Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
File:                     ESXJC-alxXrBYrVYE8_HZm7wg1o.mft (raw, json)
Hash identifier:          CDSKlAuyYZo9aLjxLUNYZJfsqfXBM2a4ada2TuEH2Ck=
Subject key identifier:   50:D8:4E:1A:EC:64:96:A5:3B:66:4F:9F:AE:97:3C:1C:A0:2C:B0:44
Authority key identifier: 11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A
Certificate issuer:       /CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
Certificate serial:       019D38D362897CB85AE7C2B202A1F15A3BBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
Manifest number:          06A7
Signing time:             Sun 29 Mar 2026 09:01:10 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:10 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:10 +0000
Files and hashes:         1: ESXJC-alxXrBYrVYE8_HZm7wg1o.crl (hash: v3ZB9uPKQO54PamEGsvpypgKL17XBMDdFvCCtV+6rQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 09:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:62:89:7c:b8:5a:e7:c2:b2:02:a1:f1:5a:3b:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
        Validity
            Not Before: Mar 29 09:01:10 2026 GMT
            Not After : Mar 30 09:01:10 2026 GMT
        Subject: CN=50d84e1aec6496a53b664f9fae973c1ca02cb044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a2:35:1c:ed:57:77:95:b9:e9:68:a8:06:4f:
                    d2:69:7a:e1:25:18:fe:31:29:44:2e:9a:ff:4f:22:
                    ba:76:6c:71:80:e0:22:13:66:05:0f:e7:58:d1:22:
                    72:23:90:95:98:ae:49:47:dc:06:ae:fc:e5:88:f2:
                    5a:85:db:31:80:3c:74:03:a5:0f:15:7c:a2:27:d9:
                    29:bc:05:70:e7:48:c9:ff:41:ca:d2:8e:d8:bf:bb:
                    83:24:49:ed:0c:fc:c3:dd:e5:99:31:8d:ac:e5:28:
                    37:8b:ec:13:0e:f9:a3:2a:41:3d:92:22:f9:d0:d4:
                    82:b6:9c:54:9d:73:c6:22:5b:4a:e0:45:e6:97:ce:
                    ce:60:c5:8f:eb:c2:58:32:80:fc:57:06:e0:93:d2:
                    a5:19:56:92:87:35:bd:b4:88:cb:9e:8d:13:ac:51:
                    dc:61:73:34:9b:40:12:ed:8f:1d:ce:b5:be:ed:d0:
                    b7:b8:ba:b6:d2:b5:97:dc:1b:5f:11:b6:b5:28:ef:
                    bb:89:d2:9a:25:ac:0c:26:f3:e0:e2:9d:53:1f:63:
                    10:e3:89:67:30:42:9c:8f:97:66:fb:66:a8:27:e1:
                    ee:0f:82:b2:9b:3d:93:99:70:0e:fc:35:e1:a5:86:
                    ae:56:83:44:69:2b:0f:40:7f:63:fc:97:e1:24:b9:
                    6c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:D8:4E:1A:EC:64:96:A5:3B:66:4F:9F:AE:97:3C:1C:A0:2C:B0:44
            X509v3 Authority Key Identifier:
                keyid:11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:cb:24:f5:71:e6:2b:31:47:6c:4f:dd:90:a7:f0:7b:11:91:
         c2:1b:5e:39:78:18:60:80:c9:69:a9:b2:fe:66:c1:b3:2d:48:
         eb:ac:d8:1d:83:c0:72:ad:f8:38:08:5b:77:ef:bc:0c:23:f0:
         51:90:5b:81:36:79:5c:38:aa:82:05:0f:30:a1:4f:ac:dc:21:
         5a:73:32:11:44:62:8c:6e:f5:08:98:ac:84:8a:3f:4b:c7:f7:
         70:eb:25:4e:9d:38:ad:53:b9:66:79:16:ea:ca:e3:cc:08:3a:
         0f:3a:ba:9c:03:e6:b3:10:3f:49:e1:bc:79:53:47:e7:38:42:
         ae:47:bc:37:cd:a6:9c:9f:a4:dd:ac:f2:42:b3:d6:7f:e6:58:
         6f:f3:c8:d0:78:ac:8c:6b:58:e0:f3:4f:50:12:e9:a7:60:00:
         e3:93:00:3b:00:07:bd:76:6a:3f:ad:a5:08:c1:73:33:fa:fb:
         9d:7e:9c:fb:14:a5:37:31:ad:66:ea:fd:87:bc:e7:66:da:30:
         e6:60:9d:ec:5e:3a:15:43:a4:2f:f4:f9:87:a4:cf:23:ef:34:
         a0:04:0a:2b:22:b2:ba:69:f4:e8:7f:aa:16:c7:27:62:c0:ed:
         d1:a2:4d:93:6d:46:2c:e4:a5:af:98:58:45:ef:7b:29:32:69:
         70:d3:39:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0402KJfLha58KyAqHxWju+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjVjOTBiZTZhNWM1N2FjMTYyYjU1ODEzY2ZjNzY2NmVm
MDgzNWEwHhcNMjYwMzI5MDkwMTEwWhcNMjYwMzMwMDkwMTEwWjAzMTEwLwYDVQQD
Eyg1MGQ4NGUxYWVjNjQ5NmE1M2I2NjRmOWZhZTk3M2MxY2EwMmNiMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqI1HO1Xd5W56WioBk/SaXrhJRj+
MSlELpr/TyK6dmxxgOAiE2YFD+dY0SJyI5CVmK5JR9wGrvzliPJahdsxgDx0A6UP
FXyiJ9kpvAVw50jJ/0HK0o7Yv7uDJEntDPzD3eWZMY2s5Sg3i+wTDvmjKkE9kiL5
0NSCtpxUnXPGIltK4EXml87OYMWP68JYMoD8Vwbgk9KlGVaShzW9tIjLno0TrFHc
YXM0m0AS7Y8dzrW+7dC3uLq20rWX3BtfEba1KO+7idKaJawMJvPg4p1TH2MQ44ln
MEKcj5dm+2aoJ+HuD4Kymz2TmXAO/DXhpYauVoNEaSsPQH9j/JfhJLlsOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDYThrsZJalO2ZPn66XPBygLLBEMB8GA1UdIwQY
MBaAFBElyQvmpcV6wWK1WBPPx2Zu8INaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAt
ZWNlZWViOTdhN2QxLzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAtZWNlZWViOTdhN2Qx
LzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPssk9XHm
KzFHbE/dkKfwexGRwhteOXgYYIDJaamy/mbBsy1I66zYHYPAcq34OAhbd++8DCPw
UZBbgTZ5XDiqggUPMKFPrNwhWnMyEURijG71CJishIo/S8f3cOslTp04rVO5ZnkW
6srjzAg6Dzq6nAPmsxA/SeG8eVNH5zhCrke8N82mnJ+k3azyQrPWf+ZYb/PI0His
jGtY4PNPUBLpp2AA45MAOwAHvXZqP62lCMFzM/r7nX6c+xSlNzGtZur9h7znZtow
5mCd7F46FUOkL/T5h6TPI+80oAQKKyKyumn06H+qFscnYsDt0aJNk21GLOSlr5hY
Re97KTJpcNM5CA==
-----END CERTIFICATE-----