Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: 9VgrByEXKsvel54p04TwIuHefZq2ZpGedSU4b6i0Ty4=
Subject key identifier: A3:D8:A8:A1:53:B9:31:16:D9:33:E8:42:FE:5A:2C:78:9B:6A:05:F4
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019A213FD6A0BF1612A56C500C543D252D25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 0F75
Signing time: Sun 26 Oct 2025 16:00:23 +0000
Manifest this update: Sun 26 Oct 2025 16:00:23 +0000
Manifest next update: Mon 27 Oct 2025 16:00:23 +0000
Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: sXgpbk+VNP1pPR4PwbyG7p7OrgvxUxTZbvPmJmI951Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 16:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:3f:d6:a0:bf:16:12:a5:6c:50:0c:54:3d:25:2d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Oct 26 16:00:23 2025 GMT
Not After : Oct 27 16:00:23 2025 GMT
Subject: CN=a3d8a8a153b93116d933e842fe5a2c789b6a05f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1d:87:a6:d1:b2:d0:3f:9f:65:87:71:4f:90:
45:3a:44:55:b8:74:5a:04:bc:69:d2:a5:c4:8a:9c:
cf:a1:98:19:03:91:43:ff:19:a6:1d:40:28:71:09:
1a:8c:2f:36:71:6a:88:1a:aa:b6:3a:e4:96:c5:cd:
05:c7:b4:59:6f:da:92:41:2d:f3:f2:f5:c8:0c:26:
c8:51:af:91:ae:62:34:0e:62:8c:8e:26:c2:1a:c9:
c8:a0:f4:f6:fa:44:69:de:ef:44:0b:cc:76:e0:db:
12:1b:29:60:49:d6:1e:0a:70:40:71:08:ec:97:d3:
42:37:da:a4:63:f3:82:f1:d6:40:e6:9a:1f:f3:4f:
93:46:95:c3:5f:dd:7c:e1:03:7b:24:e4:12:cc:90:
27:36:92:93:ca:dd:d0:da:65:63:a4:0f:2e:55:cb:
29:dc:aa:06:64:32:3e:55:cf:51:0e:5f:a6:0e:ec:
c7:2b:2c:81:54:a5:d6:bb:f9:d7:94:97:61:7e:14:
60:02:d9:b6:c7:77:8e:30:d4:c3:5c:9f:1b:b2:50:
a9:da:4b:fa:a1:cf:bb:20:5d:33:3b:ec:77:f2:23:
aa:44:d7:84:99:67:58:77:da:39:8c:bc:e1:0e:20:
35:e1:97:ab:c4:09:f3:fe:92:19:73:5a:c1:3d:59:
b0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D8:A8:A1:53:B9:31:16:D9:33:E8:42:FE:5A:2C:78:9B:6A:05:F4
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:ef:4c:6d:fe:a7:4d:d2:33:8d:e6:0e:3e:03:7c:d1:2d:c5:
d2:97:1f:35:f2:cf:71:25:22:2c:df:39:e1:6d:23:c2:b2:55:
1e:84:fa:80:53:c0:fd:43:a7:b1:ee:41:6c:21:2f:ee:1c:d1:
e1:41:16:a2:8f:76:1a:81:29:f5:d4:18:c4:b5:e7:18:d7:28:
c3:65:1e:bc:41:9b:e7:43:36:03:63:24:51:c5:54:e5:83:a9:
d0:73:a0:e3:3a:8d:14:f7:2d:3b:e8:f5:b2:7a:da:30:2b:99:
33:9d:ba:65:8d:b5:6a:21:8b:e0:cf:4a:01:36:c0:81:a1:68:
48:c9:7b:43:f2:67:1b:49:4a:1e:5b:ad:21:23:ee:7a:46:e4:
13:40:23:12:5d:76:0b:64:fd:7e:c2:c2:43:eb:eb:b9:86:a2:
44:c1:ae:bf:f4:4b:ce:01:d5:07:59:01:60:76:c3:5b:b8:c6:
b5:a4:cb:be:3a:09:aa:b4:03:f4:e0:8c:4a:c1:45:e6:2f:53:
c4:13:c0:de:a9:0f:c6:2a:f5:c1:00:78:9b:b3:f8:bc:18:0b:
64:dd:bc:10:9e:c6:b6:ee:48:0e:23:24:bc:ce:31:99:fd:29:
22:03:1a:c3:6a:dc:74:6d:5f:41:39:be:65:78:6b:13:c1:93:
59:5b:a5:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohP9agvxYSpWxQDFQ9JS0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjUxMDI2MTYwMDIzWhcNMjUxMDI3MTYwMDIzWjAzMTEwLwYDVQQD
EyhhM2Q4YThhMTUzYjkzMTE2ZDkzM2U4NDJmZTVhMmM3ODliNmEwNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1B2HptGy0D+fZYdxT5BFOkRVuHRa
BLxp0qXEipzPoZgZA5FD/xmmHUAocQkajC82cWqIGqq2OuSWxc0Fx7RZb9qSQS3z
8vXIDCbIUa+RrmI0DmKMjibCGsnIoPT2+kRp3u9EC8x24NsSGylgSdYeCnBAcQjs
l9NCN9qkY/OC8dZA5pof80+TRpXDX9184QN7JOQSzJAnNpKTyt3Q2mVjpA8uVcsp
3KoGZDI+Vc9RDl+mDuzHKyyBVKXWu/nXlJdhfhRgAtm2x3eOMNTDXJ8bslCp2kv6
oc+7IF0zO+x38iOqRNeEmWdYd9o5jLzhDiA14ZerxAnz/pIZc1rBPVmwlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPYqKFTuTEW2TPoQv5aLHibagX0MB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhO9Mbf6n
TdIzjeYOPgN80S3F0pcfNfLPcSUiLN854W0jwrJVHoT6gFPA/UOnse5BbCEv7hzR
4UEWoo92GoEp9dQYxLXnGNcow2UevEGb50M2A2MkUcVU5YOp0HOg4zqNFPctO+j1
snraMCuZM526ZY21aiGL4M9KATbAgaFoSMl7Q/JnG0lKHlutISPuekbkE0AjEl12
C2T9fsLCQ+vruYaiRMGuv/RLzgHVB1kBYHbDW7jGtaTLvjoJqrQD9OCMSsFF5i9T
xBPA3qkPxir1wQB4m7P4vBgLZN28EJ7Gtu5IDiMkvM4xmf0pIgMaw2rcdG1fQTm+
ZXhrE8GTWVulCg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 01:44:44 2025 by rpki-client