Manifest
$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier: sExdqJDAhFxPQkf2scIPKg/uY/jTnOu09v5SUH5M6qA=
Subject key identifier: 1F:5F:17:ED:D0:EE:36:47:83:08:50:C5:D7:63:A1:10:D0:8E:25:AD
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer: /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial: 26E22D6877ADF62F1DE1738034AF8F00804466DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access: rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number: 01A9
Signing time: Tue 04 Nov 2025 18:21:10 +0000
Manifest this update: Tue 04 Nov 2025 18:16:10 +0000
Manifest next update: Wed 05 Nov 2025 20:17:10 +0000
Files and hashes: 1: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: mqadfIJnOHBwBW3bzOjsszkG4yNmowPDrD6AKDG5B1Q=)
2: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: 8yT0+y2IUsvOmgUHWsQ/ZtobwM/hrQTQAbCGJ+zvE7o=)
Validation: OK
Signature path: rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:e2:2d:68:77:ad:f6:2f:1d:e1:73:80:34:af:8f:00:80:44:66:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Validity
Not Before: Nov 4 18:16:10 2025 GMT
Not After : Nov 5 20:17:10 2025 GMT
Subject: CN=1F5F17EDD0EE3647830850C5D763A110D08E25AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c8:38:bb:c0:a1:5f:b4:fc:05:bd:52:9f:be:
0a:96:e2:3c:21:a7:bc:c2:d9:f6:1a:b5:28:78:70:
25:98:52:92:4a:f2:84:3c:97:8e:26:67:67:ee:01:
07:37:bd:11:f8:f6:67:d3:ec:ea:52:48:da:0a:d8:
12:26:91:69:62:03:50:0e:f9:c4:15:b0:69:b7:ee:
9b:b5:12:a6:1f:3b:ca:2a:7f:76:d5:ee:b3:44:87:
38:87:e0:ad:2d:a3:d1:48:8d:31:d0:45:7e:11:c5:
cc:84:27:62:27:53:63:47:12:20:f5:cc:b5:25:95:
e6:8f:4b:1c:c5:52:18:78:be:c9:9b:e5:de:2d:de:
e9:1e:7a:7a:70:18:94:f9:fd:f8:2d:f0:b5:df:0f:
d1:90:96:c4:f5:82:f5:73:db:75:ef:21:3d:c9:80:
06:e0:aa:da:b9:2b:6f:ec:92:72:14:38:e7:82:46:
4b:07:fa:05:37:0a:43:39:b8:0c:2d:0a:34:3c:dd:
cb:d2:03:c9:09:25:77:fb:07:4a:24:23:6f:45:17:
c4:86:1a:90:8c:82:48:e7:0f:49:81:1a:ba:c8:0b:
49:c7:55:8e:df:1a:f4:56:7a:1c:8c:f7:a8:73:98:
91:53:76:dc:c4:e4:32:f6:93:73:66:77:d1:b2:12:
f6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5F:17:ED:D0:EE:36:47:83:08:50:C5:D7:63:A1:10:D0:8E:25:AD
X509v3 Authority Key Identifier:
keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:45:d0:d5:60:e1:31:c3:ab:d7:09:4c:aa:25:b0:ec:56:3c:
8e:f7:a4:d5:34:c3:cc:fc:7a:71:0b:f2:89:71:f1:c7:eb:af:
09:44:79:cc:89:80:53:6a:cd:b2:84:71:a0:73:4e:f8:04:75:
22:0f:f5:02:a1:8e:38:f3:db:2c:a9:e8:89:a6:f3:69:2b:f2:
d4:7e:3a:0e:be:f0:7a:15:6e:51:4b:93:3f:c3:a2:84:89:cd:
d3:35:8d:10:2d:7c:51:24:ad:6c:b1:29:de:d0:ce:5a:80:ac:
81:dd:04:b0:d2:27:65:0e:98:00:18:c5:d4:41:8a:5b:d2:21:
de:f6:1e:db:da:59:29:e8:ce:84:a6:78:42:b3:9b:ea:5c:00:
37:d3:92:84:79:6d:86:12:bc:78:bf:75:07:98:ad:17:97:45:
e9:fa:d3:bc:01:b1:d8:37:06:51:e4:9d:28:f1:1b:79:d2:a9:
e6:93:2b:5d:67:38:61:4d:06:a7:6b:10:09:55:f5:8c:ca:17:
9c:94:58:18:26:a9:92:eb:0e:64:f0:85:36:bf:f0:5b:e8:40:
2d:6c:14:15:0e:bb:b9:e2:c0:fb:7a:4a:ac:a7:72:ad:55:e8:
93:8b:b9:b0:2b:9b:e6:2e:8f:6e:ee:d2:04:86:ec:24:8f:f8:
4e:0a:39:72
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUJuItaHet9i8d4XOANK+PAIBEZtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNTExMDQxODE2MTBaFw0yNTExMDUyMDE3MTBaMDMxMTAvBgNV
BAMTKDFGNUYxN0VERDBFRTM2NDc4MzA4NTBDNUQ3NjNBMTEwRDA4RTI1QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLyDi7wKFftPwFvVKfvgqW4jwh
p7zC2fYatSh4cCWYUpJK8oQ8l44mZ2fuAQc3vRH49mfT7OpSSNoK2BImkWliA1AO
+cQVsGm37pu1EqYfO8oqf3bV7rNEhziH4K0to9FIjTHQRX4RxcyEJ2InU2NHEiD1
zLUlleaPSxzFUhh4vsmb5d4t3ukeenpwGJT5/fgt8LXfD9GQlsT1gvVz23XvIT3J
gAbgqtq5K2/sknIUOOeCRksH+gU3CkM5uAwtCjQ83cvSA8kJJXf7B0okI29FF8SG
GpCMgkjnD0mBGrrIC0nHVY7fGvRWehyM96hzmJFTdtzE5DL2k3Nmd9GyEvY/AgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUH18X7dDuNkeDCFDF12OhENCOJa0wHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAKhF0NVg4THDq9cJ
TKolsOxWPI73pNU0w8z8enEL8olx8cfrrwlEecyJgFNqzbKEcaBzTvgEdSIP9QKh
jjjz2yyp6Imm82kr8tR+Og6+8HoVblFLkz/DooSJzdM1jRAtfFEkrWyxKd7QzlqA
rIHdBLDSJ2UOmAAYxdRBilvSId72HtvaWSnozoSmeEKzm+pcADfTkoR5bYYSvHi/
dQeYrReXRen607wBsdg3BlHknSjxG3nSqeaTK11nOGFNBqdrEAlV9YzKF5yUWBgm
qZLrDmTwhTa/8FvoQC1sFBUOu7niwPt6Sqyncq1V6JOLubArm+Yuj27u0gSG7CSP
+E4KOXI=
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:37:34 2025 by rpki-client