Manifest

$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File:                     B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier:          I+hzpuVWUgZYyCP6wAmbf4QVaGuE5vemWXvjjVZUrwE=
Subject key identifier:   D8:2E:E5:32:DE:7D:63:0E:F3:E5:8D:D8:4E:F2:BC:9E:CD:8A:8F:8A
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer:       /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial:       78AD033D6FDCA8B31426E15C7FFA796FDDE9C8FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access:      rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number:          F0
Signing time:             Thu 19 Jun 2025 06:07:39 +0000
Manifest this update:     Thu 19 Jun 2025 06:02:39 +0000
Manifest next update:     Fri 20 Jun 2025 09:28:39 +0000
Files and hashes:         1: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: trhv7OgPA4r8U/OAmvlCJ+SQ73LDggmdUaD17COJPDA=)
                          2: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: mqadfIJnOHBwBW3bzOjsszkG4yNmowPDrD6AKDG5B1Q=)
Validation:               OK
Signature path:           rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
                          rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Jun 2025 09:28:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:ad:03:3d:6f:dc:a8:b3:14:26:e1:5c:7f:fa:79:6f:dd:e9:c8:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
        Validity
            Not Before: Jun 19 06:02:39 2025 GMT
            Not After : Jun 20 09:28:39 2025 GMT
        Subject: CN=D82EE532DE7D630EF3E58DD84EF2BC9ECD8A8F8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:58:2c:01:c6:54:4a:ab:91:f0:a7:08:1c:7c:
                    14:15:02:aa:44:cb:1b:76:10:1b:e1:61:fd:6b:9a:
                    26:a9:a3:3b:c7:09:6b:45:96:43:94:7e:ef:26:e4:
                    c0:41:f2:6e:cb:0b:86:75:c7:fe:96:7e:db:6a:c0:
                    02:3b:7b:89:ef:51:cb:19:99:52:55:1f:88:9d:b4:
                    9e:bd:36:f0:66:79:ae:6a:00:0e:a6:2f:78:27:f9:
                    a9:03:6d:29:ab:be:74:06:55:51:66:d1:9b:af:2d:
                    01:43:cb:93:1f:4c:8a:5d:fa:31:5f:2c:2e:45:f1:
                    dd:53:8f:cc:9d:7f:a8:ef:e4:88:97:7e:5b:d2:17:
                    4e:0d:62:cb:c6:f3:e9:ba:19:d9:37:de:e9:8a:95:
                    b6:41:98:e5:fb:67:d0:2a:35:de:41:b0:3c:e3:9a:
                    ef:04:35:3c:2c:fa:2d:f6:c7:24:63:f1:08:c8:d3:
                    15:21:19:88:fe:b8:8b:13:88:46:df:5c:37:4e:8c:
                    90:96:d7:41:df:9f:25:97:e5:0b:ae:b0:63:82:3f:
                    de:76:91:c8:49:14:38:4a:3b:8a:af:dc:61:00:a8:
                    7a:28:89:d4:b4:56:e8:17:b3:12:17:fd:fd:4d:fa:
                    51:8e:98:b6:67:5b:3c:b2:42:5f:cf:c2:1e:dd:2f:
                    75:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:2E:E5:32:DE:7D:63:0E:F3:E5:8D:D8:4E:F2:BC:9E:CD:8A:8F:8A
            X509v3 Authority Key Identifier:
                keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:20:68:20:a0:5e:5a:c3:33:ac:3e:2b:fb:81:1e:63:76:34:
         bd:e6:00:31:c3:9b:ed:1d:f3:f4:e9:47:5c:48:e3:2f:a2:94:
         cc:4a:ac:af:a9:30:3a:ed:5e:13:e4:ee:c3:29:78:5f:29:a0:
         7c:1b:d1:30:22:b9:f6:7c:a1:c0:f0:ca:e0:25:46:2d:3a:d7:
         0a:5f:f7:05:85:c9:3e:6b:cf:16:ab:d8:93:e6:dc:d0:f7:23:
         71:1d:df:db:e4:f0:a4:bb:7b:97:bd:77:6e:2d:6f:e5:a7:c1:
         a2:1e:82:92:10:04:cb:4c:d0:f2:9c:21:a9:b7:fa:a9:f1:81:
         d5:c0:5e:60:4d:91:df:df:a1:ef:3b:d6:45:19:b8:51:3c:27:
         05:74:e0:23:f1:af:e2:54:3e:51:6b:af:5c:72:7a:5e:34:da:
         83:e6:1d:0c:ca:23:3e:7b:e4:65:c8:af:28:55:94:28:c3:2d:
         f7:50:8a:36:b6:cb:14:19:e1:8e:59:ac:8f:0d:75:7f:cc:a3:
         f9:b5:a0:35:72:40:b0:8b:ab:1a:79:cd:a6:4f:57:c5:40:80:
         38:26:4f:7b:40:2b:ff:28:9a:01:a9:4d:23:a4:69:6c:42:73:
         11:e8:30:de:e4:8e:14:50:b1:3d:28:a0:da:2a:b7:8f:d9:92:
         ac:78:0f:c7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUeK0DPW/cqLMUJuFcf/p5b93pyP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNTA2MTkwNjAyMzlaFw0yNTA2MjAwOTI4MzlaMDMxMTAvBgNV
BAMTKEQ4MkVFNTMyREU3RDYzMEVGM0U1OEREODRFRjJCQzlFQ0Q4QThGOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoWCwBxlRKq5HwpwgcfBQVAqpE
yxt2EBvhYf1rmiapozvHCWtFlkOUfu8m5MBB8m7LC4Z1x/6WfttqwAI7e4nvUcsZ
mVJVH4idtJ69NvBmea5qAA6mL3gn+akDbSmrvnQGVVFm0ZuvLQFDy5MfTIpd+jFf
LC5F8d1Tj8ydf6jv5IiXflvSF04NYsvG8+m6Gdk33umKlbZBmOX7Z9AqNd5BsDzj
mu8ENTws+i32xyRj8QjI0xUhGYj+uIsTiEbfXDdOjJCW10HfnyWX5QuusGOCP952
kchJFDhKO4qv3GEAqHooidS0VugXsxIX/f1N+lGOmLZnWzyyQl/Pwh7dL3XRAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQU2C7lMt59Yw7z5Y3YTvK8ns2Kj4owHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAFkgaCCgXlrDM6w+
K/uBHmN2NL3mADHDm+0d8/TpR1xI4y+ilMxKrK+pMDrtXhPk7sMpeF8poHwb0TAi
ufZ8ocDwyuAlRi061wpf9wWFyT5rzxar2JPm3ND3I3Ed39vk8KS7e5e9d24tb+Wn
waIegpIQBMtM0PKcIam3+qnxgdXAXmBNkd/foe871kUZuFE8JwV04CPxr+JUPlFr
r1xyel402oPmHQzKIz575GXIryhVlCjDLfdQija2yxQZ4Y5ZrI8NdX/Mo/m1oDVy
QLCLqxp5zaZPV8VAgDgmT3tAK/8omgGpTSOkaWxCcxHoMN7kjhRQsT0ooNoqt4/Z
kqx4D8c=
-----END CERTIFICATE-----