Manifest

$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File:                     B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier:          6sOlF/jN0NGc5PoanjpgR8THyPKGYwYC828xI7raH20=
Subject key identifier:   B0:17:D7:AE:3B:DB:D8:92:31:C2:F9:E6:0D:55:CA:F7:E0:FB:16:66
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer:       /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial:       43ACA09C643A69FD3E83DB36E7B313B2B72602FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access:      rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number:          0193
Signing time:             Sun 19 Oct 2025 04:46:10 +0000
Manifest this update:     Sun 19 Oct 2025 04:41:10 +0000
Manifest next update:     Mon 20 Oct 2025 06:16:10 +0000
Files and hashes:         1: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: mqadfIJnOHBwBW3bzOjsszkG4yNmowPDrD6AKDG5B1Q=)
                          2: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: zUI8lk6sWq7t8PKryIkxK/EJnQSUpZX2TPowPUuBr2U=)
Validation:               OK
Signature path:           rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
                          rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:ac:a0:9c:64:3a:69:fd:3e:83:db:36:e7:b3:13:b2:b7:26:02:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
        Validity
            Not Before: Oct 19 04:41:10 2025 GMT
            Not After : Oct 20 06:16:10 2025 GMT
        Subject: CN=B017D7AE3BDBD89231C2F9E60D55CAF7E0FB1666
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:55:be:59:05:b9:a9:30:f8:11:1a:69:cb:ee:
                    c4:30:61:89:d3:49:04:0e:c9:94:67:f0:2e:59:cc:
                    c5:a2:f3:f0:6c:08:34:40:99:06:a4:17:c4:7c:ab:
                    d5:6e:d7:e0:14:55:2c:3d:0c:21:d1:64:59:e1:1e:
                    72:fa:93:43:b5:fa:25:77:88:78:ec:c5:6d:53:f0:
                    66:0c:b3:d8:8e:39:50:0b:0c:2d:38:36:b1:e3:37:
                    98:2c:80:6a:fd:f1:59:f6:a7:93:69:da:22:32:f4:
                    d3:9d:1f:fa:d4:77:ad:f8:8b:42:cf:69:e4:f1:43:
                    d2:9c:c1:ff:a9:e7:98:05:68:ca:97:73:be:4e:a6:
                    9a:00:38:15:25:16:f5:58:6c:78:45:c9:30:14:aa:
                    b8:9b:2e:51:7e:cc:32:a1:5f:58:6f:57:40:96:a5:
                    68:e6:90:bb:3e:6a:d8:79:de:08:1e:b2:50:c7:51:
                    58:b7:0c:62:d2:47:07:2c:57:de:b1:dc:ed:ed:38:
                    fc:88:22:7f:78:5f:d9:eb:39:61:e3:3f:45:56:d1:
                    4a:1e:26:52:6c:f9:77:b5:42:1b:4e:50:7e:4c:7a:
                    b5:16:4f:64:9e:7a:ba:be:cf:69:a5:0c:13:85:2f:
                    30:bf:9a:3b:17:0d:b1:87:9f:29:09:f8:22:56:a2:
                    a0:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:17:D7:AE:3B:DB:D8:92:31:C2:F9:E6:0D:55:CA:F7:E0:FB:16:66
            X509v3 Authority Key Identifier:
                keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:3e:ba:ab:f3:b3:a2:12:31:bc:22:42:9e:ea:82:0a:e5:c4:
         b2:9a:22:e8:a3:ac:c2:d2:fc:4f:6c:94:1f:dc:a6:15:b4:3b:
         ff:29:d8:cb:46:85:5c:1b:a0:5e:99:9f:32:70:43:b0:43:53:
         f1:f0:ca:22:7e:14:37:26:f4:b7:c4:ea:e3:52:06:0b:5b:36:
         ea:ef:52:87:0e:74:fc:67:e4:f5:e3:a6:ce:e8:ee:5a:1d:89:
         9e:ec:9b:c2:5a:ea:f3:5d:a6:5a:1f:50:ab:4e:f7:6f:11:4a:
         69:b7:00:e8:b9:4e:dd:b2:42:62:bf:18:6c:fd:42:d4:44:dd:
         20:f6:52:b4:93:1c:1c:eb:a5:d0:6f:1b:79:40:58:00:17:4f:
         20:5f:f0:8f:a3:2f:67:6a:36:04:2d:2c:02:34:35:7c:ac:4f:
         ac:ed:a5:8c:7e:8c:60:df:d2:74:75:20:b3:23:b9:e4:6c:1c:
         31:e1:e0:d6:bd:13:b2:38:ca:15:7b:ec:cc:ee:f5:84:ef:e4:
         b1:05:23:c1:6d:36:1d:11:7a:67:be:0b:a3:9e:5f:a6:29:c4:
         cd:e2:63:49:ce:65:b4:79:6f:e2:b7:d2:b1:2f:dc:9e:55:b8:
         0b:98:d7:31:a9:57:4b:ed:d5:70:22:2e:25:3a:22:4a:45:b5:
         23:59:2e:d4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUQ6ygnGQ6af0+g9s257MTsrcmAvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNTEwMTkwNDQxMTBaFw0yNTEwMjAwNjE2MTBaMDMxMTAvBgNV
BAMTKEIwMTdEN0FFM0JEQkQ4OTIzMUMyRjlFNjBENTVDQUY3RTBGQjE2NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZVb5ZBbmpMPgRGmnL7sQwYYnT
SQQOyZRn8C5ZzMWi8/BsCDRAmQakF8R8q9Vu1+AUVSw9DCHRZFnhHnL6k0O1+iV3
iHjsxW1T8GYMs9iOOVALDC04NrHjN5gsgGr98Vn2p5Np2iIy9NOdH/rUd634i0LP
aeTxQ9Kcwf+p55gFaMqXc75OppoAOBUlFvVYbHhFyTAUqribLlF+zDKhX1hvV0CW
pWjmkLs+ath53ggeslDHUVi3DGLSRwcsV96x3O3tOPyIIn94X9nrOWHjP0VW0Uoe
JlJs+Xe1QhtOUH5MerUWT2Seerq+z2mlDBOFLzC/mjsXDbGHnykJ+CJWoqDbAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUsBfXrjvb2JIxwvnmDVXK9+D7FmYwHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBABQ+uqvzs6ISMbwi
Qp7qggrlxLKaIuijrMLS/E9slB/cphW0O/8p2MtGhVwboF6ZnzJwQ7BDU/HwyiJ+
FDcm9LfE6uNSBgtbNurvUocOdPxn5PXjps7o7lodiZ7sm8Ja6vNdplofUKtO928R
Smm3AOi5Tt2yQmK/GGz9QtRE3SD2UrSTHBzrpdBvG3lAWAAXTyBf8I+jL2dqNgQt
LAI0NXysT6ztpYx+jGDf0nR1ILMjueRsHDHh4Na9E7I4yhV77Mzu9YTv5LEFI8Ft
Nh0Reme+C6OeX6YpxM3iY0nOZbR5b+K30rEv3J5VuAuY1zGpV0vt1XAiLiU6IkpF
tSNZLtQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:06 2025 by rpki-client