Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
File:                     ESXJC-alxXrBYrVYE8_HZm7wg1o.mft (raw, json)
Hash identifier:          9ju2Dq6RyuCBrzajxVVpynyVkgNjBCzob7lMyTRMnww=
Subject key identifier:   05:DC:85:A3:C4:54:E1:CB:9D:B9:84:17:1C:CC:98:26:5B:0D:D9:3B
Authority key identifier: 11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A
Certificate issuer:       /CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
Certificate serial:       019A72261EA04EA8EE338E0EA0A41ECD29FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
Manifest number:          0537
Signing time:             Tue 11 Nov 2025 09:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:32 +0000
Files and hashes:         1: ESXJC-alxXrBYrVYE8_HZm7wg1o.crl (hash: 303iREyPePv018hVYYyhbM9vwgzZejey/dJ8EICt5AE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:1e:a0:4e:a8:ee:33:8e:0e:a0:a4:1e:cd:29:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1125c90be6a5c57ac162b55813cfc7666ef0835a
        Validity
            Not Before: Nov 11 09:01:32 2025 GMT
            Not After : Nov 12 09:01:32 2025 GMT
        Subject: CN=05dc85a3c454e1cb9db984171ccc98265b0dd93b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9a:bf:9f:6f:27:cf:2f:f6:51:1a:be:e6:06:
                    2a:df:e6:6e:b1:6c:bd:92:19:f5:f6:ff:44:22:8a:
                    bb:ca:f1:8a:d9:96:9e:5e:4a:43:a0:97:9f:3a:96:
                    43:8f:2d:51:a5:e8:b4:d3:74:cc:a0:a8:f2:8c:41:
                    08:e0:08:26:ec:5c:16:fb:c5:01:41:42:a6:ee:b7:
                    50:0d:c6:62:d1:e1:84:2a:21:ab:f0:39:ab:17:d7:
                    7b:72:4d:a2:d0:6a:d3:58:7e:31:6d:08:19:70:1a:
                    3c:10:93:56:ea:69:a3:58:90:ec:bc:e0:bd:22:dd:
                    c7:a2:f3:a0:c3:fa:37:68:83:ac:9a:36:4e:f6:91:
                    c8:a5:b6:a1:58:2d:3b:95:6f:02:65:ae:95:b5:50:
                    f5:0d:68:c8:c9:b7:51:b9:5c:ee:c1:20:6a:be:19:
                    cf:9f:88:8d:12:84:62:72:4e:ce:c8:4b:b5:bd:5d:
                    4f:f5:ca:95:e0:91:3b:00:13:4c:09:00:28:50:d2:
                    69:64:54:1d:07:1f:fc:2a:05:5f:d5:ab:5a:70:8d:
                    67:20:44:45:0e:a1:1b:cf:6c:25:cc:eb:d3:ad:be:
                    51:f6:58:6f:62:33:60:f4:de:6f:9d:f2:9c:9f:a7:
                    a1:3e:54:c4:d8:ba:03:30:ea:a5:26:dc:f3:a2:84:
                    d3:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:DC:85:A3:C4:54:E1:CB:9D:B9:84:17:1C:CC:98:26:5B:0D:D9:3B
            X509v3 Authority Key Identifier:
                keyid:11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:59:e6:5a:87:50:b8:e4:97:10:7c:1c:59:50:3d:2c:e5:05:
         3f:e3:5b:46:f4:f2:64:57:0c:ab:a8:07:19:67:bd:e5:9c:07:
         47:f4:e7:34:e4:2a:15:5f:fe:52:8e:94:ce:e4:cf:a3:55:5e:
         ee:bd:8e:60:7f:62:f9:45:28:2e:8a:d6:89:6a:0b:df:14:f5:
         77:a8:06:10:ae:fc:6f:c8:54:8a:c6:81:54:80:5a:dd:1e:30:
         21:49:62:3c:ba:e0:4f:c6:82:74:57:fb:d4:5e:96:9d:5e:42:
         f4:69:6e:f8:64:21:77:49:a4:8d:de:bb:61:bc:c5:ac:ca:99:
         0c:e8:ed:4f:cd:3e:5d:27:bd:b7:d8:47:48:e7:22:40:8c:fb:
         6c:1c:cd:b3:5a:e4:06:29:30:60:5b:93:ca:a2:19:b4:4a:7b:
         2d:3d:6b:cb:07:21:d0:7c:56:68:62:c9:ee:5c:56:a2:18:92:
         5f:11:2b:62:9b:bd:9f:77:27:13:76:e3:06:79:29:55:dd:f0:
         ab:a9:45:f3:fb:e6:84:8a:20:47:0d:ad:e4:8a:0b:5d:64:ae:
         e7:55:ea:95:6d:48:ea:74:57:74:21:cf:58:f4:58:4c:c0:49:
         a1:cf:76:9a:2a:cd:4a:50:51:f1:88:87:8e:1a:b5:10:1f:73:
         03:f9:33:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJh6gTqjuM44OoKQezSn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjVjOTBiZTZhNWM1N2FjMTYyYjU1ODEzY2ZjNzY2NmVm
MDgzNWEwHhcNMjUxMTExMDkwMTMyWhcNMjUxMTEyMDkwMTMyWjAzMTEwLwYDVQQD
EygwNWRjODVhM2M0NTRlMWNiOWRiOTg0MTcxY2NjOTgyNjViMGRkOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpq/n28nzy/2URq+5gYq3+ZusWy9
khn19v9EIoq7yvGK2ZaeXkpDoJefOpZDjy1Rpei003TMoKjyjEEI4Agm7FwW+8UB
QUKm7rdQDcZi0eGEKiGr8DmrF9d7ck2i0GrTWH4xbQgZcBo8EJNW6mmjWJDsvOC9
It3HovOgw/o3aIOsmjZO9pHIpbahWC07lW8CZa6VtVD1DWjIybdRuVzuwSBqvhnP
n4iNEoRick7OyEu1vV1P9cqV4JE7ABNMCQAoUNJpZFQdBx/8KgVf1atacI1nIERF
DqEbz2wlzOvTrb5R9lhvYjNg9N5vnfKcn6ehPlTE2LoDMOqlJtzzooTTsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXchaPEVOHLnbmEFxzMmCZbDdk7MB8GA1UdIwQY
MBaAFBElyQvmpcV6wWK1WBPPx2Zu8INaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAt
ZWNlZWViOTdhN2QxLzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAtZWNlZWViOTdhN2Qx
LzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATFnmWodQ
uOSXEHwcWVA9LOUFP+NbRvTyZFcMq6gHGWe95ZwHR/TnNOQqFV/+Uo6UzuTPo1Ve
7r2OYH9i+UUoLorWiWoL3xT1d6gGEK78b8hUisaBVIBa3R4wIUliPLrgT8aCdFf7
1F6WnV5C9Glu+GQhd0mkjd67YbzFrMqZDOjtT80+XSe9t9hHSOciQIz7bBzNs1rk
BikwYFuTyqIZtEp7LT1rywch0HxWaGLJ7lxWohiSXxErYpu9n3cnE3bjBnkpVd3w
q6lF8/vmhIogRw2t5IoLXWSu51XqlW1I6nRXdCHPWPRYTMBJoc92mirNSlBR8YiH
jhq1EB9zA/kzUQ==
-----END CERTIFICATE-----