Route Origin Authorization

$ rpki-client -vvf rpki.xindi.eu/repo/XINDI/0/39312e3230372e3132302e302f32342d3234203d3e203537393834.roa
File:                     39312e3230372e3132302e302f32342d3234203d3e203537393834.roa (raw, json)
Hash identifier:          Uq8GSD7IilZyH2F05rz0oy+vKzA4COlzHVeJUkazLmE=
Subject key identifier:   84:DC:95:48:34:FB:A3:28:46:D2:9A:F5:78:B4:AD:0B:46:64:AA:3F
Certificate issuer:       /CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
Certificate serial:       175EEBEBB1AA6DE63E4C278E1D572BE22CBC3DF8
Authority key identifier: 60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
Subject info access:      rsync://rpki.xindi.eu/repo/XINDI/0/39312e3230372e3132302e302f32342d3234203d3e203537393834.roa
Signing time:             Wed 30 Jul 2025 12:37:48 +0000
ROA not before:           Wed 30 Jul 2025 12:32:48 +0000
ROA not after:            Wed 29 Jul 2026 12:37:48 +0000
asID:                     57984
IP address blocks:        91.207.120.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl
                          rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 31 Jul 2025 12:59:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:5e:eb:eb:b1:aa:6d:e6:3e:4c:27:8e:1d:57:2b:e2:2c:bc:3d:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
        Validity
            Not Before: Jul 30 12:32:48 2025 GMT
            Not After : Jul 29 12:37:48 2026 GMT
        Subject: CN=84DC954834FBA32846D29AF578B4AD0B4664AA3F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:a5:43:05:f1:b7:76:0d:18:db:67:73:53:c8:
                    6b:64:dd:54:1f:b1:b7:00:2e:7d:ee:d4:cc:2f:23:
                    03:5f:6f:64:2b:c9:c1:ab:a3:b7:b4:e5:d6:d8:16:
                    2a:50:ae:35:4a:83:38:ee:82:d2:3a:b8:5e:33:b4:
                    06:53:55:30:4a:58:cf:12:ef:66:a0:08:fb:6b:12:
                    7e:72:a3:f7:2f:a1:dc:28:32:88:79:75:4f:a5:5c:
                    ea:cb:ef:59:3e:b9:01:e6:53:ef:f9:74:98:21:65:
                    59:4c:31:cc:f9:57:23:f2:36:ed:fa:82:eb:12:e5:
                    19:f9:55:fc:c0:ab:01:cb:03:db:8a:8c:9b:93:83:
                    0a:a5:5d:18:0d:b0:98:03:ce:2e:f1:a3:18:ee:9a:
                    71:62:73:67:47:da:50:f9:00:34:ae:2d:4b:8b:f7:
                    0e:8a:44:48:ae:71:a3:78:ee:d3:fc:f9:b4:aa:61:
                    f8:da:69:ff:c5:e5:42:1a:29:47:db:1d:46:ca:2d:
                    af:12:c7:4c:50:9d:f0:c6:e4:83:33:c0:81:e2:f2:
                    06:de:08:33:75:d9:90:5b:a3:13:c0:0b:aa:a7:0f:
                    0b:f5:91:04:37:1a:5e:df:64:9d:9c:d7:07:27:cb:
                    8e:ab:87:b1:b0:94:3e:b3:d5:37:23:9e:d8:13:e3:
                    a4:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:DC:95:48:34:FB:A3:28:46:D2:9A:F5:78:B4:AD:0B:46:64:AA:3F
            X509v3 Authority Key Identifier:
                keyid:60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.xindi.eu/repo/XINDI/0/39312e3230372e3132302e302f32342d3234203d3e203537393834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.207.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:d8:aa:0a:58:af:26:5d:ff:10:c4:62:b5:e9:92:3b:32:e4:
         9d:d0:42:b2:74:3c:f8:52:20:1e:c4:78:07:62:65:b5:15:70:
         69:45:95:0d:5e:7d:1a:93:00:4a:94:0a:97:24:be:3e:6f:e4:
         25:75:6c:ec:15:45:89:33:c0:8e:39:3f:cd:4b:f3:a2:06:6b:
         84:df:cd:a5:18:b1:db:c8:49:48:fd:0b:87:0a:35:63:3b:9d:
         96:ba:aa:a1:ac:cd:66:d9:8c:eb:e1:c1:65:38:e2:c6:c8:1c:
         cb:2d:a2:90:d7:a4:03:c8:26:a5:1c:26:53:c3:02:1b:f6:23:
         c8:51:b9:ec:81:86:f2:34:7f:21:4f:fa:34:9e:2b:79:ab:67:
         27:d2:0b:6c:59:46:58:45:79:3b:94:83:fa:f7:5e:c3:18:13:
         65:53:fc:53:52:d1:10:82:70:d2:e0:1d:02:2f:ea:40:33:50:
         f3:db:60:83:68:84:e9:02:8d:c3:7a:ea:25:13:9c:68:0d:73:
         93:7e:97:54:74:82:83:68:a6:b6:37:57:c3:b5:3e:fb:bc:52:
         16:c4:82:11:05:75:bf:c2:f7:0d:f2:40:93:93:d5:12:5f:05:
         06:10:bd:9e:9c:e7:e6:5b:99:4b:4f:8c:40:2a:13:9a:5a:6c:
         7a:4a:86:23
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUF17r67GqbeY+TCeOHVcr4iy8PfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjAxODMyODdlYjA4ZWNlMGM2NWZhNDlhM2Y0NTYyMWM2
MTJkZGJkMTAeFw0yNTA3MzAxMjMyNDhaFw0yNjA3MjkxMjM3NDhaMDMxMTAvBgNV
BAMTKDg0REM5NTQ4MzRGQkEzMjg0NkQyOUFGNTc4QjRBRDBCNDY2NEFBM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmpUMF8bd2DRjbZ3NTyGtk3VQf
sbcALn3u1MwvIwNfb2QrycGro7e05dbYFipQrjVKgzjugtI6uF4ztAZTVTBKWM8S
72agCPtrEn5yo/cvodwoMoh5dU+lXOrL71k+uQHmU+/5dJghZVlMMcz5VyPyNu36
gusS5Rn5VfzAqwHLA9uKjJuTgwqlXRgNsJgDzi7xoxjumnFic2dH2lD5ADSuLUuL
9w6KREiucaN47tP8+bSqYfjaaf/F5UIaKUfbHUbKLa8Sx0xQnfDG5IMzwIHi8gbe
CDN12ZBboxPAC6qnDwv1kQQ3Gl7fZJ2c1wcny46rh7GwlD6z1TcjntgT46QvAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUhNyVSDT7oyhG0pr1eLStC0Zkqj8wHwYDVR0j
BBgwFoAUYBgyh+sI7ODGX6SaP0ViHGEt29EwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraS54aW5kaS5ldS9yZXBvL1hJTkRJLzAv
NjAxODMyODdFQjA4RUNFMEM2NUZBNDlBM0Y0NTYyMUM2MTJEREJEMS5jcmwwZAYI
KwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL1lCZ3loLXNJN09ER1g2U2FQMFZpSEdFdDI5RS5j
ZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jwa2kueGlu
ZGkuZXUvcmVwby9YSU5ESS8wLzM5MzEyZTMyMzAzNzJlMzEzMjMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzNzM5MzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvPeDANBgkqhkiG
9w0BAQsFAAOCAQEAbdiqClivJl3/EMRitemSOzLkndBCsnQ8+FIgHsR4B2JltRVw
aUWVDV59GpMASpQKlyS+Pm/kJXVs7BVFiTPAjjk/zUvzogZrhN/NpRix28hJSP0L
hwo1YzudlrqqoazNZtmM6+HBZTjixsgcyy2ikNekA8gmpRwmU8MCG/YjyFG57IGG
8jR/IU/6NJ4reatnJ9ILbFlGWEV5O5SD+vdewxgTZVP8U1LREIJw0uAdAi/qQDNQ
89tgg2iE6QKNw3rqJROcaA1zk36XVHSCg2imtjdXw7U++7xSFsSCEQV1v8L3DfJA
k5PVEl8FBhC9npzn5luZS0+MQCoTmlpsekqGIw==
-----END CERTIFICATE-----
Generated at Wed Jul 30 17:43:33 2025 by rpki-client