This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json) Hash identifier: CnKuGDzncQ1CcltbN8uLu1MqUTQmIsY1cjyQMMxe8vk= Subject key identifier: 97:3D:AB:1F:28:93:EE:2A:88:F3:B9:4F:4C:A1:2D:2C:F2:BE:6C:5E Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38 Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38 Certificate serial: 019C42462716AE0018227D3267D240402204 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft Manifest number: 1090 Signing time: Mon 09 Feb 2026 12:00:19 +0000 Manifest this update: Mon 09 Feb 2026 12:00:19 +0000 Manifest next update: Tue 10 Feb 2026 12:00:19 +0000 Files and hashes: 1: PYDato-ASu6UXDdHs5gP0K32nY4.roa (hash: yQRUA3xyuLF4WYI3cv0hMQ5bIo4W5JbDMtC9jfgPPDQ=) 2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: QephGweetnRHNWZaDEYIkH+OyuGZY4EEpqyXLcR5dZo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:46:27:16:ae:00:18:22:7d:32:67:d2:40:40:22:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38 Validity Not Before: Feb 9 12:00:19 2026 GMT Not After : Feb 10 12:00:19 2026 GMT Subject: CN=973dab1f2893ee2a88f3b94f4ca12d2cf2be6c5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:6d:01:a6:79:3a:e6:c3:b9:23:46:b9:9f:af: ec:1d:97:ca:f6:22:4c:58:8e:e7:ec:85:84:c5:53: 80:eb:98:31:9d:13:80:f1:67:f5:a8:32:20:e1:5b: 74:b7:66:70:24:f0:d8:5b:1f:48:37:b8:70:df:a0: eb:e3:fc:52:6b:78:69:c2:13:54:57:e1:a0:50:ab: 57:e0:4b:4c:db:99:c2:04:25:b7:7d:a7:c6:f6:4b: ee:40:34:90:9b:b9:08:96:06:c9:55:fb:26:75:7a: 27:5c:3e:7a:8d:3e:e7:d3:55:42:e2:9e:25:76:36: 6b:f5:27:da:c9:a2:94:64:39:89:75:c8:51:38:96: 0b:f9:33:1c:e5:cc:39:c2:75:1e:6d:29:8a:97:6e: de:ad:dd:85:50:c0:cb:d4:0c:ec:7b:e1:b4:6f:92: bd:a6:76:e1:da:f2:f2:2e:6c:01:56:8f:ba:a4:5e: 1f:5a:c5:3d:bc:19:66:40:8d:17:d3:33:6d:43:f5: 10:16:4c:26:6b:0a:b0:c6:4f:43:78:35:e6:b2:e2: b4:6a:b8:42:34:63:de:2d:f5:ba:37:b6:30:d7:f6: 20:0d:d0:61:e3:e6:33:f5:d2:83:99:13:d5:a4:20: be:bc:07:5a:e4:b2:22:14:5f:68:7b:90:83:d9:a8: b8:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:3D:AB:1F:28:93:EE:2A:88:F3:B9:4F:4C:A1:2D:2C:F2:BE:6C:5E X509v3 Authority Key Identifier: keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:43:99:69:71:eb:79:b3:ee:87:f9:7e:12:6d:20:0c:a8:46: 78:38:61:40:44:79:3c:84:a7:c4:d7:e0:ec:0b:89:7f:4a:7d: 91:42:1e:28:4e:86:65:73:29:2f:20:5f:79:c4:8b:d7:73:ea: f2:b2:95:65:9f:1e:5d:19:b0:28:38:82:cb:06:c5:a9:4e:a6: d3:2f:f2:fb:89:92:ea:8f:e6:63:89:5c:ae:44:19:22:fd:95: 0b:3e:f5:8b:ef:dc:8f:ee:1f:aa:32:4a:d1:c6:a4:57:e1:50: aa:15:e9:a6:72:5b:30:2e:23:6c:af:5d:13:5d:b9:ec:cc:4b: 64:34:b1:c1:14:ed:a7:38:ee:36:8c:6f:9c:8e:d7:d0:80:b6: 33:18:9b:8b:24:1d:94:48:ac:59:8f:66:21:59:9b:fd:01:9d: 54:79:c4:ec:ad:f4:2e:cd:2e:32:90:b1:8b:8d:f9:83:3c:fe: 96:ca:44:30:a0:e0:ef:8b:68:7e:41:0e:6b:f5:b7:48:34:20: e7:92:6c:b6:87:7d:d0:ca:db:3e:d7:2a:5d:45:fd:26:2b:01: c5:2f:0d:6e:68:b1:21:3e:a8:5b:50:9d:8c:1c:e7:65:e5:94: 26:f9:be:5b:76:a2:02:04:da:c8:87:67:e0:89:29:5d:10:5e: 97:28:83:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCRicWrgAYIn0yZ9JAQCIEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3 ZDhlMzgwHhcNMjYwMjA5MTIwMDE5WhcNMjYwMjEwMTIwMDE5WjAzMTEwLwYDVQQD Eyg5NzNkYWIxZjI4OTNlZTJhODhmM2I5NGY0Y2ExMmQyY2YyYmU2YzVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG0Bpnk65sO5I0a5n6/sHZfK9iJM WI7n7IWExVOA65gxnROA8Wf1qDIg4Vt0t2ZwJPDYWx9IN7hw36Dr4/xSa3hpwhNU V+GgUKtX4EtM25nCBCW3fafG9kvuQDSQm7kIlgbJVfsmdXonXD56jT7n01VC4p4l djZr9SfayaKUZDmJdchROJYL+TMc5cw5wnUebSmKl27erd2FUMDL1Azse+G0b5K9 pnbh2vLyLmwBVo+6pF4fWsU9vBlmQI0X0zNtQ/UQFkwmawqwxk9DeDXmsuK0arhC NGPeLfW6N7Yw1/YgDdBh4+Yz9dKDmRPVpCC+vAda5LIiFF9oe5CD2ai4xwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJc9qx8ok+4qiPO5T0yhLSzyvmxeMB8GA1UdIwQY MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5 LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUOZaXHr ebPuh/l+Em0gDKhGeDhhQER5PISnxNfg7AuJf0p9kUIeKE6GZXMpLyBfecSL13Pq 8rKVZZ8eXRmwKDiCywbFqU6m0y/y+4mS6o/mY4lcrkQZIv2VCz71i+/cj+4fqjJK 0cakV+FQqhXppnJbMC4jbK9dE1257MxLZDSxwRTtpzjuNoxvnI7X0IC2MxibiyQd lEisWY9mIVmb/QGdVHnE7K30Ls0uMpCxi435gzz+lspEMKDg74tofkEOa/W3SDQg 55Jstod90MrbPtcqXUX9JisBxS8NbmixIT6oW1CdjBznZeWUJvm+W3aiAgTayIdn 4IkpXRBelyiDmQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:47:25 2026 by rpki-client