This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft File: nz-YcVNtYL90vfaQYMkNVBB9jjg.mft (raw, json) Hash identifier: fxeOex63u6GbFuVD12XWG+dTpUl0ZJRmIN2vUIRWDXg= Subject key identifier: 3F:FE:DB:12:07:3E:DD:FF:62:9D:47:26:8E:AC:DC:84:CF:3C:66:60 Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38 Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38 Certificate serial: 019AF1D1D570CB5E2D69DF9B6D63D1D05554 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft Manifest number: 0FE1 Signing time: Sat 06 Dec 2025 04:00:51 +0000 Manifest this update: Sat 06 Dec 2025 04:00:51 +0000 Manifest next update: Sun 07 Dec 2025 04:00:51 +0000 Files and hashes: 1: cZq1EWW-Cck7oNh5z2nVrTYMRQM.roa (hash: ptcOLOBEIgDro10MJyiqeVzzPTgAas0GugoUSuUsWgQ=) 2: nz-YcVNtYL90vfaQYMkNVBB9jjg.crl (hash: hl7rrCBv2b7ia7vBXlGA+1t0p2dZbbY7n4LMasUv5Ls=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:d5:70:cb:5e:2d:69:df:9b:6d:63:d1:d0:55:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38 Validity Not Before: Dec 6 04:00:51 2025 GMT Not After : Dec 7 04:00:51 2025 GMT Subject: CN=3ffedb12073eddff629d47268eacdc84cf3c6660 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f5:48:2e:af:72:38:ca:9a:32:6c:0b:1a:02: 19:46:19:10:07:ac:23:52:fb:07:87:a3:d3:36:ba: 10:e1:10:9f:e2:8f:df:e6:13:7d:c7:5f:52:3f:d8: 94:9e:e3:fa:b5:f2:79:46:77:1e:c5:b1:cf:e4:d6: 6e:2d:c8:1c:83:0e:fa:e4:cf:01:aa:e4:9c:e7:3e: ec:dd:17:d9:bb:3d:f3:c8:f6:da:0b:75:aa:79:77: 22:91:00:ae:9a:1c:9b:48:c9:32:1e:9e:31:b1:75: fb:71:56:d7:ff:16:ac:31:d7:90:bb:a3:55:f6:b0: 7d:50:83:c7:75:4c:38:e7:73:97:93:fe:83:f4:86: ec:62:ab:96:c2:43:57:99:4f:0d:09:92:fa:3a:4a: 38:b9:5e:5e:0d:7f:23:37:d1:2b:0f:08:c0:0a:e0: c4:99:d7:35:92:a9:c0:5d:6d:32:9b:61:9a:14:d6: 27:3e:16:16:14:05:8e:14:a9:80:f0:5c:49:c6:0a: e3:e2:59:b3:11:97:c3:e2:9b:f5:c6:21:0d:94:e0: 9d:38:5f:6f:82:d9:9c:b9:45:57:98:99:9d:6f:1b: a9:89:42:9f:72:cc:f5:79:a9:db:55:2c:22:ed:16: 15:ce:80:92:2d:47:28:6a:03:73:1f:87:5a:a3:76: c4:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:FE:DB:12:07:3E:DD:FF:62:9D:47:26:8E:AC:DC:84:CF:3C:66:60 X509v3 Authority Key Identifier: keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:da:73:68:d9:e5:c7:87:25:2e:f4:c2:a4:f0:e1:f2:9e:e3: 07:e1:4f:f4:e4:d1:88:a9:50:47:5f:8e:cb:3d:4e:24:6b:5d: f0:76:35:60:5b:db:c4:6f:16:cb:26:bf:59:b9:d9:2b:4d:7a: db:bd:43:5a:ec:ac:90:51:35:70:96:ec:39:bb:d4:c5:11:69: 0e:04:80:aa:35:15:23:8d:6a:51:2b:cd:8a:39:3c:01:4b:46: bc:b8:1f:30:bb:f3:2c:43:27:33:65:4f:9e:03:bc:e1:93:96: fa:c0:37:e0:57:8f:dc:38:ed:4c:81:79:3e:c4:87:b2:65:54: 2d:3c:8c:7b:4d:75:f4:ec:12:14:4b:83:95:f9:25:99:19:eb: 41:bd:a2:8d:b0:b1:0c:e8:e7:36:a3:bd:2f:49:fa:11:69:89: b1:d7:99:7e:5f:54:c7:04:72:f1:ea:49:41:c3:e3:0d:7d:78: b0:1d:03:aa:55:9d:0a:bd:a5:7b:9e:6b:ec:37:e5:df:49:7a: 8a:cb:40:55:af:3c:54:47:89:63:a5:99:13:98:a4:45:20:22: 7c:de:17:ec:b5:52:25:b3:4a:aa:89:b0:58:fd:2f:da:e3:61: 40:c6:1e:0e:42:20:aa:e4:99:de:c4:0f:bd:de:4f:97:d4:55: 78:5f:d6:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0dVwy14tad+bbWPR0FVUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3 ZDhlMzgwHhcNMjUxMjA2MDQwMDUxWhcNMjUxMjA3MDQwMDUxWjAzMTEwLwYDVQQD EygzZmZlZGIxMjA3M2VkZGZmNjI5ZDQ3MjY4ZWFjZGM4NGNmM2M2NjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPVILq9yOMqaMmwLGgIZRhkQB6wj UvsHh6PTNroQ4RCf4o/f5hN9x19SP9iUnuP6tfJ5RncexbHP5NZuLcgcgw765M8B quSc5z7s3RfZuz3zyPbaC3WqeXcikQCumhybSMkyHp4xsXX7cVbX/xasMdeQu6NV 9rB9UIPHdUw453OXk/6D9IbsYquWwkNXmU8NCZL6Oko4uV5eDX8jN9ErDwjACuDE mdc1kqnAXW0ym2GaFNYnPhYWFAWOFKmA8FxJxgrj4lmzEZfD4pv1xiENlOCdOF9v gtmcuUVXmJmdbxupiUKfcsz1eanbVSwi7RYVzoCSLUcoagNzH4dao3bEswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD/+2xIHPt3/Yp1HJo6s3ITPPGZgMB8GA1UdIwQY MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt YzUyNjNiMzMwM2I5LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5 LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPNpzaNnl x4clLvTCpPDh8p7jB+FP9OTRiKlQR1+Oyz1OJGtd8HY1YFvbxG8Wyya/WbnZK016 271DWuyskFE1cJbsObvUxRFpDgSAqjUVI41qUSvNijk8AUtGvLgfMLvzLEMnM2VP ngO84ZOW+sA34FeP3DjtTIF5PsSHsmVULTyMe0119OwSFEuDlfklmRnrQb2ijbCx DOjnNqO9L0n6EWmJsdeZfl9UxwRy8epJQcPjDX14sB0DqlWdCr2le55r7Dfl30l6 istAVa88VEeJY6WZE5ikRSAifN4X7LVSJbNKqomwWP0v2uNhQMYeDkIgquSZ3sQP vd5Pl9RVeF/Wig== -----END CERTIFICATE-----Generated at Sat Dec 6 07:03:41 2025 by rpki-client