Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          bF7lzSoi9UKi0fEGmS00bt05NFn3HijfYYkl1TxckhA=
Subject key identifier:   2E:7E:CF:E9:E2:DC:5C:CA:AB:36:B9:5F:C8:44:DD:6C:5D:5C:69:A8
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019CD20B48F9245C9466B36FE247D98E3F03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          12BD
Signing time:             Mon 09 Mar 2026 10:01:20 +0000
Manifest this update:     Mon 09 Mar 2026 10:01:20 +0000
Manifest next update:     Tue 10 Mar 2026 10:01:20 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: Z8Keb85pJQTDNe/JWav5a060ML0xiXpTpFqTULvh7xk=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Mar 2026 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:d2:0b:48:f9:24:5c:94:66:b3:6f:e2:47:d9:8e:3f:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Mar  9 10:01:20 2026 GMT
            Not After : Mar 10 10:01:20 2026 GMT
        Subject: CN=2e7ecfe9e2dc5ccaab36b95fc844dd6c5d5c69a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f6:3a:82:3a:05:b8:97:f6:44:49:8d:56:3d:
                    45:65:aa:de:75:14:e7:0d:2a:9c:02:ca:30:38:29:
                    1d:ae:45:ea:8f:59:20:f1:44:08:0a:20:fa:44:db:
                    df:66:2d:99:ed:22:07:83:9f:39:a9:46:16:b6:8a:
                    63:d2:cf:78:68:b0:02:98:98:93:f9:bc:28:15:7a:
                    38:87:66:cd:d8:9f:78:55:a5:25:d8:58:2e:0b:67:
                    e3:82:0b:01:53:a6:cc:78:9b:86:2a:f7:3e:9e:9c:
                    87:3e:1f:39:32:cb:18:bd:35:9f:00:69:7a:17:af:
                    5b:cb:d9:5d:9b:5a:ec:4a:16:f0:7f:c7:fc:75:16:
                    ef:c1:b3:20:64:8f:04:70:c0:56:04:c6:35:e7:5c:
                    96:68:9e:62:18:12:3a:1e:87:3c:e9:d1:ae:88:69:
                    ff:43:e5:0f:37:e4:83:44:e3:00:7c:c8:d9:35:ea:
                    71:31:19:51:ec:5c:c0:fa:86:c2:98:29:d3:08:58:
                    fb:51:32:82:d8:0c:6a:3d:bb:1f:7c:c2:83:bc:dc:
                    d8:5c:d2:66:8f:21:65:34:8e:8b:f0:bc:e8:89:97:
                    68:21:5a:53:77:ce:1e:cc:9a:04:9c:63:3f:21:ae:
                    a1:eb:64:b7:e2:9d:c5:9c:d6:7a:8a:a0:ab:5b:d5:
                    7c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:7E:CF:E9:E2:DC:5C:CA:AB:36:B9:5F:C8:44:DD:6C:5D:5C:69:A8
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:6d:98:ec:ca:30:77:5b:4b:f0:22:8a:6c:e8:3e:23:71:db:
         0e:d6:a1:af:12:03:78:a3:c5:f6:a0:6a:27:8b:49:67:f0:38:
         74:2c:a5:a9:86:22:1c:61:17:83:70:61:f7:53:de:5f:04:8a:
         63:a0:fe:17:68:c3:4e:28:2a:b4:d6:0a:f7:a5:11:6d:a0:56:
         f1:39:2a:db:6d:91:a1:63:ab:ea:70:2d:60:10:47:e6:00:73:
         96:fc:d6:2b:85:39:a7:b7:63:3a:af:0e:bf:21:77:4b:11:f8:
         1d:7e:03:74:a0:08:53:07:dd:68:1c:3d:05:3f:9f:e4:2f:14:
         0b:2a:c3:b8:2b:02:49:3b:e9:69:35:69:89:94:e8:ec:02:4e:
         6c:a3:3b:2c:a5:dd:58:17:83:85:34:c1:47:80:ea:df:3d:38:
         bf:94:75:9d:b9:53:5f:ec:90:8e:b6:11:53:52:88:d5:24:29:
         eb:b9:e6:af:7e:36:65:1a:cc:9b:e0:a7:3c:61:6d:4f:f7:77:
         92:66:f6:66:c2:a1:c0:2b:e2:16:22:58:94:61:fc:88:af:51:
         37:e5:63:79:2f:3d:8e:b4:a6:14:6c:b5:99:b9:4d:6e:8e:d1:
         a1:5c:4f:05:75:04:41:1b:ef:84:08:06:ea:95:f4:c4:d7:50:
         36:3f:60:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzSC0j5JFyUZrNv4kfZjj8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMzA5MTAwMTIwWhcNMjYwMzEwMTAwMTIwWjAzMTEwLwYDVQQD
EygyZTdlY2ZlOWUyZGM1Y2NhYWIzNmI5NWZjODQ0ZGQ2YzVkNWM2OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPY6gjoFuJf2REmNVj1FZaredRTn
DSqcAsowOCkdrkXqj1kg8UQICiD6RNvfZi2Z7SIHg585qUYWtopj0s94aLACmJiT
+bwoFXo4h2bN2J94VaUl2FguC2fjggsBU6bMeJuGKvc+npyHPh85MssYvTWfAGl6
F69by9ldm1rsShbwf8f8dRbvwbMgZI8EcMBWBMY151yWaJ5iGBI6Hoc86dGuiGn/
Q+UPN+SDROMAfMjZNepxMRlR7FzA+obCmCnTCFj7UTKC2AxqPbsffMKDvNzYXNJm
jyFlNI6L8LzoiZdoIVpTd84ezJoEnGM/Ia6h62S34p3FnNZ6iqCrW9V8PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC5+z+ni3FzKqza5X8hE3WxdXGmoMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhW2Y7Mow
d1tL8CKKbOg+I3HbDtahrxIDeKPF9qBqJ4tJZ/A4dCylqYYiHGEXg3Bh91PeXwSK
Y6D+F2jDTigqtNYK96URbaBW8Tkq222RoWOr6nAtYBBH5gBzlvzWK4U5p7djOq8O
vyF3SxH4HX4DdKAIUwfdaBw9BT+f5C8UCyrDuCsCSTvpaTVpiZTo7AJObKM7LKXd
WBeDhTTBR4Dq3z04v5R1nblTX+yQjrYRU1KI1SQp67nmr342ZRrMm+CnPGFtT/d3
kmb2ZsKhwCviFiJYlGH8iK9RN+VjeS89jrSmFGy1mblNbo7RoVxPBXUEQRvvhAgG
6pX0xNdQNj9gew==
-----END CERTIFICATE-----