Manifest

$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File:                     B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier:          FaNMiw9uGUAoURq1eQBnjmYacE0MOAMV7VlmvX2ccVk=
Subject key identifier:   61:37:6F:31:AD:5E:F6:E5:FE:14:78:E4:BF:FF:EE:27:5D:76:F8:68
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer:       /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial:       2C6CD9029A579ADDDFD7F4A14FA00C9A9E8BE488
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access:      rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number:          0251
Signing time:             Sun 01 Mar 2026 19:54:37 +0000
Manifest this update:     Sun 01 Mar 2026 19:49:37 +0000
Manifest next update:     Mon 02 Mar 2026 20:33:37 +0000
Files and hashes:         1: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: 7s5kSYH1DbSfowuVOrG3wfjclNvq71vCWTMKX5SA1NA=)
                          2: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: ApvwC7DHBPJfIbvGRdKcrA75vJC3vgBKKOa2MAkxyC8=)
Validation:               OK
Signature path:           rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
                          rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:6c:d9:02:9a:57:9a:dd:df:d7:f4:a1:4f:a0:0c:9a:9e:8b:e4:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
        Validity
            Not Before: Mar  1 19:49:37 2026 GMT
            Not After : Mar  2 20:33:37 2026 GMT
        Subject: CN=61376F31AD5EF6E5FE1478E4BFFFEE275D76F868
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ac:91:f2:55:88:80:a9:c8:e1:f0:bc:c6:27:
                    f9:4f:08:fa:09:3c:0c:2d:ec:d3:8c:ad:7a:a5:76:
                    18:e1:62:c6:f5:84:e6:2e:db:2c:85:ff:b5:f2:1e:
                    00:9f:3e:75:d3:82:3f:80:63:4b:0c:ed:e3:88:30:
                    fb:c6:e4:00:05:57:d9:05:b3:df:dc:f3:7c:1c:e3:
                    9c:d6:e9:1e:c6:6c:72:00:cc:b6:35:00:85:e2:12:
                    55:17:16:67:1a:93:ec:04:80:80:29:8c:e8:5d:a1:
                    82:ba:32:f2:1d:78:7f:d0:4e:07:b1:2b:a3:85:d0:
                    80:aa:93:56:ca:ba:72:16:bb:3d:e0:00:39:56:b3:
                    94:0d:5f:2d:37:90:2e:cd:9e:5b:2e:1a:c9:d5:5d:
                    e6:c2:f7:4f:6d:7f:3f:e5:40:7e:ed:12:27:1b:75:
                    83:74:07:46:37:dd:f1:d0:65:dd:6c:25:3d:fa:a2:
                    16:d5:38:14:4d:cd:20:91:7f:e9:96:9d:ae:c1:3f:
                    ca:b4:c4:ca:c5:77:7d:78:2f:94:d6:2d:a0:cd:6d:
                    a1:a2:ee:87:1b:31:67:c6:ec:08:af:3a:46:56:30:
                    8f:33:47:d0:d8:ac:b7:17:fd:c4:53:69:3b:2d:ea:
                    f3:dc:f9:03:14:ba:68:18:41:f4:8d:b0:87:45:22:
                    3d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:37:6F:31:AD:5E:F6:E5:FE:14:78:E4:BF:FF:EE:27:5D:76:F8:68
            X509v3 Authority Key Identifier:
                keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:fe:53:9b:f4:59:e1:6c:53:e7:dd:00:ba:5c:1d:46:d5:db:
         6d:ce:e8:4f:d5:1e:01:cf:15:a1:30:4a:db:34:eb:c7:71:23:
         8d:d9:12:8e:2c:28:f7:66:d0:b8:d5:e1:1b:f5:f2:2a:12:f1:
         ef:b6:ab:29:d4:13:1f:bc:f6:66:93:7d:0b:14:b0:68:f5:0c:
         7b:c2:64:ef:65:01:05:94:b1:f4:92:88:85:42:23:e4:b9:91:
         71:99:7a:01:e2:6f:35:a4:85:3b:23:01:e0:3b:18:b2:37:8a:
         e7:03:b3:f9:be:0f:d1:a0:20:62:89:05:b6:f7:63:25:65:76:
         13:8a:ed:75:43:ed:0d:ff:da:97:22:2c:52:dd:e4:94:69:c6:
         b5:38:6e:e2:de:c3:66:05:d1:46:8e:ff:80:e8:db:d9:dc:2d:
         a6:90:72:5b:47:05:ea:14:09:4c:82:47:63:d5:00:17:92:53:
         1a:a9:e0:79:5b:c2:41:ff:79:e2:80:71:92:0a:28:c6:6c:2f:
         93:e0:60:51:61:4c:6a:0d:9e:6d:e5:f1:5c:55:68:5c:03:68:
         7d:74:8c:cd:fd:5f:b5:b5:81:c0:a5:22:f3:50:04:ff:5d:6a:
         4f:06:79:1a:8d:3b:e8:22:2e:84:44:d7:ea:cc:91:ad:e5:fa:
         32:8b:ea:44
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIULGzZAppXmt3f1/ShT6AMmp6L5IgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNjAzMDExOTQ5MzdaFw0yNjAzMDIyMDMzMzdaMDMxMTAvBgNV
BAMTKDYxMzc2RjMxQUQ1RUY2RTVGRTE0NzhFNEJGRkZFRTI3NUQ3NkY4NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVrJHyVYiAqcjh8LzGJ/lPCPoJ
PAwt7NOMrXqldhjhYsb1hOYu2yyF/7XyHgCfPnXTgj+AY0sM7eOIMPvG5AAFV9kF
s9/c83wc45zW6R7GbHIAzLY1AIXiElUXFmcak+wEgIApjOhdoYK6MvIdeH/QTgex
K6OF0ICqk1bKunIWuz3gADlWs5QNXy03kC7NnlsuGsnVXebC909tfz/lQH7tEicb
dYN0B0Y33fHQZd1sJT36ohbVOBRNzSCRf+mWna7BP8q0xMrFd314L5TWLaDNbaGi
7ocbMWfG7AivOkZWMI8zR9DYrLcX/cRTaTst6vPc+QMUumgYQfSNsIdFIj3jAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUYTdvMa1e9uX+FHjkv//uJ112+GgwHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBABL+U5v0WeFsU+fd
ALpcHUbV223O6E/VHgHPFaEwSts068dxI43ZEo4sKPdm0LjV4Rv18ioS8e+2qynU
Ex+89maTfQsUsGj1DHvCZO9lAQWUsfSSiIVCI+S5kXGZegHibzWkhTsjAeA7GLI3
iucDs/m+D9GgIGKJBbb3YyVldhOK7XVD7Q3/2pciLFLd5JRpxrU4buLew2YF0UaO
/4Do29ncLaaQcltHBeoUCUyCR2PVABeSUxqp4HlbwkH/eeKAcZIKKMZsL5PgYFFh
TGoNnm3l8VxVaFwDaH10jM39X7W1gcClIvNQBP9dak8GeRqNO+giLoRE1+rMka3l
+jKL6kQ=
-----END CERTIFICATE-----