Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: MAnTeGc6gOF+a6haVBIQspVch35DT34xSqOojztC5kw=
Subject key identifier: 42:8C:C9:02:D7:41:EC:01:46:69:45:67:07:DD:AB:CD:6F:EA:A7:0C
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 0196C427367634FE38133747F114D39A3870
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 0DB7
Signing time: Mon 12 May 2025 11:00:26 +0000
Manifest this update: Mon 12 May 2025 11:00:26 +0000
Manifest next update: Tue 13 May 2025 11:00:26 +0000
Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: f55hHWM1KtXSPBEzXESzXCUrYVQVlPmaximsMlHr0cg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:27:36:76:34:fe:38:13:37:47:f1:14:d3:9a:38:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: May 12 11:00:26 2025 GMT
Not After : May 13 11:00:26 2025 GMT
Subject: CN=428cc902d741ec014669456707ddabcd6feaa70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f9:2e:59:0e:69:f7:98:da:6d:d8:9a:0b:11:
b3:03:ec:7f:7b:14:82:a2:86:54:7e:c5:e1:fc:23:
15:91:b2:67:68:ee:cd:6c:0a:d2:d9:82:c0:91:2c:
fb:dc:69:b4:43:46:3b:eb:50:bf:84:fd:f7:87:7e:
dc:8e:0b:57:2b:40:e9:74:54:a1:d6:b0:bd:f2:d4:
03:7c:19:f8:32:32:f9:28:0e:99:e5:80:9a:6c:4d:
6a:e9:42:58:70:18:36:bd:03:47:dd:ab:02:fd:82:
b3:15:6d:b4:48:bb:b1:e0:09:f5:93:ce:c1:3b:a5:
ac:63:01:1c:05:8a:ec:41:1c:01:f1:f7:a1:75:f5:
f8:3c:a1:7f:2a:18:04:f8:ec:4c:99:41:9f:85:bd:
91:0e:2c:a3:2a:e9:07:e5:32:09:89:8a:bd:c4:5b:
10:71:09:a1:30:a1:09:8b:41:f0:ad:3a:cb:6d:02:
b3:f6:1f:c9:6e:ad:f0:e0:17:bb:d1:66:68:3e:7f:
48:6b:76:df:fd:5d:f3:5d:74:10:85:ac:4a:5e:d1:
5d:8d:be:5f:09:17:52:18:bf:72:9b:a7:e7:e9:f7:
69:8e:cf:21:c8:e1:70:aa:9c:e4:ed:e5:5b:33:14:
08:46:38:75:05:e4:4a:5b:ac:aa:36:71:24:2d:23:
4c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8C:C9:02:D7:41:EC:01:46:69:45:67:07:DD:AB:CD:6F:EA:A7:0C
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:ec:e4:6f:5d:2c:59:ed:4f:72:67:cc:3b:07:c5:e7:7a:b7:
db:f5:c9:16:43:13:b6:1a:72:71:fc:96:88:44:f8:0f:fa:56:
84:03:f6:00:e1:92:58:d6:90:80:15:1b:43:d9:84:f6:83:66:
d3:a5:16:4f:61:91:85:68:91:06:5c:ce:84:c3:4f:45:98:28:
1d:93:be:52:be:55:56:fc:fb:f1:f1:22:ba:84:fa:4a:fa:c8:
bb:6f:ef:1e:e6:ae:9a:b0:24:2c:71:80:5a:8c:53:03:ec:c5:
cc:19:ef:66:c1:a3:1c:1d:97:32:c4:68:3b:d5:c4:e2:db:46:
31:1f:4e:8c:b4:41:6c:5f:32:e4:c5:8e:77:66:b6:b5:48:05:
47:38:d9:d1:c5:c8:ec:f1:e9:81:f2:8d:9c:da:33:9e:c5:43:
0b:ae:bf:97:9f:09:bd:03:8c:99:92:22:c8:11:dc:71:55:a2:
46:61:4e:63:29:f1:39:d4:16:97:29:77:75:6c:7b:35:6d:1c:
d4:8d:da:88:63:f5:a6:bd:bb:3b:70:98:bc:9e:c4:12:6a:f4:
f8:f4:4a:f6:b6:c4:5e:3d:89:36:36:66:c0:9a:ac:cb:e1:f0:
0c:e7:38:f1:2d:91:21:1b:5c:65:a0:ca:5f:a8:81:22:71:a8:
1c:d1:d2:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEJzZ2NP44EzdH8RTTmjhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjUwNTEyMTEwMDI2WhcNMjUwNTEzMTEwMDI2WjAzMTEwLwYDVQQD
Eyg0MjhjYzkwMmQ3NDFlYzAxNDY2OTQ1NjcwN2RkYWJjZDZmZWFhNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PkuWQ5p95jabdiaCxGzA+x/exSC
ooZUfsXh/CMVkbJnaO7NbArS2YLAkSz73Gm0Q0Y761C/hP33h37cjgtXK0DpdFSh
1rC98tQDfBn4MjL5KA6Z5YCabE1q6UJYcBg2vQNH3asC/YKzFW20SLux4An1k87B
O6WsYwEcBYrsQRwB8fehdfX4PKF/KhgE+OxMmUGfhb2RDiyjKukH5TIJiYq9xFsQ
cQmhMKEJi0HwrTrLbQKz9h/Jbq3w4Be70WZoPn9Ia3bf/V3zXXQQhaxKXtFdjb5f
CRdSGL9ym6fn6fdpjs8hyOFwqpzk7eVbMxQIRjh1BeRKW6yqNnEkLSNMsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKMyQLXQewBRmlFZwfdq81v6qcMMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANOzkb10s
We1PcmfMOwfF53q32/XJFkMTthpycfyWiET4D/pWhAP2AOGSWNaQgBUbQ9mE9oNm
06UWT2GRhWiRBlzOhMNPRZgoHZO+Ur5VVvz78fEiuoT6SvrIu2/vHuaumrAkLHGA
WoxTA+zFzBnvZsGjHB2XMsRoO9XE4ttGMR9OjLRBbF8y5MWOd2a2tUgFRzjZ0cXI
7PHpgfKNnNoznsVDC66/l58JvQOMmZIiyBHccVWiRmFOYynxOdQWlyl3dWx7NW0c
1I3aiGP1pr27O3CYvJ7EEmr0+PRK9rbEXj2JNjZmwJqsy+HwDOc48S2RIRtcZaDK
X6iBInGoHNHSlA==
-----END CERTIFICATE-----
Generated at Mon May 12 16:17:23 2025 by rpki-client