Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: sF89LlUEuau4BK/VxP7V3W42+wCYUC4Y6OP7Yb/ec4Y=
Subject key identifier: 0D:03:B8:D4:0F:06:5A:20:67:F8:3E:21:CF:99:71:F4:C2:66:9A:79
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019D2627D9D6B8C85520EC87ECFFC50B8B3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 1106
Signing time: Wed 25 Mar 2026 18:00:38 +0000
Manifest this update: Wed 25 Mar 2026 18:00:38 +0000
Manifest next update: Thu 26 Mar 2026 18:00:38 +0000
Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: tGsN1BW4o6GA+ci8KiwgVgvsC8jbbPHDTBbaf00WqEI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:27:d9:d6:b8:c8:55:20:ec:87:ec:ff:c5:0b:8b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Mar 25 18:00:38 2026 GMT
Not After : Mar 26 18:00:38 2026 GMT
Subject: CN=0d03b8d40f065a2067f83e21cf9971f4c2669a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bc:9a:c5:2d:9f:a4:ca:e1:9c:e5:56:6d:42:
29:2d:17:ee:e3:45:30:d6:8a:38:62:41:6b:4e:f4:
a4:ad:37:86:3e:c8:a9:ef:cd:45:32:83:8e:4f:f6:
6c:82:7c:16:3f:b7:19:b2:8d:a4:91:4a:b1:b0:24:
36:35:fc:ea:58:ef:1d:63:37:29:ef:39:d3:27:6d:
e1:5e:79:f2:9f:2e:ab:21:d1:ac:42:6b:10:66:cc:
1e:39:9c:f9:13:d7:b6:f4:b7:1b:17:df:17:38:83:
30:65:31:2d:d5:b0:2d:db:97:cc:0b:8e:9a:3f:ff:
6a:6a:11:d0:0a:0d:a6:7c:78:ff:73:05:c1:e9:71:
16:7b:a2:6e:99:3c:b4:3d:5e:3b:07:13:bc:92:3b:
59:e1:68:ba:99:14:f1:23:d6:11:99:aa:cc:5a:da:
ba:a7:a3:c3:29:e6:90:cf:7f:cd:3b:f2:53:38:8f:
6e:86:70:0b:6c:a2:c4:0a:a7:c3:79:f2:2d:74:9a:
21:b0:c7:1a:a3:76:7e:ff:7e:63:ea:17:2d:42:e1:
eb:98:d8:db:a2:03:82:1d:19:d9:f0:fe:70:b0:3d:
5b:75:09:d9:28:76:80:ba:41:c6:49:1c:9f:62:7f:
25:20:eb:95:fb:d6:78:cd:b2:94:6f:70:9e:f9:0b:
6e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:03:B8:D4:0F:06:5A:20:67:F8:3E:21:CF:99:71:F4:C2:66:9A:79
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:25:75:22:eb:95:da:91:c3:fb:85:76:45:5f:bf:85:29:8b:
a6:80:25:55:ce:6a:06:c1:a0:68:dd:a2:6b:bf:32:58:4f:98:
20:82:ce:bb:99:d2:93:f9:c1:fc:77:3a:f9:75:df:a4:84:1f:
be:e1:a9:ad:be:d6:6c:b4:43:55:7a:68:af:9b:5d:a0:0e:df:
be:af:50:45:f1:bb:23:3b:dd:79:3e:80:aa:18:65:e4:b4:26:
e8:74:ed:99:bd:5c:c0:60:8b:23:da:24:88:98:d0:ea:35:72:
ed:3d:2d:93:f7:24:de:22:d5:45:9f:fc:a5:65:76:38:1b:82:
f0:6a:4a:6c:d5:90:87:11:72:84:b7:ea:de:1d:c7:ad:eb:41:
b1:b1:cc:64:4a:bd:e5:fa:eb:54:1e:aa:9c:2e:57:0f:8e:83:
f9:29:71:b6:43:de:75:3d:8f:53:f1:f9:a1:49:bb:4a:86:c0:
07:3b:54:5b:f2:98:e4:0d:78:51:00:d4:24:aa:5a:c4:45:60:
eb:c8:c2:8e:25:2e:fd:16:08:bd:7f:07:dd:79:cb:96:66:dc:
17:2a:30:3f:27:2f:8c:f6:43:d2:03:a1:e1:23:12:bf:37:1d:
d6:df:ee:0a:63:3d:8d:48:ff:3c:37:9f:04:27:6d:95:fd:30:
a7:62:8b:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mJ9nWuMhVIOyH7P/FC4s8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjYwMzI1MTgwMDM4WhcNMjYwMzI2MTgwMDM4WjAzMTEwLwYDVQQD
EygwZDAzYjhkNDBmMDY1YTIwNjdmODNlMjFjZjk5NzFmNGMyNjY5YTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbyaxS2fpMrhnOVWbUIpLRfu40Uw
1oo4YkFrTvSkrTeGPsip781FMoOOT/ZsgnwWP7cZso2kkUqxsCQ2NfzqWO8dYzcp
7znTJ23hXnnyny6rIdGsQmsQZsweOZz5E9e29LcbF98XOIMwZTEt1bAt25fMC46a
P/9qahHQCg2mfHj/cwXB6XEWe6JumTy0PV47BxO8kjtZ4Wi6mRTxI9YRmarMWtq6
p6PDKeaQz3/NO/JTOI9uhnALbKLECqfDefItdJohsMcao3Z+/35j6hctQuHrmNjb
ogOCHRnZ8P5wsD1bdQnZKHaAukHGSRyfYn8lIOuV+9Z4zbKUb3Ce+QtuxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0DuNQPBlogZ/g+Ic+ZcfTCZpp5MB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYCV1IuuV
2pHD+4V2RV+/hSmLpoAlVc5qBsGgaN2ia78yWE+YIILOu5nSk/nB/Hc6+XXfpIQf
vuGprb7WbLRDVXpor5tdoA7fvq9QRfG7IzvdeT6Aqhhl5LQm6HTtmb1cwGCLI9ok
iJjQ6jVy7T0tk/ck3iLVRZ/8pWV2OBuC8GpKbNWQhxFyhLfq3h3HretBsbHMZEq9
5frrVB6qnC5XD46D+SlxtkPedT2PU/H5oUm7SobABztUW/KY5A14UQDUJKpaxEVg
68jCjiUu/RYIvX8H3XnLlmbcFyowPycvjPZD0gOh4SMSvzcd1t/uCmM9jUj/PDef
BCdtlf0wp2KLfg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:56:55 2026 by rpki-client