Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json)
Hash identifier: d3ym3A45dC8EN5qlS44HzzhaZfilUvDtaNGZa8jw+2A=
Subject key identifier: 64:AD:23:C5:5B:FA:FC:76:9C:B2:FB:A2:6B:8F:6C:94:FC:43:8C:90
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 019D9A06E6C3E625D02132D805E958BE5377
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
Manifest number: 1142
Signing time: Fri 17 Apr 2026 06:00:36 +0000
Manifest this update: Fri 17 Apr 2026 06:00:36 +0000
Manifest next update: Sat 18 Apr 2026 06:00:36 +0000
Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=)
2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: 0IZVRYnNXgaLTrHLd9RS3CScBQvExnr8X/WaVgOlUtk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:06:e6:c3:e6:25:d0:21:32:d8:05:e9:58:be:53:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Apr 17 06:00:36 2026 GMT
Not After : Apr 18 06:00:36 2026 GMT
Subject: CN=64ad23c55bfafc769cb2fba26b8f6c94fc438c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:50:f4:1d:c9:78:b8:24:1f:22:ee:ab:4b:30:
55:be:d7:e6:86:05:7d:0e:ca:6e:6e:7c:87:56:36:
9e:3b:c9:31:17:4e:d5:f3:d9:60:ed:b9:0e:0c:e9:
ef:89:ed:b1:05:4a:7b:94:f4:42:c2:01:96:a7:47:
b8:1d:8c:65:42:85:96:5b:6c:af:02:37:f1:6d:d8:
66:e6:98:d0:8a:d8:59:86:cd:40:96:41:93:08:57:
18:46:26:27:3b:ac:a6:b9:c6:f5:82:f4:0b:70:7f:
55:04:93:f1:a3:64:23:20:1f:f5:24:bd:42:51:bf:
20:c1:23:1e:e8:1d:7f:22:3d:79:51:6f:8d:87:10:
5e:22:7d:27:24:97:c0:a8:52:a2:31:ae:5c:3f:1a:
b5:f7:c9:e5:9e:57:c1:c2:17:4c:34:bc:28:b8:41:
cc:ee:51:f7:3c:f6:c7:a7:17:6a:20:37:79:7c:74:
a2:ca:44:66:33:79:48:54:5b:cb:f8:8a:72:66:84:
d8:1b:49:f0:cf:40:d9:f6:22:f7:70:51:51:0d:ff:
d9:2c:20:f3:70:8c:5d:8d:5f:68:1a:9a:e9:85:d0:
06:b8:0d:f8:37:45:f8:31:d8:9d:9b:15:97:a5:c7:
1c:22:97:70:2a:c5:fb:70:d3:a3:d6:d3:f8:ed:6b:
0d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AD:23:C5:5B:FA:FC:76:9C:B2:FB:A2:6B:8F:6C:94:FC:43:8C:90
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:9d:5b:7c:68:fc:27:75:5e:dd:78:34:8d:3e:b2:76:dc:3d:
e2:da:57:d5:64:29:92:c2:7a:f3:ed:72:9d:50:b0:ca:79:25:
b5:8e:3a:a4:3d:57:15:a3:cf:9e:2f:c4:2b:42:59:87:02:9f:
42:46:8d:31:59:02:40:1c:d9:97:e2:55:0d:f5:41:99:bb:a7:
84:71:f6:93:08:01:9e:bd:ca:60:56:92:90:2d:da:35:d8:7e:
e8:40:46:67:2e:52:36:97:2f:08:ba:75:10:23:86:1e:e3:83:
8c:7c:1d:82:56:e6:18:9c:ed:b9:78:52:fc:7f:1b:f1:42:74:
36:ae:c9:b6:20:84:0d:c4:23:af:9b:ea:f9:26:bc:61:2c:9e:
22:64:7a:85:c4:f9:50:e3:c0:78:e6:24:87:d3:07:1d:b7:c3:
7a:d2:d4:0c:26:bd:b5:46:6e:22:19:10:82:fd:9d:e9:48:d5:
0f:83:48:e7:a5:4b:26:9d:62:4f:62:2d:d0:af:17:56:af:75:
6a:f4:20:9c:06:bf:b0:ed:4f:86:05:7a:f5:c8:29:f1:54:5d:
b1:6d:84:99:c0:a7:63:dd:33:76:dd:47:3d:b6:0a:b4:42:7c:
de:2b:53:96:b9:6f:d1:c8:b4:14:28:06:b1:74:73:6b:cd:cc:
00:a1:e6:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBubD5iXQITLYBelYvlN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjYwNDE3MDYwMDM2WhcNMjYwNDE4MDYwMDM2WjAzMTEwLwYDVQQD
Eyg2NGFkMjNjNTViZmFmYzc2OWNiMmZiYTI2YjhmNmM5NGZjNDM4YzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFD0Hcl4uCQfIu6rSzBVvtfmhgV9
DspubnyHVjaeO8kxF07V89lg7bkODOnvie2xBUp7lPRCwgGWp0e4HYxlQoWWW2yv
Ajfxbdhm5pjQithZhs1AlkGTCFcYRiYnO6ymucb1gvQLcH9VBJPxo2QjIB/1JL1C
Ub8gwSMe6B1/Ij15UW+NhxBeIn0nJJfAqFKiMa5cPxq198nlnlfBwhdMNLwouEHM
7lH3PPbHpxdqIDd5fHSiykRmM3lIVFvL+IpyZoTYG0nwz0DZ9iL3cFFRDf/ZLCDz
cIxdjV9oGprphdAGuA34N0X4MdidmxWXpcccIpdwKsX7cNOj1tP47WsNZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGStI8Vb+vx2nLL7omuPbJT8Q4yQMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqZ1bfGj8
J3Ve3Xg0jT6ydtw94tpX1WQpksJ68+1ynVCwynkltY46pD1XFaPPni/EK0JZhwKf
QkaNMVkCQBzZl+JVDfVBmbunhHH2kwgBnr3KYFaSkC3aNdh+6EBGZy5SNpcvCLp1
ECOGHuODjHwdglbmGJztuXhS/H8b8UJ0Nq7JtiCEDcQjr5vq+Sa8YSyeImR6hcT5
UOPAeOYkh9MHHbfDetLUDCa9tUZuIhkQgv2d6UjVD4NI56VLJp1iT2It0K8XVq91
avQgnAa/sO1PhgV69cgp8VRdsW2EmcCnY90zdt1HPbYKtEJ83itTlrlv0ci0FCgG
sXRza83MAKHmhA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:25:15 2026 by rpki-client