This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json) Hash identifier: i+7P2XFbZTAkfFcGNBmBgQjVRh++SP8Azno7+fV7P84= Subject key identifier: 9B:AA:85:5E:24:6D:59:77:0C:AF:8B:D3:45:C0:02:E2:55:1E:13:CA Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38 Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38 Certificate serial: 019B1C4E4C68BAC519E0D9B52630A84D00F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft Manifest number: 0FF7 Signing time: Sun 14 Dec 2025 10:00:51 +0000 Manifest this update: Sun 14 Dec 2025 10:00:51 +0000 Manifest next update: Mon 15 Dec 2025 10:00:51 +0000 Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=) 2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: irge5yseq3pAlSybx0d+a1CpTK5OH+m9qzuVWBgbnVk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 10:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1c:4e:4c:68:ba:c5:19:e0:d9:b5:26:30:a8:4d:00:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38 Validity Not Before: Dec 14 10:00:51 2025 GMT Not After : Dec 15 10:00:51 2025 GMT Subject: CN=9baa855e246d59770caf8bd345c002e2551e13ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:c0:91:56:75:8d:c8:47:93:12:57:e3:5c:e1: a3:35:5e:b5:4d:75:20:70:13:ac:cc:03:3e:21:3b: 30:7e:5c:a7:fc:f0:10:59:ed:07:19:cc:0b:58:05: 40:d3:3c:10:2e:c5:12:9b:91:be:4b:ca:fe:30:51: ab:c2:fa:c1:ff:49:58:eb:42:18:d3:b1:b7:71:d2: 8b:44:87:69:08:b4:50:a3:44:10:ff:1b:6f:83:86: 22:3b:93:c3:a2:61:fb:d2:c8:12:22:90:a9:d1:a5: 6d:f7:19:7c:1a:e9:c8:9f:bf:ab:41:56:09:06:f6: 17:e6:7d:c5:87:f5:1c:28:1c:4b:6f:fc:9c:1d:b7: bc:ce:2a:65:dd:c5:2b:e2:08:95:3b:4a:90:f7:8b: af:5e:e4:1c:da:89:de:66:5a:a4:58:d8:77:34:9a: 1f:0b:11:67:9b:c9:52:37:1a:2f:bb:36:46:c1:0d: bd:d0:b0:de:22:a4:f1:31:7b:74:1c:0a:eb:60:5c: f1:c2:47:4d:df:4a:fc:fd:dc:8d:96:db:ff:74:bf: 9c:5a:55:47:aa:95:15:08:88:f8:85:de:f5:b1:87: 46:c3:0e:93:23:4b:0f:17:42:97:c7:33:57:97:02: ee:2c:5d:39:29:85:00:28:a8:c5:d8:bf:5c:da:4f: 9d:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:AA:85:5E:24:6D:59:77:0C:AF:8B:D3:45:C0:02:E2:55:1E:13:CA X509v3 Authority Key Identifier: keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:97:f1:39:6f:01:d9:20:6b:4f:5a:86:d3:3a:bf:38:dc:47: 4a:a2:4a:09:75:e5:04:ea:ac:b0:05:8d:d3:24:cb:75:44:37: 1d:47:94:29:de:b4:84:8e:c4:e3:c2:df:bb:1c:b5:51:4f:a4: 76:64:5f:c0:ad:91:c3:14:b7:67:c5:e2:d9:77:aa:84:1b:73: e6:3b:ef:df:44:b1:12:20:b5:ab:50:19:3d:c2:1b:97:d5:ee: 8e:86:b9:1e:f4:27:47:b6:79:30:60:e1:ee:9d:2a:57:aa:30: b2:b3:ec:8e:ae:d5:81:cb:d0:59:35:5c:70:62:0d:f3:7c:66: 99:17:2c:18:dc:a9:75:7a:6f:e7:b1:e7:64:60:50:c0:0c:ef: c9:0a:76:5f:3d:bd:28:67:b3:2e:dc:c8:23:66:90:72:68:7c: ee:6e:a5:14:db:fc:c1:dd:3e:ff:23:6a:db:1f:1e:fb:7e:09: 3f:1c:33:25:8f:f7:24:a7:2f:7e:cf:ee:7d:75:62:12:a0:fc: 8a:36:6a:8c:7c:49:26:83:34:99:a6:95:76:45:7d:93:0b:b9: a1:e7:5d:73:1d:c0:af:7e:47:16:d5:a7:45:52:22:c8:48:36: 5d:35:aa:dd:31:52:be:46:44:81:a3:8c:fd:a2:7f:0f:6b:0c: a5:33:ff:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZscTkxousUZ4Nm1JjCoTQD5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3 ZDhlMzgwHhcNMjUxMjE0MTAwMDUxWhcNMjUxMjE1MTAwMDUxWjAzMTEwLwYDVQQD Eyg5YmFhODU1ZTI0NmQ1OTc3MGNhZjhiZDM0NWMwMDJlMjU1MWUxM2NhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8CRVnWNyEeTElfjXOGjNV61TXUg cBOszAM+ITswflyn/PAQWe0HGcwLWAVA0zwQLsUSm5G+S8r+MFGrwvrB/0lY60IY 07G3cdKLRIdpCLRQo0QQ/xtvg4YiO5PDomH70sgSIpCp0aVt9xl8GunIn7+rQVYJ BvYX5n3Fh/UcKBxLb/ycHbe8zipl3cUr4giVO0qQ94uvXuQc2oneZlqkWNh3NJof CxFnm8lSNxovuzZGwQ290LDeIqTxMXt0HArrYFzxwkdN30r8/dyNltv/dL+cWlVH qpUVCIj4hd71sYdGww6TI0sPF0KXxzNXlwLuLF05KYUAKKjF2L9c2k+d6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJuqhV4kbVl3DK+L00XAAuJVHhPKMB8GA1UdIwQY MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5 LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZfxOW8B 2SBrT1qG0zq/ONxHSqJKCXXlBOqssAWN0yTLdUQ3HUeUKd60hI7E48Lfuxy1UU+k dmRfwK2RwxS3Z8Xi2XeqhBtz5jvv30SxEiC1q1AZPcIbl9Xujoa5HvQnR7Z5MGDh 7p0qV6owsrPsjq7VgcvQWTVccGIN83xmmRcsGNypdXpv57HnZGBQwAzvyQp2Xz29 KGezLtzII2aQcmh87m6lFNv8wd0+/yNq2x8e+34JPxwzJY/3JKcvfs/ufXViEqD8 ijZqjHxJJoM0maaVdkV9kwu5oeddcx3Ar35HFtWnRVIiyEg2XTWq3TFSvkZEgaOM /aJ/D2sMpTP/0w== -----END CERTIFICATE-----Generated at Sun Dec 14 19:15:38 2025 by rpki-client