Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          4wtML5oBvr4WYNxocFF+VmPRkMWN3LQn8hZowFmmHdU=
Subject key identifier:   D7:33:F5:22:33:C2:72:E6:A7:F8:23:CA:3C:5E:02:03:A4:EB:24:D3
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019E555AA4F2E560B7726F9087B2FC57D8B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          1387
Signing time:             Sat 23 May 2026 15:01:04 +0000
Manifest this update:     Sat 23 May 2026 15:01:04 +0000
Manifest next update:     Sun 24 May 2026 15:01:04 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          3: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          4: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          5: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          6: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          7: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          8: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          9: RTPP9X2zvoR_qL8VtqZr6WEHKzw.roa (hash: bz39/MS5H8r1qd18PCFQ3+2kRu1MJoP1Vd1Xyr//BW0=)
                          10: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          11: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          12: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          13: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          14: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: hfFXRmrlelMbyE6U3lHH1r5U9r0bslYRD9Q0Roj3Ra0=)
                          15: htqKUhJyQNt1qA3G44rlxCxq60M.roa (hash: id0wxN4WW72w7KuwB5zxXQt9wJQv2b/0iQarjkgrnuM=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 May 2026 15:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:55:5a:a4:f2:e5:60:b7:72:6f:90:87:b2:fc:57:d8:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: May 23 15:01:04 2026 GMT
            Not After : May 24 15:01:04 2026 GMT
        Subject: CN=d733f52233c272e6a7f823ca3c5e0203a4eb24d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:bb:ad:e3:9a:0f:58:ac:ae:78:b8:81:db:86:
                    fd:81:80:77:6e:42:df:90:8f:25:77:00:71:e1:84:
                    f7:f6:73:3a:98:9c:2d:86:07:76:ed:27:7f:da:9a:
                    5d:93:72:d5:d8:c8:9b:ee:5e:b9:5b:17:e3:a5:cb:
                    58:de:4a:b7:c2:2f:ae:85:f0:2f:0b:1f:76:48:3a:
                    19:d5:b3:1c:8a:bb:3e:2c:72:82:11:95:ea:73:7a:
                    45:c6:5a:70:21:f3:e2:6c:67:aa:b1:7d:61:b3:c1:
                    d0:7b:0c:6f:8a:d6:b9:33:d1:78:da:cd:da:d8:a0:
                    10:1c:7a:36:39:c0:22:aa:a8:6c:f0:c1:b9:fd:6d:
                    71:87:06:78:c1:aa:3f:ae:04:f7:d7:19:14:23:27:
                    8f:4c:d7:d7:d2:93:d5:4a:82:f2:7f:e9:8f:cf:ee:
                    9c:81:9b:13:17:2c:ea:df:76:32:f3:ed:42:64:25:
                    28:bb:66:ce:b0:b4:1d:d8:9a:01:d9:29:66:5b:af:
                    80:2a:5e:3b:5d:1b:0a:ee:dc:5d:07:33:48:ef:6a:
                    e0:6a:12:2d:35:c7:78:a3:6f:e2:60:5c:23:ba:b3:
                    2b:12:ca:ae:7d:f8:7c:b1:b7:d7:bb:2a:cc:4d:e1:
                    66:10:ea:18:fa:29:49:13:ea:27:8a:14:f3:91:ba:
                    13:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:33:F5:22:33:C2:72:E6:A7:F8:23:CA:3C:5E:02:03:A4:EB:24:D3
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:e3:20:1c:26:85:4c:7e:e4:7c:38:3d:06:35:00:3b:53:a5:
         17:b7:06:9d:fb:5e:d3:20:8e:65:fa:89:53:98:ca:dd:b0:fe:
         61:8d:c6:fa:f9:48:72:80:7b:73:bd:9c:cf:c9:d8:97:b7:ca:
         dc:d1:da:17:8e:6a:95:ca:99:5d:ef:4d:12:4a:28:e7:61:7d:
         54:c7:58:c2:7f:91:41:86:69:ab:81:08:20:8d:e2:6d:ae:d8:
         c2:18:aa:d1:71:f7:3d:43:46:60:54:99:cf:25:bf:04:47:9d:
         a8:b3:eb:35:76:2e:52:b1:f8:dc:0b:e3:3e:2b:cf:00:56:2e:
         42:f4:3e:35:dc:99:dc:90:5a:69:f5:48:9c:66:1c:8d:99:9a:
         a3:b9:e2:c6:e0:20:55:30:8e:75:41:59:d4:91:af:51:df:ec:
         3a:9b:82:40:c8:94:b9:c1:74:3c:82:99:0e:50:14:d1:9c:a5:
         f6:96:70:cb:a0:d7:12:4c:2e:dc:d2:de:89:53:d3:bb:71:90:
         e7:72:de:ad:19:ec:5f:15:96:9a:79:a0:c9:72:3f:0e:a1:5c:
         b9:34:03:16:48:59:c8:a0:87:64:48:35:7a:17:57:1e:20:29:
         47:d1:ba:9e:02:29:a2:89:8c:8e:0b:30:87:d9:d3:28:45:78:
         e5:8b:f1:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ5VWqTy5WC3cm+Qh7L8V9i3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNTIzMTUwMTA0WhcNMjYwNTI0MTUwMTA0WjAzMTEwLwYDVQQD
EyhkNzMzZjUyMjMzYzI3MmU2YTdmODIzY2EzYzVlMDIwM2E0ZWIyNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrut45oPWKyueLiB24b9gYB3bkLf
kI8ldwBx4YT39nM6mJwthgd27Sd/2ppdk3LV2Mib7l65WxfjpctY3kq3wi+uhfAv
Cx92SDoZ1bMcirs+LHKCEZXqc3pFxlpwIfPibGeqsX1hs8HQewxvita5M9F42s3a
2KAQHHo2OcAiqqhs8MG5/W1xhwZ4wao/rgT31xkUIyePTNfX0pPVSoLyf+mPz+6c
gZsTFyzq33Yy8+1CZCUou2bOsLQd2JoB2SlmW6+AKl47XRsK7txdBzNI72rgahIt
Ncd4o2/iYFwjurMrEsquffh8sbfXuyrMTeFmEOoY+ilJE+onihTzkboTkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcz9SIzwnLmp/gjyjxeAgOk6yTTMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbeMgHCaF
TH7kfDg9BjUAO1OlF7cGnfte0yCOZfqJU5jK3bD+YY3G+vlIcoB7c72cz8nYl7fK
3NHaF45qlcqZXe9NEkoo52F9VMdYwn+RQYZpq4EIII3iba7Ywhiq0XH3PUNGYFSZ
zyW/BEedqLPrNXYuUrH43AvjPivPAFYuQvQ+NdyZ3JBaafVInGYcjZmao7nixuAg
VTCOdUFZ1JGvUd/sOpuCQMiUucF0PIKZDlAU0Zyl9pZwy6DXEkwu3NLeiVPTu3GQ
53LerRnsXxWWmnmgyXI/DqFcuTQDFkhZyKCHZEg1ehdXHiApR9G6ngIpoomMjgsw
h9nTKEV45YvxuQ==
-----END CERTIFICATE-----
Generated at Sun May 24 01:06:57 2026 by rpki-client