Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: vBOLmeDqEOptsoNPvOqHgZNV3p7cN7ug/0jvKn0gco8=
Subject key identifier: FA:F4:F3:A1:EB:36:0D:42:B3:75:4B:28:67:9A:B6:04:4E:70:77:C6
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 01988BEA4BC22DD352A9DCBCE5C9DCA6392B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 0EA3
Signing time: Fri 08 Aug 2025 23:00:44 +0000
Manifest this update: Fri 08 Aug 2025 23:00:44 +0000
Manifest next update: Sat 09 Aug 2025 23:00:44 +0000
Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: LBk5qoNp3F1RPFTVqKPJ9tkQ676sjVVxYD46Qa8DJp8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:ea:4b:c2:2d:d3:52:a9:dc:bc:e5:c9:dc:a6:39:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Aug 8 23:00:44 2025 GMT
Not After : Aug 9 23:00:44 2025 GMT
Subject: CN=faf4f3a1eb360d42b3754b28679ab6044e7077c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b1:67:b9:2d:41:db:4b:a6:eb:f6:40:8c:a7:
84:a9:8e:7f:39:41:fe:cc:5f:20:f0:c1:45:6f:4c:
63:21:5a:e1:a2:0e:6b:70:01:c1:03:a9:8c:02:18:
85:34:b0:27:05:af:81:c3:0e:ac:72:50:67:06:14:
8d:57:fb:ee:24:cc:63:be:2f:97:04:0d:6f:a8:49:
d2:a2:c9:54:c5:14:d4:db:67:65:b9:54:86:ca:3f:
9b:35:05:a8:72:b5:ba:37:0a:d3:a9:6d:60:17:3b:
9c:3b:e8:c7:98:19:13:38:6f:04:16:86:10:22:ea:
8c:bd:d5:eb:8c:ec:f3:cc:07:1b:10:1a:ff:c5:76:
14:c6:65:7a:b4:c7:b1:9a:0e:2b:b7:1a:84:fe:7c:
03:18:2a:8f:81:36:ce:3e:67:92:01:cc:d0:66:ea:
ff:c6:78:a4:74:da:9e:f2:6e:44:ad:3d:9e:70:4d:
52:1f:a5:66:07:59:52:9e:ac:5d:83:f1:d9:48:4d:
99:9f:d6:3e:ad:33:7f:f5:60:1c:23:f2:20:39:eb:
b4:01:66:dd:d8:a3:97:07:de:49:da:fe:57:c4:04:
c5:41:a8:37:fb:bf:2e:82:f0:bf:7c:17:01:f8:21:
c4:04:85:e8:2e:1e:90:09:c9:39:30:e4:2c:29:e0:
0c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F4:F3:A1:EB:36:0D:42:B3:75:4B:28:67:9A:B6:04:4E:70:77:C6
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:a2:9b:24:1c:df:03:03:36:4e:56:86:a1:fc:60:36:14:00:
6b:d0:7c:5d:ba:b9:c1:5b:24:56:06:ca:db:d7:58:67:ef:56:
0e:7f:f7:32:e7:f8:63:b1:f3:ea:c8:1d:78:db:9e:ca:e1:a7:
5e:fb:b7:bb:7d:0c:68:8a:7e:6b:7f:2f:86:08:ce:fd:59:7b:
fe:04:e0:fd:e0:e3:92:ba:7a:94:14:ff:bc:1a:a2:bc:cd:e1:
16:cb:7f:bd:22:cb:05:86:41:30:0a:a5:78:dd:50:14:e9:09:
39:51:16:de:e1:0a:44:e3:92:50:f8:6a:3f:ff:29:66:05:6d:
59:42:67:ee:ab:29:1c:5d:c8:de:42:5d:a1:ea:c7:ae:07:e9:
c1:ce:60:e7:b0:00:8e:3b:5d:e9:08:a4:f7:16:6c:99:ee:49:
13:d3:0b:a3:76:71:01:7a:2b:25:d9:49:86:92:03:64:cc:f2:
de:c8:7c:47:6e:de:30:4e:ef:f9:3f:2b:ef:b4:98:82:c7:44:
35:d9:ff:ca:98:8e:91:31:2f:af:11:9a:ee:ac:23:66:99:0f:
f1:e4:db:49:d2:ee:f9:a5:49:07:40:7b:0e:94:23:fc:1a:c1:
e1:be:eb:12:56:ef:21:a0:f5:bc:1a:72:99:8b:b6:18:c9:09:
7a:5f:1a:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6kvCLdNSqdy85cncpjkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjUwODA4MjMwMDQ0WhcNMjUwODA5MjMwMDQ0WjAzMTEwLwYDVQQD
EyhmYWY0ZjNhMWViMzYwZDQyYjM3NTRiMjg2NzlhYjYwNDRlNzA3N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bFnuS1B20um6/ZAjKeEqY5/OUH+
zF8g8MFFb0xjIVrhog5rcAHBA6mMAhiFNLAnBa+Bww6sclBnBhSNV/vuJMxjvi+X
BA1vqEnSoslUxRTU22dluVSGyj+bNQWocrW6NwrTqW1gFzucO+jHmBkTOG8EFoYQ
IuqMvdXrjOzzzAcbEBr/xXYUxmV6tMexmg4rtxqE/nwDGCqPgTbOPmeSAczQZur/
xnikdNqe8m5ErT2ecE1SH6VmB1lSnqxdg/HZSE2Zn9Y+rTN/9WAcI/IgOeu0AWbd
2KOXB95J2v5XxATFQag3+78ugvC/fBcB+CHEBIXoLh6QCck5MOQsKeAMsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPr086HrNg1Cs3VLKGeatgROcHfGMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATKKbJBzf
AwM2TlaGofxgNhQAa9B8Xbq5wVskVgbK29dYZ+9WDn/3Muf4Y7Hz6sgdeNueyuGn
Xvu3u30MaIp+a38vhgjO/Vl7/gTg/eDjkrp6lBT/vBqivM3hFst/vSLLBYZBMAql
eN1QFOkJOVEW3uEKROOSUPhqP/8pZgVtWUJn7qspHF3I3kJdoerHrgfpwc5g57AA
jjtd6Qik9xZsme5JE9MLo3ZxAXorJdlJhpIDZMzy3sh8R27eME7v+T8r77SYgsdE
Ndn/ypiOkTEvrxGa7qwjZpkP8eTbSdLu+aVJB0B7DpQj/BrB4b7rElbvIaD1vBpy
mYu2GMkJel8aJw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:47:30 2025 by rpki-client