Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: 1O1Rw/lr4dev8vYhlNWIwPSQZfcoTJReDxWsvGYizSA=
Subject key identifier: 5E:9B:1C:4D:19:CB:66:0E:77:3C:94:EB:F6:88:A0:96:78:1C:82:33
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019CAC7DEDBD07B955BD03AEE332CE02F907
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 10C7
Signing time: Mon 02 Mar 2026 03:00:59 +0000
Manifest this update: Mon 02 Mar 2026 03:00:59 +0000
Manifest next update: Tue 03 Mar 2026 03:00:59 +0000
Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: TazP+0M064p8H459vhTAy4abWxXur7FwK9bs/vdQCJw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7d:ed:bd:07:b9:55:bd:03:ae:e3:32:ce:02:f9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Mar 2 03:00:59 2026 GMT
Not After : Mar 3 03:00:59 2026 GMT
Subject: CN=5e9b1c4d19cb660e773c94ebf688a096781c8233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3f:00:d0:b1:39:ee:a5:a0:b5:91:7a:b4:e9:
e7:6d:68:0b:91:42:89:0b:d1:81:fd:78:27:dd:23:
ee:18:9d:40:7d:ae:0d:83:0b:bc:e7:4c:25:6c:99:
64:56:55:af:52:d7:8f:fe:79:7a:32:c8:8b:11:fc:
03:f8:ad:9e:e3:85:bb:22:ae:57:28:ee:c9:02:4c:
95:15:2e:49:ac:4b:2b:d0:6b:08:e5:f9:01:40:23:
06:02:21:8d:2c:62:65:83:b3:5f:e2:1e:ab:bd:8f:
c3:69:be:df:af:c5:85:d1:b0:02:c1:51:8c:79:b0:
83:c1:1f:75:c9:ff:b3:de:f0:6f:e2:0f:fb:46:a1:
9b:27:b4:b9:35:8d:24:d1:55:31:17:98:b0:f7:58:
8e:2d:4b:b9:26:8c:47:70:b3:e7:da:cf:a7:00:4e:
9a:4c:7c:40:3e:c2:00:ad:00:0d:b4:7f:f9:25:b7:
7c:25:da:e7:55:02:74:cf:75:dc:4a:53:23:e0:fc:
58:f9:2e:3f:8e:92:e9:39:55:74:88:1f:87:26:16:
e8:2e:87:de:fd:1e:ea:65:58:a2:b6:bf:4e:81:9d:
25:cc:8c:73:99:f6:38:60:b8:d6:c2:1d:84:3b:73:
be:83:fc:3b:f7:fc:33:ed:71:64:c6:8d:02:2f:b3:
75:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9B:1C:4D:19:CB:66:0E:77:3C:94:EB:F6:88:A0:96:78:1C:82:33
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:07:82:88:a6:f0:26:5f:2a:ef:03:47:e8:83:83:f9:9d:d4:
a2:f9:b9:52:69:56:60:72:80:51:c3:a0:40:57:01:96:55:cd:
52:c0:70:51:84:07:79:e2:29:b1:eb:e3:17:5e:df:95:e6:e4:
51:5e:c2:ce:a6:c4:53:2b:6c:d2:25:99:93:c6:2f:7a:04:9c:
6f:1b:07:bb:20:9b:ca:a9:49:a1:e7:04:9a:8b:91:b9:98:3f:
05:d5:88:75:ec:26:7b:e1:61:bf:18:e6:a0:5a:49:f1:81:8e:
c7:e0:5e:2c:ea:39:7c:5c:97:c2:ce:8e:df:40:c3:a9:05:bc:
fa:5e:ec:6a:3b:8f:bd:16:cd:d5:36:6f:ec:8e:39:c7:d8:68:
3a:63:be:eb:4b:3f:34:dc:2d:08:b3:11:bc:55:9d:19:4a:06:
d4:90:d5:4f:11:5f:78:fe:9d:96:1c:ea:ce:5e:1f:8c:d6:d7:
ce:9e:8b:fb:73:2d:3e:3d:75:2f:b6:74:f9:1b:fe:a3:78:f3:
b6:db:66:8e:39:8e:59:81:de:dc:99:65:5a:ef:46:34:eb:17:
50:c1:7d:6a:08:4d:53:ee:7a:d8:3f:b7:5b:b4:fc:b6:5f:4d:
5b:39:e4:79:0b:98:3f:05:ca:e3:fa:52:50:b8:41:28:b4:11:
0d:38:dc:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfe29B7lVvQOu4zLOAvkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjYwMzAyMDMwMDU5WhcNMjYwMzAzMDMwMDU5WjAzMTEwLwYDVQQD
Eyg1ZTliMWM0ZDE5Y2I2NjBlNzczYzk0ZWJmNjg4YTA5Njc4MWM4MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsz8A0LE57qWgtZF6tOnnbWgLkUKJ
C9GB/Xgn3SPuGJ1Afa4Ngwu850wlbJlkVlWvUteP/nl6MsiLEfwD+K2e44W7Iq5X
KO7JAkyVFS5JrEsr0GsI5fkBQCMGAiGNLGJlg7Nf4h6rvY/Dab7fr8WF0bACwVGM
ebCDwR91yf+z3vBv4g/7RqGbJ7S5NY0k0VUxF5iw91iOLUu5JoxHcLPn2s+nAE6a
THxAPsIArQANtH/5Jbd8JdrnVQJ0z3XcSlMj4PxY+S4/jpLpOVV0iB+HJhboLofe
/R7qZViitr9OgZ0lzIxzmfY4YLjWwh2EO3O+g/w79/wz7XFkxo0CL7N1LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6bHE0Zy2YOdzyU6/aIoJZ4HIIzMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVweCiKbw
Jl8q7wNH6IOD+Z3Uovm5UmlWYHKAUcOgQFcBllXNUsBwUYQHeeIpsevjF17flebk
UV7CzqbEUyts0iWZk8YvegScbxsHuyCbyqlJoecEmouRuZg/BdWIdewme+Fhvxjm
oFpJ8YGOx+BeLOo5fFyXws6O30DDqQW8+l7sajuPvRbN1TZv7I45x9hoOmO+60s/
NNwtCLMRvFWdGUoG1JDVTxFfeP6dlhzqzl4fjNbXzp6L+3MtPj11L7Z0+Rv+o3jz
tttmjjmOWYHe3JllWu9GNOsXUMF9aghNU+562D+3W7T8tl9NWznkeQuYPwXK4/pS
ULhBKLQRDTjcIQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:10:13 2026 by rpki-client