Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: 7qBdfonhHjzdcrJ8ZVYVSPqwHPmAEV4eGXwWhYFdqHc=
Subject key identifier: D4:42:65:3F:65:CF:F6:86:32:B4:86:42:AB:C2:6A:AD:0B:26:50:4D
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019E30A93B70535A486A279A4F6AB59EFC01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 1190
Signing time: Sat 16 May 2026 12:00:57 +0000
Manifest this update: Sat 16 May 2026 12:00:57 +0000
Manifest next update: Sun 17 May 2026 12:00:57 +0000
Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: iZhVQpzfwRJFDrJNXdiZVi8qdW4Yc+V1ftZdtUHkNE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:a9:3b:70:53:5a:48:6a:27:9a:4f:6a:b5:9e:fc:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: May 16 12:00:57 2026 GMT
Not After : May 17 12:00:57 2026 GMT
Subject: CN=d442653f65cff68632b48642abc26aad0b26504d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0e:22:ef:5b:5a:b5:9b:76:3d:cd:73:a2:62:
f3:81:e4:38:a5:70:04:de:9c:02:60:64:cc:b5:1d:
4f:9a:88:77:cf:d6:22:9b:84:b0:fe:04:89:02:ba:
23:e3:e4:19:cc:99:29:7f:34:b6:2e:b8:26:9a:b0:
37:24:ae:8d:b4:8d:5a:89:90:89:94:5f:19:11:2b:
28:f4:da:cd:47:6a:19:5a:3b:3a:90:3d:3d:38:a9:
51:3a:a2:87:ca:36:0e:d2:45:56:bf:38:e5:94:ce:
84:95:27:54:5d:83:45:20:a1:d6:ab:b8:ec:1b:48:
be:d2:bf:57:1c:26:8a:12:88:07:1e:01:2e:9b:c1:
5e:12:97:00:47:47:5b:19:7d:36:32:70:cd:bf:df:
00:0e:44:6c:78:68:6a:58:98:03:01:9c:cd:56:d3:
81:0b:b0:3a:14:04:6e:84:ef:10:80:b5:1d:d0:1f:
37:be:59:35:63:73:e6:c0:41:95:cc:36:65:35:0d:
59:97:0a:7a:f4:b3:ae:34:87:5b:70:2a:48:87:fe:
0a:61:a0:04:70:8e:c4:44:ed:22:63:3d:98:33:1e:
53:6f:1e:5f:af:85:e3:38:99:7b:f6:5a:a6:4f:8c:
bd:26:d3:74:8e:2a:ca:e5:f0:d9:26:f6:c1:0d:a1:
4f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:42:65:3F:65:CF:F6:86:32:B4:86:42:AB:C2:6A:AD:0B:26:50:4D
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:7f:15:45:67:b0:7c:dc:88:b0:c6:2a:60:36:12:c0:83:ef:
e7:5d:55:88:7c:89:7c:f2:dc:67:a3:22:a1:2a:12:ea:d8:49:
b6:6f:b2:6d:ea:c2:d9:57:53:2f:c2:62:2f:d7:a4:35:fe:00:
eb:06:3f:7e:47:90:32:be:b6:b9:72:21:53:9b:53:d8:48:cd:
4a:a1:4e:5f:1e:2a:35:d5:65:7a:e9:ba:b0:71:5c:68:84:20:
bf:b3:39:15:36:04:86:16:cd:f5:89:0d:34:9a:05:aa:cd:be:
69:d9:24:77:aa:36:37:f1:c1:c4:e1:3a:66:c5:46:2d:4a:fe:
ad:3d:dd:61:3c:13:92:97:38:c9:91:1f:d6:d4:73:1f:58:fa:
a3:f3:a4:f9:5d:e1:06:d2:27:8f:ed:eb:77:78:67:d8:d4:46:
37:f2:57:ca:aa:c6:41:d7:c8:36:1d:13:85:0b:96:99:2a:fc:
c6:33:ce:fa:58:68:17:7d:2f:de:79:ed:d7:0a:f8:a7:d8:85:
1f:72:59:35:7d:a8:0d:2c:7f:91:f9:50:74:0e:da:23:09:b3:
e8:89:98:4d:3e:13:52:e1:e8:dc:da:a8:56:8d:50:e7:7b:e0:
80:95:d0:11:73:c8:15:38:4d:1e:62:60:b9:e6:12:25:7b:05:
7d:7e:27:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wqTtwU1pIaieaT2q1nvwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjYwNTE2MTIwMDU3WhcNMjYwNTE3MTIwMDU3WjAzMTEwLwYDVQQD
EyhkNDQyNjUzZjY1Y2ZmNjg2MzJiNDg2NDJhYmMyNmFhZDBiMjY1MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg4i71tatZt2Pc1zomLzgeQ4pXAE
3pwCYGTMtR1Pmoh3z9Yim4Sw/gSJAroj4+QZzJkpfzS2LrgmmrA3JK6NtI1aiZCJ
lF8ZESso9NrNR2oZWjs6kD09OKlROqKHyjYO0kVWvzjllM6ElSdUXYNFIKHWq7js
G0i+0r9XHCaKEogHHgEum8FeEpcAR0dbGX02MnDNv98ADkRseGhqWJgDAZzNVtOB
C7A6FARuhO8QgLUd0B83vlk1Y3PmwEGVzDZlNQ1Zlwp69LOuNIdbcCpIh/4KYaAE
cI7ERO0iYz2YMx5Tbx5fr4XjOJl79lqmT4y9JtN0jirK5fDZJvbBDaFPhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRCZT9lz/aGMrSGQqvCaq0LJlBNMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaX8VRWew
fNyIsMYqYDYSwIPv511ViHyJfPLcZ6MioSoS6thJtm+yberC2VdTL8JiL9ekNf4A
6wY/fkeQMr62uXIhU5tT2EjNSqFOXx4qNdVleum6sHFcaIQgv7M5FTYEhhbN9YkN
NJoFqs2+adkkd6o2N/HBxOE6ZsVGLUr+rT3dYTwTkpc4yZEf1tRzH1j6o/Ok+V3h
BtInj+3rd3hn2NRGN/JXyqrGQdfINh0ThQuWmSr8xjPO+lhoF30v3nnt1wr4p9iF
H3JZNX2oDSx/kflQdA7aIwmz6ImYTT4TUuHo3NqoVo1Q53vggJXQEXPIFThNHmJg
ueYSJXsFfX4nMQ==
-----END CERTIFICATE-----
Generated at Sat May 16 20:21:17 2026 by rpki-client