
Manifest
$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier: dyOjjWgbkE5kSCdNq1StvnlmHucnmeAmsW7g11XNtHk=
Subject key identifier: A8:C4:B9:A2:76:51:E4:BA:1B:7D:3D:49:7B:90:02:2E:D3:A8:67:BE
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer: /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial: 1C5CFEAB95F7B252B069F54A37DBDC92592A982E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access: rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number: 0135
Signing time: Sun 10 Aug 2025 07:32:18 +0000
Manifest this update: Sun 10 Aug 2025 07:27:18 +0000
Manifest next update: Mon 11 Aug 2025 10:58:18 +0000
Files and hashes: 1: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: dXWI8V7/OyHmM7TUvw0LmhING6Q3QZAVrEn2VQVED0o=)
2: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: mqadfIJnOHBwBW3bzOjsszkG4yNmowPDrD6AKDG5B1Q=)
Validation: OK
Signature path: rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:5c:fe:ab:95:f7:b2:52:b0:69:f5:4a:37:db:dc:92:59:2a:98:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Validity
Not Before: Aug 10 07:27:18 2025 GMT
Not After : Aug 11 10:58:18 2025 GMT
Subject: CN=A8C4B9A27651E4BA1B7D3D497B90022ED3A867BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:7e:32:e8:87:36:1a:f9:b8:57:33:67:9f:e5:
96:b3:f6:32:ee:6b:4c:63:10:fd:d9:82:b2:2e:13:
d5:08:df:e8:41:7a:8b:bd:7e:1c:f8:af:d8:ff:0e:
7a:17:c4:30:2c:7d:52:d2:2c:71:0c:06:63:f9:63:
88:60:a4:15:d9:fa:f8:6e:f7:f4:84:9b:48:f4:d2:
e4:1d:72:6f:a6:a9:2b:c9:4f:73:df:c8:19:e2:e9:
96:f0:cd:42:35:c9:9f:56:67:a3:41:5d:78:38:20:
ef:d1:fe:60:78:a5:4f:8b:0f:65:a6:ff:7a:ec:13:
bb:d6:d1:db:46:00:71:6e:3c:2a:ee:6b:dc:f0:40:
45:34:4b:74:ef:0b:a6:6e:5a:df:dc:32:43:d0:81:
3d:b9:07:ca:42:41:ae:dd:1e:4e:fb:fc:1e:0e:28:
a6:54:d1:c3:ad:d5:4f:0b:59:18:3a:b4:ec:27:32:
78:04:7f:bc:31:1c:14:ae:1e:8b:c7:9e:23:54:28:
45:2b:7d:9c:d0:1d:a7:16:d1:6f:42:fc:40:de:7f:
b1:d3:56:3b:f6:02:a1:8b:25:2e:70:f4:ae:39:47:
e6:88:65:1e:fc:8b:76:05:2b:fa:ab:c2:25:2f:35:
18:08:c2:2a:b6:8b:1d:bf:76:0e:4d:2e:9f:f4:7f:
01:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C4:B9:A2:76:51:E4:BA:1B:7D:3D:49:7B:90:02:2E:D3:A8:67:BE
X509v3 Authority Key Identifier:
keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:38:43:b9:d1:24:2a:22:91:b9:dd:d6:24:e8:89:fd:19:56:
46:b9:c4:12:ef:15:5b:e5:41:05:01:0a:15:ce:54:7e:24:dc:
db:b4:22:68:4a:b4:7e:1c:18:e7:f6:8d:35:d9:16:d8:5b:7b:
21:14:4f:a9:07:35:cf:50:49:b2:9a:53:0f:d5:82:cd:91:1c:
da:1f:81:66:99:f2:56:9e:2c:e9:ab:c0:2a:08:fc:c9:8b:a2:
fb:a2:f2:c9:61:c9:11:58:51:76:9e:e3:25:d4:f0:72:eb:5d:
99:02:8e:2f:aa:01:15:11:1a:89:fa:b1:20:8f:1b:45:9c:76:
e5:0e:a9:bf:a1:a0:e4:c1:0d:22:b7:c5:f4:30:b1:6a:7e:8a:
59:38:d1:1e:5b:65:57:0b:a1:e8:c5:17:b5:3d:ad:17:46:e0:
28:59:6a:c1:3d:83:09:59:e8:5a:b9:08:99:3d:14:22:a7:fa:
ee:0c:a2:09:12:2a:9c:59:0e:70:62:fc:94:24:be:28:1f:68:
ec:59:0f:05:56:f5:7b:e5:58:28:3c:d8:eb:04:99:04:e5:0f:
82:0a:4a:30:e1:28:20:56:38:e9:85:3c:8f:0f:d8:34:19:46:
ed:e5:7c:75:4b:96:83:6d:d6:2e:c1:5a:ab:68:db:3f:a2:84:
b3:e3:33:c9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUHFz+q5X3slKwafVKN9vcklkqmC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNTA4MTAwNzI3MThaFw0yNTA4MTExMDU4MThaMDMxMTAvBgNV
BAMTKEE4QzRCOUEyNzY1MUU0QkExQjdEM0Q0OTdCOTAwMjJFRDNBODY3QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0fjLohzYa+bhXM2ef5Zaz9jLu
a0xjEP3ZgrIuE9UI3+hBeou9fhz4r9j/DnoXxDAsfVLSLHEMBmP5Y4hgpBXZ+vhu
9/SEm0j00uQdcm+mqSvJT3PfyBni6ZbwzUI1yZ9WZ6NBXXg4IO/R/mB4pU+LD2Wm
/3rsE7vW0dtGAHFuPCrua9zwQEU0S3TvC6ZuWt/cMkPQgT25B8pCQa7dHk77/B4O
KKZU0cOt1U8LWRg6tOwnMngEf7wxHBSuHovHniNUKEUrfZzQHacW0W9C/EDef7HT
Vjv2AqGLJS5w9K45R+aIZR78i3YFK/qrwiUvNRgIwiq2ix2/dg5NLp/0fwFdAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUqMS5onZR5LobfT1Je5ACLtOoZ74wHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBABg4Q7nRJCoikbnd
1iToif0ZVka5xBLvFVvlQQUBChXOVH4k3Nu0ImhKtH4cGOf2jTXZFthbeyEUT6kH
Nc9QSbKaUw/Vgs2RHNofgWaZ8laeLOmrwCoI/MmLovui8slhyRFYUXae4yXU8HLr
XZkCji+qARURGon6sSCPG0WcduUOqb+hoOTBDSK3xfQwsWp+ilk40R5bZVcLoejF
F7U9rRdG4ChZasE9gwlZ6Fq5CJk9FCKn+u4MogkSKpxZDnBi/JQkvigfaOxZDwVW
9XvlWCg82OsEmQTlD4IKSjDhKCBWOOmFPI8P2DQZRu3lfHVLloNt1i7BWqto2z+i
hLPjM8k=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:41:53 2025 by rpki-client