Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          LN0QQo8TSUjT7Ily26AUVAw2Q5eREwPlCBpeO2HWZBg=
Subject key identifier:   64:FE:73:84:83:AA:4E:63:A7:63:4E:90:96:6C:FC:60:76:C4:2A:07
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019EF1C8041EBB022A1A39D536184D973FB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          13D8
Signing time:             Tue 23 Jun 2026 00:01:17 +0000
Manifest this update:     Tue 23 Jun 2026 00:01:17 +0000
Manifest next update:     Wed 24 Jun 2026 00:01:17 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          3: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          4: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          5: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          6: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          7: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          8: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          9: RTPP9X2zvoR_qL8VtqZr6WEHKzw.roa (hash: bz39/MS5H8r1qd18PCFQ3+2kRu1MJoP1Vd1Xyr//BW0=)
                          10: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          11: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          12: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          13: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          14: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: ncjXr5/SDdMW7RgKW8I/ptHJbRnf4Fc753D3zPB9L48=)
                          15: htqKUhJyQNt1qA3G44rlxCxq60M.roa (hash: id0wxN4WW72w7KuwB5zxXQt9wJQv2b/0iQarjkgrnuM=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 24 Jun 2026 00:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:f1:c8:04:1e:bb:02:2a:1a:39:d5:36:18:4d:97:3f:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun 23 00:01:17 2026 GMT
            Not After : Jun 24 00:01:17 2026 GMT
        Subject: CN=64fe738483aa4e63a7634e90966cfc6076c42a07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:65:d3:57:f5:85:69:10:6d:2d:31:82:0e:dd:
                    2a:97:fa:8e:be:a7:83:b7:6c:45:1a:d1:44:d1:43:
                    a0:fc:03:b1:10:13:ce:63:e5:68:b3:52:65:40:d0:
                    c2:23:95:5f:b2:55:27:40:4c:a6:de:58:a7:6e:07:
                    98:53:4b:3e:82:1b:b4:51:2d:19:d6:78:20:9b:51:
                    e5:e4:f7:92:26:e0:8c:4e:ae:fe:45:30:84:7a:39:
                    da:20:88:31:79:ab:04:34:c0:98:0c:7f:85:58:44:
                    fe:54:2e:a1:00:7d:69:b9:18:87:bd:20:2e:6f:67:
                    7b:70:a5:cd:12:98:49:54:34:cf:38:5d:86:72:a3:
                    ea:04:e6:78:fb:41:b4:2c:73:64:ad:de:2c:93:83:
                    d1:0a:e9:af:2c:07:d4:fc:33:fa:fa:a4:d7:2c:b8:
                    f0:85:8c:c5:90:a1:f7:96:53:02:b5:7a:10:b7:c9:
                    5c:bc:77:19:59:e6:b0:12:df:a6:f2:76:37:e1:b5:
                    16:e7:0a:68:31:6d:49:33:4c:e5:3f:0c:8a:bb:47:
                    c9:ba:89:46:9d:8f:90:c0:22:12:3a:a4:96:ea:c6:
                    9d:3e:a9:ac:07:8c:1d:be:e9:7c:10:6e:f0:cf:48:
                    a3:dd:02:92:81:ed:16:55:81:f6:3f:99:34:70:d5:
                    4b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:FE:73:84:83:AA:4E:63:A7:63:4E:90:96:6C:FC:60:76:C4:2A:07
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:9e:d8:99:90:ee:58:e6:3a:00:cd:bf:b7:bc:e9:d6:20:8c:
         a5:1d:03:84:f9:a8:f1:ef:b7:da:4e:e6:13:7e:b1:41:cc:15:
         c3:c6:46:26:b3:a8:53:76:af:53:f3:33:b4:36:b3:e9:af:1b:
         27:a2:68:e8:60:62:a5:46:d6:e5:64:16:f5:fa:d6:22:40:40:
         7b:70:6b:13:7a:ae:c9:3c:7d:ab:eb:15:d9:84:38:e6:ab:8a:
         6d:a1:d0:15:88:92:c8:dc:2b:c1:6c:f5:3c:15:38:2f:53:b9:
         2d:c1:4c:cc:e4:11:15:2c:19:5c:a7:6d:c5:07:df:75:db:d3:
         4b:28:43:2c:86:64:a2:e8:98:57:f4:ab:1a:eb:f1:ce:75:36:
         af:9d:33:a1:60:f9:85:ca:e8:11:8d:3b:a5:52:9a:1d:53:d9:
         d6:28:26:e1:aa:a5:c6:f3:39:56:a7:6b:b8:2f:54:a6:18:54:
         9b:bd:6d:d6:0f:68:38:e2:72:70:ea:6a:e1:0b:d3:a5:16:21:
         a5:20:4f:9c:47:9f:dc:b2:d9:c9:7c:8d:28:80:d7:67:6a:2c:
         12:d6:cd:11:6c:c3:cf:6e:a0:fa:5f:f6:14:37:10:01:ea:fd:
         57:a6:d4:fa:c8:ed:63:10:e6:d3:07:91:6a:10:0b:dc:3d:df:
         aa:ec:e7:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7xyAQeuwIqGjnVNhhNlz+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwNjIzMDAwMTE3WhcNMjYwNjI0MDAwMTE3WjAzMTEwLwYDVQQD
Eyg2NGZlNzM4NDgzYWE0ZTYzYTc2MzRlOTA5NjZjZmM2MDc2YzQyYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGXTV/WFaRBtLTGCDt0ql/qOvqeD
t2xFGtFE0UOg/AOxEBPOY+Vos1JlQNDCI5VfslUnQEym3linbgeYU0s+ghu0US0Z
1nggm1Hl5PeSJuCMTq7+RTCEejnaIIgxeasENMCYDH+FWET+VC6hAH1puRiHvSAu
b2d7cKXNEphJVDTPOF2GcqPqBOZ4+0G0LHNkrd4sk4PRCumvLAfU/DP6+qTXLLjw
hYzFkKH3llMCtXoQt8lcvHcZWeawEt+m8nY34bUW5wpoMW1JM0zlPwyKu0fJuolG
nY+QwCISOqSW6sadPqmsB4wdvul8EG7wz0ij3QKSge0WVYH2P5k0cNVLWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGT+c4SDqk5jp2NOkJZs/GB2xCoHMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKJ7YmZDu
WOY6AM2/t7zp1iCMpR0DhPmo8e+32k7mE36xQcwVw8ZGJrOoU3avU/MztDaz6a8b
J6Jo6GBipUbW5WQW9frWIkBAe3BrE3quyTx9q+sV2YQ45quKbaHQFYiSyNwrwWz1
PBU4L1O5LcFMzOQRFSwZXKdtxQffddvTSyhDLIZkouiYV/SrGuvxznU2r50zoWD5
hcroEY07pVKaHVPZ1igm4aqlxvM5VqdruC9UphhUm71t1g9oOOJycOpq4QvTpRYh
pSBPnEef3LLZyXyNKIDXZ2osEtbNEWzDz26g+l/2FDcQAer9V6bU+sjtYxDm0weR
ahAL3D3fquzneg==
-----END CERTIFICATE-----
Generated at Tue Jun 23 09:14:25 2026 by rpki-client