Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
File:                     ESXJC-alxXrBYrVYE8_HZm7wg1o.mft (raw, json)
Hash identifier:          nM9t5G5YpPALRfm5OdiyoJO832uzTx6/oxmkYP4oRCw=
Subject key identifier:   EF:AD:02:54:1A:D3:66:43:60:C2:D2:E6:59:EF:26:C6:44:6F:CA:63
Authority key identifier: 11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A
Certificate issuer:       /CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
Certificate serial:       0191F9A2CA853927D86427471F57C8D98DFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
Manifest number:          D4
Signing time:             Mon 16 Sep 2024 07:01:21 +0000
Manifest this update:     Mon 16 Sep 2024 07:01:21 +0000
Manifest next update:     Tue 17 Sep 2024 07:01:21 +0000
Files and hashes:         1: ESXJC-alxXrBYrVYE8_HZm7wg1o.crl (hash: vI0PUVS4spezXDl7V7UEOvR3ZX7R14dYB51TeRavM0o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:a2:ca:85:39:27:d8:64:27:47:1f:57:c8:d9:8d:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
        Validity
            Not Before: Sep 16 07:01:21 2024 GMT
            Not After : Sep 17 07:01:21 2024 GMT
        Subject: CN=efad02541ad3664360c2d2e659ef26c6446fca63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:36:08:a1:6d:fa:67:a8:f1:8a:c6:72:91:3c:
                    f0:de:3d:92:73:fa:18:15:4b:84:f8:aa:af:92:27:
                    29:7f:44:07:0e:c5:64:69:73:c3:b7:2a:2d:65:df:
                    59:16:4d:34:01:15:de:32:14:fa:e1:55:ac:f0:b0:
                    75:bc:53:5f:de:24:cc:0a:49:e3:de:e2:ae:cf:78:
                    a7:46:73:fd:92:e6:33:4a:7c:80:a1:bb:30:e0:22:
                    ca:26:23:e5:48:12:8d:81:dd:b7:c1:56:01:6c:5e:
                    49:f6:ae:fe:b6:82:c4:4a:a2:26:15:92:74:14:16:
                    e4:d4:9f:08:ff:0e:61:a1:5f:30:15:c9:6a:06:68:
                    eb:f8:85:1b:e5:d4:f2:b5:9a:a9:f4:af:26:62:0d:
                    f0:4c:2b:b4:1c:b3:59:5a:e4:51:db:3c:fe:c6:24:
                    d8:54:2d:73:9f:9c:c1:f1:4d:87:ae:80:b4:6f:35:
                    76:8a:1b:fa:1f:b3:f8:08:45:44:1c:1d:27:24:20:
                    20:70:9a:cb:73:77:e9:c2:31:67:1c:df:d8:23:2f:
                    f5:c2:76:d2:c0:d1:77:fc:88:e1:58:06:42:45:41:
                    e3:8d:2a:fe:5f:52:41:23:8d:d8:73:b3:ae:8c:7b:
                    03:a1:ae:2e:aa:82:f0:e6:72:43:ad:d7:0e:1f:2e:
                    b1:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:AD:02:54:1A:D3:66:43:60:C2:D2:E6:59:EF:26:C6:44:6F:CA:63
            X509v3 Authority Key Identifier:
                keyid:11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:03:7d:91:49:79:e8:a1:1c:92:ab:a8:c1:73:af:4b:27:84:
         aa:5d:d3:be:d2:7b:a4:64:c6:e1:70:ae:14:77:55:4a:9e:b5:
         dc:e8:19:2b:8d:34:f5:b9:01:84:f8:ec:60:0a:b5:34:1c:c8:
         b5:6a:f7:09:9c:0f:86:f6:d0:3b:f7:3e:a8:b3:b8:ef:68:ad:
         76:63:db:18:12:79:2c:0b:6a:cb:bd:72:15:c1:c1:0c:6f:93:
         2a:dd:7f:20:73:73:aa:ba:57:58:54:41:37:92:30:e2:59:70:
         e6:a5:bf:4b:00:31:ec:3a:6a:6d:94:78:3b:03:d3:30:d3:43:
         b7:c5:d1:61:6b:8c:ed:f1:7c:d2:ad:da:9b:b5:41:28:73:20:
         93:1d:67:d3:85:0d:3e:b6:30:72:76:1e:db:48:9c:53:b7:c7:
         71:a5:48:58:0d:e7:0b:e7:ab:6c:22:9f:d6:d6:35:29:01:c1:
         d9:38:a8:fc:fa:b0:77:ee:97:43:83:49:95:44:a5:c4:5e:c7:
         31:c0:b7:6a:ad:66:fa:80:61:f3:b4:62:30:2d:95:30:2c:99:
         38:dd:5b:44:8f:36:01:89:e0:0a:01:64:0a:4d:67:13:68:b1:
         21:ef:4e:c2:fb:28:7a:ac:21:9f:4e:17:1d:e2:a2:fb:f0:22:
         0a:a1:72:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH5osqFOSfYZCdHH1fI2Y36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjVjOTBiZTZhNWM1N2FjMTYyYjU1ODEzY2ZjNzY2NmVm
MDgzNWEwHhcNMjQwOTE2MDcwMTIxWhcNMjQwOTE3MDcwMTIxWjAzMTEwLwYDVQQD
EyhlZmFkMDI1NDFhZDM2NjQzNjBjMmQyZTY1OWVmMjZjNjQ0NmZjYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDYIoW36Z6jxisZykTzw3j2Sc/oY
FUuE+Kqvkicpf0QHDsVkaXPDtyotZd9ZFk00ARXeMhT64VWs8LB1vFNf3iTMCknj
3uKuz3inRnP9kuYzSnyAobsw4CLKJiPlSBKNgd23wVYBbF5J9q7+toLESqImFZJ0
FBbk1J8I/w5hoV8wFclqBmjr+IUb5dTytZqp9K8mYg3wTCu0HLNZWuRR2zz+xiTY
VC1zn5zB8U2HroC0bzV2ihv6H7P4CEVEHB0nJCAgcJrLc3fpwjFnHN/YIy/1wnbS
wNF3/IjhWAZCRUHjjSr+X1JBI43Yc7OujHsDoa4uqoLw5nJDrdcOHy6xvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+tAlQa02ZDYMLS5lnvJsZEb8pjMB8GA1UdIwQY
MBaAFBElyQvmpcV6wWK1WBPPx2Zu8INaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAt
ZWNlZWViOTdhN2QxLzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAtZWNlZWViOTdhN2Qx
LzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQN9kUl5
6KEckquowXOvSyeEql3TvtJ7pGTG4XCuFHdVSp613OgZK4009bkBhPjsYAq1NBzI
tWr3CZwPhvbQO/c+qLO472itdmPbGBJ5LAtqy71yFcHBDG+TKt1/IHNzqrpXWFRB
N5Iw4llw5qW/SwAx7DpqbZR4OwPTMNNDt8XRYWuM7fF80q3am7VBKHMgkx1n04UN
PrYwcnYe20icU7fHcaVIWA3nC+erbCKf1tY1KQHB2Tio/Pqwd+6XQ4NJlUSlxF7H
McC3aq1m+oBh87RiMC2VMCyZON1bRI82AYngCgFkCk1nE2ixIe9Owvsoeqwhn04X
HeKi+/AiCqFytw==
-----END CERTIFICATE-----