Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
File:                     ESXJC-alxXrBYrVYE8_HZm7wg1o.mft (raw, json)
Hash identifier:          0wREtIdhSFtAJF7XKtFcNYoSVpSu5n6tjRzVlSEXelQ=
Subject key identifier:   9B:54:01:3E:EF:99:57:C7:41:37:47:EF:87:E8:BD:46:33:23:38:DB
Authority key identifier: 11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A
Certificate issuer:       /CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
Certificate serial:       0193572E0044108E9EB698DE90F24D816395
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
Manifest number:          0189
Signing time:             Sat 23 Nov 2024 04:00:52 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:52 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:52 +0000
Files and hashes:         1: ESXJC-alxXrBYrVYE8_HZm7wg1o.crl (hash: DpdIEf/ks4p2F/Lde9ZUPpfhUEQfqrX3Y15aPObNKbs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2e:00:44:10:8e:9e:b6:98:de:90:f2:4d:81:63:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
        Validity
            Not Before: Nov 23 04:00:52 2024 GMT
            Not After : Nov 24 04:00:52 2024 GMT
        Subject: CN=9b54013eef9957c7413747ef87e8bd46332338db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ad:19:a7:eb:e8:b3:64:c7:3d:b6:ac:1b:90:
                    60:ef:32:e8:21:f6:98:4a:9b:6e:2d:42:00:5a:9d:
                    ed:1d:5b:58:cd:70:31:8f:29:26:5a:4e:18:3b:51:
                    7c:14:5f:b5:4c:9b:e7:4f:98:f3:16:15:69:bb:6f:
                    b8:a1:ef:e8:b7:c3:f1:95:55:c9:51:6f:dd:85:75:
                    4b:5c:2b:6c:99:f8:e1:c3:e4:49:73:47:ad:b7:92:
                    32:9a:8f:63:08:ec:c7:89:c8:41:97:14:7f:f0:4e:
                    0b:e1:a2:d4:b0:63:52:fa:76:f6:a3:24:ac:8d:6c:
                    4c:ed:e7:3c:fd:d9:96:ca:c0:10:c2:03:d0:85:b2:
                    8e:bd:e4:1a:e1:16:13:c7:a7:03:5b:72:ee:4f:d3:
                    87:44:23:88:e5:a5:84:98:89:ee:01:b6:7b:17:6f:
                    3e:6d:2a:d4:7f:54:b0:f6:87:88:66:a4:f3:71:0e:
                    3c:2f:94:74:76:dd:8a:cb:bd:61:67:3f:c3:c2:46:
                    01:8c:e5:ba:66:8f:4c:61:20:29:fe:97:c2:81:bc:
                    d9:84:fc:09:a3:8a:ae:ef:a5:3b:66:2d:f4:a7:43:
                    e5:30:52:0e:d0:20:ab:c6:c5:a8:f3:b2:df:9f:a5:
                    25:f4:1c:d7:3d:36:af:0d:cf:5e:2c:b2:84:1f:19:
                    da:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:54:01:3E:EF:99:57:C7:41:37:47:EF:87:E8:BD:46:33:23:38:DB
            X509v3 Authority Key Identifier:
                keyid:11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:3c:a0:ab:f8:da:60:9e:63:2f:b7:d0:d8:88:3d:6c:a8:50:
         a4:4a:f5:ae:91:ef:b1:48:23:6b:6e:f8:f5:e8:dd:ea:22:1b:
         49:70:d7:15:9d:09:ec:ee:06:a1:4e:6d:80:a1:0a:38:dc:e5:
         1a:8b:07:3c:21:7d:f2:20:0d:5b:36:aa:a1:0b:aa:2e:85:dc:
         83:a5:1b:9c:04:7b:2b:b3:79:70:98:77:c3:09:06:3f:48:00:
         d4:3a:e1:e0:07:4c:ca:c2:0f:31:b3:ec:d8:14:ec:22:90:64:
         88:ce:42:b1:46:a7:ed:14:42:48:21:a7:ff:1b:0d:8b:38:d4:
         94:c9:b4:a0:d8:5c:c1:ac:a5:3f:5d:68:7d:21:c6:4f:5c:31:
         83:04:41:a4:3e:e4:94:4c:7b:12:19:fe:03:89:46:93:ff:bd:
         76:60:2a:ee:62:0b:ee:46:3c:3d:11:c4:d0:29:e6:75:64:30:
         cb:a9:ba:ef:7d:f1:eb:54:7f:09:1d:7a:4d:8e:6f:ca:6a:80:
         4d:b5:12:56:2d:b0:22:40:ca:d4:49:3b:e4:e4:19:b9:8f:54:
         eb:47:1b:a1:79:42:c1:19:cc:94:f2:db:20:ab:d8:1d:6f:be:
         f1:b8:69:d3:76:1c:48:d7:be:48:5b:d5:a2:8e:b9:b8:b7:42:
         b8:9f:cd:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLgBEEI6etpjekPJNgWOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjVjOTBiZTZhNWM1N2FjMTYyYjU1ODEzY2ZjNzY2NmVm
MDgzNWEwHhcNMjQxMTIzMDQwMDUyWhcNMjQxMTI0MDQwMDUyWjAzMTEwLwYDVQQD
Eyg5YjU0MDEzZWVmOTk1N2M3NDEzNzQ3ZWY4N2U4YmQ0NjMzMjMzOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt60Zp+vos2THPbasG5Bg7zLoIfaY
SptuLUIAWp3tHVtYzXAxjykmWk4YO1F8FF+1TJvnT5jzFhVpu2+4oe/ot8PxlVXJ
UW/dhXVLXCtsmfjhw+RJc0ett5Iymo9jCOzHichBlxR/8E4L4aLUsGNS+nb2oySs
jWxM7ec8/dmWysAQwgPQhbKOveQa4RYTx6cDW3LuT9OHRCOI5aWEmInuAbZ7F28+
bSrUf1Sw9oeIZqTzcQ48L5R0dt2Ky71hZz/DwkYBjOW6Zo9MYSAp/pfCgbzZhPwJ
o4qu76U7Zi30p0PlMFIO0CCrxsWo87Lfn6Ul9BzXPTavDc9eLLKEHxnasQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtUAT7vmVfHQTdH74fovUYzIzjbMB8GA1UdIwQY
MBaAFBElyQvmpcV6wWK1WBPPx2Zu8INaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAt
ZWNlZWViOTdhN2QxLzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAtZWNlZWViOTdhN2Qx
LzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATTygq/ja
YJ5jL7fQ2Ig9bKhQpEr1rpHvsUgja2749ejd6iIbSXDXFZ0J7O4GoU5tgKEKONzl
GosHPCF98iANWzaqoQuqLoXcg6UbnAR7K7N5cJh3wwkGP0gA1Drh4AdMysIPMbPs
2BTsIpBkiM5CsUan7RRCSCGn/xsNizjUlMm0oNhcwaylP11ofSHGT1wxgwRBpD7k
lEx7Ehn+A4lGk/+9dmAq7mIL7kY8PRHE0CnmdWQwy6m6733x61R/CR16TY5vymqA
TbUSVi2wIkDK1Ek75OQZuY9U60cboXlCwRnMlPLbIKvYHW++8bhp03YcSNe+SFvV
oo65uLdCuJ/NUg==
-----END CERTIFICATE-----