Manifest

$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File:                     B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier:          YAnZ1HuClhnusNB0KzgXxotQvA+7bfOihUNSR5hgNdU=
Subject key identifier:   B0:F3:24:15:7F:F7:9E:60:B8:59:06:52:F6:30:42:F7:91:A5:39:0B
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer:       /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial:       6DC8E3EEE3279F060F856C5FD5E1CA27222FF845
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access:      rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number:          028F
Signing time:             Thu 16 Apr 2026 18:46:36 +0000
Manifest this update:     Thu 16 Apr 2026 18:41:36 +0000
Manifest next update:     Fri 17 Apr 2026 18:55:36 +0000
Files and hashes:         1: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: sHNwQEeUMSyZ/zzA36PEW9uJv27yxeWNiuJwAwuqomg=)
                          2: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: 7s5kSYH1DbSfowuVOrG3wfjclNvq71vCWTMKX5SA1NA=)
Validation:               OK
Signature path:           rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
                          rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 18:55:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:c8:e3:ee:e3:27:9f:06:0f:85:6c:5f:d5:e1:ca:27:22:2f:f8:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
        Validity
            Not Before: Apr 16 18:41:36 2026 GMT
            Not After : Apr 17 18:55:36 2026 GMT
        Subject: CN=B0F324157FF79E60B8590652F63042F791A5390B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:0e:52:a8:d3:5a:e2:3e:c2:b3:d5:94:cd:0a:
                    d3:3a:74:02:fa:53:20:87:4f:90:fd:00:39:38:dc:
                    a1:cd:a8:1a:2e:3f:01:72:2f:a4:7e:91:0e:8b:8e:
                    7e:92:05:1c:7b:ed:05:e0:3d:e8:03:55:bd:d0:c9:
                    00:26:73:c3:cf:42:89:a7:d2:77:f9:04:46:10:10:
                    fe:82:18:ab:99:94:10:fd:fd:81:41:f0:9e:fe:62:
                    69:36:00:45:eb:74:dd:c2:17:ae:a1:cd:fe:60:8b:
                    0a:74:c2:2d:2f:34:58:18:6f:53:30:ea:7c:3d:ba:
                    dd:54:a4:cf:17:6f:ad:cb:5f:70:c8:47:97:04:98:
                    e6:c7:98:f0:6d:88:23:af:bb:26:33:c9:a0:78:9d:
                    f2:16:21:c8:f9:60:ab:a7:b4:78:72:c6:fb:3d:b7:
                    45:08:d4:a9:05:99:cc:e7:90:a0:79:1a:5e:15:b1:
                    9b:f0:55:1b:87:90:4d:35:f4:bd:85:93:0b:23:bd:
                    fe:95:18:e0:f1:69:fb:6e:1f:77:a9:a7:15:20:d7:
                    83:27:66:17:2a:b8:10:f1:9f:97:47:b4:d5:e3:1c:
                    a5:5b:e6:2c:c6:2f:c7:c6:5d:4f:63:2d:1e:6b:7b:
                    92:bd:16:74:73:f4:4b:d3:3d:da:88:a5:df:08:08:
                    13:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:F3:24:15:7F:F7:9E:60:B8:59:06:52:F6:30:42:F7:91:A5:39:0B
            X509v3 Authority Key Identifier:
                keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:af:a8:2a:bb:bf:11:7a:5e:81:f3:37:3b:a1:d7:3e:02:58:
         d4:70:09:c1:02:f1:b2:ed:6c:8b:db:c0:14:80:bb:18:cb:c7:
         a3:27:fc:bb:31:36:bf:ca:be:19:72:cc:1c:28:56:15:48:d7:
         53:68:1d:7e:d0:28:da:85:d2:d9:b8:88:a0:f6:53:60:e4:32:
         4c:a9:14:1a:d7:b0:08:61:12:62:85:7f:e2:3f:aa:fe:51:7f:
         99:26:8b:6f:c5:7d:b8:c4:bc:d1:44:a2:83:c2:4c:f8:bb:78:
         f4:fa:3c:cd:cb:69:7b:47:c2:77:06:4e:8c:bc:ba:6e:12:3b:
         08:fa:ba:c9:da:20:27:01:ed:08:30:12:d4:44:36:12:3c:aa:
         0d:30:a2:c5:30:47:61:77:d1:ec:68:a0:b4:a2:6f:b3:cb:c0:
         20:5c:9a:e0:89:c0:39:cf:08:43:c0:88:c6:48:4a:ff:74:41:
         bc:96:57:dc:5c:04:90:92:63:93:da:56:b9:e2:6c:f0:4e:60:
         7f:e1:b0:35:e1:a7:ee:8f:44:9f:f7:13:be:e0:9e:9a:6f:6c:
         e0:18:b0:a8:8d:34:e9:58:07:87:59:ae:cb:65:45:ff:18:8d:
         90:a0:d7:d5:cb:cc:64:71:f7:0d:87:91:55:53:6f:2d:a8:c9:
         03:b1:03:6c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUbcjj7uMnnwYPhWxf1eHKJyIv+EUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNjA0MTYxODQxMzZaFw0yNjA0MTcxODU1MzZaMDMxMTAvBgNV
BAMTKEIwRjMyNDE1N0ZGNzlFNjBCODU5MDY1MkY2MzA0MkY3OTFBNTM5MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeDlKo01riPsKz1ZTNCtM6dAL6
UyCHT5D9ADk43KHNqBouPwFyL6R+kQ6Ljn6SBRx77QXgPegDVb3QyQAmc8PPQomn
0nf5BEYQEP6CGKuZlBD9/YFB8J7+Ymk2AEXrdN3CF66hzf5giwp0wi0vNFgYb1Mw
6nw9ut1UpM8Xb63LX3DIR5cEmObHmPBtiCOvuyYzyaB4nfIWIcj5YKuntHhyxvs9
t0UI1KkFmcznkKB5Gl4VsZvwVRuHkE019L2Fkwsjvf6VGODxaftuH3eppxUg14Mn
ZhcquBDxn5dHtNXjHKVb5izGL8fGXU9jLR5re5K9FnRz9EvTPdqIpd8ICBOnAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUsPMkFX/3nmC4WQZS9jBC95GlOQswHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAHmvqCq7vxF6XoHz
Nzuh1z4CWNRwCcEC8bLtbIvbwBSAuxjLx6Mn/LsxNr/KvhlyzBwoVhVI11NoHX7Q
KNqF0tm4iKD2U2DkMkypFBrXsAhhEmKFf+I/qv5Rf5kmi2/FfbjEvNFEooPCTPi7
ePT6PM3LaXtHwncGToy8um4SOwj6usnaICcB7QgwEtRENhI8qg0wosUwR2F30exo
oLSib7PLwCBcmuCJwDnPCEPAiMZISv90QbyWV9xcBJCSY5PaVrnibPBOYH/hsDXh
p+6PRJ/3E77gnppvbOAYsKiNNOlYB4dZrstlRf8YjZCg19XLzGRx9w2HkVVTby2o
yQOxA2w=
-----END CERTIFICATE-----