Route Origin Authorization

$ rpki-client -vvf rpki.xindi.eu/repo/XINDI/0/39312e3230382e3137392e302f32342d3234203d3e203438313132.roa
File:                     39312e3230382e3137392e302f32342d3234203d3e203438313132.roa (raw, json)
Hash identifier:          ojAAmfuxtQe6nF93so9azmXv3WMBq1HoFI2KJLkERb4=
Subject key identifier:   AD:85:8F:B9:B1:57:35:94:AE:F8:5D:C4:24:4E:A0:E0:A3:B8:12:24
Certificate issuer:       /CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
Certificate serial:       7B4C3C63BBC5CD56B5AD616FECF9FAAEFAC646CD
Authority key identifier: 60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
Subject info access:      rsync://rpki.xindi.eu/repo/XINDI/0/39312e3230382e3137392e302f32342d3234203d3e203438313132.roa
Signing time:             Thu 11 Jun 2026 07:23:57 +0000
ROA not before:           Thu 11 Jun 2026 07:18:57 +0000
ROA not after:            Thu 10 Jun 2027 07:23:57 +0000
asID:                     48112
IP address blocks:        91.208.179.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl
                          rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 21:39:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:4c:3c:63:bb:c5:cd:56:b5:ad:61:6f:ec:f9:fa:ae:fa:c6:46:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
        Validity
            Not Before: Jun 11 07:18:57 2026 GMT
            Not After : Jun 10 07:23:57 2027 GMT
        Subject: CN=AD858FB9B1573594AEF85DC4244EA0E0A3B81224
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:6e:54:47:e6:eb:d8:e0:88:39:3e:98:34:3f:
                    31:b4:17:ab:0c:56:78:50:4c:f7:07:66:f7:32:aa:
                    0c:c2:f3:84:e2:f6:95:e6:c1:0b:11:e4:1b:12:fa:
                    cc:d7:78:24:cd:cb:8f:00:bd:93:20:ee:22:6b:3f:
                    56:ff:c6:ff:3a:81:68:ef:e9:06:2a:f6:1e:ff:f9:
                    1e:3d:b5:5f:97:93:dc:61:53:4a:0e:0a:1e:32:28:
                    33:39:19:00:04:56:52:b6:2d:b4:bf:95:17:10:06:
                    53:51:a6:53:99:1b:83:7c:32:9d:66:d6:e4:2e:01:
                    5e:f9:cf:49:40:a4:9b:35:6f:40:3b:e4:6c:64:78:
                    fe:1d:1c:97:d8:30:26:50:cc:cc:49:f4:14:18:dc:
                    23:8a:65:54:a8:ab:ac:d1:3d:56:42:f2:f4:41:66:
                    a2:f0:b3:bc:12:9f:1e:4c:62:bc:b9:fc:6c:c9:4f:
                    92:3b:a0:bc:0d:a8:60:49:ca:b5:5c:72:52:c7:14:
                    b0:43:e3:55:b2:f2:88:19:36:c9:7d:90:b5:2b:37:
                    a3:fd:4d:2b:1c:0b:a3:8e:e3:36:9b:08:9a:3e:f9:
                    78:02:2d:c2:82:94:6e:d9:76:41:3a:e8:94:bb:4c:
                    e1:2a:a3:b5:43:32:3b:d3:c8:0e:36:16:12:1f:46:
                    77:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:85:8F:B9:B1:57:35:94:AE:F8:5D:C4:24:4E:A0:E0:A3:B8:12:24
            X509v3 Authority Key Identifier:
                keyid:60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.xindi.eu/repo/XINDI/0/39312e3230382e3137392e302f32342d3234203d3e203438313132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:26:c6:54:73:7f:4b:2c:dc:fb:68:b6:46:0c:e6:dd:d6:54:
         cb:29:6d:98:d3:51:42:8b:0f:f0:4f:e8:92:c6:63:d7:5c:9d:
         23:be:50:ab:77:a1:06:6a:8e:d0:e7:68:da:ec:06:2e:11:ae:
         ac:53:62:10:15:50:fe:56:ba:b1:e5:ac:17:df:3f:cf:fc:65:
         5e:70:b9:89:69:e1:03:37:2b:ef:42:e3:19:22:57:c4:0b:14:
         0b:d2:3d:8b:88:b7:1d:6a:93:9e:71:8d:25:c4:1a:56:78:f4:
         0a:8f:f6:31:21:5f:fd:b9:5d:30:4f:34:fd:df:92:6c:5c:e3:
         ed:1e:10:2a:ea:2f:e3:1a:85:6a:25:4b:9a:8e:0a:57:4e:24:
         19:95:c6:92:aa:da:8b:ff:20:06:d7:3f:0e:bb:9c:79:fb:4f:
         f8:fa:a8:38:d9:ae:d7:5b:24:c4:01:1e:ce:14:2a:d7:10:ea:
         c9:3b:53:50:96:96:c9:e6:a6:b9:13:5f:1d:43:37:66:9b:3c:
         f8:a9:d2:9f:89:db:f4:14:a2:01:37:fd:b8:da:40:e2:1d:7d:
         67:02:9b:43:d2:0e:cd:4b:eb:7f:96:f1:70:61:0e:fd:36:f2:
         b1:7c:cf:7f:76:3f:63:b1:a2:13:3d:62:7a:7a:66:c0:7b:5b:
         07:f8:4a:70
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUe0w8Y7vFzVa1rWFv7Pn6rvrGRs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjAxODMyODdlYjA4ZWNlMGM2NWZhNDlhM2Y0NTYyMWM2
MTJkZGJkMTAeFw0yNjA2MTEwNzE4NTdaFw0yNzA2MTAwNzIzNTdaMDMxMTAvBgNV
BAMTKEFEODU4RkI5QjE1NzM1OTRBRUY4NURDNDI0NEVBMEUwQTNCODEyMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJblRH5uvY4Ig5Ppg0PzG0F6sM
VnhQTPcHZvcyqgzC84Ti9pXmwQsR5BsS+szXeCTNy48AvZMg7iJrP1b/xv86gWjv
6QYq9h7/+R49tV+Xk9xhU0oOCh4yKDM5GQAEVlK2LbS/lRcQBlNRplOZG4N8Mp1m
1uQuAV75z0lApJs1b0A75GxkeP4dHJfYMCZQzMxJ9BQY3COKZVSoq6zRPVZC8vRB
ZqLws7wSnx5MYry5/GzJT5I7oLwNqGBJyrVcclLHFLBD41Wy8ogZNsl9kLUrN6P9
TSscC6OO4zabCJo++XgCLcKClG7ZdkE66JS7TOEqo7VDMjvTyA42FhIfRnf9AgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUrYWPubFXNZSu+F3EJE6g4KO4EiQwHwYDVR0j
BBgwFoAUYBgyh+sI7ODGX6SaP0ViHGEt29EwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraS54aW5kaS5ldS9yZXBvL1hJTkRJLzAv
NjAxODMyODdFQjA4RUNFMEM2NUZBNDlBM0Y0NTYyMUM2MTJEREJEMS5jcmwwZAYI
KwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL1lCZ3loLXNJN09ER1g2U2FQMFZpSEdFdDI5RS5j
ZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jwa2kueGlu
ZGkuZXUvcmVwby9YSU5ESS8wLzM5MzEyZTMyMzAzODJlMzEzNzM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzODMxMzEzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQszANBgkqhkiG
9w0BAQsFAAOCAQEAAybGVHN/Syzc+2i2Rgzm3dZUyyltmNNRQosP8E/oksZj11yd
I75Qq3ehBmqO0Odo2uwGLhGurFNiEBVQ/la6seWsF98/z/xlXnC5iWnhAzcr70Lj
GSJXxAsUC9I9i4i3HWqTnnGNJcQaVnj0Co/2MSFf/bldME80/d+SbFzj7R4QKuov
4xqFaiVLmo4KV04kGZXGkqrai/8gBtc/DruceftP+PqoONmu11skxAEezhQq1xDq
yTtTUJaWyeamuRNfHUM3Zps8+KnSn4nb9BSiATf9uNpA4h19ZwKbQ9IOzUvrf5bx
cGEO/TbysXzPf3Y/Y7GiEz1ienpmwHtbB/hKcA==
-----END CERTIFICATE-----