Manifest
$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier: 0D5keHIboTQN2d70Cdfqg/QYWKiCwZycuBLcqMu+/Os=
Subject key identifier: 26:BB:1E:99:3A:4B:0D:0C:8D:5B:2F:3F:DF:5E:41:28:4A:D4:8E:65
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer: /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial: 6D634329283CE616E82CB33F3D312E89C1F1D1C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access: rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number: A1
Signing time: Mon 21 Apr 2025 09:12:18 +0000
Manifest this update: Mon 21 Apr 2025 09:07:18 +0000
Manifest next update: Tue 22 Apr 2025 10:53:18 +0000
Files and hashes: 1: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: wuMhlzNyZozFeZ84IH5Je6+yDefpsY+L+RM0xHoL03w=)
2: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: mqadfIJnOHBwBW3bzOjsszkG4yNmowPDrD6AKDG5B1Q=)
Validation: OK
Signature path: rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:63:43:29:28:3c:e6:16:e8:2c:b3:3f:3d:31:2e:89:c1:f1:d1:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Validity
Not Before: Apr 21 09:07:18 2025 GMT
Not After : Apr 22 10:53:18 2025 GMT
Subject: CN=26BB1E993A4B0D0C8D5B2F3FDF5E41284AD48E65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:1d:3a:a2:c9:10:d5:9d:3d:43:08:f1:bb:
94:3f:e9:1d:e9:df:cb:bc:08:4f:ee:55:88:4d:78:
3d:1d:71:55:1b:a4:7b:ef:22:ec:b8:09:72:0d:51:
96:55:4e:d5:18:3b:d9:6a:a6:f1:c4:ab:71:91:85:
6e:90:48:e0:ad:dc:93:36:27:0a:59:5b:ee:18:96:
4b:83:b4:d1:07:33:3c:d4:34:5e:ea:4b:11:d2:d2:
36:f6:29:3d:e3:f8:d7:05:6e:6e:bf:81:09:a8:31:
a0:38:1b:9a:13:89:f8:46:2f:9f:08:50:00:be:95:
31:f7:56:ba:4a:f7:c0:06:21:af:36:d4:1c:19:39:
cf:fe:7d:39:b9:63:3d:83:84:79:e1:ea:0e:69:3c:
3f:21:ef:c7:a6:3a:65:da:c0:8b:0a:8b:db:94:b2:
06:8f:8b:53:85:75:ae:56:ca:a8:52:05:12:14:c6:
db:1c:b4:0e:35:e0:ae:31:5a:5c:c0:48:5a:b8:19:
65:11:1d:97:1f:e7:98:ec:8c:c7:0f:82:60:47:2a:
d6:9c:af:9a:ad:d5:9c:f9:6d:c0:1a:dd:25:0b:34:
c9:6d:46:b9:39:d2:a8:ca:5d:5a:4a:bf:1c:e7:69:
ba:65:e5:e6:38:69:ce:77:f1:c5:84:a2:04:f9:96:
fd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:BB:1E:99:3A:4B:0D:0C:8D:5B:2F:3F:DF:5E:41:28:4A:D4:8E:65
X509v3 Authority Key Identifier:
keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:f2:e0:3e:76:16:b2:82:c7:9d:50:23:54:53:04:57:6c:6e:
69:bd:6a:d0:da:16:24:a1:26:cd:c1:48:72:b5:ea:7a:3d:8a:
25:4f:74:61:8c:b0:e5:01:1e:04:1d:ac:64:65:ab:b9:15:cd:
94:70:9c:28:00:bf:ce:c7:a8:9b:e0:38:06:4d:bc:ad:ce:bc:
9e:8c:76:84:2e:b9:9f:38:f1:b1:d9:8f:1d:2a:f3:ba:3b:1d:
f7:7e:5c:11:91:55:a0:b2:9d:9a:8b:0f:86:1e:73:95:c5:3f:
9f:af:b5:5a:4e:a9:12:ff:f8:9a:bf:0f:0e:f5:c5:bb:d2:b3:
e9:ca:ab:25:1e:50:b0:ba:75:e2:99:dd:6c:ae:06:bd:1b:ee:
15:a1:6f:77:26:af:ee:2a:66:c3:cc:4c:7c:1e:e2:82:21:2e:
bf:3c:b8:05:39:f0:53:7c:e9:f9:67:99:d3:16:1c:c3:eb:a4:
c7:45:14:21:f3:89:21:f0:fd:dd:a6:d4:17:8d:6f:af:4a:92:
2a:92:cd:0f:7f:4b:9b:1d:3b:c7:4f:b7:53:1a:c6:f6:19:15:
d2:36:1d:db:37:62:62:6c:e7:5a:fe:e2:43:bc:a7:9a:bc:47:
84:4b:0b:3c:6d:20:7c:f3:0d:b5:21:90:20:c6:d1:74:f4:be:
cf:58:fd:82
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUbWNDKSg85hboLLM/PTEuicHx0cUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNTA0MjEwOTA3MThaFw0yNTA0MjIxMDUzMThaMDMxMTAvBgNV
BAMTKDI2QkIxRTk5M0E0QjBEMEM4RDVCMkYzRkRGNUU0MTI4NEFENDhFNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5fR06oskQ1Z09Qwjxu5Q/6R3p
38u8CE/uVYhNeD0dcVUbpHvvIuy4CXINUZZVTtUYO9lqpvHEq3GRhW6QSOCt3JM2
JwpZW+4YlkuDtNEHMzzUNF7qSxHS0jb2KT3j+NcFbm6/gQmoMaA4G5oTifhGL58I
UAC+lTH3VrpK98AGIa821BwZOc/+fTm5Yz2DhHnh6g5pPD8h78emOmXawIsKi9uU
sgaPi1OFda5WyqhSBRIUxtsctA414K4xWlzASFq4GWURHZcf55jsjMcPgmBHKtac
r5qt1Zz5bcAa3SULNMltRrk50qjKXVpKvxznabpl5eY4ac538cWEogT5lv0BAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUJrsemTpLDQyNWy8/315BKErUjmUwHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAFvy4D52FrKCx51Q
I1RTBFdsbmm9atDaFiShJs3BSHK16no9iiVPdGGMsOUBHgQdrGRlq7kVzZRwnCgA
v87HqJvgOAZNvK3OvJ6MdoQuuZ848bHZjx0q87o7Hfd+XBGRVaCynZqLD4Yec5XF
P5+vtVpOqRL/+Jq/Dw71xbvSs+nKqyUeULC6deKZ3WyuBr0b7hWhb3cmr+4qZsPM
THwe4oIhLr88uAU58FN86flnmdMWHMPrpMdFFCHziSHw/d2m1BeNb69KkiqSzQ9/
S5sdO8dPt1MaxvYZFdI2Hds3YmJs51r+4kO8p5q8R4RLCzxtIHzzDbUhkCDG0XT0
vs9Y/YI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 14:59:37 2025 by rpki-client