Manifest

$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
File:                     B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft (raw, json)
Hash identifier:          pQvBAxk6GXtmyV54Faj8rOZlOLprE2zjOzWN2CibePY=
Subject key identifier:   E2:0B:E3:64:6E:94:1F:45:13:4B:11:98:D8:12:74:6C:29:24:F3:A2
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Certificate issuer:       /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial:       5B94D5F30373DC0063CF9B36F342EAC02FD42A84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access:      rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
Manifest number:          02B2
Signing time:             Tue 12 May 2026 19:07:39 +0000
Manifest this update:     Tue 12 May 2026 19:02:39 +0000
Manifest next update:     Wed 13 May 2026 22:53:39 +0000
Files and hashes:         1: 323030313a3637633a6438303a3a2f34382d3438203d3e20343031353531.roa (hash: 7s5kSYH1DbSfowuVOrG3wfjclNvq71vCWTMKX5SA1NA=)
                          2: B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl (hash: LeiCs+GztoiyI7dDVAEPoBEr8++Cr8pYpVNa4f0u68k=)
Validation:               OK
Signature path:           rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
                          rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:94:d5:f3:03:73:dc:00:63:cf:9b:36:f3:42:ea:c0:2f:d4:2a:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
        Validity
            Not Before: May 12 19:02:39 2026 GMT
            Not After : May 13 22:53:39 2026 GMT
        Subject: CN=E20BE3646E941F45134B1198D812746C2924F3A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:b1:1e:d7:c2:87:63:97:6d:96:ec:5e:3b:4e:
                    2c:01:18:29:79:08:6a:cc:bb:44:1e:27:1d:3e:ce:
                    a6:29:72:50:a4:89:53:53:ac:ff:da:1a:27:05:91:
                    ec:82:87:34:bd:16:34:ec:52:b1:a1:8c:20:89:f0:
                    b6:48:f0:f7:da:0d:ef:a6:a1:a6:df:83:e5:9b:a2:
                    52:50:19:ad:fa:f4:c3:2d:ad:16:72:fd:74:f0:79:
                    e8:07:68:c7:da:f7:c6:97:87:cc:0d:9c:af:9f:fb:
                    77:d8:71:40:e2:d4:17:85:d1:18:38:e2:2d:de:27:
                    c0:66:b4:01:e6:86:53:4d:b4:46:40:4d:ab:b6:b2:
                    d1:79:b5:bd:1e:a8:64:7f:fa:75:d7:27:5d:9e:34:
                    98:3c:00:14:32:7d:6d:f0:e7:74:fb:eb:73:dc:55:
                    e5:a8:2e:69:69:84:04:07:14:b7:67:f4:54:32:69:
                    ec:79:12:07:24:ab:bd:8f:ef:01:33:da:e8:0f:ab:
                    58:56:e5:c0:31:bd:38:2d:f5:b6:96:97:62:81:e3:
                    d7:ef:87:05:98:e6:9b:10:46:1f:b1:d3:fa:c1:6f:
                    20:82:d6:e0:3b:ef:ed:6d:cd:ef:9d:70:4a:65:1f:
                    33:98:35:c2:09:13:22:75:91:75:0d:bd:4e:60:ef:
                    0f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:0B:E3:64:6E:94:1F:45:13:4B:11:98:D8:12:74:6C:29:24:F3:A2
            X509v3 Authority Key Identifier:
                keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:38:73:51:47:39:e7:cd:a9:8e:d1:bf:4a:ad:d9:40:cc:35:
         84:d2:c0:d3:85:c4:2d:3d:fa:37:45:0b:20:c6:05:b7:c0:d6:
         75:a4:9a:8b:9e:19:07:27:9d:fb:78:cb:44:8e:04:de:21:1d:
         86:57:8b:ad:a7:13:41:bf:36:e3:20:ea:59:87:04:3a:72:26:
         8d:4e:fd:73:c3:0b:a7:aa:0b:db:b6:1f:6d:27:64:c1:8d:c2:
         4e:b3:d6:15:d9:82:23:4c:cc:fb:66:fc:d7:94:33:07:f1:b1:
         54:0a:16:5c:9a:cc:75:50:18:bd:d4:bf:19:81:86:ea:cd:85:
         48:a5:91:d4:7f:0f:84:dc:fa:20:96:d2:cf:b2:1e:1d:10:94:
         aa:78:7a:ee:0d:89:23:b2:6f:7b:72:06:d3:51:2f:33:8f:06:
         d5:20:e4:46:0d:a8:7e:06:27:36:fb:56:dd:7d:87:20:79:9f:
         1b:42:4c:6d:fe:ac:a8:96:e5:07:1f:da:5f:d4:3b:7b:70:d3:
         bb:88:eb:67:b6:75:f7:0e:61:a5:bb:a7:c0:df:35:c9:87:f8:
         f0:1c:0f:38:08:a0:ff:f4:bd:52:4d:cb:dc:c3:28:0a:38:ee:
         3b:52:a2:e7:19:33:e9:10:3d:db:1e:ab:5d:2e:c6:5f:8a:3c:
         8d:1a:41:fd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUW5TV8wNz3ABjz5s280LqwC/UKoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNjA1MTIxOTAyMzlaFw0yNjA1MTMyMjUzMzlaMDMxMTAvBgNV
BAMTKEUyMEJFMzY0NkU5NDFGNDUxMzRCMTE5OEQ4MTI3NDZDMjkyNEYzQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDssR7Xwodjl22W7F47TiwBGCl5
CGrMu0QeJx0+zqYpclCkiVNTrP/aGicFkeyChzS9FjTsUrGhjCCJ8LZI8PfaDe+m
oabfg+WbolJQGa369MMtrRZy/XTweegHaMfa98aXh8wNnK+f+3fYcUDi1BeF0Rg4
4i3eJ8BmtAHmhlNNtEZATau2stF5tb0eqGR/+nXXJ12eNJg8ABQyfW3w53T763Pc
VeWoLmlphAQHFLdn9FQyaex5Egckq72P7wEz2ugPq1hW5cAxvTgt9baWl2KB49fv
hwWY5psQRh+x0/rBbyCC1uA77+1tze+dcEplHzOYNcIJEyJ1kXUNvU5g7w+dAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQU4gvjZG6UH0UTSxGY2BJ0bCkk86IwHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9y
cGtpLm5lbGxpY3VzLm5ldC9yZXBvL25lbGxpY3VzLzAvQjYwNTYxREZGQkZERTI1
NUZFQzE0RDREOUYwRTEzRjQzNzUzNTJFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsG
AQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAIo4c1FHOefNqY7R
v0qt2UDMNYTSwNOFxC09+jdFCyDGBbfA1nWkmoueGQcnnft4y0SOBN4hHYZXi62n
E0G/NuMg6lmHBDpyJo1O/XPDC6eqC9u2H20nZMGNwk6z1hXZgiNMzPtm/NeUMwfx
sVQKFlyazHVQGL3UvxmBhurNhUilkdR/D4Tc+iCW0s+yHh0QlKp4eu4NiSOyb3ty
BtNRLzOPBtUg5EYNqH4GJzb7Vt19hyB5nxtCTG3+rKiW5Qcf2l/UO3tw07uI62e2
dfcOYaW7p8DfNcmH+PAcDzgIoP/0vVJNy9zDKAo47jtSoucZM+kQPdseq10uxl+K
PI0aQf0=
-----END CERTIFICATE-----