Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          ph3xZVjUCv+PYvOuQmFsWp9VJsZlosZjqz7oy8Jwj14=
Subject key identifier:   25:2C:AE:18:A2:9B:2A:B3:CA:8B:B0:6A:00:D7:BB:B0:43:60:8D:53
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019EA864A0B79B8CB6DC4C4978CC528A90B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          13B2
Signing time:             Mon 08 Jun 2026 18:00:27 +0000
Manifest this update:     Mon 08 Jun 2026 18:00:27 +0000
Manifest next update:     Tue 09 Jun 2026 18:00:27 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          3: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          4: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          5: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          6: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          7: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          8: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          9: RTPP9X2zvoR_qL8VtqZr6WEHKzw.roa (hash: bz39/MS5H8r1qd18PCFQ3+2kRu1MJoP1Vd1Xyr//BW0=)
                          10: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          11: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          12: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          13: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          14: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: 1gl/83vXdi968Z+5iWkOVTiDsXJM4taQPmIBFmBZvc8=)
                          15: htqKUhJyQNt1qA3G44rlxCxq60M.roa (hash: id0wxN4WW72w7KuwB5zxXQt9wJQv2b/0iQarjkgrnuM=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 09 Jun 2026 14:52:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:a8:64:a0:b7:9b:8c:b6:dc:4c:49:78:cc:52:8a:90:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun  8 18:00:27 2026 GMT
            Not After : Jun  9 18:00:27 2026 GMT
        Subject: CN=252cae18a29b2ab3ca8bb06a00d7bbb043608d53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:71:28:df:4c:4d:59:e9:19:88:47:62:23:d6:
                    dc:71:45:6d:27:23:28:24:a8:a0:52:53:3c:67:b7:
                    11:3a:35:32:cb:10:59:2d:7b:f7:aa:51:20:38:a8:
                    a2:b4:1f:1f:86:75:cb:c6:8a:da:44:55:5b:aa:80:
                    0d:fe:0d:d7:1a:c1:b8:1e:4f:25:fa:90:06:23:de:
                    81:9c:74:ee:7c:6c:80:d5:75:c1:dc:12:b6:45:03:
                    43:a2:dc:b5:6f:43:5d:55:a2:6d:3d:c7:26:c7:b8:
                    12:04:7d:7e:ec:c9:c0:b0:6c:37:44:55:11:0c:67:
                    d2:88:c3:53:a8:ba:f4:00:f3:c7:62:48:9d:5d:60:
                    63:ce:f3:c2:db:07:47:c3:5e:fb:ff:77:9a:ed:93:
                    4e:6e:ed:5c:e2:9f:79:6c:e5:09:49:b5:64:d9:f0:
                    fd:0a:6c:6a:56:05:71:78:e1:47:07:02:ee:37:71:
                    09:f6:0d:6f:68:56:49:64:c4:d6:ab:d8:f8:95:c3:
                    84:7b:f6:de:d1:53:fc:a8:26:e8:df:5f:03:83:b5:
                    1b:0e:28:72:e7:d5:b4:aa:01:76:e9:92:f7:50:7d:
                    12:85:82:bf:fb:b4:75:40:90:fb:d4:59:0f:86:f9:
                    5a:d1:f8:13:08:68:0d:7e:42:ce:1a:fe:3c:8d:1e:
                    96:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:2C:AE:18:A2:9B:2A:B3:CA:8B:B0:6A:00:D7:BB:B0:43:60:8D:53
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:a0:47:ab:88:38:9a:65:42:86:29:eb:41:d9:89:9d:4b:f1:
         38:6c:c3:68:a2:0d:9d:ea:87:2c:f5:33:60:e3:24:00:d6:23:
         67:1e:22:16:b0:a5:93:87:b4:2c:b3:8e:59:e1:2b:80:21:f5:
         98:cd:d2:a6:ad:1d:95:af:0d:70:94:ba:2f:43:c3:8a:c8:7f:
         26:a1:4a:ea:ad:5e:36:3f:e3:a9:58:d8:a4:81:9b:48:8d:6a:
         5a:e7:9b:65:65:a0:b9:46:14:b4:33:c3:02:f5:10:a4:ef:69:
         00:9b:97:b4:13:8e:13:ba:6a:7b:96:01:6f:95:72:87:6a:d8:
         82:2d:3c:2c:b2:5e:fa:e1:af:c1:df:5a:4a:97:25:13:d1:00:
         f8:9f:0b:f2:f7:ea:e0:90:e2:2d:0b:8a:30:22:47:72:ba:a4:
         e4:51:f7:34:f9:a3:85:9d:0f:54:cc:de:c0:ab:88:a0:8f:3e:
         8c:d8:72:18:9a:a7:06:e8:1c:c1:90:d6:52:04:20:fd:91:c8:
         36:8c:17:8d:4f:c9:90:8a:99:f7:cf:9b:12:69:3f:60:44:c8:
         28:85:df:55:13:bf:fb:c4:b3:69:6c:e5:a2:75:8c:36:5e:0c:
         1f:4c:99:11:92:bc:dc:a1:ae:5f:0a:75:89:f7:76:90:03:f3:
         70:d0:a1:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6oZKC3m4y23ExJeMxSipCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNjA4MTgwMDI3WhcNMjYwNjA5MTgwMDI3WjAzMTEwLwYDVQQD
EygyNTJjYWUxOGEyOWIyYWIzY2E4YmIwNmEwMGQ3YmJiMDQzNjA4ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3Eo30xNWekZiEdiI9bccUVtJyMo
JKigUlM8Z7cROjUyyxBZLXv3qlEgOKiitB8fhnXLxoraRFVbqoAN/g3XGsG4Hk8l
+pAGI96BnHTufGyA1XXB3BK2RQNDoty1b0NdVaJtPccmx7gSBH1+7MnAsGw3RFUR
DGfSiMNTqLr0APPHYkidXWBjzvPC2wdHw177/3ea7ZNObu1c4p95bOUJSbVk2fD9
CmxqVgVxeOFHBwLuN3EJ9g1vaFZJZMTWq9j4lcOEe/be0VP8qCbo318Dg7UbDihy
59W0qgF26ZL3UH0ShYK/+7R1QJD71FkPhvla0fgTCGgNfkLOGv48jR6WpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUsrhiimyqzyouwagDXu7BDYI1TMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJqBHq4g4
mmVChinrQdmJnUvxOGzDaKINneqHLPUzYOMkANYjZx4iFrClk4e0LLOOWeErgCH1
mM3Spq0dla8NcJS6L0PDish/JqFK6q1eNj/jqVjYpIGbSI1qWuebZWWguUYUtDPD
AvUQpO9pAJuXtBOOE7pqe5YBb5Vyh2rYgi08LLJe+uGvwd9aSpclE9EA+J8L8vfq
4JDiLQuKMCJHcrqk5FH3NPmjhZ0PVMzewKuIoI8+jNhyGJqnBugcwZDWUgQg/ZHI
NowXjU/JkIqZ98+bEmk/YETIKIXfVRO/+8SzaWzlonWMNl4MH0yZEZK83KGuXwp1
ifd2kAPzcNChpg==
-----END CERTIFICATE-----
Generated at Mon Jun 8 20:27:01 2026 by rpki-client