Manifest

$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File:                     B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier:          JkiJJFLJ04sUI9iuo4NIv1JzBR2nKSBOnmoelK/H+KY=
Subject key identifier:   1A:FB:0B:BD:1E:A2:34:83:A1:23:80:BD:8F:48:D5:B4:78:69:D5:F2
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer:       /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial:       18EABC24F21BF6C0ABEE789132C753755E797E60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access:      rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number:          0169
Signing time:             Thu 18 Sep 2025 08:13:15 +0000
Manifest this update:     Thu 18 Sep 2025 08:08:15 +0000
Manifest next update:     Fri 19 Sep 2025 09:29:15 +0000
Files and hashes:         1: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: mqadfIJnOHBwBW3bzOjsszkG4yNmowPDrD6AKDG5B1Q=)
                          2: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: kDcGqWR6ch9j33Kc9K7+OmMkfCSjmx3crS6bwvctf6Y=)
Validation:               OK
Signature path:           rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
                          rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 19 Sep 2025 09:29:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:ea:bc:24:f2:1b:f6:c0:ab:ee:78:91:32:c7:53:75:5e:79:7e:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
        Validity
            Not Before: Sep 18 08:08:15 2025 GMT
            Not After : Sep 19 09:29:15 2025 GMT
        Subject: CN=1AFB0BBD1EA23483A12380BD8F48D5B47869D5F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3e:fe:0c:62:20:ca:5a:92:bb:1b:00:bc:0a:
                    58:98:a3:49:74:10:b3:82:aa:90:0a:58:ca:f8:85:
                    bd:6c:9f:a4:93:41:dd:9d:b0:f8:2e:ab:8f:28:0d:
                    2b:e4:f4:ac:8b:1a:96:d8:e5:8a:20:e3:78:1d:15:
                    78:4b:44:95:96:55:da:e3:0f:09:39:79:99:ce:81:
                    fd:91:32:58:ff:a8:24:a9:78:fb:d6:b2:00:e1:ad:
                    a5:06:67:01:3f:98:d6:6c:bb:99:5a:42:6a:be:eb:
                    52:80:84:8f:d4:d9:21:cc:c5:8d:8d:03:70:26:ec:
                    30:8f:e1:45:77:59:4a:a6:34:d7:e1:58:91:71:7a:
                    a3:55:9c:d6:47:67:58:d4:4a:a4:81:c3:8c:a4:6c:
                    3c:3d:77:ae:48:c0:70:8e:45:09:bc:59:35:9a:9b:
                    b9:52:27:94:4d:cc:f3:af:5b:fd:81:63:96:47:6f:
                    98:e5:5b:76:d6:41:3d:8e:35:f7:c9:28:ae:ee:88:
                    6f:29:e8:57:24:9b:af:45:3f:9d:97:ea:11:d5:41:
                    c1:73:e5:1a:80:48:5b:1c:79:89:f1:47:00:fd:0f:
                    fb:c5:7a:57:ed:5a:ba:e7:09:22:18:aa:29:26:b4:
                    dd:ee:1d:0c:56:cc:be:5f:b6:88:80:bb:d1:a3:b4:
                    b4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:FB:0B:BD:1E:A2:34:83:A1:23:80:BD:8F:48:D5:B4:78:69:D5:F2
            X509v3 Authority Key Identifier:
                keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:53:a6:f7:55:c4:73:8b:1c:74:e1:63:aa:70:04:66:c0:03:
         42:1f:b5:93:ed:82:f9:b0:02:0a:4e:66:60:3a:3c:2f:5e:94:
         3e:fc:aa:26:0c:ab:d9:25:a1:49:be:e9:b9:3c:6f:31:29:e3:
         18:40:fd:13:8c:de:ed:06:62:7e:b3:7b:af:f4:a6:f7:ea:70:
         3e:ce:49:f8:4d:ee:a3:00:b3:26:c7:ff:ff:42:7e:07:51:84:
         7d:d6:d7:82:83:61:18:ec:41:78:e6:06:7c:59:e5:bd:8b:61:
         2e:ae:e3:e2:9e:d2:e6:8e:f0:a2:02:8b:76:01:20:80:c3:d5:
         61:9c:b6:af:13:f2:48:67:c7:95:47:26:d3:04:77:7c:9c:ac:
         cf:2f:f7:cf:60:3b:00:84:1d:63:19:bc:4e:bb:30:11:95:f8:
         81:1e:b0:be:16:04:8e:b4:8f:07:51:94:d2:b0:8a:6a:3b:1b:
         44:f2:4c:4b:e7:a1:9c:67:12:9e:10:ac:fc:8d:9f:ac:51:00:
         d4:4e:d7:da:72:e9:32:ae:a6:e5:58:3f:95:2f:04:c8:04:25:
         62:5a:98:5b:b8:c2:b9:b2:45:17:13:e4:b3:5e:0c:9c:7d:c3:
         05:76:84:9e:0f:39:76:ea:87:90:1e:f4:7c:ab:21:9c:5b:09:
         7e:61:b3:e5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUGOq8JPIb9sCr7niRMsdTdV55fmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNTA5MTgwODA4MTVaFw0yNTA5MTkwOTI5MTVaMDMxMTAvBgNV
BAMTKDFBRkIwQkJEMUVBMjM0ODNBMTIzODBCRDhGNDhENUI0Nzg2OUQ1RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Pv4MYiDKWpK7GwC8CliYo0l0
ELOCqpAKWMr4hb1sn6STQd2dsPguq48oDSvk9KyLGpbY5Yog43gdFXhLRJWWVdrj
Dwk5eZnOgf2RMlj/qCSpePvWsgDhraUGZwE/mNZsu5laQmq+61KAhI/U2SHMxY2N
A3Am7DCP4UV3WUqmNNfhWJFxeqNVnNZHZ1jUSqSBw4ykbDw9d65IwHCORQm8WTWa
m7lSJ5RNzPOvW/2BY5ZHb5jlW3bWQT2ONffJKK7uiG8p6Fckm69FP52X6hHVQcFz
5RqASFsceYnxRwD9D/vFelftWrrnCSIYqikmtN3uHQxWzL5ftoiAu9GjtLRxAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUGvsLvR6iNIOhI4C9j0jVtHhp1fIwHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBACxTpvdVxHOLHHTh
Y6pwBGbAA0IftZPtgvmwAgpOZmA6PC9elD78qiYMq9kloUm+6bk8bzEp4xhA/ROM
3u0GYn6ze6/0pvfqcD7OSfhN7qMAsybH//9CfgdRhH3W14KDYRjsQXjmBnxZ5b2L
YS6u4+Ke0uaO8KICi3YBIIDD1WGctq8T8khnx5VHJtMEd3ycrM8v989gOwCEHWMZ
vE67MBGV+IEesL4WBI60jwdRlNKwimo7G0TyTEvnoZxnEp4QrPyNn6xRANRO19py
6TKupuVYP5UvBMgEJWJamFu4wrmyRRcT5LNeDJx9wwV2hJ4POXbqh5Ae9HyrIZxb
CX5hs+U=
-----END CERTIFICATE-----