Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: JokG5ej/loML35kdSeXylpzui6BLKq+C73w+VhePRfI=
Subject key identifier: C4:57:C1:90:35:FA:30:93:52:23:3F:B1:4E:F8:0A:7B:FC:DE:CD:65
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019D3789A2454C3CDCAA6D55DAACB1890290
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 110F
Signing time: Sun 29 Mar 2026 03:00:59 +0000
Manifest this update: Sun 29 Mar 2026 03:00:59 +0000
Manifest next update: Mon 30 Mar 2026 03:00:59 +0000
Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: Ac5iiyFDuFoiiVxflwupJuQo2c6d6vhJVnJFeuQfbiM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:a2:45:4c:3c:dc:aa:6d:55:da:ac:b1:89:02:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Mar 29 03:00:59 2026 GMT
Not After : Mar 30 03:00:59 2026 GMT
Subject: CN=c457c19035fa309352233fb14ef80a7bfcdecd65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:33:bf:56:1f:f5:ff:04:ea:93:32:35:1f:9e:
89:bc:dc:14:2e:34:61:47:fb:01:fb:1f:97:01:9d:
bc:48:62:c2:d8:8c:d6:3f:90:d3:8e:c8:eb:0f:e9:
2f:26:5e:00:27:7f:7b:5a:60:dd:a2:50:33:a2:5a:
0c:72:8d:47:c8:c2:f0:18:a3:6c:d3:88:f4:7c:4e:
a0:bf:2e:00:d6:8c:d9:55:88:9c:29:bc:69:0a:a7:
12:5d:db:09:4b:90:1f:b2:c3:8d:cd:d2:0d:cb:53:
e6:0b:a3:ce:8f:2e:e9:ea:6d:5c:38:f1:e8:d3:c4:
f5:90:74:9b:b6:bf:81:1d:04:5a:d3:1c:14:ab:72:
54:3d:b7:72:e5:95:b3:9f:e2:43:ba:e6:5b:ad:de:
f6:e8:c1:1c:96:cd:b5:5e:9b:0b:09:59:76:ce:60:
54:5f:7e:3a:ee:af:d1:b0:58:31:d1:ce:eb:f5:4b:
a3:64:c4:e7:c3:a6:31:95:ef:b4:bc:56:bf:1f:da:
2a:d5:fe:fd:83:23:95:05:7d:be:87:77:77:6b:c4:
33:69:d9:28:31:c1:d7:43:c0:56:fd:25:ad:80:0e:
a6:f1:32:b0:dd:25:75:75:f8:9f:e0:59:a9:38:98:
bc:fd:df:6d:df:39:db:3b:80:e3:48:0a:e2:02:e2:
df:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:57:C1:90:35:FA:30:93:52:23:3F:B1:4E:F8:0A:7B:FC:DE:CD:65
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:ef:a9:06:5b:c2:1e:01:b2:f0:5a:54:b0:8c:7e:f7:74:c4:
ca:79:1f:96:e9:d1:4a:f5:33:53:2b:ca:af:89:50:d8:fe:c0:
25:66:a4:73:56:03:e3:3d:9b:f6:bf:fe:d2:79:82:5e:9b:1e:
7e:02:40:09:88:ab:20:2e:fd:f7:72:9d:cc:4b:d6:99:d3:36:
e5:b4:b4:47:08:52:b2:3b:0b:ec:56:41:57:33:10:f3:8e:c9:
2e:a9:d6:3f:ad:26:81:eb:83:71:ec:a4:b0:5b:70:79:62:cf:
91:78:6f:cd:05:eb:75:69:f9:14:17:6e:08:90:1b:1a:5f:23:
0d:96:1b:87:eb:21:bd:e2:62:56:a3:44:15:6e:61:65:8f:c7:
e8:ff:11:11:84:33:71:bc:fa:79:53:14:e0:a7:ca:28:55:43:
52:db:cf:8b:82:29:1f:62:96:08:fe:2b:9c:89:87:23:09:2d:
fb:2c:3e:7d:d3:89:ff:22:0e:47:94:1b:67:26:6f:0a:60:78:
f5:9a:80:bb:fc:3a:53:58:eb:34:6d:26:33:2e:7b:03:a3:1f:
ee:03:eb:17:60:be:6c:2f:61:cd:b4:e6:f9:43:7b:12:a6:07:
07:61:9a:8d:59:06:14:a8:b4:af:fe:85:eb:c3:b5:34:28:df:
ce:f7:c5:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iaJFTDzcqm1V2qyxiQKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjYwMzI5MDMwMDU5WhcNMjYwMzMwMDMwMDU5WjAzMTEwLwYDVQQD
EyhjNDU3YzE5MDM1ZmEzMDkzNTIyMzNmYjE0ZWY4MGE3YmZjZGVjZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzO/Vh/1/wTqkzI1H56JvNwULjRh
R/sB+x+XAZ28SGLC2IzWP5DTjsjrD+kvJl4AJ397WmDdolAzoloMco1HyMLwGKNs
04j0fE6gvy4A1ozZVYicKbxpCqcSXdsJS5AfssONzdINy1PmC6POjy7p6m1cOPHo
08T1kHSbtr+BHQRa0xwUq3JUPbdy5ZWzn+JDuuZbrd726MEcls21XpsLCVl2zmBU
X3467q/RsFgx0c7r9UujZMTnw6Yxle+0vFa/H9oq1f79gyOVBX2+h3d3a8Qzadko
McHXQ8BW/SWtgA6m8TKw3SV1dfif4FmpOJi8/d9t3znbO4DjSAriAuLfrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRXwZA1+jCTUiM/sU74Cnv83s1lMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ++pBlvC
HgGy8FpUsIx+93TEynkflunRSvUzUyvKr4lQ2P7AJWakc1YD4z2b9r/+0nmCXpse
fgJACYirIC7993KdzEvWmdM25bS0RwhSsjsL7FZBVzMQ847JLqnWP60mgeuDceyk
sFtweWLPkXhvzQXrdWn5FBduCJAbGl8jDZYbh+shveJiVqNEFW5hZY/H6P8REYQz
cbz6eVMU4KfKKFVDUtvPi4IpH2KWCP4rnImHIwkt+yw+fdOJ/yIOR5QbZyZvCmB4
9ZqAu/w6U1jrNG0mMy57A6Mf7gPrF2C+bC9hzbTm+UN7EqYHB2GajVkGFKi0r/6F
68O1NCjfzvfFsQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:47:22 2026 by rpki-client