Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: Uc7Hkkk7uBTuRCLElJKYOvD3hkh7FXbDIcbgKte/p+0=
Subject key identifier: 2D:A9:2E:A2:99:57:30:2B:B4:67:00:B8:98:40:C9:F3:9B:9E:D4:D0
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 01975121B0CA11B909377E3D8D89B8EA668E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 0E00
Signing time: Sun 08 Jun 2025 20:00:51 +0000
Manifest this update: Sun 08 Jun 2025 20:00:51 +0000
Manifest next update: Mon 09 Jun 2025 20:00:51 +0000
Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: o4/c2yjuDS/dm04xV8CIyX0Gn/vvrGa5MEXN64neU3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 20:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:51:21:b0:ca:11:b9:09:37:7e:3d:8d:89:b8:ea:66:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Jun 8 20:00:51 2025 GMT
Not After : Jun 9 20:00:51 2025 GMT
Subject: CN=2da92ea29957302bb46700b89840c9f39b9ed4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:42:df:ad:e1:4b:0f:af:92:e7:74:a4:aa:83:
1c:3c:22:b3:53:de:26:71:71:45:00:55:b1:f6:da:
81:e0:37:0a:20:e0:0b:9a:c8:ea:1a:c7:88:5b:48:
4d:c2:0e:9d:c3:02:2a:5e:42:54:1d:b9:97:56:2b:
29:29:b9:6f:f5:20:b4:75:10:93:a3:ff:37:c6:d9:
9c:d1:7b:9e:66:c4:4f:39:a2:4e:d6:c4:b1:8a:d9:
c0:c9:3a:b6:88:c2:0e:b8:e7:2b:7c:d4:3d:92:66:
42:81:07:4d:40:9c:29:d0:3f:b5:48:17:63:01:7d:
25:ed:68:59:0f:2d:91:ee:3a:55:57:35:e6:40:fc:
19:bb:4d:2a:ef:98:29:fc:68:73:00:59:fc:7f:c4:
9a:13:df:0f:a2:0c:d8:2d:2b:e7:d1:2b:ec:3e:a5:
0f:23:04:87:bc:a9:d5:ea:c6:f2:22:ac:e3:51:ff:
44:17:0e:7a:f2:8b:ca:d5:df:c8:c4:c0:7d:a0:83:
91:60:80:9c:9a:8e:64:b8:a9:b1:2f:e0:28:80:4a:
8d:97:66:31:fc:06:80:30:4d:20:5c:76:64:44:2c:
83:e2:bf:64:99:a7:f0:7b:f8:02:9b:33:62:60:b4:
9b:ac:79:a9:35:ff:ee:27:4f:b9:5b:b7:cd:a9:6f:
d3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A9:2E:A2:99:57:30:2B:B4:67:00:B8:98:40:C9:F3:9B:9E:D4:D0
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:cf:ae:af:cb:6e:a0:28:99:53:d1:92:1d:42:ff:bf:e8:b1:
54:8d:43:e7:35:15:23:c0:be:ba:d0:af:85:68:dc:ea:8e:fb:
97:4e:26:63:cb:89:e9:cd:14:22:99:bf:f1:2f:89:ef:27:46:
6e:83:06:84:c7:7b:ac:4a:7f:14:eb:cf:47:ee:d2:50:30:84:
f7:13:84:90:ae:dd:8d:26:4e:12:65:b9:f5:0d:5d:68:16:d0:
59:74:df:76:5c:27:e6:59:bb:9a:a4:71:de:97:e1:c5:7d:20:
b3:f0:33:2e:56:fd:cc:cf:e6:b8:43:14:1d:a6:0d:20:15:d6:
df:8d:5d:f2:fa:23:01:9d:d2:ef:c0:30:18:40:ca:52:66:63:
82:93:5a:bc:ba:90:91:39:61:dd:9d:42:95:8d:58:80:d0:c2:
4f:46:62:7b:ad:9e:f3:1a:68:d7:15:dd:ef:20:df:aa:6a:f9:
a2:3c:5a:e9:92:52:f5:ec:d9:64:92:86:35:3a:d5:10:4e:0b:
3f:3d:66:f2:09:27:45:de:e7:8f:d0:d8:b8:2a:ac:02:34:e4:
3d:96:63:42:0f:92:bd:95:58:01:6b:b4:b5:6d:d6:65:65:89:
6b:97:6f:07:73:b3:e5:16:89:eb:61:3d:2b:0b:85:dc:e7:b2:
a6:2e:d0:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIbDKEbkJN349jYm46maOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjUwNjA4MjAwMDUxWhcNMjUwNjA5MjAwMDUxWjAzMTEwLwYDVQQD
EygyZGE5MmVhMjk5NTczMDJiYjQ2NzAwYjg5ODQwYzlmMzliOWVkNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmELfreFLD6+S53SkqoMcPCKzU94m
cXFFAFWx9tqB4DcKIOALmsjqGseIW0hNwg6dwwIqXkJUHbmXVispKblv9SC0dRCT
o/83xtmc0XueZsRPOaJO1sSxitnAyTq2iMIOuOcrfNQ9kmZCgQdNQJwp0D+1SBdj
AX0l7WhZDy2R7jpVVzXmQPwZu00q75gp/GhzAFn8f8SaE98PogzYLSvn0SvsPqUP
IwSHvKnV6sbyIqzjUf9EFw568ovK1d/IxMB9oIORYICcmo5kuKmxL+AogEqNl2Yx
/AaAME0gXHZkRCyD4r9kmafwe/gCmzNiYLSbrHmpNf/uJ0+5W7fNqW/THQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2pLqKZVzArtGcAuJhAyfObntTQMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGM+ur8tu
oCiZU9GSHUL/v+ixVI1D5zUVI8C+utCvhWjc6o77l04mY8uJ6c0UIpm/8S+J7ydG
boMGhMd7rEp/FOvPR+7SUDCE9xOEkK7djSZOEmW59Q1daBbQWXTfdlwn5lm7mqRx
3pfhxX0gs/AzLlb9zM/muEMUHaYNIBXW341d8vojAZ3S78AwGEDKUmZjgpNavLqQ
kTlh3Z1ClY1YgNDCT0Zie62e8xpo1xXd7yDfqmr5ojxa6ZJS9ezZZJKGNTrVEE4L
Pz1m8gknRd7nj9DYuCqsAjTkPZZjQg+SvZVYAWu0tW3WZWWJa5dvB3Oz5RaJ62E9
KwuF3Oeypi7QyQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:53:10 2025 by rpki-client