$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft File: gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json) Hash identifier: CMz0mzRlAc0/2qrOnmgIZA0TkSstrSHJbVAJ06VpG7I= Subject key identifier: DE:57:F8:D8:0B:D3:A2:1C:51:0A:95:63:A1:DC:FA:5B:A8:A6:BB:B8 Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Certificate serial: 019D3C42F7069356C9114BA81BCC1FB525BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft Manifest number: 12F4 Signing time: Mon 30 Mar 2026 01:01:54 +0000 Manifest this update: Mon 30 Mar 2026 01:01:54 +0000 Manifest next update: Tue 31 Mar 2026 01:01:54 +0000 Files and hashes: 1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=) 2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=) 3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=) 4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=) 5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=) 6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=) 7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=) 8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=) 9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=) 10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=) 11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=) 12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=) 13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=) 14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=) 15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: LMioz0L0vPzDbcXmUytE/dgfWkgk9Kt8VWbb5c/dwfY=) 16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=) 17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 31 Mar 2026 01:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9d:3c:42:f7:06:93:56:c9:11:4b:a8:1b:cc:1f:b5:25:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Validity Not Before: Mar 30 01:01:54 2026 GMT Not After : Mar 31 01:01:54 2026 GMT Subject: CN=de57f8d80bd3a21c510a9563a1dcfa5ba8a6bbb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:1b:0d:40:c0:b7:08:f1:d5:a9:7d:95:84:8f: 35:81:d7:9e:35:a7:00:33:af:a5:6a:2b:44:00:17: 61:32:36:67:b8:86:93:8d:45:b0:88:9f:05:b3:ef: ab:cb:c8:f5:ca:f0:e7:20:da:c8:c8:1c:15:5e:63: 31:a4:85:f1:8e:46:52:7a:e8:3c:4a:c4:1c:b0:10: 06:64:11:21:29:53:e5:c0:31:90:f2:bd:92:b2:80: 2b:75:75:2c:8f:9e:6e:93:5e:e3:57:ba:25:28:39: 6f:9e:02:a1:67:a3:af:c1:59:c8:30:36:c7:32:85: 11:33:7e:a9:9f:10:f3:0b:2c:b9:b8:88:12:16:21: 6a:2f:f3:d8:42:0d:fb:09:5b:ed:a0:23:a1:49:66: 9a:91:62:ac:9f:50:5c:e1:bd:d8:d4:8d:f9:c1:f1: 62:07:8e:12:9c:07:a5:2a:70:32:6e:21:90:a9:21: 57:12:74:91:7e:59:98:e0:eb:fa:a5:e5:1c:58:dc: 23:14:2d:11:05:0a:71:01:c0:e9:a6:da:d3:de:ee: 5f:da:4d:1f:8b:2f:98:6f:34:50:e3:e1:58:52:15: f3:e7:11:3a:6b:89:a3:ed:b4:c6:ed:21:d1:f0:06: 48:fd:b4:ef:d9:ab:33:73:d3:3b:cb:d6:ff:49:c3: 8e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:57:F8:D8:0B:D3:A2:1C:51:0A:95:63:A1:DC:FA:5B:A8:A6:BB:B8 X509v3 Authority Key Identifier: keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:41:27:93:e4:57:8a:6e:f6:fa:f7:58:5c:44:4f:dc:de:d7: 87:39:34:08:72:dc:81:84:fe:a2:de:9b:49:0a:f6:e3:14:34: 84:54:33:01:35:00:5e:8c:ba:23:aa:5f:19:8b:ce:fb:de:94: 7e:2c:d8:dc:c8:74:86:cc:4d:f5:3f:5f:c7:c2:92:5d:d2:b3: 65:fc:2e:36:f8:25:d6:46:14:9d:03:0b:6f:7b:fe:80:bd:0a: d3:e5:68:a1:f4:a5:fc:3d:8f:01:eb:33:bd:6a:57:bd:db:0c: f4:67:1d:7e:ea:ac:73:5d:a5:33:03:ae:f5:03:b0:a7:3d:5e: a1:97:9c:0f:18:1a:cb:e0:a8:85:0f:01:4f:35:a9:f0:f1:04: b7:89:36:d8:39:0c:c6:5f:4b:26:31:d5:b6:bd:6c:cb:61:5e: 80:89:02:a8:ae:96:fa:e4:98:70:dc:ef:00:a0:43:8b:95:c2: f1:bf:99:03:b5:77:0d:dd:d9:7a:ff:89:eb:0d:c1:9f:df:bd: 9b:8a:80:a7:8d:c0:bd:b0:df:b4:d4:a7:b7:d8:9f:cb:ed:00: 4a:cf:94:91:80:b7:24:96:e7:e0:90:01:58:75:67:3d:a4:38: e0:a4:85:f1:7f:ab:a0:3e:75:6a:2c:4a:cd:ee:75:0c:9e:e1: 3d:62:d2:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZ08QvcGk1bJEUuoG8wftSW+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx MTliZDcwHhcNMjYwMzMwMDEwMTU0WhcNMjYwMzMxMDEwMTU0WjAzMTEwLwYDVQQD EyhkZTU3ZjhkODBiZDNhMjFjNTEwYTk1NjNhMWRjZmE1YmE4YTZiYmI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphsNQMC3CPHVqX2VhI81gdeeNacA M6+laitEABdhMjZnuIaTjUWwiJ8Fs++ry8j1yvDnINrIyBwVXmMxpIXxjkZSeug8 SsQcsBAGZBEhKVPlwDGQ8r2SsoArdXUsj55uk17jV7olKDlvngKhZ6OvwVnIMDbH MoURM36pnxDzCyy5uIgSFiFqL/PYQg37CVvtoCOhSWaakWKsn1Bc4b3Y1I35wfFi B44SnAelKnAybiGQqSFXEnSRflmY4Ov6peUcWNwjFC0RBQpxAcDpptrT3u5f2k0f iy+YbzRQ4+FYUhXz5xE6a4mj7bTG7SHR8AZI/bTv2aszc9M7y9b/ScOO2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN5X+NgL06IcUQqVY6Hc+luopru4MB8GA1UdIwQY MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3 LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkEnk+RX im72+vdYXERP3N7Xhzk0CHLcgYT+ot6bSQr24xQ0hFQzATUAXoy6I6pfGYvO+96U fizY3Mh0hsxN9T9fx8KSXdKzZfwuNvgl1kYUnQMLb3v+gL0K0+VoofSl/D2PAesz vWpXvdsM9Gcdfuqsc12lMwOu9QOwpz1eoZecDxgay+CohQ8BTzWp8PEEt4k22DkM xl9LJjHVtr1sy2FegIkCqK6W+uSYcNzvAKBDi5XC8b+ZA7V3Dd3Zev+J6w3Bn9+9 m4qAp43AvbDftNSnt9ify+0ASs+UkYC3JJbn4JABWHVnPaQ44KSF8X+roD51aixK ze51DJ7hPWLSGg== -----END CERTIFICATE-----Generated at Mon Mar 30 09:28:09 2026 by rpki-client