Manifest

$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File:                     B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier:          7H51aHoM2Z6Uj/JR3DETacCy6F1BHBfQzCJcVgVkBqw=
Subject key identifier:   77:6C:3C:63:3B:23:5D:E0:AE:C2:96:1B:61:A5:8D:A7:5C:76:40:DD
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer:       /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial:       3928F49A2604DA7C89548EEB09AC8E5403C24F96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access:      rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number:          012A
Signing time:             Fri 01 Aug 2025 22:42:11 +0000
Manifest this update:     Fri 01 Aug 2025 22:37:11 +0000
Manifest next update:     Sun 03 Aug 2025 00:21:11 +0000
Files and hashes:         1: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: mqadfIJnOHBwBW3bzOjsszkG4yNmowPDrD6AKDG5B1Q=)
                          2: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: jepzxjRXf0gesU3KNbqby6BoLqynF95n0kk0lV3Jd1s=)
Validation:               OK
Signature path:           rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
                          rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 02 Aug 2025 21:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:28:f4:9a:26:04:da:7c:89:54:8e:eb:09:ac:8e:54:03:c2:4f:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
        Validity
            Not Before: Aug  1 22:37:11 2025 GMT
            Not After : Aug  3 00:21:11 2025 GMT
        Subject: CN=776C3C633B235DE0AEC2961B61A58DA75C7640DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e0:01:78:46:1c:57:ea:15:f9:5b:d5:6f:32:
                    74:0d:80:41:86:2f:a0:bd:f4:57:43:e1:2c:36:33:
                    1b:dc:b9:59:e9:e4:44:f0:db:11:32:95:f9:4a:9b:
                    41:c5:0a:a2:1c:81:a4:d1:09:f2:6c:15:4b:7d:b8:
                    40:ef:d0:ca:1a:5e:c1:50:05:ac:11:1a:92:b9:8e:
                    c2:8e:44:16:e1:17:51:54:ba:17:9b:55:be:cb:22:
                    c3:aa:46:e8:b0:c9:56:16:e3:76:98:61:cc:36:b9:
                    60:3a:0b:1b:4e:2c:02:04:63:7d:b8:bb:4f:7a:03:
                    37:83:22:3f:9d:c5:ac:b3:a8:23:f6:1e:d2:fc:65:
                    9f:93:86:ed:41:89:1e:98:47:75:2d:e1:11:19:d6:
                    49:05:a2:e0:59:df:6e:e3:7f:6a:75:6e:03:2c:c0:
                    b1:11:f3:1f:17:7d:77:9e:8a:cc:fc:7f:c3:c6:47:
                    da:d8:02:f6:ee:89:1c:42:de:6a:f8:39:78:76:85:
                    ff:f7:55:c1:78:78:9a:da:da:66:ed:8c:46:82:8d:
                    f7:91:b1:50:2c:a5:0f:97:3d:55:86:bf:51:7e:10:
                    56:ad:37:63:d6:e4:ae:d1:db:b5:94:c7:3c:9b:22:
                    ab:1a:d4:62:9f:af:0f:65:b3:27:a8:cc:82:7f:b6:
                    8a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:6C:3C:63:3B:23:5D:E0:AE:C2:96:1B:61:A5:8D:A7:5C:76:40:DD
            X509v3 Authority Key Identifier:
                keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:9f:e5:2c:4a:2b:06:ab:6f:b1:48:10:45:e6:ed:71:4e:10:
         fb:67:a0:13:d7:7f:be:8a:f6:36:5e:cd:5f:44:88:d0:6a:ba:
         ac:97:12:73:98:19:67:70:e2:bd:c6:8d:bc:1b:0d:e2:43:24:
         59:64:35:99:dc:95:df:2f:8f:e4:54:fa:46:08:4c:6f:48:88:
         14:e0:2f:a5:f2:d7:ca:1a:82:55:dd:f9:9b:d4:a7:67:ca:14:
         e8:ef:97:ee:20:29:29:9a:f9:0b:bb:1b:eb:b8:b8:c9:8f:57:
         3a:da:b1:5c:99:4b:c4:29:42:b6:05:28:64:18:64:6c:a0:56:
         fb:ce:8d:70:46:23:3c:05:97:48:97:cd:f5:13:23:0b:6c:5d:
         6a:77:b5:43:06:80:e4:0a:d7:22:f3:2f:19:a8:89:26:28:82:
         77:ca:86:1c:60:03:1f:db:44:5e:81:15:50:d1:9a:02:0c:91:
         e1:b1:4f:e9:e6:a6:f6:ae:d6:61:b6:fd:c1:51:f1:c0:6b:3e:
         c4:52:32:88:19:b7:19:90:27:d9:4a:73:21:49:eb:38:0d:27:
         4f:f1:40:92:13:b0:4b:38:3b:1d:d2:bb:83:c4:c0:50:61:03:
         b6:57:c5:26:19:77:a2:2b:32:96:cc:ae:b7:74:a8:77:48:2e:
         57:b0:71:90
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUOSj0miYE2nyJVI7rCayOVAPCT5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNTA4MDEyMjM3MTFaFw0yNTA4MDMwMDIxMTFaMDMxMTAvBgNV
BAMTKDc3NkMzQzYzM0IyMzVERTBBRUMyOTYxQjYxQTU4REE3NUM3NjQwREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK4AF4RhxX6hX5W9VvMnQNgEGG
L6C99FdD4Sw2MxvcuVnp5ETw2xEylflKm0HFCqIcgaTRCfJsFUt9uEDv0MoaXsFQ
BawRGpK5jsKORBbhF1FUuhebVb7LIsOqRuiwyVYW43aYYcw2uWA6CxtOLAIEY324
u096AzeDIj+dxayzqCP2HtL8ZZ+Thu1BiR6YR3Ut4REZ1kkFouBZ327jf2p1bgMs
wLER8x8XfXeeisz8f8PGR9rYAvbuiRxC3mr4OXh2hf/3VcF4eJra2mbtjEaCjfeR
sVAspQ+XPVWGv1F+EFatN2PW5K7R27WUxzybIqsa1GKfrw9lsyeozIJ/topnAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUd2w8YzsjXeCuwpYbYaWNp1x2QN0wHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAKqf5SxKKwarb7FI
EEXm7XFOEPtnoBPXf76K9jZezV9EiNBquqyXEnOYGWdw4r3GjbwbDeJDJFlkNZnc
ld8vj+RU+kYITG9IiBTgL6Xy18oaglXd+ZvUp2fKFOjvl+4gKSma+Qu7G+u4uMmP
VzrasVyZS8QpQrYFKGQYZGygVvvOjXBGIzwFl0iXzfUTIwtsXWp3tUMGgOQK1yLz
LxmoiSYognfKhhxgAx/bRF6BFVDRmgIMkeGxT+nmpvau1mG2/cFR8cBrPsRSMogZ
txmQJ9lKcyFJ6zgNJ0/xQJITsEs4Ox3Su4PEwFBhA7ZXxSYZd6IrMpbMrrd0qHdI
LlewcZA=
-----END CERTIFICATE-----
Generated at Sat Aug 2 05:20:17 2025 by rpki-client