Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: fcheF6zMBSNh2A5+U/T8miwDgtaxsCvbNf6NJ+qWQ+s=
Subject key identifier: 33:36:CA:C3:88:19:D6:46:65:CA:0E:8C:04:C8:BE:58:93:60:6F:18
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019F1A55E6E17BBAFBCE5648C7DD55054CD5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 1209
Signing time: Tue 30 Jun 2026 21:01:04 +0000
Manifest this update: Tue 30 Jun 2026 21:01:04 +0000
Manifest next update: Wed 01 Jul 2026 21:01:04 +0000
Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: 9sS+i5hq4tvozxXBak35mWo29U7jVC7Gq9SC2kdtS1A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:1a:55:e6:e1:7b:ba:fb:ce:56:48:c7:dd:55:05:4c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Jun 30 21:01:04 2026 GMT
Not After : Jul 1 21:01:04 2026 GMT
Subject: CN=3336cac38819d64665ca0e8c04c8be5893606f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ee:8e:0b:5d:7e:19:4f:4b:6a:5a:0c:42:77:
f3:1d:0b:04:da:de:9d:1e:06:8b:63:d0:4d:55:d1:
d1:9a:97:15:65:9d:cb:c9:bc:cc:f8:69:7b:3d:21:
07:5f:7d:8d:7b:c7:aa:83:cc:65:20:13:03:ad:83:
4c:33:c2:0f:4f:d6:63:eb:7b:af:f7:03:6a:ed:ba:
23:8f:12:19:91:46:b3:38:f1:2d:ec:cf:7a:4a:e0:
3e:6b:07:b5:0f:ca:bb:7b:5d:06:90:01:0d:fc:2f:
40:fc:f3:77:9a:70:85:69:48:06:b6:94:9e:c3:61:
9e:d6:be:71:ac:a1:f8:24:5a:57:7b:12:c4:7f:37:
a6:21:24:62:ef:a5:c9:84:9a:52:3b:8b:38:f8:df:
3c:0c:9f:00:1d:b6:a8:a3:a3:86:e1:dc:f0:d7:17:
0b:ec:6a:4d:71:6d:21:c8:65:67:64:32:cd:20:d2:
af:01:84:13:8b:b4:62:2a:70:bc:b5:61:7a:1d:1c:
9f:1a:b8:ae:64:09:8e:fa:6d:64:c5:85:bb:de:f8:
b0:9f:84:5a:35:af:ae:2f:3a:42:d6:a0:55:92:c8:
ef:f8:b6:12:5e:18:b6:d6:04:ac:f6:d6:ab:7f:0d:
81:2d:19:7b:2e:9f:d2:6b:e0:0e:c3:19:84:4d:76:
54:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:36:CA:C3:88:19:D6:46:65:CA:0E:8C:04:C8:BE:58:93:60:6F:18
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:0b:d2:65:43:0a:a3:fd:67:69:c1:fb:50:24:d4:d2:c7:0f:
da:2f:00:f9:07:fe:30:52:5e:00:fb:ed:dc:28:3f:25:b7:2c:
5d:1c:7b:c2:2a:5b:a7:cf:e9:7a:8d:1e:dc:7f:eb:52:c1:01:
33:4a:57:cf:70:3d:f6:4c:47:18:ee:9f:cb:4c:05:59:62:0a:
02:e1:c2:96:6f:38:84:d8:04:b2:d6:d4:da:ea:13:0b:1c:c6:
7a:b6:03:02:ab:df:ac:0a:0c:f5:d7:7e:87:7e:2b:d5:df:32:
22:f6:25:b2:21:9b:a4:0a:bd:33:91:c8:8d:2b:7d:e0:2b:b7:
4e:9a:88:37:94:c5:54:44:a4:27:b7:4a:32:f8:b3:f6:79:dc:
51:6d:47:9f:fd:59:36:c5:33:65:0d:db:f6:99:5a:9c:12:49:
a2:67:60:5d:81:5c:cd:9c:ed:9c:e6:65:87:83:b9:e6:aa:ba:
58:b4:09:ce:0b:be:ea:fe:fe:f0:30:3e:6f:d4:da:51:83:53:
89:c0:bd:a9:60:35:13:a6:1d:38:f8:65:c9:3e:11:23:97:6f:
e2:70:82:9e:88:be:5c:3e:46:11:ac:52:bb:81:f3:e5:d1:c0:
2e:fc:9f:1d:39:1c:53:8f:1e:b8:04:6d:20:91:76:f4:b7:a1:
b1:77:27:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8aVebhe7r7zlZIx91VBUzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjYwNjMwMjEwMTA0WhcNMjYwNzAxMjEwMTA0WjAzMTEwLwYDVQQD
EygzMzM2Y2FjMzg4MTlkNjQ2NjVjYTBlOGMwNGM4YmU1ODkzNjA2ZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+6OC11+GU9LaloMQnfzHQsE2t6d
HgaLY9BNVdHRmpcVZZ3LybzM+Gl7PSEHX32Ne8eqg8xlIBMDrYNMM8IPT9Zj63uv
9wNq7bojjxIZkUazOPEt7M96SuA+awe1D8q7e10GkAEN/C9A/PN3mnCFaUgGtpSe
w2Ge1r5xrKH4JFpXexLEfzemISRi76XJhJpSO4s4+N88DJ8AHbaoo6OG4dzw1xcL
7GpNcW0hyGVnZDLNINKvAYQTi7RiKnC8tWF6HRyfGriuZAmO+m1kxYW73viwn4Ra
Na+uLzpC1qBVksjv+LYSXhi21gSs9tarfw2BLRl7Lp/Sa+AOwxmETXZUcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDM2ysOIGdZGZcoOjATIvliTYG8YMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQvSZUMK
o/1nacH7UCTU0scP2i8A+Qf+MFJeAPvt3Cg/JbcsXRx7wipbp8/peo0e3H/rUsEB
M0pXz3A99kxHGO6fy0wFWWIKAuHClm84hNgEstbU2uoTCxzGerYDAqvfrAoM9dd+
h34r1d8yIvYlsiGbpAq9M5HIjSt94Cu3TpqIN5TFVESkJ7dKMviz9nncUW1Hn/1Z
NsUzZQ3b9planBJJomdgXYFczZztnOZlh4O55qq6WLQJzgu+6v7+8DA+b9TaUYNT
icC9qWA1E6YdOPhlyT4RI5dv4nCCnoi+XD5GEaxSu4Hz5dHALvyfHTkcU48euARt
IJF29LehsXcnbw==
-----END CERTIFICATE-----
Generated at Tue Jun 30 22:44:19 2026 by rpki-client