
                    0d:e0:56:f1:0d:32:ae:18:6b:11:03:59:8a:ec:b5:
                    27:a7:01:f5:4a:fd:1c:73:66:d8:c2:8b:81:68:73:
                    e4:d3:6d:f9:f6:2b:7a:93:14:28:b9:9f:c6:68:9f:
                    a2:44:4a:2a:b3:d5:04:f4:7b:ff:c4:e1:1a:4b:37:
                    20:60:59:1e:11:4e:59:2c:9a:f8:54:a8:31:4d:28:
                    71:7d:11:e8:3a:65:05:65:c4:35:c5:74:a6:36:96:
                    cb:81:0d:07:ef:2f:0f:72:bd:ce:66:4a:b2:62:e6:
                    09:17:4a:c9:25:49:dd:fc:02:b7:6f:84:b2:c0:d4:
                    23:4c:5a:14:1e:39:d3:97:d6:c0:b3:06:48:74:c1:
                    9d:53:03:17:8a:3a:50:da:85:95:c5:d4:37:e4:8c:
                    d7:17:01:34:98:a5:a0:84:0f:97:08:b2:62:fa:19:
                    3a:e0:d6:c1:28:f0:52:58:6a:14:a0:84:8d:49:67:
                    bb:77:43:c4:ac:25:0c:fc:13:9a:5c:e4:e8:03:9c:
                    c2:2b:e5:84:0d:6e:75:0d:ad:f6:e3:d7:a3:43:c5:
                    13:3b:b0:10:f6:a3:3f:1b:e3:36:3b:54:0b:0e:7c:
                    41:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:92:26:2B:4E:4B:77:85:41:1D:E8:CF:66:E6:33:EA:5A:64:CE:98
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:b8:c4:a7:43:c0:6d:50:bf:71:cf:65:f5:5b:7a:a5:65:ef:
         9f:98:b8:11:47:ef:dc:6e:5f:ce:b0:bc:76:57:cb:49:d6:14:
         e3:9c:e8:28:b0:82:d9:f4:1d:d9:93:81:03:af:86:78:15:54:
         f2:a7:98:22:8c:88:9b:c7:65:63:4b:51:87:17:5f:46:27:38:
         80:ae:2d:39:52:c8:6b:ea:88:34:b2:15:ba:2e:2d:13:cc:f5:
         c7:52:36:95:9d:4a:51:ee:b1:1d:e5:94:49:c2:72:c1:64:ad:
         a5:0a:49:1d:53:8a:18:32:e5:ef:74:9f:33:9a:8c:ee:3f:1e:
         91:f3:22:3e:76:21:5e:e8:f2:ab:b4:47:86:0d:7e:f4:2b:8d:
         21:ef:d0:ac:f4:be:49:3d:c9:00:3f:66:4f:af:53:0c:e8:3b:
         3f:12:d7:26:f0:fb:8f:d7:39:83:80:e1:f0:69:9f:2c:ed:8a:
         6c:8a:c1:69:db:a3:5f:9e:b7:7e:f3:29:eb:50:c3:f9:0a:7b:
         91:06:bd:16:6d:36:45:5d:9c:1c:19:07:dc:93:73:da:ec:dc:
         80:b0:23:51:ec:00:4d:a5:44:69:93:ad:7f:71:25:71:28:20:
         ff:c8:9b:5e:17:4a:32:43:f0:a9:26:e3:34:42:b5:b8:55:7e:
         13:2e:09:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzhfix+Vwyv2z6ONeNo9ZmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzEyMTAwMTA4WhcNMjYwMzEzMTAwMTA4WjAzMTEwLwYDVQQD
EyhiYjkyMjYyYjRlNGI3Nzg1NDExZGU4Y2Y2NmU2MzNlYTVhNjRjZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB38HR6BIxb2WtPgQk2Fas66Uwp/
2Z8xonX4vXwN4FbxDTKuGGsRA1mK7LUnpwH1Sv0cc2bYwouBaHPk02359it6kxQo
uZ/GaJ+iREoqs9UE9Hv/xOEaSzcgYFkeEU5ZLJr4VKgxTShxfRHoOmUFZcQ1xXSm
NpbLgQ0H7y8Pcr3OZkqyYuYJF0rJJUnd/AK3b4SywNQjTFoUHjnTl9bAswZIdMGd
UwMXijpQ2oWVxdQ35IzXFwE0mKWghA+XCLJi+hk64NbBKPBSWGoUoISNSWe7d0PE
rCUM/BOaXOToA5zCK+WEDW51Da3249ejQ8UTO7AQ9qM/G+M2O1QLDnxBpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuSJitOS3eFQR3oz2bmM+paZM6YMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAULjEp0PA
bVC/cc9l9Vt6pWXvn5i4EUfv3G5fzrC8dlfLSdYU45zoKLCC2fQd2ZOBA6+GeBVU
8qeYIoyIm8dlY0tRhxdfRic4gK4tOVLIa+qINLIVui4tE8z1x1I2lZ1KUe6xHeWU
ScJywWStpQpJHVOKGDLl73SfM5qM7j8ekfMiPnYhXujyq7RHhg1+9CuNIe/QrPS+
ST3JAD9mT69TDOg7PxLXJvD7j9c5g4Dh8GmfLO2KbIrBadujX563fvMp61DD+Qp7
kQa9Fm02RV2cHBkH3JNz2uzcgLAjUewATaVEaZOtf3ElcSgg/8ibXhdKMkPwqSbj
NEK1uFV+Ey4J+w==
-----END CERTIFICATE-----