Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: UfLoikJoAtAD4zVwAEwzn2LDDluAmKGO627Sr3DC4yk=
Subject key identifier: 85:ED:CF:33:70:76:12:D3:1A:EC:79:5B:22:1E:A2:12:19:9E:F2:46
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019A51876564B33E7D200513E662260D2251
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 0F8E
Signing time: Wed 05 Nov 2025 01:00:19 +0000
Manifest this update: Wed 05 Nov 2025 01:00:19 +0000
Manifest next update: Thu 06 Nov 2025 01:00:19 +0000
Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: spC40HUhEfsVEF0GVBFvOkk0MtQMrxz5OSseTyiSZn8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 01:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:87:65:64:b3:3e:7d:20:05:13:e6:62:26:0d:22:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Nov 5 01:00:19 2025 GMT
Not After : Nov 6 01:00:19 2025 GMT
Subject: CN=85edcf33707612d31aec795b221ea212199ef246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d3:4d:fe:be:58:0d:5b:77:8e:c8:b9:a8:c8:
d5:33:5e:36:bb:da:e4:65:a7:d8:5c:10:ae:32:cb:
fb:09:f5:b1:c0:0a:d6:c1:4e:41:05:3f:0a:6a:9d:
fd:48:2a:25:b5:2f:40:d8:97:6e:fa:72:e8:09:c9:
0a:a0:9f:94:50:40:9a:0d:38:16:2c:fe:85:0e:83:
0e:96:e2:d5:b5:af:99:e5:51:e0:07:09:53:98:57:
d9:05:54:3d:87:c2:b5:69:42:fa:34:fe:44:41:a6:
9d:21:a9:d6:52:54:5e:be:f4:74:2e:ae:02:bc:72:
f5:04:1d:58:96:93:ba:a5:30:c5:60:12:57:44:53:
bd:f7:ec:77:b9:7a:b5:09:62:c0:f0:1f:68:40:79:
dd:7c:38:ca:fe:0a:4d:72:f4:3e:28:0e:cb:c6:6e:
e4:1d:f9:86:5f:9a:5b:de:03:f7:fa:2e:88:15:2a:
90:a3:a9:d6:2b:eb:13:d3:0f:0d:89:fb:74:df:36:
31:60:c5:7b:3d:20:e0:94:db:c3:67:b3:fa:7e:24:
b2:19:94:df:94:7e:21:e8:17:33:bc:cc:bf:bc:f8:
c1:99:ee:12:db:4d:4a:7d:ec:93:0c:16:f9:ca:7d:
ba:07:c2:99:83:f5:49:0f:73:07:9a:6a:34:5e:1d:
b5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:ED:CF:33:70:76:12:D3:1A:EC:79:5B:22:1E:A2:12:19:9E:F2:46
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:a7:a5:19:6c:6d:ed:58:24:70:41:78:9e:f4:d9:c5:1a:0f:
b2:e9:a3:6c:9b:eb:18:9c:db:1d:06:4a:7f:67:29:18:91:85:
7f:0c:04:97:4d:e7:f8:6f:73:12:95:3e:28:af:5a:44:ba:f4:
fc:af:f3:5d:f3:d6:2f:ca:58:d2:62:13:06:65:75:bd:b2:5b:
95:3d:32:f4:8d:9d:3f:dd:7d:56:ae:40:b2:2f:86:67:e7:e8:
a5:6a:7d:34:c8:e9:59:4d:67:5c:1b:cd:6c:ab:60:78:91:c1:
3f:05:38:f0:8b:de:13:17:a5:31:60:12:80:1b:fb:88:ca:34:
fc:fc:40:98:78:81:b3:74:70:24:6f:20:41:0a:2b:eb:5f:2e:
30:f7:20:8e:30:be:8c:56:89:4e:95:67:d5:c6:94:e6:35:81:
ef:23:a6:9e:6a:e2:a2:ae:67:57:8b:0c:cb:f9:f5:f2:fc:24:
b1:5c:3d:27:40:70:ab:e4:4e:21:62:87:54:0f:1c:20:ff:b3:
89:d2:0a:08:b3:2d:30:67:6b:ad:d6:2e:ea:59:12:34:1e:91:
86:08:43:fd:94:22:b9:7b:e0:b9:6a:19:cd:53:bd:43:c1:ef:
12:72:2d:ae:4a:0c:b0:7d:25:7d:78:1a:fa:c1:3d:c4:42:3b:
30:b4:d1:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh2Vksz59IAUT5mImDSJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjUxMTA1MDEwMDE5WhcNMjUxMTA2MDEwMDE5WjAzMTEwLwYDVQQD
Eyg4NWVkY2YzMzcwNzYxMmQzMWFlYzc5NWIyMjFlYTIxMjE5OWVmMjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdNN/r5YDVt3jsi5qMjVM142u9rk
ZafYXBCuMsv7CfWxwArWwU5BBT8Kap39SColtS9A2Jdu+nLoCckKoJ+UUECaDTgW
LP6FDoMOluLVta+Z5VHgBwlTmFfZBVQ9h8K1aUL6NP5EQaadIanWUlRevvR0Lq4C
vHL1BB1YlpO6pTDFYBJXRFO99+x3uXq1CWLA8B9oQHndfDjK/gpNcvQ+KA7Lxm7k
HfmGX5pb3gP3+i6IFSqQo6nWK+sT0w8Nift03zYxYMV7PSDglNvDZ7P6fiSyGZTf
lH4h6BczvMy/vPjBme4S201KfeyTDBb5yn26B8KZg/VJD3MHmmo0Xh211QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXtzzNwdhLTGux5WyIeohIZnvJGMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQqelGWxt
7VgkcEF4nvTZxRoPsumjbJvrGJzbHQZKf2cpGJGFfwwEl03n+G9zEpU+KK9aRLr0
/K/zXfPWL8pY0mITBmV1vbJblT0y9I2dP919Vq5Asi+GZ+fopWp9NMjpWU1nXBvN
bKtgeJHBPwU48IveExelMWASgBv7iMo0/PxAmHiBs3RwJG8gQQor618uMPcgjjC+
jFaJTpVn1caU5jWB7yOmnmrioq5nV4sMy/n18vwksVw9J0Bwq+ROIWKHVA8cIP+z
idIKCLMtMGdrrdYu6lkSNB6RhghD/ZQiuXvguWoZzVO9Q8HvEnItrkoMsH0lfXga
+sE9xEI7MLTRmg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:03:11 2025 by rpki-client