Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: LoJ+ESod/Q4WnHs0JMAAfQI3HicNd8x7xeFcPmJnivA=
Subject key identifier: FA:DB:5B:90:DE:FF:F6:EE:94:B6:0A:7F:4E:D1:6F:96:BB:37:2A:F8
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019E1F48229F9FCE9243C02B72502370274B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 1187
Signing time: Wed 13 May 2026 03:01:21 +0000
Manifest this update: Wed 13 May 2026 03:01:21 +0000
Manifest next update: Thu 14 May 2026 03:01:21 +0000
Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: TIoYZ4M56CAUwH5QEf+7IUncaE+fxp4GAd6UwkaAYpk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1f:48:22:9f:9f:ce:92:43:c0:2b:72:50:23:70:27:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: May 13 03:01:21 2026 GMT
Not After : May 14 03:01:21 2026 GMT
Subject: CN=fadb5b90defff6ee94b60a7f4ed16f96bb372af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:52:d9:84:03:5c:6b:37:d8:9d:1d:93:79:e3:
39:53:93:5e:e8:ff:5a:bf:4e:7e:4f:b1:8e:c4:98:
f8:e5:24:17:3b:a9:f0:2e:9d:aa:ff:37:9a:73:8f:
81:e7:75:e8:8c:2b:d9:0a:e0:fa:fa:44:d5:e7:cc:
74:73:e0:3a:69:af:f0:06:22:4e:d8:ad:c6:ef:61:
c4:88:60:7e:5b:00:a5:b9:6b:66:38:36:62:a5:60:
d4:1d:f5:37:76:94:3f:73:9d:98:3e:91:36:85:9c:
a0:9f:59:a5:54:9c:9d:9b:12:ff:5a:2e:18:33:a3:
54:38:f8:d8:cb:83:f7:b9:63:95:14:a9:9c:36:89:
61:73:e1:d8:80:b7:cf:f0:f5:00:0e:cc:44:9f:6b:
04:28:73:98:8b:5a:53:46:f2:45:ca:6b:eb:83:91:
7e:ad:59:93:07:99:3d:a8:27:7d:0a:48:38:62:9b:
7e:92:c1:ac:c0:c0:d3:af:29:43:d1:1d:79:88:cb:
c8:dd:12:34:8c:24:06:79:1f:d3:8e:70:3e:ad:c2:
ef:a9:4d:2e:f4:d2:45:40:04:c8:ba:c5:c8:f2:97:
2d:d5:11:f7:f6:ee:6d:d0:e5:dc:53:36:ad:2f:57:
a2:6b:37:c2:5a:47:62:c3:99:ed:1c:95:fc:a2:98:
a1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DB:5B:90:DE:FF:F6:EE:94:B6:0A:7F:4E:D1:6F:96:BB:37:2A:F8
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:d7:d2:c5:23:fd:01:d3:4a:de:42:c1:43:85:a8:7b:9c:96:
f3:cd:2b:82:db:26:7a:7c:46:44:fe:d2:19:3c:2f:e9:b6:14:
bc:7e:f5:8f:bb:2b:dd:aa:73:54:b7:cb:dc:55:c0:28:0d:6b:
7d:42:e8:26:73:3e:3f:ff:ee:55:5c:f2:d5:24:c3:7d:bf:5c:
f7:ae:1f:fa:c7:b6:4f:a0:0a:0f:82:af:42:7b:8e:14:bd:85:
5b:7e:3e:aa:df:9b:2b:ee:61:a1:f8:a3:25:d0:68:5e:37:3a:
05:f3:e0:ce:86:cf:24:c3:53:84:6f:e7:ce:80:e0:9e:52:04:
4a:f8:6e:27:14:37:7b:ef:70:57:18:dc:cf:9a:a6:27:a1:86:
53:e3:02:fe:d2:2f:46:5d:e0:0c:de:c2:11:2e:aa:00:10:f8:
3b:ce:28:3a:32:f0:66:c1:80:d7:80:f6:75:5c:eb:e8:47:b8:
c5:50:d0:4d:67:9d:b5:12:66:dd:f7:aa:df:67:2e:59:20:8c:
4c:69:90:f4:88:8f:04:51:3b:47:52:a3:ec:a5:a2:45:1b:0b:
00:1c:b3:63:80:d2:79:f5:7c:25:c0:09:01:d6:0c:c1:de:b6:
d3:71:2f:65:6a:b0:06:1c:d0:e9:7b:0b:cf:c7:c0:bd:ed:82:
60:37:c8:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fSCKfn86SQ8ArclAjcCdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjYwNTEzMDMwMTIxWhcNMjYwNTE0MDMwMTIxWjAzMTEwLwYDVQQD
EyhmYWRiNWI5MGRlZmZmNmVlOTRiNjBhN2Y0ZWQxNmY5NmJiMzcyYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVLZhANcazfYnR2TeeM5U5Ne6P9a
v05+T7GOxJj45SQXO6nwLp2q/zeac4+B53XojCvZCuD6+kTV58x0c+A6aa/wBiJO
2K3G72HEiGB+WwCluWtmODZipWDUHfU3dpQ/c52YPpE2hZygn1mlVJydmxL/Wi4Y
M6NUOPjYy4P3uWOVFKmcNolhc+HYgLfP8PUADsxEn2sEKHOYi1pTRvJFymvrg5F+
rVmTB5k9qCd9Ckg4Ypt+ksGswMDTrylD0R15iMvI3RI0jCQGeR/TjnA+rcLvqU0u
9NJFQATIusXI8pct1RH39u5t0OXcUzatL1eiazfCWkdiw5ntHJX8opihYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrbW5De//bulLYKf07Rb5a7Nyr4MB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjtfSxSP9
AdNK3kLBQ4Woe5yW880rgtsmenxGRP7SGTwv6bYUvH71j7sr3apzVLfL3FXAKA1r
fULoJnM+P//uVVzy1STDfb9c964f+se2T6AKD4KvQnuOFL2FW34+qt+bK+5hofij
JdBoXjc6BfPgzobPJMNThG/nzoDgnlIESvhuJxQ3e+9wVxjcz5qmJ6GGU+MC/tIv
Rl3gDN7CES6qABD4O84oOjLwZsGA14D2dVzr6Ee4xVDQTWedtRJm3feq32cuWSCM
TGmQ9IiPBFE7R1Kj7KWiRRsLAByzY4DSefV8JcAJAdYMwd6203EvZWqwBhzQ6XsL
z8fAve2CYDfIqg==
-----END CERTIFICATE-----
Generated at Wed May 13 11:11:16 2026 by rpki-client