Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: KR/FTZUbSwbWUruq/8PVeiq7eidi1Ypfhr8pVjpNSqU=
Subject key identifier: 63:7A:E2:18:CA:48:D2:76:73:CE:67:59:35:95:F5:4E:68:D0:50:DC
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 0198D54E17BF5B93D40DC4C22EEB7EBB911C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 0EC9
Signing time: Sat 23 Aug 2025 05:02:01 +0000
Manifest this update: Sat 23 Aug 2025 05:02:01 +0000
Manifest next update: Sun 24 Aug 2025 05:02:01 +0000
Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: VFKZmK+1tgVf1MPUkCES6f+xURzgl3iyyaq/sLDZurU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4e:17:bf:5b:93:d4:0d:c4:c2:2e:eb:7e:bb:91:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Aug 23 05:02:01 2025 GMT
Not After : Aug 24 05:02:01 2025 GMT
Subject: CN=637ae218ca48d27673ce67593595f54e68d050dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c3:ac:bc:89:ce:8e:23:30:8c:2e:3a:97:8c:
e7:c2:80:20:2f:6d:51:e1:26:e7:de:81:9c:a0:f7:
85:af:b2:5b:7f:e4:c8:dc:30:1a:9e:c8:44:b8:28:
1c:65:9a:2b:42:aa:0b:ad:e5:67:1e:f0:85:2d:44:
42:53:08:0d:8e:3c:c7:52:2f:da:ec:b5:3f:c8:db:
a4:f2:9f:fe:33:74:7b:67:ad:e8:17:0c:e5:2d:fa:
e7:e4:13:75:d9:58:f2:94:f8:9c:22:fa:ee:1c:25:
91:f9:58:fc:25:df:e6:fe:4c:a0:8e:2c:b3:db:c7:
cd:26:73:77:d2:25:33:f2:00:29:4c:76:6e:a7:3a:
01:5a:4f:ce:05:89:4f:77:43:cb:eb:c7:57:4b:01:
eb:b5:ab:4e:1d:09:9f:d5:bb:42:f9:90:db:65:51:
74:60:40:eb:e2:be:c2:47:88:fa:11:62:4b:d4:1b:
4b:ae:0f:b5:c1:76:04:33:3d:17:f8:b3:32:89:3e:
b0:e8:60:2b:0b:d2:0c:c8:24:a7:ac:d6:76:10:c2:
fb:e6:3b:26:ae:61:9b:bf:93:bb:c2:b3:51:a9:6e:
d8:18:15:00:59:1e:01:aa:a0:d3:46:1c:5c:88:38:
3a:e7:87:33:6e:c9:e5:b9:e5:bf:f2:b7:8d:3d:36:
3c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7A:E2:18:CA:48:D2:76:73:CE:67:59:35:95:F5:4E:68:D0:50:DC
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:e9:30:96:d6:f8:60:75:ab:e7:11:43:f7:ec:73:61:2d:62:
04:05:69:ed:13:47:18:b2:a6:23:8e:69:43:7d:62:99:9b:5f:
13:3a:99:3b:43:4c:da:04:75:b9:98:a3:a4:70:1a:4c:92:0f:
76:d9:70:f4:0f:ec:85:c8:6d:a2:75:96:d0:2c:be:ed:b0:11:
18:f1:94:55:f2:1a:01:78:39:85:18:35:b9:86:aa:02:0f:ba:
42:40:fb:94:92:26:27:41:42:e8:c0:e4:1f:a0:25:9a:33:cc:
f5:96:54:1d:01:f3:e6:c6:52:9e:76:3c:36:d4:cb:75:ad:0d:
02:db:8d:5b:19:67:5b:8a:0c:cb:10:7b:0d:c7:40:5a:e9:bf:
5f:48:b5:3d:b0:12:e8:7c:20:6a:0f:48:f6:8f:29:f6:d5:8d:
ea:d9:ea:d5:77:d8:a5:19:01:22:c7:f4:0a:59:8d:81:c8:11:
f9:df:16:32:9b:21:ac:e1:20:d7:9b:ff:5f:20:bf:13:f9:ab:
b3:e8:36:30:ad:55:2b:d0:66:6a:23:c3:18:ce:12:35:ff:34:
02:86:5e:d2:d0:08:10:16:1e:a5:ab:4b:36:d4:f4:c1:56:a1:
1f:27:e6:41:72:4b:a2:c0:e5:57:d7:3e:9b:84:37:a6:ad:20:
c1:fc:3b:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVThe/W5PUDcTCLut+u5EcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjUwODIzMDUwMjAxWhcNMjUwODI0MDUwMjAxWjAzMTEwLwYDVQQD
Eyg2MzdhZTIxOGNhNDhkMjc2NzNjZTY3NTkzNTk1ZjU0ZTY4ZDA1MGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycOsvInOjiMwjC46l4znwoAgL21R
4Sbn3oGcoPeFr7Jbf+TI3DAanshEuCgcZZorQqoLreVnHvCFLURCUwgNjjzHUi/a
7LU/yNuk8p/+M3R7Z63oFwzlLfrn5BN12VjylPicIvruHCWR+Vj8Jd/m/kygjiyz
28fNJnN30iUz8gApTHZupzoBWk/OBYlPd0PL68dXSwHrtatOHQmf1btC+ZDbZVF0
YEDr4r7CR4j6EWJL1BtLrg+1wXYEMz0X+LMyiT6w6GArC9IMyCSnrNZ2EML75jsm
rmGbv5O7wrNRqW7YGBUAWR4BqqDTRhxciDg654czbsnlueW/8reNPTY88wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGN64hjKSNJ2c85nWTWV9U5o0FDcMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqekwltb4
YHWr5xFD9+xzYS1iBAVp7RNHGLKmI45pQ31imZtfEzqZO0NM2gR1uZijpHAaTJIP
dtlw9A/shchtonWW0Cy+7bARGPGUVfIaAXg5hRg1uYaqAg+6QkD7lJImJ0FC6MDk
H6AlmjPM9ZZUHQHz5sZSnnY8NtTLda0NAtuNWxlnW4oMyxB7DcdAWum/X0i1PbAS
6Hwgag9I9o8p9tWN6tnq1XfYpRkBIsf0ClmNgcgR+d8WMpshrOEg15v/XyC/E/mr
s+g2MK1VK9BmaiPDGM4SNf80AoZe0tAIEBYepatLNtT0wVahHyfmQXJLosDlV9c+
m4Q3pq0gwfw7yA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:31:18 2025 by rpki-client