Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
File:                     ESXJC-alxXrBYrVYE8_HZm7wg1o.mft (raw, json)
Hash identifier:          CD8a7rkU21qgpH7tlW42dHST+v0jVWnhAhg9iWE66Tw=
Subject key identifier:   0E:6B:DB:62:40:79:26:54:9A:2D:6B:9C:0B:E5:F4:07:88:19:6D:18
Authority key identifier: 11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A
Certificate issuer:       /CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
Certificate serial:       019655DC924F95377A053E5BC632C5C9DEFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
Manifest number:          0316
Signing time:             Mon 21 Apr 2025 01:00:40 +0000
Manifest this update:     Mon 21 Apr 2025 01:00:40 +0000
Manifest next update:     Tue 22 Apr 2025 01:00:40 +0000
Files and hashes:         1: ESXJC-alxXrBYrVYE8_HZm7wg1o.crl (hash: mn2lZ3H4cjAmJ9L6UEIn/xGu0QNjoAIsgKehg2tZByg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:92:4f:95:37:7a:05:3e:5b:c6:32:c5:c9:de:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
        Validity
            Not Before: Apr 21 01:00:40 2025 GMT
            Not After : Apr 22 01:00:40 2025 GMT
        Subject: CN=0e6bdb62407926549a2d6b9c0be5f40788196d18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:37:2d:e3:83:b1:9f:b1:c7:71:20:11:32:01:
                    45:f5:e3:a5:c7:96:1e:ce:52:a7:01:93:70:75:0c:
                    23:ab:2b:49:06:cd:96:db:a7:33:b8:01:7d:c9:8d:
                    1d:6e:bb:6c:e1:5a:b3:b7:33:25:65:7d:66:ec:8e:
                    1f:94:ff:37:ac:62:31:19:0f:d3:93:87:07:cc:3e:
                    16:fb:7e:d6:d8:96:fa:b7:ea:41:e5:1a:5f:ac:1d:
                    6d:9d:e9:48:28:7c:c2:70:b2:a5:8f:e3:84:bb:e5:
                    82:5d:14:65:9c:f2:65:6a:64:b6:27:bb:40:4a:e4:
                    54:1e:b2:e9:57:f8:1e:38:f3:66:26:c9:8c:53:a2:
                    19:71:67:75:73:18:6b:f0:bb:3e:e9:30:7b:7f:f5:
                    01:c1:bd:52:0d:90:35:63:d6:46:63:ff:3a:ed:18:
                    39:35:83:e1:46:67:0f:63:e5:b4:8d:fe:d2:17:57:
                    29:fd:4b:99:0f:56:c6:0e:7a:6c:cb:81:62:42:92:
                    4f:e1:5a:07:34:19:f7:9f:61:16:b9:3d:25:9c:f7:
                    db:70:0f:ba:ac:6a:cb:b5:7c:56:ad:06:33:f4:7b:
                    de:3c:0f:45:df:46:a0:94:bc:4c:8b:3f:c9:8f:6e:
                    9a:15:ff:b8:34:f0:4b:64:f1:ec:62:3b:2b:8d:43:
                    52:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:6B:DB:62:40:79:26:54:9A:2D:6B:9C:0B:E5:F4:07:88:19:6D:18
            X509v3 Authority Key Identifier:
                keyid:11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:57:04:1b:fe:44:29:cf:19:3b:8d:82:f8:c3:9e:de:b9:2a:
         b4:3f:18:6b:4e:8c:60:eb:0d:36:91:40:0e:1f:68:4d:38:4a:
         57:9c:f1:e4:d1:e1:6b:1f:fd:6c:db:52:26:e2:4e:ca:cd:72:
         df:c6:b1:23:8c:f7:54:48:e4:fc:ef:0f:0b:bb:de:32:1e:6c:
         63:cb:cd:33:b4:36:71:53:25:0f:a4:2e:8b:d2:06:80:5d:3f:
         62:3d:b1:e3:71:04:6b:87:ef:2f:ff:7f:e4:de:17:1f:72:16:
         9c:2f:08:72:75:12:c6:d8:9a:e7:9a:df:f4:23:43:4a:72:d4:
         22:eb:ae:9f:01:a4:84:3f:f3:e5:ff:07:de:1a:eb:fa:17:9b:
         a4:d1:82:28:6b:d2:03:82:de:4b:8d:1e:ce:02:d6:e1:8b:06:
         ef:4e:1f:6c:64:3e:d4:28:90:a6:f2:93:6c:a9:90:85:5d:27:
         15:cd:73:c5:cc:07:17:3b:09:57:71:42:84:9b:37:e3:86:ea:
         71:eb:eb:c7:c5:2d:2d:e3:83:79:2e:43:72:a3:56:dc:c0:7d:
         62:5b:ba:22:2d:78:9f:47:06:a9:35:86:36:de:dd:40:51:76:
         9f:1a:53:9b:63:d8:00:a3:ac:88:2d:69:00:be:96:c7:1a:c9:
         97:d8:42:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3JJPlTd6BT5bxjLFyd78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjVjOTBiZTZhNWM1N2FjMTYyYjU1ODEzY2ZjNzY2NmVm
MDgzNWEwHhcNMjUwNDIxMDEwMDQwWhcNMjUwNDIyMDEwMDQwWjAzMTEwLwYDVQQD
EygwZTZiZGI2MjQwNzkyNjU0OWEyZDZiOWMwYmU1ZjQwNzg4MTk2ZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDct44Oxn7HHcSARMgFF9eOlx5Ye
zlKnAZNwdQwjqytJBs2W26czuAF9yY0dbrts4VqztzMlZX1m7I4flP83rGIxGQ/T
k4cHzD4W+37W2Jb6t+pB5RpfrB1tnelIKHzCcLKlj+OEu+WCXRRlnPJlamS2J7tA
SuRUHrLpV/geOPNmJsmMU6IZcWd1cxhr8Ls+6TB7f/UBwb1SDZA1Y9ZGY/867Rg5
NYPhRmcPY+W0jf7SF1cp/UuZD1bGDnpsy4FiQpJP4VoHNBn3n2EWuT0lnPfbcA+6
rGrLtXxWrQYz9HvePA9F30aglLxMiz/Jj26aFf+4NPBLZPHsYjsrjUNSgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5r22JAeSZUmi1rnAvl9AeIGW0YMB8GA1UdIwQY
MBaAFBElyQvmpcV6wWK1WBPPx2Zu8INaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAt
ZWNlZWViOTdhN2QxLzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAtZWNlZWViOTdhN2Qx
LzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZVcEG/5E
Kc8ZO42C+MOe3rkqtD8Ya06MYOsNNpFADh9oTThKV5zx5NHhax/9bNtSJuJOys1y
38axI4z3VEjk/O8PC7veMh5sY8vNM7Q2cVMlD6Qui9IGgF0/Yj2x43EEa4fvL/9/
5N4XH3IWnC8IcnUSxtia55rf9CNDSnLUIuuunwGkhD/z5f8H3hrr+hebpNGCKGvS
A4LeS40ezgLW4YsG704fbGQ+1CiQpvKTbKmQhV0nFc1zxcwHFzsJV3FChJs344bq
cevrx8UtLeODeS5DcqNW3MB9Ylu6Ii14n0cGqTWGNt7dQFF2nxpTm2PYAKOsiC1p
AL6WxxrJl9hCFA==
-----END CERTIFICATE-----