Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: RCgFVpadHxnhccmLmiOgqnhQefM4U7hhgR8QJQr8hq4=
Subject key identifier: 2C:38:9F:C7:CD:F9:C9:D5:E1:C4:50:88:FE:81:02:70:2C:1B:FC:70
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 0199FC8F290B808C9AF01DF6EADE0B60027E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 0F62
Signing time: Sun 19 Oct 2025 13:01:04 +0000
Manifest this update: Sun 19 Oct 2025 13:01:04 +0000
Manifest next update: Mon 20 Oct 2025 13:01:04 +0000
Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: k4Lg+9naL9eeoemQ5AL9XRrGVovQxfFI9SKawQq0YnQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:29:0b:80:8c:9a:f0:1d:f6:ea:de:0b:60:02:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Oct 19 13:01:04 2025 GMT
Not After : Oct 20 13:01:04 2025 GMT
Subject: CN=2c389fc7cdf9c9d5e1c45088fe8102702c1bfc70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1b:58:df:50:1e:a8:e7:da:9d:24:08:72:9b:
84:b4:b6:19:ab:8b:29:da:fc:77:21:09:95:26:61:
92:1f:55:5d:57:4c:b0:44:da:dd:a6:61:a2:64:a5:
b6:37:02:26:40:f8:72:b2:d4:d2:3a:d9:f7:a8:be:
6e:47:92:42:da:fd:af:2f:a8:78:01:5e:b9:5f:dc:
46:34:a4:e1:d5:87:54:f4:8b:0f:f5:22:ee:37:ec:
05:f5:9d:14:f3:3f:41:1f:ae:b3:ce:ab:9d:8e:97:
69:3b:89:0e:f5:90:50:d3:1d:96:bb:b2:f2:4b:4f:
06:41:f0:fe:aa:da:1f:0b:5b:56:c9:50:c0:b0:c8:
12:9a:96:70:a9:b6:0c:ac:6b:03:6e:c6:4c:83:3a:
3b:d2:1a:60:8a:ff:80:3b:37:1e:5c:7f:3b:29:3a:
3f:ad:88:35:3f:8b:aa:3f:a7:39:bc:ff:de:3f:d8:
b6:70:f4:c5:c9:03:8a:bc:75:33:3b:7a:8c:87:02:
b8:9c:42:98:b7:e2:24:6c:ec:d0:ac:f1:a9:ae:b7:
48:23:6d:96:31:b8:54:d5:06:a4:1c:c2:4e:52:06:
2d:00:61:db:b6:7b:94:b9:41:1b:77:f0:84:68:e4:
85:63:9b:65:d7:94:e0:eb:92:35:37:93:37:f4:90:
9c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:38:9F:C7:CD:F9:C9:D5:E1:C4:50:88:FE:81:02:70:2C:1B:FC:70
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:80:b9:70:c1:c1:fa:d2:3e:12:22:8b:70:d6:c8:89:43:83:
af:56:14:e6:2e:8a:13:e5:00:3a:e0:95:18:dd:91:a4:3e:8c:
e7:50:28:b4:c5:54:71:60:ec:16:34:fe:9c:57:82:6a:3e:ca:
59:c9:9e:b7:51:24:81:39:57:9c:42:3d:fb:ae:83:3c:83:cf:
83:04:cc:a0:74:e0:5b:5e:01:f6:3b:76:71:84:69:ca:05:1b:
26:0e:e4:cf:3c:52:b9:33:f8:e4:4b:b7:0b:44:ed:19:89:47:
c9:c3:11:44:01:63:1b:49:cc:77:0a:1f:cf:69:f8:6d:31:51:
33:5a:cd:04:a6:f5:4a:4b:90:c2:e4:c2:00:86:b6:68:dd:83:
3d:d1:ba:4d:4d:d2:8d:4e:0c:0d:bc:0b:ee:23:4a:4e:f6:7d:
c3:24:19:d5:2c:1c:e2:78:92:e3:f5:25:43:25:05:31:9e:5b:
b3:9e:cf:c5:e6:41:14:77:75:29:0f:92:37:48:af:8a:22:fa:
f6:84:8b:bf:5d:92:36:a6:b8:e4:4f:bc:ca:1b:f2:a8:78:6a:
60:24:83:50:4a:f7:01:e9:fc:3e:13:17:f4:4a:84:8f:e6:dc:
49:9a:a2:88:32:cc:b7:9d:4b:e6:db:01:f0:02:fd:65:12:b8:
80:a3:5c:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jykLgIya8B326t4LYAJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjUxMDE5MTMwMTA0WhcNMjUxMDIwMTMwMTA0WjAzMTEwLwYDVQQD
EygyYzM4OWZjN2NkZjljOWQ1ZTFjNDUwODhmZTgxMDI3MDJjMWJmYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2htY31AeqOfanSQIcpuEtLYZq4sp
2vx3IQmVJmGSH1VdV0ywRNrdpmGiZKW2NwImQPhystTSOtn3qL5uR5JC2v2vL6h4
AV65X9xGNKTh1YdU9IsP9SLuN+wF9Z0U8z9BH66zzqudjpdpO4kO9ZBQ0x2Wu7Ly
S08GQfD+qtofC1tWyVDAsMgSmpZwqbYMrGsDbsZMgzo70hpgiv+AOzceXH87KTo/
rYg1P4uqP6c5vP/eP9i2cPTFyQOKvHUzO3qMhwK4nEKYt+IkbOzQrPGprrdII22W
MbhU1QakHMJOUgYtAGHbtnuUuUEbd/CEaOSFY5tl15Tg65I1N5M39JCcNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCw4n8fN+cnV4cRQiP6BAnAsG/xwMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIC5cMHB
+tI+EiKLcNbIiUODr1YU5i6KE+UAOuCVGN2RpD6M51AotMVUcWDsFjT+nFeCaj7K
Wcmet1EkgTlXnEI9+66DPIPPgwTMoHTgW14B9jt2cYRpygUbJg7kzzxSuTP45Eu3
C0TtGYlHycMRRAFjG0nMdwofz2n4bTFRM1rNBKb1SkuQwuTCAIa2aN2DPdG6TU3S
jU4MDbwL7iNKTvZ9wyQZ1Swc4niS4/UlQyUFMZ5bs57PxeZBFHd1KQ+SN0iviiL6
9oSLv12SNqa45E+8yhvyqHhqYCSDUEr3Aen8PhMX9EqEj+bcSZqiiDLMt51L5tsB
8AL9ZRK4gKNcDg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:12:23 2025 by rpki-client