randy/draft-9092update
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

new example from russ and job, -03 published

Browse source
This commit is contained in:
Randy Bush 2023-09-20 12:38:10 -07:00
parent 00e77361f5
commit b13d97fdc9
1 changed files with 232 additions and 241 deletions
Download patch file Download diff file Expand all files Collapse all files

473
draft-ietf-opsawg-9092-update.xml
View file

@ -941,17 +941,17 @@
<section title="Example" anchor="example"> <section title="Example" anchor="example">
<t> <t>
This appendix provides an example, including a trust anchor, a This appendix provides an example, including a trust anchor, a
CRL signed by the trust anchor, a CA certificate subordinate to CRL signed by the trust anchor, a CA certificate subordinate to
the trust anchor, a CRL signed by the CA, an end-entity the trust anchor, a CRL signed by the CA, an end-entity
certificate subordinate to the CA for signing the geofeed, and a certificate subordinate to the CA for signing the geofeed, and a
detached signature.</t> detached signature.</t>
<t> <t>
The trust anchor is represented by a self-signed certificate. As The trust anchor is represented by a self-signed certificate. As
usual in the RPKI, the trust anchor has authority over all IPv4 usual in the RPKI, the trust anchor has authority over all IPv4
address blocks, all IPv6 address blocks, and all AS numbers.</t> address blocks, all IPv6 address blocks, and all AS numbers.</t>
<figure><artwork><![CDATA[ <figure><artwork><![CDATA[
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
@ -984,18 +984,18 @@ x8CyiVxjcVc5e0AmS1rJfL6LIfwmtive/N/eBtIM92HkBA==
<t> <t>
The CRL issued by the trust anchor.</t> The CRL issued by the trust anchor.</t>
<figure><artwork><![CDATA[ <figure><artwork><![CDATA[
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBUxEzARBgNVBAMTCmV4YW1wbGUtdGEX MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBUxEzARBgNVBAMTCmV4YW1wbGUtdGEX
DTIzMDkyMDE4MDkxMVoXDTIzMTAyMDE4MDkxMVqgLzAtMB8GA1UdIwQYMBaAFMC9 DTIzMDkyMDE4MDkxMVoXDTIzMTAyMDE4MDkxMVqgLzAtMB8GA1UdIwQYMBaAFMC9
Ul2+0niyFuyzo0OV0gYLmQgyMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IB Ul2+0niyFuyzo0OV0gYLmQgyMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IB
AQALdNwYgIPHVauhT9yGV2Oj28aj6yI8X/xQz53Gh7zqz4AfKSA3rmFUiQiPnLiA AQALdNwYgIPHVauhT9yGV2Oj28aj6yI8X/xQz53Gh7zqz4AfKSA3rmFUiQiPnLiA
oO+oI83tzoTwxwVRdGpzc8ZhZ5yCwAQYZdiGteagLFi1zghWbRNWH/m7q/ypw1xd oO+oI83tzoTwxwVRdGpzc8ZhZ5yCwAQYZdiGteagLFi1zghWbRNWH/m7q/ypw1xd
GZs3ow6b29OMr9ue/5s++bWMQ6oHh24cVB5S9kX3v7N0OeE0/SGcKtaeT+WE5SWC GZs3ow6b29OMr9ue/5s++bWMQ6oHh24cVB5S9kX3v7N0OeE0/SGcKtaeT+WE5SWC
hudIB52s5NPcKu1SEnn/D8JLGoadxatmFEGMfRX2Wo9dcntcyCr/MPl6ZhvM9tsF hudIB52s5NPcKu1SEnn/D8JLGoadxatmFEGMfRX2Wo9dcntcyCr/MPl6ZhvM9tsF
Oxoom7RRnAfz+AWwptYrCkvKFdk974UCe9Bq2Bq3xuhrLs1kT6+yy0U9y7hyJYK/ Oxoom7RRnAfz+AWwptYrCkvKFdk974UCe9Bq2Bq3xuhrLs1kT6+yy0U9y7hyJYK/
Dq9IJ9RuBsQagykwbwLbzlTr Dq9IJ9RuBsQagykwbwLbzlTr
-----END X509 CRL----- -----END X509 CRL-----
]]></artwork></figure> ]]></artwork></figure>
<t> <t>
@ -1005,17 +1005,17 @@ Dq9IJ9RuBsQagykwbwLbzlTr
<figure><artwork><![CDATA[ <figure><artwork><![CDATA[
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIUcyCzS10hdfG65kbRq7toQAvRDLUwDQYJKoZIhvcNAQEL MIIFCjCCA/KgAwIBAgIUcyCzS10hdfG65kbRq7toQAvRDLYwDQYJKoZIhvcNAQEL
BQAwFTETMBEGA1UEAxMKZXhhbXBsZS10YTAeFw0yMzA5MTYyMTAzMjhaFw0yNDA5 BQAwFTETMBEGA1UEAxMKZXhhbXBsZS10YTAeFw0yMzA5MjAxNjQ5MjhaFw0yNDA5
MTUyMTAzMjhaMDMxMTAvBgNVBAMTKDNBQ0UyQ0VGNEZCMjFCN0QxMUUzRTE4NEVG MTkxNjQ5MjhaMDMxMTAvBgNVBAMTKDNBQ0UyQ0VGNEZCMjFCN0QxMUUzRTE4NEVG
QzFFMjk3QjM3Nzg2NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc QzFFMjk3QjM3Nzg2NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc
zz1qwTxC2ocw5rqp8ktm2XyYkl8riBVuqlXwfefTxsR2YFpgz9vkYUd5Az9EVEG7 zz1qwTxC2ocw5rqp8ktm2XyYkl8riBVuqlXwfefTxsR2YFpgz9vkYUd5Az9EVEG7
6wGIyZbtmhK63eEeaqbKz2GHub467498BXeVrYysO+YuIGgCEYKznNDZ4j5aaDbo 6wGIyZbtmhK63eEeaqbKz2GHub467498BXeVrYysO+YuIGgCEYKznNDZ4j5aaDbo
j5+4/z0Qvv6HEsxQd0f8br6lKJwgeRM6+fm7796HNPB0aqD7Zj9NRCLXjbB0DCgJ j5+4/z0Qvv6HEsxQd0f8br6lKJwgeRM6+fm7796HNPB0aqD7Zj9NRCLXjbB0DCgJ
liH6rXMKR86ofgll9V2mRjesvhdKYgkGbOif9rvxVpLJ/6zdru5CE9yeuJZ59l+n liH6rXMKR86ofgll9V2mRjesvhdKYgkGbOif9rvxVpLJ/6zdru5CE9yeuJZ59l+n
YH/r6PzdJ4Q7yKrJX8qD6A60j4+biaU4MQ72KpsjhQNTTqF/HRwi0N54GDaknEwE YH/r6PzdJ4Q7yKrJX8qD6A60j4+biaU4MQ72KpsjhQNTTqF/HRwi0N54GDaknEwE
TnJQHgLJDYqww9yKWtjjAgMBAAGjggIvMIICKzAdBgNVHQ4EFgQUOs4s70+yG30R TnJQHgLJDYqww9yKWtjjAgMBAAGjggIyMIICLjAdBgNVHQ4EFgQUOs4s70+yG30R
4+GE78Hil7N3hkIwHwYDVR0jBBgwFoAU3hNEuwvUGNCHY1TBatcUR03pNdYwDwYD 4+GE78Hil7N3hkIwHwYDVR0jBBgwFoAUwL1SXb7SeLIW7LOjQ5XSBguZCDIwDwYD
VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwGAYDVR0gAQH/BA4wDDAKBggr VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjBhBgNVHR8EWjBYMFagVKBShlByc3luYzovL3Jwa2kuZXhhbXBsZS5u BgEFBQcOAjBhBgNVHR8EWjBYMFagVKBShlByc3luYzovL3Jwa2kuZXhhbXBsZS5u
ZXQvcmVwb3NpdG9yeS8zQUNFMkNFRjRGQjIxQjdEMTFFM0UxODRFRkMxRTI5N0Iz ZXQvcmVwb3NpdG9yeS8zQUNFMkNFRjRGQjIxQjdEMTFFM0UxODRFRkMxRTI5N0Iz
@ -1025,13 +1025,13 @@ BgEFBQcBCwSBrDCBqTA+BggrBgEFBQcwCoYycnN5bmM6Ly9ycGtpLmV4YW1wbGUu
bmV0L3JlcG9zaXRvcnkvZXhhbXBsZS1jYS5tZnQwNQYIKwYBBQUHMA2GKWh0dHBz bmV0L3JlcG9zaXRvcnkvZXhhbXBsZS1jYS5tZnQwNQYIKwYBBQUHMA2GKWh0dHBz
Oi8vcnJkcC5leGFtcGxlLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBzAF Oi8vcnJkcC5leGFtcGxlLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBzAF
hiRyc3luYzovL3Jwa2kuZXhhbXBsZS5uZXQvcmVwb3NpdG9yeS8wHwYIKwYBBQUH hiRyc3luYzovL3Jwa2kuZXhhbXBsZS5uZXQvcmVwb3NpdG9yeS8wHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBADAAAIwHgYIKwYBBQUHAQgEEjAQoA4wDDAKAgMA AQcBAf8EEDAOMAwEAgABMAYDBADAAAIwIQYIKwYBBQUHAQgBAf8EEjAQoA4wDDAK
+/ACAwD78TANBgkqhkiG9w0BAQsFAAOCAQEAkWoRJBJRgIMRkTUgPDG/rqcd/fz+ AgMA+/ACAwD78TANBgkqhkiG9w0BAQsFAAOCAQEAGgn+1s4Vbp5CIPVtDG+gSjgU
eN8L3Yme1hNJuAnkf6S3pr5GT1NG9hVTphLFPI4jPSoPZSEQtZ6gsswU3KacnS2A kUCnUdFK8kE6cHtcwo/RGah2QBEhtUXk7U19OvEjvsGbXKhhVfGkvJV6/rxXxnTF
VtgHYfZA9gfRHhURuiWvFNSp+d7A2MeBmmRyBOD3a5v4f+wNoXPgPhUTZUsXh2Q4 M+D+//Ef5Lvsxbxc85UDmhT5YDaDkuS9ClSEedZsN9/4bNzOve/JYB0Xj8GnLFH8
q7WFgiQp6P8vdIXjZDKFB7Xtu7Fl1S5RVowV68DexjVfmaPTPZjetHaAqpz6C4/E OJo38poa5o2veqcmuwNtsAa/hAKRgDAWGD/gMsNZd83zVBgvIVasYDYXyapClD/x
s4NArJzIL+8sqmIeuWUD11WXQ3wsC0IWuPMi6XOJQnPQQFtMPr79cftsw+Ynr/vc e3YCyWDJBJoJkFCoRB+Fb8lMAUFYx988S+BZGWA4VKGMUtPvdCtDwQak6c4PTziH
F+WPd2Mdaby93ASOE2MyXdaaOf8Av3wIpMvhMuAuM03V/mPVksqxUbfOLw== /10Tc9Jxst1F0nCdmfFyMWRHNw3e5y8pmEc3WwzihGhuuOvdLzVdoEMRSwQ+/g==
-----END CERTIFICATE----- -----END CERTIFICATE-----
]]></artwork></figure> ]]></artwork></figure>
@ -1062,9 +1062,9 @@ XQ==
<figure><artwork><![CDATA[ <figure><artwork><![CDATA[
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIEZDCCA0ygAwIBAgIUJ605QIPX8rW5m4Zwx3WyuW7hZuwwDQYJKoZIhvcNAQEL MIIEVjCCAz6gAwIBAgIUJ605QIPX8rW5m4Zwx3WyuW7hZu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0FDRTJDRUY0RkIyMUI3RDExRTNFMTg0RUZDMUUyOTdC BQAwMzExMC8GA1UEAxMoM0FDRTJDRUY0RkIyMUI3RDExRTNFMTg0RUZDMUUyOTdC
Mzc3ODY0MjAeFw0yMzA5MTYyMTAzMjhaFw0yNDA3MTIyMTAzMjhaMDMxMTAvBgNV Mzc3ODY0MjAeFw0yMzA5MjAxNjQ5MjhaFw0yNDA3MTYxNjQ5MjhaMDMxMTAvBgNV
BAMTKDkxNDY1MkEzQkQ1MUMxNDQyNjAxOTg4ODlGNUM0NUFCRjA1M0ExODcwggEi BAMTKDkxNDY1MkEzQkQ1MUMxNDQyNjAxOTg4ODlGNUM0NUFCRjA1M0ExODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCycTQrOb/qB2W3i3Ki8PhA/DEW MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCycTQrOb/qB2W3i3Ki8PhA/DEW
yii2TgGo9pgCwO9lsIRI6Zb/k+aSiWWP9kSczlcQgtPCVwr62hTQZCIowBN0BL0c yii2TgGo9pgCwO9lsIRI6Zb/k+aSiWWP9kSczlcQgtPCVwr62hTQZCIowBN0BL0c
@ -1072,20 +1072,20 @@ K0/5k1imJdi5qdM3nvKswM8CnoR11vB8pQFwruZmr5xphXRvE+mzuJVLgu2V1upm
BXuWloeymudh6WWJ+GDjwPXO3RiXBejBrOFNXhaFLe08y4DPfr/S/tXJOBm7QzQp BXuWloeymudh6WWJ+GDjwPXO3RiXBejBrOFNXhaFLe08y4DPfr/S/tXJOBm7QzQp
tmbPLYtGfprYu45liFFqqP94UeLpISfXd36AKGzqTFCcc3EW9l5UFE1MFLlnoEog tmbPLYtGfprYu45liFFqqP94UeLpISfXd36AKGzqTFCcc3EW9l5UFE1MFLlnoEog
qtoLoKABt0IkOFGKeC/EgeaBdWLe469ddC9rQft5w6g6cmxG+aYDdIEB34zrAgMB qtoLoKABt0IkOFGKeC/EgeaBdWLe469ddC9rQft5w6g6cmxG+aYDdIEB34zrAgMB
AAGjggFuMIIBajAdBgNVHQ4EFgQUkUZSo71RwUQmAZiIn1xFq/BToYcwHwYDVR0j AAGjggFgMIIBXDAdBgNVHQ4EFgQUkUZSo71RwUQmAZiIn1xFq/BToYcwHwYDVR0j
BBgwFoAUOs4s70+yG30R4+GE78Hil7N3hkIwDAYDVR0TAQH/BAIwADAOBgNVHQ8B BBgwFoAUOs4s70+yG30R4+GE78Hil7N3hkIwDgYDVR0PAQH/BAQDAgeAMBgGA1Ud
Af8EBAMCB4AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBgNVHR8EWjBYMFag IAEB/wQOMAwwCgYIKwYBBQUHDgIwYQYDVR0fBFowWDBWoFSgUoZQcnN5bmM6Ly9y
VKBShlByc3luYzovL3Jwa2kuZXhhbXBsZS5uZXQvcmVwb3NpdG9yeS8zQUNFMkNF cGtpLmV4YW1wbGUubmV0L3JlcG9zaXRvcnkvM0FDRTJDRUY0RkIyMUI3RDExRTNF
RjRGQjIxQjdEMTFFM0UxODRFRkMxRTI5N0IzNzc4NjQyLmNybDBsBggrBgEFBQcB MTg0RUZDMUUyOTdCMzc3ODY0Mi5jcmwwbAYIKwYBBQUHAQEEYDBeMFwGCCsGAQUF
AQRgMF4wXAYIKwYBBQUHMAKGUHJzeW5jOi8vcnBraS5leGFtcGxlLm5ldC9yZXBv BzAChlByc3luYzovL3Jwa2kuZXhhbXBsZS5uZXQvcmVwb3NpdG9yeS8zQUNFMkNF
c2l0b3J5LzNBQ0UyQ0VGNEZCMjFCN0QxMUUzRTE4NEVGQzFFMjk3QjM3Nzg2NDIu RjRGQjIxQjdEMTFFM0UxODRFRkMxRTI5N0IzNzc4NjQyLmNlcjAfBggrBgEFBQcB
Y2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwAACMA0GCSqGSIb3DQEB BwEB/wQQMA4wDAQCAAEwBgMEAMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAD6JvdAdo
CwUAA4IBAQAIdkoBMQydWkkaE91zFTX6xIzzDhllfDR5bgw8C2XrAkTiWlMce+/A vWT72DHKaK4Bw5Yv88g2pPHxWo+sckYyVZzr3yy29JItOHOWXv9WHcsi1mCEmqkn
794a7j3+fIAyDrQ1fjgPLof6I7xMaiqyNtb+5GqXNk+sHwjg6AnInZV2Xgz2X6lJ JMjcCaj5RuHpR3s8EWyi5qomGOsE42w8aBpqfef9rapjW/O7o1p5LDm9qh/arw8O
dtNck25zGwfj/RZ8BxO+UUzP0JUOCTAaCed2KOVF9qWfmXeZ2HPvZVD+01G0PNKd VNU9+fnVBdbGJSVoDZScDyX+uitGeE9/dzktNeFV4bLivs/9CTXTy9eQ9RKMLkvh
DGKzBmtWKzXsWVk00fvm+xaDs/sBTf28O907AUM+2ipuFYfWYc2mPaT3C4uK0udl a5sNwNMrSS79ps9+nvFvg3Ynbkc6JGYAQgZ8K0RfQwx37Vn/AmsfvKIJWf4HzMg3
3/FhUzH6loqs/c1jIsL3mWd8iR2eAwBa+rsp9sc3wbnPCjFOuFZKN85nnXzrbJ6d eHQp/BZbbZCbr4FEy2wQhkFqXk5F1xQj91+rlyXpdbhcvbM3SyIhiWBkinVJSA/C
FjqNix9Z2it7TCmU89JltreRt5Q1xX+m g1oJqaiTsNaoGw==
-----END CERTIFICATE----- -----END CERTIFICATE-----
]]></artwork></figure> ]]></artwork></figure>
@ -1093,197 +1093,188 @@ FjqNix9Z2it7TCmU89JltreRt5Q1xX+m
The end-entity certificate is displayed below in detail. For The end-entity certificate is displayed below in detail. For
brevity, the other two certificates are not.</t> brevity, the other two certificates are not.</t>
<figure><artwork><![CDATA[ <figure><artwork><![CDATA[
0 1124: SEQUENCE { 0 1110: SEQUENCE {
4 844: SEQUENCE { 4 830: SEQUENCE {
8 3: [0] { 8 3: [0] {
10 1: INTEGER 2 10 1: INTEGER 2
: } : }
13 20: INTEGER 13 20: INTEGER
: 27 AD 39 40 83 D7 F2 B5 B9 9B 86 70 C7 75 B2 B9 6E : 27 AD 39 40 83 D7 F2 B5 B9 9B 86 70 C7 75 B2 B9
: E1 66 EC : 6E E1 66 ED
35 13: SEQUENCE { 35 13: SEQUENCE {
37 9: OBJECT IDENTIFIER 37 9: OBJECT IDENTIFIER
: sha256WithRSAEncryption (1 2 840 113549 1 1 11) : sha256WithRSAEncryption (1 2 840 113549 1 1 11)
48 0: NULL 48 0: NULL
: } : }
50 51: SEQUENCE { 50 51: SEQUENCE {
52 49: SET { 52 49: SET {
54 47: SEQUENCE { 54 47: SEQUENCE {
56 3: OBJECT IDENTIFIER commonName (2 5 4 3) 56 3: OBJECT IDENTIFIER commonName (2 5 4 3)
61 40: PrintableString 61 40: PrintableString
: '3ACE2CEF4FB21B7D11E3E184EFC1E297B3778642' : '3ACE2CEF4FB21B7D11E3E184EFC1E297B3778642'
: } : }
: } : }
: } : }
103 30: SEQUENCE { 103 30: SEQUENCE {
105 13: UTCTime 16/09/2023 21:03:28 GMT 105 13: UTCTime 20/09/2023 16:49:28 GMT
120 13: UTCTime 12/07/2024 21:03:28 GMT 120 13: UTCTime 16/07/2024 16:49:28 GMT
: } : }
135 51: SEQUENCE { 135 51: SEQUENCE {
137 49: SET { 137 49: SET {
139 47: SEQUENCE { 139 47: SEQUENCE {
141 3: OBJECT IDENTIFIER commonName (2 5 4 3) 141 3: OBJECT IDENTIFIER commonName (2 5 4 3)
146 40: PrintableString 146 40: PrintableString
: '914652A3BD51C144260198889F5C45ABF053A187' : '914652A3BD51C144260198889F5C45ABF053A187'
: } : }
: } : }
: } : }
188 290: SEQUENCE { 188 290: SEQUENCE {
192 13: SEQUENCE { 192 13: SEQUENCE {
194 9: OBJECT IDENTIFIER 194 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1) : rsaEncryption (1 2 840 113549 1 1 1)
205 0: NULL 205 0: NULL
: } : }
207 271: BIT STRING, encapsulates { 207 271: BIT STRING, encapsulates {
212 266: SEQUENCE { 212 266: SEQUENCE {
216 257: INTEGER 216 257: INTEGER
: 00 B2 71 34 2B 39 BF EA 07 65 B7 8B 72 A2 F0 F8 : 00 B2 71 34 2B 39 BF EA 07 65 B7 8B 72 A2 F0 F8
: 40 FC 31 16 CA 28 B6 4E 01 A8 F6 98 02 C0 EF 65 : 40 FC 31 16 CA 28 B6 4E 01 A8 F6 98 02 C0 EF 65
: B0 84 48 E9 96 FF 93 E6 92 89 65 8F F6 44 9C CE : B0 84 48 E9 96 FF 93 E6 92 89 65 8F F6 44 9C CE
: 57 10 82 D3 C2 57 0A FA DA 14 D0 64 22 28 C0 13 : 57 10 82 D3 C2 57 0A FA DA 14 D0 64 22 28 C0 13
: 74 04 BD 1C 2B 4F F9 93 58 A6 25 D8 B9 A9 D3 37 : 74 04 BD 1C 2B 4F F9 93 58 A6 25 D8 B9 A9 D3 37
: 9E F2 AC C0 CF 02 9E 84 75 D6 F0 7C A5 01 70 AE : 9E F2 AC C0 CF 02 9E 84 75 D6 F0 7C A5 01 70 AE
: E6 66 AF 9C 69 85 74 6F 13 E9 B3 B8 95 4B 82 ED : E6 66 AF 9C 69 85 74 6F 13 E9 B3 B8 95 4B 82 ED
: 95 D6 EA 66 05 7B 96 96 87 B2 9A E7 61 E9 65 89 : 95 D6 EA 66 05 7B 96 96 87 B2 9A E7 61 E9 65 89
: F8 60 E3 C0 F5 CE DD 18 97 05 E8 C1 AC E1 4D 5E : F8 60 E3 C0 F5 CE DD 18 97 05 E8 C1 AC E1 4D 5E
: 16 85 2D ED 3C CB 80 CF 7E BF D2 FE D5 C9 38 19 : 16 85 2D ED 3C CB 80 CF 7E BF D2 FE D5 C9 38 19
: BB 43 34 29 B6 66 CF 2D 8B 46 7E 9A D8 BB 8E 65 : BB 43 34 29 B6 66 CF 2D 8B 46 7E 9A D8 BB 8E 65
: 88 51 6A A8 FF 78 51 E2 E9 21 27 D7 77 7E 80 28 : 88 51 6A A8 FF 78 51 E2 E9 21 27 D7 77 7E 80 28
: 6C EA 4C 50 9C 73 71 16 F6 5E 54 14 4D 4C 14 B9 : 6C EA 4C 50 9C 73 71 16 F6 5E 54 14 4D 4C 14 B9
: 67 A0 4A 20 AA DA 0B A0 A0 01 B7 42 24 38 51 8A : 67 A0 4A 20 AA DA 0B A0 A0 01 B7 42 24 38 51 8A
: 78 2F C4 81 E6 81 75 62 DE E3 AF 5D 74 2F 6B 41 : 78 2F C4 81 E6 81 75 62 DE E3 AF 5D 74 2F 6B 41
: FB 79 C3 A8 3A 72 6C 46 F9 A6 03 74 81 01 DF 8C : FB 79 C3 A8 3A 72 6C 46 F9 A6 03 74 81 01 DF 8C
: EB : EB
477 3: INTEGER 65537 477 3: INTEGER 65537
: } : }
: } : }
: } : }
482 366: [3] { 482 352: [3] {
486 362: SEQUENCE { 486 348: SEQUENCE {
490 29: SEQUENCE { 490 29: SEQUENCE {
492 3: OBJECT IDENTIFIER 492 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14) : subjectKeyIdentifier (2 5 29 14)
497 22: OCTET STRING, encapsulates { 497 22: OCTET STRING, encapsulates {
499 20: OCTET STRING 499 20: OCTET STRING
: 91 46 52 A3 BD 51 C1 44 26 01 98 88 9F 5C 45 AB : 91 46 52 A3 BD 51 C1 44 26 01 98 88 9F 5C 45 AB
: F0 53 A1 87 : F0 53 A1 87
: } : }
: } : }
521 31: SEQUENCE { 521 31: SEQUENCE {
523 3: OBJECT IDENTIFIER 523 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35) : authorityKeyIdentifier (2 5 29 35)
528 24: OCTET STRING, encapsulates { 528 24: OCTET STRING, encapsulates {
530 22: SEQUENCE { 530 22: SEQUENCE {
532 20: [0] 532 20: [0]
: 3A CE 2C EF 4F B2 1B 7D 11 E3 E1 84 EF C1 E2 97 : 3A CE 2C EF 4F B2 1B 7D 11 E3 E1 84 EF C1 E2 97
: B3 77 86 42 : B3 77 86 42
: } : }
: } : }
: } : }
554 12: SEQUENCE { 554 14: SEQUENCE {
556 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 556 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
561 1: BOOLEAN TRUE 561 1: BOOLEAN TRUE
564 2: OCTET STRING, encapsulates { 564 4: OCTET STRING, encapsulates {
566 0: SEQUENCE {} 566 2: BIT STRING 7 unused bits
: } : '1'B (bit 0)
: } : }
568 14: SEQUENCE { : }
570 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 570 24: SEQUENCE {
575 1: BOOLEAN TRUE 572 3: OBJECT IDENTIFIER certificatePolicies (2 5 29 32)
578 4: OCTET STRING, encapsulates { 577 1: BOOLEAN TRUE
580 2: BIT STRING 7 unused bits 580 14: OCTET STRING, encapsulates {
: '1'B (bit 0) 582 12: SEQUENCE {
: } 584 10: SEQUENCE {
: } 586 8: OBJECT IDENTIFIER
584 24: SEQUENCE { : resourceCertificatePolicy (1 3 6 1 5 5 7 14 2)
586 3: OBJECT IDENTIFIER : }
: certificatePolicies (2 5 29 32) : }
591 1: BOOLEAN TRUE : }
594 14: OCTET STRING, encapsulates { : }
596 12: SEQUENCE { 596 97: SEQUENCE {
598 10: SEQUENCE { 598 3: OBJECT IDENTIFIER
600 8: OBJECT IDENTIFIER : cRLDistributionPoints (2 5 29 31)
: resourceCertificatePolicy 603 90: OCTET STRING, encapsulates {
: (1 3 6 1 5 5 7 14 2) 605 88: SEQUENCE {
: } 607 86: SEQUENCE {
: } 609 84: [0] {
: } 611 82: [0] {
: } 613 80: [6]
610 97: SEQUENCE { : 'rsync://rpki.example.net/repository/3ACE'
612 3: OBJECT IDENTIFIER : '2CEF4FB21B7D11E3E184EFC1E297B3778642.crl'
: cRLDistributionPoints (2 5 29 31) : }
617 90: OCTET STRING, encapsulates { : }
619 88: SEQUENCE { : }
621 86: SEQUENCE { : }
623 84: [0] { : }
625 82: [0] { : }
627 80: [6] 695 108: SEQUENCE {
: 'rsync://rpki.example.net/repository/3ACE' 697 8: OBJECT IDENTIFIER
: '2CEF4FB21B7D11E3E184EFC1E297B3778642.crl' : authorityInfoAccess (1 3 6 1 5 5 7 1 1)
: } 707 96: OCTET STRING, encapsulates {
: } 709 94: SEQUENCE {
: } 711 92: SEQUENCE {
: } 713 8: OBJECT IDENTIFIER
: } : caIssuers (1 3 6 1 5 5 7 48 2)
: } 723 80: [6]
709 108: SEQUENCE { : 'rsync://rpki.example.net/repository/3ACE'
711 8: OBJECT IDENTIFIER : '2CEF4FB21B7D11E3E184EFC1E297B3778642.cer'
: authorityInfoAccess (1 3 6 1 5 5 7 1 1) : }
721 96: OCTET STRING, encapsulates { : }
723 94: SEQUENCE { : }
725 92: SEQUENCE { : }
727 8: OBJECT IDENTIFIER 805 31: SEQUENCE {
: caIssuers (1 3 6 1 5 5 7 48 2) 807 8: OBJECT IDENTIFIER
737 80: [6] : ipAddrBlocks (1 3 6 1 5 5 7 1 7)
: 'rsync://rpki.example.net/repository/3ACE' 817 1: BOOLEAN TRUE
: '2CEF4FB21B7D11E3E184EFC1E297B3778642.cer' 820 16: OCTET STRING, encapsulates {
: } 822 14: SEQUENCE {
: } 824 12: SEQUENCE {
: } 826 2: OCTET STRING 00 01
: } 830 6: SEQUENCE {
819 31: SEQUENCE { 832 4: BIT STRING
821 8: OBJECT IDENTIFIER : '010000000000000000000011'B
: ipAddrBlocks (1 3 6 1 5 5 7 1 7) : }
831 1: BOOLEAN TRUE : }
834 16: OCTET STRING, encapsulates { : }
836 14: SEQUENCE { : }
838 12: SEQUENCE { : }
840 2: OCTET STRING 00 01 : }
844 6: SEQUENCE { : }
846 4: BIT STRING : }
: '010000000000000000000011'B 838 13: SEQUENCE {
: } 840 9: OBJECT IDENTIFIER
: } : sha256WithRSAEncryption (1 2 840 113549 1 1 11)
: } 851 0: NULL
: } : }
: } 853 257: BIT STRING
: } : 0F A2 6F 74 07 68 BD 64 FB D8 31 CA 68 AE 01 C3
: } : 96 2F F3 C8 36 A4 F1 F1 5A 8F AC 72 46 32 55 9C
: } : EB DF 2C B6 F4 92 2D 38 73 96 5E FF 56 1D CB 22
852 13: SEQUENCE { : D6 60 84 9A A9 27 24 C8 DC 09 A8 F9 46 E1 E9 47
854 9: OBJECT IDENTIFIER : 7B 3C 11 6C A2 E6 AA 26 18 EB 04 E3 6C 3C 68 1A
: sha256WithRSAEncryption (1 2 840 113549 1 1 11) : 6A 7D E7 FD AD AA 63 5B F3 BB A3 5A 79 2C 39 BD
865 0: NULL : AA 1F DA AF 0F 0E 54 D5 3D F9 F9 D5 05 D6 C6 25
: } : 25 68 0D 94 9C 0F 25 FE BA 2B 46 78 4F 7F 77 39
867 257: BIT STRING : 2D 35 E1 55 E1 B2 E2 BE CF FD 09 35 D3 CB D7 90
: 08 76 4A 01 31 0C 9D 5A 49 1A 13 DD 73 15 35 FA : F5 12 8C 2E 4B E1 6B 9B 0D C0 D3 2B 49 2E FD A6
: C4 8C F3 0E 19 65 7C 34 79 6E 0C 3C 0B 65 EB 02 : CF 7E 9E F1 6F 83 76 27 6E 47 3A 24 66 00 42 06
: 44 E2 5A 53 1C 7B EF C0 EF DE 1A EE 3D FE 7C 80 : 7C 2B 44 5F 43 0C 77 ED 59 FF 02 6B 1F BC A2 09
: 32 0E B4 35 7E 38 0F 2E 87 FA 23 BC 4C 6A 2A B2 : 59 FE 07 CC C8 37 78 74 29 FC 16 5B 6D 90 9B AF
: 36 D6 FE E4 6A 97 36 4F AC 1F 08 E0 E8 09 C8 9D : 81 44 CB 6C 10 86 41 6A 5E 4E 45 D7 14 23 F7 5F
: 95 76 5E 0C F6 5F A9 49 76 D3 5C 93 6E 73 1B 07 : AB 97 25 E9 75 B8 5C BD B3 37 4B 22 21 89 60 64
: E3 FD 16 7C 07 13 BE 51 4C CF D0 95 0E 09 30 1A : 8A 75 49 48 0F C2 83 5A 09 A9 A8 93 B0 D6 A8 1B
: 09 E7 76 28 E5 45 F6 A5 9F 99 77 99 D8 73 EF 65 : }
: 50 FE D3 51 B4 3C D2 9D 0C 62 B3 06 6B 56 2B 35
: EC 59 59 34 D1 FB E6 FB 16 83 B3 FB 01 4D FD BC
: 3B DD 3B 01 43 3E DA 2A 6E 15 87 D6 61 CD A6 3D
: A4 F7 0B 8B 8A D2 E7 65 DF F1 61 53 31 FA 96 8A
: AC FD CD 63 22 C2 F7 99 67 7C 89 1D 9E 03 00 5A
: FA BB 29 F6 C7 37 C1 B9 CF 0A 31 4E B8 56 4A 37
: CE 67 9D 7C EB 6C 9E 9D 16 3A 8D 8B 1F 59 DA 2B
: 7B 4C 29 94 F3 D2 65 B6 B7 91 B7 94 35 C5 7F A6
: }
]]></artwork></figure> ]]></artwork></figure>
<t> <t>