aboutsummaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2008-02-27 19:02:11 +0000
committerRob Austein <sra@hactrn.net>2008-02-27 19:02:11 +0000
commite1bc9584d821857a9a1869f38b934812ff60f7fb (patch)
treec9c1f45818ab9f4e6dacefc1428c9a9dcb67c0fd /scripts
parenta9ecdddda7c364cd62dbd1c16fc0f19615fe288e (diff)
Filename cleanup
svn path=/rpkid/Makefile; revision=1531
Diffstat (limited to 'scripts')
-rw-r--r--scripts/Makefile57
-rw-r--r--scripts/README466
-rw-r--r--scripts/apnic-poke-1.sh112
-rw-r--r--scripts/apnic-poke-1.yaml28
-rw-r--r--scripts/apnic-poke-2.sh123
-rw-r--r--scripts/apnic-poke-2.yaml74
-rw-r--r--scripts/biz-certs-setup.sh81
l---------scripts/biz-certs/08fd5b15.01
l---------scripts/biz-certs/0cb21e6a.01
l---------scripts/biz-certs/33b6d09e.01
l---------scripts/biz-certs/5210f268.01
l---------scripts/biz-certs/5ebf1062.01
l---------scripts/biz-certs/60ac264c.01
l---------scripts/biz-certs/623ab26c.01
l---------scripts/biz-certs/6878697a.01
l---------scripts/biz-certs/71288ec9.01
l---------scripts/biz-certs/7449ce31.01
l---------scripts/biz-certs/7562977b.01
l---------scripts/biz-certs/80e4ab61.01
l---------scripts/biz-certs/826d8d65.01
l---------scripts/biz-certs/9844d0ad.01
l---------scripts/biz-certs/9970e247.01
-rw-r--r--scripts/biz-certs/Alice-CA.cer19
-rw-r--r--scripts/biz-certs/Alice-CA.cnf15
-rw-r--r--scripts/biz-certs/Alice-CA.key27
-rw-r--r--scripts/biz-certs/Alice-CA.req15
-rw-r--r--scripts/biz-certs/Alice-CA.srl1
-rw-r--r--scripts/biz-certs/Alice-EE.cer19
-rw-r--r--scripts/biz-certs/Alice-EE.cnf15
-rw-r--r--scripts/biz-certs/Alice-EE.key27
-rw-r--r--scripts/biz-certs/Alice-EE.req15
-rw-r--r--scripts/biz-certs/Alice-Root.cer19
-rw-r--r--scripts/biz-certs/Alice-Root.cnf15
-rw-r--r--scripts/biz-certs/Alice-Root.key27
-rw-r--r--scripts/biz-certs/Alice-Root.req15
-rw-r--r--scripts/biz-certs/Alice-Root.srl1
-rw-r--r--scripts/biz-certs/Bob-CA.cer19
-rw-r--r--scripts/biz-certs/Bob-CA.cnf15
-rw-r--r--scripts/biz-certs/Bob-CA.key27
-rw-r--r--scripts/biz-certs/Bob-CA.req15
-rw-r--r--scripts/biz-certs/Bob-CA.srl1
-rw-r--r--scripts/biz-certs/Bob-EE.cer19
-rw-r--r--scripts/biz-certs/Bob-EE.cnf15
-rw-r--r--scripts/biz-certs/Bob-EE.key27
-rw-r--r--scripts/biz-certs/Bob-EE.req15
-rw-r--r--scripts/biz-certs/Bob-Root.cer19
-rw-r--r--scripts/biz-certs/Bob-Root.cnf15
-rw-r--r--scripts/biz-certs/Bob-Root.key27
-rw-r--r--scripts/biz-certs/Bob-Root.req15
-rw-r--r--scripts/biz-certs/Bob-Root.srl1
-rw-r--r--scripts/biz-certs/Carol-CA.cer19
-rw-r--r--scripts/biz-certs/Carol-CA.cnf15
-rw-r--r--scripts/biz-certs/Carol-CA.key27
-rw-r--r--scripts/biz-certs/Carol-CA.req15
-rw-r--r--scripts/biz-certs/Carol-CA.srl1
-rw-r--r--scripts/biz-certs/Carol-EE.cer19
-rw-r--r--scripts/biz-certs/Carol-EE.cnf15
-rw-r--r--scripts/biz-certs/Carol-EE.key27
-rw-r--r--scripts/biz-certs/Carol-EE.req15
-rw-r--r--scripts/biz-certs/Carol-Root.cer19
-rw-r--r--scripts/biz-certs/Carol-Root.cnf15
-rw-r--r--scripts/biz-certs/Carol-Root.key27
-rw-r--r--scripts/biz-certs/Carol-Root.req15
-rw-r--r--scripts/biz-certs/Carol-Root.srl1
-rw-r--r--scripts/biz-certs/Dave-CA.cer19
-rw-r--r--scripts/biz-certs/Dave-CA.cnf15
-rw-r--r--scripts/biz-certs/Dave-CA.key27
-rw-r--r--scripts/biz-certs/Dave-CA.req15
-rw-r--r--scripts/biz-certs/Dave-CA.srl1
-rw-r--r--scripts/biz-certs/Dave-EE.cer19
-rw-r--r--scripts/biz-certs/Dave-EE.cnf15
-rw-r--r--scripts/biz-certs/Dave-EE.key27
-rw-r--r--scripts/biz-certs/Dave-EE.req15
-rw-r--r--scripts/biz-certs/Dave-Root.cer19
-rw-r--r--scripts/biz-certs/Dave-Root.cnf15
-rw-r--r--scripts/biz-certs/Dave-Root.key27
-rw-r--r--scripts/biz-certs/Dave-Root.req15
-rw-r--r--scripts/biz-certs/Dave-Root.srl1
-rw-r--r--scripts/biz-certs/Elena-CA.cer19
-rw-r--r--scripts/biz-certs/Elena-CA.cnf15
-rw-r--r--scripts/biz-certs/Elena-CA.key27
-rw-r--r--scripts/biz-certs/Elena-CA.req15
-rw-r--r--scripts/biz-certs/Elena-CA.srl1
-rw-r--r--scripts/biz-certs/Elena-EE.cer19
-rw-r--r--scripts/biz-certs/Elena-EE.cnf15
-rw-r--r--scripts/biz-certs/Elena-EE.key27
-rw-r--r--scripts/biz-certs/Elena-EE.req15
-rw-r--r--scripts/biz-certs/Elena-Root.cer19
-rw-r--r--scripts/biz-certs/Elena-Root.cnf15
-rw-r--r--scripts/biz-certs/Elena-Root.key27
-rw-r--r--scripts/biz-certs/Elena-Root.req15
-rw-r--r--scripts/biz-certs/Elena-Root.srl1
-rw-r--r--scripts/biz-certs/Frank-CA.cer19
-rw-r--r--scripts/biz-certs/Frank-CA.cnf15
-rw-r--r--scripts/biz-certs/Frank-CA.key27
-rw-r--r--scripts/biz-certs/Frank-CA.req15
-rw-r--r--scripts/biz-certs/Frank-CA.srl1
-rw-r--r--scripts/biz-certs/Frank-EE.cer19
-rw-r--r--scripts/biz-certs/Frank-EE.cnf15
-rw-r--r--scripts/biz-certs/Frank-EE.key27
-rw-r--r--scripts/biz-certs/Frank-EE.req15
-rw-r--r--scripts/biz-certs/Frank-Root.cer19
-rw-r--r--scripts/biz-certs/Frank-Root.cnf15
-rw-r--r--scripts/biz-certs/Frank-Root.key27
-rw-r--r--scripts/biz-certs/Frank-Root.req15
-rw-r--r--scripts/biz-certs/Frank-Root.srl1
-rw-r--r--scripts/biz-certs/Ginny-CA.cer19
-rw-r--r--scripts/biz-certs/Ginny-CA.cnf15
-rw-r--r--scripts/biz-certs/Ginny-CA.key27
-rw-r--r--scripts/biz-certs/Ginny-CA.req15
-rw-r--r--scripts/biz-certs/Ginny-CA.srl1
-rw-r--r--scripts/biz-certs/Ginny-EE.cer19
-rw-r--r--scripts/biz-certs/Ginny-EE.cnf15
-rw-r--r--scripts/biz-certs/Ginny-EE.key27
-rw-r--r--scripts/biz-certs/Ginny-EE.req15
-rw-r--r--scripts/biz-certs/Ginny-Root.cer19
-rw-r--r--scripts/biz-certs/Ginny-Root.cnf15
-rw-r--r--scripts/biz-certs/Ginny-Root.key27
-rw-r--r--scripts/biz-certs/Ginny-Root.req15
-rw-r--r--scripts/biz-certs/Ginny-Root.srl1
-rw-r--r--scripts/biz-certs/Harry-CA.cer19
-rw-r--r--scripts/biz-certs/Harry-CA.cnf15
-rw-r--r--scripts/biz-certs/Harry-CA.key27
-rw-r--r--scripts/biz-certs/Harry-CA.req15
-rw-r--r--scripts/biz-certs/Harry-CA.srl1
-rw-r--r--scripts/biz-certs/Harry-EE.cer19
-rw-r--r--scripts/biz-certs/Harry-EE.cnf15
-rw-r--r--scripts/biz-certs/Harry-EE.key27
-rw-r--r--scripts/biz-certs/Harry-EE.req15
-rw-r--r--scripts/biz-certs/Harry-Root.cer19
-rw-r--r--scripts/biz-certs/Harry-Root.cnf15
-rw-r--r--scripts/biz-certs/Harry-Root.key27
-rw-r--r--scripts/biz-certs/Harry-Root.req15
-rw-r--r--scripts/biz-certs/Harry-Root.srl1
l---------scripts/biz-certs/a17ff8dd.01
l---------scripts/biz-certs/b523b0af.01
l---------scripts/biz-certs/c027faa7.01
l---------scripts/biz-certs/cf3dacf7.01
l---------scripts/biz-certs/d9bfc7a9.01
l---------scripts/biz-certs/dfc82c8e.01
l---------scripts/biz-certs/f97c9834.01
l---------scripts/biz-certs/ff615a1f.01
l---------scripts/biz-certs/ff8832dd.01
-rw-r--r--scripts/cronjob.py47
-rwxr-xr-xscripts/cronjob.sh44
-rwxr-xr-xscripts/irbe-cli.py208
-rw-r--r--scripts/irbe-setup.py125
-rw-r--r--scripts/irbe-setup.sh32
-rwxr-xr-xscripts/irdbd.py131
-rw-r--r--scripts/left-right-protocol-samples.xsl37
-rw-r--r--scripts/left-right-protocol-samples/pdu.001.xml8
-rw-r--r--scripts/left-right-protocol-samples/pdu.002.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.003.xml7
-rw-r--r--scripts/left-right-protocol-samples/pdu.004.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.005.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.006.xml9
-rw-r--r--scripts/left-right-protocol-samples/pdu.007.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.008.xml14
-rw-r--r--scripts/left-right-protocol-samples/pdu.009.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.010.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.011.xml25
-rw-r--r--scripts/left-right-protocol-samples/pdu.012.xml7
-rw-r--r--scripts/left-right-protocol-samples/pdu.013.xml25
-rw-r--r--scripts/left-right-protocol-samples/pdu.014.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.015.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.016.xml53
-rw-r--r--scripts/left-right-protocol-samples/pdu.017.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.018.xml53
-rw-r--r--scripts/left-right-protocol-samples/pdu.019.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.020.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.021.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.022.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.023.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.024.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.025.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.026.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.027.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.028.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.029.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.030.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.031.xml25
-rw-r--r--scripts/left-right-protocol-samples/pdu.032.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.033.xml25
-rw-r--r--scripts/left-right-protocol-samples/pdu.034.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.035.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.036.xml25
-rw-r--r--scripts/left-right-protocol-samples/pdu.037.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.038.xml25
-rw-r--r--scripts/left-right-protocol-samples/pdu.039.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.040.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.041.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.042.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.043.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.044.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.045.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.046.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.047.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.048.xml44
-rw-r--r--scripts/left-right-protocol-samples/pdu.049.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.050.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.051.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.052.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.053.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.054.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.055.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.056.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.057.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.058.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.059.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.060.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.061.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.062.xml5
-rw-r--r--scripts/left-right-protocol-samples/pdu.063.xml5
-rw-r--r--scripts/left-right-schema.rnc208
-rw-r--r--scripts/left-right-schema.rng948
-rw-r--r--scripts/make-relaxng.py27
-rw-r--r--scripts/resource-cert-samples.py248
-rw-r--r--scripts/resource-cert-samples/.stamp0
-rw-r--r--scripts/resource-cert-samples/ISP1.cer93
-rw-r--r--scripts/resource-cert-samples/ISP1.cnf64
-rw-r--r--scripts/resource-cert-samples/ISP1.key27
-rw-r--r--scripts/resource-cert-samples/ISP1.req21
-rw-r--r--scripts/resource-cert-samples/ISP1/index0
-rw-r--r--scripts/resource-cert-samples/ISP1/serial1
-rw-r--r--scripts/resource-cert-samples/ISP2.cer88
-rw-r--r--scripts/resource-cert-samples/ISP2.cnf64
-rw-r--r--scripts/resource-cert-samples/ISP2.key27
-rw-r--r--scripts/resource-cert-samples/ISP2.req21
-rw-r--r--scripts/resource-cert-samples/ISP2/index0
-rw-r--r--scripts/resource-cert-samples/ISP2/serial1
-rw-r--r--scripts/resource-cert-samples/ISP3.cer89
-rw-r--r--scripts/resource-cert-samples/ISP3.cnf64
-rw-r--r--scripts/resource-cert-samples/ISP3.key27
-rw-r--r--scripts/resource-cert-samples/ISP3.req21
-rw-r--r--scripts/resource-cert-samples/ISP3/index0
-rw-r--r--scripts/resource-cert-samples/ISP3/serial1
-rw-r--r--scripts/resource-cert-samples/ISP4.cer93
-rw-r--r--scripts/resource-cert-samples/ISP4.cnf64
-rw-r--r--scripts/resource-cert-samples/ISP4.key27
-rw-r--r--scripts/resource-cert-samples/ISP4.req21
-rw-r--r--scripts/resource-cert-samples/ISP4/index0
-rw-r--r--scripts/resource-cert-samples/ISP4/serial1
-rw-r--r--scripts/resource-cert-samples/ISP5a.cer91
-rw-r--r--scripts/resource-cert-samples/ISP5a.cnf64
-rw-r--r--scripts/resource-cert-samples/ISP5a.key27
-rw-r--r--scripts/resource-cert-samples/ISP5a.req21
-rw-r--r--scripts/resource-cert-samples/ISP5a/index0
-rw-r--r--scripts/resource-cert-samples/ISP5a/serial1
-rw-r--r--scripts/resource-cert-samples/ISP5b.cer91
-rw-r--r--scripts/resource-cert-samples/ISP5b.cnf64
-rw-r--r--scripts/resource-cert-samples/ISP5b.key27
-rw-r--r--scripts/resource-cert-samples/ISP5b.req21
-rw-r--r--scripts/resource-cert-samples/ISP5b/index0
-rw-r--r--scripts/resource-cert-samples/ISP5b/serial1
-rw-r--r--scripts/resource-cert-samples/ISP5c.cer88
-rw-r--r--scripts/resource-cert-samples/ISP5c.cnf64
-rw-r--r--scripts/resource-cert-samples/ISP5c.key27
-rw-r--r--scripts/resource-cert-samples/ISP5c.req21
-rw-r--r--scripts/resource-cert-samples/ISP5c/index0
-rw-r--r--scripts/resource-cert-samples/ISP5c/serial1
-rw-r--r--scripts/resource-cert-samples/LIR1.cer94
-rw-r--r--scripts/resource-cert-samples/LIR1.cnf64
-rw-r--r--scripts/resource-cert-samples/LIR1.key27
-rw-r--r--scripts/resource-cert-samples/LIR1.req22
-rw-r--r--scripts/resource-cert-samples/LIR1/01.pem23
-rw-r--r--scripts/resource-cert-samples/LIR1/02.pem23
-rw-r--r--scripts/resource-cert-samples/LIR1/03.pem92
-rw-r--r--scripts/resource-cert-samples/LIR1/04.pem96
-rw-r--r--scripts/resource-cert-samples/LIR1/05.pem92
-rw-r--r--scripts/resource-cert-samples/LIR1/06.pem96
-rw-r--r--scripts/resource-cert-samples/LIR1/07.pem92
-rw-r--r--scripts/resource-cert-samples/LIR1/08.pem96
-rw-r--r--scripts/resource-cert-samples/LIR1/09.pem92
-rw-r--r--scripts/resource-cert-samples/LIR1/0A.pem96
-rw-r--r--scripts/resource-cert-samples/LIR1/0B.pem79
-rw-r--r--scripts/resource-cert-samples/LIR1/0C.pem79
-rw-r--r--scripts/resource-cert-samples/LIR1/0D.pem88
-rw-r--r--scripts/resource-cert-samples/LIR1/0E.pem93
-rw-r--r--scripts/resource-cert-samples/LIR1/0F.pem88
-rw-r--r--scripts/resource-cert-samples/LIR1/10.pem93
-rw-r--r--scripts/resource-cert-samples/LIR1/11.pem76
-rw-r--r--scripts/resource-cert-samples/LIR1/12.pem76
-rw-r--r--scripts/resource-cert-samples/LIR1/13.pem88
-rw-r--r--scripts/resource-cert-samples/LIR1/14.pem93
-rw-r--r--scripts/resource-cert-samples/LIR1/15.pem88
-rw-r--r--scripts/resource-cert-samples/LIR1/16.pem93
-rw-r--r--scripts/resource-cert-samples/LIR1/17.pem88
-rw-r--r--scripts/resource-cert-samples/LIR1/18.pem93
-rw-r--r--scripts/resource-cert-samples/LIR1/19.pem88
-rw-r--r--scripts/resource-cert-samples/LIR1/1A.pem93
-rw-r--r--scripts/resource-cert-samples/LIR1/index26
-rw-r--r--scripts/resource-cert-samples/LIR1/index.attr1
-rw-r--r--scripts/resource-cert-samples/LIR1/index.attr.old1
-rw-r--r--scripts/resource-cert-samples/LIR1/index.old25
-rw-r--r--scripts/resource-cert-samples/LIR1/serial1
-rw-r--r--scripts/resource-cert-samples/LIR1/serial.old1
-rw-r--r--scripts/resource-cert-samples/LIR2.cer95
-rw-r--r--scripts/resource-cert-samples/LIR2.cnf64
-rw-r--r--scripts/resource-cert-samples/LIR2.key27
-rw-r--r--scripts/resource-cert-samples/LIR2.req22
-rw-r--r--scripts/resource-cert-samples/LIR2/01.pem23
-rw-r--r--scripts/resource-cert-samples/LIR2/02.pem23
-rw-r--r--scripts/resource-cert-samples/LIR2/03.pem96
-rw-r--r--scripts/resource-cert-samples/LIR2/04.pem92
-rw-r--r--scripts/resource-cert-samples/LIR2/05.pem96
-rw-r--r--scripts/resource-cert-samples/LIR2/06.pem92
-rw-r--r--scripts/resource-cert-samples/LIR2/07.pem96
-rw-r--r--scripts/resource-cert-samples/LIR2/08.pem92
-rw-r--r--scripts/resource-cert-samples/LIR2/09.pem96
-rw-r--r--scripts/resource-cert-samples/LIR2/0A.pem92
-rw-r--r--scripts/resource-cert-samples/LIR2/0B.pem79
-rw-r--r--scripts/resource-cert-samples/LIR2/0C.pem79
-rw-r--r--scripts/resource-cert-samples/LIR2/0D.pem93
-rw-r--r--scripts/resource-cert-samples/LIR2/0E.pem89
-rw-r--r--scripts/resource-cert-samples/LIR2/0F.pem93
-rw-r--r--scripts/resource-cert-samples/LIR2/10.pem89
-rw-r--r--scripts/resource-cert-samples/LIR2/11.pem76
-rw-r--r--scripts/resource-cert-samples/LIR2/12.pem76
-rw-r--r--scripts/resource-cert-samples/LIR2/13.pem93
-rw-r--r--scripts/resource-cert-samples/LIR2/14.pem89
-rw-r--r--scripts/resource-cert-samples/LIR2/15.pem93
-rw-r--r--scripts/resource-cert-samples/LIR2/16.pem89
-rw-r--r--scripts/resource-cert-samples/LIR2/17.pem93
-rw-r--r--scripts/resource-cert-samples/LIR2/18.pem89
-rw-r--r--scripts/resource-cert-samples/LIR2/19.pem93
-rw-r--r--scripts/resource-cert-samples/LIR2/1A.pem89
-rw-r--r--scripts/resource-cert-samples/LIR2/index26
-rw-r--r--scripts/resource-cert-samples/LIR2/index.attr1
-rw-r--r--scripts/resource-cert-samples/LIR2/index.attr.old1
-rw-r--r--scripts/resource-cert-samples/LIR2/index.old25
-rw-r--r--scripts/resource-cert-samples/LIR2/serial1
-rw-r--r--scripts/resource-cert-samples/LIR2/serial.old1
-rw-r--r--scripts/resource-cert-samples/LIR3.cer98
-rw-r--r--scripts/resource-cert-samples/LIR3.cnf64
-rw-r--r--scripts/resource-cert-samples/LIR3.key27
-rw-r--r--scripts/resource-cert-samples/LIR3.req22
-rw-r--r--scripts/resource-cert-samples/LIR3/01.pem92
-rw-r--r--scripts/resource-cert-samples/LIR3/02.pem94
-rw-r--r--scripts/resource-cert-samples/LIR3/03.pem94
-rw-r--r--scripts/resource-cert-samples/LIR3/04.pem79
-rw-r--r--scripts/resource-cert-samples/LIR3/05.pem79
-rw-r--r--scripts/resource-cert-samples/LIR3/06.pem79
-rw-r--r--scripts/resource-cert-samples/LIR3/07.pem88
-rw-r--r--scripts/resource-cert-samples/LIR3/08.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/09.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/0A.pem88
-rw-r--r--scripts/resource-cert-samples/LIR3/0B.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/0C.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/0D.pem76
-rw-r--r--scripts/resource-cert-samples/LIR3/0E.pem76
-rw-r--r--scripts/resource-cert-samples/LIR3/0F.pem76
-rw-r--r--scripts/resource-cert-samples/LIR3/10.pem88
-rw-r--r--scripts/resource-cert-samples/LIR3/11.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/12.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/13.pem88
-rw-r--r--scripts/resource-cert-samples/LIR3/14.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/15.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/16.pem88
-rw-r--r--scripts/resource-cert-samples/LIR3/17.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/18.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/19.pem88
-rw-r--r--scripts/resource-cert-samples/LIR3/1A.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/1B.pem91
-rw-r--r--scripts/resource-cert-samples/LIR3/index27
-rw-r--r--scripts/resource-cert-samples/LIR3/index.attr1
-rw-r--r--scripts/resource-cert-samples/LIR3/index.attr.old1
-rw-r--r--scripts/resource-cert-samples/LIR3/index.old26
-rw-r--r--scripts/resource-cert-samples/LIR3/serial1
-rw-r--r--scripts/resource-cert-samples/LIR3/serial.old1
-rw-r--r--scripts/resource-cert-samples/Makefile232
-rw-r--r--scripts/resource-cert-samples/RIR.cer100
-rw-r--r--scripts/resource-cert-samples/RIR.cnf64
-rw-r--r--scripts/resource-cert-samples/RIR.key27
-rw-r--r--scripts/resource-cert-samples/RIR.req23
-rw-r--r--scripts/resource-cert-samples/RIR/01.pem24
-rw-r--r--scripts/resource-cert-samples/RIR/02.pem24
-rw-r--r--scripts/resource-cert-samples/RIR/03.pem24
-rw-r--r--scripts/resource-cert-samples/RIR/04.pem99
-rw-r--r--scripts/resource-cert-samples/RIR/05.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/06.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/07.pem99
-rw-r--r--scripts/resource-cert-samples/RIR/08.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/09.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/0A.pem99
-rw-r--r--scripts/resource-cert-samples/RIR/0B.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/0C.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/0D.pem104
-rw-r--r--scripts/resource-cert-samples/RIR/0E.pem101
-rw-r--r--scripts/resource-cert-samples/RIR/0F.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/10.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/11.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/12.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/13.pem79
-rw-r--r--scripts/resource-cert-samples/RIR/14.pem79
-rw-r--r--scripts/resource-cert-samples/RIR/15.pem79
-rw-r--r--scripts/resource-cert-samples/RIR/16.pem79
-rw-r--r--scripts/resource-cert-samples/RIR/17.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/18.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/19.pem95
-rw-r--r--scripts/resource-cert-samples/RIR/1A.pem94
-rw-r--r--scripts/resource-cert-samples/RIR/1B.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/1C.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/1D.pem95
-rw-r--r--scripts/resource-cert-samples/RIR/1E.pem94
-rw-r--r--scripts/resource-cert-samples/RIR/1F.pem76
-rw-r--r--scripts/resource-cert-samples/RIR/20.pem76
-rw-r--r--scripts/resource-cert-samples/RIR/21.pem76
-rw-r--r--scripts/resource-cert-samples/RIR/22.pem76
-rw-r--r--scripts/resource-cert-samples/RIR/23.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/24.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/25.pem95
-rw-r--r--scripts/resource-cert-samples/RIR/26.pem94
-rw-r--r--scripts/resource-cert-samples/RIR/27.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/28.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/29.pem95
-rw-r--r--scripts/resource-cert-samples/RIR/2A.pem94
-rw-r--r--scripts/resource-cert-samples/RIR/2B.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/2C.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/2D.pem95
-rw-r--r--scripts/resource-cert-samples/RIR/2E.pem94
-rw-r--r--scripts/resource-cert-samples/RIR/2F.pem100
-rw-r--r--scripts/resource-cert-samples/RIR/30.pem98
-rw-r--r--scripts/resource-cert-samples/RIR/31.pem95
-rw-r--r--scripts/resource-cert-samples/RIR/32.pem94
-rw-r--r--scripts/resource-cert-samples/RIR/index50
-rw-r--r--scripts/resource-cert-samples/RIR/index.attr1
-rw-r--r--scripts/resource-cert-samples/RIR/index.attr.old1
-rw-r--r--scripts/resource-cert-samples/RIR/index.old49
-rw-r--r--scripts/resource-cert-samples/RIR/serial1
-rw-r--r--scripts/resource-cert-samples/RIR/serial.old1
-rw-r--r--scripts/rootd.cer93
-rw-r--r--scripts/rootd.cnf30
-rw-r--r--scripts/rootd.key27
-rwxr-xr-xscripts/rootd.py202
-rw-r--r--scripts/rootd.sh143
-rw-r--r--scripts/rootd.yaml24
-rw-r--r--scripts/rpki/Doxyfile1269
-rw-r--r--scripts/rpki/__init__.py42
-rw-r--r--scripts/rpki/cms.py120
-rw-r--r--scripts/rpki/config.py57
-rw-r--r--scripts/rpki/exceptions.py86
-rw-r--r--scripts/rpki/https.py146
-rw-r--r--scripts/rpki/ipaddrs.py70
-rw-r--r--scripts/rpki/left_right.py1002
-rw-r--r--scripts/rpki/log.py54
-rw-r--r--scripts/rpki/manifest.py53
-rw-r--r--scripts/rpki/oids.py49
-rw-r--r--scripts/rpki/pkcs10.py62
-rw-r--r--scripts/rpki/relaxng.py1208
-rw-r--r--scripts/rpki/resource_set.py528
-rw-r--r--scripts/rpki/roa.py49
-rw-r--r--scripts/rpki/sax_utils.py93
-rw-r--r--scripts/rpki/sql.py801
-rw-r--r--scripts/rpki/sundial.py147
-rw-r--r--scripts/rpki/up_down.py518
-rw-r--r--scripts/rpki/x509.py700
-rwxr-xr-xscripts/rpkid.py137
-rw-r--r--scripts/test-pow-tls.py59
-rw-r--r--scripts/testbed.1.yaml47
-rw-r--r--scripts/testbed.2.yaml92
-rw-r--r--scripts/testbed.py941
-rw-r--r--scripts/testbed.sql57
-rw-r--r--scripts/testpoke.py139
-rw-r--r--scripts/testpoke.sh8
-rw-r--r--scripts/testpoke.yaml28
-rw-r--r--scripts/up-down-protocol-samples/Makefile11
-rw-r--r--scripts/up-down-protocol-samples/error_response.xml9
-rw-r--r--scripts/up-down-protocol-samples/issue1.xml25
-rw-r--r--scripts/up-down-protocol-samples/issue2.xml24
-rw-r--r--scripts/up-down-protocol-samples/issue_response.xml116
-rw-r--r--scripts/up-down-protocol-samples/list.xml6
-rw-r--r--scripts/up-down-protocol-samples/list_response.xml169
-rw-r--r--scripts/up-down-protocol-samples/revoke.xml9
-rw-r--r--scripts/up-down-protocol-samples/revoke_response.xml9
-rw-r--r--scripts/up-down-schema.rnc71
-rw-r--r--scripts/up-down-schema.rng249
-rwxr-xr-xscripts/xml-parse-test.py67
477 files changed, 0 insertions, 29594 deletions
diff --git a/scripts/Makefile b/scripts/Makefile
deleted file mode 100644
index 69f83f30..00000000
--- a/scripts/Makefile
+++ /dev/null
@@ -1,57 +0,0 @@
-# $Id$
-
-all:: left-right-protocol-samples/.stamp
-
-left-right-protocol-samples/.stamp: left-right-protocol-samples.xsl ../docs/left-right-xml
- xsltproc left-right-protocol-samples.xsl ../docs/left-right-xml
- touch $@
-
-all:: left-right-schema.rng
-
-left-right-schema.rng: left-right-schema.rnc
- trang left-right-schema.rnc left-right-schema.rng
-
-all:: up-down-schema.rng
-
-up-down-schema.rng: up-down-schema.rnc
- trang up-down-schema.rnc up-down-schema.rng
-
-dont-run-trang:
- touch *.rng
-
-relaxng: left-right-protocol-samples/.stamp left-right-schema.rng up-down-schema.rng
- xmllint --noout --relaxng left-right-schema.rng left-right-protocol-samples/*.xml
- xmllint --noout --relaxng up-down-schema.rng up-down-protocol-samples/*.xml
-
-# all:: resource-cert-samples-regen
-
-all-tests:: relaxng
-
-all-tests:: all ; python xml-parse-test.py
-
-resource-cert-samples-regen: resource-cert-samples/.stamp
- cd resource-cert-samples && make
-
-resource-cert-samples/.stamp: generate-testrepo.py Makefile
- python generate-testrepo.py
- touch $@
-
-doxygen:
- cd rpki && doxygen
-
-tags:
- find . -type f -name '*.py' | etags -
-
-all:: rpki/relaxng.py
-
-rpki/relaxng.py: left-right-schema.rng up-down-schema.rng make-relaxng.py
- python make-relaxng.py >$@.tmp
- mv $@.tmp $@
-
-# all-tests:: all; sh -x rootd.sh run
-
-test all-tests:: all
- python testbed.py -y testbed.1.yaml
-
-all-tests:: all
- python testbed.py -y testbed.2.yaml
diff --git a/scripts/README b/scripts/README
deleted file mode 100644
index 3bb44561..00000000
--- a/scripts/README
+++ /dev/null
@@ -1,466 +0,0 @@
-$Id$ -*- Text -*-
-
-Python RPKI production tools.
-
-Requires Python 2.5.
-
-External Python packages required:
-
-- lxml, which in turn requires the libxml2 C libraries.
-
- http://codespeak.net/lxml/
-
- FreeBSD: /usr/ports/devel/py-lxml
-
-- MySQLdb, which in turn requires MySQL client and server. I'm
- testing with MySQL 5.1.
-
- http://sourceforge.net/projects/mysql-python/
-
- FreeBSD: /usr/ports/databases/py-MySQLdb
-
-- TLSLite, which pulls in other crypto packages.
-
- http://trevp.net/tlslite/
-
- FreeBSD: /usr/ports/security/py-tlslite
-
-- Cryptlib, at the moment just to support TLSlite but may end up using
- it for other things later.
-
- http://www.cs.auckland.ac.nz/~pgut001/cryptlib/
-
- FreeBSD: /usr/ports/security/cryptlib
-
- ...but the FreeBSD port doesn't (yet?) install the Python bindings,
- sigh, so at the moment you have to do that by hand:
-
- # cd /usr/ports/security/cryptlib
- # make install
- # cd work/bindings
- # python setup.py install
- # cd ../..
- # make clean
-
-- Eventually I expect that this will require an event-handling package
- like Twisted, but I'm not there yet.
-
-- The testpoke tool (up-down protocol command line test client) and
- testbed tools also uses PyYAML.
-
- http://pyyaml.org/
-
- FreeBSD: /usr/ports/devel/py-yaml
-
-We also use a hacked copy of the Python OpenSSL Wrappers (POW)
-package, but our copy has enough modifications that it's expanded in
-the Subversion tree. Depending on how this all works out, I may end
-up splitting the POW.pkix module out of the POW package and using it
-with Cryptlib, as the POW.pkix package is 98% about doing ASN.1 in
-pure Python and only 2% about any kind of crypto.
-
-
-
-$Revision$
-
-TO DO:
-
-- Scripted tests to grow and shrink and revoke and .... See
- testbed.*.yaml, but more systematic testing needed.
-
- PRIORITY: Required
-
- TIME REQUIRED: open-ended
-
- STATUS: Ongoing
-
-- Randy's "user validation tool" (fetch and validate certs and
- probably the ROA for a prefix I want to accept in a route filter I
- am building in Python/Perl). This probably uses rcync's output as
- one of its inputs.
-
- This is a basic tool for a sysadmin who wants to -use- all this crud
- we're working so hard to generate. It's not required for the
- generation tools to work, but without it the entire toolset does
- nothing obviously useful, which will make it a very hard sell during
- the limited public test stage.
-
- PRIORITY: Required
-
- DEPENDS ON: ROA generation
-
- TIME REQUIRED: three days
-
- STATUS: Not started
-
-- Common protocol dump format with APNIC and other implementors so we
- can read each other's dumps. "Obvious" format would be an
- OpenSSL-style PEM of the CMS, with a "text" portion (the place where
- "openssl x509 -text" would put a text dump of a cert) showing the
- wrapped XML.
-
- PRIORITY: Desirable
-
- TIME REQUIRED: one day
-
- STATUS: Not started
-
-- Clean unused cruft out of left-right protocol, or at least have
- control booleans we don't intend to implement at present signal an
- error if used.
-
- Bottleneck here has been deciding what to punt and what to
- implement. Removing unused booleans or raising errors when they're
- used is trivial.
-
- PRIORITY: Required
-
- TIME REQUIRED: Less than one day
-
- STATUS: Error signalling done
-
-- resource_set_notafter attribute added to RelaxNG but not yet to
- rpki.up_down.class_elt. Need to convert to and from
- rpki.sundial.datetime. This is an up-down protocol feature that was
- added fairly late and that none of us properly implement yet, but
- failing to handle it would be a spec violation and eventually cause
- an interop problem.
-
- PRIORITY: Required
-
- TIME REQUIRED: Less than one day
-
- STATUS: Done
-
-- Publication protocol and implementation thereof. Protocol design
- started, Randy had comments that sent me back to the drawing board
- (he was right). Next step is to integrate Randy's advice, which
- probably means picking up more of the left-right protocol framework.
-
- Desirable although not strictly required that protcol be agreed upon
- among the RIRs. Might not be practical given how long it takes
- group to decide anything.
-
- Tricky bit is making sure that repository receives enough
- information to know whether parent has authorized child to use
- parent's namespace in nesting case. In theory this is
- straightforward but requires careful checking.
-
- ARIN can't host output of non-hosted RPKI engines without this, and
- that's critical both to the security model as discussed with ARIN
- staff in late 2006, so I believe we need this capability even as
- part of the initial limited test.
-
- PRIORITY: Required
-
- TIME REQUIRED: 1-2 weeks for implementation once protocol settled,
- depending on how much of the protocol and implementation I can steal
- from the existing left-right protocol.
-
- STATUS: Started
-
-- Subsetting (req_* attributes in up-down protocol)
-
- Minimal implementation would be to recognize this as correct
- protocol and signal an internal server error if it's ever used.
-
- More serious implementation would require expanding SQL child_cert
- table to hold subset masks and tweaking almost every bit of code
- that touches that table.
-
- PRIORITY: Required
-
- TIME REQUIRED (minimal version): One day
-
- TIME REQUIRED (real version): 1-2 weeks
-
- STATUS: Not started
-
-- Error handling: make sure that exceptions map correctly to up-down
- error codes, flesh out left-right error codes. Note that the same
- exception may produce different error codes depending on which
- up-down PDU we're processing (sigh).
-
- Will require code audit for coherency.
-
- PRIORITY: Required
-
- TIME REQUIRED: four days
-
- DEPENDS ON: almost everything else, as almost any code change can
- raise new exceptions that we'd need to handle.
-
- STATUS: Not started
-
-- db.commit(), db.rollback(), code audit for data integrity issues,
- fix any data integrity issues that turn up.
-
- Among other issues, we need to handle loss of connnection to
- database server and other MySQL errors. MySQLdb throws an
- exception, which we can catch, and retrying is easy enough, but need
- to be careful about recovery action depending on whether we had
- uncommitted changes.
-
- PRIORITY: Required
-
- TIME REQUIRED (commit and rollback): Two weeks
-
- TIME REQUIRED (data integrity audit): Three days
-
- TIME REQUIRED (fix data integrity): Unknown, depends on code audit
- and results of runtime testing.
-
- DEPENDS ON: async tasking model, sort of -- could do it first, but
- tasking change will affect the exception handling that triggers
- rollback.
-
- STATUS: Not started
-
-- Test with larger data set -- Tim gave me plenty of data, I have the
- low-level tools and the glue logic to create child objects for all
- the entities in the IRDB, but I don't yet have logic to poll on
- behalf of each of them and check result for sanity.
-
- Maybe it'd be easier to write something that dumps Tim's database in
- YAML format for testbed.py to chew on?
-
- PRIORITY: Highly desirable
-
- TIME REQUIRED (setup): One day to convert Tim's data to YAML
-
- TIME REQUIRED (testing): Unknown, depends on what we turn up
-
- STATUS: Not started
-
-- Clean up rootd.py to be usable in a production system. Most urgent
- issue is handling of private keys. May not need much else, as this
- is not a high-traffic server.
-
- PRIORITY: Highly desirable (not strictly needed for limited testing)
-
- TIME REQUIRED: Two days
-
- STATUS: Not started
-
-- Test framework, multiple self-instances per engine-instance (single
- self-instance per engine-instance is already done).
-
- PRIORITY: Required
-
- DEPENDS ON: async tasking model.
-
- TIME REQUIRED: One week
-
- STATUS: Not started
-
-- tlslite code seems flakey under heavy use, and doesn't support all
- the cert checks we want. Best bet for getting this right is
- probably to hack on the POW Ssl class until it supports everything
- shown in the OpenSSL book; aside from speed, the main advantage here
- is that there -is- a list of all the things one needs to do to use
- TLS properly if one follows this recipe, whereas with TLSlite it's
- all a mystery.
-
- Useful side effect of doing this via POW: it brings us back to only
- needing one crypto library (in particular it lets us punt M2Crypto,
- which appears to be coded as an accident waiting to happen).
-
- PRIORITY: Required (cert checking is a security issue).
-
- TIME REQUIRED: Two weeks.
-
- DEPENDS ON: Async tasking model.
-
- STATUS: Not started
-
-- ROA generation. We have a bunch of the primitives for this but we
- aren't yet generating the ROAs themselves.
-
- PRIORITY: Required
-
- TIME REQUIRED: Three days
-
- STATUS: Not started
-
-- Make rpkid fully event-driven (async tasking model), except for SQL
- queries. This probably involves the "twisted" framework.
-
- PRIORITY: Required (to implement hosting model)
-
- TIME REQUIRED: one week.
-
- STATUS: Not started
-
-- Update biz trust anchor model to what we came up with in Amsterdam.
- This was a direct result of security review by Kent and Housley.
-
- This has been waiting for work we hope RobK is doing. This is
- probably not a lot of coding, probably a few extra cert fields in
- the self object which we then need to toss into the
- rpki.x509.X509_chain objects before verifying CMS or TLS, and
- perhaps the existing TA fields in various objects become pairs of
- certs instead of a single TA, but this is mostly just generalization
- and reuse of existing code, no bold new adventures.
-
- PRIORITY: Required (security issue)
-
- TIME REQUIRED: One week.
-
- STATUS: Not started
-
-- Performance testing
-
- STATUS: Not started
-
-- rcynic handling of RPKI trust anchors probably needs updating.
- Discussions over last N months of how RPKI trust anchors work, how
- we package them, and how we roll them over. The last (TA rollover)
- is the driver for this.
-
- Last I recall (need to check email archives) APNIC had proposed a
- relatively simple format (CMS signed PEM-encoded X.509 object set,
- or something like that). Need to do analysis to make sure this is
- adaquate for our needs, if so just use it. This would involve minor
- changes to rcynic.
-
- Alternatively, this could be a separate program to keep this grot
- out of rcynic itself, but that's probably a usability nightmare.
-
- PRIORITY: Required (usability issue for relying parties)
-
- TIME REQUIRED: Three days.
-
- STATUS: Not started
-
-- rcynic does not yet handle manifests. This is both a real problem
- (manifests were added to plug a security hole) and a user acceptance
- problem (without manifest support rcynic checks old certs that are
- supposed to fail because they've been revoked, resulting in what
- appear to be spurious errors, which just annoy the user).
-
- PRIORITY: Required
-
- TIME REQUIRED: One week.
-
- STATUS: Not started
-
-- Update operation and installation docs.
-
- Known current omissions: left-right "rekey" and "revoke" operations,
- testbed.py's rootd_sia config option.
-
- TIME REQUIRED (current work items): Less than one day
-
- PRIORITY: Required
-
- STATUS: Ongoing
-
-- Update internals docs (Doxygen). Mostly this means updating
- function comments in the Python code, as the rest is automatic. May
- require a bit of overview text to explain the workings of the code,
- this overview text may well turn out to be just the current flat
- text documents marked up for inclusion by Doxygen.
-
- PRIORITY: Desirable
-
- TIME REQUIRED: Two days
-
- STATUS: Ongoing
-
-- Reorganize code (directory names, module names, which objects are in
- which modules, add gctx pointers to objects so we can stop passing
- all these flipping explicit gctx pointers in almost every function
- call) to make it easier to understand and maintain. Portions of the
- existing code were done in extreme haste to meet testing deadlines,
- and it shows.
-
- STATUS: Not started
-
- TIME REQUIRED: two days
-
- PRIORITY: Highly desirable (to preserve programmers' and
- maintainers' sanity, if nothing else)
-
-- Add HSM support. Architecture includes it, current code does not.
- First step here would be talking to somebody who understands PKCS#11
- better than I do, ie, Richard Lamb or Francis Dupont.
-
- STATUS: Not started
-
- TIME REQUIRED: Unknown
-
- PRIORITY: Desirable. Am guessing ARIN does not require this for
- initial test
-
-
-
-Things implemented but not yet tested.
-
-- Client side of expiration now assumes that parent will reissue
- when its IRDB changes.
-
-- Parent side of revocation (child_cert objects) and CRL generation
- implemented.
-
-- Parent side of expiration implemented.
-
-- Child batch processing loop: regeneration or removal of expired
- certs based on what's in the IRDB.
-
-- Batch regeneration of CRLs and manifests for all CAs.
-
-- Protection against up-down operations specifying a class_name that
- belongs to some other self context.
-
-- Rewrote code that handles revoke on shrink to revoke -all- old certs
- for that key, not just most recent. Not certain, but this may have
- been the cause of a cert dropping not showing up in the CRL during
- testing with APNIC in Vancouver.
-
-- Kludgy local publication hack seems to work now, including
- withdrawal. rcynic still whines occasionally, but I think that's
- just because, without manifest support, rcynic has no way of telling
- the difference between certs we withdrew on purpose and certs that
- were removed by an attacker, so the first rcynic run after a cert
- has been revoked pulls the old cert from the previous rcynic pass,
- find that it's listed in the CRL, and whines about it.
-
-
-
-Other random notes:
-
-Being able to specify interaction with other servers (not running
-under testbed) in a testbed.yaml might be useful for interop tests.
-Kind of breaks testbed's fundamental model, though. Replacing what
-testbed thinks is a leaf with somebody else would be easy, so maybe we
-could specify some way to hang a bunch of rpkids under an external
-parent? Hmm, data needed would look a lot like testpoke.yaml, maybe
-we can reuse some of that language?
-
-There's a three-way tradeoff lurking in the publication protocol,
-manifest generation, and CRL generation:
-
-1) Consistancy issues for relying parties (eg, don't want to withdraw
- something that's still listed in the manifest);
-
-2) Efficiency issues for the RPKI engine (eg, generating a new
- manifest for each individual change during a batch run could be
- expensive, would prefer to batch up the changes into a single
- manifest run); and
-
-3) Coherency issues for the RPKI engine (don't want to defer things
- that could result in loss of state if something bad happens).
-
-Considerations (1) and (3) have to dominate, which may mean we take a
-hit on (2).
-
-Most of the explicit calls to sql_fetch*() are now encapsulated in
-one-line methods. The remaining ones are probably hints at minor bits
-of abstraction still to be done.
-
-Biz certs currently used by test scripts don't include SKI or AKI. I
-think this is because the test scripts use "openssl x509" rather than
-"openssl ca" when generating these certs. Not critical, and will
-probably become completely irrelevant with all-singing all-dancing
-post-Amsterdam biz cert scripts, but should not be a big problem to
-fix either if it gets in the way again.
diff --git a/scripts/apnic-poke-1.sh b/scripts/apnic-poke-1.sh
deleted file mode 100644
index 0bd8ff52..00000000
--- a/scripts/apnic-poke-1.sh
+++ /dev/null
@@ -1,112 +0,0 @@
-#!/bin/sh -
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-# Script to let APNIC test against my server.
-#
-# This blows away rpkid's database and rebuilds it with what we need
-# for this test, and knows far too much about the id numbers that
-# rpkid and mysql will assign. In the long run we must do better than
-# this, but gotta start somewhere.
-
-openssl=../openssl/openssl/apps/openssl
-
-# Halt on first error and show what's happening
-
-set -ex
-
-# Generate new key and cert for rootd.py if needed
-
-if test ! -r rootd.cer -o ! -r rootd.key
-then
- $openssl req -new -newkey rsa:2048 -nodes -keyout rootd.key -out rootd.req -config rootd.cnf
-
- $openssl x509 -req -in rootd.req -out rootd.cer -extfile rootd.cnf -extensions req_x509_ext \
- -signkey rootd.key -text -sha256
-
- rm -f rootd.req
-fi
-
-# Blow away old rpkid database (!) so we can start clean
-
-mysql -u rpki -p`awk '$1 == "sql-password" {print $3}' rpkid.conf` rpki <../docs/rpki-db-schema.sql
-
-# Clear out any old publication results
-
-rm -rf publication/*
-
-# Start rpkid so we can configure it, make sure we shut it down on exit
-# If we're running under screen, just run it in a different screen instead.
-
-if test -n "$STY"
-then
- screen python rpkid.py
-else
- python rpkid.py >>rpkid.log 2>&1 & rpkid=$!
- trap "kill $rpkid" 0 1 2 3 13 15
-fi
-
-# Create a self instance
-
-python irbe-cli.py self --action create --crl_interval 84600
-
-# Create a business signing context, issue the necessary business cert, and set up the cert chain
-
-python irbe-cli.py --pem_out bsc.req bsc --action create --self_id 1 \
- --generate_keypair --signing_cert biz-certs/Bob-CA.cer
-
-$openssl x509 -req -in bsc.req -out bsc.cer -CA biz-certs/Bob-CA.cer \
- -CAkey biz-certs/Bob-CA.key -CAserial biz-certs/Bob-CA.srl
-
-python irbe-cli.py bsc --action set --self_id 1 --bsc_id 1 --signing_cert bsc.cer
-
-rm -f bsc.req bsc.cer
-
-# Create a repository context
-
-python irbe-cli.py repository --self_id 1 --action create --bsc_id 1
-
-# Create a parent context pointing at rootd.py
-
-python irbe-cli.py parent --self_id 1 --action create --bsc_id 1 --repository_id 1 \
- --peer_contact_uri https://localhost:44333/ \
- --cms_ta biz-certs/Elena-Root.cer \
- --https_ta biz-certs/Elena-Root.cer \
- --sia_base rsync://wombat.invalid/
-
-# Create a child context
-
-python irbe-cli.py child --self_id 1 --action create --bsc_id 1 --cms_ta biz-certs/Frank-Root.cer
-
-# Run the other daemons, arrange for everything to go away on shutdown,
-# run initial cron job to set things up, then wait
-
-if test -n "$STY"
-then
- screen python rootd.py
- screen python irdbd.py
-else
- python rootd.py >>rootd.log 2>&1 & rootd=$!
- python irdbd.py >>irdbd.log 2>&1 & irdbd=$!
- trap "kill $rpkid $irdbd $rootd" 0 1 2 3 13 15
-fi
-
-python cronjob.py
-
-if test -z "$STY"
-then
- tail +0f rpkid.log
-fi
diff --git a/scripts/apnic-poke-1.yaml b/scripts/apnic-poke-1.yaml
deleted file mode 100644
index 24b80561..00000000
--- a/scripts/apnic-poke-1.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
----
-# $Id$
-
-version: 1
-posturl: https://adrilankha.hactrn.net:4433/up-down/1
-recipient-id: wombat
-sender-id: "1"
-
-cms-cert-file: biz-certs/Frank-EE.cer
-cms-key-file: biz-certs/Frank-EE.key
-cms-ca-cert-file: biz-certs/Bob-Root.cer
-cms-cert-chain-file: [ biz-certs/Frank-CA.cer ]
-
-ssl-cert-file: biz-certs/Frank-EE.cer
-ssl-key-file: biz-certs/Frank-EE.key
-ssl-ca-cert-file: biz-certs/Bob-Root.cer
-
-requests:
- list:
- type: list
- issue:
- type: issue
- class: 1
- sia: [ "rsync://bandicoot.invalid/some/where/" ]
- revoke:
- type: revoke
- class: 1
- ski: "CB5K6APY-4KcGAW9jaK_cVPXKX0"
diff --git a/scripts/apnic-poke-2.sh b/scripts/apnic-poke-2.sh
deleted file mode 100644
index d10c9fa5..00000000
--- a/scripts/apnic-poke-2.sh
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/bin/sh -
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-openssl=../openssl/openssl/apps/openssl
-
-# Halt on first error and show what's happening
-
-set -ex
-
-# Blow away old rpkid database (!) so we can start clean
-
-mysql -u rpki -p`awk '$1 == "sql-password" {print $3}' rpkid.conf` rpki <../docs/rpki-db-schema.sql
-
-# Clear out any old publication results
-
-rm -rf publication/*
-
-# Start rpkid so we can configure it, make sure we shut it down on exit
-# If we're running under screen, just run it in a different screen instead.
-
-if test -n "$STY"
-then
- screen python rpkid.py
-else
- python rpkid.py >>rpkid.log 2>&1 & rpkid=$!
- trap "kill $rpkid" 0 1 2 3 13 15
-fi
-
-# Create a self instance
-
-python irbe-cli.py self --action create --crl_interval 84600
-
-# Create a business signing context, issue the necessary business cert, and set up the cert chain
-
-python irbe-cli.py --pem_out bsc.req bsc --action create --self_id 1 \
- --generate_keypair --signing_cert biz-certs/Bob-CA.cer
-$openssl x509 -req -in bsc.req -out bsc.cer \
- -CA biz-certs/Bob-CA.cer -CAkey biz-certs/Bob-CA.key -CAserial biz-certs/Bob-CA.srl
-python irbe-cli.py bsc --action set --self_id 1 --bsc_id 1 --signing_cert bsc.cer
-rm -f bsc.req bsc.cer
-
-# List what's in the BSC, for today's debugging fun
-
-#python irbe-cli.py bsc --action list --self_id 1
-
-# Create a repository context
-
-python irbe-cli.py repository --self_id 1 --action create --bsc_id 1
-
-# Create a parent context pointing at APNIC -- this is where we plug in the values from their YAML
-
-cat >apnic.pem <<-'EOF'
- -----BEGIN CERTIFICATE-----
- MIIEFjCCAv6gAwIBAgIBADANBgkqhkiG9w0BAQsFADBJMUcwRQYDVQQDEz5Eb2N1
- bWVudGF0aW9uIFByZWZpeGVzIENNUyBQYXJlbnQgVEEgc2lnbmVyIC0gTm90IGZv
- ciByZWFsIHVzZTAeFw0wNzEyMDEwNjMyNDdaFw0xNzExMjgwNjMyNDdaMEkxRzBF
- BgNVBAMTPkRvY3VtZW50YXRpb24gUHJlZml4ZXMgQ01TIFBhcmVudCBUQSBzaWdu
- ZXIgLSBOb3QgZm9yIHJlYWwgdXNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
- CgKCAQEAtsRcgBpO7cTN+QGPnBaPtmfdsUZbctrfSBycS3QhwAItzZryqIHN9stP
- A+0WEOC4+cfaY9xETqGwbq725p8FRwxUx9NBQS7jrL1ToNCJ+2qSH5ThK2hOQiCT
- 3fv2FNJ/7gFFqofWt3mLyNEmnis95pRwzTtqH6ZaAaZk+AzwL77ww8AlwL/qfLtD
- mjrsUfoELfkbS4ywFK0orjVKeGvzG8Dx7WiGvwmdhNNJ8/IAZmJC0NI8r9VIfcw3
- 2B7bnDGkKH3E0NNRIajPmLbaNfT0Dxw+BjIC3Ty48o3ghSScqviyThNFyj8cr9SB
- Ww8ReAU6v9q4XWRnlZt8Lc9WIsF/MwIDAQABo4IBBzCCAQMwDAYDVR0TBAUwAwEB
- /zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPzZTgRZylsJph8KV9AU3klSgl8r
- MHEGA1UdIwRqMGiAFPzZTgRZylsJph8KV9AU3klSgl8roU2kSzBJMUcwRQYDVQQD
- Ez5Eb2N1bWVudGF0aW9uIFByZWZpeGVzIENNUyBQYXJlbnQgVEEgc2lnbmVyIC0g
- Tm90IGZvciByZWFsIHVzZYIBADBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vbWly
- aW4uYXBuaWMubmV0L2RvY3VtZW50YXRpb24tcHJlZml4ZXMvY21zL3BhcmVudC9j
- bXMuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCNz/BUN5bsAyMPi0X7oKZV/cAwmr2S
- gQgIxaUHnQ6EJp4b2CUmlpPQ9pT/m+gPbajaRgUZmANfMF0uAFZpCP3hTRAc6NMH
- 3Pwjzw1ICGSRRJASSizYN4hSxGpWW1hgghGTB3w5CjCm2VlwrQKJjb7/9H/gb4hi
- RRZpaudithCEDlgkFhgU4uttSDLH2Rv14GtfmtyqDpmCE33STA7K+e9rdxaCqHC8
- u33zqm4oQxOX7wuJ/JxeJxExtZ0amu8yTZ+tDtQ4Iiu1VPl67o0mjYrBKRV4z2fC
- wa/PKqombrC/qs+2+t/66mB9xaK1YpKnW2FL6Rjs+rZUJJQ16JhJkF7T
- -----END CERTIFICATE-----
-EOF
-
-python irbe-cli.py parent --self_id 1 --action create --bsc_id 1 --repository_id 1 \
- --peer_contact_uri https://mirin.apnic.net/cgi-bin/up-down-parent.cgi \
- --cms_ta apnic.pem \
- --https_ta apnic.pem \
- --sia_base rsync://wombat.invalid/ \
- --recipient_name PARENT \
- --sender_name CHILD
-
-rm -f apnic.pem
-
-# Create a child context
-
-python irbe-cli.py child --self_id 1 --action create --bsc_id 1 --cms_ta biz-certs/Frank-Root.cer
-
-# Run the other daemons, arrange for everything to go away on shutdown,
-# run initial cron job to set things up, then wait
-
-if test -n "$STY"
-then
- screen python irdbd.py
-else
- python irdbd.py >>irdbd.log 2>&1 & irdbd=$!
- trap "kill $rpkid $irdbd" 0 1 2 3 13 15
-fi
-
-python cronjob.py
-
-if test -z "$STY"
-then
- tail +0f rpkid.log
-fi
diff --git a/scripts/apnic-poke-2.yaml b/scripts/apnic-poke-2.yaml
deleted file mode 100644
index 6ba93729..00000000
--- a/scripts/apnic-poke-2.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
----
-# $Id$
-#
-# This sender config file was created by the make_cfg tool
-# Account: TELSTRA-AU
-
-version: 1
-recipient-id: PARENT
-sender-id: CHILD
-
-cms-cert-file: biz-certs/Bob-EE.cer
-cms-key-file: biz-certs/Bob-EE.key
-cms-cert-chain-file: [ biz-certs/Bob-CA.cer ]
-
-cms-ca-cert: |
- -----BEGIN CERTIFICATE-----
- MIIEFjCCAv6gAwIBAgIBADANBgkqhkiG9w0BAQsFADBJMUcwRQYDVQQDEz5Eb2N1
- bWVudGF0aW9uIFByZWZpeGVzIENNUyBQYXJlbnQgVEEgc2lnbmVyIC0gTm90IGZv
- ciByZWFsIHVzZTAeFw0wNzEyMDEwNjMyNDdaFw0xNzExMjgwNjMyNDdaMEkxRzBF
- BgNVBAMTPkRvY3VtZW50YXRpb24gUHJlZml4ZXMgQ01TIFBhcmVudCBUQSBzaWdu
- ZXIgLSBOb3QgZm9yIHJlYWwgdXNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
- CgKCAQEAtsRcgBpO7cTN+QGPnBaPtmfdsUZbctrfSBycS3QhwAItzZryqIHN9stP
- A+0WEOC4+cfaY9xETqGwbq725p8FRwxUx9NBQS7jrL1ToNCJ+2qSH5ThK2hOQiCT
- 3fv2FNJ/7gFFqofWt3mLyNEmnis95pRwzTtqH6ZaAaZk+AzwL77ww8AlwL/qfLtD
- mjrsUfoELfkbS4ywFK0orjVKeGvzG8Dx7WiGvwmdhNNJ8/IAZmJC0NI8r9VIfcw3
- 2B7bnDGkKH3E0NNRIajPmLbaNfT0Dxw+BjIC3Ty48o3ghSScqviyThNFyj8cr9SB
- Ww8ReAU6v9q4XWRnlZt8Lc9WIsF/MwIDAQABo4IBBzCCAQMwDAYDVR0TBAUwAwEB
- /zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPzZTgRZylsJph8KV9AU3klSgl8r
- MHEGA1UdIwRqMGiAFPzZTgRZylsJph8KV9AU3klSgl8roU2kSzBJMUcwRQYDVQQD
- Ez5Eb2N1bWVudGF0aW9uIFByZWZpeGVzIENNUyBQYXJlbnQgVEEgc2lnbmVyIC0g
- Tm90IGZvciByZWFsIHVzZYIBADBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vbWly
- aW4uYXBuaWMubmV0L2RvY3VtZW50YXRpb24tcHJlZml4ZXMvY21zL3BhcmVudC9j
- bXMuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCNz/BUN5bsAyMPi0X7oKZV/cAwmr2S
- gQgIxaUHnQ6EJp4b2CUmlpPQ9pT/m+gPbajaRgUZmANfMF0uAFZpCP3hTRAc6NMH
- 3Pwjzw1ICGSRRJASSizYN4hSxGpWW1hgghGTB3w5CjCm2VlwrQKJjb7/9H/gb4hi
- RRZpaudithCEDlgkFhgU4uttSDLH2Rv14GtfmtyqDpmCE33STA7K+e9rdxaCqHC8
- u33zqm4oQxOX7wuJ/JxeJxExtZ0amu8yTZ+tDtQ4Iiu1VPl67o0mjYrBKRV4z2fC
- wa/PKqombrC/qs+2+t/66mB9xaK1YpKnW2FL6Rjs+rZUJJQ16JhJkF7T
- -----END CERTIFICATE-----
-
-ssl-cert-file: biz-certs/Bob-EE.cer
-ssl-key-file: biz-certs/Bob-EE.key
-
-ssl-ca-cert: |
- -----BEGIN CERTIFICATE-----
- MIIEFjCCAv6gAwIBAgIBADANBgkqhkiG9w0BAQsFADBJMUcwRQYDVQQDEz5Eb2N1
- bWVudGF0aW9uIFByZWZpeGVzIENNUyBQYXJlbnQgVEEgc2lnbmVyIC0gTm90IGZv
- ciByZWFsIHVzZTAeFw0wNzEyMDEwNjMyNDdaFw0xNzExMjgwNjMyNDdaMEkxRzBF
- BgNVBAMTPkRvY3VtZW50YXRpb24gUHJlZml4ZXMgQ01TIFBhcmVudCBUQSBzaWdu
- ZXIgLSBOb3QgZm9yIHJlYWwgdXNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
- CgKCAQEAtsRcgBpO7cTN+QGPnBaPtmfdsUZbctrfSBycS3QhwAItzZryqIHN9stP
- A+0WEOC4+cfaY9xETqGwbq725p8FRwxUx9NBQS7jrL1ToNCJ+2qSH5ThK2hOQiCT
- 3fv2FNJ/7gFFqofWt3mLyNEmnis95pRwzTtqH6ZaAaZk+AzwL77ww8AlwL/qfLtD
- mjrsUfoELfkbS4ywFK0orjVKeGvzG8Dx7WiGvwmdhNNJ8/IAZmJC0NI8r9VIfcw3
- 2B7bnDGkKH3E0NNRIajPmLbaNfT0Dxw+BjIC3Ty48o3ghSScqviyThNFyj8cr9SB
- Ww8ReAU6v9q4XWRnlZt8Lc9WIsF/MwIDAQABo4IBBzCCAQMwDAYDVR0TBAUwAwEB
- /zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPzZTgRZylsJph8KV9AU3klSgl8r
- MHEGA1UdIwRqMGiAFPzZTgRZylsJph8KV9AU3klSgl8roU2kSzBJMUcwRQYDVQQD
- Ez5Eb2N1bWVudGF0aW9uIFByZWZpeGVzIENNUyBQYXJlbnQgVEEgc2lnbmVyIC0g
- Tm90IGZvciByZWFsIHVzZYIBADBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vbWly
- aW4uYXBuaWMubmV0L2RvY3VtZW50YXRpb24tcHJlZml4ZXMvY21zL3BhcmVudC9j
- bXMuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCNz/BUN5bsAyMPi0X7oKZV/cAwmr2S
- gQgIxaUHnQ6EJp4b2CUmlpPQ9pT/m+gPbajaRgUZmANfMF0uAFZpCP3hTRAc6NMH
- 3Pwjzw1ICGSRRJASSizYN4hSxGpWW1hgghGTB3w5CjCm2VlwrQKJjb7/9H/gb4hi
- RRZpaudithCEDlgkFhgU4uttSDLH2Rv14GtfmtyqDpmCE33STA7K+e9rdxaCqHC8
- u33zqm4oQxOX7wuJ/JxeJxExtZ0amu8yTZ+tDtQ4Iiu1VPl67o0mjYrBKRV4z2fC
- wa/PKqombrC/qs+2+t/66mB9xaK1YpKnW2FL6Rjs+rZUJJQ16JhJkF7T
- -----END CERTIFICATE-----
-
-posturl: https://mirin.apnic.net/cgi-bin/up-down-parent.cgi
-
-requests:
- list:
- type: list
diff --git a/scripts/biz-certs-setup.sh b/scripts/biz-certs-setup.sh
deleted file mode 100644
index 26164496..00000000
--- a/scripts/biz-certs-setup.sh
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh -
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-# Quick hack to generate a set of business keys and certs for use with
-# early prototype code. Not for production use.
-#
-# All we're trying to do here is generate a three-level-deep set of
-# certs for each of several independent entities. Could easily be
-# deeper in practice but this should be enough for simple tests: a
-# self-signed root cert to use as a trust anchor, a working CA, and an
-# EE cert used for CMS or TLS.
-#
-# Among other things missing here, we're not doing any restrictions
-# beyond basicConstraints and we're not doing CRLs.
-#
-# One can extract the public key from a .key file by doing:
-#
-# $ openssl rsa -in foo.key -pubout
-#
-# I ended up needing this to build simulated packets for the
-# left-right protocol.
-
-for i in Alice Bob Carol Dave Elena Frank Ginny Harry
-do
- for j in Root CA EE
- do
-
- case $j in
- EE) ca=false;;
- *) ca=true;;
- esac
-
- test -r $i-$j.cnf || cat >$i-$j.cnf <<-EOF
-
- [ req ]
- distinguished_name = req_dn
- x509_extensions = req_x509_ext
- prompt = no
- default_md = sha256
-
- [ req_dn ]
- CN = Test Certificate $i $j
-
- [ req_x509_ext ]
- basicConstraints = CA:$ca
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always
-
- EOF
-
- test -r $i-$j.key -a -r $i-$j.req ||
- openssl req -new -newkey rsa:2048 -nodes -keyout $i-$j.key -out $i-$j.req -config $i-$j.cnf
-
- done
-
- test -r $i-Root.cer || openssl x509 -req -in $i-Root.req -out $i-Root.cer -extfile $i-Root.cnf -extensions req_x509_ext -signkey $i-Root.key -days 60
- test -r $i-CA.cer || openssl x509 -req -in $i-CA.req -out $i-CA.cer -extfile $i-CA.cnf -extensions req_x509_ext -CA $i-Root.cer -CAkey $i-Root.key -CAcreateserial
- test -r $i-EE.cer || openssl x509 -req -in $i-EE.req -out $i-EE.cer -extfile $i-EE.cnf -extensions req_x509_ext -CA $i-CA.cer -CAkey $i-CA.key -CAcreateserial
-
-done
-
-for i in *.cer
-do
- h=`openssl x509 -noout -hash -in $i`.0
- test -r $h ||
- ln -s $i $h
-done
diff --git a/scripts/biz-certs/08fd5b15.0 b/scripts/biz-certs/08fd5b15.0
deleted file mode 120000
index 4e65bd46..00000000
--- a/scripts/biz-certs/08fd5b15.0
+++ /dev/null
@@ -1 +0,0 @@
-Carol-Root.cer \ No newline at end of file
diff --git a/scripts/biz-certs/0cb21e6a.0 b/scripts/biz-certs/0cb21e6a.0
deleted file mode 120000
index 0bbc896d..00000000
--- a/scripts/biz-certs/0cb21e6a.0
+++ /dev/null
@@ -1 +0,0 @@
-Alice-Root.cer \ No newline at end of file
diff --git a/scripts/biz-certs/33b6d09e.0 b/scripts/biz-certs/33b6d09e.0
deleted file mode 120000
index 6a20c98c..00000000
--- a/scripts/biz-certs/33b6d09e.0
+++ /dev/null
@@ -1 +0,0 @@
-Ginny-Root.cer \ No newline at end of file
diff --git a/scripts/biz-certs/5210f268.0 b/scripts/biz-certs/5210f268.0
deleted file mode 120000
index 2a347add..00000000
--- a/scripts/biz-certs/5210f268.0
+++ /dev/null
@@ -1 +0,0 @@
-Bob-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/5ebf1062.0 b/scripts/biz-certs/5ebf1062.0
deleted file mode 120000
index 16d11802..00000000
--- a/scripts/biz-certs/5ebf1062.0
+++ /dev/null
@@ -1 +0,0 @@
-Frank-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/60ac264c.0 b/scripts/biz-certs/60ac264c.0
deleted file mode 120000
index 2f3644fd..00000000
--- a/scripts/biz-certs/60ac264c.0
+++ /dev/null
@@ -1 +0,0 @@
-Elena-Root.cer \ No newline at end of file
diff --git a/scripts/biz-certs/623ab26c.0 b/scripts/biz-certs/623ab26c.0
deleted file mode 120000
index 95960a41..00000000
--- a/scripts/biz-certs/623ab26c.0
+++ /dev/null
@@ -1 +0,0 @@
-Harry-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/6878697a.0 b/scripts/biz-certs/6878697a.0
deleted file mode 120000
index efc1dc95..00000000
--- a/scripts/biz-certs/6878697a.0
+++ /dev/null
@@ -1 +0,0 @@
-Harry-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/71288ec9.0 b/scripts/biz-certs/71288ec9.0
deleted file mode 120000
index b05a359f..00000000
--- a/scripts/biz-certs/71288ec9.0
+++ /dev/null
@@ -1 +0,0 @@
-Alice-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/7449ce31.0 b/scripts/biz-certs/7449ce31.0
deleted file mode 120000
index 30a5b8ce..00000000
--- a/scripts/biz-certs/7449ce31.0
+++ /dev/null
@@ -1 +0,0 @@
-Carol-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/7562977b.0 b/scripts/biz-certs/7562977b.0
deleted file mode 120000
index 808e8a92..00000000
--- a/scripts/biz-certs/7562977b.0
+++ /dev/null
@@ -1 +0,0 @@
-Harry-Root.cer \ No newline at end of file
diff --git a/scripts/biz-certs/80e4ab61.0 b/scripts/biz-certs/80e4ab61.0
deleted file mode 120000
index 17d44d15..00000000
--- a/scripts/biz-certs/80e4ab61.0
+++ /dev/null
@@ -1 +0,0 @@
-Alice-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/826d8d65.0 b/scripts/biz-certs/826d8d65.0
deleted file mode 120000
index 21b78ac1..00000000
--- a/scripts/biz-certs/826d8d65.0
+++ /dev/null
@@ -1 +0,0 @@
-Frank-Root.cer \ No newline at end of file
diff --git a/scripts/biz-certs/9844d0ad.0 b/scripts/biz-certs/9844d0ad.0
deleted file mode 120000
index 75a23567..00000000
--- a/scripts/biz-certs/9844d0ad.0
+++ /dev/null
@@ -1 +0,0 @@
-Bob-Root.cer \ No newline at end of file
diff --git a/scripts/biz-certs/9970e247.0 b/scripts/biz-certs/9970e247.0
deleted file mode 120000
index a40c06f6..00000000
--- a/scripts/biz-certs/9970e247.0
+++ /dev/null
@@ -1 +0,0 @@
-Bob-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/Alice-CA.cer b/scripts/biz-certs/Alice-CA.cer
deleted file mode 100644
index 00aceaa8..00000000
--- a/scripts/biz-certs/Alice-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHTCCAgWgAwIBAgIJAJOnBwhQWiIBMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wODAxMTgxNzIzNDda
-Fw0wODAyMTcxNzIzNDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp
-Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD468em/gEH9CFH
-NJoqVteNF7T5Uuuuuh8BXqLyvHGKAbiW+QjRqa1iOCR5ePIBF+GZvp0gqMCAsVYT
-BUjEsZGZz9HNoC5oSCB6B3qVOPM4m0KKzkI2oJ7QvxiI4gAd8+aLh5Bw9+GmvuBn
-C5qKc23O7Vx5zcqRoT8sEDRuEQVkLkX1eFdO4iUVnYKJGGmveEMuCo0HwEQmOTrl
-YSOPLcTkXqka+zPvE5b2RRAnC4822rI5eBPoRxw+T9roijVzpJwaxo2Io+zJVryl
-bNpekca6jzPMwXu5WXiDOP+sVUYsR7knHyLQuHGIZVwp74SYeEggQZEb3CXfFCE0
-SJDEzj1VAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF9NTjS860sH
-rK3H0DUkwFkAPwjiMB8GA1UdIwQYMBaAFNYW2u1P4EplGEwsRN5mU9TrozdtMA0G
-CSqGSIb3DQEBBQUAA4IBAQAr57d1RknjqNEIgQi4oZ8vTz9u3BO59vJAcwbagAZY
-bG3CXRD8f3r7CO5/HYNdN9q5agkJU1Jo4E1SLUik0SLwxJ4QzB5QKI/Xv14ibT6/
-Ln26XVe+c97Gexsj13QpNy3OPX4B0u1EiaYcyb1o6h5azxmRyKH+g4chYF8LBSsa
-mDW7ruLvI2e+mWPXZlBL6djHSpRpyI7H3KkLHt7W86bPVyCt/WSTWmqOtwZ2jzY1
-mR5VKASC3wClfnx071y4Jyv2tqWGO9KW5u9KTcVMX/jd1wwWjIz1Iv791Zro0lCV
-njI/F/ljKa+Y7IqlCoLhgSXLI4K1/vNA4dbQRo71Mm1U
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Alice-CA.cnf b/scripts/biz-certs/Alice-CA.cnf
deleted file mode 100644
index b6e1971e..00000000
--- a/scripts/biz-certs/Alice-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Alice CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Alice-CA.key b/scripts/biz-certs/Alice-CA.key
deleted file mode 100644
index a5b32f93..00000000
--- a/scripts/biz-certs/Alice-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA+OvHpv4BB/QhRzSaKlbXjRe0+VLrrrofAV6i8rxxigG4lvkI
-0amtYjgkeXjyARfhmb6dIKjAgLFWEwVIxLGRmc/RzaAuaEggegd6lTjzOJtCis5C
-NqCe0L8YiOIAHfPmi4eQcPfhpr7gZwuainNtzu1cec3KkaE/LBA0bhEFZC5F9XhX
-TuIlFZ2CiRhpr3hDLgqNB8BEJjk65WEjjy3E5F6pGvsz7xOW9kUQJwuPNtqyOXgT
-6EccPk/a6Io1c6ScGsaNiKPsyVa8pWzaXpHGuo8zzMF7uVl4gzj/rFVGLEe5Jx8i
-0LhxiGVcKe+EmHhIIEGRG9wl3xQhNEiQxM49VQIDAQABAoIBAExEcbfIu6gkNM4M
-X+/5C7I/QUPjFDNE85sH1AVrl54hSN15ECqtQmKFsSdG119eYdEphhsrmU/VBfpt
-9A3QGjx2YGIQYiexccHx6K0v9dWyPIErET6LmB19b5cBJ+gFgu3da3QxfwIIGdl4
-xLEHDO4J6/umAhr8vM5TaL0QmgZHTJO8IaTMomBHqbUm/Dm1x5RJQAQp1jGgWhDC
-8LC8II5VuzVpbe/hnady9wxzuzPSsRVoiewC/apoTFPVUQ8hjnxNFC1u3uYDNL89
-8ztimGB7U9BxVZpfJ8tM8r5px6AokoLCnDlN8+17MtNXQRNx9nbKu0HnDi7bsqqW
-aS+RU0ECgYEA/9JTuaKVyRzMV6z6OobCwrDq9Iy4R+qZxPYSVj3vyLkmJIMKLQrZ
-aa0cxyilRs4FkTO+XKZQkLC8XWSJWcr1U5cyoWriGBAo37n9jahyVn+E2YJyQoJB
-iV6VPkwkJOhqQQ4fbCEPp78i3ocMyD7Haqqbmd76rH+BzbJ/GZgjiv8CgYEA+Rg4
-iau1Uc/kayfJg2VERjmYGGlc6iLbfKbugMbHC74CVyrAO2aUKlB+Lnu2WdsXKEM0
-ug4wwt2qdGK7pSNzI2qLWVFThbgh5Qw952qTDKWtR/xSaQCRr13mEzuE4/Fz+a/h
-vax4RnqIdBFRCOl1/cgK6Wjpbau8U9W2cmgYm6sCgYEAsydQiwhZbWZFlIEHHEWT
-z1Smtmx2AadB2LWbUdo+OouvMpKyZajbaS5aoP7OAC/3piBeh/PRKAMdZyopJkEE
-XW3dfz2i6McoWMWf07zLldfn6Yt5CSq/Srx6OA6KoW5COxzw1ICyvf8VJFHfmbyd
-Ww3vump1kqgY9zyx1fK9sXECgYEAmtSTT/+LFO9D69cvSp0Hcx8ZixLyzhYcl76r
-QSBNWN8iVUwdcM6yChs+U2ZSUkf8fOpJO9zWMknWScGVIXCHgNwZAcurPtLVPqn9
-UHrOLG5O5w/PqbTQ2VBkUlAMqiLLE8hfaKZrnGNNrdeVpxR2YuiU38B2V9UHmpSc
-c0CBC0ECgYEA4+QQ81qRfzBGmleMEZ3mVM/aIk2psX9A8x3Pghn4OHqWpkalkkCK
-QBVOqUDvR0j9zIWSkXR5cnzxaj/HVAvi4tiITQo4pH1m+1tNOWfJAAsDrP+B52/Y
-OOOQYTTz5xbYPWEEaFOisnJ96LoknFieANc3ZX2P1vVfoqe3y6yj4CY=
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Alice-CA.req b/scripts/biz-certs/Alice-CA.req
deleted file mode 100644
index 1d6a39e1..00000000
--- a/scripts/biz-certs/Alice-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBBbGljZSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPjrx6b+AQf0IUc0mipW
-140XtPlS6666HwFeovK8cYoBuJb5CNGprWI4JHl48gEX4Zm+nSCowICxVhMFSMSx
-kZnP0c2gLmhIIHoHepU48zibQorOQjagntC/GIjiAB3z5ouHkHD34aa+4GcLmopz
-bc7tXHnNypGhPywQNG4RBWQuRfV4V07iJRWdgokYaa94Qy4KjQfARCY5OuVhI48t
-xOReqRr7M+8TlvZFECcLjzbasjl4E+hHHD5P2uiKNXOknBrGjYij7MlWvKVs2l6R
-xrqPM8zBe7lZeIM4/6xVRixHuScfItC4cYhlXCnvhJh4SCBBkRvcJd8UITRIkMTO
-PVUCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQC/XNBkANITakpqRmw/50DnMXEx
-9bIlgXNME3UmxbWusltwerI4NlhecI5QFJoMcu1dYNvbohHJiXhQKA+OeraX9Szl
-e4/6h5fHR+o/xwq4VlTKPFz1wlw3lDZTAHG5B3tjC4eQQ8DJYXkJGKL9qj975WLQ
-o6FfgBv7JsUc7eC/wIzqa+EXgHGneBf8+Mg860pbeUHV/W5QQqDu+euKIJ5IweAa
-MFS5ATRhjv+IDI9FyTxLQ7UqK+rmC75IhdgIOS2wPo+1vPWufmVvWJDZG/GfajEJ
-OFfKheiAhkbk8iwsW7o0HYTb5iZduVatTp5iGyxzdo5iHg/duSLqCEVzm/pV
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Alice-CA.srl b/scripts/biz-certs/Alice-CA.srl
deleted file mode 100644
index a4acb46b..00000000
--- a/scripts/biz-certs/Alice-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-9B985E838A1A1B13
diff --git a/scripts/biz-certs/Alice-EE.cer b/scripts/biz-certs/Alice-EE.cer
deleted file mode 100644
index 7a535623..00000000
--- a/scripts/biz-certs/Alice-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGDCCAgCgAwIBAgIJAJuYXoOKGhsTMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxpY2UgQ0EwHhcNMDgwMTE4MTcyMzQ3WhcN
-MDgwMjE3MTcyMzQ3WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEFsaWNl
-IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwInHWCqaezl1ZC2X
-16mmWXSBVrOvIQMKq1HxbijymfjZYWR5JqTDicWG1yJDiwecOQzxV6rlzLPQmFwj
-F/f3PJ0EZNooJigVU8McOlKWtT1c+CQKsUGETSrn7wbDWj8aPCLNHpCP3dWQ4Rxj
-GJp3xuhB1vxxnNPaxV99SBJHzJwXeNiVPSl8pOqfdq4XGG78sEM/0Bt+MqngPhUC
-cAP3LUhg3edFRjTu8SVIjccHVkZydFajKN6trsn2G4bvM3g2vBAdV9TFd6xQkIyO
-CX3XA7MsTqbcA5PVZIBL54HSYk65EGzy0cfObZvoaHFnNYmOXfZyBt7O8owy9HG3
-7ye3rQIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQT21/Yztl10qmJjFV+
-m8RFKQN17jAfBgNVHSMEGDAWgBRfTU40vOtLB6ytx9A1JMBZAD8I4jANBgkqhkiG
-9w0BAQUFAAOCAQEAfWfqc1MaIhCdqC5gjHwB0WV1rvkC1RtvAGBf026DbpbKbENs
-tqM/5n2SYyBAWtQKvuT9ivfDeq9Q81uARFXYA/vHAMKG8N7YOvd6tiwofvNeHsAV
-OoQOM/oNaThNK+ADVYJ7+EV+baWRKRO20MbdQkDnhPPZyJXqNGeMT/KXGSTB9puS
-HhUAE94h9qLmLPvPREy536CSRq2RBBBMhb/zcX0bQQggvclaBKZTT1lW2x5jHnCC
-n+IHToCVjzjVJqdNneKf4NVbEXfzp6IkXol8CPcNMdGKRxivl8rSBj4pRs5t2azd
-ZJIkznwZkDmiIbEmHPvzL9wcXi7Mu7jr8tp5Iw==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Alice-EE.cnf b/scripts/biz-certs/Alice-EE.cnf
deleted file mode 100644
index bd9c175c..00000000
--- a/scripts/biz-certs/Alice-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Alice EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Alice-EE.key b/scripts/biz-certs/Alice-EE.key
deleted file mode 100644
index 709a07a9..00000000
--- a/scripts/biz-certs/Alice-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAwInHWCqaezl1ZC2X16mmWXSBVrOvIQMKq1HxbijymfjZYWR5
-JqTDicWG1yJDiwecOQzxV6rlzLPQmFwjF/f3PJ0EZNooJigVU8McOlKWtT1c+CQK
-sUGETSrn7wbDWj8aPCLNHpCP3dWQ4RxjGJp3xuhB1vxxnNPaxV99SBJHzJwXeNiV
-PSl8pOqfdq4XGG78sEM/0Bt+MqngPhUCcAP3LUhg3edFRjTu8SVIjccHVkZydFaj
-KN6trsn2G4bvM3g2vBAdV9TFd6xQkIyOCX3XA7MsTqbcA5PVZIBL54HSYk65EGzy
-0cfObZvoaHFnNYmOXfZyBt7O8owy9HG37ye3rQIDAQABAoIBAQCp/7zUGuHFVUlS
-R3NfRvqK13Rvoj1KD453D+X01xDFZFRDStwxg57m4VIaV7V9Zx3HvabGOi2mnUnb
-jNarjhRtH1JG3dw/PHsANzCQSmWo5uJUcjZCpc9z9yNMCBOqdjbqy+uCRi/QtYWz
-TUYt7g09wcqIUOLbjq8GQDa00Pc2Lz+M8qRMTnmQ4C85C1Kv57CkoJooOXNpcaSi
-U/OqVWMHxMmm9FmwBoR9+R181ESuPoqZFuQGu1zGNk+bk09A7kAqcwJYgDygBK22
-BvVyY0pzyVFFpOxK1bx3NB1V9vTYErCxbY0vD7Z6jduvwD12cONzJsnB8qJmUElu
-g7DDNZnhAoGBAOiLjwjsjHf0ughQ6qhkE9uCYs+34dAzuXVS3TWO/AYrKYYZMGd+
-YkSQ7oQrEaHbVbTSow+BCh9PPBs/FrW5XbtqmYUKZnOMpw8/0M1jF1JxHP0X3fLI
-UXACX5RQS7HZdjOyiE8daIYNENhAA2/5FziuIIepVl+J5hsrmli3daeZAoGBANP1
-OAXwE4bo6GJoK8e9AyLuA42GQjO7boNCoqoMAaPSC3P8Eq04VwOrZO0R3AHy/vcD
-hBVqdALrQNUSCV6du5tOQ4z5ezKtrLwVzlTlM5srpwErEab5EyifhLHdlGjj8t8z
-qyQrKfYQ1BYKDde1AGSK82703tlzNeLFg4sFW001AoGARI6IT7A1RVQf2D3KwHQo
-qolJCkYCy7fEEEOqtZR+1m65IjCg5ZIL9Hzp5Isx+o7IOLP0oKiBTHO2m63Ayzhn
-2s31jpRfWed4hPViYHq7MHHqgu8bXu0RnT0F4pq9hiQ/RcR3jSN1YjfN5IMSwFsm
-Lm6fZn9U2Hu2HAKB0W/cvtkCgYBAPls0sYe5pG6LJTff2pJQzAOXqdH3DCB6+H+F
-Ow5kMQ33obeneSQmoJR+pqMglB5jkFVAiHuRRuznqAfe/cAXWqlu2U9WFP3+JD3d
-zXrO1XRRDlTTXztHXNJDdv28rRq4PFjrJYoaYw9lfrajYuEzmEogn2fMUPdMPMGa
-KY164QKBgQDL/aFPY7QKYhszS2afcXtGFKCfEodfPm5/iZa0Eksd8zdRJCG4LZHR
-zE6d4IEfcdGZOih9Y2YfKFUWARNWL80DKixQxmY6MAfhBao2y/OAMyrLnR0F6ueY
-D3tDy37ogAHD+GegLJf2o1Hsty/WyQo1KoheHXJ25R3On09gVbxpMA==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Alice-EE.req b/scripts/biz-certs/Alice-EE.req
deleted file mode 100644
index 9d7388b7..00000000
--- a/scripts/biz-certs/Alice-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBBbGljZSBF
-RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCJx1gqmns5dWQtl9ep
-pll0gVazryEDCqtR8W4o8pn42WFkeSakw4nFhtciQ4sHnDkM8Veq5cyz0JhcIxf3
-9zydBGTaKCYoFVPDHDpSlrU9XPgkCrFBhE0q5+8Gw1o/GjwizR6Qj93VkOEcYxia
-d8boQdb8cZzT2sVffUgSR8ycF3jYlT0pfKTqn3auFxhu/LBDP9AbfjKp4D4VAnAD
-9y1IYN3nRUY07vElSI3HB1ZGcnRWoyjera7J9huG7zN4NrwQHVfUxXesUJCMjgl9
-1wOzLE6m3AOT1WSAS+eB0mJOuRBs8tHHzm2b6GhxZzWJjl32cgbezvKMMvRxt+8n
-t60CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQBgf6fyu5ZkZViSYEQ6aVkOmvoM
-+f0700E3T6TTq3bnjNXZL/uMGzHK8sXH9hbUq6m4LA1C2Sw5HKSYYRhbUD8MDdLk
-jCNQjFKnQPdhbknO7Rb6VABQLJ4rOSjv1i01Jnbu0soIyGMoUrb7i3bUY3KGRqmX
-ZxY30SBDu7kFcA7qKVH93sQm/QeNO7lLUtPJ0lLwrR0DcZ/GNsIx1FrRSWtMOqnL
-+ORzjGir0IZVGigpp/6AxuITJoNb40McptcqRzuDHlU8pFG9dKL2uHWDCSsG9V1w
-yA8ESECBg4J1RkpJEOk6E1b8xsMUIyBPtmKKj0JlCMd7GfoVIlknZ58OfLRl
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Alice-Root.cer b/scripts/biz-certs/Alice-Root.cer
deleted file mode 100644
index 5f08ecd3..00000000
--- a/scripts/biz-certs/Alice-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHzCCAgegAwIBAgIJAKgtUQl0EcAgMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wODAxMTgxNzIzNDda
-Fw0wODAzMTgxNzIzNDdaMCYxJDAiBgNVBAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxp
-Y2UgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKUzjQ7dObY7
-fUKAxi/7znJ60Mi/s1rByfHs4Onduc27dw+7tS6D0r0k+zgCFpkNPl98XRR6LvJJ
-ckRMVIjPvSIoe3EN683Bwajq24VUAayZ1Nn2muy4yN4XHtRep7Wi51aRWVSR3mTk
-NUn+a7dEtWlONtHANbbBcob8/Ufe4L+jO9PkNOWEtIJMjcxZsq4Zq1QXvKGNZbPh
-/Ous7orKsdVCOp5mEjuLpCYef4cTlZxk7q2CItk4hRDi6bG7BaMcmlm1Rne8YTvu
-oUXrbWgfxSeis2augNKQ2NvEmIqS2Njau/5x4WD5qyTGqj5CrTOCNZfa21G+dshn
-cj11ksaax6ECAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQU1hba7U/g
-SmUYTCxE3mZT1OujN20wHwYDVR0jBBgwFoAU1hba7U/gSmUYTCxE3mZT1OujN20w
-DQYJKoZIhvcNAQEFBQADggEBAFGdMrMoeal6enLiD9YFVGRw3GsUzzpvKHawTiLz
-UeGcEwZc7aMiaz3z4f9ddEL0VDbl0h22uFqT2C42r1mNUDzF4xR8VtJVrKQCF6Aw
-gLNGo/7+q3Ns/Q1/LCRu9SjH4Y7rqBUbHH4JVn5xfdRpiI7SoNb24tSDUtMRMdes
-40hLNY8lkvTa82XVEKs1K0pWnzd/98gq8asQMPrNK+y66SKBDjGFxORf/v4jgWLM
-XfRGVGfgXbjQJZch4+nEte0AzwgjrwCKbJOHsq2BuG79WiGDY/UpzTCCcqnNrkYY
-SgcSPJKcERid0XcYNu+tTERJ4HcNfEiNfItMiRSTJIgorL4=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Alice-Root.cnf b/scripts/biz-certs/Alice-Root.cnf
deleted file mode 100644
index 78089bba..00000000
--- a/scripts/biz-certs/Alice-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Alice Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Alice-Root.key b/scripts/biz-certs/Alice-Root.key
deleted file mode 100644
index 1c417192..00000000
--- a/scripts/biz-certs/Alice-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEApTONDt05tjt9QoDGL/vOcnrQyL+zWsHJ8ezg6d25zbt3D7u1
-LoPSvST7OAIWmQ0+X3xdFHou8klyRExUiM+9Iih7cQ3rzcHBqOrbhVQBrJnU2faa
-7LjI3hce1F6ntaLnVpFZVJHeZOQ1Sf5rt0S1aU420cA1tsFyhvz9R97gv6M70+Q0
-5YS0gkyNzFmyrhmrVBe8oY1ls+H866zuisqx1UI6nmYSO4ukJh5/hxOVnGTurYIi
-2TiFEOLpsbsFoxyaWbVGd7xhO+6hRettaB/FJ6KzZq6A0pDY28SYipLY2Nq7/nHh
-YPmrJMaqPkKtM4I1l9rbUb52yGdyPXWSxprHoQIDAQABAoIBAEM7p7zU7BfuPhxC
-rGX65RpSQYZx/lyBYd7DuQV055mDIgGVMzerDqlL07IHp4rCiQ/zXS5oS5LvsUF6
-jyze3up370UjlUQ4BsjoTE8G0Wedc7MBWivdSGKapkFoBHk3w07H+MMiWpBVEBr9
-IHmFzQ7+dfEHeNTYBfRKIgqN+ooDDYBAQVmu2fbJqE+9dfhlej0gR8YkWOB7jM9G
-OPUVp6EvII7LUyJcNBJs60AYIvLClmr2nUchr8pN3H6nlZCWu7RkBOSoJKwjmQga
-I15SPQP7XhoHQigk/Yb9JCs1OsU/Ia/49HrUa1KsaxdVnAOTbLAhlP7UuFOgxGjK
-jHre/MECgYEAz5OMGmoYSVD0DFnhswA2W2Nr7kKSNVt81S4IfVfdTodae7f2E7N1
-APO4CkuT6EKEvnzH/HVZmtzOYgXvgL4vY/GxDEg7mcd28l29aIQLWamdC3/68UTf
-KcnLtRn/bvM0zdXVA7w7lKGmNvb27+gVtKj5rsUBDHGyfyRm9YlQvr8CgYEAy71e
-/6pp7TY5pZlrgTxKVPugjG2bhkw4fhiuCbz/2Qa84hZj/1JYdPxVlm6a1Ggaw3ye
-bar7uC2nH5WkUYYOa0fsVb6odso7vdgtmhQ/KCtSRFYkKeV3lIqTRaTaTidvMW47
-Jyq5HVrROuHu85Hq432P4vxx8bTpPVVreRk+cZ8CgYEAnkIR+TmWVp9/0cLdTwoE
-Z1y/tyHOMxwTarz0AAxzUCHmHJk+5fpWZGlskXzZwaSlbE3ac2JM9MMQHrAD0BYw
-L3Tf1UtlFXN7/oD1na++r5efglsKydQGiOevhd3SX5bRVXWIOJbUnhc4kINt9a7u
-jZSe+F5+1CwDOOhaDy2oACUCgYBr39zI6eYkHy3urIjraIzC6mhbcj2CoiDXQyID
-LfsZYiPoYYqYyXTknCaE/BMmm+hv0S/hSUL2hdWTN5xFPgGsc+yCieyQ2QtAvZGH
-n2jBUA7C+Ak11bW3BJhtq5ebAe4x8feICWryS/+0eaQXew8vXHAu8xMxs2Q7gVri
-R6d0aQKBgB2icc334t8YErRr5t+iykls2QHPpRESxW2d8YDt8LFQKi0QfQoLpFPO
-W1XMVX88rwCIr2dK6+CgHgSPrwdaefxlgT7bzvnkircVotpe48PkFI6W3Wm398iE
-V29ErS5e5gW1zvrKlk7m/mteOf9E26hYUZDN3kNALiZ2k5GfGnsh
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Alice-Root.req b/scripts/biz-certs/Alice-Root.req
deleted file mode 100644
index ba90a1b6..00000000
--- a/scripts/biz-certs/Alice-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICazCCAVMCAQAwJjEkMCIGA1UEAxMbVGVzdCBDZXJ0aWZpY2F0ZSBBbGljZSBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTONDt05tjt9QoDG
-L/vOcnrQyL+zWsHJ8ezg6d25zbt3D7u1LoPSvST7OAIWmQ0+X3xdFHou8klyRExU
-iM+9Iih7cQ3rzcHBqOrbhVQBrJnU2faa7LjI3hce1F6ntaLnVpFZVJHeZOQ1Sf5r
-t0S1aU420cA1tsFyhvz9R97gv6M70+Q05YS0gkyNzFmyrhmrVBe8oY1ls+H866zu
-isqx1UI6nmYSO4ukJh5/hxOVnGTurYIi2TiFEOLpsbsFoxyaWbVGd7xhO+6hRett
-aB/FJ6KzZq6A0pDY28SYipLY2Nq7/nHhYPmrJMaqPkKtM4I1l9rbUb52yGdyPXWS
-xprHoQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAJ8l9c/L8ksoqCPClE2Qmzuk
-E/MeAcpMMM+m0mMOTNFL66luwRqaCj3X9jF1ZKfpGRhXh1u+FUzo/zIIgUvGtvYZ
-vhhl9CJJeN3eweRJzyqDCWHSlwVvZlr1Hgeapwcaf4qxOb1ZLlYgvMKCaPsZ6Q/e
-wOdjBHQy7j0FEuvcd/AZGWI4aGfsXWptMnHVgR3FT0KrQhsCgqgJLfvv17R3vrkm
-FhqRImwIq2HXNSEHKaCIK+05K2Ke6KRhDI1ry4HJUZQrbg/me5+xlA9NlLWkRjwY
-xS94d6Cx0Is+3dYRDTK0SEpbT9/QcOOisBsKNEN8NSHIoRJG4OFEx9olUBGFe2g=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Alice-Root.srl b/scripts/biz-certs/Alice-Root.srl
deleted file mode 100644
index 2f14dc02..00000000
--- a/scripts/biz-certs/Alice-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-93A70708505A2201
diff --git a/scripts/biz-certs/Bob-CA.cer b/scripts/biz-certs/Bob-CA.cer
deleted file mode 100644
index 98e21886..00000000
--- a/scripts/biz-certs/Bob-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGTCCAgGgAwIBAgIJAJMWVNPEHXnyMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDgwMTE4MTcyMzQ3WhcN
-MDgwMjE3MTcyMzQ3WjAiMSAwHgYDVQQDExdUZXN0IENlcnRpZmljYXRlIEJvYiBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANs7D3bWU8rxiAn+Mhap
-INpgBhMWazoSWDramC5xIInJj7cwa3zisJ487q5dUqsWyGOS3MNTNJg/NTGz2zEG
-HI1GmBh4jGAhZYQCwqdEk6wm5aWPvICLZFIGKHtugPk0V8eN4QxdNm/0Yo6j2ne+
-1XHL3BS2quKTlTGE4bEcneH2397RJFjgWS2JKMFXXlOg6WwHEvFVl8fiFHpxueWQ
-dVSBHwl10osBxzeK6W90ofeX2PJ12U4uMO2vBAMIiosmQ8QPtUICohPdJ3zM6b2G
-q5/NpG/0cH8Yd6HI/VrgXeP1g78VHw3oTnui2w04PTT07a+0GKzos4ssH/CmqD3k
-m3UCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUu8ac0kfdNo5qjTPZ
-mvBg0urCTkgwHwYDVR0jBBgwFoAUJUQ5+BR+Qt1BwUU7/P+fVgkRe/cwDQYJKoZI
-hvcNAQEFBQADggEBAD2dZzAEW41g4OnEsOo5XPtlgGBIF/WP9iV4uaqDyfgo95D9
-PcJn6ngg2QW9NHIpbse/HuQHX4xvkO+q5Be4bu0wAW2aSAQuFJ+WDM1KSQCLuacx
-qqDmbpZ1/gpnSXzAzzNqzAq0WkYr0ybJ6f4jqy7vbSRRJS6pzmIUhfqfxE2gTVS/
-IPq6iAqw5g0t3E0RfVNIT68Kfv3VBhOv62Mq66NpiwwDauOqL0l0waTVXRiSVwdO
-WZKFjSVA8bcsz7egThw7zc1CHG1P01xWi62I3CLCKMvPabDp0APbprEE29ATS3lc
-oytsQZ35W3lZkvR14yYNVaks9xxQWiK2RKpQYOU=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Bob-CA.cnf b/scripts/biz-certs/Bob-CA.cnf
deleted file mode 100644
index 91dbff0c..00000000
--- a/scripts/biz-certs/Bob-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Bob CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Bob-CA.key b/scripts/biz-certs/Bob-CA.key
deleted file mode 100644
index d331ba47..00000000
--- a/scripts/biz-certs/Bob-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEA2zsPdtZTyvGICf4yFqkg2mAGExZrOhJYOtqYLnEgicmPtzBr
-fOKwnjzurl1SqxbIY5Lcw1M0mD81MbPbMQYcjUaYGHiMYCFlhALCp0STrCblpY+8
-gItkUgYoe26A+TRXx43hDF02b/RijqPad77VccvcFLaq4pOVMYThsRyd4fbf3tEk
-WOBZLYkowVdeU6DpbAcS8VWXx+IUenG55ZB1VIEfCXXSiwHHN4rpb3Sh95fY8nXZ
-Ti4w7a8EAwiKiyZDxA+1QgKiE90nfMzpvYarn82kb/Rwfxh3ocj9WuBd4/WDvxUf
-DehOe6LbDTg9NPTtr7QYrOiziywf8KaoPeSbdQIDAQABAoIBAC1IgMQ6NyqnQ0NV
-J0F5A9k3lmmg6tse6OyXNHH7Wg47/RyIutsb9AFrcp2/lxDR7uhqcIFEEYwVGka+
-8NqqeYFRAJ+lXtGIdHCVJWHpj1sy2aKeEwC2Si2LKhd81tUi07Lbgo3MPy9W2ni+
-LaUoXOxZgIciyB9u/pUw7nFoCNCgjN6/VmYZO8R75SYPf+XfKawKkkZH6Gc0LiiY
-NN5Am4fpmGKCdPHUFoZPA3tkTAnwoZ8a7Vckt4DSOn+Eh6R1DU7u9k08zTqSj6Tk
-ToKah9hXi8kxkHMqkaKQcrZiwJNbdVqJlJiJMKadOsWS9lOjdIQC7VVh+7V2fIyb
-/OPLcm0CgYEA9yDubu/EN2Lu/i4T8SR2kGOYfH3EmjXgy5LMfDRFNK81yer6mrLy
-xQhPvyEPVnz7lvUShP4igIuBermD6PhLm4pXrQnd8Kpu7Qina1xe8R/5HZHgyVXA
-J2PFtmoqowMwUMbQ6jwNKtWybKzJDKKf6WaLNaqGgawJObNTuLaKK0sCgYEA4xnA
-fuGs4V3U7h4AieJilEcUeF3aWk70OrAdkFNVnrMnW59dGmACmJ10NIeMnzGtJ1lX
-q/IOZmSag91O3SADOddp5+CjuqvU37Wi+ve+Z2f+qI2acHnBN54PlUEhUO+O5Eyv
-3WkJIKn4MkMNLNqJ9woGpq1L4MDbHMvdrVzfXD8CgYEAmDWbRY69ztNLmhhtRfAM
-aqA9MigQaF7Y5umysqlLGsjzmzr0QUYIity0qWbGWKHAH9kwH+ObAotqI1mR6nLL
-trA9kiFqpimDCtFytIh/HYpw2AqaZcdAA8LK6rB3NFHpd0cNM8fq4EAglhjR98tO
-LOZwxYwTLlj0kapm3XToowMCgYAMzdPjk3e60R6DOl/PZlsmfwdxbeE0vETa1jkk
-fP5Tz0gFy2tlZEphLmdx2r6b7yITGN9vi1syfLOVgbHDl912smV/NFQm3y9GWahR
-vAwZKmzaNfmiI8s4BopcYOqu9IK67nPv6M8h71NWCh/BCqVCr2cGmLixeE4iRoA+
-GQFi4wKBgEdZI39hulduXBo0LM5+Gc2WowNAGMk5cu9JS05Ypm+fpepn9Z7yXX+g
-y5PHJthN5IHDOWxPDuOI8vKdWumqwMJwZaXnuiaTzRcfHKHTQsFuFJz0KbkLFd0o
-NPdLjn20zsJ3ZniHgWwt231trs81f9ZApUO2NAa0KcVGdB6iYk2j
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Bob-CA.req b/scripts/biz-certs/Bob-CA.req
deleted file mode 100644
index ec8cb2b2..00000000
--- a/scripts/biz-certs/Bob-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICZzCCAU8CAQAwIjEgMB4GA1UEAxMXVGVzdCBDZXJ0aWZpY2F0ZSBCb2IgQ0Ew
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbOw921lPK8YgJ/jIWqSDa
-YAYTFms6Elg62pgucSCJyY+3MGt84rCePO6uXVKrFshjktzDUzSYPzUxs9sxBhyN
-RpgYeIxgIWWEAsKnRJOsJuWlj7yAi2RSBih7boD5NFfHjeEMXTZv9GKOo9p3vtVx
-y9wUtqrik5UxhOGxHJ3h9t/e0SRY4FktiSjBV15ToOlsBxLxVZfH4hR6cbnlkHVU
-gR8JddKLAcc3iulvdKH3l9jyddlOLjDtrwQDCIqLJkPED7VCAqIT3Sd8zOm9hquf
-zaRv9HB/GHehyP1a4F3j9YO/FR8N6E57otsNOD009O2vtBis6LOLLB/wpqg95Jt1
-AgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAqTkkoDoNpJ0j4E5FKEWTRA2jTKXh
-Ij4W7WUYs0XSqyHaBgT59+WXEXq4VQfxRAWyfZxMzt08/7wJQJaa7FgE1meQA/dT
-0/0ObBL8ebLACAuLGNnRhfF9q1uO5qRMLEPyl6SeRdbTEo6pjzE2sIA9OYtV1AK2
-UeXVTL60KRL3IA9tyLEPBKpmVN6IeIUbpbeDa8DWA6zWJd8A4i9UukjUqO/Of5ZZ
-c2pXR5MF2PXDzwerbrSQQ8qIDB6PDuiqPFG7RhYpo7zeOiJBATUBzeO9EWt3Ij7H
-zGOtqwFd1jhFS4pTYKPGS86SFEk0xyDFR5fivkYhLK5aNDm0KJaWlNxZHg==
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Bob-CA.srl b/scripts/biz-certs/Bob-CA.srl
deleted file mode 100644
index 89899213..00000000
--- a/scripts/biz-certs/Bob-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-90801F1ED1945562
diff --git a/scripts/biz-certs/Bob-EE.cer b/scripts/biz-certs/Bob-EE.cer
deleted file mode 100644
index 88411f1b..00000000
--- a/scripts/biz-certs/Bob-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDFDCCAfygAwIBAgIJAJCAHx7RlFViMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNV
-BAMTF1Rlc3QgQ2VydGlmaWNhdGUgQm9iIENBMB4XDTA4MDExODE3MjM0N1oXDTA4
-MDIxNzE3MjM0N1owIjEgMB4GA1UEAxMXVGVzdCBDZXJ0aWZpY2F0ZSBCb2IgRUUw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn/+Kvikpx8u3PIhKhfNdJ
-B4rdyQ6ixHJAItlSyI1CmWZLp1j1f7tDC39B3uLMLWHuSQDeDwSR84vGuFxMKtCf
-E0uuUpkxR49ADsz1vFTM8SxVkqKAerM1zaQOC/RD4CkZxaIrfOcfZnqShUEUrJAR
-MAb/zPfLZ2wiS7RlsUipfx+/LforuNfft+SoNDQmZIU8buhTUFgwhdTtE4Nbj+dJ
-yaQ7Gw/m9QjStm0SUDs4duxE9XLS1eZpYLdLpnf1UDQKOmW+PHFDyVEmPuE0y/b2
-b3aFYEpegdxa97wTNm5vsFE2ESSZ4lrIHFAHwsK9H9rZkdGIgm0Zg6JEiiUdyw5J
-AgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFK8qXFH8u10Oq2Oid5YHUqOd
-OFNuMB8GA1UdIwQYMBaAFLvGnNJH3TaOao0z2ZrwYNLqwk5IMA0GCSqGSIb3DQEB
-BQUAA4IBAQAsunjCQnQjnV4bNVNM2QAA8r9LUuJQyb8aI/ie/ysAarao4csu2fSw
-tfcdpgB8PKTFp5lQw69/aqDw1V/8oPKnw5X18T0sEEk9OxR6PILWdmRCcuIw9lOa
-YtRZ/NSWnpaluFKc/nLxwXaeFbur3EFnavEOZD63+ETIldkbKI2KNO3tGUsJWXgT
-yAYEiJjGX2j3Ysq0VIBIYseYRGIp8tTRAEFLrjz0elSURPO+/Q9xrhqOUeEC/2AL
-rLX79K30VmwKh6Fuplt+ibh39+8duK6nAvRK80gnCh7yJGVKLK+dk5YNDLcFksm/
-Ik1FY90CZ0Yly+6AagjXnjuLjWaGekbS
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Bob-EE.cnf b/scripts/biz-certs/Bob-EE.cnf
deleted file mode 100644
index 03a517ec..00000000
--- a/scripts/biz-certs/Bob-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Bob EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Bob-EE.key b/scripts/biz-certs/Bob-EE.key
deleted file mode 100644
index fe2d8a29..00000000
--- a/scripts/biz-certs/Bob-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEogIBAAKCAQEAp//ir4pKcfLtzyISoXzXSQeK3ckOosRyQCLZUsiNQplmS6dY
-9X+7Qwt/Qd7izC1h7kkA3g8EkfOLxrhcTCrQnxNLrlKZMUePQA7M9bxUzPEsVZKi
-gHqzNc2kDgv0Q+ApGcWiK3znH2Z6koVBFKyQETAG/8z3y2dsIku0ZbFIqX8fvy36
-K7jX37fkqDQ0JmSFPG7oU1BYMIXU7RODW4/nScmkOxsP5vUI0rZtElA7OHbsRPVy
-0tXmaWC3S6Z39VA0CjplvjxxQ8lRJj7hNMv29m92hWBKXoHcWve8EzZub7BRNhEk
-meJayBxQB8LCvR/a2ZHRiIJtGYOiRIolHcsOSQIDAQABAoIBAC2DgotiINcMJGc4
-aOm9I6oSVAnP/ZoVNIqxpkTqNnLzkiYu2Ufxae84/yn+U11TcjOXLZf7Y5aS76xP
-qBmug8SE+rzofb4/D80f9WEhu6umLwej6Uh7dW+/HZH8pRl6ckgcJdo4RXlZTx3A
-4ifStFkjtNG6WuuNQltsPRxL0k6wxHNERCYnU7biV6G0QhOtQfXuUo2f5eud1vfv
-mM+N0DA51EAfFxQw/J3P1OxOgj8k20aehbm7j1eLiFitXHBEA/Mt4I6RAULxm3hj
-a249inqlRAJJZ69XTSpLBazH0Z3vcfRtOeniC01IO2jtDeBukor20jjSQ0HOU4KS
-H0yDwgECgYEA3US5w30FrBHbGxyunM0HKolo7wPHlGAwXoXiAlPZq75awBxCKa1o
-IJH+nZlKeUqIt1kzLAZ4mSYsOdtT1unOD4+2+mg31mmPw+WnXTcBGter0u5r9BHf
-aY9La1EHpsm7kZleSR+GOwRdkY9u5psm63B2pJ6UkbgQScq2dWE3iMECgYEAwl6l
-EmKT8U4r7/DT30xXB6G7Q8hphtD1EQth/zub/qP1b/r7zbWXcy194X5sVkWM0Xv5
-sjoG+jI4zXyyspyucoXgqtfOE6MBAs5ifK+lC1LVP7vYaK/DAzAjaZq6BxuF/MNA
-RNFY3OMVScO+cbBDCDePHJjj6+c7LlxrI9bjn4kCgYAfC2Rw3BquoLa4IBcTouSN
-gEf7uPEIjVJcALbMEs2ofgWnjI9v34eLglBR9k7vo5h4+Qfn9mR3QFbWK0KhFZ62
-qjhG+9ZRu+/S0Wbg+jWqeXX/GzqEPPm2isdPIEhNi2JItFb5NXYU07D5GkG6Eyyr
-vdS3lhRMOaH3aHyfDWvIQQKBgD/VO1sNWs7NwGo9aieUd6R+/fQl1lo7N7CQT2+2
-EOYQzKMpBxcowwNFdmjezw+KKdQGZhudKPt0EOmTQVCdWkEsLHuPAhO63bMhOoD+
-YjKU0onq1AiVaHMclRSyhtOcu2Umbm3rXsa0ISKnkVze6TTColJe98Nanjn8igcs
-JHcZAoGANXOUvLjB7V9xrf3ixdbmh4/I1jFkBM/csYHjTYLIWlaxYRIiIib8FaYx
-npZ7dRoZ+IrLPqwRwaaUYo+1iWa8lH0C3cNnRKDxkvDdjjMmdoGX+RjTroWzoN16
-zOVZXQNHzGKIMjGeAOZ0poIEWho5Q3JLiLETfV9e9JYuWmudjK8=
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Bob-EE.req b/scripts/biz-certs/Bob-EE.req
deleted file mode 100644
index 497f54be..00000000
--- a/scripts/biz-certs/Bob-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICZzCCAU8CAQAwIjEgMB4GA1UEAxMXVGVzdCBDZXJ0aWZpY2F0ZSBCb2IgRUUw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn/+Kvikpx8u3PIhKhfNdJ
-B4rdyQ6ixHJAItlSyI1CmWZLp1j1f7tDC39B3uLMLWHuSQDeDwSR84vGuFxMKtCf
-E0uuUpkxR49ADsz1vFTM8SxVkqKAerM1zaQOC/RD4CkZxaIrfOcfZnqShUEUrJAR
-MAb/zPfLZ2wiS7RlsUipfx+/LforuNfft+SoNDQmZIU8buhTUFgwhdTtE4Nbj+dJ
-yaQ7Gw/m9QjStm0SUDs4duxE9XLS1eZpYLdLpnf1UDQKOmW+PHFDyVEmPuE0y/b2
-b3aFYEpegdxa97wTNm5vsFE2ESSZ4lrIHFAHwsK9H9rZkdGIgm0Zg6JEiiUdyw5J
-AgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAXJT1EVOwOaGyjCMepYaDwsk7U11G
-7uEmGwX6I1Ry1kZwyxiItnaIDhlB4fj3kKKUgXHk61IoFzYiLAU++di40dYNuULT
-Y+/HJ/CDiYIOweGSj+c43otItX2ak0fTmS57KySlrk+Q0MLYdhsGfkgH+suKa0WT
-KEMM7p7pnnzXVDS6EakdOnp+1LOtHz1n5wu9NzKNL1FKBmMiR3sSRobw3mCiNgPx
-0kHXONEq5nsTjmAOMeqxmuguJObMmXAU0ZLrTqdi9bxRkfKHhKRjDgeSqEKVSmpN
-Lw3gKB3Rk48hvxVP3rp/sRJ65Ja0bbwVAJ1DnNagzyPxNH/HAr17qt6mmg==
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Bob-Root.cer b/scripts/biz-certs/Bob-Root.cer
deleted file mode 100644
index f7a041ae..00000000
--- a/scripts/biz-certs/Bob-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGzCCAgOgAwIBAgIJAP9xmM46o4DbMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDgwMTE4MTcyMzQ3WhcN
-MDgwMzE4MTcyMzQ3WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EdHnAvefaawcNq9
-jBUnfB927TeborbiIst1bZmYLid1RMz5JjFWr/pUqKU/wsLKxJK2h8bBW+K21ePD
-mJZrhyBDj6zNnlJUzyVysLER/jQ6hoHIhqZv/OR8q6D7eeXIFZGm4fsQLM0RsyYx
-6dF0JyI2uBpRVEbvyZUhsxjmfGwf7oygvaNp5c2kWftt9YADs1VnBy6HITUvyUPB
-Dc2rQWPtOqYo6jhRn3Cj+uY++pJVuL0IgHaofEu7n//t+f52BC31+qW5UlKjhkg+
-S+dlPxqwSf6Bml+wxN0y37fFuTGdL5IK9HMfC104b7fInsytrVAVjkMHAp8d5XSu
-pbfctwIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQlRDn4FH5C3UHB
-RTv8/59WCRF79zAfBgNVHSMEGDAWgBQlRDn4FH5C3UHBRTv8/59WCRF79zANBgkq
-hkiG9w0BAQUFAAOCAQEAlAiW6kYCpLOqpG5PJw5EDBVheffUrSjBO1iBDwKG9gus
-qgl16XgeEAZfvCAQ6/xHN8yOerKcrVuESnHwvhlhzBDGXZ23AH0Ng73wiVGcya7h
-urFvGf044k+6NdFqnh8fVRTZy1wwZIDG6/GFTOL7QPppKTb1c2VZNAl9E/6nKqby
-EvQr3tgA0mwfXrB/gMt+RRsDOrAO55zSbtme6u9JeSAR/kGJbgGVlO/r1k6M2MeC
-0G6b9wnlzQlojIgarZbnzUOTatVZHARScG+o3YjNCe8NLrGNNwS+rwJZ/0nfpctL
-Nn8720ehXs1PjBQXJyrF5UHh8lhKzKHXTy3xP1SIWA==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Bob-Root.cnf b/scripts/biz-certs/Bob-Root.cnf
deleted file mode 100644
index d90595fd..00000000
--- a/scripts/biz-certs/Bob-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Bob Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Bob-Root.key b/scripts/biz-certs/Bob-Root.key
deleted file mode 100644
index bb9a897e..00000000
--- a/scripts/biz-certs/Bob-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA5EdHnAvefaawcNq9jBUnfB927TeborbiIst1bZmYLid1RMz5
-JjFWr/pUqKU/wsLKxJK2h8bBW+K21ePDmJZrhyBDj6zNnlJUzyVysLER/jQ6hoHI
-hqZv/OR8q6D7eeXIFZGm4fsQLM0RsyYx6dF0JyI2uBpRVEbvyZUhsxjmfGwf7oyg
-vaNp5c2kWftt9YADs1VnBy6HITUvyUPBDc2rQWPtOqYo6jhRn3Cj+uY++pJVuL0I
-gHaofEu7n//t+f52BC31+qW5UlKjhkg+S+dlPxqwSf6Bml+wxN0y37fFuTGdL5IK
-9HMfC104b7fInsytrVAVjkMHAp8d5XSupbfctwIDAQABAoIBAQCpnUjY6nzDkfIx
-uGX0SteOw3ZDJflPOmHmBpTW/bP0Pz9EAqTxOuG1WeRDdp1cog21Z2mWkxiipF7D
-qDtyCfoVaeSpQXV6OKRpUeLY5IiA/9+oh5AudEZren4jrDaOSSyU0idUa46GK00G
-ds/JcubCGQrdWjipzRdoCZYDk/HV6b0znawQybmiDrMKsxfXB8GyPTBMhddHDUN0
-Kkth+hEJfszcf2+00x45X0lA6SEh2zMKKHwlMze74jkrQJkq/CjYTWYAxRsNNXJs
-I/gLJcClU5LId1ro3o8TYZGiZ7X+USNjVjOoXkEsIlCymPRFd6Ib4+RLp+cFldUS
-Fiqr1PchAoGBAP/JBDa21Cd8uAeRLOFYXQJxLbXFXdtja/GnjB6lZ5kky1QfJRIH
-gXY0qVQwnR7yg7jUvsa1ANNWy+S7bwEaDRJA5C0/HKdhstaIQ/LPhg4tB6/wcmT9
-KzE+8w8Ki0/GePoqdNHxJx4jSR1DewjN5QCQnzd6zaQfF3/I45YhtRxRAoGBAOR4
-WbSbt0zSJ0FP4ozVfwX6uyzp3HgW/NbvhHvtyEky92Tu6+jeKu+k77nRDg9jIERi
-L0CtOAjO/1ZLLCBkdFu43f0VP8vFL77EtgpPw2od+Ftzq3ACEUfFSsyMHhyYrMyS
-C+JrFyvEPijThLXw1noSgfYuxiOGuu4JlOyeMY6HAoGAWmo2ARkzeRnO+23HzYgs
-qHZVUBGKEcjdGTi+gP661hl5fizcL7lTe/M1f7sHby8OfMFHBnpo5kuiGyJeJKeO
-w0sI3S2X9VrFmqvkSOouWsh0FS8LYMNVBz1XMZPqlrJzhQqI7MUvrKmQaLW3we71
-6fM1NKlGE6Oh7NuYBzO3D2ECgYAfXVpLThlC5ZLYB4R9ew2+H2a0ysImhlldlHIm
-pUUar3GBHL+sL1vLnGQAqW95s00JtkTwZxdLNkedbCJ5q/DBasam6NTiP4bHdK/d
-CIg2ODkRLPb7IH2I0c/r9sxndpo6V05kXflHW+CAsFEGvTJkfcfzqQYweF2PMieM
-uEbrXwKBgQDFKDn3BcawfaRnuKMLI3iyKk8qoIAQGcKDsmPWjD+CiYLbSC+2Ppcb
-wZ3mCRpuI1GYM0UKHBgTZ7OQspO84Mc3ZIpt+CiGQRXighayFKsx3czLpqOoQhkT
-h9YSfDfrAb2fsHEbMsTtbdqe/b7ciEIyHiyoWMTmosmirL8/nz4uWg==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Bob-Root.req b/scripts/biz-certs/Bob-Root.req
deleted file mode 100644
index 265ed9ef..00000000
--- a/scripts/biz-certs/Bob-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBCb2IgUm9v
-dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAORHR5wL3n2msHDavYwV
-J3wfdu03m6K24iLLdW2ZmC4ndUTM+SYxVq/6VKilP8LCysSStofGwVvittXjw5iW
-a4cgQ4+szZ5SVM8lcrCxEf40OoaByIamb/zkfKug+3nlyBWRpuH7ECzNEbMmMenR
-dCciNrgaUVRG78mVIbMY5nxsH+6MoL2jaeXNpFn7bfWAA7NVZwcuhyE1L8lDwQ3N
-q0Fj7TqmKOo4UZ9wo/rmPvqSVbi9CIB2qHxLu5//7fn+dgQt9fqluVJSo4ZIPkvn
-ZT8asEn+gZpfsMTdMt+3xbkxnS+SCvRzHwtdOG+3yJ7Mra1QFY5DBwKfHeV0rqW3
-3LcCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQCBo0gMFf/fCHsdXAwmaHUSvIRt
-aJ1dLazv2CywkLnubjCpFj6Ih5rbvYa4ugCJK+qpCA75Lbjl2pA3BaX05ehwROAx
-RF5lAagMLzrPI69gQNCI496SCpa3E0FOQgCebIPAnLpsx60KRcd1zIWF50MB6lKq
-Sh9NgNrtTNuzRnSiDSBvsdaFl3jK0zckwit3Kj4VhIMlVAKn3FfToxXN/LxFuX6q
-fEguUfIqcdlTvqLV7F1eY3o4IgpCeeK/o+CLIqCFl2HT5m9pVFw8td8SzG52mnCa
-P4acOFkYn05s5ST6kJnbLBiMTl0Y5xQs3SyB5Qdro6sdP+GxH49fLUvr/ySW
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Bob-Root.srl b/scripts/biz-certs/Bob-Root.srl
deleted file mode 100644
index 22d5b92c..00000000
--- a/scripts/biz-certs/Bob-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-931654D3C41D79F2
diff --git a/scripts/biz-certs/Carol-CA.cer b/scripts/biz-certs/Carol-CA.cer
deleted file mode 100644
index c8b8416c..00000000
--- a/scripts/biz-certs/Carol-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHTCCAgWgAwIBAgIJAP1coEG/CqK6MA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQ2Fyb2wgUm9vdDAeFw0wODAxMTgxNzIzNDda
-Fw0wODAyMTcxNzIzNDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQ2Fy
-b2wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8vLVEG2FuAwas
-1Q03hc7BHPGCBEUwP1h+/i+hEh6r0AllAhJJieTmYo3Pfj1whxGSxalM48H6yPe4
-ENIaQpTmi4I6xg+SHjrTWU31xQlGkdXDQU87jYlrk28OoGtXa1uE+6P9F6IXdhSJ
-13qhCSgDNDjrn2tfWCKzPvMcO/fV+WPrbHEBztbxzuTmpeP+3XdfkEQ7WNmUggSl
-Dki4OPT50vZLJXLgtKmbtEKixvrUU9ezlB4hugZOU0ECNw3YOLfMw1Nkcxl3jusT
-ldi+Z4CviGmdr8dlc/+ouQGUN5u/MgkQJimAf0XCrHh5kf9s+EpZ3kDpwBFELzw1
-h0qiwyLNAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFJoijL2BTU8B
-LXzcJFxiZaUmoBYlMB8GA1UdIwQYMBaAFE8lYk6YRDutZ5nlTe3KdSUPSqMtMA0G
-CSqGSIb3DQEBBQUAA4IBAQA+ulH8vqQGhFKUA0v5d/P18vI5MgRY9/Eb+pslPWwY
-y/JyyRvMXwB9LAxLp0hUway+/8wzp7XXiUp4bcdygUs/6PChJht1iF6qsiQYMOU7
-XTBBDlrnV4CJnmmQI1MQrMWYYicFWWrI09CzW0KQXrBUbCsI+U1+iE5ZHKbWn3rd
-lZGznOx68MmkzbmAIa/dCKpoZLMfE17ss/65w6c+SU2Y67J3npEDSe/X67oxQQnI
-I+FCT4W/H6Af7nzT6uJ3XrRv2gzih7FLKDL99YeRuis0H5Z4QaY0gAyaCFSE5OjS
-/Rbb/2mLAjGo/R4D+TKpn9RhhSMdKwL1/AbPOhx32prZ
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Carol-CA.cnf b/scripts/biz-certs/Carol-CA.cnf
deleted file mode 100644
index 2247466d..00000000
--- a/scripts/biz-certs/Carol-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Carol CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Carol-CA.key b/scripts/biz-certs/Carol-CA.key
deleted file mode 100644
index 3c80b76d..00000000
--- a/scripts/biz-certs/Carol-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAvLy1RBthbgMGrNUNN4XOwRzxggRFMD9Yfv4voRIeq9AJZQIS
-SYnk5mKNz349cIcRksWpTOPB+sj3uBDSGkKU5ouCOsYPkh4601lN9cUJRpHVw0FP
-O42Ja5NvDqBrV2tbhPuj/ReiF3YUidd6oQkoAzQ4659rX1gisz7zHDv31flj62xx
-Ac7W8c7k5qXj/t13X5BEO1jZlIIEpQ5IuDj0+dL2SyVy4LSpm7RCosb61FPXs5Qe
-IboGTlNBAjcN2Di3zMNTZHMZd47rE5XYvmeAr4hpna/HZXP/qLkBlDebvzIJECYp
-gH9Fwqx4eZH/bPhKWd5A6cARRC88NYdKosMizQIDAQABAoIBAQCesQy4d000ctbp
-+zlhteBh/zQRXgXOy3RdUtw5UkL3s7Qyectmicss6zDRhhOiye68ufXf8KDpfJDM
-81e1PMZ2Elctk9sDwOc1TaF/RGzIKVbTFdbI+/jPuudmJPwcROhuqCb6ZySjFWWv
-gL5bKJe8GezCMQjW4gRLMmK3GrUH83TKqk5KCAjLGLNPT4Oda+VCur+9OvK3y2CX
-y3pdg4Wej670BWmLYvKGES07mGH9pvZtu2PKhDxp1LInSM2wNPcnxI9J2rYkRK6E
-zQS5oyvi8EuTHdaaC8StkOtfqRdfUo5+oDOBbxVfEQDCYafgU37mWof63NokBRlp
-bogVvHMBAoGBAPkDE0LmuwSa1uagvlvLU1nepNfuvwZW+nmgkFgQXhTgEFYRHyyA
-LhvDqowK94zxXAwyY9NuHnn9e2mqFez3QBXEUZEj6rY1I5T6ib0nS1fv9/6CKsFs
-WP1d4FXyNdr9Ct4F6bh2yK/2nVs+SPiQBJRa4ftl33mbnRxUplo9Si1LAoGBAMII
-nNrobYcG1Op2pzibFiUEfM4oWflcKcVtiqQNQP5FEj9HwXRijIKm9iYILKcrLV6W
-EUnIPBLKqxyj+L4yuWqYqy9OA8d2xe8tlW3rXbHJ1vduSCyp2zzlp37OzvOQAcoH
-8Beu3gYfIf7QYmaX/kUKKnCHRi5may+3z3bE5NlHAoGAUDZsYvWeMsqKBTqsdzdU
-/zMYGLLAeBNWlg1h0exb0g+nU4Iqb5ROxgTOkFQMECvDge5Nd9MWICfGNHBkpbOz
-wg8+UymlttIBR0E5U2QwAgC7+xEFIs97DwrJdAYU0RkIAiMXeaNR3FTttXGn4eHK
-h9uKxge36B13i6O8/n6VwWcCgYEAo/iRTXEz9fKxBX7F69ErkpbLPZDeEBtxdVUP
-33kP3pDSTcW+1zLc2SBtTVCFI7QaQB+Ddp2PHrZEigyLjXfiNxHTQEOmb+6QcIJO
-EDjh0ffnAOwidBQKoNjWhhQQ0cV1rZytqeXt3LB8kxDYxyhVCVUA7l1y0o1csVOd
-MBpN5ssCgYAGbybyKyaKB/evqBqysvG+CBbYsMQx/ubKlwMScfAyr6nG/+ZhjM6F
-0cfM3HwbGS0i0qJdwJ5nPPbYR9kceV+qytU5K2gUQp0QM+Zhc2lprr1r+TikFo5g
-sq2rVbjCT8whW1nZKXjbOA86/2F+qcnXfemsuM51VuOrfnXTjTGDpg==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Carol-CA.req b/scripts/biz-certs/Carol-CA.req
deleted file mode 100644
index 8e9a99bb..00000000
--- a/scripts/biz-certs/Carol-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBDYXJvbCBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALy8tUQbYW4DBqzVDTeF
-zsEc8YIERTA/WH7+L6ESHqvQCWUCEkmJ5OZijc9+PXCHEZLFqUzjwfrI97gQ0hpC
-lOaLgjrGD5IeOtNZTfXFCUaR1cNBTzuNiWuTbw6ga1drW4T7o/0Xohd2FInXeqEJ
-KAM0OOufa19YIrM+8xw799X5Y+tscQHO1vHO5Oal4/7dd1+QRDtY2ZSCBKUOSLg4
-9PnS9kslcuC0qZu0QqLG+tRT17OUHiG6Bk5TQQI3Ddg4t8zDU2RzGXeO6xOV2L5n
-gK+IaZ2vx2Vz/6i5AZQ3m78yCRAmKYB/RcKseHmR/2z4SlneQOnAEUQvPDWHSqLD
-Is0CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQAJmEoGPDnwNGguSCE9wp1/eH0r
-W/vwQ6HOPEOYtrwvLiaRDgn3n1rRZ2gvElA1v10K6dccAVBldnPjZ04ciNWcYF6Q
-fVN9MNJ+iRc3zNBsoz1D8eoDX9g+YdB0GW9RDjSzeGh3jyH7eC4RfsolMLCtjS7r
-gUOLHEiQXEh0XKRAuTV86Pgj30Fnj++LNb/VXtlXu7T9wgf5mr3O5Fz8aLc4tLPL
-0rGq8oZ5PWKzZmvf3UhhSEKNo3cWQeqQ4sdjZjM8fozLcokXQsuKrbBm4loO951M
-TmSRWCNAAy1lz4n8c/I8TW7/POplhNDTn6ayu7fjSLlSoaBltsQ41sxEUeEe
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Carol-CA.srl b/scripts/biz-certs/Carol-CA.srl
deleted file mode 100644
index 730b3714..00000000
--- a/scripts/biz-certs/Carol-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-FB70BD504214F1E2
diff --git a/scripts/biz-certs/Carol-EE.cer b/scripts/biz-certs/Carol-EE.cer
deleted file mode 100644
index c3cef4c3..00000000
--- a/scripts/biz-certs/Carol-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGDCCAgCgAwIBAgIJAPtwvVBCFPHiMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgQ2Fyb2wgQ0EwHhcNMDgwMTE4MTcyMzQ3WhcN
-MDgwMjE3MTcyMzQ3WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIENhcm9s
-IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWzpaQT9wW8xme1w
-QD9hPghfFQoQBLWu5qFWyZu9aPTiSs/qiQMNQARlUst6eBhnCz3TedQnXAdfJA2+
-Nahl2Vqj6Eqzn9HFA5h79+ScZsgHSl0l8qeyKbvlkS5F1l9UdgNdGv6BsATHUVri
-DUlhGRr8dBydYukm11spxeJj8+3KlY0if/lQJdSPL9n4auQb5RuWqckBbHb1BUrH
-XygOZkh+cq2twqKlSkS0/55ME16OqmvSz1fNKi3pDikbVZUml6ye3RN2TIhCQta3
-pOe0vMajqBYKkph8D/ZW9t6BsCQyOD1z7xVnwHmh/7T0d3HObJvZcMC6tcHauaTj
-39m1VwIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRA/hhf5DbmnlikPnO6
-L9K8BJXDjzAfBgNVHSMEGDAWgBSaIoy9gU1PAS183CRcYmWlJqAWJTANBgkqhkiG
-9w0BAQUFAAOCAQEAAnMHx0ZLktJ7ds4tpMybTpMQj+Ws2DHBrXb50rktrbB7zDz6
-bkqX7uBHo13KI9elzt8H8rS+507AT+LTIktAD/qL30Kqisyo/Wig/abkEmqAMTNE
-hrYfyRr4CXBdlISBWO2JSV8FT1xkAT2X+l4/z4MwvTbMr7QmRYMxf39LHey1b9/K
-ft1KfrxpPBOZ/MNYN3su/++ycpxS7yr6z5gQRI4nj6NCWMlJF0wcEeWw76IjyqHd
-RG0s4HIQ2e/p7ICY3A01zd/ewEFIFi4kxLO1Ot+y2xfc6hWFB4pbjtYWynWE5qSx
-Oaol1ThR6v94BgGLgyN/ubSnKRv4rZ5aVl6Ngg==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Carol-EE.cnf b/scripts/biz-certs/Carol-EE.cnf
deleted file mode 100644
index 4febbc99..00000000
--- a/scripts/biz-certs/Carol-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Carol EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Carol-EE.key b/scripts/biz-certs/Carol-EE.key
deleted file mode 100644
index 2d785124..00000000
--- a/scripts/biz-certs/Carol-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAwWzpaQT9wW8xme1wQD9hPghfFQoQBLWu5qFWyZu9aPTiSs/q
-iQMNQARlUst6eBhnCz3TedQnXAdfJA2+Nahl2Vqj6Eqzn9HFA5h79+ScZsgHSl0l
-8qeyKbvlkS5F1l9UdgNdGv6BsATHUVriDUlhGRr8dBydYukm11spxeJj8+3KlY0i
-f/lQJdSPL9n4auQb5RuWqckBbHb1BUrHXygOZkh+cq2twqKlSkS0/55ME16OqmvS
-z1fNKi3pDikbVZUml6ye3RN2TIhCQta3pOe0vMajqBYKkph8D/ZW9t6BsCQyOD1z
-7xVnwHmh/7T0d3HObJvZcMC6tcHauaTj39m1VwIDAQABAoIBADicVLAc+tvbXGwN
-tzXGlwJd1t5EhK2sMxVjERCOmWAXlAeLVLxm/UDISJNz5FMz6Sy8GqHkeuSPb8QQ
-laQEtlJoGeLJwkq7TWsg/N9vtGrMjn2wR4P+msFmMelM3rnASusDTwOwi2pl66Qe
-8lwrJtT/NfYRzep+DJUpJE+7U7+3TJ5rlfxd3Wm/gdsRoTXPvAW8w4vrJD4/YSpd
-3mJZ7VAnLwRnNY1wVqDYEHqhH5jf1nFVE9RKPMDYHbCtIBoap350qgACBTuVs94q
-TsKNWFJE35S/wbwNKMsjbaMkGngl1oZ/XMxFhLGJvZFcG05Z9I73WRtvcdOHVi8a
-pyZlHrECgYEA/Y1X0c7iwf0zrRjyJwuv8mdfyKAr1h1T47rY+HDp+e/2J4LfOBC8
-KnzNVkoErA7iHIN/59tG3M3Kv9TUmcUJ9tk8Ft42B/XdrVRXKtFBwmq4maxu/dTK
-BK4LQ1Gi2AhRG4xvitDdCgj5wVyVkXYwh4BFcqT4JWoGujNcBBw2cx8CgYEAw0r3
-BX97I0V8F4+2QihZp5wSuiD2EX3hsM/iAK8An6OL4zpNyU1m/h3lipVjCOGegIYk
-Ze/VnOrPXh56tPWG4YSzSNgXzjmxHZNFtQqwHkoH7aPXVMMNmPjFcUb04Lu/MXdr
-sIHEjwE7vfK9M2DaT0d4DBUdizTJPPk2wmoebskCgYEAn38sQTUNe85VlYvduCYn
-9iqFHGV1belg/h5pok8VQD5s8AnpdRFB7NA5MxC4w6tRHXKzIRzVBM0Hv4iYfGpw
-jDG3FQOPpY5KdmBZvPuJjE0p9rF72Hzk3/DD8QMHlzIUI2pCOGaOxWNECRi+lZRt
-jq9oAGg6GP8LYFIyjftZXS0CgYAWOt5LfetiZHJvrCgu97Dc52MqVL4t14ptOfyb
-30/O3Cr8PpLEK09h9b0/PSn8xNHqB1r1T4udRQ09xXJqTth/qz9NN2veSarjlvQE
-W6cYi4zDfDbyqxFNLGQtNMqDGlv1IYbcnKjnLljCknL++jNfet8rYOvwAJ43lpap
-IrM8IQKBgQCP3yhZHw1dzIBTUTE4NLGIxN/7Sz9O2IUoAR8V5szEHvxhWTEIyqgA
-t9tHpXJRdtpdXmdHa+vuszougEQKz3tsz7KWOUu3kdmpCm7OQqD6fANB+/2y/Euh
-OlBHsWOgxCHdiFQCj+kD/sBDYXH+nl2tk/chOcuf2m9DHypO0OdL+Q==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Carol-EE.req b/scripts/biz-certs/Carol-EE.req
deleted file mode 100644
index 5d9fa36d..00000000
--- a/scripts/biz-certs/Carol-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBDYXJvbCBF
-RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFs6WkE/cFvMZntcEA/
-YT4IXxUKEAS1ruahVsmbvWj04krP6okDDUAEZVLLengYZws903nUJ1wHXyQNvjWo
-Zdlao+hKs5/RxQOYe/fknGbIB0pdJfKnsim75ZEuRdZfVHYDXRr+gbAEx1Fa4g1J
-YRka/HQcnWLpJtdbKcXiY/PtypWNIn/5UCXUjy/Z+GrkG+UblqnJAWx29QVKx18o
-DmZIfnKtrcKipUpEtP+eTBNejqpr0s9XzSot6Q4pG1WVJpesnt0TdkyIQkLWt6Tn
-tLzGo6gWCpKYfA/2VvbegbAkMjg9c+8VZ8B5of+09Hdxzmyb2XDAurXB2rmk49/Z
-tVcCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQAUmZ8fO3IXtSIqKQOQu8rpHz6A
-RcaPg3alGV2bG/3SewfgTMv7GupACytmPogLbkhrWMe3UpY9vj8xuTTEnOAddkdk
-rSWrwHfk6uwqJM4kor390+aCe9ZZ6yNo9JEv8hMgoCY3HHw+CEX34IJpC35H122a
-Mpy62SG0j2tRZJv/DQG6fi6ecMjcjYAPyYhKA2v+xf5Q3N6D5zQ1mUmJRAhPpSti
-o79XRy2Zwu7raO6nxetmBoms8UjdxmpqyxV5VhJ5fOMvdLBUEOF/D+9NUPSXpf2/
-SxKOA3BytSMrw4OLp3Dqxhf37Ri8q1+apTW1kOGd4zHrzjd81eA/p505AlTf
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Carol-Root.cer b/scripts/biz-certs/Carol-Root.cer
deleted file mode 100644
index 307d9976..00000000
--- a/scripts/biz-certs/Carol-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHzCCAgegAwIBAgIJAIL+wCyy3a1PMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQ2Fyb2wgUm9vdDAeFw0wODAxMTgxNzIzNDda
-Fw0wODAzMTgxNzIzNDdaMCYxJDAiBgNVBAMTG1Rlc3QgQ2VydGlmaWNhdGUgQ2Fy
-b2wgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkgdmWcufSC
-w/WjWc5NvUEerHF3gtP4LB9OHsHe4lHUKIl7llZes9JDFWdweZaGgabsFsB9Lhxh
-YjqCbeLnbBgf8gdPHQdmwtQBeZpzJNfNcoc/ucvUmvc2thZFBxj8SOtQUOZH3Tqn
-o88A1zOHftU/WFrgF/lFv97v3ahLNc0UfgPr1iEQonqC1ff1oAg3iOB7T5rujW1r
-8cd8t3oDKjjbXxZqt5n5qhoHRsQu+EcoiJhbERkXHQdJl1URcJQCZoo1rRMtqp9F
-mbinqag/Fiv8c3r9GgLahsmCtz4UkirVqu0o+9/HMUoghWJukOUTYOi7d/S6IqYP
-v8/PBwcgW1kCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUTyViTphE
-O61nmeVN7cp1JQ9Koy0wHwYDVR0jBBgwFoAUTyViTphEO61nmeVN7cp1JQ9Koy0w
-DQYJKoZIhvcNAQEFBQADggEBADOasRwK2Gx9+fwLfBuuXRcuLj67ZROZlBYg7YlQ
-upOJgbOSHz3A5TW+05XjZzVTITNVaRbtwi+HaS/qNHgzll+L3FBC8LPZp/JZJiid
-/0T8Nc7gQLB9+DJF8ygsbN+6Zmesxmc/bg7hYDkm7UyDasje3yAmGRs+gWxjFuHD
-vleQO16njweves5eaZzuR52V/gCYe60ncNEJSw6BqSutjUKhehLw8MYCDql8S+Nd
-M8+2b601ij9WUgWZVuZeMmftErPno8r5yXuVa/8EdZgjgFjluJjbh5AZJLQEp08A
-gobgPqyMVUA/oXwHf/VGWiRhTN9oljZYDTdAUWBIPNYOD4M=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Carol-Root.cnf b/scripts/biz-certs/Carol-Root.cnf
deleted file mode 100644
index 01190973..00000000
--- a/scripts/biz-certs/Carol-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Carol Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Carol-Root.key b/scripts/biz-certs/Carol-Root.key
deleted file mode 100644
index 0e41137a..00000000
--- a/scripts/biz-certs/Carol-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAuSB2ZZy59ILD9aNZzk29QR6scXeC0/gsH04ewd7iUdQoiXuW
-Vl6z0kMVZ3B5loaBpuwWwH0uHGFiOoJt4udsGB/yB08dB2bC1AF5mnMk181yhz+5
-y9Sa9za2FkUHGPxI61BQ5kfdOqejzwDXM4d+1T9YWuAX+UW/3u/dqEs1zRR+A+vW
-IRCieoLV9/WgCDeI4HtPmu6NbWvxx3y3egMqONtfFmq3mfmqGgdGxC74RyiImFsR
-GRcdB0mXVRFwlAJmijWtEy2qn0WZuKepqD8WK/xzev0aAtqGyYK3PhSSKtWq7Sj7
-38cxSiCFYm6Q5RNg6Lt39Loipg+/z88HByBbWQIDAQABAoIBAQCi2n/M25ZqFi60
-g8KYzaJTCty/5FZeic6mq147Rgrp2Szf5KxXxm+B5CmMGVGcrS6Y3M8W/gf2R2TV
-+68XEGXywwdyjpIG1MtHHRUQXYJnpP+/IrwbJyg7mRGNfaPEwwqSltDUAxwGYTqk
-+yRU3Dki9tqO9tugGU+0mmXviloF0SOq5fu3qmZoh2ZpoP5n4mqu1JOgDqXB/dw0
-REvbyn+ly5csMDhoZq8uBnmQBeyGI/dsydbFZd6pmf9izntA3Kwn/vsATIpMDDps
-ECLcki+0iD/ZcD64rGm14yGktbtyTG+Ec4JDnWB+HLukHNEvnTD1NJLjEma6jnKM
-xr1LXjpRAoGBAPOPUZ9lVsw+DFd8VD72Rmi/h+jLPBhCgzLfXxIq64cYXFRxML4x
-AVwLGc80bEsZkjMGJ3Sl2241uc2XIVu9V7B6FmDhMayIgMiomlDolyhoIPg7C/KO
-ee9k+/6hzclVfdMFT8ced4kFWzTKONNdsQI8SyaKJRtZJycBS6DXkQKjAoGBAMKV
-GVvG6AswTklDoVfvyEwwp8v2LTyO37sUF3bO7k7htj2j7rudOqEOR+TWplyg10y9
-ezp60IapYbWvdCYI6kaj/hr7DJ+uwzmSTi6LKlWSBKI6s64Vo9gx7+P3su9gT8D0
-G79M9KC9a7wMothPx4nFTGK3xNpXWOZE47rLGgXTAoGAbjs2KNr3nraSZWH6ywgx
-M6VDwKOCzkQEFxkrcRCFyn3HA9y6v8l0IRFRHAtQ2+h116v4XX3XQxkDv72ftmKK
-dm+7AxvInJqnFqngNbAfAYWnLlGjBaNgIm3k8wiOF4oeyUvFIIx0c0o+TjUb5OWp
-gCaDqKyrQKZn5upaLTCDC9sCgYApyhG/JzHQrVgy3eZ511KCInT3FfDTL7AXIpKD
-fp+pq0oTZPCxtGvSCRohqIPkItr6bTtY7OV59ki412yvenyuHSxGqSIl7UeaRrSp
-xFOcOxbprIfIXHdqyBbIM/tm851NSF/pLuLe3q+TnHcg08l76jakgOkzJ009bxAl
-ntcA5wKBgDORScP6A77UE9E+vIWkUyn23lNkow29BWpM8jBm0mBX6m+WgzW9soe8
-37GtvWlF82kLytFXIxju7ULLpF5652jDEa/mgFrZH/gE520tz0yiJ/PDtSRtxuGL
-O8ZEyyiwKVcET56Rklj7r/0kn3dKJQkfxG49krv8hRckSH3Y8Eb6
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Carol-Root.req b/scripts/biz-certs/Carol-Root.req
deleted file mode 100644
index 1d911e4d..00000000
--- a/scripts/biz-certs/Carol-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICazCCAVMCAQAwJjEkMCIGA1UEAxMbVGVzdCBDZXJ0aWZpY2F0ZSBDYXJvbCBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSB2ZZy59ILD9aNZ
-zk29QR6scXeC0/gsH04ewd7iUdQoiXuWVl6z0kMVZ3B5loaBpuwWwH0uHGFiOoJt
-4udsGB/yB08dB2bC1AF5mnMk181yhz+5y9Sa9za2FkUHGPxI61BQ5kfdOqejzwDX
-M4d+1T9YWuAX+UW/3u/dqEs1zRR+A+vWIRCieoLV9/WgCDeI4HtPmu6NbWvxx3y3
-egMqONtfFmq3mfmqGgdGxC74RyiImFsRGRcdB0mXVRFwlAJmijWtEy2qn0WZuKep
-qD8WK/xzev0aAtqGyYK3PhSSKtWq7Sj738cxSiCFYm6Q5RNg6Lt39Loipg+/z88H
-ByBbWQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAAgScY6PIPSSy9Mrm6SF3bMB
-EB574vIbu7oEIXdS6j3n92ONXFO/m5npd+ygbbCc9P7JIpyuqYdSpq/wihIb+n6R
-qtn9psfU38eR3nVvdK+SHkeHTZnXvOMRZ/2ZOD7t/m8QpR8BZ8FiDqp/ka9izjdc
-Y1jGVRuJO2VLBk48nDoci8PbvC+Zn78pbywVybrBiNNDl3Th354luXTCOyMc+Pfe
-Zc0YffB5Xv+5C3zJtpvOtvybKQotEhbRpcuTDf2RP1UoUXnfq46KM6qq1YgJNB1r
-UXjErbXpA1BOHMPSXhLn62+UAZ9k+GTXz/808+MlRHREqM9OZoLvKQlAOCFOYIA=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Carol-Root.srl b/scripts/biz-certs/Carol-Root.srl
deleted file mode 100644
index 6dc25038..00000000
--- a/scripts/biz-certs/Carol-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-FD5CA041BF0AA2BA
diff --git a/scripts/biz-certs/Dave-CA.cer b/scripts/biz-certs/Dave-CA.cer
deleted file mode 100644
index c055bfa2..00000000
--- a/scripts/biz-certs/Dave-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGzCCAgOgAwIBAgIJAJWglEInirfUMA0GCSqGSIb3DQEBBQUAMCUxIzAhBgNV
-BAMTGlRlc3QgQ2VydGlmaWNhdGUgRGF2ZSBSb290MB4XDTA4MDExODE3MjM0OFoX
-DTA4MDIxNzE3MjM0OFowIzEhMB8GA1UEAxMYVGVzdCBDZXJ0aWZpY2F0ZSBEYXZl
-IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDg+csO4ExCO887N
-7aI5vpKa5bo+wPEi+6Jrvb+FVC27eI+UAA8hOHilAeYI/P+xK35Bjmg24H/OWPzz
-erkSvSPp2XB69GR4ffT4ZxMoQ/FNgp1iiYr2QE1EWphrhXnO9FwEZ7s/ry7ISUvs
-KuDnun7ymoLtRFTIO+F5B64yTrNYg/6YQ6rSKN/SpfWYwOLB9fRylAmYBPguP/3W
-gE4KJhrQ11JNsIH2AZ3hL+C6NQmbkNQjaNOxjbZT/Whbg87kemtQgo4/t+cTaALP
-qknVRrMrkCCVL0I3DRmYV70IEyzjEfHaB1LXt9RJX6uYjD9YmNjY7Hp0liX9czRn
-+IsauwIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRvYR0qliEj7ExH
-JxCipJca7R0GWTAfBgNVHSMEGDAWgBS0fUwRgGNdBaom9pc0oe6+LSgY7jANBgkq
-hkiG9w0BAQUFAAOCAQEAk7hxx2rMsdWAj6im0fHeS+pDwAEdFloqj2qP1remujnE
-K4cgT0Pu67ovVcGZOFUkc7ECRDkysH1wQZZ+MQM9g6iXikYrCoKnVBFJ3xGoHMoW
-PnVxsqKaLxSEo0RdGbhhuct0ZKCu+XHC+DxRkvrWCgY/X1AwSqEsy+hFQcJprtJF
-XGU95OIm3pdv9XURn5l0ZUwzHvb96bxVw+BeqB7CFeBClRwkzkHK7zxc7jvKwK4Q
-65qUnpXeTqB8xebtbV0D/azzjCpz2MF1ylcfmSXEqaeqAEZd4hcr/YJg6CJr+x4n
-pzzS3sY6ZsATdTu7aKeWZeOPCIwnuq9qEMBjVF8bmA==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Dave-CA.cnf b/scripts/biz-certs/Dave-CA.cnf
deleted file mode 100644
index 47717a0a..00000000
--- a/scripts/biz-certs/Dave-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Dave CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Dave-CA.key b/scripts/biz-certs/Dave-CA.key
deleted file mode 100644
index d8264c2c..00000000
--- a/scripts/biz-certs/Dave-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEAuDg+csO4ExCO887N7aI5vpKa5bo+wPEi+6Jrvb+FVC27eI+U
-AA8hOHilAeYI/P+xK35Bjmg24H/OWPzzerkSvSPp2XB69GR4ffT4ZxMoQ/FNgp1i
-iYr2QE1EWphrhXnO9FwEZ7s/ry7ISUvsKuDnun7ymoLtRFTIO+F5B64yTrNYg/6Y
-Q6rSKN/SpfWYwOLB9fRylAmYBPguP/3WgE4KJhrQ11JNsIH2AZ3hL+C6NQmbkNQj
-aNOxjbZT/Whbg87kemtQgo4/t+cTaALPqknVRrMrkCCVL0I3DRmYV70IEyzjEfHa
-B1LXt9RJX6uYjD9YmNjY7Hp0liX9czRn+IsauwIDAQABAoIBAQCOlCFpK6f1QXSS
-qLXjPRKaN9ehA9P7+uYLgfsHggrMSxT0y5NNtGgOz/lODd9ZCQDz26Ubdfc7LE/l
-ueksS7+AGiKtAwx2yKglPIthI4efhkxqUitort/Ghsbno15ckRknMWzLaDZy/K9R
-Y2ynByjyw7w68Ch5IXFUPz8wPZd8JqwAasLHjEdxizjUrjd5ikxNDKZetz/u4cm5
-xRhISJttS1hbWwTrvjTfiAv7LVCQtRYDzYjnhUtvBnW9ksZt9rl9Am2dCEb3ocql
-Dasanlc7HtPt21HGYR1kljSNzF4N7kjGpf9p4k8EB6bfBvL14rF1e27uYhHA+7cC
-jnr2Yj1BAoGBAOdS+RaocPRdOotE2SNjbIMl8kwd0DlFBklW85fknVhRGl8tRxl1
-1vMyJG1smYG7l/y5ZvDJVWmGU5W3237ACujNwe8gxa/3KhJ4maWd4uW/0ttweAmK
-EkG1H7axbruELPQum33+oWzciH2Q/BBOuszKnayZUmapfW1947a9XCSbAoGBAMve
-8B79tpqBJKie6q8YGMfIJ83PHoL7TzIEEAsXYMqsiS9G+VIvNzbOYS78Zh1d4kGX
-5FL0NijghOcU62sTrJuqlStCrJX90EGzCB6OEBZYoUz51bKve9tK3bAmADuEsnKe
-4sCNDr4LgcOwNnGzflyddRC/s+WDP8LQ0qFZUXRhAoGBALJ2uAc8ApD0UBNcFW2Q
-6gmwP+NraNaWIwh31czMqnuVbpQZOW4yFJhhiesFytRk5xgp7Xo8yfF0mY27X9LE
-1GXRQBp9nSZpuIKxmlBEo+V+fW2gsmsho34f/4ySDQ0MJyZnwryMsvtqlL7TGTR3
-mPQgKU8cpo7fmg3b/s9f/fObAoGALNa1nTtUBBtPQr7hAu2b1aTSDFP3c/tt6aQ3
-GxljMnBMI9fKUicMT8OIYFsm4mKZtq9/ijcoCkmHMYPKW1ySZBJaiI87gim2uhx0
-NrQsGZ4Yq+Nu+sPZy9tlcq6I8o426TrEyHC9w1Koka+Z6dv+eMQw0SQ4nswFJAXl
-rZMFdUECgYEAoR3oItFi2tWqbo/lSov6KQIBsCq1L5DfVj1GQp/hiMsIvNtNoy2G
-IbXfpHk0Kljwdf7GvU5pbFYcrCHJ2vIkKocE/6JArIQd4bExhM4oxI2vVbkBD1fq
-aWf63IIiq2gZfVFxCV3hK/ub3M02AqouqWDl/UKu2S6We5BaaWOuz4k=
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Dave-CA.req b/scripts/biz-certs/Dave-CA.req
deleted file mode 100644
index 8ce0b3ba..00000000
--- a/scripts/biz-certs/Dave-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaDCCAVACAQAwIzEhMB8GA1UEAxMYVGVzdCBDZXJ0aWZpY2F0ZSBEYXZlIENB
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDg+csO4ExCO887N7aI5
-vpKa5bo+wPEi+6Jrvb+FVC27eI+UAA8hOHilAeYI/P+xK35Bjmg24H/OWPzzerkS
-vSPp2XB69GR4ffT4ZxMoQ/FNgp1iiYr2QE1EWphrhXnO9FwEZ7s/ry7ISUvsKuDn
-un7ymoLtRFTIO+F5B64yTrNYg/6YQ6rSKN/SpfWYwOLB9fRylAmYBPguP/3WgE4K
-JhrQ11JNsIH2AZ3hL+C6NQmbkNQjaNOxjbZT/Whbg87kemtQgo4/t+cTaALPqknV
-RrMrkCCVL0I3DRmYV70IEyzjEfHaB1LXt9RJX6uYjD9YmNjY7Hp0liX9czRn+Isa
-uwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAHA4Da1BJ6hY8MsyJJtK+Kbe0Ywd
-3muBq179Dl+HmYc9hZLRLLliXaRiyVofR67VK47D9KmHrbNhjhbcq6s9zEwr+VQc
-WmOpVNGwZJzeqxYCSUvvBC2wMWaHfgmzE/eHgf+P990xo0P3nnw5+sYl6tWaaz4g
-X1lfXjXHQmpzprCDBM5TJ2S5B9HxBwzRitCOvMCFFXJ9abiXZOg3zJIMJ+Gb/71c
-Aw/pqSFsT2xuDkP35/VyVUGM1htXwap+JwdPOVHPjjHiYtLTZmhNmHsIUTlZGp9o
-g9j2IrDsQ84kJqQRLH2iMrEO/kxlm/vj83arSXvtjAn5+89yZbZ1VcswwxM=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Dave-CA.srl b/scripts/biz-certs/Dave-CA.srl
deleted file mode 100644
index 5cba7d1c..00000000
--- a/scripts/biz-certs/Dave-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-BE6923005A133A8F
diff --git a/scripts/biz-certs/Dave-EE.cer b/scripts/biz-certs/Dave-EE.cer
deleted file mode 100644
index 2dea377d..00000000
--- a/scripts/biz-certs/Dave-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDFjCCAf6gAwIBAgIJAL5pIwBaEzqPMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
-BAMTGFRlc3QgQ2VydGlmaWNhdGUgRGF2ZSBDQTAeFw0wODAxMTgxNzIzNDhaFw0w
-ODAyMTcxNzIzNDhaMCMxITAfBgNVBAMTGFRlc3QgQ2VydGlmaWNhdGUgRGF2ZSBF
-RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKUtdgOQpUQqXYOEukxx
-nQ4KfvoGFaFP+kJb0vpaxX4HlIwUiD8NjTePpAxS1cixiPmHn9pcz0zmopUsonZ9
-OD6FGYyDTQm+LNF4qPN8xUhKlHLE1A+V+Ajtb2lCbZAGnPh5Z4vmQnoNHvP2TVz4
-jly78lK+tuemn98sSYfzxxA6v8fmivs1k4u/M+vhquwfvQ7xhfyofFIytXFFHaBa
-0vHY1GE9wAufQ6uEK3sMNLBF6iZuruW6VVuX2NbeHqOgcAF4Hc8cKRmVZxTkkIUi
-TADyVQLKpDHsMI+6PTLlmKe4fcUny/qQKAFe7g2v8zFUb49ohqfW1UyU6+/kx1Rm
-6C8CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUgm42L3S3iA3yv/JkQYwF
-ZKe3zhYwHwYDVR0jBBgwFoAUb2EdKpYhI+xMRycQoqSXGu0dBlkwDQYJKoZIhvcN
-AQEFBQADggEBAEGtqLbaxS4wcA8rzF57PEtrd+F2KFQZHt/d0mYWjZwnq4yymlj6
-IBtC2vtANJ2CGPlGmmgax+AKdN7QqTpCxFJsnQ3YgdFIN0MqwBM8lTlBS/lTHDRq
-bIXEB7Aw3u8SrS2nd3f1xdl8rNR/286MrcjEE3K+sQFNg8wUnZo3ZLBflVGgVBTt
-WMalESPRN2P+tNuc+qQJMhefK+spmgH4oNxblNm7V+RzUQoac5FpgtVN1vM4Z9sM
-iVuBVv4/+EYfLAQUl+EkHSd5GYPjV2juHqslRJKMtXynDIsl1IXJRmh15kGtSMh7
-y7/8HcdLVtyuzVZCXJhrnv1rYIhU6oP8cVQ=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Dave-EE.cnf b/scripts/biz-certs/Dave-EE.cnf
deleted file mode 100644
index 13517fdb..00000000
--- a/scripts/biz-certs/Dave-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Dave EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Dave-EE.key b/scripts/biz-certs/Dave-EE.key
deleted file mode 100644
index 283db731..00000000
--- a/scripts/biz-certs/Dave-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEApS12A5ClRCpdg4S6THGdDgp++gYVoU/6QlvS+lrFfgeUjBSI
-Pw2NN4+kDFLVyLGI+Yef2lzPTOailSyidn04PoUZjINNCb4s0Xio83zFSEqUcsTU
-D5X4CO1vaUJtkAac+Hlni+ZCeg0e8/ZNXPiOXLvyUr6256af3yxJh/PHEDq/x+aK
-+zWTi78z6+Gq7B+9DvGF/Kh8UjK1cUUdoFrS8djUYT3AC59Dq4Qreww0sEXqJm6u
-5bpVW5fY1t4eo6BwAXgdzxwpGZVnFOSQhSJMAPJVAsqkMewwj7o9MuWYp7h9xSfL
-+pAoAV7uDa/zMVRvj2iGp9bVTJTr7+THVGboLwIDAQABAoIBAHvtOce+9F/KMVMF
-eAj2jNEGCvJnMj9PFAJJhmcTR20hHtBibz5vWm4/NOOSGpdyq8Qbf1GDpHyb5Ytq
-a5HerR4rGloUAO64YkPe9VOJXzK30dyx1DDFYczA53/fuPgAHjFGVOvfnCyaP4jm
-WHDSg20MDekK8Yuntfbo8VoxCj8fwDyPq2vSXnzwGcvT7X8cmpHnKEU/JQj4bNrJ
-XMMK3kQrKf0sFlO9kieEPsG//V9j5yverKvZdi8PQSCwA1e0nqrOWRSFYz5ePzob
-Njo1LJz/WaQ2YjEf07fRuiNgCp5r+/44c5xBvq07Fi1yhc6K8DBY8w/cH8foc8kw
-aO34HWECgYEA0Qht10TPKBAil/FXjYFcqQgCQxZl3rtt5ijVZtuYISMYaGj/Q8iO
-efXZKa1JgXtpVomkkjY2Wbdd5TwkXd27TqUIZ5uPYDs/I6uGZRXPIV14g6U1aBBV
-502LNbAqDWozYBwZRmDOopdU+hS1/Jc6DNoNvVKj//+lx4NbxmUmS7cCgYEAykp5
-IQd/GMGf7VsBcHbseJIqknDuZRvpDB5zXFyyRu9jdHmqQCjuCnDQ7eJNHLvLjyAt
-/+7YiQDyAhlxr305U6Mnum9T49l3Zi2jLy+/QhO3WBQ0FLNF76sN8ADM0aD4Uk6D
-wCtSEUj1XrDtHiJPShtHtpM2Gs5gB5UM8b2BN0kCgYEAtbouREh+EMZ2TMJ064Db
-ndhonwqJ5ens0XwOiy2+RJDOV3dw9O0XcNBby+/rR7aTDbj8amDXP4g7CWAP/csX
-XHf9ppWHQJJBgjFM1fTv7oHklA69L4uEI2M286YD6UW7BINpNdZTzubh6ci3rrGK
-tkGcUEvYaGdJKPr6frDRamECgYAjgk8g7R/ySIq6L29hPn7j60Rt0EUImo2eAvpd
-DCh/KyZaG8E24fhm/Mav+zluAckJpqxscJCx++h/VdgO5fxaIhmnMEOZi2LaHMi4
-T7lS8AMPAvzhZVaxa2VW680IPylXyVB3OyN8xUHNDWGSGJOyfndoJQ8qRW+15QQQ
-qyMzgQKBgQDEY1WxbCTM8A0aRn3SxoFuPDSqJtLdi8dbMxEHUrP9qUfg98ChF4fA
-jxZu35LeNB/E5gfP37VJZJPTQ8i8kPACiGzGvlwLMgV89KspkxL8QN+n62kfqoAD
-t2QoTiPJOb+pKqQ0sISXcFN8r047vMt5EYXri3RCV+amBYzBIMOAPQ==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Dave-EE.req b/scripts/biz-certs/Dave-EE.req
deleted file mode 100644
index f989d254..00000000
--- a/scripts/biz-certs/Dave-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaDCCAVACAQAwIzEhMB8GA1UEAxMYVGVzdCBDZXJ0aWZpY2F0ZSBEYXZlIEVF
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS12A5ClRCpdg4S6THGd
-Dgp++gYVoU/6QlvS+lrFfgeUjBSIPw2NN4+kDFLVyLGI+Yef2lzPTOailSyidn04
-PoUZjINNCb4s0Xio83zFSEqUcsTUD5X4CO1vaUJtkAac+Hlni+ZCeg0e8/ZNXPiO
-XLvyUr6256af3yxJh/PHEDq/x+aK+zWTi78z6+Gq7B+9DvGF/Kh8UjK1cUUdoFrS
-8djUYT3AC59Dq4Qreww0sEXqJm6u5bpVW5fY1t4eo6BwAXgdzxwpGZVnFOSQhSJM
-APJVAsqkMewwj7o9MuWYp7h9xSfL+pAoAV7uDa/zMVRvj2iGp9bVTJTr7+THVGbo
-LwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAG6UNnBSYglSYCTsg/g7FVBh6ROG
-QYIiVrAdiJgZf7elUEtpmzAZ8YDVbwYbN6SYrVId4jvPStHkScf6/LC76tFbRp37
-7pGEf7Ijou0xCXmk4LIm3xeQT/AjvPiOtoWNr1H+OdYUYQeyXoqNcgxZ4j3yal10
-etp1ZMR2lHgGd0ZvulYJJw7E4s7c3f9mB0+qTaAz6Wcu49e6THo27gPq+ZZ4YMGZ
-TfWldXk4IBqDuLauaiwWeWYMfkRC9aEMq6lVlIAvmjeKHOfUttQz0ievG7yJ7/En
-wRoGBSQM8/Pzc0MFiTSyFcpYyyNqIQ8uHivKH/dZtXTOjkd9/wPajglNeyU=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Dave-Root.cer b/scripts/biz-certs/Dave-Root.cer
deleted file mode 100644
index c746d1d5..00000000
--- a/scripts/biz-certs/Dave-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHTCCAgWgAwIBAgIJAOxMm5H7E48oMA0GCSqGSIb3DQEBBQUAMCUxIzAhBgNV
-BAMTGlRlc3QgQ2VydGlmaWNhdGUgRGF2ZSBSb290MB4XDTA4MDExODE3MjM0OFoX
-DTA4MDMxODE3MjM0OFowJTEjMCEGA1UEAxMaVGVzdCBDZXJ0aWZpY2F0ZSBEYXZl
-IFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzOScJlBkVwfoN
-KP5/0qIM/ZisBYicqHXErDE7WCtBXh05bwRKzGYtn3dARnJa1EoLKnVFzPxZ/mvx
-Ntmqax3/B3+Je6KzCCEtmgNfIoSwxY1Ms+/vEo/SLpVYrk33K7mpx3rDXqpUSiZ9
-BAXZAlK4slB8A/Di8H3hdsR7H927JS1LlbfFBKvpv/uYvmJhBdDKIW+k4DtQe7j0
-KhoYliCfUoX7Yxc8XlDO14uS4wiaU2n929B/va+pZSp+00A+Vj13gbNW0rcdG3A/
-vc6Xb5B07d9Q3g7VyoI922bU7e59+TqZdYvdfqqijROVkZTCYEL6Vc2ooK7/hYzf
-JnVAtojbAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLR9TBGAY10F
-qib2lzSh7r4tKBjuMB8GA1UdIwQYMBaAFLR9TBGAY10Fqib2lzSh7r4tKBjuMA0G
-CSqGSIb3DQEBBQUAA4IBAQCu6sdRWG2eTlgOABPhAjh/2y6c3L917QaLpqYhvAGY
-0lCrOyE46aNUjTiRV0X95wx2pknSfuuzKF8T24TYX/hwlisUuKbnvBfNORtMnK+E
-PZpcQ5I80nYnDGHtPZUEBdX4OEO/WaIzrpSol+aFn0VpJP4NB8/IqQ1IN2EJhhSP
-lH1dYf3VrIQelmMALrbPqYgAm3l36BOtRFmuQaDQ4J3nO++j1a3WFHojoQJcw05L
-o2EKTmPS5nhSzxfHttyKdzt8Qlu45CKdheC9J9N6gFiyWiJMVv5vRHXrROqevNVq
-jnwxLJUXdjdHKUL7IYV7hL4H3GUbaf46FsOimR1YDDka
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Dave-Root.cnf b/scripts/biz-certs/Dave-Root.cnf
deleted file mode 100644
index 58df8105..00000000
--- a/scripts/biz-certs/Dave-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Dave Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Dave-Root.key b/scripts/biz-certs/Dave-Root.key
deleted file mode 100644
index 4c5b73bf..00000000
--- a/scripts/biz-certs/Dave-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAszknCZQZFcH6DSj+f9KiDP2YrAWInKh1xKwxO1grQV4dOW8E
-SsxmLZ93QEZyWtRKCyp1Rcz8Wf5r8TbZqmsd/wd/iXuiswghLZoDXyKEsMWNTLPv
-7xKP0i6VWK5N9yu5qcd6w16qVEomfQQF2QJSuLJQfAPw4vB94XbEex/duyUtS5W3
-xQSr6b/7mL5iYQXQyiFvpOA7UHu49CoaGJYgn1KF+2MXPF5QzteLkuMImlNp/dvQ
-f72vqWUqftNAPlY9d4GzVtK3HRtwP73Ol2+QdO3fUN4O1cqCPdtm1O3uffk6mXWL
-3X6qoo0TlZGUwmBC+lXNqKCu/4WM3yZ1QLaI2wIDAQABAoIBAGMRGnT++ga+3Htd
-x5/cTFsl6rhbrrH5pG98RxJooDBX14uhxBucdHaPiRlsV1XBttQJOh3FO1B7hCsn
-iJXc9A2+lU7nmn2f5scQNQDnUbVs3bgiVmQuPHWP7lnAr7QK5WvlqgRIVZqWCkRc
-bucPk64oUrjabNLk4JA6WE0+xg/lhPxeS2m2FK0fwR+XQ6kDQ25Qpu6DCoWIABWK
-5xHPUyOvFX2aszA6pUQM+uFDlK7WfhrLPLe3O/EJR291RTnjy+CwTGhoLet/ul1z
-K9FYrOsijfjxSrXzv7KO876buRNo9wqKjZIkWNN+LsBL7HB0QPCCuW8mGD6o8JnC
-RE+7fIECgYEA7EjNSJcTfUtVSB4a2cNAMXhjlLk3AvQiXL18nkSn8FT7I4lh2Iqd
-UR9hg3CvzCCbI9Pa+rmslB9gkIvv1G/Q+FWIrptGQEMr23jOtUCbn4smvJDQw26C
-cN7DuWyupVRrd5JCy4FVx3RX3GKPbUa1lsWASHXdfdB5eQBCpCdBTPsCgYEAwi18
-Pf6u6+oSAvwOdXak1/gmGFKGWHQwRuAPhf+6Mu0df+UJOYdwe9t8M5elb2x7iSlx
-THlkmLez88pKvwt4m6st8NBDpWxnXQ31RDAyk7t+kQmUXu1ZPhZxFW7PFQtLLP2M
-Ra0lLXefzwgxe2tSzxxX1N6kqwX3hMObK43HLaECgYB/d6rfHTlTX3+LX0pG7fFE
-ftjh06Vcv42GEGcZDpq2qXGuMyAI7IZ/y/kUKod8DJ8FDfZVSjNS2TaD5CompYfL
-YIFTCMs2QcZ4KM0CtO7/e9cS5ODqfUR7VYGrF3mEEW3EXLASDxzSc+4uIzGS1xGB
-W9yfuo4ZoIzXfQ92dQLiXwKBgQCye7zH/2Ip123W8HkZ34SGP8JEeRakF6iIfUvH
-j9hHF00WUiC4kJYEQytXAP0//idPXJiYAr1E4xa18Cvkj1a9QAtqXwTO+WXJUxsv
-Il5bDOy5xGRtHR36xAYN/Vy7qzXelPBq20xhDqQGWTGikHP9i7/wGvahfUqW7nWj
-Ax8iAQKBgQDBXi0DuR8qrKrZMmvK+oJbx7wlrirAXm+2WGuzvazSFBdjV77w3aoG
-lLWhYELFsGZS9uACY/yWkvXX2+I59m0vrRCSZy/4WTOnIl1JyQXI3ZaMBaBTTUr0
-cQQnzaOs8kkBF+ndYZvMY19hhs6s8bvOcfLeDya1bgJdlkbAA4Oy9A==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Dave-Root.req b/scripts/biz-certs/Dave-Root.req
deleted file mode 100644
index e9905363..00000000
--- a/scripts/biz-certs/Dave-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICajCCAVICAQAwJTEjMCEGA1UEAxMaVGVzdCBDZXJ0aWZpY2F0ZSBEYXZlIFJv
-b3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzOScJlBkVwfoNKP5/
-0qIM/ZisBYicqHXErDE7WCtBXh05bwRKzGYtn3dARnJa1EoLKnVFzPxZ/mvxNtmq
-ax3/B3+Je6KzCCEtmgNfIoSwxY1Ms+/vEo/SLpVYrk33K7mpx3rDXqpUSiZ9BAXZ
-AlK4slB8A/Di8H3hdsR7H927JS1LlbfFBKvpv/uYvmJhBdDKIW+k4DtQe7j0KhoY
-liCfUoX7Yxc8XlDO14uS4wiaU2n929B/va+pZSp+00A+Vj13gbNW0rcdG3A/vc6X
-b5B07d9Q3g7VyoI922bU7e59+TqZdYvdfqqijROVkZTCYEL6Vc2ooK7/hYzfJnVA
-tojbAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAGYgH9IJSKNqJTysTIfjaHNRM
-cZbKu+tjQF7e97CwygG0dnAB+3XdjEIxb4NCVCNOfUPeb4lfYmhwerggJ9O4pZnU
-RYjL8alNDcmHB5PG+tPCePRmGV7Ao+Gj5p5TMnUrfjaVTCCN/39NOql0jbvwCl5t
-cKA19olB/YeMcwyr17DgJm197n07iuQFk/+ieQJ7znyViMV76MMmXv5d80jBkRb9
-OhcLdDPXLJ7Yz/XRJcK8GC8uD5rO53bfIe+XJMgT/K2QvJ+FB2eiwyP49wxLb3bs
-4GoVL0HKdYm0cJUSjTho9Ro8KOh9eJIauW3UI0S44gV1lPsOr64BE8f+7jU7EQ==
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Dave-Root.srl b/scripts/biz-certs/Dave-Root.srl
deleted file mode 100644
index 6bc6d25f..00000000
--- a/scripts/biz-certs/Dave-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-95A09442278AB7D4
diff --git a/scripts/biz-certs/Elena-CA.cer b/scripts/biz-certs/Elena-CA.cer
deleted file mode 100644
index afa23794..00000000
--- a/scripts/biz-certs/Elena-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHTCCAgWgAwIBAgIJANw51pG5UQLzMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgRWxlbmEgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAyMTcxNzIzNDhaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgRWxl
-bmEgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDheo8bzzgwGwVP
-tGIl6jTTe/WMy7nKUHG0AJZLBMEZv62JVxBauroeADfhEzYIkLxhnclA1Ij61u2J
-SxHpmLf+mD5xJyhJwiOA9dtcnqMpUq4nql9zg5oOID7XMlPZrNmNEDqs7f28BfT6
-7cdMC2IifO6kPJKGameETraEgdrroo6zgUhDJDYaqMHidU/J3nTTIlgw+h8EQBeX
-oW9o4aBHO/GNR1uC+I76Bpl1vWSAcSatHB8xNsF74JhQNq36j6SGPSEiDxHXgX2V
-GchwltTfDvYB8Fwc6w4/bvQXfXGdE9KoSVsh4BTFrV4TX58CAiPdkHBLQVU0cvl+
-2/gxLPCvAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFDUkefOGghlI
-UfR+9vX1DOe0MwbZMB8GA1UdIwQYMBaAFH0pngEFpjbgE0OUC7c5ARkAkJ4OMA0G
-CSqGSIb3DQEBBQUAA4IBAQAtjJqju+ZR9ZtWaqOdTj78jGuzSHubbPCJXcsxRIWe
-Ja0MOrQv0OUV19OhmAH1qCLX23wH3xrguoy5d1sIh+dm9xYIdX4vf1LjnE3An0C/
-m4GyqvrQLxSkle6V2nMIpanVAEMG6Gg4VR9xVbtuWNDr6OwdagdOg9YVRjklxAc9
-CEuIdiIRdhbfkwLv122W6fgny5KZyrfruM4NuJYRLcg5lvAaMztZGzQI/EyQY5lu
-AR5oMa8/+OWM76se3GlYx8ZyzaHSHWIfWo1KDoH18Eixlium4kP4PqpfLh8FeykP
-H/ho2gXjHZf7yKPGnGURvsTGWq9P0RXoqo8SF+C7VeGE
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Elena-CA.cnf b/scripts/biz-certs/Elena-CA.cnf
deleted file mode 100644
index bd8d7d1c..00000000
--- a/scripts/biz-certs/Elena-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Elena CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Elena-CA.key b/scripts/biz-certs/Elena-CA.key
deleted file mode 100644
index 40a3c768..00000000
--- a/scripts/biz-certs/Elena-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEogIBAAKCAQEA4XqPG884MBsFT7RiJeo003v1jMu5ylBxtACWSwTBGb+tiVcQ
-Wrq6HgA34RM2CJC8YZ3JQNSI+tbtiUsR6Zi3/pg+cScoScIjgPXbXJ6jKVKuJ6pf
-c4OaDiA+1zJT2azZjRA6rO39vAX0+u3HTAtiInzupDyShmpnhE62hIHa66KOs4FI
-QyQ2GqjB4nVPyd500yJYMPofBEAXl6FvaOGgRzvxjUdbgviO+gaZdb1kgHEmrRwf
-MTbBe+CYUDat+o+khj0hIg8R14F9lRnIcJbU3w72AfBcHOsOP270F31xnRPSqElb
-IeAUxa1eE1+fAgIj3ZBwS0FVNHL5ftv4MSzwrwIDAQABAoIBAEAqOnN1gs3dwqMt
-+AhGIAZW7kfE6fgy8EiDKkHq9nC3ZVECH7tSDAjhkwVQDD5fwdwdpNn4IYsQgsRh
-QpWxShr/hDV7KTHkN2pJjMVMt63Yw4qyJzueJccDUh63SblWQQqtpaT0jRJmt5J4
-/BAd5S1fVCIUwrXRreeu5q3KrlwDe6/278pQDYWswXyAJxN2n5H6ATIFOVFg20fd
-hflxQwCex6qDj6w1mhppx/sYLa1uotHr1LfRWgrt+KVNITtJ5yigvbBzKkCu26Uv
-Nxf2V1JjOYhO/q8n4A6YPtIkLKOrWZFFl2KwXTEEd5pL/91XTxGIlALsIu/4C00C
-Tb/vcTECgYEA+oRmq8qtC8YfN+cvwx/ujfUJ/QnhFlxHb+PjLQGWncnKeNOgeVVv
-i7HktH8KKvz5t1QYCR7EhVKxH0zxInQe6Q+eT3fZoQ1Vf6rWcF+KR1w+R7gdqDAl
-GY/tbTLtRWcin2oMggz4dvufdIJ82+fz2RTvmudGQ46yiyYPtDL8Fg0CgYEA5mnf
-V+cvmPFDWlxSwp1JDiUKLJeKNFpp+O0G2PhrpTTAHuiNZ4xQLj7h3k7Zid/Cbu2j
-VTEHK341Gz43bUQgJr4jFWcaCGNDL2mUInZGvFYBFOoWQFFhkhhYWvZr5X5kGg9j
-BrRwJGZ1kRL9zRqPs0k5LU1bfHBCdXhf18wLjqsCgYBqWrF393iVygvQ4O5PCYxu
-afxOl9YedxjA8N+uaME3xcaWm0nCmTnc9a4hztlTPMkLQsFdhdlqvJuDrVemB+Rj
-j4TnOfuDuzR0GeQmGvmKqCesrQayM5ZcjtT+iiNfVpTFVvFuePE3GkYs4YT+my/U
-FmZOvib/YWJ9XrBGEWsiNQKBgDhLbbIAXfS0HYyaOe4ql4rJKe8zJyUbYgDbiGzC
-ZSp79OSYVNQTyBNEcdLq2OOCs/J+RQWvcN0DfN4nGUus9V4B3niANDAQcH3JAdRZ
-qXaiXKlLeBxGxdv37r5qrnnno3VqhPtCYpPCJL9JMJFICAv5u+qBl/STSOmCe4gx
-5jD5AoGAUNyLLGuqFI8UJZP7m7YXAylRiR2IWF6/ia3e7Az6t6HvHhXkjBWkQ3Gl
-q9zOsBlFxHQUA5o5zolMdCyT6bsfDkzf3l7RAP0ZgE3gqIY10pDbedSa8/9K/hX4
-q89JPkj3wa6AciesEcCXML2ttYZEIKsgK7p6NE0SEejCdSs1v5M=
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Elena-CA.req b/scripts/biz-certs/Elena-CA.req
deleted file mode 100644
index 743fd18d..00000000
--- a/scripts/biz-certs/Elena-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBFbGVuYSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOF6jxvPODAbBU+0YiXq
-NNN79YzLucpQcbQAlksEwRm/rYlXEFq6uh4AN+ETNgiQvGGdyUDUiPrW7YlLEemY
-t/6YPnEnKEnCI4D121yeoylSrieqX3ODmg4gPtcyU9ms2Y0QOqzt/bwF9Prtx0wL
-YiJ87qQ8koZqZ4ROtoSB2uuijrOBSEMkNhqoweJ1T8nedNMiWDD6HwRAF5ehb2jh
-oEc78Y1HW4L4jvoGmXW9ZIBxJq0cHzE2wXvgmFA2rfqPpIY9ISIPEdeBfZUZyHCW
-1N8O9gHwXBzrDj9u9Bd9cZ0T0qhJWyHgFMWtXhNfnwICI92QcEtBVTRy+X7b+DEs
-8K8CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQDfMOoML7luTIWr5gGWeph0EnpY
-Cl5foKYn34FuMZSw0ZPU1WOt819G1YVZ9hND0M8d5rQzcsc91DjQ6sVtJIUtuSvj
-5i95s1tn5UZHuEuwdq+4phMjAbfgtidxZs5y4aJzp0+kL+NhrRlnKT3S0GAxQyJ2
-6AiVHO7IEJDjAe7U8hkKIJ3i1hQ16Tz+vSDr+KBlt3gUOLTgGW+jkJQ32jOEWhOu
-lFM61uag904sm6P5gx3bjVHHjwTb3FHYQFnQ5biWZklAC21Al74BDB4Cec9xKBHb
-Bp9UwJXXYTI2K1zr5Tlowl+p+yh6pQDMMUcDnxS2ADQk96IkQr7aZEEOHKlE
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Elena-CA.srl b/scripts/biz-certs/Elena-CA.srl
deleted file mode 100644
index b71d9d9d..00000000
--- a/scripts/biz-certs/Elena-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-BE5ADAEC3C739076
diff --git a/scripts/biz-certs/Elena-EE.cer b/scripts/biz-certs/Elena-EE.cer
deleted file mode 100644
index f6ffa506..00000000
--- a/scripts/biz-certs/Elena-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGDCCAgCgAwIBAgIJAL5a2uw8c5B2MA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgRWxlbmEgQ0EwHhcNMDgwMTE4MTcyMzQ4WhcN
-MDgwMjE3MTcyMzQ4WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEVsZW5h
-IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20zGWcQ9LkKL87A0
-bPHIX4oDZplZHuC44zT/eWuWACyktqjqjWK+ZvbwceNOfamccCGko1FSFNRXs1OH
-1B3MkOHY7OqjthjrvWoMuWDl6k2dMUmZiIASXJJPDXpXklA6YVmDXnYReYe3cc3M
-9cPKB+nBtcRQZ9ZppnC/CIsNAordEemkNMk/H3EPcgrsAPakYfuH5J+e5BawHgpX
-dhTT7fEG70FMJF5M/bUyN4AfXATfE0IC7bRhfcsLs6VX1rzzhLk4FbgE6W/+d/xV
-nrCVimWwH6xO/DxskV1GSYaASsyDzIbzjwQLMRgyPqfAc9PzQX0hAFFu2EmPRBvd
-3NQjbQIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRC+sYdSXpKjNo/7+e7
-rcktSMpxSzAfBgNVHSMEGDAWgBQ1JHnzhoIZSFH0fvb19QzntDMG2TANBgkqhkiG
-9w0BAQUFAAOCAQEAXvh42B7iCFjI5ylIIuDtQNWQBhqb4FW3dUM5zF1Bai+tS6YO
-JCQf1Fge1QVHb70GChQy7AhICq+1z63fyJfJ6Djk5idyU2eAbLzZuG1TkrGLuXOw
-KL87WkjVdpcVOaqqe3sMxGjS0F/jv7xeo5kV6Xv7aDyf3DJXU2LJ+vPU0LcvBJvf
-3Qzf/VXzXZ57MKQ3iUqjy1/JjaZC+xSw0eL+5+HfeZ7+unEwRMw9B2WSF3u3YGWF
-2L3rHtdycJ6y7FRRvgp8duX2+S6TjAxZIWWlw8cV7AAui182cTJ8haVLTQg37fdL
-TjOWvHr6THqTTO88845AmV6v1U9OyxMJYaOviQ==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Elena-EE.cnf b/scripts/biz-certs/Elena-EE.cnf
deleted file mode 100644
index 126031e9..00000000
--- a/scripts/biz-certs/Elena-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Elena EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Elena-EE.key b/scripts/biz-certs/Elena-EE.key
deleted file mode 100644
index dd05db61..00000000
--- a/scripts/biz-certs/Elena-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEA20zGWcQ9LkKL87A0bPHIX4oDZplZHuC44zT/eWuWACyktqjq
-jWK+ZvbwceNOfamccCGko1FSFNRXs1OH1B3MkOHY7OqjthjrvWoMuWDl6k2dMUmZ
-iIASXJJPDXpXklA6YVmDXnYReYe3cc3M9cPKB+nBtcRQZ9ZppnC/CIsNAordEemk
-NMk/H3EPcgrsAPakYfuH5J+e5BawHgpXdhTT7fEG70FMJF5M/bUyN4AfXATfE0IC
-7bRhfcsLs6VX1rzzhLk4FbgE6W/+d/xVnrCVimWwH6xO/DxskV1GSYaASsyDzIbz
-jwQLMRgyPqfAc9PzQX0hAFFu2EmPRBvd3NQjbQIDAQABAoIBAEJQoyJ+DyowAXY9
-cH0JWFhbuc+Ky8JknkRGwIKNIB0JYv3BcrwygfVM80TdQd0KLz5RTiH8819NHwAh
-YE+qezPMt/ZctgjY3GC48wQT4zLJKaG/6ee3ItZPgAxJVLXwANdzZCBqf7pKahTF
-8RbYj/14mJVIui/MTMKCEaKZueNsX0PZGWmSsDiQAZc4OXNuxb+ogI8mqQGJsACa
-fj7sGXgTh/XN9INT8RdQS7H4FQ83mCnbPeM8t7kU4HXX+9OtLitWOgUoJQ65raAq
-vdS8nizQCfpefQr4Bl0xI0YA8MFmmspCqD6q1zAtpnCe7dtzEzFuRJ/XxsRP0Ee9
-aoDQ1QECgYEA7l2L+9gXIf4AmAmVQ5rEOR8B2yHcdwpuKeM+CSZ/o5sesApJlRkn
-ha5Cit30HlpgSQmNAvlSQ+FzU1loKRR9vDGIfZp/LRX+Zwue7z9MtrhJb8rDKqVO
-p50LLwVvH7eir5S7pBylzEjuOXlIc7nSkrJ2UQIiuolm5WhsSIbUbY0CgYEA64Yk
-ZAufuMv5UB9ztiXdWsX0vM8R5iYlplAoRJQea3Ux+wHuDHAlVZ6j7x3EcLn3yHmh
-4pmKC1kPcH7rSiX7tgN75BwRudiTTUCy42U5Gf2P7j+QnNdrNRa9TO/DRjFcJz2j
-2oab3UNMom00iVSxpEqzIcJyTpGBsl0ZCgEWZWECgYABhTM5Xf13yAj070q2baxG
-uP3oCeVAFR7ywXJJ2KcDwh+F++rQOqLX5W6jOBswfl8S2C7AEBsIN83mgDF74ZeT
-tbUrJ+sbvIIs4hQXbo3stGwzfFWWVguUYhoKKLy2tRMij45K06vzC5wJXc6qfkrr
-iJvclGjoS6wOVoYqSEHemQKBgDOq3MbZyfM3Q/0wuSinS9UDAjp9TpbnnXDLutm4
-iKfYMNu4w6kU3QvYXmwxYou8MEBZdosIVcFBi2KJZUKB7KM0RnR3N+hGO6JB5DyA
-UzOBbZa9eRL/KvSdhW+gVX1LjMTK/+wLhZvXjLNBM7pAyyuYe42XY44a25HuXHTW
-YjxhAoGBAO4AxeL/zVOZxkZH9b/8xo/31wj5DPunGGF/igIauXg9G9rdCQcNtWLw
-rhZxj13OqfpbEuS5V0vzLSN0JMVXWc18ekLY1fcdXRV7IZ5mh8QFQiqslTKL0u74
-CH5PJX/5OCQoz5vEcg7mrO+a34ew3uf03q6TSlTtWuLrEzoQKu83
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Elena-EE.req b/scripts/biz-certs/Elena-EE.req
deleted file mode 100644
index 69b845ec..00000000
--- a/scripts/biz-certs/Elena-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBFbGVuYSBF
-RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtMxlnEPS5Ci/OwNGzx
-yF+KA2aZWR7guOM0/3lrlgAspLao6o1ivmb28HHjTn2pnHAhpKNRUhTUV7NTh9Qd
-zJDh2Ozqo7YY671qDLlg5epNnTFJmYiAElySTw16V5JQOmFZg152EXmHt3HNzPXD
-ygfpwbXEUGfWaaZwvwiLDQKK3RHppDTJPx9xD3IK7AD2pGH7h+SfnuQWsB4KV3YU
-0+3xBu9BTCReTP21MjeAH1wE3xNCAu20YX3LC7OlV9a884S5OBW4BOlv/nf8VZ6w
-lYplsB+sTvw8bJFdRkmGgErMg8yG848ECzEYMj6nwHPT80F9IQBRbthJj0Qb3dzU
-I20CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQAlRnvSyz3kmqYWx06NF/pAksHg
-SjUiL7rxnl9/9kOwAUCZV24L4M4bUtcM9W99AP6snTB/xLhAfWcAUa0F5s+sLC8s
-WVMMitm7ykjRX4ebP0PvTk1eM3SkzhE2nq12493n2pmhmfH+MoHhE8QMBZN1C3t0
-VE5lpo75Avl+zvH96hPJGwKbDko8zaaDFODctq23O6mTeZsUC/mrDw/uq08L/czG
-JJU2A7k7/AAZ+0gAiaBIC0sb5rvT8EkswvOZ1wwT9HGSKHM4lS1BQtK8m9olH5MI
-ul4C7nmpK/3eCHBdZR81Ecibb8mU831B4pp60uiJZgmyQihCN3YyDb5+QKFG
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Elena-Root.cer b/scripts/biz-certs/Elena-Root.cer
deleted file mode 100644
index ef1efa93..00000000
--- a/scripts/biz-certs/Elena-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHzCCAgegAwIBAgIJAPF6T/jli1fvMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgRWxlbmEgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAzMTgxNzIzNDhaMCYxJDAiBgNVBAMTG1Rlc3QgQ2VydGlmaWNhdGUgRWxl
-bmEgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANfp5CkWcw3a
-9iz8WT3x/A0NZQERIIziGApTWEmVhXxBz2whxF0JnAp1vkUOkeF8kOK4AQu2s5TP
-jwc0dIlZ9pJk6X7jsuVry+uGNe0DJdYBuxFTYyzZK29M79qXZF17yU0ENAE/9eMA
-kdHiB0CAJXpOjK7sjhL2eC2fch9UtWMD0z5l0aWqW8ij1KebXNF9ihaZij+fY/px
-NB2dqjdkJRr8wGN3fksS58JcGo4S1BgRqpIGdaAPogI3/Rp66xEDYmoWUhB1jvPl
-uqQ+w0dj1h9eNEBigDwO5gyjyAs+lljOwj2GCzhffaTvsM190oSbCrU5uvGX02bU
-493dsxFZbfsCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUfSmeAQWm
-NuATQ5QLtzkBGQCQng4wHwYDVR0jBBgwFoAUfSmeAQWmNuATQ5QLtzkBGQCQng4w
-DQYJKoZIhvcNAQEFBQADggEBALIbG/+58WYEPGntUHP4wXmH1xGLoHC4NrGmZkBY
-tRazZSU+dQbVD/hG7gv75p9341NptI+sPotz6ly0enDI3MssS5mEplUIPIXqvJJ4
-UXxYZLiq6DLV+udc8GbCgcbxSriPjMpP1riP7mOr4byjHfWD4JKWcLtZB9SyWuo4
-9jVHq4yHmYIXpr4Qwo0+6OMUVa+rxVmAFciQv9/y9g+Sy0g8WuKoFbqKGvz87mxy
-E2L+Vm3Ak01NaH+lgsLnbzIE9nM5dC+xZlcBsQy/0AS91Z+ByGyIpIg0YbECx9SE
-iYzrmpmACvzafW7rDddiyOx23SzHbSKgeP9ADrFoJ4W8yrU=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Elena-Root.cnf b/scripts/biz-certs/Elena-Root.cnf
deleted file mode 100644
index 920e7c7d..00000000
--- a/scripts/biz-certs/Elena-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Elena Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Elena-Root.key b/scripts/biz-certs/Elena-Root.key
deleted file mode 100644
index 20ce11c7..00000000
--- a/scripts/biz-certs/Elena-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA1+nkKRZzDdr2LPxZPfH8DQ1lAREgjOIYClNYSZWFfEHPbCHE
-XQmcCnW+RQ6R4XyQ4rgBC7azlM+PBzR0iVn2kmTpfuOy5WvL64Y17QMl1gG7EVNj
-LNkrb0zv2pdkXXvJTQQ0AT/14wCR0eIHQIAlek6MruyOEvZ4LZ9yH1S1YwPTPmXR
-papbyKPUp5tc0X2KFpmKP59j+nE0HZ2qN2QlGvzAY3d+SxLnwlwajhLUGBGqkgZ1
-oA+iAjf9GnrrEQNiahZSEHWO8+W6pD7DR2PWH140QGKAPA7mDKPICz6WWM7CPYYL
-OF99pO+wzX3ShJsKtTm68ZfTZtTj3d2zEVlt+wIDAQABAoIBAQCvcLmYOUmbxIOr
-4hCRqQLpiCy+RTBxyXVHTpm6kOg6Iy9r6bQo9Rn51dqZOlGHKzR/RIx0/CvHiy/o
-5tKamKMmKSEhndtLV+AGrLM8twYTcqySU3OOiZglhBqRP9qpq1/SWMv5CAPAREI4
-jLTf0ECjtRfTOxvmhKb6S0jr9GS+4mpth7YabrwRiMVw5YrbpKP0Elp3Jb45+els
-rwU1IRGFIDOjVfNcpA7jwXhaYsPHizTSS27fCG+ECJxXaf+guR8q7Jh3Ww6MUvGw
-W+45NHaoxA6v3elCeiLBO3XpQa0tItvih538Ro9pqJ53TMFjT2IdGnAHjj6Gs3qb
-GlaodrwBAoGBAPTFv/cjNF/aQ7LX2sNSj/7/Kh+FmnTmZfbkgwuuD4F937icYNzw
-gD5RsCbaFyF8MqwDzYnj8C/0qMeMan1On1+oyc720IOPSA4sEEfoEwZUIiphizVg
-4M/h6teQl2pfquvakfzoa7egFX+PuZt3VugZ08L4XLw52vu4F3Kspw2BAoGBAOHR
-Q/phq7y+B2mzs574cL84BJELIKfuX3xXKENUvygmohzkykH2wZpYk1ttPiTR6Qyu
-kJnYM3N0VuxUXW11M1eEiQyISuNmJadghY8idg8+p7TH9IjoRzG00Rh0FB0JqGZF
-3Jzl9SPqKW+QXDNIVb4N9sd8ohKiDc2KfjqwIHF7AoGAOX+Wh5SCgh3Al2tzXTyw
-zMLd/0egL+PLggLN8dlylQWfnztE2cG5Lmp8CbRjiJ8nPBcsmj6sNmevmiiW/1aP
-w6XfujlqY+0tjP622F1g0rTCzdfaHrDiPpMgWoEBwKA2g271qkZiv2Dgi/WUMTwI
-cz9V6k/zYNfqZAUrpOl/2IECgYEAoZLF/OTdqJKfYzY9E0XYBjniqpU3rHCWybTj
-DioZDHV4EQxy23ffVryB0yz7BgVbpsNQm4NibP2VJEvI/YSaU8h09w6d5s8zqesa
-JSwXJRlDjcp0YXExX5Ns+P41VgGPCH58N5ciK6xkMXstPVRIZVBAfsPig0qIbcTm
-RL+4tvkCgYAmcv+/9rPHm05RoPalnvhphQod9f5u6h2xr6GrwwmaUH6ZvovGs4jA
-M+k0NGMDmIkU54NakBRp+HF8L2ztJlhg85DymJZVRzPo7mGw0jYxM9OjUWkZB2Rt
-eqymf/c6PnwLUtl6ktc0FsvmIbn7tyO+NLmMqZy9ipvgnQKVhs/K+A==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Elena-Root.req b/scripts/biz-certs/Elena-Root.req
deleted file mode 100644
index 6797e57d..00000000
--- a/scripts/biz-certs/Elena-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICazCCAVMCAQAwJjEkMCIGA1UEAxMbVGVzdCBDZXJ0aWZpY2F0ZSBFbGVuYSBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+nkKRZzDdr2LPxZ
-PfH8DQ1lAREgjOIYClNYSZWFfEHPbCHEXQmcCnW+RQ6R4XyQ4rgBC7azlM+PBzR0
-iVn2kmTpfuOy5WvL64Y17QMl1gG7EVNjLNkrb0zv2pdkXXvJTQQ0AT/14wCR0eIH
-QIAlek6MruyOEvZ4LZ9yH1S1YwPTPmXRpapbyKPUp5tc0X2KFpmKP59j+nE0HZ2q
-N2QlGvzAY3d+SxLnwlwajhLUGBGqkgZ1oA+iAjf9GnrrEQNiahZSEHWO8+W6pD7D
-R2PWH140QGKAPA7mDKPICz6WWM7CPYYLOF99pO+wzX3ShJsKtTm68ZfTZtTj3d2z
-EVlt+wIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBABYl3Zj1P04ONOYjQrKZ/BR5
-u2IBr0S6NgwNK2MC5kyCUjEkunaIO6qSJOfcbuo/EI9GAkNJQxvk1zXfoPAAs9o7
-te39oCtHb/hUnc/jaoFQmrpTC9CmUSzotcgasoc5NdVE5pjDwD1ba/RecQZh4PMd
-ndC3COKH2ssCZnEdqZmgUUsd0s94Gt1/1FP6YuA6FabBIsMK0RkAaMswpia6/I0g
-7Gjarc+eml+NoO0BPNdjUItFyen6piS60W1N+XcIM2Y0+cXM3JvkoyCBCKPev9j3
-ogVRXIczSPzRcb6jol43qnhKKFkfSDdovY005lspruxlJowTdy3cR7JEkwELxnI=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Elena-Root.srl b/scripts/biz-certs/Elena-Root.srl
deleted file mode 100644
index ffc8fb8f..00000000
--- a/scripts/biz-certs/Elena-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-DC39D691B95102F3
diff --git a/scripts/biz-certs/Frank-CA.cer b/scripts/biz-certs/Frank-CA.cer
deleted file mode 100644
index ce4b267e..00000000
--- a/scripts/biz-certs/Frank-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHTCCAgWgAwIBAgIJAMqO64hXw9BEMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgRnJhbmsgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAyMTcxNzIzNDhaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgRnJh
-bmsgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJIEuqlgIImsHj
-L64vwnEuQf1LEoj0N5OzZ8bXB0/kg6cCIZHpp8mxN75/SXRvQbgEGSt5oeb1F8cU
-4sVl6YJ4/1dETDUgR38Txw017vrXgUTusWXEw+i8lBwtlnK5XNUfGJPOoQR3C0Wn
-a0M5ZXLmaXuKgKLcWadWruoXsfCAqPabtjCFfJbx2mbBXMyWgOGmv19FO+RS3B1K
-njpXNz70pc/2P0BA05f/rH4qjVafpiTYq/FeINdDWT69ohUEblOrAuM9Y1WO7uGU
-XGanWyEDlhHU6NwiTfwXdnPQ3YRRxuCz0f3MJL98GFYbWAkF45aERUGkZ1OlRNEM
-3SdA8ezzAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFMGFt7dtC5NJ
-e0d/9mIHY3wsSBxEMB8GA1UdIwQYMBaAFOUmkyh0+BWywAg8nf1Gl2JtpGJoMA0G
-CSqGSIb3DQEBBQUAA4IBAQDDBh+8Df8qPJXRJ8tMehIPYNEfcpobg4sRGzNfgup+
-aoZz6f3RohhNeK53eupzDG9bjE3oiMSu1uqn1eY3gAq+8SKs9+q84o7BZJKFrk1h
-QC+uUrPWMQmlTBXLt6J+y3QvMCRW03H+FC4rTbiFXQoqzRE+rJRmZgzsBjthnylf
-jok+AMeaHhQRgac/Vu21pRs+HghzIQ9+gecwqcyXw2gcOe3qPmYzOTuqIez1qCi4
-/3EYlnr/135fedPe51OxLjIyGaKIzHWTB41MbLmSWLzL05XDSe6uzYuHwlgDffEs
-e4VqH/kKkU4D2ZT0UavfpjwjL2Y6nZAQCEf67H31ZMor
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Frank-CA.cnf b/scripts/biz-certs/Frank-CA.cnf
deleted file mode 100644
index 97703886..00000000
--- a/scripts/biz-certs/Frank-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Frank CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Frank-CA.key b/scripts/biz-certs/Frank-CA.key
deleted file mode 100644
index eecb7253..00000000
--- a/scripts/biz-certs/Frank-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAySBLqpYCCJrB4y+uL8JxLkH9SxKI9DeTs2fG1wdP5IOnAiGR
-6afJsTe+f0l0b0G4BBkreaHm9RfHFOLFZemCeP9XREw1IEd/E8cNNe7614FE7rFl
-xMPovJQcLZZyuVzVHxiTzqEEdwtFp2tDOWVy5ml7ioCi3FmnVq7qF7HwgKj2m7Yw
-hXyW8dpmwVzMloDhpr9fRTvkUtwdSp46Vzc+9KXP9j9AQNOX/6x+Ko1Wn6Yk2Kvx
-XiDXQ1k+vaIVBG5TqwLjPWNVju7hlFxmp1shA5YR1OjcIk38F3Zz0N2EUcbgs9H9
-zCS/fBhWG1gJBeOWhEVBpGdTpUTRDN0nQPHs8wIDAQABAoIBAGXHpyL7aKoMDuQ2
-Q9K9dmMvV8v+5DmaSm92q+QzOhXtHb3xWRLCK0o4aHmnpXmL62B/kEWsTeFoGAIU
-xEpPggxTQ0k3u4bLR56tk5zghCY8r7KPKW4KqiOMXDohsYrmVJ+440ukpkrL9ILF
-wC4yjZPWe4Nal5Ak+o7eU26MSKYCdRIDGsW2BhTKjH2stwzojyb4Ru+ferkryF+l
-8chWpf0srfabyVojkVMceRWJ+wFHycff6uZsnXTQgx5yGCown5ziZP3XoDNn7UGo
-0M9960OaOB9own1AxQO0/0jOMh+/h2WE+/fWK0+FIZWQYf9RXE0ppruzLLRMqCZS
-dwVpGwkCgYEA88Q38ZjUbccMLGt9D6LEIuW5qI6Lpds6179VPpTcdRZHOAC79pl7
-bgsazDLdufE2IWiObaJrTGt4cn/Zgy1HyYscRECD4euAFyLdWm40ehZRe3fgMtXJ
-CkxTf1iYLG8VkSVUt3XAXbaRvBikPbvXoo78kQLvLohvRIMCabc3Kp8CgYEA0zhB
-xudHQCfgDnl28Ip7+YWw4Ai69I2ULwwyhJNxbQDAnalAUXFV1j7XvFd8WpLzrPUD
-65D7CYoQNVPvcBFUg+wfM78EEfpFNBqcYkuUCiSAT60E0WwMomhnKPHpHBg/5QjH
-Of8HEuDXAG+iAVcBDIn/iblv/Zhza/za1JKJMS0CgYEAx1JmvDJPYQQlPB0YQbTB
-1Bcr3FvSbGf6kXdt6KIoMcVprq1LBLUzbCPAYcAl9Wj67g5kh9kLC43FCzrnTI+1
-52LMVjK6o/zA3Cox/UOnvTyKm/7FYEvW+4i1radvpsWeSPTRdMHf7cDfIYK0qZXz
-GIT6mEhh8xa0hLzrOC4L+dkCgYAun2JVh0OA88xPJZyNZ+QJperu6L5rsLyezfBw
-tyL4Tow1wOBDmeK6kdCI8D6wt3M2IDcnTi87YdBGFSrq78hZ/kq831MErNuNrroK
-MGiS/I+eBrDjkRgQ2T68GPm9i9S+t3tSX+qtzhdnLzzxUsUWgXd4bQg9T+NaWMvs
-1BOYWQKBgQCAG1lfL1QAx+ZvOa9zbL7U1Z/XJNTM9wCsOpFIvP2VDnLiwsvspjUE
-0sz/6Bh5a75zKUaf0njSZIwNsu/rY3ky+NUK+71MpYWaZdbp3qHSUn0aX8EyueF+
-rkj3RFEX/bVqxzEyJhhTdMDNwppFPkQmBhuJRIQMpoerKZqgK/z0OA==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Frank-CA.req b/scripts/biz-certs/Frank-CA.req
deleted file mode 100644
index 6946aea2..00000000
--- a/scripts/biz-certs/Frank-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBGcmFuayBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMkgS6qWAgiaweMvri/C
-cS5B/UsSiPQ3k7NnxtcHT+SDpwIhkemnybE3vn9JdG9BuAQZK3mh5vUXxxTixWXp
-gnj/V0RMNSBHfxPHDTXu+teBRO6xZcTD6LyUHC2Wcrlc1R8Yk86hBHcLRadrQzll
-cuZpe4qAotxZp1au6hex8ICo9pu2MIV8lvHaZsFczJaA4aa/X0U75FLcHUqeOlc3
-PvSlz/Y/QEDTl/+sfiqNVp+mJNir8V4g10NZPr2iFQRuU6sC4z1jVY7u4ZRcZqdb
-IQOWEdTo3CJN/Bd2c9DdhFHG4LPR/cwkv3wYVhtYCQXjloRFQaRnU6VE0QzdJ0Dx
-7PMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQBcEtGyCsZojfSMMtSjE0pKSBhx
-j2WE6QNlGsWVrzDrBn+yPf8YhYWtTmJcf5pANcyODuNLMxP6EO8pfGiZlijgk1gp
-C9fUBr6iVorkUQcsjRKmS/LqrEHC/V54pfeaLU7k8o3EgveWMHUiXFjBaUzBK74V
-6sPOMLAziCq2TPOiN9CSgTlDTfyugPzRvqRFNTm88wPT2YcgWr/ZO7R2rSafZFX2
-oD96AfqPsnWWAPOeqtyOWiF6eNks90r3PoKYWxpZZ5A2ijVPrZSYtYUIeyJqE/9f
-FPeLadoTEFdJ7/sPvtVTnj9O7oF5EERSHbxaWC6TCT79NF3SLxfyK+ANxawc
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Frank-CA.srl b/scripts/biz-certs/Frank-CA.srl
deleted file mode 100644
index 3d68aea7..00000000
--- a/scripts/biz-certs/Frank-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-B05767B1F50A040B
diff --git a/scripts/biz-certs/Frank-EE.cer b/scripts/biz-certs/Frank-EE.cer
deleted file mode 100644
index b67c4114..00000000
--- a/scripts/biz-certs/Frank-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGDCCAgCgAwIBAgIJALBXZ7H1CgQLMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgRnJhbmsgQ0EwHhcNMDgwMTE4MTcyMzQ4WhcN
-MDgwMjE3MTcyMzQ4WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEZyYW5r
-IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3W1VWDmwozts2rpm
-4vU3U/SJvaNRYUISNDiNsdj7rEekcoTR8J+MdgDjV/PEXv7xRleKUf/H+HRrG25h
-XL+xJSMTowWvSEuNaGB/gCFOhbFKLHAjKwvV1eMsstpF0oYSARjPpefF6BMhTHmq
-SmeT1zyqPFP0vOiyYpRbnTy28IfkzxcsF+Z5EvMujqnvjLcP5AXOYVSDC7r0ZzpR
-bu3hcnr2ubBscGZIG6PynmP+xLnkSQs2b9gMaksBdgvRFSYJ5g1mcxr3zR4igZI9
-I4mSxqMbQowmJJSuWZzHIzyxteuD04RIPAjJvwA55/5LLrdVs3VqMlRpsUCetPXx
-fckxGwIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQIHkroA9j7gpwYBb2N
-or9xU9cpfTAfBgNVHSMEGDAWgBTBhbe3bQuTSXtHf/ZiB2N8LEgcRDANBgkqhkiG
-9w0BAQUFAAOCAQEAVIX5WxILGYwfKxLUfx2ahDKFP9EMPmiUvhHCIpbjhT6sROxd
-aO2z3GFRWrZ6FiDg4nIhrILv/ar1B51EUubX5lZ/6OCJMvQd9e7o8RPkN2fqMKF8
-R4jayJ6XNepbxsJ9oWIYT8/+WxcyzvepV7hkCXkrAd3qplyaMe60ZNjHg13Bi4gU
-lNZ/77+HI0pXvtTYZ/C+9iwWTosKeUdx16t7XxgRiPrhNjuSDPfM6W4SZ017Zcza
-AtAp9Rd3tDzKlz3AHkyuRJbR77+4hnec3v+UFY7BV0XDAytdsReHRppqxZCamoqn
-jFp2plVkYCgGU7N0AVp/trbK/IdO2bo5fF1X4Q==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Frank-EE.cnf b/scripts/biz-certs/Frank-EE.cnf
deleted file mode 100644
index 68f62d38..00000000
--- a/scripts/biz-certs/Frank-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Frank EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Frank-EE.key b/scripts/biz-certs/Frank-EE.key
deleted file mode 100644
index 9c8c497d..00000000
--- a/scripts/biz-certs/Frank-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEA3W1VWDmwozts2rpm4vU3U/SJvaNRYUISNDiNsdj7rEekcoTR
-8J+MdgDjV/PEXv7xRleKUf/H+HRrG25hXL+xJSMTowWvSEuNaGB/gCFOhbFKLHAj
-KwvV1eMsstpF0oYSARjPpefF6BMhTHmqSmeT1zyqPFP0vOiyYpRbnTy28Ifkzxcs
-F+Z5EvMujqnvjLcP5AXOYVSDC7r0ZzpRbu3hcnr2ubBscGZIG6PynmP+xLnkSQs2
-b9gMaksBdgvRFSYJ5g1mcxr3zR4igZI9I4mSxqMbQowmJJSuWZzHIzyxteuD04RI
-PAjJvwA55/5LLrdVs3VqMlRpsUCetPXxfckxGwIDAQABAoIBACNDVzUest+8BgDr
-cJkyXiZTql/2E26+u/FvFDm/iY0NN8Y5GsoMTq04RPxryNksFraSGGgoqOsLd0c+
-E+lWadq1NFpg/GIyDgoSXBvGsh+edWaQUTl4wAw5CpRNKJN3YISmM+OC/sSPz1zD
-f3gr+KJtedrzr+Up1cbXQ6PN2ICDh++nInWn9ZMMfQ9ZPdZuX2Qhl8W7RN8S7hc4
-935HZ/f5dod7+4TdVIb/Lbxa0r4Kfz1FkYulyllL1DqYeJP0YzL3mrT79ZLUrbyK
-nBOhtG1eHfLOzlX7y5vVGWEN8dhK5HJqi//DHtgFpYOFU+x8YuWS5wqiYfqMWy4d
-883oUFECgYEA9jCjDGbbXuk5U3rL1ChOIAO7U0iVO3kFSLQSxbkwQpfUV9NCY6MN
-ZH0e0o1AFui8WTS76xO/riywbZHZ9OO3xfHODNO1Qt+k67m75mvW4hzlzOS9B+J7
-UATHOTyi/Cy3shI4W+FDyjxX9iNG8l+Bieu+7Fh/DeZNkJ3Ejnb3PwMCgYEA5kAX
-mdjExkCJHaBbdzWBydIW7NNbKmBPKeSs4zhhRB2BAbmnSG6Mu2KUm+u+5YIKN6o0
-r5OLhxo0k69LgyVD/+3NJ7fPmwGtsLRaeykShR+01g7PXCXW6EMbhyCTs8OcPfDn
-4yxoj67k3E4BBLtJI6pVRYVr+IEvZqAhUqUx/gkCgYEA8zE6b47PlyMmGNvNq8cg
-3akyC+RAXp5+5MHVZXI5RR88iIFNLKWuHh0nLHCR5c+D908Lbv10NPc6VRJlzu5/
-5E6n763Webf4707rWYQfof9P1iYCwV4t1+7Qai8HBbqav5IWEFUnJQiVD7TraZOE
-oBy73jbRU4a0Cm5+8wh71scCgYA2lDTD/DVQxVV7V1q3HFDitVFH3CX9Go1JYfJ1
-fhTYX6IH9akoq0Pi21Bc0XoTz0p6vXb1s6TcZqLV6zScJsZCsWzzIEgu9yvj+iyE
-i0zfj49/Ok1/C10w+09YLam1cAXmTOe62vkCLjQD4N2u8HI66RKDg0f/xSemTQj5
-HT2HeQKBgEZB0W4xdOPYU5lTzYmn3hPH/F8R5DismczNXpe5XOcle+IUPyMkNpJR
-xVy98muszdIhYnroQIBCHDEMDNnAP0OCCZ0PjcuObf+RYdJOEznxMxIB2g5BWGZV
-gCoEYWLFVJpS5mQZz6PdogjnudWVae116cAB6i7SAWqVste/+t+X
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Frank-EE.req b/scripts/biz-certs/Frank-EE.req
deleted file mode 100644
index b7731a9d..00000000
--- a/scripts/biz-certs/Frank-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBGcmFuayBF
-RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN1tVVg5sKM7bNq6ZuL1
-N1P0ib2jUWFCEjQ4jbHY+6xHpHKE0fCfjHYA41fzxF7+8UZXilH/x/h0axtuYVy/
-sSUjE6MFr0hLjWhgf4AhToWxSixwIysL1dXjLLLaRdKGEgEYz6XnxegTIUx5qkpn
-k9c8qjxT9LzosmKUW508tvCH5M8XLBfmeRLzLo6p74y3D+QFzmFUgwu69Gc6UW7t
-4XJ69rmwbHBmSBuj8p5j/sS55EkLNm/YDGpLAXYL0RUmCeYNZnMa980eIoGSPSOJ
-ksajG0KMJiSUrlmcxyM8sbXrg9OESDwIyb8AOef+Sy63VbN1ajJUabFAnrT18X3J
-MRsCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQAS4EWFkN0KI0PkZyTKOYJ6S9q4
-UyEjMi7fgTJuRSMPpKiMDv1l3suirbPhnW3+yRau++h/Wxa3xE2cgHmFdFSGsp9Q
-GpGiw0xy9/UHmaxuian+Xgwo5iYBsAXks+HnrXjpj+PulLPHtX2DqYTjOLk/T9aZ
-ue8OKClukL4G+jmYptY4ILaufmnqJHqPv+JBdZUJT97LFEGVLdv0TD5pzsuSQu+A
-eJJ5SNAUyt1PF6zhC8ZJAjL1ZIa33y0dI0iKbx9G4cnnL2cm/3SWiHGtXTzRGunh
-4HwhKMr+Y9A6VKR/LT3Gbkuvih9G3mnVDenKgjKXb7HGhfkWtE47DZwjBlYd
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Frank-Root.cer b/scripts/biz-certs/Frank-Root.cer
deleted file mode 100644
index 0ec9f629..00000000
--- a/scripts/biz-certs/Frank-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHzCCAgegAwIBAgIJAMsTRJ57iUNrMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgRnJhbmsgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAzMTgxNzIzNDhaMCYxJDAiBgNVBAMTG1Rlc3QgQ2VydGlmaWNhdGUgRnJh
-bmsgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOy5GeJ8pCtu
-S2QhidJecLQ8gpeDxUS6z075A8VIowtNOiywceeZLWNCcSG0YSYnHCyQCkCAtEb7
-mpTWHPPId8cd7CcbHqIKZNw7mhzmRVPy6+ZS1GQm9AXK3p7yUj2Gl+yxtfFXWCxz
-1FgAYiOSN7eyvkjLHmORqBv/UA19M+iLnPMjLKaQugy4J/6Zju0v2LqpPS8Xzh7t
-qjrP/1HDmjIRgBrzwibRcPhlGPx79k/GQwxQYWB1bjfQiuZYsVKoWMhMaHTcWUKa
-o4ZJNpBDZM7Gc62bYGuwlLITSr1MJtwgNZKmTAslunHx8SBf6fp56iVjZhqzB3eP
-szbwC/HL4EMCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQU5SaTKHT4
-FbLACDyd/UaXYm2kYmgwHwYDVR0jBBgwFoAU5SaTKHT4FbLACDyd/UaXYm2kYmgw
-DQYJKoZIhvcNAQEFBQADggEBAClPGF3JcqqBJcczowlbm7Aubt3meLRUbDj1U39a
-dQIf0eGNyY79WNVy5uJ7gvUq0MPj4nM2prgk+ZoNsQE++dYdp/J97ahIqfnsr0UN
-W+HuzAzfxNNvMRTBsHJZv9uc5hODKPqSw7XpLL8wfDrg+UHJSf84tT0lqTLk0id0
-dMyQ2+GoFSI7q71hfuQ4TIay8RmFPiTx4haA+E5MNnawFukjtb9pGYTiZvEB18IH
-HgQMxo7CfNaA05FpHd6OfLbXEyf6WanL7oD6drOJcMuvbWiPeTQ6v0rQy77F8gSd
-4PflMK/AtGPzp2tTT6fE7PwVoKPqyVExeKH4kpd+jj/8Uvo=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Frank-Root.cnf b/scripts/biz-certs/Frank-Root.cnf
deleted file mode 100644
index 8993417b..00000000
--- a/scripts/biz-certs/Frank-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Frank Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Frank-Root.key b/scripts/biz-certs/Frank-Root.key
deleted file mode 100644
index ad4700e5..00000000
--- a/scripts/biz-certs/Frank-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA7LkZ4nykK25LZCGJ0l5wtDyCl4PFRLrPTvkDxUijC006LLBx
-55ktY0JxIbRhJiccLJAKQIC0RvualNYc88h3xx3sJxseogpk3DuaHOZFU/Lr5lLU
-ZCb0BcrenvJSPYaX7LG18VdYLHPUWABiI5I3t7K+SMseY5GoG/9QDX0z6Iuc8yMs
-ppC6DLgn/pmO7S/Yuqk9LxfOHu2qOs//UcOaMhGAGvPCJtFw+GUY/Hv2T8ZDDFBh
-YHVuN9CK5lixUqhYyExodNxZQpqjhkk2kENkzsZzrZtga7CUshNKvUwm3CA1kqZM
-CyW6cfHxIF/p+nnqJWNmGrMHd4+zNvAL8cvgQwIDAQABAoIBAFOEkt9XfkxcY3j2
-ZDu2Wikc2C5ArU6sYgvIy03FbNDF9Gpj7iv53QuSG3v6ufPOBKCsSRGs1u3cQxOT
-3y8bYTb9FZ5OcSZWaHNTC/J6Q6d0o0nlm02ieKG6i4SkleNjIyK9KCX33QIB878A
-k59dLQ9AnuXr09LpRthp4YKA09mNCqFhTivsxJKswjoDbGeZHnz964f9yntuDqxP
-ROi+F371v67D1AYvk/BMRdA5G/CkbMLomgaQ8rf0sW4Wx9rqHm9xzMO62xe3ot7r
-hYByQmMO+6DGq4RpuoG5RdQLKACPdob2ZZ/fsRHUpjUMG4REKIMNMwmbWqbgk7te
-hWUCx6ECgYEA+Mw6FrdFej+Pob2xovOKIYJDg8dKcjj5TeNvPkEmmsHcV5Hhs8Dp
-x3h6GPLxHehw5fOBs88Y9ep6EUEE4xT1gBimBYbmt5u8jHWR92GMFnWhURWG6aMu
-XVhD5oLCE37i1j03q2I3Ax0MV5pIBwamcEyAKDNtFiEPm0voYY55POsCgYEA85Nk
-S+3MyF2yHRX+8kCqoW4Rh3kai7E/SvoQ9TwR2JCiS83gIuFs4CD8oASYG4A9oe0P
-GuB9sWZjdUC0kq248WzXNdnKglWuhQBNnjjtQqRUNFVnH0Kupdo+jnELqIwq5Is1
-UF1oq+7c9p455H+TpmiUWAYSA3iFbFn83487NAkCgYEAgqZETs95BaRBGa9Si/6V
-59jO+XF675ZpnHQ1Y5y02Am7WqT5v/orCZuDinxxD8KTHr4Lu0+ijOjPpyXcmh7U
-eKr46+gWWg7HKX9H4n9wIA8vYjQKv7/4Rf5m0bKSlchI+DX3eOE/gDwN0ibrcf0V
-A924YuP2getklal741b85XcCgYEA7XVMuyUqlk+Zu/dco6ldb6FRn4P12CfFL4AY
-liuorjtarZIYp4iizuH5xrqT24OrEjh8mFQw1Yie/4lEQRbxjRPxvwMDBQso52rD
-QLP4whZYLOjxbq1gfDoG8HDOz9NOYZ5BLIbT64Ijkp3wjI2/UOT1cdcBKrcNQ/N6
-riwBqJkCgYEAtCk/Lv5d8ZPtqnIb1yMXersoNpg+vZdBBD6esQ3/tPvIgfPJm5jb
-SmmoCJBCOuTMH79KzsP1/wEq4LAWpUflf9AW70MEVg+A58ixITuimsyHvQOb2EAv
-vYvVHW3yDG7p+gS+KEIvJNo2Tf1MQG892EHrOFg1m4Nnnkwi0IZrFr0=
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Frank-Root.req b/scripts/biz-certs/Frank-Root.req
deleted file mode 100644
index 6dd4cbdd..00000000
--- a/scripts/biz-certs/Frank-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICazCCAVMCAQAwJjEkMCIGA1UEAxMbVGVzdCBDZXJ0aWZpY2F0ZSBGcmFuayBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LkZ4nykK25LZCGJ
-0l5wtDyCl4PFRLrPTvkDxUijC006LLBx55ktY0JxIbRhJiccLJAKQIC0RvualNYc
-88h3xx3sJxseogpk3DuaHOZFU/Lr5lLUZCb0BcrenvJSPYaX7LG18VdYLHPUWABi
-I5I3t7K+SMseY5GoG/9QDX0z6Iuc8yMsppC6DLgn/pmO7S/Yuqk9LxfOHu2qOs//
-UcOaMhGAGvPCJtFw+GUY/Hv2T8ZDDFBhYHVuN9CK5lixUqhYyExodNxZQpqjhkk2
-kENkzsZzrZtga7CUshNKvUwm3CA1kqZMCyW6cfHxIF/p+nnqJWNmGrMHd4+zNvAL
-8cvgQwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBABf2mSgwPJc8lymCczXp6AtP
-38P+hNRD0UV3zirySIE6XptwHoPxkOoCMHQyDULEH2CLQ2JTJ7New7FRYf2OFPLS
-CTpVhi+3qS7k+zlfc1vH0rdlDlVm9Lt3Qi3yGzhreoxDaq9kE4SnCKG4q8vsWl2h
-Djicil/CoiyH7+Mk7RzUNGs37UyoifZF/uA6is3xCg8wflgabDRXqebDrmIFn7rZ
-ox4jiDL1Ym1SBhJRBCh7+ULCZQXtk5005KwrYETt2wbb4PzwxnAiTpkHjfy9qzEk
-NOhc9y2Urpk15/UtN3rhFTyK1mLbyeGU4foCzjArRvKGL4ueC89NpMe94X8F1b4=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Frank-Root.srl b/scripts/biz-certs/Frank-Root.srl
deleted file mode 100644
index 3c868fc0..00000000
--- a/scripts/biz-certs/Frank-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-CA8EEB8857C3D044
diff --git a/scripts/biz-certs/Ginny-CA.cer b/scripts/biz-certs/Ginny-CA.cer
deleted file mode 100644
index ba2154ed..00000000
--- a/scripts/biz-certs/Ginny-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHTCCAgWgAwIBAgIJALTKl8dxTDdDMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgR2lubnkgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAyMTcxNzIzNDhaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgR2lu
-bnkgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDueidWFU++2YuK
-aT8Lp+y67Miy1FgO1UNxyCevP880EoJ6tqDVRAczLh3uDJKhZ5pt92+/m6PPqpUq
-QtJQahjk55SRQQisnqC7dhkCnF7pXQPR/qPFzimtgkLXielt8GhvZSrqdxDdDnnL
-xGzW5zrgxW6+KhLRl9jgK81E1EIr8h2YxI+LVbCy4YzcwLWHmgXlY0cIZTiDpR1p
-TM30wQ5AGdjQE2IRHk7M5uG7KqDmVdMX+pG5fmma/ir9jSeKXGUV2BPWmsh5sQhn
-DTrZ/qy00q48uzPBCKiOnm1Rd6ygNAohDcZYeJGZ3naqEeCPpowxTg2p7IocXHEO
-LmBo543RAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFAi99B5feyZ8
-vA50GqPZAVnvFT2NMB8GA1UdIwQYMBaAFGMacgDTvnPGawQ5u/vXgL9dHca6MA0G
-CSqGSIb3DQEBBQUAA4IBAQBgzZJBBk9Zj9jvGptRpP9z/AwW4Xxx0xXu83W9PCfk
-bGUnbjvAKEOGxHWt1KgPN3rrjpU0PVjNmKw+TveO9FE+t/0sTXY2vj6kbbwngjYN
-JTxNcO1b5r0ZXvNDNU0hA5IvRkxNSxL+/cVp5WEg0zSkJbCLdH7lzyBWgCNIXL9S
-Ofd7azon/1SGUGQLZfTClKueOqUND9j6wM1R46tm4yape0TG9zTRnl3yKL8BSGJR
-2T0Bsdoou8lEaASz/edd1tSxfUGgKZKKyURtX+2t9NfbYhToyBs32D56F8cq4GtM
-6u53IAoPgXc6fXtDiYrS61WlTld611cJlUChtXOT0qVA
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Ginny-CA.cnf b/scripts/biz-certs/Ginny-CA.cnf
deleted file mode 100644
index d1846a6c..00000000
--- a/scripts/biz-certs/Ginny-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Ginny CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Ginny-CA.key b/scripts/biz-certs/Ginny-CA.key
deleted file mode 100644
index 281a45b8..00000000
--- a/scripts/biz-certs/Ginny-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA7nonVhVPvtmLimk/C6fsuuzIstRYDtVDccgnrz/PNBKCerag
-1UQHMy4d7gySoWeabfdvv5ujz6qVKkLSUGoY5OeUkUEIrJ6gu3YZApxe6V0D0f6j
-xc4prYJC14npbfBob2Uq6ncQ3Q55y8Rs1uc64MVuvioS0ZfY4CvNRNRCK/IdmMSP
-i1WwsuGM3MC1h5oF5WNHCGU4g6UdaUzN9MEOQBnY0BNiER5OzObhuyqg5lXTF/qR
-uX5pmv4q/Y0nilxlFdgT1prIebEIZw062f6stNKuPLszwQiojp5tUXesoDQKIQ3G
-WHiRmd52qhHgj6aMMU4NqeyKHFxxDi5gaOeN0QIDAQABAoIBAQDTtNWe8iRtRSs/
-oNc7PcRG3VX+i8vwvxq0s/+m8Hq9u4Dh96coLNBHezVO0xKI/zR1Uyh9bWorPUBW
-2CNlCAs5iuy1Voqg0+HVCa6CRtdrTAvMLMavH6qYQf+c4O29j6Lm4WUL6M+rruIp
-JyOIVJZMXHlHkIpMTwVVXQ1JgTWNVBh82/Ze2tjnHvKOmqLDnjoqbPlY3jmJjHh/
-A5Ha0aF9RoMUzkgb38LARgIxZ5jrLPoxdjvOP3LXCBUZzVqNx1+sdIMX/Yuq6Kmp
-NqKC3w1ZL24nGIPvesMX5ujITK0Yej9xIh0VMccudVNpUmAUA9v12cfvVPk4kJz/
-sAAj8DnBAoGBAPpzbV0NiDjftD8sGiznIhRVGrq4FTqVSk+Z2QOu34v01M4FotPA
-9VjZx5uBflqU6C7foMbhSDai0wM69MLLKgcahA7wAbc38J/kyHi9EjQCb1/sbyg9
-gbG768fj0wBFpwb6dEdDeF+Sm6MTAjMQgVq4kwyflSBKbVWG5BnSD4/FAoGBAPPC
-z42dWuO5qCXe6shZN5aQ3jTiORC/Py3/6AU06o3lyPBpGkYkMcReaWoiC43IHjjG
-j7KAOtdCdxnh8tvahZx/6Y4uz2bdKbo4T01cpf92k+vqXEtnXz75O/ZydZpuaDo+
-Q/cw9JhSXEBHiLpnqpsDu2Inw/0cvvIPbQ4gfvqdAoGADZfYNrW2UAfsO4WEQi2l
-Tt8znTDCjjRuHRXnjmieX3VBW5E4vi954YGocMs9dWMhmvGuQz0U80oxE7rOcAgg
-1tPcmQbzwOL7X2JGcy8n3sTHELi/a7qy4Fenu2ilGh2trBZJ21hRHzbQ1bABbY4W
-xzq/WG8M4/zGJF824CPjjlUCgYEAlQ9v9F1hExiY5m+mitVj1MLJ3vTniIIqlGqE
-64osVJFLixf6ZSIE/NvvAmPHRPA26ukhPjqDwNZ4Fm/BHwhF5CmkHLorQe/EcIe2
-lswtBkbwtbcesU2JRO0L6eycVc9mFRe2YBaju/HBT91uku6JuTlTAPboNoO5kDQ2
-sAjXHVECgYEAggkANM+Kpg6JHDcQqJ6E0+d1vP0G8RPJO6l3KD40ZAqxp6XFg3Rs
-xFpsTtT7vqUeFqZ5V0zyY52TQcBCfYBWTH1JGv+Fw9YCa5AD4NQ0KEw0/wSaptId
-cH94wz9GFDpkXlZznHw0cuoQNFgmg2Djl3DjdFoAvlkdVf4m2I8NET0=
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Ginny-CA.req b/scripts/biz-certs/Ginny-CA.req
deleted file mode 100644
index 11b558f3..00000000
--- a/scripts/biz-certs/Ginny-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBHaW5ueSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO56J1YVT77Zi4ppPwun
-7LrsyLLUWA7VQ3HIJ68/zzQSgnq2oNVEBzMuHe4MkqFnmm33b7+bo8+qlSpC0lBq
-GOTnlJFBCKyeoLt2GQKcXuldA9H+o8XOKa2CQteJ6W3waG9lKup3EN0OecvEbNbn
-OuDFbr4qEtGX2OArzUTUQivyHZjEj4tVsLLhjNzAtYeaBeVjRwhlOIOlHWlMzfTB
-DkAZ2NATYhEeTszm4bsqoOZV0xf6kbl+aZr+Kv2NJ4pcZRXYE9aayHmxCGcNOtn+
-rLTSrjy7M8EIqI6ebVF3rKA0CiENxlh4kZnedqoR4I+mjDFODansihxccQ4uYGjn
-jdECAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQCrxvWZm8ayOBmWic8G2Q2mTxRy
-n9oMtV3Iuqn+bGR1Xjd4HG1QfRlHNP7ekKh2z6jLiZ7KChwpnCeK1CnS48aw7GuJ
-s4KTzECrHWGBbV/eVJubnU1eDg+6tP/ZdVKVqv1frNKQIREaFMp8ndOUJ5FlXJ9+
-mNNQZzlcZxqRkxW0XaHoiMWETNMQYo7U9v++WZix9SuxpxKimG1OERAacwVYMHYJ
-NIBwLADzrOMxndjt2WVioyKmeicSM6POp9JjoG9RNgmZ7ALKP72zXObCS0Q94m0w
-Ky93o7iF/BWbM/M3pTMngGXLu4IFNmsp7X2bxGAeX5UsJuVxR4mlVhi3A8nH
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Ginny-CA.srl b/scripts/biz-certs/Ginny-CA.srl
deleted file mode 100644
index 75f9d5e0..00000000
--- a/scripts/biz-certs/Ginny-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-BF28F27B89252DAB
diff --git a/scripts/biz-certs/Ginny-EE.cer b/scripts/biz-certs/Ginny-EE.cer
deleted file mode 100644
index 5e4bd8b9..00000000
--- a/scripts/biz-certs/Ginny-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGDCCAgCgAwIBAgIJAL8o8nuJJS2rMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgR2lubnkgQ0EwHhcNMDgwMTE4MTcyMzQ4WhcN
-MDgwMjE3MTcyMzQ4WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEdpbm55
-IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo373ejcZ6WwnTj37
-FRnRx1+MJzfCQmslMRveBP2WjbiGP9Oq4O5+snORuDG6uIL60lsEOW48o8ONGtgO
-k0URC/iWlI6+dP1NOcfq25Vn3FSD/HiRj2SoaBmZa13wGxzDtOiXwH6R6kYrQOqs
-HWqLHGok5OnphEzVVzH4urnXB5ZWDV7n2yOQ2TPiBsJuYgNLCQn3sAVSepm8Occ5
-jkCQF7zjdPlnnxt/cKbow+JrCIX+B1B16Qmuk6PF3z2zdoTDyyUrn4ETLohzCnHg
-5pv8EOU9NhzUZHUIloZI6NhE25a865fAoxMh+zmkqv2SG+/mU65Ry4nuoVRqyFbi
-pOSanQIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBSAT1qp1gd5Bg2yTEdL
-pA6OcdMKhTAfBgNVHSMEGDAWgBQIvfQeX3smfLwOdBqj2QFZ7xU9jTANBgkqhkiG
-9w0BAQUFAAOCAQEAuRLJwIPSino5fmZhTVF35QFzj0is3Pd11+gk52v2pLwW48Sd
-vW7llaygLFGrY1KgJLYis8qdLqjbfdYeLUVDQ9JSiWxmDVFBNNtagDPNJY3KIanR
-v3zo3k6WRYaECMNxN7jl+tGI8GoB91zcQhcA2k8VvZPo17opN5hGP0OyYVrFFAj1
-fNT96DLGctuU2LpKP38DfEnRLpZSm3N/GOE4mnwReaVQ622PCcGHwbPJV2dN78rv
-51Mqt+pM0hhmL3lDoHznTKQ5AL6m6Bn4sFypa33oikTmcywJepLOWY61PwCC2sbk
-SxXEjsJJxi2pnxfnAbNH6XBvGir//nwIoRlGJA==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Ginny-EE.cnf b/scripts/biz-certs/Ginny-EE.cnf
deleted file mode 100644
index 949907cb..00000000
--- a/scripts/biz-certs/Ginny-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Ginny EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Ginny-EE.key b/scripts/biz-certs/Ginny-EE.key
deleted file mode 100644
index 1984ff44..00000000
--- a/scripts/biz-certs/Ginny-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAo373ejcZ6WwnTj37FRnRx1+MJzfCQmslMRveBP2WjbiGP9Oq
-4O5+snORuDG6uIL60lsEOW48o8ONGtgOk0URC/iWlI6+dP1NOcfq25Vn3FSD/HiR
-j2SoaBmZa13wGxzDtOiXwH6R6kYrQOqsHWqLHGok5OnphEzVVzH4urnXB5ZWDV7n
-2yOQ2TPiBsJuYgNLCQn3sAVSepm8Occ5jkCQF7zjdPlnnxt/cKbow+JrCIX+B1B1
-6Qmuk6PF3z2zdoTDyyUrn4ETLohzCnHg5pv8EOU9NhzUZHUIloZI6NhE25a865fA
-oxMh+zmkqv2SG+/mU65Ry4nuoVRqyFbipOSanQIDAQABAoIBAQCdkYr+vUX6waIr
-9O4byvNzO3F+hm1wx4RjjODvXFqRoSm5L8z61L9ESr9AjqTOmGUVAGTU2JoWlitS
-mLGLWz/vkpfE+sExTMH1kueU0qvzG3zMgIKAeNkY4rsKT9FMv+8ZViSSfykvaIrd
-GI3iF8GUE/QUrh7Aw6/ERkPZ6asEAmOWJyQMxxLzdkcZfYSgKORmqAieD9r5jY4e
-UD3++GcmdhbVK59A6xkL3LUg9L4zGDJ0BuHLIv6wBtV9qA0IGGUgkZqZX9j1Ddc9
-PbItrwqC3OLpNgQELsG5k/vI20TPzC/i1B63axc4gVfDSoQplqAnQN8Oug9gbo4Q
-bYOcpLO9AoGBANXyG81JO0ZrAiIVd+Z6EkL2Y3TIeP2WABBm3Fa5t6MdSY4K1mJA
-SI2zEprgLNVC6+nnV2d5x9jIkHr2wZ3uj5GbHfFB/b2FEcg2OWdIjvN8mcNOXeuH
-e/AMfuTN1zUNytklgsDPblXYnhxRZgDxfJivu6WYVHcH1CEp26kcL2x3AoGBAMOi
-MSr4IYe7X4knOUOZkGDTfy26PHwW1CB3LGIpoPjyoYzjh8avvk9YAj7coQbkNq1l
-tbGroi3IXJhyWIb4OEMpi1fgUWkri6+HwSMOnywqivtLBgRShd+tKJfEcwJDGSPD
-uy8IChUnbrt0D9uxxfOoQ7GMOSrSukQBa4jvLHqLAoGAXW4ZjhDI/fuFNvVBIzlz
-+CI5VKqni7aR2JfS6Vy5QVZs5Mb+0HFaPedR3KjBa3CKLd+FX/7is10DG2/fJeUk
-dWXUMaOr97PBDDoB34TkSJjFXXE/urez/CS41Zq+vMCFMUccTq9Hc93hTmSNsyPC
-UbuMqshXOpQEo2bwMm3ImAkCgYBfO7JRp46zA1yjaIuww62L5QkRGordIUPMNhdO
-BdPNvFc2PYDYEK9E8qPNNBvTPf778/o57kI5pUKmF2vO8EB7OVsSwSkAWGlcXmp/
-hVuo5WDYqZHZQs7WrvWGw+P0ovM2/M4/O9ukpph5+irKGMUzMqMZaBhgJ0rzVfmi
-JEPztwKBgFewP2zyOF53Y5PhAAsl2SzX+28dJ3trnhAIaZVi9aUaL6qgn1izpKGA
-OBhQZFNL7RE3A8VOF6264gTjkeb/4heYFV4KhDzVkDeTat0XX/AMahNWeyoV7oLh
-8mVEQbvLbSogvIXUF3fufU0rV66Ts7KiIlZW2VyVaNMTp1Ljpdlk
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Ginny-EE.req b/scripts/biz-certs/Ginny-EE.req
deleted file mode 100644
index 30a62a71..00000000
--- a/scripts/biz-certs/Ginny-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBHaW5ueSBF
-RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKN+93o3GelsJ049+xUZ
-0cdfjCc3wkJrJTEb3gT9lo24hj/TquDufrJzkbgxuriC+tJbBDluPKPDjRrYDpNF
-EQv4lpSOvnT9TTnH6tuVZ9xUg/x4kY9kqGgZmWtd8Bscw7Tol8B+kepGK0DqrB1q
-ixxqJOTp6YRM1Vcx+Lq51weWVg1e59sjkNkz4gbCbmIDSwkJ97AFUnqZvDnHOY5A
-kBe843T5Z58bf3Cm6MPiawiF/gdQdekJrpOjxd89s3aEw8slK5+BEy6Icwpx4Oab
-/BDlPTYc1GR1CJaGSOjYRNuWvOuXwKMTIfs5pKr9khvv5lOuUcuJ7qFUashW4qTk
-mp0CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQBPOqtrZca7xe5jFy5kHg9SAV3E
-2485qGK7GvtkcAfJifLXYiasb4FRkyNC/JS9x6ExLSIRKUFCD0XINyrePRqGe1Pr
-P7RThK9sI7UrRNE8NKvEhdw4gC1qIT0ox6tTUFbvfB87oRWIG6uEcW1NgaJ0SVlJ
-D0zJtjzgx+Uj368BS8SZuXaurXtcMGhVn+b3GzNFSiH2/CdZnisesthLmx3ZF6KE
-2ZRDjkpprOVq9+yr/8ZARsavPH4OIu1VbskaihjgdmBzl9dGna5VpLLU62gYi7ll
-AadWHJUfKvldEgCoWnde2lMjBnXo8FlevW5TAUYvtrGVL41gttEIwZ+Lx7JF
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Ginny-Root.cer b/scripts/biz-certs/Ginny-Root.cer
deleted file mode 100644
index a5d5e386..00000000
--- a/scripts/biz-certs/Ginny-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHzCCAgegAwIBAgIJANKwi2P2kmUnMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgR2lubnkgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAzMTgxNzIzNDhaMCYxJDAiBgNVBAMTG1Rlc3QgQ2VydGlmaWNhdGUgR2lu
-bnkgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO1GzDMYa/xv
-byra6dpjKYtfajaNEdUZWkJhlu4HcqiuDflutby82+C3FPwHKmfoXOHgvcmac7kO
-49D+DDoWE4p72dAhCKuWb3h6rh1r9Xpl7HaHxoH4KsYT74dOKMu/DhMR7pZl9Tkr
-BNYTAEE/qTMFGUQ1JCuwZ+aGRUgzDIiVJ3DBuK0nXHBbOs7Gd/jas/1+lNSsh3lg
-RaebLNe0mwsw62TW7zqUjMq/7+Xb9ZWJLPN26nTfq2pyLgFVx+xpMowhaqdEOXKj
-VEaCT35cZGydvWIvad4xL/vuY6L0dNMAhTOOE2DzLw6amae4wkvNTwL5krJrtoJD
-HpLoFYKZ9vUCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUYxpyANO+
-c8ZrBDm7+9eAv10dxrowHwYDVR0jBBgwFoAUYxpyANO+c8ZrBDm7+9eAv10dxrow
-DQYJKoZIhvcNAQEFBQADggEBACaKmmggk78ITTw+a6HaQatuQmfh9YYvo+8DEERV
-7fD8+/1eo9Z4crqam2wtZJYtUDBUJYaglc8+9r3lqs8wAwVH8IFEXexXxaGSbojJ
-TTV9fp81jCp7wSJRKXC8q2JI8IQu0vBYqhrMG6xlyi13IHHpF+uZXX0IdVhvdk0O
-DySbF+W5p9yAEFDfyP7u0d8YlKGSVIrWgEKy24QrropbGlV4Gm2azwXTOeWIqw2Q
-+btIXvPKjwwx2tZTr3zSinZ/gaxfNe8By23kmdgqTF980sBQEB5UcJ7hqt/c7gdZ
-qUBjEOvTslO0cSV1mGolqEsH8ZCbqlxlC5h+Ghe0ibM+ydQ=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Ginny-Root.cnf b/scripts/biz-certs/Ginny-Root.cnf
deleted file mode 100644
index 63b600d6..00000000
--- a/scripts/biz-certs/Ginny-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Ginny Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Ginny-Root.key b/scripts/biz-certs/Ginny-Root.key
deleted file mode 100644
index 710f4817..00000000
--- a/scripts/biz-certs/Ginny-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA7UbMMxhr/G9vKtrp2mMpi19qNo0R1RlaQmGW7gdyqK4N+W61
-vLzb4LcU/AcqZ+hc4eC9yZpzuQ7j0P4MOhYTinvZ0CEIq5ZveHquHWv1emXsdofG
-gfgqxhPvh04oy78OExHulmX1OSsE1hMAQT+pMwUZRDUkK7Bn5oZFSDMMiJUncMG4
-rSdccFs6zsZ3+Nqz/X6U1KyHeWBFp5ss17SbCzDrZNbvOpSMyr/v5dv1lYks83bq
-dN+ranIuAVXH7GkyjCFqp0Q5cqNURoJPflxkbJ29Yi9p3jEv++5jovR00wCFM44T
-YPMvDpqZp7jCS81PAvmSsmu2gkMekugVgpn29QIDAQABAoIBAQDqzrAPNHDQvBoA
-B+l6Y71eHktGtq3Z+5/VpyusXJR8FtrfZ07T+vWA2M0cZ57wewNHyJcoJf+1N+X9
-ERtadDRcTBoNnFMvMs0XJhieJxMjUDAEUHMCdWsm392fQZqfnm84MfuwvC9Dpq2/
-h8gtyekQA1CwrgIgdg8sEt4HB/W0RjaOa4uFamu9es4veMRx79Y/Fj1DTuROmFlx
-ZdkPfTIJBs8qrTAKG1xYfky6tSDYwl27CL/pLwwHmXAB4kUwZ1V8KWGtZCuoFdwz
-6RIpK6go7MVHA6/MzMDIhbHPRf4fDKlj24omVrddwUNXub3QQ3bTumbloqZJnKWQ
-ZXoIp4kVAoGBAPmLbw5sz/25Y+Z1I3UWjyWCvlcfAXKkpIj4Nf9rJGo7HbLRbkEN
-706fo5Aa/k/C54plrpdkqt/XV4CvGAASpYnneoDIHiF12UYurH4OuprFmBNHKU1t
-l63eo8iOrou46TQLIPg4IuUsgWG0XSzvPR+juvecNodknZsXrOFU+HyTAoGBAPNq
-HtNo3jxSk7u+ZxygERjIvTdQGsBGUDijYe5UYp4OdVNbKbPtqEjOjoU3aYpnz0Ju
-rx4QSQw8d75JDAt4+alpMuRl0Hovwh+062nPu50Ft6NXPlc0b+niDo4AhI5apUJO
-ZjDBYkiMEr+kVEVexMYtN0sCJkeLXnVJba4Fn3tXAoGBAOtaeEmQkrHn0bKfM+vQ
-dP2Zy877LTBk29Fa2AKnmFagnqfyIhw0+kibA3Z8HvI3Do1WzU134jjvLlXtzaLz
-8zCXItCm7NP+BAfPKVxSo+gpB/7WlLuz6uRPIQWcnD6nDTrKbDPvLeobCYOOynoA
-wRNAJqw1prAXUxXdRG3Y5+sFAoGATrL/1nBwceZs92V/JwUlofK9IpYWoBXbuAQz
-FIBaBio8ir/NwuvS3f9SmwWobORVYXAx1DGFvJwMRwyNBWSOq9RkbO3yMp8gT2oK
-NwK/8Ou5TOlXMZC1olPBSu4l7XSnO8HnTlon8bbAFRAHYwpZ6o0R9IF0aOtJlfgw
-qvQMdS8CgYEA3dkRKJ8ma/GlheI6ylyt727cVCKnMXLV0GQwx4xVGzffIGcnUj4A
-8cbTBgBo/3aoZOJhqy6Hz85DKQon1FztE2hNR8Uhgjf8an3nbNzFaT3XkqbC1uUa
-bZZC1UNB/NA7wH6xJIRUFCYxLjw+L1u6vi6/vOtM0oEAmO1f1+7p3Nc=
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Ginny-Root.req b/scripts/biz-certs/Ginny-Root.req
deleted file mode 100644
index 60d14eca..00000000
--- a/scripts/biz-certs/Ginny-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICazCCAVMCAQAwJjEkMCIGA1UEAxMbVGVzdCBDZXJ0aWZpY2F0ZSBHaW5ueSBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UbMMxhr/G9vKtrp
-2mMpi19qNo0R1RlaQmGW7gdyqK4N+W61vLzb4LcU/AcqZ+hc4eC9yZpzuQ7j0P4M
-OhYTinvZ0CEIq5ZveHquHWv1emXsdofGgfgqxhPvh04oy78OExHulmX1OSsE1hMA
-QT+pMwUZRDUkK7Bn5oZFSDMMiJUncMG4rSdccFs6zsZ3+Nqz/X6U1KyHeWBFp5ss
-17SbCzDrZNbvOpSMyr/v5dv1lYks83bqdN+ranIuAVXH7GkyjCFqp0Q5cqNURoJP
-flxkbJ29Yi9p3jEv++5jovR00wCFM44TYPMvDpqZp7jCS81PAvmSsmu2gkMekugV
-gpn29QIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAFLF9itaImaKZ8a5sRM0jJ9A
-V3kiR7qjepCHK6qDkEZUSY4oHYJr0h7RGU2zKe9YegZEBtfDdw16eMoJa4BPSx6O
-9UWmR1fLqzZmop7od4rywXFEFLv3xQdhSZsd8+zjwX8baPNlobGnuuLEUKEwjfXI
-FiUmlUr9pj7rA4mJjvZ9barYxNh3mlbA5eSijJ4MVjnUMJNNwouau/ZQM2VIzRuv
-xpyRkohyLW4Z3hXDcc9tf6AsYDrhC9SzuciXjG5K1ZA5zJLXFyFQJZ4Tc1RXSlPU
-Dsp3qvfjklc6aYvc2lwvTGWEyUWhoSj5d/MhRZWhSgmCc+aAbLwyxjSB7D4VqAA=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Ginny-Root.srl b/scripts/biz-certs/Ginny-Root.srl
deleted file mode 100644
index a51501dd..00000000
--- a/scripts/biz-certs/Ginny-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-B4CA97C7714C3743
diff --git a/scripts/biz-certs/Harry-CA.cer b/scripts/biz-certs/Harry-CA.cer
deleted file mode 100644
index 09af3f12..00000000
--- a/scripts/biz-certs/Harry-CA.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHTCCAgWgAwIBAgIJAPg07MgChQ7oMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgSGFycnkgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAyMTcxNzIzNDhaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgSGFy
-cnkgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC94Wvpn36QVBts
-pOtt6gva7Zd4CP+b8cEsM4LGW7AEt+jSSic0xDI/WrQI5Rjtam0j6G5039bmtV6A
-Xyio9jK7QHnzgMmg82b4TDa4ary0XR5IZNPWK4pSOqzJ7aZlLxm52Nm+NfSd/5/e
-75Gi3dPiT+icQH1oR/oRQeOnE/rBXBmviRN5JlIe8e1E0fTB+vXOpd7o5g9sPdT+
-jYKcig7Y0xvjGhGK5s1EhjJXiVB0vpoOjmv5LIjYypsQjkgqNxM+nKzCs44W5m8S
-Z3M3/ILcn64UW36uBSCLInqHKEI8rJx3Se60/xBJnbNpD62nWhz2vz+egwQIXKOG
-tTVlGPelAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFNGU/Ua48bNX
-Sn5MzBo+LIsg4Cu7MB8GA1UdIwQYMBaAFG2UphsbenSKgdNpEONxXczUln1cMA0G
-CSqGSIb3DQEBBQUAA4IBAQCfhXZtDqtzWyPsGBcYHgo2mk6Y5KD5lZ83asQhJG18
-DDwllBZZJMIjfMOKwSluFGIaPM4uC4BrfV97eTxxwlfkeYA7xhDhGY+poh4U+J17
-slnuiyahe/0dvhMAmAmqwBfn2099y4/xqWjdudwmnN0/XKpbfA2GuvV27lso1ISx
-LurdfgcgedLUCeeSojuCmi5WF1pR1Qzqf9Da0fzcC50bRH0/iOHEJG7whXl7rxdg
-ueCsrQ7b8EAVHJifx0yZwhNxdnC/yvalFRO+BWyaPprDOhiwpHYh9phMeqtTgGrG
-aX2rFu3IDnQ5PPOY1a2pyUmQZBqbmiJe2OPdtD/Ui9js
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Harry-CA.cnf b/scripts/biz-certs/Harry-CA.cnf
deleted file mode 100644
index b6002949..00000000
--- a/scripts/biz-certs/Harry-CA.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Harry CA
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Harry-CA.key b/scripts/biz-certs/Harry-CA.key
deleted file mode 100644
index 6bd1d298..00000000
--- a/scripts/biz-certs/Harry-CA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAveFr6Z9+kFQbbKTrbeoL2u2XeAj/m/HBLDOCxluwBLfo0kon
-NMQyP1q0COUY7WptI+hudN/W5rVegF8oqPYyu0B584DJoPNm+Ew2uGq8tF0eSGTT
-1iuKUjqsye2mZS8ZudjZvjX0nf+f3u+Rot3T4k/onEB9aEf6EUHjpxP6wVwZr4kT
-eSZSHvHtRNH0wfr1zqXe6OYPbD3U/o2CnIoO2NMb4xoRiubNRIYyV4lQdL6aDo5r
-+SyI2MqbEI5IKjcTPpyswrOOFuZvEmdzN/yC3J+uFFt+rgUgiyJ6hyhCPKycd0nu
-tP8QSZ2zaQ+tp1oc9r8/noMECFyjhrU1ZRj3pQIDAQABAoIBADFGQUnEIQT1PpSo
-C4xfcyoiA++bbjGawAVnbKVq/7eJvjpsEdaIn31/XT79rMVXm/D4jUl5GPyPznFD
-wHpwQWQEbGE7Z5eD8pG2vXCICmZHz+b7e1mVvPRv040nRcn2OhfXZVIOEGe8AVHK
-G6IHLMgK8pMxzRl1rDg0QA6IiccJW5Shu1Q1IMcmOce2uQP+Ez/HAMW4plHz09f0
-FVXFD6dIjMkH/j6NfDCtxa2dqESlaMu1UquE+kze14xtFjDO//znd1F07hI94gvC
-nEmcxRGvlMwAH1i/RC/gvJYLFQ79JCzLkckWygK549ikYwuIhbr9avYysByI6HJD
-+rnoMFUCgYEA8kmTegmR5/pfTyT0GkcV8ZOCPI07tczkSY0GaVYWtSQtlm0ANz0A
-YX5YaGTey0B3BPALH7rGWKey5NUEOTEbQetEV63tKNg1rbxIqST+ZFxtd9MbDWki
-nQX5hDVJUtmxs+8CFhIXo7seULzsgo3WYO3R5ClzOgKGPxGGXxyhQtcCgYEAyKCK
-G/FqtDpLKfbbDsb0Qt4BOw5ZSoP/N4seSG/x2KeAqAsj7xGWmc13A7bL+BD0uefy
-ARLEVIBAkstuzc/U3Nee5U0wQK3x8Z2Ui5o5fdJ6o01qW9nlhnfifm3QQdvhOeCw
-Rcm/BXQU7LZHgpYztfYA+LfD38U/EZNL/n2HheMCgYEA3yBHAoJBrkLy9u3vJywD
-11+i9qSSMpCoQ9vt5Z/0dYkFupxTMIurCB3UyP7r9n49nXx6ohPdidOWegp6Qzko
-AwLpA14XJCBI/uCAgdShukcsQMdXCHij+buA1/JCvlvgvPYFE9JBlvVBq9TwciKx
-JL6fJuHNTcT5YKeA+aJiGC0CgYEAmuwVGdTHT9q/1ezQZU3Oqp/iFWdUHg1lk89y
-l/8Rovpdh+XqXp6XS7b0U0LhqHH3eGMaZifGwXWz52b97iGxvsMl6O08+IUZkjjb
-zx1NjdJtbxLFsZ3F9ps2o+hKa8DN37KYi5tpTV3BFrT+7WDtF3Kad3T35SDcPccf
-ZKosb38CgYAIGVyn4Bpll0kYoK71VdLKju5Rm6vW7GUSIwWELqkmorM5S7WYJcRt
-ixuN/bolhT8HNhwHBz2l98euAnG2GYM7QI6i2yYMxDSMR+8dxACK15bNk9QB0rWS
-Ro5DCKG/xdMWpUnzoOSYIItg05Kn8rWXZqnxyH/r5vdnBCQCcq9alg==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Harry-CA.req b/scripts/biz-certs/Harry-CA.req
deleted file mode 100644
index 01dfc3bc..00000000
--- a/scripts/biz-certs/Harry-CA.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBIYXJyeSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3ha+mffpBUG2yk623q
-C9rtl3gI/5vxwSwzgsZbsAS36NJKJzTEMj9atAjlGO1qbSPobnTf1ua1XoBfKKj2
-MrtAefOAyaDzZvhMNrhqvLRdHkhk09YrilI6rMntpmUvGbnY2b419J3/n97vkaLd
-0+JP6JxAfWhH+hFB46cT+sFcGa+JE3kmUh7x7UTR9MH69c6l3ujmD2w91P6NgpyK
-DtjTG+MaEYrmzUSGMleJUHS+mg6Oa/ksiNjKmxCOSCo3Ez6crMKzjhbmbxJnczf8
-gtyfrhRbfq4FIIsieocoQjysnHdJ7rT/EEmds2kPradaHPa/P56DBAhco4a1NWUY
-96UCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQBdLyMhmwe7p3xrIfrVnm+CFk0k
-YW6jhV3jzlThgNOK3nStQyvs4zcVX3S7XmGYHFNoLu7LhyW8xXCuQpaf9JjF62TA
-87qbsjl7asMSGtndOP1B8jJYnBTX+qsQfVZT9Ypmr8pnfrYTBylEPoAzPdqje3gu
-gN2+/BCV/FW00jSeIhmkQ1YLiwRkY/uv2FsENcUuRO715phNNcHMgiQqnjGN/Iju
-do1DMHPsKDO/dIgl6y7TkkRlLATSO2qalOpsF8RDW1J3iCfcPvMQqXkgDVzNMXo3
-GWLe9C1R5xAfZVcDwuuZUhd+ZYGKNA56CqsD1e7n3aU5ieL8bXxa8g93GWfS
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Harry-CA.srl b/scripts/biz-certs/Harry-CA.srl
deleted file mode 100644
index 88fc9e2c..00000000
--- a/scripts/biz-certs/Harry-CA.srl
+++ /dev/null
@@ -1 +0,0 @@
-F26FDD5DC0623AAC
diff --git a/scripts/biz-certs/Harry-EE.cer b/scripts/biz-certs/Harry-EE.cer
deleted file mode 100644
index 85b5ff32..00000000
--- a/scripts/biz-certs/Harry-EE.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDGDCCAgCgAwIBAgIJAPJv3V3AYjqsMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
-BAMTGVRlc3QgQ2VydGlmaWNhdGUgSGFycnkgQ0EwHhcNMDgwMTE4MTcyMzQ4WhcN
-MDgwMjE3MTcyMzQ4WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEhhcnJ5
-IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA240oiLNTwXq/uTlP
-vdSr4BnBQRWiFLIRUPhGKiCxmc+dnc2G5JLj4Of6wTcdyUOsAWSdl/yA59XvSp5z
-lXQrAc0wtubHHlwLrWbiqX8MXi6ch3XJsZk99fOW+k6snNnQmscOGVFBuaZFntMd
-XplRTtEO6ao/CXEb6Nl7c+30AFhkR0/qqPMcPgvvZZjfb7ZAqtMNr5Zz5GUbCuLg
-bPsL5LhinwyEVDwdTXR4OV77aEyMNpyRdLoiKB+NrNznuKmlQIG44jCrZrIqzB5p
-LKTDn/fHyZH2coTDSaZXYTW1FYJH/DL3byBgGuz1gFykB5/GSiIdnWYg0eF1mXV8
-Wjd5uQIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQ0eEAX0TOVTDsAUZCo
-Ihn8IfbKlTAfBgNVHSMEGDAWgBTRlP1GuPGzV0p+TMwaPiyLIOAruzANBgkqhkiG
-9w0BAQUFAAOCAQEAkjlwdqRAGHiYrnZVsGv03EmZEX9/GLA2kvMYee2Z9YP/J3zy
-c+eHHGYP97iGnxQkC4eo+a/1RkNWY+2RECTtYoddjE/ZTPBMyNYIifKV+mGn2sgA
-IKbSC+XUDeTboNqq6cCqZagOM8m1XrMCsCizqEAm/eaBoL9EKnqyAjwHGBLi+w+G
-rhAxoD/rmEevsrd5yydKRXDLKIb52mSPNAsabO5TsD2Fm9XaPThGpzWkfpDUrXiU
-OE93j4QP9fo6YoPmd7kBnviKCJVegQ8GuXZrk+MeWqPq4frS4EBGjEUPuQMXCTng
-AtsgMidTY6uzjmeak4PANtc2vqkPrWw3ak5SjA==
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Harry-EE.cnf b/scripts/biz-certs/Harry-EE.cnf
deleted file mode 100644
index cbfe45c4..00000000
--- a/scripts/biz-certs/Harry-EE.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Harry EE
-
-[ req_x509_ext ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Harry-EE.key b/scripts/biz-certs/Harry-EE.key
deleted file mode 100644
index e33936f8..00000000
--- a/scripts/biz-certs/Harry-EE.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA240oiLNTwXq/uTlPvdSr4BnBQRWiFLIRUPhGKiCxmc+dnc2G
-5JLj4Of6wTcdyUOsAWSdl/yA59XvSp5zlXQrAc0wtubHHlwLrWbiqX8MXi6ch3XJ
-sZk99fOW+k6snNnQmscOGVFBuaZFntMdXplRTtEO6ao/CXEb6Nl7c+30AFhkR0/q
-qPMcPgvvZZjfb7ZAqtMNr5Zz5GUbCuLgbPsL5LhinwyEVDwdTXR4OV77aEyMNpyR
-dLoiKB+NrNznuKmlQIG44jCrZrIqzB5pLKTDn/fHyZH2coTDSaZXYTW1FYJH/DL3
-byBgGuz1gFykB5/GSiIdnWYg0eF1mXV8Wjd5uQIDAQABAoIBAFCDydOoABU6UMk6
-jVXOgmGi0E5wAoqYauVIx2J3run7S5AtaUS14b//EuR8s/21RYUVQv4T6aobuK+i
-wDyU55i3iR/qLieiFd43lvQV1ZFMgrbiqV7qFeD2ve15oK+86VV5nmAGfpX4thty
-zJh+nWTMIi3q80chJd0UtMNlBlCBbA6LMZuRUMfVGbFbN2Y5C3zbfD2Endd7hAC6
-qv9WIi3WI91NfNHS3kG1PxxkGFPsfbIxKYO0Zl2ItqEM28FVXLgF1q9fjOH1egcC
-n9rJZHkxoGRbPvHDzrAtS5njOmbsCa+HwJBjnMAYFYgyVZtzZwP0Ydoryph4HvY/
-4zLPlyECgYEA8CZnNQYqJT4g3I/18k6hFkN8a0/iUii3Uq0c9A8toGw7Pt9PkXwC
-wMhJwrhAjB4uiRK82R5wunf26BkWL+233qZ3MtLT3p92C+i/zZJjzYKdWSnwqgRm
-fmF7x5Ga3Gx+D1vcSlvszIxMG8H/kfFbQLjmmPau7tZfooEQsjmiZIUCgYEA6gq4
-GBdIOeaRmvplX5jYIpuVrg7/h8ukSXX3ZGNqFp7aN2AHqE/uCFhklLkBaYQjZ/B7
-R2DliPxTziQW2hFGilzqmqA+JFbmRONHBBnNwwYBAYJMqyeN3x7feHM5vlPyxHb+
-wce49vCB5qvwEINJVM+trw9W1TnKOAEfIlYQ8KUCgYEAmtroqlRzUNijMBbUrY7u
-aQDTdg9pDTmcHP/sL6Sp80xXV89/63xf+hgtGBbf6Hp9333psMfkQRmiaT/kArvz
-WOtW6brxTBjfcgZ/x/uhx591/00AF2IHBW+u9Z16krCTCSxe/MQSCkRdv3h1aJKO
-GUohyHkpjHFH8e3v6j0n7lECgYEAvRTJ5FSy+mxHyHBxhAlE3Ljb9ZKSaVBhuyO+
-KfGTXREbdU91AEsLINzg7bKF7Ixf2nJT9rfW2ZQZ1NodSDJaziABPckmS0+Vm6QO
-1MZQETaBi4mMjV5YZSFZI8Pbq+PAp28HpODJk199YzIXsg+PKCDczijTW1LkB9kI
-IUJtTy0CgYBZu0LXjr+GiVtoycBsYq52UYAanpTi2h6UI0UujHrPXVuQ7YnGUPuc
-/rih/mTRGy7pMmQwtZGgVIXixi8afvc3vguNf/5t4CKYs+b0JfJzFy9yyQk1hnT6
-1LuIlO28QkQrjEN+7XWbwIV6eUlXdwzaGTvq8oMViBEt9p2UGs0Lig==
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Harry-EE.req b/scripts/biz-certs/Harry-EE.req
deleted file mode 100644
index 2d122147..00000000
--- a/scripts/biz-certs/Harry-EE.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICaTCCAVECAQAwJDEiMCAGA1UEAxMZVGVzdCBDZXJ0aWZpY2F0ZSBIYXJyeSBF
-RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANuNKIizU8F6v7k5T73U
-q+AZwUEVohSyEVD4RiogsZnPnZ3NhuSS4+Dn+sE3HclDrAFknZf8gOfV70qec5V0
-KwHNMLbmxx5cC61m4ql/DF4unId1ybGZPfXzlvpOrJzZ0JrHDhlRQbmmRZ7THV6Z
-UU7RDumqPwlxG+jZe3Pt9ABYZEdP6qjzHD4L72WY32+2QKrTDa+Wc+RlGwri4Gz7
-C+S4Yp8MhFQ8HU10eDle+2hMjDackXS6Iigfjazc57ippUCBuOIwq2ayKsweaSyk
-w5/3x8mR9nKEw0mmV2E1tRWCR/wy928gYBrs9YBcpAefxkoiHZ1mINHhdZl1fFo3
-ebkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQA9cvHRmvyZbP6YKBgSiir/bo6k
-+GEt9Pc8ksqkhC9sNKgMAPripw65I7BVjmZXovig/AsumidJnqvcpdjeimWjFm2N
-ASPkrBnjN9Aiw4tzLdTzGE0Una6psCNkCLOOdDl6RaCf3f04YcaOpMvqrkO1/bLE
-Faql3kDFDBo5F5EUz7RIjdxqsN0AjkV0fJowDF6vmY0BNROmNWooqwkXSZuaD1nN
-5LUnFIlkVwpeyjbY3G5lG0rmppJCgda5mGfxAs5GDK5aJG6zOp5PQKAXN/wpK6eT
-A4hjT54C+wRkbY+d6tS18V8vOsllUVLKBwoisjogSl0ae9cQHKx7YO+X0Viu
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Harry-Root.cer b/scripts/biz-certs/Harry-Root.cer
deleted file mode 100644
index 545028e5..00000000
--- a/scripts/biz-certs/Harry-Root.cer
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDHzCCAgegAwIBAgIJAP89M3bsKubWMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
-BAMTG1Rlc3QgQ2VydGlmaWNhdGUgSGFycnkgUm9vdDAeFw0wODAxMTgxNzIzNDha
-Fw0wODAzMTgxNzIzNDhaMCYxJDAiBgNVBAMTG1Rlc3QgQ2VydGlmaWNhdGUgSGFy
-cnkgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMap178VPa/q
-0U9YN//4nCiwkwC4Rng3bJdcRwgFVpAda94rpSbheCkGGi9wl02wAHKLh1sJmsh7
-2xHtnCBi1E8TuZswEj0fAjy61RgKsJuTkx/FS8SpnmDjGrmdhXiixA3Wk0FUcH3R
-3jo1p8c2nATbNszSlf5/n7rbMC7Rsv4BD+derFegMgDvuYRhdcB6RsX6ZRHB8cMJ
-wGE0dEuetCBgIbyTvlA3AKa6P2LU/NQkOlRaSdarjisehsfVN/pHTkLIPfXIzYJU
-1KPMeLz1q6UarRXBtzUaEkzk+MJ9igW1gcVwpM7HkXRfXfXgJcexIQiSmrTF0yaS
-wXGgKUPYq2kCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUbZSmGxt6
-dIqB02kQ43FdzNSWfVwwHwYDVR0jBBgwFoAUbZSmGxt6dIqB02kQ43FdzNSWfVww
-DQYJKoZIhvcNAQEFBQADggEBAAuUw/LXcFT97SMjHG82mS2oPdkh+BJfpblMn0V1
-5ewZIL6CXQS5n/IxM0vBLgbOpXQ+2nEHFxSQz2lQwSh6SFza5y7JbFkk0MQwF/d1
-fW9pyVUB6O7KeABdA2IrJkcvI4P6JZsA063/zKWzEhCaHIE1XcbaC5MNNDsnRtQx
-D1Ao4DB+prVpKz+F4Vi1x3ZNvH1idvoxiDd/jFOXfdOPxMZxWbt8H7vRg067RlAt
-oC3fgJiCmo71Tjk2svMRuqNKKSxhE8X6MXdU/z3pHtyxsxWv5/xXchjFXU/elfbj
-IEch8+qeBo3Qc6WElEHhOsDcPx8cRRQdY2bjtr3bCFK7Pkc=
------END CERTIFICATE-----
diff --git a/scripts/biz-certs/Harry-Root.cnf b/scripts/biz-certs/Harry-Root.cnf
deleted file mode 100644
index d6ef8a30..00000000
--- a/scripts/biz-certs/Harry-Root.cnf
+++ /dev/null
@@ -1,15 +0,0 @@
-
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha1
-
-[ req_dn ]
-CN = Test Certificate Harry Root
-
-[ req_x509_ext ]
-basicConstraints = CA:true
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-
diff --git a/scripts/biz-certs/Harry-Root.key b/scripts/biz-certs/Harry-Root.key
deleted file mode 100644
index a941f9de..00000000
--- a/scripts/biz-certs/Harry-Root.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAxqnXvxU9r+rRT1g3//icKLCTALhGeDdsl1xHCAVWkB1r3iul
-JuF4KQYaL3CXTbAAcouHWwmayHvbEe2cIGLUTxO5mzASPR8CPLrVGAqwm5OTH8VL
-xKmeYOMauZ2FeKLEDdaTQVRwfdHeOjWnxzacBNs2zNKV/n+futswLtGy/gEP516s
-V6AyAO+5hGF1wHpGxfplEcHxwwnAYTR0S560IGAhvJO+UDcApro/YtT81CQ6VFpJ
-1quOKx6Gx9U3+kdOQsg99cjNglTUo8x4vPWrpRqtFcG3NRoSTOT4wn2KBbWBxXCk
-zseRdF9d9eAlx7EhCJKatMXTJpLBcaApQ9iraQIDAQABAoIBAC2lRI8BAGV1HJaQ
-fH1xz9+BgqU9seNZSLgWWbO8FkGSoQAxIwcl8wfqAQY5ZmpRMCkhaf4+3LOH0bPy
-1laSnpl0vMatauNkRo1RmDin7CAy7jD0kg4jsuIsDC3txYcMTuOnE7qE/jvKhrb1
-MRGSuJJdE+BH2nLZPAgg6Jc5U1kM2cEcQvsno8cfXbAr9mDgs5v6303j1Oh7/Tfc
-IzWHXYWJ95ygHVGMRXhMKMjPf6/yK5o87cGxVoK1LZ6ZuUbg6u7gP1+dapHnEnI4
-dhrMo2ZB2xD8O+AjMmr7CFWD2ZjIOVTox1/6cMlhAb+cMOwFnh11g7cCY24ZLq+6
-Hw93qckCgYEA56dntR5xo6IjXhz3gDCGiMXzZvXn/0EDpMI7BE4CSG8zCNaKlk4n
-XDP1tGDows1QHviLiKrhiHCsPqVynJCmOufCD+DaTDqwSynI036X/goeJ8Du9A1+
-b8i9CxAsT/dtD5WlkiqE44rb/f+tpnOCTIJ3tQEiKl5u7m+iBPw8ahMCgYEA24rW
-JwGCoHr3Y74Fx8gSIa6VrTSV3Kxf+tiENwJcjB1PjjqaYRGkE8K/FZUlYBWNw8NM
-3hiX7yZ5wbHZplElAYrG1I6lF4L7Z+USFzr8s5MTnp1LC9gpT6aTQAF4ci6fLs9L
-SfvaNm7FHYL3SoU0Vg15B0lhuOPxa48Eyu4JhBMCgYEAxiNKsgD7JAHPjHTsQQnA
-WIYvvVYBfDMooai7/9+VVk0+coXGfe8U/Wk39HObQtuHdyYRevDl/OSafu7WTBHx
-DJskQp6JOQBNv8xaiINUD6apykjcWYSdK5GgGDFaJX+1GcpeltmlVlZz+hnRdnh/
-7178cqYoieLBsVFsXCU+q18CgYBJE/ra+wa3Upc8rUkRSki2y31pLULhNMOyJRZF
-lVSnEy6jImC3BP8/0Kh4j6/kPuh0jHLuzvLsGTuYPRI86W/PBpnOsTjFDcWPvNF7
-yBfL0p5KQwNzCt4ddE45lQO5xkkYdMoT83Ccg9y7SRf1x0c3ib6KrWOI/t8itXWb
-8wZZ3wKBgFckz4Hcht/M0ajjIPSoD0PbasuLx0zErvG3RPrOasgnaoWLy33x7rKf
-daF2Gi2ZxrwzaAAfom+SgUrOSbUKAplGTnniXqZSN0B23xQFieIeVH4XcoDmDMAj
-wZTll9weagdDyYyzYi36g3g2woRqy6uTtYJxZkcxR5ZQBNQebWUu
------END RSA PRIVATE KEY-----
diff --git a/scripts/biz-certs/Harry-Root.req b/scripts/biz-certs/Harry-Root.req
deleted file mode 100644
index 4dcf75a8..00000000
--- a/scripts/biz-certs/Harry-Root.req
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICazCCAVMCAQAwJjEkMCIGA1UEAxMbVGVzdCBDZXJ0aWZpY2F0ZSBIYXJyeSBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqnXvxU9r+rRT1g3
-//icKLCTALhGeDdsl1xHCAVWkB1r3iulJuF4KQYaL3CXTbAAcouHWwmayHvbEe2c
-IGLUTxO5mzASPR8CPLrVGAqwm5OTH8VLxKmeYOMauZ2FeKLEDdaTQVRwfdHeOjWn
-xzacBNs2zNKV/n+futswLtGy/gEP516sV6AyAO+5hGF1wHpGxfplEcHxwwnAYTR0
-S560IGAhvJO+UDcApro/YtT81CQ6VFpJ1quOKx6Gx9U3+kdOQsg99cjNglTUo8x4
-vPWrpRqtFcG3NRoSTOT4wn2KBbWBxXCkzseRdF9d9eAlx7EhCJKatMXTJpLBcaAp
-Q9iraQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBALvG7y4lFsRzbBup+RyjrxIU
-WaEXREGI9U0+s14g6f7DWpnNo/VKZv++iQbg/1oXAsTshwXtRsrKmZ2jFGR38aet
-JvQxtn0/3CUXczL0bA0ot7L8iwzPt2bOXFyVQBhVk2YuonL3nm0O4XtooElxNRUL
-36P9gbflah4wNqSSxpAF++lccCvtmMkS6Z95fBMo5xnDhlUbJ84jM/b7RbuX4k1Z
-nEYfy3gfFH7IeZM9lOq0SP3NgSm98tGQXknPeHLZXmdgxGc9JVxa7FnEhiuokwqJ
-kUDWhLwo5GGKHB6lPtigHnC1beP22/hYG8/JaCmQsSoCrK+/RWvgB9xZQPI/d+0=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/biz-certs/Harry-Root.srl b/scripts/biz-certs/Harry-Root.srl
deleted file mode 100644
index 5aecd158..00000000
--- a/scripts/biz-certs/Harry-Root.srl
+++ /dev/null
@@ -1 +0,0 @@
-F834ECC802850EE8
diff --git a/scripts/biz-certs/a17ff8dd.0 b/scripts/biz-certs/a17ff8dd.0
deleted file mode 120000
index df756426..00000000
--- a/scripts/biz-certs/a17ff8dd.0
+++ /dev/null
@@ -1 +0,0 @@
-Elena-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/b523b0af.0 b/scripts/biz-certs/b523b0af.0
deleted file mode 120000
index 2af1f2c8..00000000
--- a/scripts/biz-certs/b523b0af.0
+++ /dev/null
@@ -1 +0,0 @@
-Ginny-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/c027faa7.0 b/scripts/biz-certs/c027faa7.0
deleted file mode 120000
index 34794f44..00000000
--- a/scripts/biz-certs/c027faa7.0
+++ /dev/null
@@ -1 +0,0 @@
-Carol-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/cf3dacf7.0 b/scripts/biz-certs/cf3dacf7.0
deleted file mode 120000
index e2d0a776..00000000
--- a/scripts/biz-certs/cf3dacf7.0
+++ /dev/null
@@ -1 +0,0 @@
-Dave-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/d9bfc7a9.0 b/scripts/biz-certs/d9bfc7a9.0
deleted file mode 120000
index c3647c1c..00000000
--- a/scripts/biz-certs/d9bfc7a9.0
+++ /dev/null
@@ -1 +0,0 @@
-Frank-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/dfc82c8e.0 b/scripts/biz-certs/dfc82c8e.0
deleted file mode 120000
index 846947ab..00000000
--- a/scripts/biz-certs/dfc82c8e.0
+++ /dev/null
@@ -1 +0,0 @@
-Ginny-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/f97c9834.0 b/scripts/biz-certs/f97c9834.0
deleted file mode 120000
index e6a1b1aa..00000000
--- a/scripts/biz-certs/f97c9834.0
+++ /dev/null
@@ -1 +0,0 @@
-Elena-CA.cer \ No newline at end of file
diff --git a/scripts/biz-certs/ff615a1f.0 b/scripts/biz-certs/ff615a1f.0
deleted file mode 120000
index 0d7c9e4a..00000000
--- a/scripts/biz-certs/ff615a1f.0
+++ /dev/null
@@ -1 +0,0 @@
-Dave-EE.cer \ No newline at end of file
diff --git a/scripts/biz-certs/ff8832dd.0 b/scripts/biz-certs/ff8832dd.0
deleted file mode 120000
index af1cacc8..00000000
--- a/scripts/biz-certs/ff8832dd.0
+++ /dev/null
@@ -1 +0,0 @@
-Dave-Root.cer \ No newline at end of file
diff --git a/scripts/cronjob.py b/scripts/cronjob.py
deleted file mode 100644
index c21caf05..00000000
--- a/scripts/cronjob.py
+++ /dev/null
@@ -1,47 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-Tool to trigger "cron" runs in rpkid.
-
-Usage: python cronjob.py [ { -c | --config } configfile ]
- [ { -h | --help } ]
-
-Default configuration file is cronjob.conf, override with --config option.
-"""
-
-import rpki.config, rpki.https, getopt, sys
-
-cfg_file = "cronjob.conf"
-
-opts,argv = getopt.getopt(sys.argv[1:], "c:h?", ["config=", "help"])
-for o,a in opts:
- if o in ("-h", "--help", "-?"):
- print __doc__
- sys.exit(0)
- elif o in ("-c", "--config"):
- cfg_file = a
-if argv:
- print __doc__
- raise RuntimeError, "Unexpected arguments %s" % argv
-
-cfg = rpki.config.parser(cfg_file, "cronjob")
-
-print rpki.https.client(privateKey = rpki.x509.RSA(Auto_file = cfg.get("https-key")),
- certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert")),
- x509TrustList = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta")),
- url = cfg.get("https-url"),
- msg = "Please run cron now.")
diff --git a/scripts/cronjob.sh b/scripts/cronjob.sh
deleted file mode 100755
index 97438a86..00000000
--- a/scripts/cronjob.sh
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh -
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-# Generate Doxygen manual for RPKI code.
-#
-# At the moment this is just for the Python libraries.
-
-lock=cronjob.lock
-
-target=/usr/local/www/data/www.hactrn.net/rpki-dox
-
-cd `/usr/bin/dirname $0` || exit
-
-case "$1" in
-
-locked)
- exec >cronjob.log 2>&1
- set -x
- cd rpki || exit
- /usr/local/bin/svn update --quiet
- /bin/rm -rf html
- PATH=/bin:/usr/bin:/usr/local/bin /usr/local/bin/doxygen </dev/null
- /usr/local/bin/rsync --archive --itemize-changes --delete-after html/ $target/
- ;;
-
-*)
- exec /usr/bin/lockf -s -t 0 $lock "$0" locked
- ;;
-
-esac
diff --git a/scripts/irbe-cli.py b/scripts/irbe-cli.py
deleted file mode 100755
index b6ce7479..00000000
--- a/scripts/irbe-cli.py
+++ /dev/null
@@ -1,208 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-Command line IR back-end control program.
-
-The query back-channel is handled by a separate program.
-"""
-
-import getopt, sys, lxml.etree, lxml.sax
-import rpki.left_right, rpki.relaxng, rpki.cms, rpki.https, rpki.x509, rpki.config, rpki.log
-
-pem_out = None
-
-class cmd_mixin(object):
- """Left-right protocol mix-in for command line client."""
-
- def client_getopt(self, argv):
- """Parse options for this class."""
- opts, argv = getopt.getopt(argv, "", [x + "=" for x in self.attributes + self.elements] + list(self.booleans))
- for o, a in opts:
- o = o[2:]
- handler = getattr(self, "client_query_" + o, None)
- if handler is not None:
- handler(a)
- elif o in self.booleans:
- setattr(self, o, True)
- else:
- assert o in self.attributes
- setattr(self, o, a)
- return argv
-
- def client_query_action(self, arg):
- """Special handler for --action option."""
- self.action = arg
- self.type = "query"
-
- def client_query_cms_ta(self, arg):
- """Special handler for --cms_ta option."""
- self.cms_ta = rpki.x509.X509(Auto_file=arg)
-
- def client_query_https_ta(self, arg):
- """Special handler for --https_ta option."""
- self.https_ta = rpki.x509.X509(Auto_file=arg)
-
- def client_reply_decode(self):
- pass
-
- def client_reply_show(self):
- print self.element_name
- for i in self.attributes + self.elements:
- if getattr(self, i) is not None:
- print " %s: %s" % (i, getattr(self, i))
-
-class self_elt(cmd_mixin, rpki.left_right.self_elt):
-
- def client_query_extension_preference(self, arg):
- """--extension_preferences option."""
- k,v = arg.split("=", 1)
- pref = rpki.left_right.extension_preference_elt()
- pref.name = k
- pref.value = v
- self.prefs.append(pref)
-
-class bsc_elt(cmd_mixin, rpki.left_right.bsc_elt):
-
- def client_query_signing_cert(self, arg):
- """--signing_cert option."""
- self.signing_cert.append(rpki.x509.X509(Auto_file=arg))
-
- def client_reply_decode(self):
- global pem_out
- if pem_out is not None and self.pkcs10_cert_request is not None:
- if isinstance(pem_out, str):
- pem_out = open(pem_out, "w")
- pem_out.write(self.pkcs10_cert_request.get_PEM())
-
-class parent_elt(cmd_mixin, rpki.left_right.parent_elt):
- pass
-
-class child_elt(cmd_mixin, rpki.left_right.child_elt):
- pass
-
-class repository_elt(cmd_mixin, rpki.left_right.repository_elt):
- pass
-
-class route_origin_elt(cmd_mixin, rpki.left_right.route_origin_elt):
-
- def client_query_as_number(self, arg):
- """Handle autonomous sequence numbers."""
- self.as_number = long(arg)
-
- def client_query_ipv4(self, arg):
- """Handle IPv4 addresses."""
- self.ipv4 = resource_set.resource_set_ipv4(arg)
-
- def client_query_ipv6(self, arg):
- """Handle IPv6 addresses."""
- self.ipv6 = resource_set.resource_set_ipv6(arg)
-
-class msg(rpki.left_right.msg):
- pdus = dict((x.element_name, x)
- for x in (self_elt, bsc_elt, parent_elt, child_elt, repository_elt, route_origin_elt))
-
-class sax_handler(rpki.left_right.sax_handler):
- pdu = msg
-
-top_opts = ["config=", "help", "pem_out="]
-
-def usage(code=1):
- print "Usage:", sys.argv[0], " ".join(["--" + x for x in top_opts])
- for k,v in msg.pdus.items():
- print " ", k, \
- " ".join(["--" + x + "=" for x in v.attributes + v.elements]), \
- " ".join(["--" + x for x in v.booleans])
- sys.exit(code)
-
-# Main program
-
-rpki.log.init("irbe-cli")
-
-argv = sys.argv[1:]
-
-if not argv:
- usage(0)
-
-cfg_file = "irbe.conf"
-
-opts, argv = getopt.getopt(argv, "c:h?", top_opts)
-for o, a in opts:
- if o in ("-?", "-h", "--help"):
- usage(0)
- if o in ("-c", "--config"):
- cfg_file = a
- if o == "--pem_out":
- pem_out = a
-
-if not argv:
- usage(1)
-
-cfg = rpki.config.parser(cfg_file, "irbe-cli")
-
-q_msg = rpki.left_right.msg()
-
-while argv:
- try:
- q_pdu = msg.pdus[argv[0]]()
- except KeyError:
- usage(1)
- argv = q_pdu.client_getopt(argv[1:])
- q_msg.append(q_pdu)
-
-# We don't use rpki.cms.xml_sign() and rpki.cms.xml_verify() because
-# we want to display the raw XML. If and when that changes, we clean
-# up the following slightly.
-
-q_elt = q_msg.toXML()
-q_xml = lxml.etree.tostring(q_elt, pretty_print=True, encoding="us-ascii", xml_declaration=True)
-try:
- rpki.relaxng.left_right.assertValid(q_elt)
-except lxml.etree.DocumentInvalid:
- print "Generated query document does not pass schema check:"
- print
- print q_xml
- raise
-
-q_cms = rpki.cms.sign(q_xml,
- rpki.x509.RSA(Auto_file = cfg.get("cms-key")),
- rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-certs")))
-
-r_cms = rpki.https.client(privateKey = rpki.x509.RSA(Auto_file = cfg.get("https-key")),
- certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-certs")),
- x509TrustList = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta")),
- url = cfg.get("https-url"),
- msg = q_cms)
-
-r_xml = rpki.cms.verify(r_cms, rpki.x509.X509(Auto_file = cfg.get("cms-ta")))
-
-r_elt = lxml.etree.fromstring(r_xml)
-try:
- rpki.relaxng.left_right.assertValid(r_elt)
-except lxml.etree.DocumentInvalid:
- print "Received reply document does not pass schema check:"
- print r_xml
- raise
-
-print r_xml
-
-handler = sax_handler()
-lxml.sax.saxify(r_elt, handler)
-r_msg = handler.result
-
-for r_pdu in r_msg:
- r_pdu.client_reply_decode()
- #r_pdu.client_reply_show()
diff --git a/scripts/irbe-setup.py b/scripts/irbe-setup.py
deleted file mode 100644
index 90ea5113..00000000
--- a/scripts/irbe-setup.py
+++ /dev/null
@@ -1,125 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Set up the relationship between an IRBE and an RPKI engine given an
-IRDB. Our main task here is to create child objects in the RPKI
-engine for every registrant object in the IRDB.
-"""
-
-import os, MySQLdb, getopt, sys, lxml.etree, lxml.sax
-import rpki.left_right, rpki.relaxng, rpki.cms, rpki.https
-import rpki.x509, rpki.config, rpki.log
-
-rpki.log.init("irbe-setup")
-
-cfg = rpki.config.parser("irbe.conf", "irbe-cli")
-
-db = MySQLdb.connect(user = cfg.get("sql-username", section = "irdbd"),
- db = cfg.get("sql-database", section = "irdbd"),
- passwd = cfg.get("sql-password", section = "irdbd"))
-cur = db.cursor()
-
-cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-cert"))
-cms_key = rpki.x509.RSA( Auto_file = cfg.get( "cms-key"))
-cms_ta = rpki.x509.X509( Auto_file = cfg.get( "cms-ta"))
-https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert"))
-https_key = rpki.x509.RSA( Auto_file = cfg.get( "https-key"))
-https_tas = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta"))
-https_url = cfg.get( "https-url")
-
-def call_rpkid(pdu):
- """Hand a PDU to rpkid and get back the response. Just throw an
- exception if anything bad happens, no fancy error handling.
- """
-
- pdu.type = "query"
- msg = rpki.left_right.msg((pdu,))
- elt = msg.toXML()
- try:
- rpki.relaxng.left_right.assertValid(elt)
- except lxml.etree.DocumentInvalid:
- print lxml.etree.tostring(elt, pretty_print = True, encoding = "us-ascii")
- raise
- elt = rpki.cms.xml_verify(cms = rpki.https.client(privateKey = https_key,
- certChain = https_certs,
- x509TrustList = https_tas,
- url = https_url,
- msg = rpki.cms.xml_sign(elt = elt,
- key = cms_key,
- certs = cms_certs)),
- ta = cms_ta)
- try:
- rpki.relaxng.left_right.assertValid(elt)
- except lxml.etree.DocumentInvalid:
- print lxml.etree.tostring(elt, pretty_print = True, encoding = "us-ascii")
- raise
- msg = rpki.left_right.sax_handler.saxify(elt)
- pdu = msg[0]
- assert len(msg) == 1 and pdu.type == "reply" and not isinstance(pdu, rpki.left_right.report_error_elt)
- return pdu
-
-print "Create a self instance"
-pdu = call_rpkid(rpki.left_right.self_elt.make_pdu(action = "create", crl_interval = 84600))
-self_id = pdu.self_id
-
-print "Create a business signing context"
-pdu = rpki.left_right.bsc_elt.make_pdu(action = "create", self_id = self_id, generate_keypair = True)
-pdu.signing_cert.append(rpki.x509.X509(Auto_file = "biz-certs/Bob-CA.cer"))
-pdu = call_rpkid(pdu)
-bsc_id = pdu.bsc_id
-
-print "Issue the business cert"
-i,o = os.popen2(("openssl", "x509", "-req",
- "-CA", "biz-certs/Bob-CA.cer",
- "-CAkey", "biz-certs/Bob-CA.key",
- "-CAserial", "biz-certs/Bob-CA.srl"))
-i.write(pdu.pkcs10_cert_request.get_PEM())
-i.close()
-cer = rpki.x509.X509(PEM = o.read())
-o.close()
-
-print "Set up the business cert chain"
-pdu = rpki.left_right.bsc_elt.make_pdu(action = "set", self_id = self_id, bsc_id = bsc_id)
-pdu.signing_cert.append(cer)
-call_rpkid(pdu)
-
-print "Create a repository context"
-pdu = call_rpkid(rpki.left_right.repository_elt.make_pdu(action = "create", self_id = self_id, bsc_id = bsc_id))
-repository_id = pdu.repository_id
-
-print "Create a parent context"
-ta = rpki.x509.X509(Auto_file = "biz-certs/Elena-Root.cer")
-pdu = call_rpkid(rpki.left_right.parent_elt.make_pdu(
- action = "create", self_id = self_id, bsc_id = bsc_id, repository_id = repository_id, cms_ta = ta, https_ta = ta,
- peer_contact_uri = "https://localhost:44333/", sia_base = "rsync://wombat.invalid/"))
-parent_id = pdu.parent_id
-
-print "Create child contexts for everybody"
-print "Using a single cert for all of these registrants is a crock"
-
-cer = rpki.x509.X509(Auto_file = "biz-certs/Frank-Root.cer")
-
-cur.execute("SELECT registrant_id, subject_name FROM registrant")
-registrants = cur.fetchall()
-
-for registrant_id, subject_name in registrants:
- print "Attempting to bind", registrant_id, subject_name
- pdu = call_rpkid(rpki.left_right.child_elt.make_pdu(action = "create", self_id = self_id, bsc_id = bsc_id, cms_ta = cer))
- print "Attempting to bind", registrant_id, subject_name, pdu.child_id
- cur.execute("""UPDATE registrant
- SET rpki_self_id = %d, rpki_child_id = %d
- WHERE registrant_id = %d
- """, (self_id, pdu.child_id, registrant_id))
diff --git a/scripts/irbe-setup.sh b/scripts/irbe-setup.sh
deleted file mode 100644
index 31342aaa..00000000
--- a/scripts/irbe-setup.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh -
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-# Run irbe-setup.py, under screen if possible.
-
-#make test
-
-if test -n "$STY"
-then
- screen python rpkid.py
-else
- python rpkid.py >>rpkid.log 2>&1 & rpkid=$!
- trap "kill $rpkid" 0 1 2 3 13 15
-fi
-
-sleep 5
-
-exec python irbe-setup.py
diff --git a/scripts/irdbd.py b/scripts/irdbd.py
deleted file mode 100755
index d7ecca2b..00000000
--- a/scripts/irdbd.py
+++ /dev/null
@@ -1,131 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-IR database daemon.
-
-Usage: python irdbd.py [ { -c | --config } configfile ] [ { -h | --help } ]
-
-Default configuration file is irdbd.conf, override with --config option.
-"""
-
-import sys, os, time, getopt, urlparse, traceback
-import tlslite.api, MySQLdb, lxml.etree
-import rpki.https, rpki.config, rpki.resource_set, rpki.cms, rpki.relaxng
-import rpki.exceptions, rpki.left_right, rpki.log
-
-def handler(query, path):
- try:
- q_elt = rpki.cms.xml_verify(query, cms_ta)
- rpki.relaxng.left_right.assertValid(q_elt)
- q_msg = rpki.left_right.sax_handler.saxify(q_elt)
- if not isinstance(q_msg, rpki.left_right.msg):
- raise rpki.exceptions.BadQuery, "Unexpected %s PDU" % repr(q_msg)
-
- r_msg = rpki.left_right.msg()
-
- for q_pdu in q_msg:
-
- try:
- if not isinstance(q_pdu, rpki.left_right.list_resources_elt) or q_pdu.type != "query":
- raise rpki.exceptions.BadQuery, "Unexpected %s PDU" % repr(q_pdu)
-
- r_pdu = rpki.left_right.list_resources_elt()
- r_pdu.type = "reply"
- r_pdu.tag = q_pdu.tag
- r_pdu.self_id = q_pdu.self_id
- r_pdu.child_id = q_pdu.child_id
-
- cur.execute("""SELECT registrant_id, subject_name, valid_until FROM registrant
- WHERE registrant.rpki_self_id = %s AND registrant.rpki_child_id = %s
- """, (q_pdu.self_id, q_pdu.child_id))
- if cur.rowcount != 1:
- raise rpki.exceptions.NotInDatabase, \
- "This query should have produced a single exact match, something's messed up (rowcount = %d, self_id = %s, child_id = %s)" \
- % (cur.rowcount, q_pdu.self_id, q_pdu.child_id)
-
- registrant_id, subject_name, valid_until = cur.fetchone()
- r_pdu.subject_name = subject_name
- r_pdu.valid_until = valid_until.strftime("%Y-%m-%dT%H:%M:%SZ")
- r_pdu.as = rpki.resource_set.resource_set_as.from_sql(cur, "SELECT start_as, end_as FROM asn WHERE registrant_id = %s", (registrant_id,))
- r_pdu.ipv4 = rpki.resource_set.resource_set_ipv4.from_sql(cur, "SELECT start_ip, end_ip FROM net WHERE registrant_id = %s AND version = 4", (registrant_id,))
- r_pdu.ipv6 = rpki.resource_set.resource_set_ipv6.from_sql(cur, "SELECT start_ip, end_ip FROM net WHERE registrant_id = %s AND version = 6", (registrant_id,))
-
- except Exception, data:
- rpki.log.error(traceback.format_exc())
- r_pdu = rpki.left_right.report_error_elt.from_exception(data, q_pdu.self_id)
-
- r_msg.append(r_pdu)
-
- r_elt = r_msg.toXML()
- rpki.relaxng.left_right.assertValid(r_elt)
- return 200, rpki.cms.xml_sign(r_elt, cms_key, cms_certs)
-
- except Exception, data:
- rpki.log.error(traceback.format_exc())
-
- # We only get here in cases where we couldn't or wouldn't generate
- # <report_error/>, so just return HTTP failure.
-
- return 500, "Unhandled exception %s: %s" % (data.__class__.__name__, data)
-
-os.environ["TZ"] = "UTC"
-time.tzset()
-
-rpki.log.init("irdbd")
-
-cfg_file = "irdbd.conf"
-
-opts,argv = getopt.getopt(sys.argv[1:], "c:h?", ["config=", "help"])
-for o,a in opts:
- if o in ("-h", "--help", "-?"):
- print __doc__
- sys.exit(0)
- if o in ("-c", "--config"):
- cfg_file = a
-if argv:
- raise RuntimeError, "Unexpected arguments %s" % argv
-
-cfg = rpki.config.parser(cfg_file, "irdbd")
-
-startup_msg = cfg.get("startup-message", "")
-if startup_msg:
- rpki.log.info(startup_msg)
-
-db = MySQLdb.connect(user = cfg.get("sql-username"),
- db = cfg.get("sql-database"),
- passwd = cfg.get("sql-password"))
-
-cur = db.cursor()
-
-cms_ta = rpki.x509.X509(Auto_file = cfg.get("cms-ta"))
-cms_key = rpki.x509.RSA(Auto_file = cfg.get("cms-key"))
-cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-certs"))
-
-u = urlparse.urlparse(cfg.get("https-url"))
-
-assert u.scheme in ("", "https") and \
- u.username is None and \
- u.password is None and \
- u.params == "" and \
- u.query == "" and \
- u.fragment == ""
-
-rpki.https.server(privateKey = rpki.x509.RSA(Auto_file = cfg.get("https-key")),
- certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-certs")),
- host = u.hostname or "localhost",
- port = u.port or 443,
- handlers = ((u.path, handler),))
diff --git a/scripts/left-right-protocol-samples.xsl b/scripts/left-right-protocol-samples.xsl
deleted file mode 100644
index da313544..00000000
--- a/scripts/left-right-protocol-samples.xsl
+++ /dev/null
@@ -1,37 +0,0 @@
-<!-- $Id$
- -
- - Generate test case PDUs for left-right protocol. Invoke thusly:
- -
- - $ xsltproc left-right-protocol-samples.xsl ../docs/left-right-xml
- -->
-
-<xsl:transform xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"
- xmlns:exsl="http://exslt.org/common"
- extension-element-prefixes="exsl">
-
- <xsl:param name="dir">left-right-protocol-samples</xsl:param>
- <xsl:param name="msgs" select="1"/>
-
- <xsl:strip-space elements="*"/>
-
- <xsl:template match="/completely_gratuitous_wrapper_element_to_let_me_run_this_through_xmllint">
- <xsl:for-each select="*">
- <xsl:variable name="filename" select="concat($dir, '/pdu.', format-number(position(), '000'), '.xml')"/>
- <xsl:if test="$msgs">
- <xsl:message><xsl:text>Writing </xsl:text><xsl:value-of select="$filename"/></xsl:message>
- </xsl:if>
- <exsl:document href="{$filename}" indent="yes" encoding="US-ASCII">
- <xsl:comment>Automatically generated, do not edit.</xsl:comment>
- <xsl:copy-of select="." />
- </exsl:document>
- </xsl:for-each>
- </xsl:template>
-</xsl:transform>
-
-
-<!--
- - Local variables:
- - mode: sgml
- - compile-command: "xsltproc left-right-protocol-samples.xsl ../docs/left-right-xml"
- - End:
- -->
diff --git a/scripts/left-right-protocol-samples/pdu.001.xml b/scripts/left-right-protocol-samples/pdu.001.xml
deleted file mode 100644
index 7d6b1bd5..00000000
--- a/scripts/left-right-protocol-samples/pdu.001.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="create" type="query" tag="a000">
- <extension_preference name="name">Launcelot</extension_preference>
- <extension_preference name="quest">Holy Grail</extension_preference>
- </self>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.002.xml b/scripts/left-right-protocol-samples/pdu.002.xml
deleted file mode 100644
index 248adc19..00000000
--- a/scripts/left-right-protocol-samples/pdu.002.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="create" type="reply" tag="a000" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.003.xml b/scripts/left-right-protocol-samples/pdu.003.xml
deleted file mode 100644
index b53bb031..00000000
--- a/scripts/left-right-protocol-samples/pdu.003.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="set" type="query" self_id="42" rekey="yes" reissue="yes" revoke="yes" run_now="yes" publish_world_now="yes" clear_extension_preferences="yes" crl_interval="3600" use_hsm="no">
- <extension_preference name="color">Blue</extension_preference>
- </self>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.004.xml b/scripts/left-right-protocol-samples/pdu.004.xml
deleted file mode 100644
index ae9a2f54..00000000
--- a/scripts/left-right-protocol-samples/pdu.004.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="set" type="reply" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.005.xml b/scripts/left-right-protocol-samples/pdu.005.xml
deleted file mode 100644
index f039e484..00000000
--- a/scripts/left-right-protocol-samples/pdu.005.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="get" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.006.xml b/scripts/left-right-protocol-samples/pdu.006.xml
deleted file mode 100644
index 7f51884a..00000000
--- a/scripts/left-right-protocol-samples/pdu.006.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="get" type="reply" self_id="42">
- <extension_preference name="name">Launcelot</extension_preference>
- <extension_preference name="quest">Holy Grail</extension_preference>
- <extension_preference name="color">Blue</extension_preference>
- </self>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.007.xml b/scripts/left-right-protocol-samples/pdu.007.xml
deleted file mode 100644
index 19e8d75e..00000000
--- a/scripts/left-right-protocol-samples/pdu.007.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="list" type="query"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.008.xml b/scripts/left-right-protocol-samples/pdu.008.xml
deleted file mode 100644
index ce6ded4a..00000000
--- a/scripts/left-right-protocol-samples/pdu.008.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="list" type="reply" self_id="42">
- <extension_preference name="name">Launcelot</extension_preference>
- <extension_preference name="quest">Holy Grail</extension_preference>
- <extension_preference name="color">Blue</extension_preference>
- </self>
- <self action="list" type="reply" self_id="99">
- <extension_preference name="name">Arthur, King of the Britons</extension_preference>
- <extension_preference name="quest">Holy Grail</extension_preference>
- <extension_preference name="airspeed_velocity_of_an_unladen_swallow">African or European swallow?</extension_preference>
- </self>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.009.xml b/scripts/left-right-protocol-samples/pdu.009.xml
deleted file mode 100644
index bc7da935..00000000
--- a/scripts/left-right-protocol-samples/pdu.009.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="destroy" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.010.xml b/scripts/left-right-protocol-samples/pdu.010.xml
deleted file mode 100644
index 1fd0bb69..00000000
--- a/scripts/left-right-protocol-samples/pdu.010.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <self action="destroy" type="reply" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.011.xml b/scripts/left-right-protocol-samples/pdu.011.xml
deleted file mode 100644
index 5a061211..00000000
--- a/scripts/left-right-protocol-samples/pdu.011.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="create" type="query" self_id="42" generate_keypair="yes" key_type="rsa" hash_alg="sha256" key_length="2048">
- <signing_cert>
- MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
- BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda
- Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp
- Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd
- IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr
- 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn
- 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v
- 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht
- O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT
- 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s
- vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G
- CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk
- ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu
- ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO
- jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO
- vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/
- 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S
- </signing_cert>
- </bsc>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.012.xml b/scripts/left-right-protocol-samples/pdu.012.xml
deleted file mode 100644
index cca6c8c7..00000000
--- a/scripts/left-right-protocol-samples/pdu.012.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="create" type="reply" self_id="42" bsc_id="17">
- <pkcs10_cert_request>cmVxdWVzdAo=</pkcs10_cert_request>
- </bsc>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.013.xml b/scripts/left-right-protocol-samples/pdu.013.xml
deleted file mode 100644
index 3c1c5adc..00000000
--- a/scripts/left-right-protocol-samples/pdu.013.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="set" type="query" self_id="42" bsc_id="17" clear_signing_certs="yes">
- <signing_cert>
- MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
- BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda
- Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp
- Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd
- IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr
- 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn
- 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v
- 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht
- O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT
- 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s
- vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G
- CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk
- ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu
- ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO
- jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO
- vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/
- 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S
- </signing_cert>
- </bsc>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.014.xml b/scripts/left-right-protocol-samples/pdu.014.xml
deleted file mode 100644
index dbb00bf7..00000000
--- a/scripts/left-right-protocol-samples/pdu.014.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="set" type="reply" self_id="42" bsc_id="17"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.015.xml b/scripts/left-right-protocol-samples/pdu.015.xml
deleted file mode 100644
index 25137d90..00000000
--- a/scripts/left-right-protocol-samples/pdu.015.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="get" type="query" self_id="42" bsc_id="17"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.016.xml b/scripts/left-right-protocol-samples/pdu.016.xml
deleted file mode 100644
index bfa6009a..00000000
--- a/scripts/left-right-protocol-samples/pdu.016.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="get" type="reply" self_id="42" bsc_id="17">
- <signing_cert>
- MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
- BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda
- Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp
- Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd
- IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr
- 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn
- 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v
- 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht
- O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT
- 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s
- vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G
- CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk
- ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu
- ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO
- jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO
- vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/
- 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S
- </signing_cert>
- <signing_cert>
- MIIDGDCCAgCgAwIBAgIJANkdU8+R7K3fMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxpY2UgQ0EwHhcNMDcwODAxMTk1MzA3WhcN
- MDcwODMxMTk1MzA3WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEFsaWNl
- IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64aCougbqPB/PjR9
- ipPd5c/QGlKh8QsCvh4ka3VjRp+zCUEiOI6W7hKUGVoNlqwFjZo2CsqX8qoW0e/S
- sQp9RMH80jgYjfxVPvK3S+sMoXredH+PhOqttf1rCEXbvqP4t9FWUdKJz558oHbO
- MXirP7MFUrWk96F/id+BFG01aKy9RE68DlkcPZAJjpcQ0kEYCIyAQckqgVrIaH2X
- QiEtB5asHrvGH0N5fmUWDeBfHTGVI3dbc6nLU9RYlVo/RCo0C38fi44/PIdnJCZG
- 4+m2ZXG+QbhNWVr4BsSIpF0oiQDelrebDrK4TYJ4skfwLHdlmJbtaeG7zwukDQkN
- CIIXRwIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTjSaMtxysroFSek8cD
- OTdc6+ZY0jAfBgNVHSMEGDAWgBReiOCEd94f7LzmuFbMNonD6PE4GjANBgkqhkiG
- 9w0BAQUFAAOCAQEAH8ccePGVdGeytS14upV+20hxsGHLS66XxZJlQyQmYOwy4OL9
- F17VODm7UC3h6qnAGbNCvRa6TPah1gRWfwkZDlYC48whDlxi2QX23PcuVKstrv3i
- MiVcTm6AuVyfDn4DJ89TDUY+bPFne46lpSBxt9xXg6UsHMSthoerTYVcaYNHoGpt
- wQPCgrYT/bdQeUpAL7rtha+by0x74vUgO8W84MX0XjCWqXgyP/XBlqxjx7B9Gydw
- 5tNbASf9blRIQcQ9uy+S8mOlHQWfOhe6nN++LhVxYlOzdDKFboTmCwYZwNJHhnRl
- okQ8do5ItBt92MoJgI26PoOiE3xXVyuYb1b7vw==
- </signing_cert>
- <public_key>
- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64aCougbqPB/PjR9ipPd
- 5c/QGlKh8QsCvh4ka3VjRp+zCUEiOI6W7hKUGVoNlqwFjZo2CsqX8qoW0e/SsQp9
- RMH80jgYjfxVPvK3S+sMoXredH+PhOqttf1rCEXbvqP4t9FWUdKJz558oHbOMXir
- P7MFUrWk96F/id+BFG01aKy9RE68DlkcPZAJjpcQ0kEYCIyAQckqgVrIaH2XQiEt
- B5asHrvGH0N5fmUWDeBfHTGVI3dbc6nLU9RYlVo/RCo0C38fi44/PIdnJCZG4+m2
- ZXG+QbhNWVr4BsSIpF0oiQDelrebDrK4TYJ4skfwLHdlmJbtaeG7zwukDQkNCIIX
- RwIDAQAB
- </public_key>
- </bsc>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.017.xml b/scripts/left-right-protocol-samples/pdu.017.xml
deleted file mode 100644
index dc882a50..00000000
--- a/scripts/left-right-protocol-samples/pdu.017.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="list" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.018.xml b/scripts/left-right-protocol-samples/pdu.018.xml
deleted file mode 100644
index bfa6009a..00000000
--- a/scripts/left-right-protocol-samples/pdu.018.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="get" type="reply" self_id="42" bsc_id="17">
- <signing_cert>
- MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
- BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda
- Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp
- Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd
- IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr
- 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn
- 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v
- 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht
- O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT
- 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s
- vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G
- CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk
- ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu
- ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO
- jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO
- vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/
- 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S
- </signing_cert>
- <signing_cert>
- MIIDGDCCAgCgAwIBAgIJANkdU8+R7K3fMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxpY2UgQ0EwHhcNMDcwODAxMTk1MzA3WhcN
- MDcwODMxMTk1MzA3WjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEFsaWNl
- IEVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64aCougbqPB/PjR9
- ipPd5c/QGlKh8QsCvh4ka3VjRp+zCUEiOI6W7hKUGVoNlqwFjZo2CsqX8qoW0e/S
- sQp9RMH80jgYjfxVPvK3S+sMoXredH+PhOqttf1rCEXbvqP4t9FWUdKJz558oHbO
- MXirP7MFUrWk96F/id+BFG01aKy9RE68DlkcPZAJjpcQ0kEYCIyAQckqgVrIaH2X
- QiEtB5asHrvGH0N5fmUWDeBfHTGVI3dbc6nLU9RYlVo/RCo0C38fi44/PIdnJCZG
- 4+m2ZXG+QbhNWVr4BsSIpF0oiQDelrebDrK4TYJ4skfwLHdlmJbtaeG7zwukDQkN
- CIIXRwIDAQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTjSaMtxysroFSek8cD
- OTdc6+ZY0jAfBgNVHSMEGDAWgBReiOCEd94f7LzmuFbMNonD6PE4GjANBgkqhkiG
- 9w0BAQUFAAOCAQEAH8ccePGVdGeytS14upV+20hxsGHLS66XxZJlQyQmYOwy4OL9
- F17VODm7UC3h6qnAGbNCvRa6TPah1gRWfwkZDlYC48whDlxi2QX23PcuVKstrv3i
- MiVcTm6AuVyfDn4DJ89TDUY+bPFne46lpSBxt9xXg6UsHMSthoerTYVcaYNHoGpt
- wQPCgrYT/bdQeUpAL7rtha+by0x74vUgO8W84MX0XjCWqXgyP/XBlqxjx7B9Gydw
- 5tNbASf9blRIQcQ9uy+S8mOlHQWfOhe6nN++LhVxYlOzdDKFboTmCwYZwNJHhnRl
- okQ8do5ItBt92MoJgI26PoOiE3xXVyuYb1b7vw==
- </signing_cert>
- <public_key>
- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64aCougbqPB/PjR9ipPd
- 5c/QGlKh8QsCvh4ka3VjRp+zCUEiOI6W7hKUGVoNlqwFjZo2CsqX8qoW0e/SsQp9
- RMH80jgYjfxVPvK3S+sMoXredH+PhOqttf1rCEXbvqP4t9FWUdKJz558oHbOMXir
- P7MFUrWk96F/id+BFG01aKy9RE68DlkcPZAJjpcQ0kEYCIyAQckqgVrIaH2XQiEt
- B5asHrvGH0N5fmUWDeBfHTGVI3dbc6nLU9RYlVo/RCo0C38fi44/PIdnJCZG4+m2
- ZXG+QbhNWVr4BsSIpF0oiQDelrebDrK4TYJ4skfwLHdlmJbtaeG7zwukDQkNCIIX
- RwIDAQAB
- </public_key>
- </bsc>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.019.xml b/scripts/left-right-protocol-samples/pdu.019.xml
deleted file mode 100644
index 62c3e9de..00000000
--- a/scripts/left-right-protocol-samples/pdu.019.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="destroy" type="query" self_id="42" bsc_id="17"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.020.xml b/scripts/left-right-protocol-samples/pdu.020.xml
deleted file mode 100644
index 75375dad..00000000
--- a/scripts/left-right-protocol-samples/pdu.020.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <bsc action="destroy" type="reply" self_id="42" bsc_id="17"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.021.xml b/scripts/left-right-protocol-samples/pdu.021.xml
deleted file mode 100644
index 41bc67af..00000000
--- a/scripts/left-right-protocol-samples/pdu.021.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="create" type="query" self_id="42" peer_contact_uri="https://re.bar.example/bandicoot/" sia_base="rsync://repo.foo.example/wombat/" bsc_id="17" repository_id="120" sender_name="tweedledee" recipient_name="tweedledum">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </parent>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.022.xml b/scripts/left-right-protocol-samples/pdu.022.xml
deleted file mode 100644
index 8c0a8d7d..00000000
--- a/scripts/left-right-protocol-samples/pdu.022.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="create" type="reply" self_id="42" parent_id="666"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.023.xml b/scripts/left-right-protocol-samples/pdu.023.xml
deleted file mode 100644
index 1f3633c0..00000000
--- a/scripts/left-right-protocol-samples/pdu.023.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="set" type="query" self_id="42" parent_id="666" peer_contact_uri="https://re.bar.example/bandicoot/" sia_base="rsync://repo.foo.example/wombat/" bsc_id="17" repository_id="120" rekey="yes" reissue="yes" revoke="yes">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </parent>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.024.xml b/scripts/left-right-protocol-samples/pdu.024.xml
deleted file mode 100644
index 902e89ef..00000000
--- a/scripts/left-right-protocol-samples/pdu.024.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="set" type="reply" self_id="42" parent_id="666"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.025.xml b/scripts/left-right-protocol-samples/pdu.025.xml
deleted file mode 100644
index 51e077ba..00000000
--- a/scripts/left-right-protocol-samples/pdu.025.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="get" type="query" self_id="42" parent_id="666"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.026.xml b/scripts/left-right-protocol-samples/pdu.026.xml
deleted file mode 100644
index 8cddc8d8..00000000
--- a/scripts/left-right-protocol-samples/pdu.026.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="get" type="reply" self_id="42" parent_id="666" peer_contact_uri="https://re.bar.example/bandicoot/" sia_base="rsync://repo.foo.example/wombat/" bsc_id="17" repository_id="120">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </parent>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.027.xml b/scripts/left-right-protocol-samples/pdu.027.xml
deleted file mode 100644
index 6c417adb..00000000
--- a/scripts/left-right-protocol-samples/pdu.027.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="list" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.028.xml b/scripts/left-right-protocol-samples/pdu.028.xml
deleted file mode 100644
index 1e8f5c95..00000000
--- a/scripts/left-right-protocol-samples/pdu.028.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="list" type="reply" self_id="42" parent_id="666" peer_contact_uri="https://re.bar.example/bandicoot/" sia_base="rsync://repo.foo.example/wombat/" bsc_id="17" repository_id="120">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </parent>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.029.xml b/scripts/left-right-protocol-samples/pdu.029.xml
deleted file mode 100644
index 2cb9dc8b..00000000
--- a/scripts/left-right-protocol-samples/pdu.029.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="destroy" type="query" self_id="42" parent_id="666"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.030.xml b/scripts/left-right-protocol-samples/pdu.030.xml
deleted file mode 100644
index 8e3d4c65..00000000
--- a/scripts/left-right-protocol-samples/pdu.030.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <parent action="destroy" type="reply" self_id="42" parent_id="666"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.031.xml b/scripts/left-right-protocol-samples/pdu.031.xml
deleted file mode 100644
index 4871b271..00000000
--- a/scripts/left-right-protocol-samples/pdu.031.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="create" type="query" self_id="42" bsc_id="17">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- </child>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.032.xml b/scripts/left-right-protocol-samples/pdu.032.xml
deleted file mode 100644
index f5b3dbe9..00000000
--- a/scripts/left-right-protocol-samples/pdu.032.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="create" type="reply" self_id="42" child_id="3"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.033.xml b/scripts/left-right-protocol-samples/pdu.033.xml
deleted file mode 100644
index 37bac784..00000000
--- a/scripts/left-right-protocol-samples/pdu.033.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="set" type="query" self_id="42" child_id="3" bsc_id="17" reissue="yes">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- </child>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.034.xml b/scripts/left-right-protocol-samples/pdu.034.xml
deleted file mode 100644
index f3332bb6..00000000
--- a/scripts/left-right-protocol-samples/pdu.034.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="set" type="reply" self_id="42" child_id="3"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.035.xml b/scripts/left-right-protocol-samples/pdu.035.xml
deleted file mode 100644
index 1fa3192c..00000000
--- a/scripts/left-right-protocol-samples/pdu.035.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="get" type="query" self_id="42" child_id="3"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.036.xml b/scripts/left-right-protocol-samples/pdu.036.xml
deleted file mode 100644
index 4c2576e1..00000000
--- a/scripts/left-right-protocol-samples/pdu.036.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="get" type="reply" self_id="42" child_id="3" bsc_id="17">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- </child>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.037.xml b/scripts/left-right-protocol-samples/pdu.037.xml
deleted file mode 100644
index fcfe3199..00000000
--- a/scripts/left-right-protocol-samples/pdu.037.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="list" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.038.xml b/scripts/left-right-protocol-samples/pdu.038.xml
deleted file mode 100644
index 42d203a4..00000000
--- a/scripts/left-right-protocol-samples/pdu.038.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="list" type="reply" self_id="42" child_id="3" bsc_id="17">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- </child>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.039.xml b/scripts/left-right-protocol-samples/pdu.039.xml
deleted file mode 100644
index dc4fb285..00000000
--- a/scripts/left-right-protocol-samples/pdu.039.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="destroy" type="query" self_id="42" child_id="3"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.040.xml b/scripts/left-right-protocol-samples/pdu.040.xml
deleted file mode 100644
index 82f28511..00000000
--- a/scripts/left-right-protocol-samples/pdu.040.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <child action="destroy" type="reply" self_id="42" child_id="3"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.041.xml b/scripts/left-right-protocol-samples/pdu.041.xml
deleted file mode 100644
index 40cccf4d..00000000
--- a/scripts/left-right-protocol-samples/pdu.041.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="create" type="query" self_id="42" peer_contact_uri="https://re.bar.example/bandicoot/" bsc_id="17">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </repository>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.042.xml b/scripts/left-right-protocol-samples/pdu.042.xml
deleted file mode 100644
index e7398c7f..00000000
--- a/scripts/left-right-protocol-samples/pdu.042.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="create" type="reply" self_id="42" repository_id="120"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.043.xml b/scripts/left-right-protocol-samples/pdu.043.xml
deleted file mode 100644
index e8f391a5..00000000
--- a/scripts/left-right-protocol-samples/pdu.043.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="set" type="query" self_id="42" repository_id="120" peer_contact_uri="https://re.bar.example/bandicoot/" bsc_id="17">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </repository>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.044.xml b/scripts/left-right-protocol-samples/pdu.044.xml
deleted file mode 100644
index d7506e3d..00000000
--- a/scripts/left-right-protocol-samples/pdu.044.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="set" type="reply" self_id="42" repository_id="120"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.045.xml b/scripts/left-right-protocol-samples/pdu.045.xml
deleted file mode 100644
index 78866dad..00000000
--- a/scripts/left-right-protocol-samples/pdu.045.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="get" type="query" self_id="42" repository_id="120"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.046.xml b/scripts/left-right-protocol-samples/pdu.046.xml
deleted file mode 100644
index ad7e42a4..00000000
--- a/scripts/left-right-protocol-samples/pdu.046.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="get" type="reply" self_id="42" repository_id="120" peer_contact_uri="https://re.bar.example/bandicoot/" bsc_id="17">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </repository>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.047.xml b/scripts/left-right-protocol-samples/pdu.047.xml
deleted file mode 100644
index 5ca17d89..00000000
--- a/scripts/left-right-protocol-samples/pdu.047.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="list" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.048.xml b/scripts/left-right-protocol-samples/pdu.048.xml
deleted file mode 100644
index ff92dc33..00000000
--- a/scripts/left-right-protocol-samples/pdu.048.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="list" type="reply" self_id="42" repository_id="120" peer_contact_uri="https://re.bar.example/bandicoot/" bsc_id="17">
- <cms_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </cms_ta>
- <https_ta>
- MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
- BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN
- MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS
- b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S
- G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G
- Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC
- DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM
- uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP
- 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ
- diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4
- ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq
- hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg
- cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4
- XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm
- sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH
- YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq
- 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ==
- </https_ta>
- </repository>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.049.xml b/scripts/left-right-protocol-samples/pdu.049.xml
deleted file mode 100644
index b89ad078..00000000
--- a/scripts/left-right-protocol-samples/pdu.049.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="destroy" type="query" self_id="42" repository_id="120"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.050.xml b/scripts/left-right-protocol-samples/pdu.050.xml
deleted file mode 100644
index 92f1ce11..00000000
--- a/scripts/left-right-protocol-samples/pdu.050.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <repository action="destroy" type="reply" self_id="42" repository_id="120"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.051.xml b/scripts/left-right-protocol-samples/pdu.051.xml
deleted file mode 100644
index afbbc82a..00000000
--- a/scripts/left-right-protocol-samples/pdu.051.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="create" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.052.xml b/scripts/left-right-protocol-samples/pdu.052.xml
deleted file mode 100644
index 87ab3b1d..00000000
--- a/scripts/left-right-protocol-samples/pdu.052.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="create" type="reply" self_id="42" route_origin_id="88"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.053.xml b/scripts/left-right-protocol-samples/pdu.053.xml
deleted file mode 100644
index a36dc495..00000000
--- a/scripts/left-right-protocol-samples/pdu.053.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="set" type="query" self_id="42" route_origin_id="88" suppress_publication="yes" as_number="12345" ipv4="10.0.0.44/32,10.2.0.6-10.2.0.77" ipv6="2002:a00::/48,2002:a02:6::-2002:a02:4d::"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.054.xml b/scripts/left-right-protocol-samples/pdu.054.xml
deleted file mode 100644
index 263b189c..00000000
--- a/scripts/left-right-protocol-samples/pdu.054.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="set" type="reply" self_id="42" route_origin_id="88"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.055.xml b/scripts/left-right-protocol-samples/pdu.055.xml
deleted file mode 100644
index 44a6af0b..00000000
--- a/scripts/left-right-protocol-samples/pdu.055.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="get" type="query" self_id="42" route_origin_id="88"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.056.xml b/scripts/left-right-protocol-samples/pdu.056.xml
deleted file mode 100644
index 554cf859..00000000
--- a/scripts/left-right-protocol-samples/pdu.056.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="get" type="reply" self_id="42" route_origin_id="88" as_number="12345" ipv4="10.0.0.44/32,10.2.0.6-10.2.0.77" ipv6="2002:a00::/48,2002:a02:6::-2002:a02:4d::"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.057.xml b/scripts/left-right-protocol-samples/pdu.057.xml
deleted file mode 100644
index 3eaa4d01..00000000
--- a/scripts/left-right-protocol-samples/pdu.057.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="list" type="query" self_id="42"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.058.xml b/scripts/left-right-protocol-samples/pdu.058.xml
deleted file mode 100644
index d4d72210..00000000
--- a/scripts/left-right-protocol-samples/pdu.058.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="list" type="reply" self_id="42" route_origin_id="88" as_number="12345" ipv4="10.0.0.44/32,10.2.0.6-10.2.0.77" ipv6="2002:a00::/48,2002:a02:6::-2002:a02:4d::"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.059.xml b/scripts/left-right-protocol-samples/pdu.059.xml
deleted file mode 100644
index 1d352b83..00000000
--- a/scripts/left-right-protocol-samples/pdu.059.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="destroy" type="query" self_id="42" route_origin_id="88"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.060.xml b/scripts/left-right-protocol-samples/pdu.060.xml
deleted file mode 100644
index 5e651518..00000000
--- a/scripts/left-right-protocol-samples/pdu.060.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <route_origin action="destroy" type="reply" self_id="42" route_origin_id="88"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.061.xml b/scripts/left-right-protocol-samples/pdu.061.xml
deleted file mode 100644
index 05c6ef32..00000000
--- a/scripts/left-right-protocol-samples/pdu.061.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <list_resources type="query" self_id="42" child_id="289"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.062.xml b/scripts/left-right-protocol-samples/pdu.062.xml
deleted file mode 100644
index 5d218eb1..00000000
--- a/scripts/left-right-protocol-samples/pdu.062.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <list_resources type="reply" self_id="42" child_id="289" valid_until="2008-04-01T00:00:00Z" subject_name="Wombats are us" ipv4="10.0.0.44/32,10.3.0.44/32" ipv6="fe80:deed:f00d::/48,fe80:dead:beef:2::-fe80:dead:beef:2::49" as="666"/>
-</msg>
diff --git a/scripts/left-right-protocol-samples/pdu.063.xml b/scripts/left-right-protocol-samples/pdu.063.xml
deleted file mode 100644
index 6b9f5cb2..00000000
--- a/scripts/left-right-protocol-samples/pdu.063.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<!--Automatically generated, do not edit.-->
-<msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
- <report_error self_id="42" error_code="your_hair_is_on_fire">bag_of_data</report_error>
-</msg>
diff --git a/scripts/left-right-schema.rnc b/scripts/left-right-schema.rnc
deleted file mode 100644
index 44ae964f..00000000
--- a/scripts/left-right-schema.rnc
+++ /dev/null
@@ -1,208 +0,0 @@
-# $Id$
-#
-# RelaxNG (Compact Syntax) Schema for RPKI left-right protocol.
-#
-# libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
-# run the compact syntax through trang to get XML syntax.
-
-default namespace = "http://www.hactrn.net/uris/rpki/left-right-spec/"
-
-# Top level PDU
-
-start = element msg {
- attribute version { xsd:positiveInteger { maxInclusive="1" } },
- ( self_elt | bsc_elt | parent_elt | child_elt | repository_elt | ro_elt |
- list_resources_elt | report_error_elt )*
-}
-
-# Tag attributes for bulk operations
-tag = attribute tag { xsd:token {maxLength="1024" } }?
-
-# Combinations of action and type attributes used in later definitions.
-# The same patterns repeat in most of the elements in this protocol.
-
-ctl_cq = attribute action { "create" }, attribute type { "query" }, tag
-ctl_sq = attribute action { "set" }, attribute type { "query" }, tag
-ctl_gq = attribute action { "get" }, attribute type { "query" }, tag
-ctl_lq = attribute action { "list" }, attribute type { "query" }, tag
-ctl_dq = attribute action { "destroy" }, attribute type { "query" }, tag
-ctl_cr = attribute action { "create" }, attribute type { "reply" }, tag
-ctl_sr = attribute action { "set" }, attribute type { "reply" }, tag
-ctl_gr = attribute action { "get" }, attribute type { "reply" }, tag
-ctl_lr = attribute action { "list" }, attribute type { "reply" }, tag
-ctl_dr = attribute action { "destroy" }, attribute type { "reply" }, tag
-
-# Base64 encoded DER stuff
-base64 = xsd:base64Binary { maxLength="512000" }
-
-# How we wrap trust anchor elements
-cms_ta = element cms_ta { base64 }
-https_ta = element https_ta { base64 }
-
-# Base definition for all fields that are really just SQL primary indices
-sql_id = xsd:token { maxLength="1024" }
-
-# <self/> element
-
-self_bool = (attribute rekey { "yes" }?,
- attribute reissue { "yes" }?,
- attribute revoke { "yes" }?,
- attribute run_now { "yes" }?,
- attribute publish_world_now { "yes" }?,
- attribute clear_extension_preferences { "yes" }?)
-
-self_payload = (attribute use_hsm { "yes" | "no" }?,
- attribute crl_interval { xsd:token { maxLength="1024" } }?,
- element extension_preference {
- attribute name { xsd:token { maxLength="1024" } },
- xsd:string { maxLength="512000" }
- }*)
-
-self_id = attribute self_id { sql_id }
-
-self_elt |= element self { ctl_cq, self_bool, self_payload }
-self_elt |= element self { ctl_cr, self_id }
-self_elt |= element self { ctl_sq, self_id, self_bool, self_payload }
-self_elt |= element self { ctl_sr, self_id }
-self_elt |= element self { ctl_gq, self_id }
-self_elt |= element self { ctl_gr, self_id, self_payload }
-self_elt |= element self { ctl_lq }
-self_elt |= element self { ctl_lr, self_id, self_payload }
-self_elt |= element self { ctl_dq, self_id }
-self_elt |= element self { ctl_dr, self_id }
-
-# <bsc/> element. Key parameters hardwired for now.
-
-bsc_bool = ((attribute generate_keypair { "yes" },
- attribute key_type { "rsa" }?,
- attribute hash_alg { "sha256" }?,
- attribute key_length { "2048" }?)?,
- attribute clear_signing_certs { "yes" }?)
-
-bsc_id = attribute bsc_id { sql_id }
-
-bsc_payload = (element signing_cert { base64 }*,
- element public_key { base64 }?)
-
-bsc_pkcs10 = element pkcs10_cert_request { base64 }?
-
-bsc_elt |= element bsc { ctl_cq, self_id, bsc_bool, bsc_payload }
-bsc_elt |= element bsc { ctl_cr, self_id, bsc_id, bsc_pkcs10 }
-bsc_elt |= element bsc { ctl_sq, self_id, bsc_id, bsc_bool, bsc_payload }
-bsc_elt |= element bsc { ctl_sr, self_id, bsc_id, bsc_pkcs10 }
-bsc_elt |= element bsc { ctl_gq, self_id, bsc_id }
-bsc_elt |= element bsc { ctl_gr, self_id, bsc_id, bsc_payload }
-bsc_elt |= element bsc { ctl_lq, self_id }
-bsc_elt |= element bsc { ctl_lr, self_id, bsc_id, bsc_payload }
-bsc_elt |= element bsc { ctl_dq, self_id, bsc_id }
-bsc_elt |= element bsc { ctl_dr, self_id, bsc_id }
-
-# <parent/> element
-
-parent_id = attribute parent_id { sql_id }
-
-parent_bool = (attribute rekey { "yes" }?,
- attribute reissue { "yes" }?,
- attribute revoke { "yes" }?)
-
-parent_payload = (attribute peer_contact_uri { xsd:anyURI { maxLength="1024" } }?,
- attribute sia_base { xsd:anyURI { maxLength="1024" } }?,
- attribute bsc_id { xsd:token { maxLength="1024" } }?,
- attribute repository_id { xsd:token { maxLength="1024" } }?,
- attribute sender_name { xsd:token { maxLength="1024" } }?,
- attribute recipient_name { xsd:token { maxLength="1024" } }?,
- cms_ta?,
- https_ta?)
-
-parent_elt |= element parent { ctl_cq, self_id, parent_bool, parent_payload }
-parent_elt |= element parent { ctl_cr, self_id, parent_id }
-parent_elt |= element parent { ctl_sq, self_id, parent_id, parent_bool, parent_payload }
-parent_elt |= element parent { ctl_sr, self_id, parent_id }
-parent_elt |= element parent { ctl_gq, self_id, parent_id }
-parent_elt |= element parent { ctl_gr, self_id, parent_id, parent_payload }
-parent_elt |= element parent { ctl_lq, self_id }
-parent_elt |= element parent { ctl_lr, self_id, parent_id, parent_payload }
-parent_elt |= element parent { ctl_dq, self_id, parent_id }
-parent_elt |= element parent { ctl_dr, self_id, parent_id }
-
-# <child/> element
-
-child_id = attribute child_id { sql_id }
-
-child_bool = attribute reissue { "yes" }?
-
-child_payload = (attribute bsc_id { xsd:token { maxLength="1024" } }?,
- cms_ta?)
-
-child_elt |= element child { ctl_cq, self_id, child_bool, child_payload }
-child_elt |= element child { ctl_cr, self_id, child_id }
-child_elt |= element child { ctl_sq, self_id, child_id, child_bool, child_payload }
-child_elt |= element child { ctl_sr, self_id, child_id }
-child_elt |= element child { ctl_gq, self_id, child_id }
-child_elt |= element child { ctl_gr, self_id, child_id, child_payload }
-child_elt |= element child { ctl_lq, self_id }
-child_elt |= element child { ctl_lr, self_id, child_id, child_payload }
-child_elt |= element child { ctl_dq, self_id, child_id }
-child_elt |= element child { ctl_dr, self_id, child_id }
-
-# <repository/> element
-
-repository_id = attribute repository_id { sql_id }
-
-repository_payload = (attribute peer_contact_uri { xsd:anyURI { maxLength="1024" } }?,
- attribute bsc_id { xsd:token { maxLength="1024" } }?,
- cms_ta?,
- https_ta?)
-
-repository_elt |= element repository { ctl_cq, self_id, repository_payload }
-repository_elt |= element repository { ctl_cr, self_id, repository_id }
-repository_elt |= element repository { ctl_sq, self_id, repository_id, repository_payload }
-repository_elt |= element repository { ctl_sr, self_id, repository_id }
-repository_elt |= element repository { ctl_gq, self_id, repository_id }
-repository_elt |= element repository { ctl_gr, self_id, repository_id, repository_payload }
-repository_elt |= element repository { ctl_lq, self_id }
-repository_elt |= element repository { ctl_lr, self_id, repository_id, repository_payload }
-repository_elt |= element repository { ctl_dq, self_id, repository_id }
-repository_elt |= element repository { ctl_dr, self_id, repository_id }
-
-# <route_origin/> element
-
-ro_id = attribute route_origin_id { sql_id }
-
-ro_bool = attribute suppress_publication { "yes" }?
-
-ro_payload = (attribute as_number { xsd:token { maxLength="1024" } }?,
- attribute ipv4 { xsd:token { maxLength="1024" } }?,
- attribute ipv6 { xsd:token { maxLength="1024" } }?)
-
-ro_elt |= element route_origin { ctl_cq, self_id, ro_bool, ro_payload }
-ro_elt |= element route_origin { ctl_cr, self_id, ro_id }
-ro_elt |= element route_origin { ctl_sq, self_id, ro_id, ro_bool, ro_payload }
-ro_elt |= element route_origin { ctl_sr, self_id, ro_id }
-ro_elt |= element route_origin { ctl_gq, self_id, ro_id }
-ro_elt |= element route_origin { ctl_gr, self_id, ro_id, ro_payload }
-ro_elt |= element route_origin { ctl_lq, self_id }
-ro_elt |= element route_origin { ctl_lr, self_id, ro_id, ro_payload }
-ro_elt |= element route_origin { ctl_dq, self_id, ro_id }
-ro_elt |= element route_origin { ctl_dr, self_id, ro_id }
-
-# <list_resources/> element
-
-list_resources_elt = element list_resources {
- ( attribute type { "query" }, tag, self_id, child_id ) |
- ( attribute type { "reply" }, tag, self_id, child_id,
- attribute valid_until { xsd:token { maxLength="1024" } },
- attribute subject_name { xsd:token { maxLength="1024" } }?,
- attribute as { xsd:token { maxLength="1024" } }?,
- attribute ipv4 { xsd:token { maxLength="1024" } }?,
- attribute ipv6 { xsd:token { maxLength="1024" } }?
- )
-}
-
-# <report_error/> element
-
-report_error_elt = element report_error {
- tag, self_id,
- attribute error_code { xsd:token { maxLength="1024" } },
- xsd:string { maxLength="512000" }?
-}
diff --git a/scripts/left-right-schema.rng b/scripts/left-right-schema.rng
deleted file mode 100644
index e0917fa9..00000000
--- a/scripts/left-right-schema.rng
+++ /dev/null
@@ -1,948 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- $Id$
-
- RelaxNG (Compact Syntax) Schema for RPKI left-right protocol.
-
- libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
- run the compact syntax through trang to get XML syntax.
--->
-<grammar ns="http://www.hactrn.net/uris/rpki/left-right-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
- <!-- Top level PDU -->
- <start>
- <element name="msg">
- <attribute name="version">
- <data type="positiveInteger">
- <param name="maxInclusive">1</param>
- </data>
- </attribute>
- <zeroOrMore>
- <choice>
- <ref name="self_elt"/>
- <ref name="bsc_elt"/>
- <ref name="parent_elt"/>
- <ref name="child_elt"/>
- <ref name="repository_elt"/>
- <ref name="ro_elt"/>
- <ref name="list_resources_elt"/>
- <ref name="report_error_elt"/>
- </choice>
- </zeroOrMore>
- </element>
- </start>
- <!-- Tag attributes for bulk operations -->
- <define name="tag">
- <optional>
- <attribute name="tag">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- </define>
- <!--
- Combinations of action and type attributes used in later definitions.
- The same patterns repeat in most of the elements in this protocol.
- -->
- <define name="ctl_cq">
- <attribute name="action">
- <value>create</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_sq">
- <attribute name="action">
- <value>set</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_gq">
- <attribute name="action">
- <value>get</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_lq">
- <attribute name="action">
- <value>list</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_dq">
- <attribute name="action">
- <value>destroy</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_cr">
- <attribute name="action">
- <value>create</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_sr">
- <attribute name="action">
- <value>set</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_gr">
- <attribute name="action">
- <value>get</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_lr">
- <attribute name="action">
- <value>list</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_dr">
- <attribute name="action">
- <value>destroy</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <!-- Base64 encoded DER stuff -->
- <define name="base64">
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </define>
- <!-- How we wrap trust anchor elements -->
- <define name="cms_ta">
- <element name="cms_ta">
- <ref name="base64"/>
- </element>
- </define>
- <define name="https_ta">
- <element name="https_ta">
- <ref name="base64"/>
- </element>
- </define>
- <!-- Base definition for all fields that are really just SQL primary indices -->
- <define name="sql_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </define>
- <!-- <self/> element -->
- <define name="self_bool">
- <optional>
- <attribute name="rekey">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="reissue">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="revoke">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="run_now">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="publish_world_now">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="clear_extension_preferences">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="self_payload">
- <optional>
- <attribute name="use_hsm">
- <choice>
- <value>yes</value>
- <value>no</value>
- </choice>
- </attribute>
- </optional>
- <optional>
- <attribute name="crl_interval">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <zeroOrMore>
- <element name="extension_preference">
- <attribute name="name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <data type="string">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </zeroOrMore>
- </define>
- <define name="self_id">
- <attribute name="self_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_cq"/>
- <ref name="self_bool"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="self_bool"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_lq"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- </element>
- </define>
- <!-- <bsc/> element. Key parameters hardwired for now. -->
- <define name="bsc_bool">
- <optional>
- <attribute name="generate_keypair">
- <value>yes</value>
- </attribute>
- <optional>
- <attribute name="key_type">
- <value>rsa</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="hash_alg">
- <value>sha256</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="key_length">
- <value>2048</value>
- </attribute>
- </optional>
- </optional>
- <optional>
- <attribute name="clear_signing_certs">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="bsc_id">
- <attribute name="bsc_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="bsc_payload">
- <zeroOrMore>
- <element name="signing_cert">
- <ref name="base64"/>
- </element>
- </zeroOrMore>
- <optional>
- <element name="public_key">
- <ref name="base64"/>
- </element>
- </optional>
- </define>
- <define name="bsc_pkcs10">
- <optional>
- <element name="pkcs10_cert_request">
- <ref name="base64"/>
- </element>
- </optional>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="bsc_bool"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_pkcs10"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_bool"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_pkcs10"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- </element>
- </define>
- <!-- <parent/> element -->
- <define name="parent_id">
- <attribute name="parent_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="parent_bool">
- <optional>
- <attribute name="rekey">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="reissue">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="revoke">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="parent_payload">
- <optional>
- <attribute name="peer_contact_uri">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="sia_base">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="bsc_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="repository_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="sender_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="recipient_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <ref name="cms_ta"/>
- </optional>
- <optional>
- <ref name="https_ta"/>
- </optional>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="parent_bool"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- <ref name="parent_bool"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <!-- <child/> element -->
- <define name="child_id">
- <attribute name="child_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="child_bool">
- <optional>
- <attribute name="reissue">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="child_payload">
- <optional>
- <attribute name="bsc_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <ref name="cms_ta"/>
- </optional>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="child_bool"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <ref name="child_bool"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <!-- <repository/> element -->
- <define name="repository_id">
- <attribute name="repository_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="repository_payload">
- <optional>
- <attribute name="peer_contact_uri">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="bsc_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <ref name="cms_ta"/>
- </optional>
- <optional>
- <ref name="https_ta"/>
- </optional>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <!-- <route_origin/> element -->
- <define name="ro_id">
- <attribute name="route_origin_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="ro_bool">
- <optional>
- <attribute name="suppress_publication">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="ro_payload">
- <optional>
- <attribute name="as_number">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv4">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv6">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="ro_bool"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- <ref name="ro_bool"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <!-- <list_resources/> element -->
- <define name="list_resources_elt">
- <element name="list_resources">
- <choice>
- <group>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </group>
- <group>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <attribute name="valid_until">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <optional>
- <attribute name="subject_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="as">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv4">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv6">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- </group>
- </choice>
- </element>
- </define>
- <!-- <report_error/> element -->
- <define name="report_error_elt">
- <element name="report_error">
- <ref name="tag"/>
- <ref name="self_id"/>
- <attribute name="error_code">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <optional>
- <data type="string">
- <param name="maxLength">512000</param>
- </data>
- </optional>
- </element>
- </define>
-</grammar>
diff --git a/scripts/make-relaxng.py b/scripts/make-relaxng.py
deleted file mode 100644
index 8011893a..00000000
--- a/scripts/make-relaxng.py
+++ /dev/null
@@ -1,27 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Script to generate rpki/relaxng.py."""
-
-print "# Automatically generated, do not edit."
-print
-print "import lxml.etree"
-
-for varname, filename in (("left_right", "left-right-schema.rng"),
- ("up_down", "up-down-schema.rng")):
- f = open(filename)
- print "\n## @var %s\n## Parsed RelaxNG %s schema\n%s = lxml.etree.RelaxNG(lxml.etree.fromstring('''%s'''))" % (varname, varname, varname, f.read())
- f.close()
diff --git a/scripts/resource-cert-samples.py b/scripts/resource-cert-samples.py
deleted file mode 100644
index 987734cc..00000000
--- a/scripts/resource-cert-samples.py
+++ /dev/null
@@ -1,248 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Generate an RPKI test repository.
-
-This script generates a toy RPKI repository for test purposes. It's
-designed to be relatively easy to reconfigure, making it simple to
-test whatever is of interest on a given day, without a lot of setup
-overhead.
-
-Outputs are a bunch of config files for the OpenSSL CLI tool and a
-makefile to drive everything.
-"""
-
-import rpki.resource_set, os
-
-subdir = "resource-cert-samples"
-openssl = "../../openssl/openssl/apps/openssl"
-keybits = 2048
-
-def main():
- """Main program, including the toy database itself."""
-
- db = allocation_db()
- db.add("ISP1", ipv4="192.0.2.1-192.0.2.33", asn="64533")
- db.add("ISP2", ipv4="192.0.2.44-192.0.2.100")
- db.add("ISP3", ipv6="2001:db8::44-2001:db8::100")
- db.add("ISP4", ipv6="2001:db8::10:0:44/128", asn="64544")
- db.add("ISP5a", ipv4="10.0.0.0/24", ipv6="2001:db8::a00:0/120")
- db.add("ISP5b", ipv4="10.3.0.0/24", ipv6="2001:db8::a03:0/120")
- db.add("ISP5c", asn="64534-64540")
- db.add("LIR1", children=["ISP1", "ISP2"])
- db.add("LIR2", children=["ISP3", "ISP4"])
- db.add("LIR3", children=["ISP5a", "ISP5b", "ISP5c"])
- db.add("RIR", children=["LIR1", "LIR2", "LIR3"])
-
- if not os.path.isdir(subdir):
- os.mkdir(subdir)
-
- for i in db:
- write_maybe("%s/%s.cnf" % (subdir, i.name), i.cfg_string())
-
- write_maybe("%s/Makefile" % subdir,
- "# Automatically generated, do not edit.\n" +
- "".join([i.makefile_rules() for i in db]))
-
-def write_maybe(name, new_content):
- """Write a file if and only if its contents have changed.
- This simplifies interactions with "make".
- """
- old_content = None
- if os.path.isfile(name):
- f = open(name, "r")
- old_content = f.read()
- f.close()
- if old_content != new_content:
- print "Writing", name
- f = open(name, "w")
- f.write(new_content)
- f.close()
-
-class allocation_db(list):
- """Class to represent an allocation database."""
-
- def __init__(self):
- self.allocation_map = {}
-
- def add(self, name, **kw):
- """Add a new entry to this allocation database.
- All arguments passed through to the allocation constructor.
- """
- self.insert(0, allocation(name = name, allocation_map = self.allocation_map, **kw))
-
-class allocation(object):
- """Class representing one entity holding allocated resources.
-
- In order to simplify configuration, this class automatically
- computes the set of resources that this entity must hold in order to
- serve both itself and its children.
- """
-
- parent = None
-
- def __init__(self, name, asn = None, ipv4 = None, ipv6 = None, children = [], allocation_map = None):
- """Create a new allocation entry.
-
- This binds the parent attributes of any children, and computes the
- transitive closure of the set of resources this entity needs.
- """
- self.name = name
- self.children = [allocation_map[i] for i in children]
- for child in self.children:
- assert child.parent is None
- child.parent = self
- self.asn = self.summarize("asn", rpki.resource_set.resource_set_as(asn))
- self.ipv4 = self.summarize("ipv4", rpki.resource_set.resource_set_ipv4(ipv4))
- self.ipv6 = self.summarize("ipv6", rpki.resource_set.resource_set_ipv6(ipv6))
- allocation_map[name] = self
-
- def summarize(self, attrname, seed = None):
- """Compute the transitive resource closure for one resource attribute."""
- if seed is None:
- seed = getattr(self, attrname)
- for child in self.children:
- seed = seed.union(child.summarize(attrname))
- return seed
-
- def __str__(self):
- return "%s\n ASN: %s\n IPv4: %s\n IPv6: %s" % (self.name, self.asn, self.ipv4, self.ipv6)
-
- def cfg_string(self):
- """Generate the OpenSSL configuration file needed for this entity."""
- keys = { "self" : self.name,
- "keybits" : keybits,
- "no_parent" : "#",
- "no_asid" : "#",
- "no_addr" : "#",
- "parent" : "???",
- "asid" : "???",
- "addr" : "???" }
- if self.parent:
- keys["no_parent"] = ""
- keys["parent"] = self.parent.name
- if self.asn:
- keys["no_asid"] = ""
- keys["asid"] = ",".join(["AS:" + str(x) for x in self.asn])
- if self.ipv4 or self.ipv6:
- keys["no_addr"] = ""
- keys["addr"] = ",".join(["IPv4:" + str(x) for x in self.ipv4] + ["IPv6:" + str(x) for x in self.ipv6])
- return openssl_cfg_fmt % keys
-
- def makefile_rules(self):
- """Generate the makefile rules needed for this entity."""
- keys = { "self" : self.name,
- "keybits" : keybits,
- "openssl" : openssl }
- if self.parent:
- keys["signconf"] = "%s.cnf" % self.parent.name
- keys["signdeps"] = "%s.key" % self.parent.name
- else:
- keys["signconf"] = "%s.cnf -selfsign" % self.name
- keys["signdeps"] = "%s.key" % self.name
- return makefile_fmt % keys
-
-makefile_fmt = '''\
-
-all:: %(self)s.cer
-
-%(self)s.key:
- %(openssl)s genrsa -out $@ %(keybits)d
-
-%(self)s.req: %(self)s.key %(self)s.cnf Makefile
- %(openssl)s req -new -config %(self)s.cnf -key %(self)s.key -out $@
-
-%(self)s.cer: %(self)s.req %(self)s.cnf %(signdeps)s Makefile
- @test -d %(self)s || mkdir %(self)s
- @test -f %(self)s/index || touch %(self)s/index
- @test -f %(self)s/serial || echo 01 >%(self)s/serial
- %(openssl)s ca -batch -out $@ -in %(self)s.req -extfile %(self)s.cnf -config %(signconf)s
-
-
-show_req::
- %(openssl)s req -noout -text -in %(self)s.req -config /dev/null
-
-show_cer::
- %(openssl)s x509 -noout -text -in %(self)s.cer
-'''
-
-openssl_cfg_fmt = '''# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = %(self)s.cer
-serial = %(self)s/serial
-private_key = %(self)s.key
-database = %(self)s/index
-new_certs_dir = %(self)s
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = %(keybits)d
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY %(self)s
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/%(self)s/
-%(no_parent)sauthorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/%(parent)s.cer
-%(no_asid)ssbgp-autonomousSysNum = critical,%(asid)s
-%(no_addr)ssbgp-ipAddrBlock = critical,%(addr)s
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-%(no_parent)sauthorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/%(self)s/
-%(no_parent)sauthorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/%(parent)s.cer
-%(no_asid)ssbgp-autonomousSysNum = critical,%(asid)s
-%(no_addr)ssbgp-ipAddrBlock = critical,%(addr)s
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
-'''
-
-main()
diff --git a/scripts/resource-cert-samples/.stamp b/scripts/resource-cert-samples/.stamp
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/.stamp
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP1.cer b/scripts/resource-cert-samples/ISP1.cer
deleted file mode 100644
index db526ea5..00000000
--- a/scripts/resource-cert-samples/ISP1.cer
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha256WithRSAEncryption
- 2f:cc:ba:e1:32:d5:77:93:89:d2:62:00:83:52:99:02:11:31:
- 50:c2:8f:84:ba:52:22:cd:76:f0:b6:ef:f1:3d:9e:20:02:11:
- be:41:38:d0:88:df:2f:8b:f8:86:0c:f7:f4:50:4a:5e:7a:e8:
- b2:63:9a:dc:eb:0a:eb:c8:a4:3c:b5:83:c8:ef:22:61:28:35:
- 14:23:1e:be:f6:2b:af:76:59:a3:1c:47:e9:db:60:0f:5a:18:
- 87:c3:c5:96:27:68:bd:2d:cc:24:e2:b6:e9:8d:5e:7f:ba:d9:
- bc:7d:5a:14:67:8c:17:40:ea:09:31:4d:83:39:e0:a9:e7:eb:
- fe:a3:37:cc:f9:45:80:17:20:57:50:be:38:48:6a:e5:4f:13:
- 55:05:07:2a:7b:9f:f2:da:96:27:a2:df:67:07:44:6c:c5:a7:
- 14:73:ac:58:97:83:5c:28:e3:4b:f0:18:f7:9d:be:6b:50:e9:
- 90:c8:64:5c:6d:17:98:ed:8c:ba:b0:2c:26:61:bc:d2:75:a8:
- 30:63:7a:5e:61:62:aa:91:e8:b2:11:b1:7d:b7:65:46:c9:17:
- 02:5a:e9:da:96:fa:5d:1b:de:0d:ff:c0:5c:33:b5:81:6e:a5:
- 3b:cc:11:c8:b0:7e:88:bc:d9:98:2c:96:c1:ed:fe:98:ff:d3:
- f1:96:e2:5c
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIBGjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCARQwggEQMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgw
-FgQCAAEwEDAOAwUAwAACAQMFAcAAAiAwDQYJKoZIhvcNAQELBQADggEBAC/MuuEy
-1XeTidJiAINSmQIRMVDCj4S6UiLNdvC27/E9niACEb5BONCI3y+L+IYM9/RQSl56
-6LJjmtzrCuvIpDy1g8jvImEoNRQjHr72K692WaMcR+nbYA9aGIfDxZYnaL0tzCTi
-tumNXn+62bx9WhRnjBdA6gkxTYM54Knn6/6jN8z5RYAXIFdQvjhIauVPE1UFByp7
-n/Laliei32cHRGzFpxRzrFiXg1wo40vwGPedvmtQ6ZDIZFxtF5jtjLqwLCZhvNJ1
-qDBjel5hYqqR6LIRsX23ZUbJFwJa6dqW+l0b3g3/wFwztYFupTvMEciwfoi82Zgs
-lsHt/pj/0/GW4lw=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/ISP1.cnf b/scripts/resource-cert-samples/ISP1.cnf
deleted file mode 100644
index b43440bf..00000000
--- a/scripts/resource-cert-samples/ISP1.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = ISP1.cer
-serial = ISP1/serial
-private_key = ISP1.key
-database = ISP1/index
-new_certs_dir = ISP1
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY ISP1
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP1/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-sbgp-autonomousSysNum = critical,AS:64533
-sbgp-ipAddrBlock = critical,IPv4:192.0.2.1-192.0.2.33
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP1/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-sbgp-autonomousSysNum = critical,AS:64533
-sbgp-ipAddrBlock = critical,IPv4:192.0.2.1-192.0.2.33
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/ISP1.key b/scripts/resource-cert-samples/ISP1.key
deleted file mode 100644
index 515efd60..00000000
--- a/scripts/resource-cert-samples/ISP1.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA64BUenRL5IEV0CUtXiG+R+Yxq+L+eVVItzZVPdwRiFu3Nr7T
-u9cWjfhL9MW9NMSOLGeX5icQQMU29LZsuSmCLnawKepDmtEw3gWhwVR8F2cd/Cnd
-gFOygTDbE+4+5l3HvD2mEW2Bd7efPjbffNbSWiI2aHwUzKxU7a794s2xo12pZewb
-i0vPgI6mmI9psaY1vWnJLmZ/IhFmVsV1TIGjbklxDfV1hxPoYugaDKgwgWq+kFkj
-O2HAFV9ov7XJP686on+AAXj29FXK7sqNCJvFPnSYArILptjobniIe5V2tsq+8YCp
-3eg8gJHOP/0L3bfYpoyUIAcZdPqG/8uXw/ak5wIDAQABAoIBAQDGU9TRK4+eaHeO
-S0DhvVkaA+pg71GPrRsH8GHpLqQ1ScgJ+rslvgXomeqdwMmO3tk83CE4Wj19zphx
-jhAR/7r6lknVgsxcXT/iOqv2vMekjdraugcoQ1RZKGPXbRTbvK6xANoSYz5dK+6X
-3m5oHCIadiWL6LM7iwYbBPwbPU8UW/bevhjBGLQLaeFooQ/MFFxKiVnvTMd6lzGA
-M9r83GcvB7S+rj6TcJRFq9YDajtjHoOeTNljy7bTPlbG+wtxVK3y6/BbH0tMO9mv
-snyktOyLWB/wue9/9H46Hzt8vExw8URT0k/hvJeTOwemIpWy7++QXRa+vW/02kqq
-A6GFhhbBAoGBAPqZ43SzlNPj8hccbjsjTQfoq4iW3BJTyMfba+VZfs+g+d+Rg60I
-UKnrCM4SCDOiw6d3sI+lrkyOepgzW5FdwORvncYIxUCxonDzwVv4uAVSR6JMl47X
-MrJkMm4lImo/VzSxRyYDmYaXARGNiSQN73Bv9rVm+auDIW3hb08ofoSVAoGBAPCT
-KcDbty6A1ANInSde3pOLw9WvJYmHhvCHH/6sNsuV4NxzCuYPvjLmJzrW0NNvBstp
-xZhxWYd+x9MofU9jUmrLfk1TugcGl2txBCl++u+HhS9ClMpkilowSHOiqvaWHLkE
-3CyYiI3Wevqo+utiqaJItYa5jXQ+BJbtiSqeoAiLAoGBALhAFw1B0AXujZtSavWO
-Id/TwPK/QHU1JuVSvcS2BVexGqa2/WJmP7B+v02L0n3siQADL0yeW0WsaBSphgSe
-MumB6zWkUysar71uatctSleXRFXfDHuYW4zvwGhdYy1M/tgeE5qugN2E/uMh9hgN
-KuO3XmPHn3/r/NMmMcm4kzT1AoGBANUwxLaIvttyBO/oAIRsOPgtylzpum0W8gji
-5gKM4H4nkr4pIMZhux5mAOvOg/5qjG3kjNubz0gYnMJORkX88YN8U6/4+4jQWY03
-+QVA5uUvhmIsMajt0gE8emgnBjRBMLDxUqAeiByRrifFaZ8Aru0GW/9JHcaeUvjh
-BUYEjjMjAoGAW3wL8KyxoJMfC6BRC1rU6ZQovwVLa0dpRaUNh5Qi/G4wkzRKiu7l
-04MXoMggDF1XOl4noyjFsbnaZRUAbfVXalHOMIGWMXVlQy7u/RXOXcVJ2rgZj5z+
-Tt9aoZ1exEXzkm+IMfj8GqsXuv5qcgN1WibkhrC4KpJFbEFz35FGBTI=
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/ISP1.req b/scripts/resource-cert-samples/ISP1.req
deleted file mode 100644
index eebdcca1..00000000
--- a/scripts/resource-cert-samples/ISP1.req
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDiTCCAnECAQAwGzEZMBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlV
-SLc2VT3cEYhbtza+07vXFo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rR
-MN4FocFUfBdnHfwp3YBTsoEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMys
-VO2u/eLNsaNdqWXsG4tLz4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT
-6GLoGgyoMIFqvpBZIzthwBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY
-6G54iHuVdrbKvvGAqd3oPICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaCC
-AScwggEjBgkqhkiG9w0BCQ4xggEUMIIBEDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBRm7CkhLnaDGTntju23BqhM5Q4uETAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYB
-BQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0lTUDEvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAoYocnN5bmM6
-Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAaBggrBgEFBQcBCAEB
-/wQLMAmgBzAFAgMA/BUwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgABMBAwDgMFAMAA
-AgEDBQHAAAIgMA0GCSqGSIb3DQEBBQUAA4IBAQCx9lXfyZUDlBicMfvtaMwLWtGr
-kkYIccWF1QALOSihij3D1eZk5gRVElivTHwFr/FAVceNmbWij7Bj62qV19ayVju4
-kfuYQKzAA+ncMk4VxYCrJAbhcnF7OCwGM90S5MX2n/SfHqaufNv86aJCJ/q09Knl
-wta4E45lKUt3GGwHPeXxqCPGqmtUOFt1L//ZDBn9NEB9xZQK4+iZGYvx1TVfXLR6
-w7uUIwkWKD0mY1+JJ2iJuFWvs4hWiWQFnesMEBthIYIWEceXrvYK96jG3Q6PwpxK
-zLrGOdYQunifeSNoxis2jJ8cyKcBNNEa+XxEc1IJP5ySJyfJU651IGboFNiL
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/ISP1/index b/scripts/resource-cert-samples/ISP1/index
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/ISP1/index
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP1/serial b/scripts/resource-cert-samples/ISP1/serial
deleted file mode 100644
index 8a0f05e1..00000000
--- a/scripts/resource-cert-samples/ISP1/serial
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/scripts/resource-cert-samples/ISP2.cer b/scripts/resource-cert-samples/ISP2.cer
deleted file mode 100644
index e6fdd880..00000000
--- a/scripts/resource-cert-samples/ISP2.cer
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 3d:68:dd:9f:54:93:58:2f:8b:c5:22:5a:10:22:09:ed:5d:90:
- c9:57:ea:9f:e9:99:eb:58:42:26:38:81:ef:14:a0:3f:64:ca:
- 06:ae:87:24:3d:6a:d5:94:b7:78:95:8d:00:7d:5b:eb:6d:2f:
- 72:ff:4c:a6:a9:a2:cf:9b:fa:41:04:b2:71:b4:cf:eb:91:0e:
- 71:98:72:05:84:b0:a2:bb:fe:68:6f:e3:92:f9:a6:c9:97:19:
- 79:c5:39:c0:87:ad:e7:89:bb:bc:84:86:ee:87:55:31:be:da:
- 26:8d:e8:84:bf:44:94:0b:b4:e5:52:bb:1a:0d:04:d6:a6:3c:
- 66:ef:d1:44:3b:a1:b2:bc:a3:8e:5a:43:39:28:a0:2a:6a:10:
- 3b:da:b6:5f:bd:e0:d7:ba:c5:d3:51:de:79:39:8f:92:91:a4:
- ca:cd:62:b4:66:a1:02:f3:50:91:27:22:1f:bc:3d:68:da:e0:
- 15:6c:9a:b0:1b:49:e2:53:84:3a:d3:75:09:87:d5:29:d8:58:
- 86:8d:38:8a:87:fa:2d:43:f0:3a:06:e5:58:e9:32:84:c4:3f:
- d0:c2:cd:2b:2e:75:ec:d7:dc:3b:39:14:0f:e7:99:23:1f:88:
- 84:9f:a6:73:90:4b:e4:60:92:07:c5:90:a4:f2:ed:e3:7e:a8:
- 8c:2d:f6:e8
------BEGIN CERTIFICATE-----
-MIIDqTCCApGgAwIBAgIBGTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOB9zCB9DAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEF
-BQcwAoYocnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAp
-BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUCwAACLAMFAMAAAmQwDQYJKoZI
-hvcNAQELBQADggEBAD1o3Z9Uk1gvi8UiWhAiCe1dkMlX6p/pmetYQiY4ge8UoD9k
-ygauhyQ9atWUt3iVjQB9W+ttL3L/TKapos+b+kEEsnG0z+uRDnGYcgWEsKK7/mhv
-45L5psmXGXnFOcCHreeJu7yEhu6HVTG+2iaN6IS/RJQLtOVSuxoNBNamPGbv0UQ7
-obK8o45aQzkooCpqEDvatl+94Ne6xdNR3nk5j5KRpMrNYrRmoQLzUJEnIh+8PWja
-4BVsmrAbSeJThDrTdQmH1SnYWIaNOIqH+i1D8DoG5VjpMoTEP9DCzSsudezX3Ds5
-FA/nmSMfiISfpnOQS+RgkgfFkKTy7eN+qIwt9ug=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/ISP2.cnf b/scripts/resource-cert-samples/ISP2.cnf
deleted file mode 100644
index befdf77b..00000000
--- a/scripts/resource-cert-samples/ISP2.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = ISP2.cer
-serial = ISP2/serial
-private_key = ISP2.key
-database = ISP2/index
-new_certs_dir = ISP2
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY ISP2
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP2/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv4:192.0.2.44-192.0.2.100
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP2/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv4:192.0.2.44-192.0.2.100
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/ISP2.key b/scripts/resource-cert-samples/ISP2.key
deleted file mode 100644
index fdff214b..00000000
--- a/scripts/resource-cert-samples/ISP2.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA0HffxCGvG1prqKco10PIm20l2I1/kSvjlf2SYKwUEtcjaIVL
-Dtsr5jjgSNsYN49AwJBYDj8JZ1+OPwR1BmCSQvPkRQQ1lV3pIkIs9lymfXmM4QgZ
-fDWdOv3n/5spte6JR8wNg6Dhc68fCYSoC4PMeYi/fB1z1qtCG2SaXBmDK53lrUxY
-BXaVcCPupcAxyqKnyB0e8snyPTiCwlPlVIbyfLFz4dzphnMIrFk7vi9YwULFgBiM
-OgoqMvb+KNAoUoPGMGlRkFkZm9PUwuBSasFOWZoY5HguV/l/K112KMnJxX7lQ6Gb
-aNIGHL4/afnC+p5PaM9jb9tt/Gc1wLFuCjfsMwIDAQABAoIBAQCXyZCOGBCNlAqr
-Y/risiIQuSpDQNPPeetdvKGl7eU3ypmnctYx3Pdby7HSmmRJn+5/xxm2VcOdFwBV
-dgNXP11/jmF4txXkydoD7bcbMl6vIZ+oAeO8grUWzOTtQabfJu2h7zsvyiYduzaY
-EZThvXdWTnFOB4velBewJlIWGSVezWqRr5T156dGA6RetSIZhGidm+HGA2o5cSPW
-jRC9gPL9PGEXmjpFeKqLMobIZvPnSnM03oZ76IJ/B/nInfk3uCBGmldspBa3Pcyl
-mP85VfYR83UQUigZeVHxgQN+ijDSGJHLp5dXCfkp/DO0MiRtobHBgvRP8+e8t2J7
-p2q+bRaBAoGBAOfyNu6z26DGIm1iYBeK114EiN/cXzIUD62eFmU9DESiGIrJzrfJ
-xpJyb70v42nCXCFoyM4HLeNqXEGhzOb3s1ueUlSqMoxp2RJ8ygedlN/YwtAb8+4+
-sQjQxGH1zwDbKeNSvKU3wtNs1HC1FU3I7yZaYc2NxB2y1Qmct/EIvO+TAoGBAOYW
-XERTVFkTDjTzn8orgGIkS0FtXTgdQMDBvJj1yiQCJn94imQrEQq/XMY/Kp2/w/W8
-rdtOWDlPP7vDLOtsFOzsAxsIkvfJpt/plpU1zaNN/BTthE1BX1HY1ql74QE5Kp13
-gzVwmrcaR79nZz/hH/yLBz8bcK7YTV38MzkDMrThAoGBAK3uo6TiuOraSYzPPZHJ
-6vC049NDVRufkZY3O0IVwnJhP5gr91k49TByojozhAyV1DK1egeNuKqV4rLQ22/E
-BfrJQaH9s0Q6R66mZ3XIhJBL4uLeY1CgMG+U5f8zrlRNBR9TtuUKaI3VSYVvNZeL
-+1I+aqMTESLYLQs1O3aDf/MDAoGBAKKjSaMOWAACpTcuwlNQvpYg24Uq/gqtOtlF
-2L8ydilPz9Co7wHxI0G6lKSZf9Ez/RtVvHrZfSk9aGqbgsQCiSQTi/pu7Bv00V1T
-KxrbhjkZ5ccRQUSuoecj5FC2/Qw1UXcvRHLg3qvxCqg0OlqAEnEcAQpNpjAhO0bk
-/3wcU5phAoGAWkhNG8ehVyEeoAbw4A/ij66C3QjTQVMISqzGPERhxKKfAPdmgOeZ
-C6Gs+XTV3Y5w6cO6S74lLNvI0n2C759P4eAk2HxN/NwC5yxJNH/z+3lIV4LfY54+
-O96PzPOAAaHbjl7LklcM/E3AEZgI0Sx+U9yr+EQcijoR0QvyjdFXY38=
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/ISP2.req b/scripts/resource-cert-samples/ISP2.req
deleted file mode 100644
index 63ee5838..00000000
--- a/scripts/resource-cert-samples/ISP2.req
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDazCCAlMCAQAwGzEZMBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er
-45X9kmCsFBLXI2iFSw7bK+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd
-6SJCLPZcpn15jOEIGXw1nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9ar
-QhtkmlwZgyud5a1MWAV2lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZz
-CKxZO74vWMFCxYAYjDoKKjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5
-fytddijJycV+5UOhm2jSBhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaCC
-AQkwggEFBgkqhkiG9w0BCQ4xgfcwgfQwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUc7IWGs3c1zBgD/qBlfii9U6V860wDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9JU1AyLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMS5jZXIwKQYIKwYBBQUHAQcBAf8E
-GjAYMBYEAgABMBAwDgMFAsAAAiwDBQDAAAJkMA0GCSqGSIb3DQEBBQUAA4IBAQAA
-OhLVxJb0yeEqJ1TPd9J95a+mbWXtF2QbEDk6cJ+9Xd+5S/G7e7O7oVZfDyN4K5VT
-IsI+G4Rm9+bt1OaGsFz5DUC7fxVUnvTWykP8w/LMBdJcLxVc/ugPvKQZ0Z6TxaZo
-excGiDlkYCdUUxl3CoALC/pIMnNruqHCad2b9WkphGyk89diN5enRV14bcS622na
-FOfmpt+5RqO4EQK3NivX9T6YbLj80vZW95CxI/PRjqt5RsDhl1cYJ5+pexVOa10B
-BwA/R7S658Rs35Ad/DWM36DHVrGYBU2IRpyhnsADixZLXxWlhz9CqNvj+DWQvqpa
-IH++V9c1MUulNBZdmf7K
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/ISP2/index b/scripts/resource-cert-samples/ISP2/index
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/ISP2/index
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP2/serial b/scripts/resource-cert-samples/ISP2/serial
deleted file mode 100644
index 8a0f05e1..00000000
--- a/scripts/resource-cert-samples/ISP2/serial
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/scripts/resource-cert-samples/ISP3.cer b/scripts/resource-cert-samples/ISP3.cer
deleted file mode 100644
index e8e63c2a..00000000
--- a/scripts/resource-cert-samples/ISP3.cer
+++ /dev/null
@@ -1,89 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha256WithRSAEncryption
- 01:16:7e:4c:bd:b7:d8:6c:23:58:7f:26:76:ac:97:37:06:64:
- 2d:a8:66:59:65:d3:9a:1c:d6:79:11:d3:e9:87:cc:1f:a9:9d:
- 8b:74:1e:f0:b7:47:58:e9:40:e0:d5:29:2b:1f:5b:89:72:2c:
- fe:ca:cf:8a:04:e6:3e:e8:d9:f6:26:15:18:c4:67:10:c4:a8:
- 13:59:1b:cc:04:e8:96:a9:68:c8:90:54:e9:16:16:c0:7f:dd:
- 1a:7d:5a:af:82:26:70:ff:c4:34:3f:d6:f3:3e:0b:45:61:f9:
- a4:5e:59:b9:cf:6b:6b:32:f1:8d:2e:4f:78:de:ac:0d:5f:1e:
- b0:59:b2:a9:c5:a4:cc:48:87:50:6c:8d:7d:41:ef:cd:68:4d:
- 3b:e7:a9:f2:2d:50:ad:7e:d0:84:51:03:55:b6:a3:f1:e3:0a:
- 46:f8:e7:23:b6:7b:76:5d:8b:13:a5:14:ac:07:e5:9c:13:df:
- 6f:b2:a0:48:3d:00:3e:f0:16:7f:6d:b4:c0:e7:1f:8d:86:7b:
- 9e:6e:31:17:22:98:d4:53:82:6b:21:01:d2:82:10:9f:43:fc:
- c5:df:92:56:b9:eb:10:44:dc:46:58:82:3b:05:54:14:58:e1:
- 2c:f8:2f:ca:e3:54:0b:d1:f1:87:5a:67:9f:3b:b3:a7:28:b3:
- bb:5b:bf:1c
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIBGjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCARAwggEMMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABE
-AxEAIAENuAAAAAAAAAAAAAABADANBgkqhkiG9w0BAQsFAAOCAQEAARZ+TL232Gwj
-WH8mdqyXNwZkLahmWWXTmhzWeRHT6YfMH6mdi3Qe8LdHWOlA4NUpKx9biXIs/srP
-igTmPujZ9iYVGMRnEMSoE1kbzATolqloyJBU6RYWwH/dGn1ar4ImcP/END/W8z4L
-RWH5pF5Zuc9razLxjS5PeN6sDV8esFmyqcWkzEiHUGyNfUHvzWhNO+ep8i1QrX7Q
-hFEDVbaj8eMKRvjnI7Z7dl2LE6UUrAflnBPfb7KgSD0APvAWf220wOcfjYZ7nm4x
-FyKY1FOCayEB0oIQn0P8xd+SVrnrEETcRliCOwVUFFjhLPgvyuNUC9Hxh1pnnzuz
-pyizu1u/HA==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/ISP3.cnf b/scripts/resource-cert-samples/ISP3.cnf
deleted file mode 100644
index ded3be5d..00000000
--- a/scripts/resource-cert-samples/ISP3.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = ISP3.cer
-serial = ISP3/serial
-private_key = ISP3.key
-database = ISP3/index
-new_certs_dir = ISP3
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY ISP3
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP3/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv6:2001:db8::44-2001:db8::100
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP3/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv6:2001:db8::44-2001:db8::100
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/ISP3.key b/scripts/resource-cert-samples/ISP3.key
deleted file mode 100644
index ad66c7a0..00000000
--- a/scripts/resource-cert-samples/ISP3.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA0SR1wUQpEpr+jB0eAaoF6h9HqxqNz9JCoTF9nD5mcs4s3wEX
-FUBAlNGubdfK/VLZ7F/wZDCjQnChoW8FLRDusQVlP/LBeITMHWbuNVLHrpl2sWNN
-wS4k+/dDLQshDdPWt89gUEk9F1M+K/holX4cxeIecwaMslOhcDnZnuVW/FjQs/OQ
-N1puWjvvBb7xZC8xLlpY8jB6c1J/uA1xPGNSFw+3BzvDRrmciLxz3xRavBb8+Hmw
-oUGHBflSqDZhYt6QaCGDu4yDR6+7gj5EKJcrAqiBBAUWzb/vngL5VGYqKJl5K7UZ
-ENTfNZXzP/oTagZv9Tgo1rYLinBbjXCNNJmWPwIDAQABAoIBAD88rv5JBcJCa0Ui
-aLhIGJG584mg9dAo20yyEjD0DTYZcSfcxIYAb4aQABXmcdI3Av2d5Knmqvaj57tQ
-PlhqDkIoR30WgblXLgCV5uDorsf0TxdD13bZ5QTqtr0f6Fat/vaFFbIw8u/ik6Hn
-8neBMmIDBQHysQgakW3FkC+jWLHj/OgtEfCxa4eE3chJkkiGmTFVnHsYEdv+yZVS
-3lLAoRyl6yfU/AH7QSM/UXPq41kkGViKgB4MgIBUuoHxCOnPomlGKZ8A83ba2Prf
-h1/RQPWdQCQJkVai4tC3sDsiJPzxF97zTBl2vjXE2TY7Ow2jF+cxY81F3qXGecef
-ATrevYECgYEA8YgdTsZqAaPBkWUReqBFJSusxQzcMQQTCN81mPqiGDYqUuTKbG/i
-86LGnw/2/J03bhdydak9BbsXqcpClqdV6RcDng49VW0HZsS5mebPqh9dkT7qFhf0
-JE0ocC0MHypl0zti1BfR3GL6yVD1fkzRl72s3tVhRPCJ3uchWBEGcukCgYEA3auo
-B8zgw55kYwnlp1AmYbBtHXJYJnMQQ6KhOniLVJQD/EvIAD6cvjU5dyGizZWG9E9A
-/rVL8G+A4vekElFiq1X3hED24rh4YNyeyKaJywFJnz416GuJHTn7FDo79149TQ51
-eQAAvdRS1NYNjrHzw+5AbKUe4R2Ay6JfN0j89ucCgYEA0x6cJ5BNdrNx7in+1kYj
-SnNbqD4udfXOwZGB4v8pEqq94gk0WwaNxVKB9OVaicLOgb+i/+/3c/vumi4+eDs6
-X+0K72wY9oO/1XedmEXlPRn/iocIzFkRwW1kLHFjyBYiPToKj8NmYBJwjenjPAvf
-pJhZ88lmJYFvsdQsFDOFhIkCgYBBcg2xB98QQjJXPzPLexFp5CHDAOBfsbcKkPhT
-AAX62Zx3n5QT5mh2i9ZEguzDD7OBa+i/ip06BmGiIQUS125vMXlbVabOdzIrPteu
-W+Twx5eJ6V8XGLCprVWgujS8KtmkZ3FtYP/XC9nMtsnX6FgU78GbkgCU7BX7iRvd
-gbIV3wKBgQDwLIYE6CuhmD68vELr2PLX8Su9VsxSBBwZKYAfLIOkacANFRSKkngN
-eFwWUOzhF6kc1cIrZJHLRUsqYx6VGgWZbXLQ0eOYgicdmXRYAOwH5569i5bQTjvp
-wBQ49yr3PKKbJiuNSpHAfXtmN8PlTcH7KOBqWBMzM7+XNld2yEn6Dg==
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/ISP3.req b/scripts/resource-cert-samples/ISP3.req
deleted file mode 100644
index 778b5d87..00000000
--- a/scripts/resource-cert-samples/ISP3.req
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDhTCCAm0CAQAwGzEZMBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/S
-QqExfZw+ZnLOLN8BFxVAQJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiE
-zB1m7jVSx66ZdrFjTcEuJPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJT
-oXA52Z7lVvxY0LPzkDdablo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5
-nIi8c98UWrwW/Ph5sKFBhwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/
-754C+VRmKiiZeSu1GRDU3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaCC
-ASMwggEfBgkqhkiG9w0BCQ4xggEQMIIBDDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBThly4ZcLV//IJPMz1rLN6amzY9fjAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYB
-BQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0lTUDMvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAoYocnN5bmM6
-Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLmNlcjBBBggrBgEFBQcBBwEB
-/wQyMDAwLgQCAAIwKDAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAA
-AAAAAQAwDQYJKoZIhvcNAQEFBQADggEBAMA7nOGLldNHO8nRhTnDGiNPWIf+YRB1
-tsbUmD1IhvZiQQnl4s871cxid0cBAOJpY7glGJZ6XbHmLRtLpROkDHURt23QmFy5
-0RL3iQSRb0/yW7yP5hxtmPyU5FlgM/4Ft5np3OD2n9zNeAI/biH7VUMKQ12CzLf7
-PLBsfBK1dbUojxA8gi2s8xbIH9OMxPqJybx664JPOxR0NTaQRdS55jQhpHG10SxY
-mvbB6htt/nM4GG6FKfOsggMp0J6tdWhqJOljFGW07jZwUbHBZX1AsQJAl6B5Ykx7
-4B4SMGLiZXMfG1r72UcWCUlNyd/xo4GT9ay7hB6isl9U2Ac1nsTrdEw=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/ISP3/index b/scripts/resource-cert-samples/ISP3/index
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/ISP3/index
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP3/serial b/scripts/resource-cert-samples/ISP3/serial
deleted file mode 100644
index 8a0f05e1..00000000
--- a/scripts/resource-cert-samples/ISP3/serial
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/scripts/resource-cert-samples/ISP4.cer b/scripts/resource-cert-samples/ISP4.cer
deleted file mode 100644
index b8a5574d..00000000
--- a/scripts/resource-cert-samples/ISP4.cer
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 7d:61:80:4e:39:a7:2f:32:90:94:a0:93:18:80:b5:2c:28:44:
- ab:84:74:d5:e2:94:b6:7a:b2:1a:ae:54:f1:61:53:c8:b1:fc:
- cc:96:0e:44:b3:62:a1:05:a0:e4:d5:ad:0b:96:86:53:0e:f9:
- 17:04:e5:30:ab:21:20:3e:91:66:30:08:a4:c2:4e:14:a6:80:
- 41:90:0c:a6:d6:14:43:0e:2b:60:55:8f:01:64:d6:72:24:43:
- e9:b1:67:6b:da:a1:fe:93:0d:03:85:bb:49:49:13:13:70:db:
- a7:a8:70:e5:93:12:7c:4d:fe:ba:d0:13:f4:7e:23:c7:2c:ea:
- 7b:a1:2a:75:39:39:ba:b3:58:ec:c6:8e:89:ce:6b:3e:d0:0d:
- 90:e5:e0:ef:41:f8:0b:5c:0a:cf:ec:3d:1e:c7:33:ad:2a:57:
- 34:cc:77:2a:f7:e6:7c:73:f0:79:c0:34:d1:a5:07:f6:fb:66:
- 4a:c4:1f:72:51:30:e5:af:9a:f6:63:da:8d:b3:90:b5:62:9e:
- 53:ff:29:77:50:2f:6c:cc:86:80:e9:3a:a9:eb:4b:d2:bf:d0:
- c0:77:4f:9e:ed:57:7a:0d:f9:65:93:87:5a:f4:a9:35:8c:4d:
- 19:d0:56:a0:36:38:51:5d:52:54:a5:1f:ce:6f:30:7c:27:71:
- da:42:79:8e
------BEGIN CERTIFICATE-----
-MIIDyjCCArKgAwIBAgIBGTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCARcwggETMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBsw
-GQQCAAIwEwMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQELBQADggEBAH1h
-gE45py8ykJSgkxiAtSwoRKuEdNXilLZ6shquVPFhU8ix/MyWDkSzYqEFoOTVrQuW
-hlMO+RcE5TCrISA+kWYwCKTCThSmgEGQDKbWFEMOK2BVjwFk1nIkQ+mxZ2vaof6T
-DQOFu0lJExNw26eocOWTEnxN/rrQE/R+I8cs6nuhKnU5ObqzWOzGjonOaz7QDZDl
-4O9B+AtcCs/sPR7HM60qVzTMdyr35nxz8HnANNGlB/b7ZkrEH3JRMOWvmvZj2o2z
-kLVinlP/KXdQL2zMhoDpOqnrS9K/0MB3T57tV3oN+WWTh1r0qTWMTRnQVqA2OFFd
-UlSlH85vMHwncdpCeY4=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/ISP4.cnf b/scripts/resource-cert-samples/ISP4.cnf
deleted file mode 100644
index f9effea4..00000000
--- a/scripts/resource-cert-samples/ISP4.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = ISP4.cer
-serial = ISP4/serial
-private_key = ISP4.key
-database = ISP4/index
-new_certs_dir = ISP4
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY ISP4
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP4/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-sbgp-autonomousSysNum = critical,AS:64544
-sbgp-ipAddrBlock = critical,IPv6:2001:db8::10:0:44/128
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP4/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-sbgp-autonomousSysNum = critical,AS:64544
-sbgp-ipAddrBlock = critical,IPv6:2001:db8::10:0:44/128
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/ISP4.key b/scripts/resource-cert-samples/ISP4.key
deleted file mode 100644
index 20370dc9..00000000
--- a/scripts/resource-cert-samples/ISP4.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEAswWt+wbbSYGt31AE4Bjo8fSD5iZLnvwtHN/iK1c4SOvEE6P9
-bMXiHNU6/WbX/y7/SrdaxfQZsY2eqElOOyBG2gjesJxxXnepFOJMIA7/xSD68207
-C87hcrb/9XV/PjWvHE/gkkXwH1fOOGw+9i+Wcx9g22OOY7PzNYXpADmSs59Ka73p
-oADKvv4neJtEI1NWE0h9zdEBOog2Zk9/8yyfx8RSdR4OPFApyTng/5BNlUdWE+Ew
-8zAz7gJgcLC93TuquSqGv+fiqOxkKgsSBQgDfthBuyPeKeUPmzsALk8O9TGR7L00
-Amht13GpjE0j0kOu1/jlaSuuE4YTJzhySHD4HwIDAQABAoIBAQCcCoNPnvZc5+/K
-ClF1k8DXxS2C2jZn6Z7Y4DyfUnL4/Kf4BqTKvuEMCMBWR+JVx302fwNcMByFKs/0
-F5Fc8BFR0xFoF7SphtuWHHoGJ4zBIrIapEcnT7gq6V/JcBTtAJYVs3onhVZ7u2lA
-vPlUVL5qshsWn3xpY1zGdmZVj9lTPjr186AVg+Di2D8RWKrBiLgT0gy9nK0dX7AU
-8C4w/C2b/1Yp6D8L7benbRCRjYcuyoS211B/yC7KDP+YoHv2AYqPXEUdyBMnk+KR
-lhw793xI5ec7ryinBtjmiIds0iDrJOztiWgLdGHrxT5OFOUJNjtZ6W9PvYi5Reu7
-vin+ugrhAoGBAOTIA0urho2JA1wsmMYtpUpsr+Ep+4SMpu0Gbrqs9uFHIFYGRrT8
-hgO1yZk3TwJVPsbYiROIIPkv9pJQKGzkyF+zEaJsnR40iybbW3arPr5UqKVauNLc
-KbqtChetfY81vA/8HjFB6mKq2K6tdOTqLGhJlX9Y9baNBNrRn0ReLnUtAoGBAMhS
-J4suczgkv27PWqa2nmzAxsArsCcubFTYJE0qV6qRbtN3eH+S8c1/tTk29MPRgzX4
-+3oLowRhiArVui79X43Y+6J5akbnLoR3duGOpqdza+UmE5UExokpDag2/hKuUEZu
-youzuik3pMipu9rjc45CXGbvuaqg6mw48bnAS4n7AoGBAKFQLpKydQNjMo1RnL9P
-/BZIIJOBSKmjiyfhuz3BK6qYvkIp1r1SuSPwkB+KkhkxBjyq/axZ9fX+TbvI7Vgq
-0OY5mxuNvhNINT3Gue0overyQp+lImD7gCjyTgV3/Op3lw0mVhuhQKUllfdEswGd
-5IX8LH9IuKhpMp0f5U8NoXBZAoGBAL33EqLtYLxcNOHbZ2bzhVcylQgGJh1x66+l
-7P70aYBKPGPzRuUML5wmQHBKimDsXVagj7JUOLpd10oXFmGbS7NTkoWoSD2G3Fko
-hScvRSFE1ovOyQEnLzNBKD9eLyD+BwhT5mYHAUI3D2BvfcL8sUe17LR9H4AM62HH
-uovhLIFjAoGAVa8vZTyEude+ZCu5RmBmNx0N4uj7M2zLTUjWoyssZOnS1z7MIuFL
-9xr511YAc3FIkQj1byn7O9CkwaYfEeGaTr18aw7b1BZqOA9Sk329kH3Uahi2JTE1
-0eXQ2ExBRexCq5Aoz8tnmFhTEMS0ECN7poa+VAT7c9OsrDeB0XMOJJ4=
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/ISP4.req b/scripts/resource-cert-samples/ISP4.req
deleted file mode 100644
index 5c9d865c..00000000
--- a/scripts/resource-cert-samples/ISP4.req
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDjDCCAnQCAQAwGzEZMBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578
-LRzf4itXOEjrxBOj/WzF4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53
-qRTiTCAO/8Ug+vNtOwvO4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz
-8zWF6QA5krOfSmu96aAAyr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQ
-Kck54P+QTZVHVhPhMPMwM+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inl
-D5s7AC5PDvUxkey9NAJobddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaCC
-ASowggEmBgkqhkiG9w0BCQ4xggEXMIIBEzAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBSYz/gAguzX6RdPvXqHYDKlu521DjAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYB
-BQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0lTUDQvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAoYocnN5bmM6
-Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLmNlcjAaBggrBgEFBQcBCAEB
-/wQLMAmgBzAFAgMA/CAwLAYIKwYBBQUHAQcBAf8EHTAbMBkEAgACMBMDEQAgAQ24
-AAAAAAAAABAAAABEMA0GCSqGSIb3DQEBBQUAA4IBAQBq2qdZveIZPxJTOaKb5JUV
-0VlBFjDht7k9mw7dxqvFZ2CL7oNbTTG3n0t9060xR89jp2+4760LdAkNn62MQlzw
-p42DZy65fBnNpwDY9+0khoJqZIjYdYnUrW+002S+sxRFToAdpTd13RKre/KFPAx4
-jaMzCZ8ARONVR8TfjT0FGsh/0PpdwNsdihltVqw/SfPGK50kXX1Xlp1Yo82wjmZ/
-R9ohWBBJzcf//GdHp5yBoKFjBD6ZJ7QRP6I/vxYOpq4VrqkCa6MVmsoirRAHVgoe
-JsHjusxM9SRyBPaZXywaswuCC3jm1R6s6FYH0df+3IjfNXb6PqUXIFX3/xMIZI44
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/ISP4/index b/scripts/resource-cert-samples/ISP4/index
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/ISP4/index
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP4/serial b/scripts/resource-cert-samples/ISP4/serial
deleted file mode 100644
index 8a0f05e1..00000000
--- a/scripts/resource-cert-samples/ISP4/serial
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/scripts/resource-cert-samples/ISP5a.cer b/scripts/resource-cert-samples/ISP5a.cer
deleted file mode 100644
index 787aacd7..00000000
--- a/scripts/resource-cert-samples/ISP5a.cer
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 27 (0x1b)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 38:f3:dc:20:93:3e:ff:25:8d:0e:90:b3:7f:65:ea:67:69:9a:
- f0:6a:a1:77:5b:49:da:26:66:ac:3d:4d:20:a9:39:bb:e1:85:
- 8a:a2:eb:5c:e8:b6:d2:d8:6b:04:19:32:cc:a7:1b:f6:24:d9:
- 30:ee:ef:e3:d7:9f:85:01:02:6e:4e:4b:ad:af:97:71:59:e2:
- 24:b3:29:86:16:79:ae:04:be:9c:43:70:99:63:98:f9:6e:1c:
- 8a:69:48:64:90:70:b4:51:e6:12:95:b3:c1:bc:d4:1d:c0:dc:
- 3e:cc:af:6e:a5:a5:d2:79:b3:bb:d7:b5:8a:a6:d7:64:83:87:
- 8c:54:49:b8:c9:e8:76:18:40:20:ec:2c:52:0a:57:4c:7a:a0:
- 87:f2:c7:13:42:24:c6:10:e7:db:d3:4c:6a:d7:65:ec:19:13:
- 7c:15:13:74:9b:95:13:0a:91:9f:ad:ad:e7:85:40:16:8d:44:
- ff:fa:e7:3b:a1:96:da:46:cb:e8:18:92:7f:9a:42:bb:8b:7f:
- 25:bb:da:46:a3:2f:92:59:26:eb:66:17:b9:12:3f:52:58:a7:
- b6:31:f6:2a:68:35:11:a7:f0:b9:aa:44:c3:f3:ad:05:7e:3a:
- 25:96:9e:01:ce:6b:e5:87:b5:c5:99:da:e3:b6:00:8a:e7:11:
- f7:98:16:3a
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBGzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MzIzM1oXDTA4MTAyODE2MzIzM1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoAADANBgkqhkiG9w0BAQsFAAOCAQEAOPPcIJM+/yWNDpCzf2Xq
-Z2ma8Gqhd1tJ2iZmrD1NIKk5u+GFiqLrXOi20thrBBkyzKcb9iTZMO7v49efhQEC
-bk5Lra+XcVniJLMphhZ5rgS+nENwmWOY+W4cimlIZJBwtFHmEpWzwbzUHcDcPsyv
-bqWl0nmzu9e1iqbXZIOHjFRJuMnodhhAIOwsUgpXTHqgh/LHE0IkxhDn29NMatdl
-7BkTfBUTdJuVEwqRn62t54VAFo1E//rnO6GW2kbL6BiSf5pCu4t/JbvaRqMvklkm
-62YXuRI/UlintjH2Kmg1EafwuapEw/OtBX46JZaeAc5r5Ye1xZna47YAiucR95gW
-Og==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/ISP5a.cnf b/scripts/resource-cert-samples/ISP5a.cnf
deleted file mode 100644
index fa470452..00000000
--- a/scripts/resource-cert-samples/ISP5a.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = ISP5a.cer
-serial = ISP5a/serial
-private_key = ISP5a.key
-database = ISP5a/index
-new_certs_dir = ISP5a
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY ISP5a
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv6:2001:db8::a00:0/120
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv6:2001:db8::a00:0/120
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/ISP5a.key b/scripts/resource-cert-samples/ISP5a.key
deleted file mode 100644
index 0bec780e..00000000
--- a/scripts/resource-cert-samples/ISP5a.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpgIBAAKCAQEA5kuteChr5lAbZYHVjStWd827yUegqjKwLKwf8eSQK8Izb+dT
-sdAdqwUnnbeh7qhPyFs2I+MS5FFZJ839eqrcVgWhc6t53TyCso+u+ezANjjmAqr9
-iWAhUlu2M4B15X/9rG7s1JomL34oRRYpR33zinLV5GX69FRvrkgzYsEy8SuDMzZj
-YJ68x+eZXVHazS+Pg0cgnunMo3LAcr1JLcRS6m/aQkZxkMevf5/H3QuWljxFn8Dq
-ZWpD4/OS1eFzwG4g9Rfl0VjaIbPpDE3w6L18t++ByfVwz6ggfeJq+Rtmqchx1jL4
-cj2DmRkNDGvp+JLNMxeGaj2vDQWUqxzULKRFywIDAQABAoIBAQDf6vFOBa90Dqu0
-tNrZGixG7IkMGlMDaamWpf2hiuULRxYQVlIwb/SI1shAN86BaLG6U8V+e0lhKh+P
-7l/qJ7t5AJyNBUvGaxGBYOd3JlV14zjxmyRNsGR12ap8xQjdDueuA2TPCtraDsZE
-9llIpBRqp2GFZArwCjFUuesMuGE5z4aqQ1A0lno3bibyGx/bGTWxJi54djyGr/T/
-5htxmoGsAw7PWnJQ0Vi9XQ+ZcHTfVK0KVBUYHnWSRCGuW0oriwT8O5g90dU4O+tI
-vFDOAV8ANVAWBCKpQ/YxBS4c/txVUZJpUIDvWmvJiWwrXv5cmzOjvBEX1K/nwjw0
-oFjL0xdRAoGBAPpjxMVzmbDzbDHbctWnKafLVSrY2Guetvs04x+wuVAkSZNMgXpn
-vd2ETOmB/rqXf7cv406HctGYUSxcNIOrfQKXy69Ew9w5WwjrExRBLbbFET5kBIn2
-5kCiENydWZuEhK1KwLYKAu5ZN9fQ4zVRyHROPkr8DpCcnGrl6jR/IZLNAoGBAOt0
-pkaYTAX3A7siLulKZpwsRmRvkb+mXJL//K7BqUkFZbesBy6zVBKSStJfpV5aqml/
-GnWgzoSWh2Ur8zV98fnpwOTeYpGSoFLjwapSl4G9+zIeKhNMVj2369FQA5wwWm9v
-ey9nuaiOvMdka0A0C7XOR5qxTvp0/4dI+dfp0ir3AoGBANBi3i3ykrOpM5+e4sib
-0dg7Kot5Y0zWD7WsA2apfuELAkzb/FpyIptMc3JXZTfHxFwiN8xwgAed+9iueGoo
-++Z/jN42nccX2QLoGb3erPwSsNI7DWgBGwopl1z0e9IpjP5oW1BlrqDNkeNEjwQe
-J3VcdQ2VD04deTSiWrQMJlX1AoGBAI0STPWLFjGUuDWM25KHM0dq95oBhs/O+zRQ
-D7Mc8TKA+1q6xWrjowGliRLWn5wSsnuW3eGQQWwLTH//fy6TkUFtHleCLoiN02UW
-dNh5t7DShQiYLhl16U39Plsgl6kjB2ww3RugCArHyq+kqOXEySdaumgix/Ej3F3Q
-CXGl9HgtAoGBAK2r9s+RrQX4g/vnrFKXSv9LuxM0tWyAcfg6rug6vcKiWI8zHS6k
-zDTJnldKS0q+K76W07oSx2kDJYHeXimXoh9V4LE2n20hoJF4+qRIDLrcMU7nb4Sq
-gyE5TaX4CluAMoTCRmdUQFaVZ26nSk4GyCM1aXVQIYeWp7IXiufiyIUc
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/ISP5a.req b/scripts/resource-cert-samples/ISP5a.req
deleted file mode 100644
index 66bc9022..00000000
--- a/scripts/resource-cert-samples/ISP5a.req
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDfzCCAmcCAQAwHDEaMBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6Cq
-MrAsrB/x5JArwjNv51Ox0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3nd
-PIKyj6757MA2OOYCqv2JYCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0
-VG+uSDNiwTLxK4MzNmNgnrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQ
-x69/n8fdC5aWPEWfwOplakPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDP
-qCB94mr5G2apyHHWMvhyPYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGg
-ggEcMIIBGAYJKoZIhvcNAQkOMYIBCTCCAQUwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
-HQ4EFgQUCfAUC3n7C/+o71S57D65i9DLnOwwDgYDVR0PAQH/BAQDAgEGMEIGCCsG
-AQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21iYXRzLXItdXMuaGFj
-dHJuLm5ldC9JU1A1YS8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3lu
-YzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2VyMDkGCCsGAQUFBwEH
-AQH/BCowKDAMBAIAATAGAwQACgAAMBgEAgACMBIDEAAgAQ24AAAAAAAAAAAKAAAw
-DQYJKoZIhvcNAQEFBQADggEBABc2bf9ptC+SWMjUqZJ+WSb6DvrU2VKIDK75cbD9
-OVLCBqyjxDcctO1ZT8wXJNwEJaB6P4i83LfSttGpkWr6sBR+H1HVNptuXWo31m6D
-rRSZZ+DEx+01nzmEXJ2+Iskm1+/YQbxygqHQqm+i4ca/Y9PXTl1unH69ONdSfD3c
-qee4VepkOdru3LWkxoF/oPSg9WRjbBXTOfwJ1jGBTqRGYFA5cvzKKciHPhL0EPOZ
-XencgWNNzkumzH60Bu6TVf1TDSne/nDOMdMZaYgwOyaN7nyPXbjr+WhQT9GrZIIi
-YI3RaCitfdN9pPS2CLqHWXxHrJ5MdREdefks1XMfQk8dlWo=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/ISP5a/index b/scripts/resource-cert-samples/ISP5a/index
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/ISP5a/index
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP5a/serial b/scripts/resource-cert-samples/ISP5a/serial
deleted file mode 100644
index 8a0f05e1..00000000
--- a/scripts/resource-cert-samples/ISP5a/serial
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/scripts/resource-cert-samples/ISP5b.cer b/scripts/resource-cert-samples/ISP5b.cer
deleted file mode 100644
index 8f133ac8..00000000
--- a/scripts/resource-cert-samples/ISP5b.cer
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 3a:6d:f2:b8:e4:50:4d:f6:f0:f3:04:1b:73:bf:36:13:d5:e6:
- 70:d9:31:b4:47:b7:5e:ca:8a:25:93:fc:6c:dd:63:5e:09:dc:
- 47:d9:d4:43:39:f3:ed:c5:f2:64:d5:ac:72:02:76:f2:07:ca:
- a5:d9:1a:e3:9d:6a:7d:90:4c:d5:c7:09:c9:64:dd:38:f0:2f:
- ab:0d:5f:e4:13:02:2c:85:02:56:f4:6d:31:07:f9:0b:c7:e9:
- a4:0a:ee:13:03:18:9d:81:b8:78:68:d2:99:a3:e4:4f:e7:96:
- 86:99:06:10:8c:b5:c2:39:03:8a:94:2e:21:00:67:82:f5:25:
- 6c:cb:71:6b:8c:e6:31:0a:19:ed:1a:34:0c:a9:48:ca:c8:69:
- fc:91:4e:f9:0c:e5:24:2b:70:52:1c:ff:1c:cf:38:28:17:3a:
- 3d:22:a7:fa:93:dd:8f:46:03:2e:b0:ce:10:57:4a:3c:fc:a8:
- 1a:a6:c1:0e:fa:09:49:9e:d1:89:b8:4c:b0:7a:5b:76:25:05:
- fe:80:d9:8d:c1:9e:84:0b:83:53:16:9a:1e:2d:55:9a:b7:81:
- d4:3f:0a:c7:56:ac:87:58:fa:3b:27:77:c6:f6:31:c1:c8:56:
- 4a:28:6a:de:20:32:c4:80:b0:d1:36:25:ac:2c:94:28:8a:b8:
- 2b:f2:04:f0
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBGjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MzIzM1oXDTA4MTAyODE2MzIzM1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoDADANBgkqhkiG9w0BAQsFAAOCAQEAOm3yuORQTfbw8wQbc782
-E9XmcNkxtEe3XsqKJZP8bN1jXgncR9nUQznz7cXyZNWscgJ28gfKpdka451qfZBM
-1ccJyWTdOPAvqw1f5BMCLIUCVvRtMQf5C8fppAruEwMYnYG4eGjSmaPkT+eWhpkG
-EIy1wjkDipQuIQBngvUlbMtxa4zmMQoZ7Ro0DKlIyshp/JFO+QzlJCtwUhz/HM84
-KBc6PSKn+pPdj0YDLrDOEFdKPPyoGqbBDvoJSZ7RibhMsHpbdiUF/oDZjcGehAuD
-UxaaHi1VmreB1D8Kx1ash1j6Oyd3xvYxwchWSihq3iAyxICw0TYlrCyUKIq4K/IE
-8A==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/ISP5b.cnf b/scripts/resource-cert-samples/ISP5b.cnf
deleted file mode 100644
index c7127044..00000000
--- a/scripts/resource-cert-samples/ISP5b.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = ISP5b.cer
-serial = ISP5b/serial
-private_key = ISP5b.key
-database = ISP5b/index
-new_certs_dir = ISP5b
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY ISP5b
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv4:10.3.0.0/24,IPv6:2001:db8::a03:0/120
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-#sbgp-autonomousSysNum = critical,???
-sbgp-ipAddrBlock = critical,IPv4:10.3.0.0/24,IPv6:2001:db8::a03:0/120
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/ISP5b.key b/scripts/resource-cert-samples/ISP5b.key
deleted file mode 100644
index 60313862..00000000
--- a/scripts/resource-cert-samples/ISP5b.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAv49Z2Pz6HQRwKc57AWQhQNxcQ/5Mr4jIYpu+nHKPiqU0ijsj
-jZuKT79mrGhxnP1oWfW/n00utdbj+r3zYFNctxGslQvAh82ZnpRXjewFuN+q/I44
-0w9lbQlg8uGYgXLYUT5BkbMQlfX10PnlXKGF+nEmhePRTAJ/FOIeSoqWaJ7WFqXv
-rbWDYs0jdHyCVrTRNFNainphn65UW+/5Vt6Ha0KSvEn0tcM1B0oYR9KSxhwWdHSx
-6Tk8UxIFnevcnHIrl00nIXeWfUzOeQz7p7iZa2YgLlacRLTjXoDEfXihtAX3IH0m
-HkS/XWkVPHokZ725tQgPM02vOy3nuasdK9b7cwIDAQABAoIBAEURnOW+ITiBNyf7
-ySIxRkQqsCHb+S55dTcIzOt/6v2kn5MPy7vtTyt96blUV1KxlASLtTHtFGCAQOdR
-wgUDSbTAbKe4+wx8N12UQxVq+o00KGSzqw1+yaVM8mXgrapPDGwOtHmiROKtMprM
-38RMgRBR5//yqq5rYALZnO5nld/WdcthhCjrb6zltE4n9E/jDwIC1ug5vfIX/wWq
-6f8lrQ/Lq5IduFntShh8Ld4rQewSjul6wprGsSeG3CLS+9+2cnR2uunhA9c2CS/X
-qnZgoUVrDI9ooBU/IQ7y68j+0JPureM/XMy2poyi+KmI8PTz3G6IgEqNDmbcc16Q
-K5hvBOECgYEA37OoIV+616WQme4uW2Wmk4ZLu5Qs4VeIIXg1WUi+s3YcHDfL/oib
-sNfDy7pEOvGA2F6hO5vuZ2QGZx8J7qJOCE2AbgVbvF4w70ft/g3ftDtZQHhp+NBN
-XyeIJeBcY0PVsUMgS4gKPqNib5bSDpMYN2w/rsO4ylSKs/cI5d/GB7sCgYEA2zev
-kem0+22dmBCggTWpTfvWxdJkkzMAoxvIfvfrN6Ic6h2Dw29qxYlw8+38PS/Xrw77
-kUhnMfMNvwWTkqQ/i5XLxsZ66Or6f/GEoQQMgsCXAOv4vAFWZVwLVQ3Lu4mcyPmJ
-1bX6KKKFpanMof9+54KPOxz+H0uesWBxLleLE6kCgYBTzhJmrl5o+3W4tSpYwzQs
-gFtO4qwNn6U4JLiXwlDvGohdaenaaYMqNSr838M/8cm7RXhRxJED2s0rRM2LwPJK
-2f4LOaasYv0iJ2hZjQkJlFJTfMj2ldLmmwC+b9csuPUNe4BVy5lK7hqqg24eV6zy
-1nLlHh3UbuenlByZQcQGkQKBgQDY1tpKILyuv5zVYA0EAkp4IxYtE5H8sMR+kurd
-/OmkXCzxv0QouzsILo2WG+AXvg1A0jcxXEcHd34vZ5qzwNhCgGfTNV06q8Qhbotc
-oh6l707u0Ht3rHMDS+rBtSXDWbnGal9XD+xk6W39kloiHBIxekmnlWQhHLHajqUl
-y958EQKBgQCIanjEpqaekayux7wQXPiJEAl3vQ71rbasqufX5f2x4TwIu4dUFoVo
-PoYfEesJ2iZYkK8jQJA9eGbq8c6AZFDcTkKW7rf3W8pxunXk0qF5FaVQMPl6jMLr
-aR6sRBSlwppoBgol/DcTphmTUgeTKhgNMyQ0LAQteLySqgzzouTG9g==
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/ISP5b.req b/scripts/resource-cert-samples/ISP5b.req
deleted file mode 100644
index 7ec17a74..00000000
--- a/scripts/resource-cert-samples/ISP5b.req
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDfzCCAmcCAQAwHDEaMBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyv
-iMhim76cco+KpTSKOyONm4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CH
-zZmelFeN7AW436r8jjjTD2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FM
-An8U4h5KipZontYWpe+ttYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1
-wzUHShhH0pLGHBZ0dLHpOTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxE
-tONegMR9eKG0BfcgfSYeRL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGg
-ggEcMIIBGAYJKoZIhvcNAQkOMYIBCTCCAQUwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
-HQ4EFgQUbLNllP7Gn0pQnU2LQBqh/ZcXl5IwDgYDVR0PAQH/BAQDAgEGMEIGCCsG
-AQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21iYXRzLXItdXMuaGFj
-dHJuLm5ldC9JU1A1Yi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3lu
-YzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2VyMDkGCCsGAQUFBwEH
-AQH/BCowKDAMBAIAATAGAwQACgMAMBgEAgACMBIDEAAgAQ24AAAAAAAAAAAKAwAw
-DQYJKoZIhvcNAQEFBQADggEBAA/icNEGnX4wn19sxuN9GlvQnMVPiUeX3rMyFJxp
-VODe9wcHWIzz02tXVxaPbsbi5DVQih10HCgw/TC/zYoNjtjL3ygsWUZqCaCGhYUd
-hAKJhhZPwCB5ZX3F17JsWxDqDTjc6+DuUXhMS4jbAGWYeOSeTXfHGiP9IErJOL53
-e58y2QVVtlkjweUYy5bvu0xBS4pA/5PBcYIWxvmc+0tYMmaSpNWv80cMvaWnZ/Dd
-dzcEJJDiX7QcK8fFu4rzFiS7Kkr6zfzehgdrKBCLpWGoO0dYzYoq5tgShXxFAjR1
-l2Z6vyqq/NSYmTMYVFiyY7zY13gnFX9NyMQEnjsvtuLP4Ls=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/ISP5b/index b/scripts/resource-cert-samples/ISP5b/index
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/ISP5b/index
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP5b/serial b/scripts/resource-cert-samples/ISP5b/serial
deleted file mode 100644
index 8a0f05e1..00000000
--- a/scripts/resource-cert-samples/ISP5b/serial
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/scripts/resource-cert-samples/ISP5c.cer b/scripts/resource-cert-samples/ISP5c.cer
deleted file mode 100644
index 969f45e5..00000000
--- a/scripts/resource-cert-samples/ISP5c.cer
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha256WithRSAEncryption
- 2c:6e:f1:28:d7:06:69:d5:38:e5:77:75:9c:d0:9f:3b:52:f4:
- ff:83:1d:51:70:18:b1:76:57:29:1c:f4:0c:fc:bd:6d:dc:c6:
- 95:68:2d:38:fc:5b:b8:66:b8:92:95:3e:0d:cb:f6:49:3f:6e:
- 63:01:88:9b:44:7a:d1:7a:48:03:20:73:c7:f1:c8:f6:8d:be:
- 1c:6e:ca:28:0e:32:93:90:9a:76:d1:7f:f3:33:55:24:67:65:
- fd:05:03:c8:1f:7e:68:7d:c9:83:f9:47:26:d1:dc:4b:04:a2:
- 68:bb:74:2c:9c:f3:33:ec:d7:0e:d9:23:f9:a4:10:9e:af:94:
- 41:09:a0:67:2d:21:d7:b5:0a:e1:41:b3:b6:4d:bc:8d:74:6c:
- f6:b6:32:fe:ee:c4:71:b6:73:e1:bc:2a:25:54:df:91:84:4e:
- 15:09:05:98:a1:99:33:48:38:7e:7e:b1:38:73:c7:66:a2:19:
- 31:2e:93:86:65:40:20:c0:0f:86:e9:a4:77:d9:61:a5:a4:92:
- 35:c7:9c:51:15:a0:dd:21:56:76:a4:d1:75:76:0a:b6:51:9a:
- 08:c3:d4:21:ec:86:f0:b7:66:2e:7c:8b:0f:76:5c:29:3d:a6:
- 9c:ea:0c:e0:5d:14:14:b5:cc:cc:84:e0:33:95:17:06:11:c4:
- d9:d9:98:d1
------BEGIN CERTIFICATE-----
-MIIDozCCAougAwIBAgIBGTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MzIzM1oXDTA4MTAyODE2MzIzM1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgfAwge0wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2Vy
-MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEL
-BQADggEBACxu8SjXBmnVOOV3dZzQnztS9P+DHVFwGLF2Vykc9Az8vW3cxpVoLTj8
-W7hmuJKVPg3L9kk/bmMBiJtEetF6SAMgc8fxyPaNvhxuyigOMpOQmnbRf/MzVSRn
-Zf0FA8gffmh9yYP5RybR3EsEomi7dCyc8zPs1w7ZI/mkEJ6vlEEJoGctIde1CuFB
-s7ZNvI10bPa2Mv7uxHG2c+G8KiVU35GEThUJBZihmTNIOH5+sThzx2aiGTEuk4Zl
-QCDAD4bppHfZYaWkkjXHnFEVoN0hVnak0XV2CrZRmgjD1CHshvC3Zi58iw92XCk9
-ppzqDOBdFBS1zMyE4DOVFwYRxNnZmNE=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/ISP5c.cnf b/scripts/resource-cert-samples/ISP5c.cnf
deleted file mode 100644
index cc689a77..00000000
--- a/scripts/resource-cert-samples/ISP5c.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = ISP5c.cer
-serial = ISP5c/serial
-private_key = ISP5c.key
-database = ISP5c/index
-new_certs_dir = ISP5c
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY ISP5c
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-sbgp-autonomousSysNum = critical,AS:64534-64540
-#sbgp-ipAddrBlock = critical,???
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-sbgp-autonomousSysNum = critical,AS:64534-64540
-#sbgp-ipAddrBlock = critical,???
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/ISP5c.key b/scripts/resource-cert-samples/ISP5c.key
deleted file mode 100644
index dc7595d0..00000000
--- a/scripts/resource-cert-samples/ISP5c.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEogIBAAKCAQEAyIuhJWXf7qJ/VK9SChoa+g11szzp4CnTiSDpUUlnLEPaoCzU
-RLOWFKkHd2C5bwHvjlSldKxaZ/gwTRD5rJ+4dWEL9ud86ptcmHpLPsTiWULTGcoP
-WA63yIJO5bus/ZLliLL8ZM9uODsYg/znpq77kDbQ4cpNkEEPDzsqwAzZe33oUBP2
-CXOCo9Lju4IIh3/Suw4Oeii2JQK12VH8MzJHR//Pf7zuAAG7BV4uA5qtlTvKwsaH
-ZHQ5qllrruCnURoH8o5MjmUv3/KZuuC2ik/AIHJ5mACPDVATPdE+jL3cdKkzqFYd
-MXh85wKejQoUEm3TN8d68IQQ/v5NKJcmbgiFoQIDAQABAoIBAC5Y5rMn6irSby75
-HbKr+dQUTEFSMJLX18V3T7SzjB6Ux/AArEX8YxD/R3R1bCWVgvGX6m0eb/5bQ35s
-D+evOggWl5dGRH5LzYiHquAkzFLouLTbF9S4Ag1a4DUDvKUVz+pZwy7hKY3hSncm
-ebrx8b2QjZHBGU/fWUWh3O1pitGZDJ+D7zN4gsS+Q+L5heVuWlLKGsDBllIFEx+A
-lYHik6bnCWASv/ZRxxyv1v9Nc6+S1kLGkWAq/dzdRz5hS6/1/BYkYJYF+N+yOJlh
-dc8nknY3RqphRoUfKNF1mo2/CX3TiTIkI9RADl/JG7MvN8QcvsZtPY9HFvl8l3Jr
-bMeB+gECgYEA8qWQpwftUj4MFSa6H8N/cNfoNVDt6CRpy3BhqcGKstfdDNWxUEyW
-jKQnh4z+bypKuwtAzf26dlJzVz1tpTx81bvTyN/mhCd51ZLG/pWM/rmt0Hqt59M1
-AhDRaBVAN+mXZYv/4ULy0jcBzQJxRtSOGzb0CRT+SFyhlJ2aTBYh5xECgYEA05Tv
-tPhEREDYRexYEeOsAs9uxZuM1F07OYCSqsRFWjO3Qg3MvUowtZbPnryT4KCUirQY
-GCRt3zNWRkbHczxw6WWsxwv88tEQEb6HU2llZPvqz45MP77LBP7qvmASQmUOX6TI
-Qav/SLmuEwPwVrwxI2nbDQtYPryaBq5vBglcVZECgYA1AgBYzP2GYvGmyUAN4lp7
-317mDtj6RsIp5FIhkJtpOIkc3a4PubuF2/KaxS1sQZPzyqCMn6pVYOu7mjrSxyUK
-WC8LCgbExg7ynk8EnM0hdJTJH5PQOi6xVdU5ZLMTw98EGxJ6NnLvg37MN4VhkNu+
-jEHBnilyy3GtEsT7bDZZ0QKBgHqc1ej+8rjHB05GL6d2U+lxAlWb1hn/SWICY3x4
-r2QdkjbCPoL3qpChLAJmcB/9jvdudIQRIGb3niitvcnHHfvzwxO6m8SvaOuPiWbK
-Lks+Pg43/XH3hDmJ7MmUbSBy5ciBeter8A3aJMm6P55UAvntz1aY23PH4k666XYL
-GKoxAoGAB+YRlWhaIeUgTlImA33lZ89g8juxuttShAEZGtMOsX9I7J5XoxktOGI0
-Sqc2eCf/HLvcLrt1g66foAPvLmkxEHqncqLAE7MKIvMIIvCu7GVrVx/8O2vcFDed
-QV1Ruj41vFLljQqArXZ3dxCSxNRrWPFOO8c0Thfps2zBfRF1Rq0=
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/ISP5c.req b/scripts/resource-cert-samples/ISP5c.req
deleted file mode 100644
index fe5a3802..00000000
--- a/scripts/resource-cert-samples/ISP5c.req
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDZDCCAkwCAQAwHDEaMBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOng
-KdOJIOlRSWcsQ9qgLNREs5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zq
-m1yYeks+xOJZQtMZyg9YDrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2Q
-QQ8POyrADNl7fehQE/YJc4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4A
-AbsFXi4Dmq2VO8rCxodkdDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8N
-UBM90T6Mvdx0qTOoVh0xeHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGg
-ggEBMIH+BgkqhkiG9w0BCQ4xgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/BAQDAgEGMEIGCCsGAQUF
-BwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2VyMCEGCCsGAQUFBwEIAQH/
-BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEFBQADggEBAEmtz8vZK79t
-8D6z0UadBwNhrxSQzoXBJQkjq0rRxAePomXejmnzLdFaCtMkgqVQ/bow4VGlqlzM
-tLUb7sqlKFw61vC1K80WwMjag4l3mQv7XJ0BQujhwzVvtfHhnRLuCCnN9yh30yDs
-2WE6cRoQl44zHNakXlGTW00sX8kA3o73r9Key40sa0UmOcDLKUvvxP0VCOjYOyl+
-I6V/GNAI+7dBDyAdkEXynOYuAkkcRMPAmgx+Nt+I8lxbyXPRtcD84ZwMbQ95RBBY
-QgjxJLABunz5i8L/XFp/6vXBGdLKsLv40IwxoaWCrbxsz5zqD+yemg8r3sXBQCs/
-OuVcypkSpdk=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/ISP5c/index b/scripts/resource-cert-samples/ISP5c/index
deleted file mode 100644
index e69de29b..00000000
--- a/scripts/resource-cert-samples/ISP5c/index
+++ /dev/null
diff --git a/scripts/resource-cert-samples/ISP5c/serial b/scripts/resource-cert-samples/ISP5c/serial
deleted file mode 100644
index 8a0f05e1..00000000
--- a/scripts/resource-cert-samples/ISP5c/serial
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/scripts/resource-cert-samples/LIR1.cer b/scripts/resource-cert-samples/LIR1.cer
deleted file mode 100644
index 348c6275..00000000
--- a/scripts/resource-cert-samples/LIR1.cer
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 50 (0x32)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 71:ca:3c:b4:39:4f:ec:c2:ba:bd:c4:e5:9d:b8:9e:12:5a:0d:
- af:f6:e0:f5:65:0c:54:ac:5c:17:d2:29:92:a4:84:ea:47:09:
- 53:75:52:7c:af:67:11:7b:fb:35:14:77:9e:8e:34:a9:39:5a:
- 87:65:7f:5e:e7:81:80:82:4b:b2:e4:07:c3:7d:1e:bf:0a:31:
- ff:43:9c:66:31:b0:19:0a:ea:52:14:67:62:f6:91:15:5c:d4:
- da:f7:bb:87:1c:9d:31:4c:0d:8c:f6:c9:1c:44:68:21:09:49:
- a9:d7:cc:7f:54:c2:cd:44:09:98:e9:7c:73:a3:9d:36:38:e8:
- e2:bd:16:19:94:fd:97:ff:91:ca:62:22:1a:ff:f7:2c:a0:b9:
- 79:a4:07:84:37:bb:50:8b:6a:6b:25:9a:8e:3c:fb:4f:09:2b:
- e1:75:c4:d4:2e:73:a2:cd:ce:f5:83:3c:a5:ca:33:f6:c8:39:
- f8:dd:78:3f:61:05:7a:ae:09:3c:d4:bc:b1:4e:0d:4d:83:f8:
- 77:6c:a0:ea:6d:e6:5d:df:c4:e4:e0:7f:0f:9c:da:d0:f1:3b:
- 37:05:e4:77:1f:54:7b:d0:57:6d:55:dd:ba:41:ba:4b:90:df:
- 54:8e:a3:cd:0c:a8:ae:c9:09:e8:02:a6:23:e3:f9:62:f8:0e:
- 39:f7:87:f9
------BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIBMjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBIzCCAR8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYE
-AgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0B
-AQsFAAOCAQEAcco8tDlP7MK6vcTlnbieEloNr/bg9WUMVKxcF9IpkqSE6kcJU3VS
-fK9nEXv7NRR3no40qTlah2V/XueBgIJLsuQHw30evwox/0OcZjGwGQrqUhRnYvaR
-FVzU2ve7hxydMUwNjPbJHERoIQlJqdfMf1TCzUQJmOl8c6OdNjjo4r0WGZT9l/+R
-ymIiGv/3LKC5eaQHhDe7UItqayWajjz7Twkr4XXE1C5zos3O9YM8pcoz9sg5+N14
-P2EFeq4JPNS8sU4NTYP4d2yg6m3mXd/E5OB/D5za0PE7NwXkdx9Ue9BXbVXdukG6
-S5DfVI6jzQyorskJ6AKmI+P5YvgOOfeH+Q==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1.cnf b/scripts/resource-cert-samples/LIR1.cnf
deleted file mode 100644
index 7e2fa61f..00000000
--- a/scripts/resource-cert-samples/LIR1.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = LIR1.cer
-serial = LIR1/serial
-private_key = LIR1.key
-database = LIR1/index
-new_certs_dir = LIR1
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY LIR1
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/LIR1/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-sbgp-autonomousSysNum = critical,AS:64533
-sbgp-ipAddrBlock = critical,IPv4:192.0.2.1-192.0.2.33,IPv4:192.0.2.44-192.0.2.100
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/LIR1/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-sbgp-autonomousSysNum = critical,AS:64533
-sbgp-ipAddrBlock = critical,IPv4:192.0.2.1-192.0.2.33,IPv4:192.0.2.44-192.0.2.100
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/LIR1.key b/scripts/resource-cert-samples/LIR1.key
deleted file mode 100644
index 0f79c031..00000000
--- a/scripts/resource-cert-samples/LIR1.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64U
-Yum8tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/
-lizduJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisT
-ecKy8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++
-LJ1edSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLs
-r2XVuWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABAoIBAQCeqVFRIVWXiGb7
-3x2Hvz9sb9wPIy/hNkphCbJ4SL1UEUH6ao8ZWz8Zl4cKqEfmHm2EIW2vJmpOiwK7
-GNL6lrmrMOMItWFrXzPlgz/6lUKeZ9MzTcGR/y/wFvM8zggI0SpQV7XfxlkMJ6OS
-7H+On7yBobKen8eCkUzpksm/E3fK/9llCsY14arag7CxIR+G239Eh9yfKlIYPb7D
-U1UR7wrDeLvRVkP3C+BBCYrP4fNkSpdd5Xn02nrNXdSM+BR3O7cWXjtvGiUJbdSw
-Ec4sfApj0YCFP7ZBx+WvMavRGKfz8VCDzs2LNvu5szOGt87CVxVvjsheNCzDfmwD
-JzBo9q7hAoGBANe2RljcUbbEBF+PjjUHgmt/HCbyqhcwjiwJsQh6m6AY7HjrWawf
-zB7ud1oTrMUzW87qTZcn5XnNPl266bEjo54Xbm1QHvNxzWKmHclYjzYbyPnz6z91
-9WY/PKs7+VtHz/XZD9q8UbbrDM5GLBtNR2bd3AmKjDtnprIXhq30LCPxAoGBANAd
-r9gWSA6qnuhiCG5/b9LtR1hBYftchw3UQNdMrmmqK1OteuyPG5CkyMinq49uHRjX
-ZWU58y97PvSy+oqXeDQBNp85/ojkqBooV1JiA/leu0AzYNCOV2j/NaaTk35IoqFm
-OQyc90JA1yDAzSBaEGXc1L59Rrng/tPnRKEJvLEvAoGBAJYi6YeDoOQiPiD826+R
-EHcdO0zobPZC91EzVaJfI94kOsJWnE0uvHVy6GMren6upmG3tlVUkWVbMuMt6uU9
-tu2bxWIT99bdCGR21hiDqPmyEQnXeY7r3OdTcDiGP6IGs3mboGtP01gK9RjEwoIm
-IWI5XKLPaZcXJ3Cg6z47ylUhAoGBAMIN/Go8FIKAe93pkz0dXPLLx0u245sTIuc1
-NCTNXpAuWWoUB9vOcQCFdqcLGQCLx1vjdKtXxrdOb1ySCuXx6OZs/zanR/zzYP/K
-/+lUdaovt+BcR/kP0NeZqLgjQVNufR6MB8QIFNJVTYM/48U31bR1nnXksG8gKd0C
-905FmwmHAoGAa2SzsiVuvx+ROq7zsN/L32tJY8iL5N0r4qYQWuPK/+C6VK3zUtjb
-jcj76nGADSxGapDciZI2p/QCAxLQnLJHn4f67VctaifiaslmI2uHbN3opvtc1E7I
-PmPL7Jm4Ib3C6Q3Y4+TKHPRZvjDfmUfQdk2mWF72DlUBZE4EnTUYWVA=
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/LIR1.req b/scripts/resource-cert-samples/LIR1.req
deleted file mode 100644
index d1390df5..00000000
--- a/scripts/resource-cert-samples/LIR1.req
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDmDCCAoACAQAwGzEZMBcGA1UEAxMQVEVTVCBFTlRJVFkgTElSMTCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBAK9dHPnZu9UB4Vs2zFH2/YZXYKqex+xO
-Ba/7UVx6wljEqFeuFGLpvLZyfc9JyEpAgkr0PjC1lCWebHiBV0PWhQKN0Zy11zQv
-4ql9GCe1R5pCFsiQf5Ys3biYFx93YkoIAC3gcww5N7oPp1lZTHzN4lzXmDYQbIg+
-RZmmiC/2fzFJukIrE3nCsvEJ2a03pEG2bUahGAWgUweO4Jiy0f1naHdk1fP+HSI2
-niZaGqoYlMMsfpqvviydXnUsSdY3KwYfzGOXfu4sX2evTWI+eh8M4R4C8tIGda4/
-EbyODxNkOBQ2HV0C7K9l1blo9CJmK+9HW6078q+2cQyUVop8ATbwOj8CAwEAAaCC
-ATYwggEyBgkqhkiG9w0BCQ4xggEjMIIBHzAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBSKlBf5U/JblFRW33ZREyn2cRmoszAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYB
-BQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0xJUjEvMEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYncnN5bmM6
-Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9SSVIuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8FTA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAOAwUAwAAC
-AQMFAcAAAiAwDgMFAsAAAiwDBQDAAAJkMA0GCSqGSIb3DQEBBQUAA4IBAQA/lEvf
-enGH4JCh23gVr/cnd19rfe4RgglfFtk0uUKFws2s9C8yIJjF13RhLURe9WD/kqh6
-aj/pZ3zvgKqe1gHK5WquZWTikK2l2O+E0HAgGIB2HY9WbGlfVdGcoQ72Fnu1u2KJ
-/SuZSiBCJIdbKhUi82T1JdDajSqrLuoFjWZhe6A0YUrcfcSeaGS7po+rLx7k58a6
-cxyXd69qKOGbDcx5RfEujCgQcWVMnbmOdhrbjbN9RoLSyLsLkYGPtLhLgKorFN2I
-e9tTJOMvoKwawKffimHAaZjv7+d7WYc4XjPl2IcDwyo41Mo0l+rjN/lwkOu6Y3qm
-XiKfe7oTJ5XJAmin
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/LIR1/01.pem b/scripts/resource-cert-samples/LIR1/01.pem
deleted file mode 100644
index 29733e89..00000000
--- a/scripts/resource-cert-samples/LIR1/01.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDzDCCArSgAwIBAgIBATANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTA1NDUyOVoXDTA4MDczMTA1NDUyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOCARkwggEVMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFHOyFhrN3NcwYA/6gZX4ovVOlfOtMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMCkGCCsGAQUFBwEHAQH/
-BBowGDAWBAIAATAQMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEA
-FmbqWBmcgPw3k/OjxA3mZX807TFQiP7mB8SCzWNbXeCRuWdhcNzcLSgxZovfvREB
-Op6/dlpd3XXrY94uwKsZbgq2+qRQZFdYHJh1WE0KHkgvf6krFNTl6hVKrbosSY9A
-T9uHihn6L4kBYp29D4wLINNDgJR4QdzhKjvH+l/pYACteUcFb5MFI2RvmNjRlCj4
-9QWwl0o1to0LlIvS+k1ROu69a6EvzBCO5JMpp8o6+yzz8UCbn+4rcJYaoxkq4cR/
-esIYsghTavMYgTm13U3IZfRoKTu32t9k8aYsQ/bcmF9l31pI7HQIUI6KwhgBAtkE
-Ivo8c0ekAlpRKRlodSrb+w==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/02.pem b/scripts/resource-cert-samples/LIR1/02.pem
deleted file mode 100644
index 0bcefb6f..00000000
--- a/scripts/resource-cert-samples/LIR1/02.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID6DCCAtCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTA1NDUzMloXDTA4MDczMTA1NDUzMlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCATUwggExMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUAwAAC
-AQMFAcAAAiAwDQYJKoZIhvcNAQEFBQADggEBABJPI16u1ywCxckILgDoEsNompwz
-KH1JqwC3ItaXvsUPmnMU1H4eN8Ehh226p10JmPlTEiEu3nnZGfmNN3D1fKvfeqdU
-C3Hwws/H1L/O1zymy/NBSp+bEAkdsmR1TX3brCfjigjxUY7CjI33Bjx9WI50ZVZn
-+Pmj30Ojef8QhGwML7qiLE5xBzLoTyIMrIBiBq6H2DAUaL1PhSCXzUdHQNAYz9nK
-KrU4HP7Q8O2YtjNItgxyt7uGy0WbT13PdbmWasgf6lfLXMAqrqDXaWr6wGS9hlER
-SKRH53fVsd1oGtkJ0LbPuHu6p99CGMz6+Ah8UryjFQxGeZPdVEWbwTBZSms=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/03.pem b/scripts/resource-cert-samples/LIR1/03.pem
deleted file mode 100644
index e6b6ac76..00000000
--- a/scripts/resource-cert-samples/LIR1/03.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 3 (0x3)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:05:29 2007 GMT
- Not After : Jul 31 14:05:29 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 2c:66:2e:23:8b:0c:9a:b9:a4:48:06:1e:da:0d:8a:51:f0:f3:
- c2:0c:0b:d8:ea:10:2e:24:a9:f1:a8:a2:da:dd:8c:09:0f:7a:
- 9a:fb:54:b2:44:6a:32:91:9e:88:d3:db:5e:53:49:dc:12:59:
- 9b:b5:7c:55:86:85:48:74:9e:03:e4:42:3d:68:f2:ee:e8:ca:
- fa:cc:56:9f:1e:b0:49:61:af:b1:6d:f1:d5:1a:3c:3e:2e:86:
- 4c:a3:ff:31:a5:2f:91:64:3a:f5:7e:6a:78:b5:cd:80:d7:34:
- 38:72:f4:18:0c:c6:de:f5:bb:d8:89:84:6d:69:1f:da:42:b4:
- fc:73:34:76:fa:42:df:bd:a1:e0:6e:f4:5b:b1:18:70:15:b3:
- 75:02:a6:0d:e0:79:de:fd:d5:bd:2e:a0:22:df:bf:4f:dc:15:
- 1f:8e:23:26:26:ab:7b:67:5a:c0:f3:39:25:fd:d6:97:47:f3:
- e0:c5:8c:6e:b3:19:b6:f2:0f:98:f4:8c:57:59:88:9f:b0:b4:
- c6:0e:f8:56:60:f2:1a:f5:ad:20:5e:dc:93:2d:7e:e8:2f:44:
- 54:ff:5d:21:d6:df:17:36:31:c8:d7:af:c4:f8:c6:58:31:59:
- df:34:12:81:4d:eb:5c:ca:ee:7f:b7:4c:c2:17:8a:94:66:f1:
- e5:4d:e4:67
------BEGIN CERTIFICATE-----
-MIIDzDCCArSgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0MDUyOVoXDTA4MDczMTE0MDUyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOCARkwggEVMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFHOyFhrN3NcwYA/6gZX4ovVOlfOtMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMCkGCCsGAQUFBwEHAQH/
-BBowGDAWBAIAATAQMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEA
-LGYuI4sMmrmkSAYe2g2KUfDzwgwL2OoQLiSp8aii2t2MCQ96mvtUskRqMpGeiNPb
-XlNJ3BJZm7V8VYaFSHSeA+RCPWjy7ujK+sxWnx6wSWGvsW3x1Ro8Pi6GTKP/MaUv
-kWQ69X5qeLXNgNc0OHL0GAzG3vW72ImEbWkf2kK0/HM0dvpC372h4G70W7EYcBWz
-dQKmDeB53v3VvS6gIt+/T9wVH44jJiare2dawPM5Jf3Wl0fz4MWMbrMZtvIPmPSM
-V1mIn7C0xg74VmDyGvWtIF7cky1+6C9EVP9dIdbfFzYxyNevxPjGWDFZ3zQSgU3r
-XMruf7dMwheKlGbx5U3kZw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/04.pem b/scripts/resource-cert-samples/LIR1/04.pem
deleted file mode 100644
index 193985fc..00000000
--- a/scripts/resource-cert-samples/LIR1/04.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 4 (0x4)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:05:29 2007 GMT
- Not After : Jul 31 14:05:29 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha1WithRSAEncryption
- 7b:5f:02:90:6c:dc:6a:39:29:5a:23:3a:03:ab:7b:7e:80:fe:
- ed:ce:07:e2:9e:e9:0d:4d:dd:c2:40:6a:9d:07:ce:b3:af:ba:
- cf:b5:7b:45:77:bd:c2:bf:b5:52:94:f6:14:37:2a:3c:a4:00:
- c6:6a:bd:26:66:b8:51:5a:9d:16:1c:9b:69:8e:a4:8f:42:39:
- 39:97:9f:77:0d:08:73:5d:8f:e3:d4:d9:2f:c0:8d:d2:e5:18:
- f0:6a:4b:d2:15:d3:f6:8a:fd:1a:e9:da:28:98:93:87:21:97:
- e6:dc:73:ac:80:e3:08:ff:0e:27:a5:f5:37:0d:dc:0a:29:eb:
- 5a:48:03:57:24:29:fe:7f:62:07:7f:77:c0:11:ae:d7:27:c6:
- f4:21:78:26:10:cb:f8:04:ba:21:5f:c3:4f:dc:b5:60:4b:44:
- 0f:a5:64:f6:4d:d6:6e:08:9f:f2:bb:9a:04:89:44:65:1c:b5:
- c2:01:0d:4f:03:c1:97:31:d5:0b:4e:66:99:85:df:d0:45:b1:
- f2:a8:ba:47:9e:4d:c9:b9:73:d7:e4:fa:1f:e9:0a:d5:be:a5:
- 34:32:c9:07:df:6d:2f:b3:9d:11:8c:f4:0a:68:bb:b1:fa:43:
- 77:be:fd:84:d5:36:5c:f3:cb:ad:c4:ff:96:9b:79:77:79:01:
- 46:e0:92:91
------BEGIN CERTIFICATE-----
-MIID6DCCAtCgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0MDUyOVoXDTA4MDczMTE0MDUyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCATUwggExMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUAwAAC
-AQMFAcAAAiAwDQYJKoZIhvcNAQEFBQADggEBAHtfApBs3Go5KVojOgOre36A/u3O
-B+Ke6Q1N3cJAap0HzrOvus+1e0V3vcK/tVKU9hQ3KjykAMZqvSZmuFFanRYcm2mO
-pI9COTmXn3cNCHNdj+PU2S/AjdLlGPBqS9IV0/aK/Rrp2iiYk4chl+bcc6yA4wj/
-Diel9TcN3Aop61pIA1ckKf5/Ygd/d8ARrtcnxvQheCYQy/gEuiFfw0/ctWBLRA+l
-ZPZN1m4In/K7mgSJRGUctcIBDU8DwZcx1QtOZpmF39BFsfKoukeeTcm5c9fk+h/p
-CtW+pTQyyQffbS+znRGM9Apou7H6Q3e+/YTVNlzzy63E/5abeXd5AUbgkpE=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/05.pem b/scripts/resource-cert-samples/LIR1/05.pem
deleted file mode 100644
index d39a4c28..00000000
--- a/scripts/resource-cert-samples/LIR1/05.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 5 (0x5)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:08:29 2007 GMT
- Not After : Jul 31 14:08:29 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 46:2c:90:67:a5:55:7e:77:09:b8:1e:6a:87:44:25:86:d1:82:
- 3a:c9:a8:54:5f:fd:cc:92:fe:55:32:11:12:6c:61:7c:13:aa:
- 80:85:bf:68:1a:7f:98:67:32:23:0f:ff:61:70:6f:50:cb:e1:
- 64:4a:76:85:f1:99:6b:b8:59:6a:1a:23:65:14:e5:dc:ae:de:
- 50:92:54:98:eb:b2:80:2b:4a:32:77:87:71:1a:52:a8:64:a6:
- b9:22:91:74:35:33:29:43:f2:db:0c:ba:21:99:e8:e3:98:e2:
- 6d:a9:1e:7a:9f:db:fb:a7:2a:ab:8a:f5:f6:28:99:4b:11:5c:
- f2:d2:d3:e7:4d:02:09:8a:b1:1b:b2:41:5d:72:fa:89:37:a6:
- ec:f7:ed:7a:b2:0c:d7:2e:c0:17:16:1c:33:7f:22:49:3e:13:
- 88:67:c3:b1:ac:1b:5f:b5:81:4d:25:9e:87:7b:6c:95:90:57:
- e5:4e:2c:ab:4a:96:4a:e8:9c:d8:19:58:d0:a2:c5:9a:bc:f4:
- 9a:96:17:bd:dd:a4:55:20:87:25:4c:91:70:73:99:fc:86:a9:
- 1a:0f:8f:63:6a:9a:85:37:69:48:9d:b9:ff:59:7b:2e:ae:bb:
- 70:27:0c:a2:1b:4d:2a:21:1f:b6:89:fa:c7:0a:5a:47:6d:22:
- 1b:3f:97:a7
------BEGIN CERTIFICATE-----
-MIIDzDCCArSgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0MDgyOVoXDTA4MDczMTE0MDgyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOCARkwggEVMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFHOyFhrN3NcwYA/6gZX4ovVOlfOtMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMCkGCCsGAQUFBwEHAQH/
-BBowGDAWBAIAATAQMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEA
-RiyQZ6VVfncJuB5qh0QlhtGCOsmoVF/9zJL+VTIREmxhfBOqgIW/aBp/mGcyIw//
-YXBvUMvhZEp2hfGZa7hZahojZRTl3K7eUJJUmOuygCtKMneHcRpSqGSmuSKRdDUz
-KUPy2wy6IZno45jibakeep/b+6cqq4r19iiZSxFc8tLT500CCYqxG7JBXXL6iTem
-7PfterIM1y7AFxYcM38iST4TiGfDsawbX7WBTSWeh3tslZBX5U4sq0qWSuic2BlY
-0KLFmrz0mpYXvd2kVSCHJUyRcHOZ/IapGg+PY2qahTdpSJ25/1l7Lq67cCcMohtN
-KiEfton6xwpaR20iGz+Xpw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/06.pem b/scripts/resource-cert-samples/LIR1/06.pem
deleted file mode 100644
index c03635c3..00000000
--- a/scripts/resource-cert-samples/LIR1/06.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 6 (0x6)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:08:29 2007 GMT
- Not After : Jul 31 14:08:29 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha1WithRSAEncryption
- a2:f2:1a:a9:b9:28:fd:c0:26:62:1f:01:e1:02:29:b7:8c:b8:
- 96:4e:b7:e9:6d:00:f2:85:6c:c9:7c:af:b1:d7:e6:b5:90:21:
- 7c:33:94:95:72:9c:c9:36:5e:68:1a:71:af:47:a7:ca:b5:4c:
- 16:aa:ea:5d:fd:1b:c1:b9:52:a7:05:db:66:93:c4:95:a5:c6:
- 58:16:60:04:73:94:3b:be:7c:a3:34:84:af:d5:7a:03:26:57:
- 09:b2:db:02:59:0b:54:58:23:a5:3f:9c:f1:ad:b4:2e:2b:1b:
- e5:67:9d:c5:41:01:05:b2:7b:76:26:00:dd:1c:c5:c4:d4:31:
- 3d:9a:ba:1d:4f:7c:93:31:5f:fa:43:4a:ce:ab:db:6f:9d:d6:
- fa:9b:c4:ad:be:2c:68:1b:64:23:fb:01:d3:b7:db:fc:a4:1c:
- ec:f6:36:79:02:d8:b4:99:af:de:1f:a2:68:15:ad:bc:66:18:
- 31:3e:6d:3b:97:2e:f8:b0:f0:89:36:67:8e:e3:54:45:65:bf:
- aa:87:a7:81:83:c2:d3:19:4f:77:91:6a:50:12:9e:85:e8:b6:
- 95:b1:7a:27:db:15:a7:19:66:04:d3:c6:47:49:10:a1:9f:72:
- 3c:c3:62:1c:4a:66:5c:42:a0:2b:fd:fd:c6:48:ab:c7:55:6a:
- 26:6e:12:8e
------BEGIN CERTIFICATE-----
-MIID6DCCAtCgAwIBAgIBBjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0MDgyOVoXDTA4MDczMTE0MDgyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCATUwggExMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUAwAAC
-AQMFAcAAAiAwDQYJKoZIhvcNAQEFBQADggEBAKLyGqm5KP3AJmIfAeECKbeMuJZO
-t+ltAPKFbMl8r7HX5rWQIXwzlJVynMk2Xmgaca9Hp8q1TBaq6l39G8G5UqcF22aT
-xJWlxlgWYARzlDu+fKM0hK/VegMmVwmy2wJZC1RYI6U/nPGttC4rG+VnncVBAQWy
-e3YmAN0cxcTUMT2auh1PfJMxX/pDSs6r22+d1vqbxK2+LGgbZCP7AdO32/ykHOz2
-NnkC2LSZr94fomgVrbxmGDE+bTuXLviw8Ik2Z47jVEVlv6qHp4GDwtMZT3eRalAS
-noXotpWxeifbFacZZgTTxkdJEKGfcjzDYhxKZlxCoCv9/cZIq8dVaiZuEo4=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/07.pem b/scripts/resource-cert-samples/LIR1/07.pem
deleted file mode 100644
index a8742d9b..00000000
--- a/scripts/resource-cert-samples/LIR1/07.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 7 (0x7)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:09:35 2007 GMT
- Not After : Jul 31 14:09:35 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 2d:8b:40:01:ec:c8:92:30:65:52:2b:3b:a0:66:e5:c6:e5:09:
- 87:2b:c0:a4:10:4f:a9:e1:e2:da:17:ff:5e:30:19:16:68:78:
- 91:5c:70:56:90:e8:e9:1a:06:94:3f:ed:0c:ef:94:aa:8a:85:
- 55:ad:ee:ba:56:c0:fd:c1:59:6c:ac:3f:11:d5:fc:1f:10:74:
- 3d:62:a1:c2:c3:46:76:ff:34:dd:b1:0b:c6:c1:b1:8c:7c:0c:
- 14:aa:3b:34:a5:fb:da:6a:6c:cc:a5:3d:bc:29:66:f6:d1:7a:
- db:84:fe:69:10:b7:02:c0:8b:29:98:1b:06:5c:fd:7b:02:64:
- 25:91:4d:38:25:0f:2a:7a:3a:02:85:11:af:71:cc:cd:f3:45:
- 93:e3:ae:bd:db:00:54:44:5c:c2:3e:6d:82:c1:fb:a0:13:44:
- 02:6a:ae:25:98:8e:57:f0:b7:5f:13:e7:22:5d:36:0a:99:f7:
- ab:21:b1:7d:79:27:ae:94:d0:97:b8:7d:a0:4e:5f:63:18:ef:
- 7b:95:be:e6:df:e0:6c:75:a9:17:01:7e:18:41:0c:95:9f:b9:
- a2:48:f9:13:e1:86:9a:1a:2a:9f:b8:a0:c3:8c:32:f5:10:40:
- 77:72:65:40:c9:cf:17:fa:f3:4f:43:fe:9f:91:77:98:33:74:
- cd:c4:6f:d9
------BEGIN CERTIFICATE-----
-MIIDzDCCArSgAwIBAgIBBzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0MDkzNVoXDTA4MDczMTE0MDkzNVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOCARkwggEVMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFHOyFhrN3NcwYA/6gZX4ovVOlfOtMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMCkGCCsGAQUFBwEHAQH/
-BBowGDAWBAIAATAQMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEA
-LYtAAezIkjBlUis7oGblxuUJhyvApBBPqeHi2hf/XjAZFmh4kVxwVpDo6RoGlD/t
-DO+UqoqFVa3uulbA/cFZbKw/EdX8HxB0PWKhwsNGdv803bELxsGxjHwMFKo7NKX7
-2mpszKU9vClm9tF624T+aRC3AsCLKZgbBlz9ewJkJZFNOCUPKno6AoURr3HMzfNF
-k+OuvdsAVERcwj5tgsH7oBNEAmquJZiOV/C3XxPnIl02Cpn3qyGxfXknrpTQl7h9
-oE5fYxjve5W+5t/gbHWpFwF+GEEMlZ+5okj5E+GGmhoqn7igw4wy9RBAd3JlQMnP
-F/rzT0P+n5F3mDN0zcRv2Q==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/08.pem b/scripts/resource-cert-samples/LIR1/08.pem
deleted file mode 100644
index 7f2b5154..00000000
--- a/scripts/resource-cert-samples/LIR1/08.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 8 (0x8)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:09:35 2007 GMT
- Not After : Jul 31 14:09:35 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha1WithRSAEncryption
- 17:33:25:69:a3:33:ba:c8:75:1b:55:bd:1d:fb:4a:8f:f6:f5:
- 51:f6:b6:5a:ff:e3:de:4f:cc:e9:f5:53:b1:2b:5d:7f:e4:2e:
- a5:6d:c9:24:fa:5d:0b:dc:26:e4:45:1c:31:7e:8e:5f:3b:b4:
- 6d:0f:6c:08:4c:90:8e:a6:50:7d:6b:32:47:2a:1e:24:f3:8f:
- bf:4a:5a:93:1c:09:63:c1:97:2a:67:48:55:2f:95:57:41:48:
- 48:60:6b:ef:b4:cc:9e:53:85:88:d5:b9:77:b6:a4:f2:d1:71:
- 44:91:a1:e5:44:c5:05:2f:1d:b3:10:dd:28:39:24:1f:99:1f:
- 12:21:4e:a8:bb:55:03:de:d0:82:7e:53:a1:9c:e9:d8:da:20:
- 2d:3e:03:73:00:47:26:93:cc:e2:7e:84:0d:0d:67:f8:8d:e8:
- c4:20:36:79:75:0b:d4:90:17:bf:b6:65:6f:24:07:f3:95:cd:
- ba:49:28:c6:62:64:3a:1a:60:ea:34:7f:23:20:6f:1d:82:82:
- 20:89:50:30:30:1a:e1:c8:8b:18:bc:eb:55:67:68:6b:12:05:
- 42:ac:1b:1e:f2:0b:15:c3:5f:9e:8a:70:13:d5:0e:d2:d5:17:
- 74:32:b1:32:93:a9:f1:4c:bf:8f:94:ca:70:11:4b:d5:02:8a:
- 49:4a:df:30
------BEGIN CERTIFICATE-----
-MIID6DCCAtCgAwIBAgIBCDANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0MDkzNVoXDTA4MDczMTE0MDkzNVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCATUwggExMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUAwAAC
-AQMFAcAAAiAwDQYJKoZIhvcNAQEFBQADggEBABczJWmjM7rIdRtVvR37So/29VH2
-tlr/495PzOn1U7ErXX/kLqVtyST6XQvcJuRFHDF+jl87tG0PbAhMkI6mUH1rMkcq
-HiTzj79KWpMcCWPBlypnSFUvlVdBSEhga++0zJ5ThYjVuXe2pPLRcUSRoeVExQUv
-HbMQ3Sg5JB+ZHxIhTqi7VQPe0IJ+U6Gc6djaIC0+A3MARyaTzOJ+hA0NZ/iN6MQg
-Nnl1C9SQF7+2ZW8kB/OVzbpJKMZiZDoaYOo0fyMgbx2CgiCJUDAwGuHIixi861Vn
-aGsSBUKsGx7yCxXDX56KcBPVDtLVF3QysTKTqfFMv4+UynARS9UCiklK3zA=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/09.pem b/scripts/resource-cert-samples/LIR1/09.pem
deleted file mode 100644
index 0a5c3837..00000000
--- a/scripts/resource-cert-samples/LIR1/09.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 9 (0x9)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:48:22 2007 GMT
- Not After : Jul 31 14:48:22 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 0a:f1:b5:af:38:f9:7d:93:95:d4:ea:bf:48:ef:8d:63:3c:4e:
- 1c:80:3d:7a:06:20:42:0e:0d:52:99:aa:4b:3e:af:d7:b4:61:
- 47:4f:b7:b4:f7:cc:9b:3c:5e:a5:3b:3c:ba:dd:b7:2a:27:8e:
- 1b:b4:5c:3c:6b:d1:d9:ff:c2:12:f7:9d:82:ba:cf:75:34:bc:
- d7:0b:b4:d6:a8:4f:58:93:6a:ae:23:7a:37:e3:2e:f1:70:8a:
- dd:f5:0e:fa:df:b0:3f:12:d4:5a:ac:33:ad:15:1c:a5:dc:be:
- 08:c3:8e:1a:0f:35:12:0e:de:ef:b8:80:78:90:a9:eb:8f:00:
- 0a:15:1d:05:12:3a:1d:37:e9:f4:f9:4a:77:6e:69:27:b7:e3:
- 7f:ae:78:32:92:86:6d:39:16:5e:59:4f:93:10:b5:b0:be:1c:
- 25:47:2a:e2:8f:92:9f:5c:c0:2a:48:d7:53:00:14:8e:9e:86:
- ea:cf:a6:21:66:50:89:95:39:3e:ff:27:95:85:ef:3d:c8:98:
- 7f:cd:fe:c1:30:65:94:b1:ad:48:5c:ae:b7:c8:64:e9:69:a2:
- 07:ca:c2:d7:fe:63:4b:de:a9:25:a1:91:4b:17:a3:a9:dd:2b:
- f7:d1:a5:3e:b7:be:42:03:1e:d9:34:5f:16:e3:35:7a:ca:1d:
- ee:3d:4c:d5
------BEGIN CERTIFICATE-----
-MIIDzDCCArSgAwIBAgIBCTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOCARkwggEVMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFHOyFhrN3NcwYA/6gZX4ovVOlfOtMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMCkGCCsGAQUFBwEHAQH/
-BBowGDAWBAIAATAQMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEA
-CvG1rzj5fZOV1Oq/SO+NYzxOHIA9egYgQg4NUpmqSz6v17RhR0+3tPfMmzxepTs8
-ut23KieOG7RcPGvR2f/CEvedgrrPdTS81wu01qhPWJNqriN6N+Mu8XCK3fUO+t+w
-PxLUWqwzrRUcpdy+CMOOGg81Eg7e77iAeJCp648AChUdBRI6HTfp9PlKd25pJ7fj
-f654MpKGbTkWXllPkxC1sL4cJUcq4o+Sn1zAKkjXUwAUjp6G6s+mIWZQiZU5Pv8n
-lYXvPciYf83+wTBllLGtSFyut8hk6WmiB8rC1/5jS96pJaGRSxejqd0r99GlPre+
-QgMe2TRfFuM1esod7j1M1Q==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/0A.pem b/scripts/resource-cert-samples/LIR1/0A.pem
deleted file mode 100644
index 86da6423..00000000
--- a/scripts/resource-cert-samples/LIR1/0A.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10 (0xa)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 1 14:48:22 2007 GMT
- Not After : Jul 31 14:48:22 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Authority Key Identifier:
- keyid:8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha1WithRSAEncryption
- 77:f8:b2:d3:a4:61:38:f7:23:0d:a8:bc:33:a9:5e:fe:b5:1d:
- 09:ea:ee:5b:93:4c:b1:76:ea:27:9c:ad:ab:ba:b7:44:a1:8b:
- 69:89:71:a7:50:39:05:e5:69:e6:f2:7b:33:70:2a:a1:1d:87:
- ad:48:45:2a:ab:02:a2:fd:df:08:36:8d:2b:25:8d:c2:06:d5:
- 10:49:8b:88:62:94:47:5a:27:78:2e:2d:51:aa:b8:9b:13:27:
- ef:38:af:43:1f:61:f7:da:48:13:2a:0b:66:b4:7d:b4:3a:02:
- 1a:d3:88:c3:c4:df:1c:1b:86:29:05:da:61:ef:f2:b4:d4:86:
- 67:14:54:cb:21:b9:8f:38:7b:f8:ba:87:71:66:7d:cf:61:ee:
- 0b:bb:55:89:46:9d:b4:96:ab:55:90:bd:2c:c6:cf:fa:2d:c3:
- 18:a2:40:44:0e:85:dd:65:de:b1:2c:79:1b:12:e7:f6:2d:af:
- 1d:88:61:4a:67:38:17:f1:dc:2e:7c:6a:79:c2:94:8e:f4:e6:
- c2:6a:6a:7f:3f:40:bf:03:fd:22:ad:ee:df:9b:e4:bc:4b:a0:
- 73:2d:14:75:ca:c9:7c:06:2c:79:b2:c8:6f:83:d2:81:72:a8:
- 09:0b:a2:39:cb:68:b5:38:f4:09:bc:4a:83:53:26:f4:b2:ca:
- 3d:31:ed:e7
------BEGIN CERTIFICATE-----
-MIID6DCCAtCgAwIBAgIBCjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCATUwggExMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMB8GA1UdIwQY
-MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUAwAAC
-AQMFAcAAAiAwDQYJKoZIhvcNAQEFBQADggEBAHf4stOkYTj3Iw2ovDOpXv61HQnq
-7luTTLF26iecrau6t0Shi2mJcadQOQXlaebyezNwKqEdh61IRSqrAqL93wg2jSsl
-jcIG1RBJi4hilEdaJ3guLVGquJsTJ+84r0MfYffaSBMqC2a0fbQ6AhrTiMPE3xwb
-hikF2mHv8rTUhmcUVMshuY84e/i6h3Fmfc9h7gu7VYlGnbSWq1WQvSzGz/otwxii
-QEQOhd1l3rEseRsS5/Ytrx2IYUpnOBfx3C58annClI705sJqan8/QL8D/SKt7t+b
-5LxLoHMtFHXKyXwGLHmyyG+D0oFyqAkLojnLaLU49Am8SoNTJvSyyj0x7ec=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/0B.pem b/scripts/resource-cert-samples/LIR1/0B.pem
deleted file mode 100644
index f078c91f..00000000
--- a/scripts/resource-cert-samples/LIR1/0B.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11 (0xb)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 00:58:18 2007 GMT
- Not After : Aug 9 00:58:18 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Signature Algorithm: sha256WithRSAEncryption
- 48:2e:66:23:11:dd:1c:f1:3a:9a:28:62:9a:5c:73:75:4a:7a:
- 2d:25:24:60:36:62:e5:92:ad:ff:69:08:49:d6:35:7f:e1:53:
- c4:6c:17:30:d0:6d:f1:35:4c:9a:54:67:e2:78:d8:a3:88:c9:
- ef:29:be:ad:5b:f1:2e:66:4e:b6:df:a5:f2:2b:c6:45:48:a5:
- b6:54:2d:bb:35:96:75:0a:c1:7b:79:fc:00:ad:9b:a1:d3:dd:
- f6:b3:72:1b:68:3a:24:92:96:46:1f:46:1e:a8:ea:50:27:f6:
- d4:3c:ba:ce:11:d2:79:88:a9:fc:43:55:ed:1f:38:92:6c:e3:
- 23:26:51:26:c4:5f:f5:11:a3:0f:bf:dd:ff:45:0c:54:08:0a:
- 48:cd:7f:91:70:b2:e7:83:83:55:33:10:ba:36:27:5d:c5:e0:
- d4:44:94:f7:19:25:8f:c0:e3:c4:99:5c:fd:f8:03:58:57:75:
- 6d:de:e2:71:55:1f:1c:20:51:17:ae:98:8f:93:30:6c:59:49:
- c9:a4:f1:cc:81:83:ae:49:10:d3:13:e8:44:61:c3:16:a2:f1:
- c4:02:9e:0f:44:3b:9d:a5:3e:81:b1:01:37:e9:33:28:87:f0:
- 4a:7b:c9:5a:25:ba:76:b0:09:97:b5:11:8c:60:96:1d:17:22:
- 8e:72:80:4c
------BEGIN CERTIFICATE-----
-MIIDODCCAiCgAwIBAgIBCzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAwNTgxOFoXDTA4MDgwOTAwNTgxOFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOBhjCBgzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMA0GCSqGSIb3DQEBCwUAA4IBAQBILmYj
-Ed0c8TqaKGKaXHN1SnotJSRgNmLlkq3/aQhJ1jV/4VPEbBcw0G3xNUyaVGfieNij
-iMnvKb6tW/EuZk6236XyK8ZFSKW2VC27NZZ1CsF7efwArZuh0932s3IbaDokkpZG
-H0YeqOpQJ/bUPLrOEdJ5iKn8Q1XtHziSbOMjJlEmxF/1EaMPv93/RQxUCApIzX+R
-cLLng4NVMxC6NiddxeDURJT3GSWPwOPEmVz9+ANYV3Vt3uJxVR8cIFEXrpiPkzBs
-WUnJpPHMgYOuSRDTE+hEYcMWovHEAp4PRDudpT6BsQE36TMoh/BKe8laJbp2sAmX
-tRGMYJYdFyKOcoBM
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/0C.pem b/scripts/resource-cert-samples/LIR1/0C.pem
deleted file mode 100644
index f10e0062..00000000
--- a/scripts/resource-cert-samples/LIR1/0C.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12 (0xc)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 00:58:18 2007 GMT
- Not After : Aug 9 00:58:18 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Signature Algorithm: sha256WithRSAEncryption
- 91:b8:bc:18:27:a1:ec:e7:7b:49:59:f6:83:d7:e9:7a:86:73:
- 54:84:23:20:5d:00:cc:a4:08:68:9e:ef:33:ad:75:1b:ed:34:
- bb:36:82:b6:e9:ae:00:5d:a6:9e:11:98:cb:72:f7:a0:77:bd:
- d0:8e:32:28:b6:cf:e9:3a:8c:bf:4c:94:2b:db:ca:1b:ee:07:
- 37:c9:51:15:9b:f0:43:b7:31:a2:67:cc:7f:f9:2e:6a:33:ae:
- 23:6b:de:04:03:03:99:bc:8a:e9:6c:e9:dd:8c:62:3c:b2:df:
- c0:5c:19:c7:50:c5:5a:86:68:2a:52:fd:7d:85:8c:5f:a8:a2:
- 5c:7d:58:70:1f:05:c3:cb:4b:f6:91:a3:9d:00:64:0e:1c:f2:
- ed:1b:45:f4:e0:82:a1:0b:22:e0:77:c0:7a:e9:9d:ce:e3:62:
- e7:f6:12:0d:4d:bb:be:fc:7a:3d:fd:54:14:4f:0b:5c:44:f5:
- 7e:6a:74:20:cd:15:9d:3c:86:21:9c:54:ef:d5:ed:8d:b4:36:
- 34:45:c1:3f:8b:49:27:4d:f5:2d:03:ab:b4:c6:b4:aa:74:da:
- 37:23:b7:88:70:8e:e9:37:88:54:98:91:b3:42:50:8f:61:ce:
- 8c:5f:99:4e:f7:61:0a:aa:b9:15:95:87:92:1f:ef:00:02:2b:
- ea:5f:09:60
------BEGIN CERTIFICATE-----
-MIIDODCCAiCgAwIBAgIBDDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAwNTgxOFoXDTA4MDgwOTAwNTgxOFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOBhjCBgzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRm7CkhLnaDGTntju23BqhM5Q4uETAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDEvMA0GCSqGSIb3DQEBCwUAA4IBAQCRuLwY
-J6Hs53tJWfaD1+l6hnNUhCMgXQDMpAhonu8zrXUb7TS7NoK26a4AXaaeEZjLcveg
-d73QjjIots/pOoy/TJQr28ob7gc3yVEVm/BDtzGiZ8x/+S5qM64ja94EAwOZvIrp
-bOndjGI8st/AXBnHUMVahmgqUv19hYxfqKJcfVhwHwXDy0v2kaOdAGQOHPLtG0X0
-4IKhCyLgd8B66Z3O42Ln9hINTbu+/Ho9/VQUTwtcRPV+anQgzRWdPIYhnFTv1e2N
-tDY0RcE/i0knTfUtA6u0xrSqdNo3I7eIcI7pN4hUmJGzQlCPYc6MX5lO92EKqrkV
-lYeSH+8AAivqXwlg
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/0D.pem b/scripts/resource-cert-samples/LIR1/0D.pem
deleted file mode 100644
index cc8d1185..00000000
--- a/scripts/resource-cert-samples/LIR1/0D.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13 (0xd)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 94:90:a1:91:c0:51:6b:ee:1c:74:7a:1f:7e:6e:4e:cc:50:c0:
- 97:c7:15:df:63:ab:71:65:77:44:2f:f5:4f:91:1c:67:84:42:
- 78:0a:ef:8c:cd:66:16:92:90:32:76:ca:d9:f0:6a:b4:e3:38:
- 21:59:a5:13:a7:f7:bc:51:ac:6f:f6:f0:95:85:f3:bb:c7:4c:
- cf:68:fd:07:9c:f5:cf:79:47:47:71:76:54:4f:8c:37:f1:d5:
- 1f:85:a9:2c:27:80:57:40:6a:80:71:10:c6:ff:12:74:cb:1a:
- 8a:a4:92:6a:66:2b:5c:3a:99:8c:d1:2f:ac:e1:66:17:19:20:
- a9:27:2c:a4:e2:54:dc:d3:a9:71:30:0c:2b:48:a1:af:a4:52:
- e8:a3:03:b2:03:00:b8:f2:51:b6:6c:c4:b4:c7:d5:cc:a4:d3:
- f4:2d:70:de:99:76:21:6e:08:29:0f:90:f3:c9:bf:2c:7d:f2:
- 9c:4f:6f:30:ed:75:a6:64:28:7a:e6:46:ed:ac:d4:b6:71:5d:
- 91:da:20:2b:eb:eb:d7:32:82:30:5a:68:9a:2d:e8:ef:90:3b:
- c9:85:fd:5a:0e:3c:55:f0:2b:59:ae:00:e3:d8:cc:e9:90:59:
- 93:80:9c:26:87:90:15:6e:9e:00:17:b1:c7:95:e7:9e:0d:4a:
- 92:68:8c:a0
------BEGIN CERTIFICATE-----
-MIIDqTCCApGgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMDIzMVoXDTA4MDgwOTAxMDIzMVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOB9zCB9DAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEF
-BQcwAoYocnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAp
-BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUCwAACLAMFAMAAAmQwDQYJKoZI
-hvcNAQELBQADggEBAJSQoZHAUWvuHHR6H35uTsxQwJfHFd9jq3Fld0Qv9U+RHGeE
-QngK74zNZhaSkDJ2ytnwarTjOCFZpROn97xRrG/28JWF87vHTM9o/Qec9c95R0dx
-dlRPjDfx1R+FqSwngFdAaoBxEMb/EnTLGoqkkmpmK1w6mYzRL6zhZhcZIKknLKTi
-VNzTqXEwDCtIoa+kUuijA7IDALjyUbZsxLTH1cyk0/QtcN6ZdiFuCCkPkPPJvyx9
-8pxPbzDtdaZkKHrmRu2s1LZxXZHaICvr69cygjBaaJot6O+QO8mF/VoOPFXwK1mu
-AOPYzOmQWZOAnCaHkBVungAXsceV554NSpJojKA=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/0E.pem b/scripts/resource-cert-samples/LIR1/0E.pem
deleted file mode 100644
index 08cab1ec..00000000
--- a/scripts/resource-cert-samples/LIR1/0E.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14 (0xe)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha256WithRSAEncryption
- 99:05:da:53:ce:ce:f7:7b:64:64:ad:31:94:37:41:ee:e1:05:
- 25:5f:20:df:04:ae:b1:8b:56:98:b9:6e:f6:f8:e1:a1:03:e4:
- 2b:28:58:4b:9f:fe:4b:bc:67:c0:3f:76:94:a7:2d:52:7e:81:
- 5a:f4:9e:d8:36:59:ad:98:1e:0e:79:63:26:08:cf:c6:a9:37:
- 39:3b:75:53:22:6f:e8:ad:3d:6e:3a:00:50:62:b3:4e:87:c3:
- f3:38:58:15:b9:34:d5:0e:37:1e:2a:f9:16:42:ee:40:6b:6b:
- 30:2b:1f:c1:ca:23:9d:66:66:ac:09:d2:e1:f3:63:41:12:d4:
- 9c:d7:7c:5a:61:37:f1:70:a5:5a:50:bc:12:b0:cd:4a:7d:57:
- cb:82:f3:bc:72:58:81:ab:ce:07:3b:e1:8e:4a:d7:03:f2:79:
- 7a:2d:83:b5:27:4e:53:2a:99:1e:3c:01:cc:eb:ee:7e:47:34:
- da:59:27:73:54:20:d2:cd:2d:a2:8d:c5:93:7e:4f:0a:8a:ee:
- b2:3a:d0:5a:cb:c9:19:5b:55:d5:41:22:90:6e:a2:2f:df:81:
- ad:ec:f4:ab:e7:31:68:e9:32:b3:9c:e3:87:b5:1e:22:5e:f8:
- 8c:0e:da:7f:b0:cd:29:24:4b:c3:a5:cd:28:69:89:b2:1c:05:
- b9:18:c5:2b
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIBDjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMDIzMVoXDTA4MDgwOTAxMDIzMVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCARQwggEQMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgw
-FgQCAAEwEDAOAwUAwAACAQMFAcAAAiAwDQYJKoZIhvcNAQELBQADggEBAJkF2lPO
-zvd7ZGStMZQ3Qe7hBSVfIN8ErrGLVpi5bvb44aED5CsoWEuf/ku8Z8A/dpSnLVJ+
-gVr0ntg2Wa2YHg55YyYIz8apNzk7dVMib+itPW46AFBis06Hw/M4WBW5NNUONx4q
-+RZC7kBrazArH8HKI51mZqwJ0uHzY0ES1JzXfFphN/FwpVpQvBKwzUp9V8uC87xy
-WIGrzgc74Y5K1wPyeXotg7UnTlMqmR48Aczr7n5HNNpZJ3NUINLNLaKNxZN+TwqK
-7rI60FrLyRlbVdVBIpBuoi/fga3s9KvnMWjpMrOc44e1HiJe+IwO2n+wzSkkS8Ol
-zShpibIcBbkYxSs=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/0F.pem b/scripts/resource-cert-samples/LIR1/0F.pem
deleted file mode 100644
index 8fc7b413..00000000
--- a/scripts/resource-cert-samples/LIR1/0F.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 15 (0xf)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:07:09 2007 GMT
- Not After : Aug 9 01:07:09 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- a5:94:a6:fa:e0:84:ac:c4:8d:f8:46:1b:4d:69:0b:ca:0d:ba:
- 20:e9:51:0d:7f:76:0b:ae:9a:76:0e:11:0e:7c:6a:2f:c8:a0:
- 6e:83:6d:51:3c:93:f7:7d:1b:5f:8f:da:06:c5:2b:28:0f:41:
- 96:a2:9a:d9:ca:0d:57:16:15:79:e5:58:7a:72:45:b9:63:a5:
- 27:84:d8:e5:b5:8a:2b:27:90:b0:d8:58:67:30:7d:dc:7e:33:
- 8d:d8:42:e4:af:04:3a:6a:b8:79:07:a3:30:85:7a:29:3c:7d:
- 44:15:a8:48:f6:e1:f9:d1:50:f9:70:29:3a:ba:e5:43:37:e0:
- 93:67:2e:a9:1a:03:ea:95:f2:14:46:bf:96:b2:c5:7e:d8:74:
- 2f:23:e0:60:56:12:52:90:1f:f5:ce:b9:e4:5c:e7:69:64:62:
- 56:b8:34:77:7a:c7:25:03:16:ff:fc:93:67:e5:54:4f:5f:23:
- 19:05:59:9c:c9:01:97:6d:54:81:fd:1d:c8:3c:9f:c0:1e:a9:
- ca:ba:52:ca:d4:7f:23:e7:1d:e9:b4:cd:56:82:d8:f2:58:83:
- c8:28:fd:41:4d:fc:81:54:e2:24:be:7d:32:f4:02:10:cb:dc:
- 6a:07:28:a2:4f:7d:bd:6d:f8:56:4f:74:87:fc:b4:88:20:17:
- 0c:b9:28:fb
------BEGIN CERTIFICATE-----
-MIIDqTCCApGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMDcwOVoXDTA4MDgwOTAxMDcwOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOB9zCB9DAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEF
-BQcwAoYocnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAp
-BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUCwAACLAMFAMAAAmQwDQYJKoZI
-hvcNAQELBQADggEBAKWUpvrghKzEjfhGG01pC8oNuiDpUQ1/dguumnYOEQ58ai/I
-oG6DbVE8k/d9G1+P2gbFKygPQZaimtnKDVcWFXnlWHpyRbljpSeE2OW1iisnkLDY
-WGcwfdx+M43YQuSvBDpquHkHozCFeik8fUQVqEj24fnRUPlwKTq65UM34JNnLqka
-A+qV8hRGv5ayxX7YdC8j4GBWElKQH/XOueRc52lkYla4NHd6xyUDFv/8k2flVE9f
-IxkFWZzJAZdtVIH9Hcg8n8Aeqcq6UsrUfyPnHem0zVaC2PJYg8go/UFN/IFU4iS+
-fTL0AhDL3GoHKKJPfb1t+FZPdIf8tIggFwy5KPs=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/10.pem b/scripts/resource-cert-samples/LIR1/10.pem
deleted file mode 100644
index 6c572f7c..00000000
--- a/scripts/resource-cert-samples/LIR1/10.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 16 (0x10)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:07:09 2007 GMT
- Not After : Aug 9 01:07:09 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha256WithRSAEncryption
- 8a:0e:25:de:ee:ec:8e:ac:b0:c5:2c:20:60:1d:65:aa:c6:9c:
- 60:a1:87:25:ae:fd:18:37:40:e5:8d:a2:7e:5f:fb:3d:df:25:
- ca:4f:32:48:7b:4e:bc:b1:a9:d0:7a:10:67:84:cf:40:87:45:
- 97:fd:2e:8e:4c:53:fa:0d:71:f9:33:d7:82:7a:76:d3:90:a4:
- 46:e3:1a:55:a1:ec:3b:4d:29:0f:e1:49:6b:e7:e2:02:c8:79:
- 73:99:92:85:b6:4e:b0:54:cc:9a:34:24:b3:0e:3d:64:3a:57:
- 51:e4:a0:40:04:a2:e0:bb:38:fa:e7:52:49:e8:26:45:1e:07:
- 98:93:a8:7b:2d:d0:08:74:75:1f:51:46:f5:2a:cf:e1:b7:79:
- 4b:93:a1:c3:f8:0c:b3:67:ef:15:a8:64:10:51:bf:ac:6c:97:
- ae:12:79:ec:2e:4e:b2:a1:b5:55:db:78:c6:6f:99:c4:42:cf:
- 1e:49:cd:c2:2b:e6:ed:bb:c1:83:11:7b:c5:a1:ab:04:1a:2c:
- 75:56:66:dc:cc:43:8e:61:07:88:22:21:6e:9c:a3:73:0d:b8:
- f5:3f:71:89:05:2e:52:3c:7a:d3:90:af:4b:0b:cc:d6:e3:b1:
- c6:dd:c4:0d:5c:36:79:05:1e:24:71:19:29:2a:68:13:e9:0a:
- 10:8e:25:99
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIBEDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMDcwOVoXDTA4MDgwOTAxMDcwOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCARQwggEQMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgw
-FgQCAAEwEDAOAwUAwAACAQMFAcAAAiAwDQYJKoZIhvcNAQELBQADggEBAIoOJd7u
-7I6ssMUsIGAdZarGnGChhyWu/Rg3QOWNon5f+z3fJcpPMkh7TryxqdB6EGeEz0CH
-RZf9Lo5MU/oNcfkz14J6dtOQpEbjGlWh7DtNKQ/hSWvn4gLIeXOZkoW2TrBUzJo0
-JLMOPWQ6V1HkoEAEouC7OPrnUknoJkUeB5iTqHst0Ah0dR9RRvUqz+G3eUuTocP4
-DLNn7xWoZBBRv6xsl64SeewuTrKhtVXbeMZvmcRCzx5JzcIr5u27wYMRe8WhqwQa
-LHVWZtzMQ45hB4giIW6co3MNuPU/cYkFLlI8etOQr0sLzNbjscbdxA1cNnkFHiRx
-GSkqaBPpChCOJZk=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/11.pem b/scripts/resource-cert-samples/LIR1/11.pem
deleted file mode 100644
index b9659189..00000000
--- a/scripts/resource-cert-samples/LIR1/11.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 17 (0x11)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:13:40 2007 GMT
- Not After : Aug 9 01:13:40 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Signature Algorithm: sha256WithRSAEncryption
- 6d:01:ed:47:42:63:b1:28:58:2b:d2:a2:fc:c5:b2:b8:49:3b:
- dd:1a:cf:5a:28:c2:35:ae:e8:7e:ec:39:e8:7f:ca:d3:eb:a5:
- c6:7a:ef:46:6f:c8:48:5f:9d:eb:dc:c8:4c:cf:88:68:be:59:
- a5:be:03:22:18:27:1c:3a:f2:90:3a:db:ae:6a:b0:fe:ce:4e:
- 71:cb:3c:c9:d7:c1:ff:69:a8:78:6e:45:15:c5:b5:a5:74:92:
- 87:7d:76:d1:ec:38:91:25:86:71:a0:5b:fb:e2:97:c4:b6:a3:
- ec:21:22:89:71:d4:36:da:c2:90:a7:09:c9:3f:4a:a7:ed:eb:
- 64:b5:4e:6f:44:16:60:42:72:49:38:e2:92:f4:62:a9:de:56:
- a9:70:fb:aa:8e:63:1f:d6:71:a2:b0:6b:c2:76:a2:27:05:69:
- 53:5b:fd:b8:9e:29:ee:ba:eb:a8:32:8c:28:0c:39:94:64:72:
- 6f:d3:33:a9:6d:be:9a:62:86:62:60:95:57:1a:c4:fa:c9:cd:
- dd:19:a2:90:76:24:01:47:32:8b:3a:95:dc:24:d9:79:07:c8:
- 30:5d:7f:e8:23:ea:3d:5a:bd:d6:99:b3:1c:01:0e:6d:5d:0b:
- 87:eb:88:4e:8c:78:2b:d0:b6:80:07:c6:10:3c:79:bd:ba:95:
- 9c:0e:84:3e
------BEGIN CERTIFICATE-----
-MIIDFzCCAf+gAwIBAgIBETANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMTM0MFoXDTA4MDgwOTAxMTM0MFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaNmMGQwDwYDVR0TAQH/BAUw
-AwEB/zAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAF
-hiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMA0GCSqGSIb3
-DQEBCwUAA4IBAQBtAe1HQmOxKFgr0qL8xbK4STvdGs9aKMI1ruh+7Dnof8rT66XG
-eu9Gb8hIX53r3MhMz4hovlmlvgMiGCccOvKQOtuuarD+zk5xyzzJ18H/aah4bkUV
-xbWldJKHfXbR7DiRJYZxoFv74pfEtqPsISKJcdQ22sKQpwnJP0qn7etktU5vRBZg
-QnJJOOKS9GKp3lapcPuqjmMf1nGisGvCdqInBWlTW/24ninuuuuoMowoDDmUZHJv
-0zOpbb6aYoZiYJVXGsT6yc3dGaKQdiQBRzKLOpXcJNl5B8gwXX/oI+o9Wr3WmbMc
-AQ5tXQuH64hOjHgr0LaAB8YQPHm9upWcDoQ+
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/12.pem b/scripts/resource-cert-samples/LIR1/12.pem
deleted file mode 100644
index 88877bb3..00000000
--- a/scripts/resource-cert-samples/LIR1/12.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 18 (0x12)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:13:40 2007 GMT
- Not After : Aug 9 01:13:40 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Signature Algorithm: sha256WithRSAEncryption
- 95:4a:1c:f9:a4:d7:b8:75:16:2e:25:5a:ae:7d:e4:d0:eb:27:
- 51:b9:40:12:86:f2:98:9d:f2:76:ee:d4:be:0b:74:8f:81:f3:
- 14:a7:57:10:be:2c:19:b6:80:1c:4f:8e:e0:8d:96:70:8d:50:
- 0f:55:22:27:d1:1a:a4:e9:cf:77:32:89:54:3f:10:9d:d8:ab:
- 17:26:67:3e:ea:99:89:d8:57:6c:e5:7b:9b:bd:5a:1c:f4:18:
- 14:8f:d1:2f:6b:93:34:ad:19:8b:a0:90:dc:69:48:96:65:7c:
- 7b:f0:6d:25:f9:5d:9d:2d:2f:57:bf:1c:c1:ee:01:e0:f7:e9:
- 52:bc:45:4b:4e:fc:94:78:92:98:66:56:d3:e0:cb:38:7f:4e:
- dd:97:b7:03:16:fa:fa:7b:2d:b8:78:f2:9f:f3:61:d3:02:3c:
- 47:7a:a3:a7:36:27:19:d3:c9:53:a8:e7:09:d0:50:84:a7:fc:
- 53:b3:37:8e:72:1f:a6:b9:1c:09:35:20:d9:ed:0c:66:ec:ef:
- 93:39:9b:29:50:5b:ed:1f:0c:3d:30:f6:22:1a:0e:7d:4d:8d:
- 17:07:96:4f:c3:a9:72:3d:6d:c0:da:af:a7:8b:14:85:0c:fc:
- de:cd:cc:58:5c:a0:7b:bf:a9:de:0e:3b:92:0a:57:ab:e3:e4:
- cb:83:1e:30
------BEGIN CERTIFICATE-----
-MIIDFzCCAf+gAwIBAgIBEjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMTM0MFoXDTA4MDgwOTAxMTM0MFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaNmMGQwDwYDVR0TAQH/BAUw
-AwEB/zAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAF
-hiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDEvMA0GCSqGSIb3
-DQEBCwUAA4IBAQCVShz5pNe4dRYuJVqufeTQ6ydRuUAShvKYnfJ27tS+C3SPgfMU
-p1cQviwZtoAcT47gjZZwjVAPVSIn0Rqk6c93MolUPxCd2KsXJmc+6pmJ2Fds5Xub
-vVoc9BgUj9Eva5M0rRmLoJDcaUiWZXx78G0l+V2dLS9XvxzB7gHg9+lSvEVLTvyU
-eJKYZlbT4Ms4f07dl7cDFvr6ey24ePKf82HTAjxHeqOnNicZ08lTqOcJ0FCEp/xT
-szeOch+muRwJNSDZ7Qxm7O+TOZspUFvtHww9MPYiGg59TY0XB5ZPw6lyPW3A2q+n
-ixSFDPzezcxYXKB7v6neDjuSCler4+TLgx4w
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/13.pem b/scripts/resource-cert-samples/LIR1/13.pem
deleted file mode 100644
index ca17b5f4..00000000
--- a/scripts/resource-cert-samples/LIR1/13.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 19 (0x13)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- a0:55:12:46:3d:61:d3:08:29:a5:43:f1:62:19:a9:75:90:17:
- 51:85:19:8c:98:29:3c:ed:b8:13:5f:14:e4:8f:1a:85:18:4f:
- 92:b5:5b:5f:2b:97:49:c2:ec:7b:cb:87:b5:28:4e:99:77:6c:
- f9:8f:2a:14:86:fc:1b:93:90:92:c8:21:0c:c3:ab:02:e8:e3:
- 6d:c2:cf:55:51:54:08:58:a0:2f:b4:70:56:21:48:ce:1c:ba:
- c6:1f:08:cb:59:e0:37:9c:75:4d:ca:cb:5d:6d:6b:53:4f:7f:
- 6e:b0:21:06:52:dd:0a:24:13:b8:95:c1:0b:62:4f:31:27:b5:
- df:0c:31:ce:51:62:1e:a3:89:40:2b:14:34:58:ac:62:a6:1d:
- 70:09:b1:e3:ee:bb:cc:ca:61:e2:27:2b:51:81:17:73:5f:a5:
- 7b:1a:9b:fb:f9:4e:6f:d3:68:ad:43:8a:0e:87:32:6f:3e:9d:
- 03:4b:61:d0:b2:30:38:ec:23:3a:48:f7:1e:5c:d6:6a:eb:03:
- 14:4e:69:33:04:07:3e:87:6c:7f:cd:8d:0a:2d:75:32:18:cc:
- 0e:9b:74:14:87:61:39:18:5c:53:d4:90:39:56:5e:14:ae:70:
- 33:1c:88:58:a7:42:7e:35:88:c9:ba:a0:af:c1:03:18:fe:4d:
- 9e:40:54:a5
------BEGIN CERTIFICATE-----
-MIIDqTCCApGgAwIBAgIBEzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMTUxMFoXDTA4MDgwOTAxMTUxMFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOB9zCB9DAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEF
-BQcwAoYocnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAp
-BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUCwAACLAMFAMAAAmQwDQYJKoZI
-hvcNAQELBQADggEBAKBVEkY9YdMIKaVD8WIZqXWQF1GFGYyYKTztuBNfFOSPGoUY
-T5K1W18rl0nC7HvLh7UoTpl3bPmPKhSG/BuTkJLIIQzDqwLo423Cz1VRVAhYoC+0
-cFYhSM4cusYfCMtZ4DecdU3Ky11ta1NPf26wIQZS3QokE7iVwQtiTzEntd8MMc5R
-Yh6jiUArFDRYrGKmHXAJsePuu8zKYeInK1GBF3NfpXsam/v5Tm/TaK1Dig6HMm8+
-nQNLYdCyMDjsIzpI9x5c1mrrAxROaTMEBz6HbH/NjQotdTIYzA6bdBSHYTkYXFPU
-kDlWXhSucDMciFinQn41iMm6oK/BAxj+TZ5AVKU=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/14.pem b/scripts/resource-cert-samples/LIR1/14.pem
deleted file mode 100644
index 9121acc8..00000000
--- a/scripts/resource-cert-samples/LIR1/14.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 20 (0x14)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Aug 10 01:15:11 2007 GMT
- Not After : Aug 9 01:15:11 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha256WithRSAEncryption
- 66:6a:10:37:c5:13:94:1c:b1:ca:85:50:7a:20:6e:d7:a1:e5:
- b5:70:cb:bc:f9:99:b6:58:64:fa:2a:fb:f2:15:77:b8:ea:94:
- 28:68:c6:e7:22:69:07:57:55:4f:02:5e:5a:60:cd:fd:d7:d0:
- b9:c3:df:23:f8:af:22:25:48:e5:a9:48:ab:38:d9:91:33:fc:
- 88:f7:0e:94:df:a0:4e:da:06:8d:91:ed:ba:41:e5:42:ac:58:
- af:84:da:d1:69:ca:f5:c3:42:52:2e:9c:5d:e5:72:7f:66:4b:
- 54:8b:55:87:3c:f8:e7:16:42:ea:a8:92:2a:4c:c3:ff:f9:8d:
- 1c:74:5f:7e:48:fe:24:18:4e:59:6e:44:a2:2c:19:3f:48:fb:
- 50:c9:33:0f:92:9e:f7:d0:da:4b:f3:e7:a6:51:a1:da:ba:a5:
- 8c:b6:55:46:0c:33:2c:3c:92:f5:90:ca:d9:f4:88:eb:c5:9f:
- 31:23:3f:1f:48:66:a0:5c:b1:c0:45:45:ff:ad:0e:e8:e5:2f:
- 22:0d:e0:f5:3a:9f:ee:e9:c5:0e:48:2b:70:c1:44:5b:69:fe:
- 10:83:10:7e:b4:e6:e2:90:cf:dd:fd:22:6c:8a:54:69:88:99:
- bd:bc:2e:11:c7:47:62:78:45:34:73:1e:73:43:38:fc:15:07:
- 24:ea:82:5c
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIBFDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MDgxMDAxMTUxMVoXDTA4MDgwOTAxMTUxMVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCARQwggEQMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgw
-FgQCAAEwEDAOAwUAwAACAQMFAcAAAiAwDQYJKoZIhvcNAQELBQADggEBAGZqEDfF
-E5QcscqFUHogbteh5bVwy7z5mbZYZPoq+/IVd7jqlChoxuciaQdXVU8CXlpgzf3X
-0LnD3yP4ryIlSOWpSKs42ZEz/Ij3DpTfoE7aBo2R7bpB5UKsWK+E2tFpyvXDQlIu
-nF3lcn9mS1SLVYc8+OcWQuqokipMw//5jRx0X35I/iQYTlluRKIsGT9I+1DJMw+S
-nvfQ2kvz56ZRodq6pYy2VUYMMyw8kvWQytn0iOvFnzEjPx9IZqBcscBFRf+tDujl
-LyIN4PU6n+7pxQ5IK3DBRFtp/hCDEH605uKQz939ImyKVGmImb28LhHHR2J4RTRz
-HnNDOPwVByTqglw=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/15.pem b/scripts/resource-cert-samples/LIR1/15.pem
deleted file mode 100644
index 4ff96ef1..00000000
--- a/scripts/resource-cert-samples/LIR1/15.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 21 (0x15)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 5b:99:30:44:06:73:ab:e3:9b:92:9d:76:e1:4b:ac:71:0e:10:
- d5:e9:1c:40:3a:c3:92:ae:b0:71:5e:0d:32:f6:4e:81:c6:37:
- d3:19:ea:15:0e:12:6f:e6:65:0d:2c:cd:8c:41:b5:1f:bb:79:
- dc:2a:ab:fe:7a:43:2b:97:45:d2:54:66:67:f2:3b:6a:3c:68:
- e4:7c:d5:1d:83:47:2c:a0:91:71:29:a7:c1:6a:4a:44:1c:7a:
- 42:6f:ab:1f:af:3e:b5:89:52:e1:8c:9e:d5:55:e6:b1:f0:db:
- 7c:5d:51:bc:87:41:61:2f:e6:72:33:43:d2:8e:83:16:26:d0:
- 1d:c4:21:2c:18:a5:7b:d3:3d:7d:fb:70:c2:6e:ec:1c:9b:a4:
- b4:59:3a:bd:fa:65:a9:3f:ae:73:28:a4:25:df:80:cd:14:61:
- 63:05:49:31:5d:3c:b3:f9:ff:ec:07:6a:28:c1:43:e9:bc:37:
- 08:ee:af:d6:41:cf:9f:63:a0:2b:63:e3:a5:84:83:74:23:19:
- b4:ac:36:bb:91:cd:ec:9d:c4:66:8a:f8:11:e8:d4:c3:f7:eb:
- 28:c2:95:5e:9c:7f:b5:03:14:c0:db:ce:ca:fc:b5:85:16:80:
- 36:94:fc:ab:af:d3:6f:a4:de:db:13:51:95:5d:c2:49:5a:14:
- 8d:27:55:e2
------BEGIN CERTIFICATE-----
-MIIDqTCCApGgAwIBAgIBFTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAxOTE5MDYwN1oXDTA4MTAxODE5MDYwN1owGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOB9zCB9DAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEF
-BQcwAoYocnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAp
-BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUCwAACLAMFAMAAAmQwDQYJKoZI
-hvcNAQELBQADggEBAFuZMEQGc6vjm5KdduFLrHEOENXpHEA6w5KusHFeDTL2ToHG
-N9MZ6hUOEm/mZQ0szYxBtR+7edwqq/56QyuXRdJUZmfyO2o8aOR81R2DRyygkXEp
-p8FqSkQcekJvqx+vPrWJUuGMntVV5rHw23xdUbyHQWEv5nIzQ9KOgxYm0B3EISwY
-pXvTPX37cMJu7BybpLRZOr36Zak/rnMopCXfgM0UYWMFSTFdPLP5/+wHaijBQ+m8
-Nwjur9ZBz59joCtj46WEg3QjGbSsNruRzeydxGaK+BHo1MP36yjClV6cf7UDFMDb
-zsr8tYUWgDaU/Kuv02+k3tsTUZVdwklaFI0nVeI=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/16.pem b/scripts/resource-cert-samples/LIR1/16.pem
deleted file mode 100644
index beb187b4..00000000
--- a/scripts/resource-cert-samples/LIR1/16.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 22 (0x16)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 19 19:06:08 2007 GMT
- Not After : Oct 18 19:06:08 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha256WithRSAEncryption
- 54:69:df:3c:bc:66:16:55:27:c3:11:85:7e:3b:f8:49:09:68:
- ea:ad:50:0d:e2:a8:b1:9e:bc:eb:ca:9f:80:7b:6e:5d:c5:65:
- 23:6c:c8:70:9d:b3:f1:2f:c4:a9:2f:2e:aa:43:39:fe:3f:f8:
- 45:e1:db:b2:5b:a8:83:31:73:11:43:ae:88:a7:bf:17:9e:28:
- 2f:f7:97:8b:eb:39:2b:7b:c1:4d:57:79:fb:e8:d1:18:43:3e:
- 9d:3d:6a:c5:10:51:21:cd:f0:0d:ef:68:5a:85:0c:7b:1c:36:
- 93:a0:4c:7f:82:8e:90:ef:77:5d:41:4c:71:9f:72:1a:fc:bc:
- 22:c3:8f:2a:48:1e:98:bd:a6:cf:6c:a5:8c:c4:fd:0d:2a:6c:
- 3c:f5:6c:ab:e0:04:ed:02:26:f6:fb:0c:a8:4f:12:27:f6:26:
- 9b:e3:a3:37:0c:f7:ac:a9:aa:40:07:e1:08:67:d6:46:25:2a:
- 00:03:c2:a7:78:1f:d8:90:f7:27:6e:97:ce:ef:0c:23:e5:3c:
- 41:02:3c:1e:d9:ce:8b:6f:b6:f3:8d:9f:01:20:57:cf:fb:02:
- ee:b6:c1:d8:8e:72:37:c6:db:7c:ae:a2:9d:e1:44:b8:58:26:
- 95:30:d1:dc:b2:6a:47:c1:2e:70:86:c5:db:6e:ca:ec:8f:cc:
- 9b:10:17:22
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIBFjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAxOTE5MDYwOFoXDTA4MTAxODE5MDYwOFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCARQwggEQMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgw
-FgQCAAEwEDAOAwUAwAACAQMFAcAAAiAwDQYJKoZIhvcNAQELBQADggEBAFRp3zy8
-ZhZVJ8MRhX47+EkJaOqtUA3iqLGevOvKn4B7bl3FZSNsyHCds/EvxKkvLqpDOf4/
-+EXh27JbqIMxcxFDroinvxeeKC/3l4vrOSt7wU1Xefvo0RhDPp09asUQUSHN8A3v
-aFqFDHscNpOgTH+CjpDvd11BTHGfchr8vCLDjypIHpi9ps9spYzE/Q0qbDz1bKvg
-BO0CJvb7DKhPEif2JpvjozcM96ypqkAH4Qhn1kYlKgADwqd4H9iQ9ydul87vDCPl
-PEECPB7ZzotvtvONnwEgV8/7Au62wdiOcjfG23yuop3hRLhYJpUw0dyyakfBLnCG
-xdtuyuyPzJsQFyI=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/17.pem b/scripts/resource-cert-samples/LIR1/17.pem
deleted file mode 100644
index 1d6affa1..00000000
--- a/scripts/resource-cert-samples/LIR1/17.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 23 (0x17)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 29 16:03:52 2007 GMT
- Not After : Oct 28 16:03:52 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 26:19:f6:80:86:41:d6:c1:4f:73:58:9c:58:e4:79:9a:2e:9b:
- d6:ab:1e:1e:e4:75:62:bb:7b:7e:e7:a1:fa:ea:81:83:f2:e3:
- c8:e0:c2:fa:a1:5c:42:e9:f4:e0:41:2e:fa:3c:64:23:2f:d1:
- 77:52:59:2d:a5:1e:fe:6e:fa:32:a4:1e:07:cd:d7:f9:f7:b7:
- c3:95:62:a0:c8:88:33:76:2f:9e:e5:75:d6:8e:18:20:ef:4f:
- 0a:b3:33:39:14:04:1d:87:42:ba:8f:f9:14:b0:48:c8:e3:4e:
- 41:d9:25:f5:95:58:23:03:4c:3a:ab:60:7e:1e:3c:e1:77:d7:
- a4:a8:14:04:d0:5e:68:89:42:5d:3c:ee:d1:f7:3c:3a:e5:18:
- 0d:95:77:5f:fe:24:f8:dd:3d:0b:9d:df:56:3f:ff:ff:3b:aa:
- d2:50:cf:34:17:d5:bb:09:50:72:ed:83:85:4f:a9:07:fe:ec:
- 82:36:74:61:79:b7:54:37:0a:10:dc:fc:69:17:d5:31:89:63:
- f6:e2:45:2a:b1:8f:b2:58:23:8e:5b:25:1f:c0:42:c6:76:67:
- eb:85:62:cb:94:c0:d2:5f:1a:1a:c6:cb:46:c3:e8:2f:6b:e4:
- 62:f2:ab:4c:0d:f5:aa:8c:32:10:b2:cd:a7:23:2c:a6:3d:b2:
- 3b:8e:6f:f4
------BEGIN CERTIFICATE-----
-MIIDqTCCApGgAwIBAgIBFzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAyOTE2MDM1MloXDTA4MTAyODE2MDM1MlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOB9zCB9DAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEF
-BQcwAoYocnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAp
-BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUCwAACLAMFAMAAAmQwDQYJKoZI
-hvcNAQELBQADggEBACYZ9oCGQdbBT3NYnFjkeZoum9arHh7kdWK7e37nofrqgYPy
-48jgwvqhXELp9OBBLvo8ZCMv0XdSWS2lHv5u+jKkHgfN1/n3t8OVYqDIiDN2L57l
-ddaOGCDvTwqzMzkUBB2HQrqP+RSwSMjjTkHZJfWVWCMDTDqrYH4ePOF316SoFATQ
-XmiJQl087tH3PDrlGA2Vd1/+JPjdPQud31Y///87qtJQzzQX1bsJUHLtg4VPqQf+
-7II2dGF5t1Q3ChDc/GkX1TGJY/biRSqxj7JYI45bJR/AQsZ2Z+uFYsuUwNJfGhrG
-y0bD6C9r5GLyq0wN9aqMMhCyzacjLKY9sjuOb/Q=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/18.pem b/scripts/resource-cert-samples/LIR1/18.pem
deleted file mode 100644
index c74d669a..00000000
--- a/scripts/resource-cert-samples/LIR1/18.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 24 (0x18)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 29 16:03:52 2007 GMT
- Not After : Oct 28 16:03:52 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha256WithRSAEncryption
- 04:44:50:5a:c4:68:fd:0c:7a:51:99:27:80:ae:0a:ea:ca:62:
- 4d:34:65:ec:c0:1b:16:59:fe:41:76:fa:06:06:be:4f:37:26:
- ec:75:de:53:c7:c6:dd:27:bb:72:ab:4f:0f:6b:a9:3c:19:23:
- 76:9f:bd:63:c8:f4:1b:f6:a4:bd:da:84:7d:8d:c4:96:58:5a:
- 09:8f:e0:6c:ac:70:68:12:c5:74:db:c9:46:40:1e:20:d3:b8:
- 19:8c:18:27:8a:9d:a4:47:2e:ed:29:a3:38:d9:0b:f2:fe:d9:
- 22:80:2c:2c:92:9d:54:42:7e:68:ad:32:d0:4d:ad:f4:2f:d2:
- 80:1c:9b:ac:13:68:a7:0a:fa:41:c4:f3:1c:02:da:f8:cb:d5:
- 5e:62:a6:16:56:81:ce:82:ec:37:56:c2:59:9a:41:f2:c1:22:
- 3f:63:ee:a6:ca:23:e9:60:62:07:84:2c:73:21:5a:16:8f:6f:
- 06:7c:b0:c7:bb:66:f0:a8:75:6f:36:26:24:2b:7a:0e:a1:9a:
- 11:28:6f:53:1f:76:fb:60:9d:9f:84:97:1f:cd:76:c6:de:c8:
- f8:f9:66:a8:d0:79:31:2c:39:7f:e5:f6:76:36:ba:1e:6e:ea:
- 31:02:86:60:75:8d:f7:d4:c7:35:f3:5e:8a:b5:18:31:46:30:
- 7f:e0:33:d7
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIBGDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAyOTE2MDM1MloXDTA4MTAyODE2MDM1MlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCARQwggEQMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgw
-FgQCAAEwEDAOAwUAwAACAQMFAcAAAiAwDQYJKoZIhvcNAQELBQADggEBAAREUFrE
-aP0MelGZJ4CuCurKYk00ZezAGxZZ/kF2+gYGvk83Jux13lPHxt0nu3KrTw9rqTwZ
-I3afvWPI9Bv2pL3ahH2NxJZYWgmP4GyscGgSxXTbyUZAHiDTuBmMGCeKnaRHLu0p
-ozjZC/L+2SKALCySnVRCfmitMtBNrfQv0oAcm6wTaKcK+kHE8xwC2vjL1V5iphZW
-gc6C7DdWwlmaQfLBIj9j7qbKI+lgYgeELHMhWhaPbwZ8sMe7ZvCodW82JiQreg6h
-mhEob1MfdvtgnZ+Elx/NdsbeyPj5ZqjQeTEsOX/l9nY2uh5u6jEChmB1jffUxzXz
-Xoq1GDFGMH/gM9c=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/19.pem b/scripts/resource-cert-samples/LIR1/19.pem
deleted file mode 100644
index e6fdd880..00000000
--- a/scripts/resource-cert-samples/LIR1/19.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d0:77:df:c4:21:af:1b:5a:6b:a8:a7:28:d7:43:
- c8:9b:6d:25:d8:8d:7f:91:2b:e3:95:fd:92:60:ac:
- 14:12:d7:23:68:85:4b:0e:db:2b:e6:38:e0:48:db:
- 18:37:8f:40:c0:90:58:0e:3f:09:67:5f:8e:3f:04:
- 75:06:60:92:42:f3:e4:45:04:35:95:5d:e9:22:42:
- 2c:f6:5c:a6:7d:79:8c:e1:08:19:7c:35:9d:3a:fd:
- e7:ff:9b:29:b5:ee:89:47:cc:0d:83:a0:e1:73:af:
- 1f:09:84:a8:0b:83:cc:79:88:bf:7c:1d:73:d6:ab:
- 42:1b:64:9a:5c:19:83:2b:9d:e5:ad:4c:58:05:76:
- 95:70:23:ee:a5:c0:31:ca:a2:a7:c8:1d:1e:f2:c9:
- f2:3d:38:82:c2:53:e5:54:86:f2:7c:b1:73:e1:dc:
- e9:86:73:08:ac:59:3b:be:2f:58:c1:42:c5:80:18:
- 8c:3a:0a:2a:32:f6:fe:28:d0:28:52:83:c6:30:69:
- 51:90:59:19:9b:d3:d4:c2:e0:52:6a:c1:4e:59:9a:
- 18:e4:78:2e:57:f9:7f:2b:5d:76:28:c9:c9:c5:7e:
- e5:43:a1:9b:68:d2:06:1c:be:3f:69:f9:c2:fa:9e:
- 4f:68:cf:63:6f:db:6d:fc:67:35:c0:b1:6e:0a:37:
- ec:33
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:B2:16:1A:CD:DC:D7:30:60:0F:FA:81:95:F8:A2:F5:4E:95:F3:AD
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 3d:68:dd:9f:54:93:58:2f:8b:c5:22:5a:10:22:09:ed:5d:90:
- c9:57:ea:9f:e9:99:eb:58:42:26:38:81:ef:14:a0:3f:64:ca:
- 06:ae:87:24:3d:6a:d5:94:b7:78:95:8d:00:7d:5b:eb:6d:2f:
- 72:ff:4c:a6:a9:a2:cf:9b:fa:41:04:b2:71:b4:cf:eb:91:0e:
- 71:98:72:05:84:b0:a2:bb:fe:68:6f:e3:92:f9:a6:c9:97:19:
- 79:c5:39:c0:87:ad:e7:89:bb:bc:84:86:ee:87:55:31:be:da:
- 26:8d:e8:84:bf:44:94:0b:b4:e5:52:bb:1a:0d:04:d6:a6:3c:
- 66:ef:d1:44:3b:a1:b2:bc:a3:8e:5a:43:39:28:a0:2a:6a:10:
- 3b:da:b6:5f:bd:e0:d7:ba:c5:d3:51:de:79:39:8f:92:91:a4:
- ca:cd:62:b4:66:a1:02:f3:50:91:27:22:1f:bc:3d:68:da:e0:
- 15:6c:9a:b0:1b:49:e2:53:84:3a:d3:75:09:87:d5:29:d8:58:
- 86:8d:38:8a:87:fa:2d:43:f0:3a:06:e5:58:e9:32:84:c4:3f:
- d0:c2:cd:2b:2e:75:ec:d7:dc:3b:39:14:0f:e7:99:23:1f:88:
- 84:9f:a6:73:90:4b:e4:60:92:07:c5:90:a4:f2:ed:e3:7e:a8:
- 8c:2d:f6:e8
------BEGIN CERTIFICATE-----
-MIIDqTCCApGgAwIBAgIBGTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
-K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
-nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
-lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
-KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
-Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOB9zCB9DAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRzshYazdzXMGAP+oGV+KL1TpXzrTAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDIvMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEF
-BQcwAoYocnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLmNlcjAp
-BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEDAOAwUCwAACLAMFAMAAAmQwDQYJKoZI
-hvcNAQELBQADggEBAD1o3Z9Uk1gvi8UiWhAiCe1dkMlX6p/pmetYQiY4ge8UoD9k
-ygauhyQ9atWUt3iVjQB9W+ttL3L/TKapos+b+kEEsnG0z+uRDnGYcgWEsKK7/mhv
-45L5psmXGXnFOcCHreeJu7yEhu6HVTG+2iaN6IS/RJQLtOVSuxoNBNamPGbv0UQ7
-obK8o45aQzkooCpqEDvatl+94Ne6xdNR3nk5j5KRpMrNYrRmoQLzUJEnIh+8PWja
-4BVsmrAbSeJThDrTdQmH1SnYWIaNOIqH+i1D8DoG5VjpMoTEP9DCzSsudezX3Ds5
-FA/nmSMfiISfpnOQS+RgkgfFkKTy7eN+qIwt9ug=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/1A.pem b/scripts/resource-cert-samples/LIR1/1A.pem
deleted file mode 100644
index db526ea5..00000000
--- a/scripts/resource-cert-samples/LIR1/1A.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR1
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:eb:80:54:7a:74:4b:e4:81:15:d0:25:2d:5e:21:
- be:47:e6:31:ab:e2:fe:79:55:48:b7:36:55:3d:dc:
- 11:88:5b:b7:36:be:d3:bb:d7:16:8d:f8:4b:f4:c5:
- bd:34:c4:8e:2c:67:97:e6:27:10:40:c5:36:f4:b6:
- 6c:b9:29:82:2e:76:b0:29:ea:43:9a:d1:30:de:05:
- a1:c1:54:7c:17:67:1d:fc:29:dd:80:53:b2:81:30:
- db:13:ee:3e:e6:5d:c7:bc:3d:a6:11:6d:81:77:b7:
- 9f:3e:36:df:7c:d6:d2:5a:22:36:68:7c:14:cc:ac:
- 54:ed:ae:fd:e2:cd:b1:a3:5d:a9:65:ec:1b:8b:4b:
- cf:80:8e:a6:98:8f:69:b1:a6:35:bd:69:c9:2e:66:
- 7f:22:11:66:56:c5:75:4c:81:a3:6e:49:71:0d:f5:
- 75:87:13:e8:62:e8:1a:0c:a8:30:81:6a:be:90:59:
- 23:3b:61:c0:15:5f:68:bf:b5:c9:3f:af:3a:a2:7f:
- 80:01:78:f6:f4:55:ca:ee:ca:8d:08:9b:c5:3e:74:
- 98:02:b2:0b:a6:d8:e8:6e:78:88:7b:95:76:b6:ca:
- be:f1:80:a9:dd:e8:3c:80:91:ce:3f:fd:0b:dd:b7:
- d8:a6:8c:94:20:07:19:74:fa:86:ff:cb:97:c3:f6:
- a4:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 66:EC:29:21:2E:76:83:19:39:ED:8E:ED:B7:06:A8:4C:E5:0E:2E:11
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR1.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
-
- Signature Algorithm: sha256WithRSAEncryption
- 2f:cc:ba:e1:32:d5:77:93:89:d2:62:00:83:52:99:02:11:31:
- 50:c2:8f:84:ba:52:22:cd:76:f0:b6:ef:f1:3d:9e:20:02:11:
- be:41:38:d0:88:df:2f:8b:f8:86:0c:f7:f4:50:4a:5e:7a:e8:
- b2:63:9a:dc:eb:0a:eb:c8:a4:3c:b5:83:c8:ef:22:61:28:35:
- 14:23:1e:be:f6:2b:af:76:59:a3:1c:47:e9:db:60:0f:5a:18:
- 87:c3:c5:96:27:68:bd:2d:cc:24:e2:b6:e9:8d:5e:7f:ba:d9:
- bc:7d:5a:14:67:8c:17:40:ea:09:31:4d:83:39:e0:a9:e7:eb:
- fe:a3:37:cc:f9:45:80:17:20:57:50:be:38:48:6a:e5:4f:13:
- 55:05:07:2a:7b:9f:f2:da:96:27:a2:df:67:07:44:6c:c5:a7:
- 14:73:ac:58:97:83:5c:28:e3:4b:f0:18:f7:9d:be:6b:50:e9:
- 90:c8:64:5c:6d:17:98:ed:8c:ba:b0:2c:26:61:bc:d2:75:a8:
- 30:63:7a:5e:61:62:aa:91:e8:b2:11:b1:7d:b7:65:46:c9:17:
- 02:5a:e9:da:96:fa:5d:1b:de:0d:ff:c0:5c:33:b5:81:6e:a5:
- 3b:cc:11:c8:b0:7e:88:bc:d9:98:2c:96:c1:ed:fe:98:ff:d3:
- f1:96:e2:5c
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIBGjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIxMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAOuAVHp0S+SBFdAlLV4hvkfmMavi/nlVSLc2VT3cEYhbtza+07vX
-Fo34S/TFvTTEjixnl+YnEEDFNvS2bLkpgi52sCnqQ5rRMN4FocFUfBdnHfwp3YBT
-soEw2xPuPuZdx7w9phFtgXe3nz4233zW0loiNmh8FMysVO2u/eLNsaNdqWXsG4tL
-z4COppiPabGmNb1pyS5mfyIRZlbFdUyBo25JcQ31dYcT6GLoGgyoMIFqvpBZIzth
-wBVfaL+1yT+vOqJ/gAF49vRVyu7KjQibxT50mAKyC6bY6G54iHuVdrbKvvGAqd3o
-PICRzj/9C9232KaMlCAHGXT6hv/Ll8P2pOcCAwEAAaOCARQwggEQMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFGbsKSEudoMZOe2O7bcGqEzlDi4RMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMS8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8FTApBggrBgEFBQcBBwEB/wQaMBgw
-FgQCAAEwEDAOAwUAwAACAQMFAcAAAiAwDQYJKoZIhvcNAQELBQADggEBAC/MuuEy
-1XeTidJiAINSmQIRMVDCj4S6UiLNdvC27/E9niACEb5BONCI3y+L+IYM9/RQSl56
-6LJjmtzrCuvIpDy1g8jvImEoNRQjHr72K692WaMcR+nbYA9aGIfDxZYnaL0tzCTi
-tumNXn+62bx9WhRnjBdA6gkxTYM54Knn6/6jN8z5RYAXIFdQvjhIauVPE1UFByp7
-n/Laliei32cHRGzFpxRzrFiXg1wo40vwGPedvmtQ6ZDIZFxtF5jtjLqwLCZhvNJ1
-qDBjel5hYqqR6LIRsX23ZUbJFwJa6dqW+l0b3g3/wFwztYFupTvMEciwfoi82Zgs
-lsHt/pj/0/GW4lw=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR1/index b/scripts/resource-cert-samples/LIR1/index
deleted file mode 100644
index 69a21e9d..00000000
--- a/scripts/resource-cert-samples/LIR1/index
+++ /dev/null
@@ -1,26 +0,0 @@
-V 080731054529Z 01 unknown /CN=TEST ENTITY ISP2
-V 080731054532Z 02 unknown /CN=TEST ENTITY ISP1
-V 080731140529Z 03 unknown /CN=TEST ENTITY ISP2
-V 080731140529Z 04 unknown /CN=TEST ENTITY ISP1
-V 080731140829Z 05 unknown /CN=TEST ENTITY ISP2
-V 080731140829Z 06 unknown /CN=TEST ENTITY ISP1
-V 080731140935Z 07 unknown /CN=TEST ENTITY ISP2
-V 080731140935Z 08 unknown /CN=TEST ENTITY ISP1
-V 080731144822Z 09 unknown /CN=TEST ENTITY ISP2
-V 080731144822Z 0A unknown /CN=TEST ENTITY ISP1
-V 080809005818Z 0B unknown /CN=TEST ENTITY ISP2
-V 080809005818Z 0C unknown /CN=TEST ENTITY ISP1
-V 080809010231Z 0D unknown /CN=TEST ENTITY ISP2
-V 080809010231Z 0E unknown /CN=TEST ENTITY ISP1
-V 080809010709Z 0F unknown /CN=TEST ENTITY ISP2
-V 080809010709Z 10 unknown /CN=TEST ENTITY ISP1
-V 080809011340Z 11 unknown /CN=TEST ENTITY ISP2
-V 080809011340Z 12 unknown /CN=TEST ENTITY ISP1
-V 080809011510Z 13 unknown /CN=TEST ENTITY ISP2
-V 080809011511Z 14 unknown /CN=TEST ENTITY ISP1
-V 081018190607Z 15 unknown /CN=TEST ENTITY ISP2
-V 081018190608Z 16 unknown /CN=TEST ENTITY ISP1
-V 081028160352Z 17 unknown /CN=TEST ENTITY ISP2
-V 081028160352Z 18 unknown /CN=TEST ENTITY ISP1
-V 081028163234Z 19 unknown /CN=TEST ENTITY ISP2
-V 081028163234Z 1A unknown /CN=TEST ENTITY ISP1
diff --git a/scripts/resource-cert-samples/LIR1/index.attr b/scripts/resource-cert-samples/LIR1/index.attr
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/LIR1/index.attr
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/LIR1/index.attr.old b/scripts/resource-cert-samples/LIR1/index.attr.old
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/LIR1/index.attr.old
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/LIR1/index.old b/scripts/resource-cert-samples/LIR1/index.old
deleted file mode 100644
index c484ba08..00000000
--- a/scripts/resource-cert-samples/LIR1/index.old
+++ /dev/null
@@ -1,25 +0,0 @@
-V 080731054529Z 01 unknown /CN=TEST ENTITY ISP2
-V 080731054532Z 02 unknown /CN=TEST ENTITY ISP1
-V 080731140529Z 03 unknown /CN=TEST ENTITY ISP2
-V 080731140529Z 04 unknown /CN=TEST ENTITY ISP1
-V 080731140829Z 05 unknown /CN=TEST ENTITY ISP2
-V 080731140829Z 06 unknown /CN=TEST ENTITY ISP1
-V 080731140935Z 07 unknown /CN=TEST ENTITY ISP2
-V 080731140935Z 08 unknown /CN=TEST ENTITY ISP1
-V 080731144822Z 09 unknown /CN=TEST ENTITY ISP2
-V 080731144822Z 0A unknown /CN=TEST ENTITY ISP1
-V 080809005818Z 0B unknown /CN=TEST ENTITY ISP2
-V 080809005818Z 0C unknown /CN=TEST ENTITY ISP1
-V 080809010231Z 0D unknown /CN=TEST ENTITY ISP2
-V 080809010231Z 0E unknown /CN=TEST ENTITY ISP1
-V 080809010709Z 0F unknown /CN=TEST ENTITY ISP2
-V 080809010709Z 10 unknown /CN=TEST ENTITY ISP1
-V 080809011340Z 11 unknown /CN=TEST ENTITY ISP2
-V 080809011340Z 12 unknown /CN=TEST ENTITY ISP1
-V 080809011510Z 13 unknown /CN=TEST ENTITY ISP2
-V 080809011511Z 14 unknown /CN=TEST ENTITY ISP1
-V 081018190607Z 15 unknown /CN=TEST ENTITY ISP2
-V 081018190608Z 16 unknown /CN=TEST ENTITY ISP1
-V 081028160352Z 17 unknown /CN=TEST ENTITY ISP2
-V 081028160352Z 18 unknown /CN=TEST ENTITY ISP1
-V 081028163234Z 19 unknown /CN=TEST ENTITY ISP2
diff --git a/scripts/resource-cert-samples/LIR1/serial b/scripts/resource-cert-samples/LIR1/serial
deleted file mode 100644
index 8787ed81..00000000
--- a/scripts/resource-cert-samples/LIR1/serial
+++ /dev/null
@@ -1 +0,0 @@
-1B
diff --git a/scripts/resource-cert-samples/LIR1/serial.old b/scripts/resource-cert-samples/LIR1/serial.old
deleted file mode 100644
index 268de3f3..00000000
--- a/scripts/resource-cert-samples/LIR1/serial.old
+++ /dev/null
@@ -1 +0,0 @@
-1A
diff --git a/scripts/resource-cert-samples/LIR2.cer b/scripts/resource-cert-samples/LIR2.cer
deleted file mode 100644
index dcc97dd1..00000000
--- a/scripts/resource-cert-samples/LIR2.cer
+++ /dev/null
@@ -1,95 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 49 (0x31)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 02:2b:a6:e7:ef:15:1e:a6:bf:dc:1f:4e:c5:5d:41:de:c2:82:
- 03:1b:94:25:3e:35:3f:ed:ac:cc:25:49:cb:f2:a3:91:cb:33:
- 72:3a:ef:f8:93:24:42:f9:3e:13:5d:50:07:6c:00:40:60:80:
- 06:22:db:07:43:d2:58:17:37:bd:22:89:d2:8d:9f:a0:e3:7e:
- 10:cd:e7:98:3d:4e:fa:5a:8b:05:23:b1:c6:88:9c:41:72:a9:
- b7:7c:b8:a2:37:9f:76:6f:98:23:e2:90:02:75:dc:94:ae:3f:
- 72:1d:51:53:f3:dc:ec:a1:00:28:6e:13:5f:66:4f:6e:4a:61:
- c1:0e:4e:b9:db:4e:11:bc:d9:57:fd:07:05:6e:05:5d:7a:52:
- ae:7f:d5:50:cf:e3:6b:ff:87:03:9f:6c:b2:aa:f4:28:c3:75:
- 6d:09:bf:31:da:cb:40:fa:8f:ed:15:32:59:a7:9e:5b:8b:0d:
- b2:4b:f1:1d:fd:37:ac:dc:6b:56:b5:64:1b:ce:56:12:41:e0:
- d6:ff:7e:f4:84:f5:27:42:a2:2c:c5:b7:47:14:e1:f9:84:80:
- a9:6e:cf:5f:64:40:ac:36:6e:03:f2:db:ae:e2:bf:ba:d4:98:
- 99:35:21:6f:5d:d9:db:f1:a9:1b:dc:13:11:aa:86:e7:a8:bc:
- aa:ee:dd:ce
------BEGIN CERTIFICATE-----
-MIID8DCCAtigAwIBAgIBMTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBPjCCATowDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEE
-AgACMDswJgMRAiABDbgAAAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEA
-IAENuAAAAAAAAAAQAAAARDANBgkqhkiG9w0BAQsFAAOCAQEAAium5+8VHqa/3B9O
-xV1B3sKCAxuUJT41P+2szCVJy/Kjkcszcjrv+JMkQvk+E11QB2wAQGCABiLbB0PS
-WBc3vSKJ0o2foON+EM3nmD1O+lqLBSOxxoicQXKpt3y4ojefdm+YI+KQAnXclK4/
-ch1RU/Pc7KEAKG4TX2ZPbkphwQ5OudtOEbzZV/0HBW4FXXpSrn/VUM/ja/+HA59s
-sqr0KMN1bQm/MdrLQPqP7RUyWaeeW4sNskvxHf03rNxrVrVkG85WEkHg1v9+9IT1
-J0KiLMW3RxTh+YSAqW7PX2RArDZuA/LbruK/utSYmTUhb13Z2/GpG9wTEaqG56i8
-qu7dzg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2.cnf b/scripts/resource-cert-samples/LIR2.cnf
deleted file mode 100644
index 7e691e6d..00000000
--- a/scripts/resource-cert-samples/LIR2.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = LIR2.cer
-serial = LIR2/serial
-private_key = LIR2.key
-database = LIR2/index
-new_certs_dir = LIR2
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY LIR2
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/LIR2/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-sbgp-autonomousSysNum = critical,AS:64544
-sbgp-ipAddrBlock = critical,IPv6:2001:db8::44-2001:db8::100,IPv6:2001:db8::10:0:44/128
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/LIR2/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-sbgp-autonomousSysNum = critical,AS:64544
-sbgp-ipAddrBlock = critical,IPv6:2001:db8::44-2001:db8::100,IPv6:2001:db8::10:0:44/128
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/LIR2.key b/scripts/resource-cert-samples/LIR2.key
deleted file mode 100644
index 4259796f..00000000
--- a/scripts/resource-cert-samples/LIR2.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccL
-m3h6Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286s
-ndNkPbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/d
-kRzwsCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bd
-u6B45TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N
-8Ar/f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABAoIBAQDGF27931cL9Nv1
-tE0WU36IzmZX6HH3xWwVNzS24MIIVkcV68A+umt+y6DvAtXtgLI4+WwW7ftf+3wA
-LdmhKoS/x/0bykbSnrsb99t7Z5X3Ca/iYFp1xpVLHNblZADCLHF3u1VR/4+PQi4M
-PmnobBRebmN5NyX1KzlVIS2FkU2G8T/TOmEv7ffzMAtBkZIdodUPVwQD2nCOeFeT
-pw0ih1g+r+/RZKXZBU/tPEPhJQhEm91Sos3s1LsgRI6XuJux4Qdp3zrXHglnOpMN
-tzoK4AUlDQOhm0xA0F0Ds2do1v3sQS2Bek0qGU/xUs469/wJljs+sFMwg1WfHyQn
-TZ4jkE8BAoGBAP2jp08Kv6q4vVudGSQVYfp893lI7DprhNTZi4byug8RAGdaPvat
-6UwRTEocl091i7k1bbNR7M2KFIRrqv81BXKWY9IF+jSHLMdkQiA9ftEPAPIPSMWk
-aIa4+gE+7QzK5YMJZN3iDLF+FUNQOLMqm08C6pLFmCsKcdWhBqeY4n73AoGBAPNX
-LHQZd+lmtPX4q22bEt820OGXxAcwkKua9+qchNVae95/PmhrAaWPXgbViD6YzMxX
-lZXGz1gE9gsiEL/KaQWrxFfCUaMDjoJKXOAw0/n1nLscE1FGcgnmXC3MDdOOuI50
-9ESkEAJa5880KVioRWGFyyHLDYyrSsLB2bHB8UWBAoGAXGlyHgRmjQc+RtDYRiNc
-TW2WpSQCnc5q2Tph8csiKzcglId3BV2b8NEkoKQGJTdIrzReQcWJp+G1VAH+jXl+
-AJ/2wqDW5qiRkhxfU2vUdssmpwsWkpwyUVO4ExggOlb6hGG51HX19f1gNeRWpEDT
-0VfYq50+sf/eNd2zlQDJFUUCgYBp6BfN08PPjkbWAstBYcud4HKarH3Bj053kXOy
-5ToezUm59XFI6sGFt9b5bHfmnoQLr1bIIAXfzhDzmXjmsAZzVGWYuFbldsfQRuMT
-I80uLcpv2PFDX0CEtICL4hJmb+g9AAPL2AerrrrTAGW6U0oW/q8A3ynffjGEf+/q
-IHmMgQKBgG+nAjRSJvdc7sMhHSbXCO4G3Jzy39iK0UeSKZHHHbJzmsPTJ5eJ36Zh
-yA19eiX8eC7/GTgrGg+daW8YADPS/wZ2KWZTgavvRhUkAsBW2MSybJgZ5QWEgSa3
-TxH462NH6PiJ755pEcU+ILwIJAcwskR0z2SsL6LaQbXlHNinYWMj
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/LIR2.req b/scripts/resource-cert-samples/LIR2.req
deleted file mode 100644
index 96d673be..00000000
--- a/scripts/resource-cert-samples/LIR2.req
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDszCCApsCAQAwGzEZMBcGA1UEAxMQVEVTVCBFTlRJVFkgTElSMjCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPEYtnkLNcWDZEiDMQOe53IoZbGsYeF3
-LsBN8LEcYdjMWi3HC5t4ej79N636sHMLnPy7b2DqOO+u0Se4gVkPs+fQZ7Ki9U/i
-BMbME58zKDWWetvOrJ3TZD24RLzLQyKS1jwuv5duOWpuaJNdHKhYt6N6JkT+/jCt
-4gWJTMnvLOBOMWk/3ZEc8LAlTD6EiupeA7OozZAaHsjgr/4R7SEGvTxeCKGT4kFD
-QzjTIbNM+oWLQ1dgXbugeOUzR6gzdr7fbmNh4zGLXY4Mx/XIkQy+V8fyvL4Lunof
-9hnx6wB0wRLC3CsujfAK/3/oYAiQulH80JARN/OeRLZkQ2ldYdPhjXcCAwEAAaCC
-AVEwggFNBgkqhkiG9w0BCQ4xggE+MIIBOjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBQDet8M39yTPfelzCd73CL26VWX8DAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYB
-BQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0xJUjIvMEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYncnN5bmM6
-Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9SSVIuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8IDBUBggrBgEFBQcBBwEB/wRFMEMwQQQCAAIwOzAmAxECIAEN
-uAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEQAgAQ24AAAAAAAAABAA
-AABEMA0GCSqGSIb3DQEBBQUAA4IBAQCFx6Mb43W5xnHDV/cqywQ3qJjVQUsl6Gcg
-1h426JuSWoB526DFqFxBAmZR5DK+L8jU7jxBJn7tG6P22GrITSbU4BDVdFCD9znO
-juds7+q/qvfTDSNrNwyzldW/UaL3VJ0YF2xXutLJC4jbkH4QfEcmGriGFTRiwvJS
-LJvotN7i2TNKtj3ARaIaKhonzPZg7Qn/bck2KJutG00gm9u3m9wGZ37+tDQE1yMd
-sqX/uhtZB/YM7q3OGeaj8hkjCMkInZL/1FCzxp4qo3F25KLiWNVz+0xxW4A/1kA8
-a1Rdzb9+y318vQce1eAgMo/64tABUYEILwkAXJ6sPBV2V7PdksW4
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/LIR2/01.pem b/scripts/resource-cert-samples/LIR2/01.pem
deleted file mode 100644
index 832d72fb..00000000
--- a/scripts/resource-cert-samples/LIR2/01.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTA1NDUyN1oXDTA4MDczMTA1NDUyN1owGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCATgwggE0MA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABDbgA
-AAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBAMqX2PAuB9SLv2QsFdzblcv1
-84gGa2Raf1OXAe7J6j45YUxzwGsO1MlJ/lN5XWW6VDu3GayE/uZpuuD0jur0m1N0
-AweSWd9WVOF2kbR4QNPNTgbfNRCKTlWMUyiNoozf1wbAUVFE4VrVKY8k9eDBcECS
-3Kw+f2O5ozocba3ciWY7yVrQ6HquDMF3pmqpAcwsaOXHaMsAp6989fY81lg07sL3
-eeGef71CmplynfI3DNTkznlKOwC9rDLBROCvFBAKBswEQTZEfHBr+kjifJLh2Nsy
-wXE8Xx67UeerTmxnyyP1mOAkQcQ7TcE9xBELp+GrcgdYSTMmtlFuDsBPanAnVow=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/02.pem b/scripts/resource-cert-samples/LIR2/02.pem
deleted file mode 100644
index 055a369b..00000000
--- a/scripts/resource-cert-samples/LIR2/02.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID5DCCAsygAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTA1NDUyOFoXDTA4MDczMTA1NDUyOFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCATEwggEtMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMEEGCCsGAQUFBwEHAQH/
-BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABADANBgkqhkiG9w0BAQUFAAOCAQEAFiSiwdirDq2HcTM/KB/mU1NpVOf2CWFE
-nsU+gqeXMBOGdF9g0KzHXi09pYapo4xQGDJQmuQhDOOAJI0zKEM0hhito1vKD1xv
-Gxaw+VzXgqHkUaMQxPW+TsCi5+Gu0va7kBobK7i+6QYoSHcqMeahJPsiRT/Ni226
-vhoHDkmZmFfhbgIFg1Mysr9yZwDwECikCspsFjGrHRLqocDrEtnhLgWgK7c3L7Ia
-DVpmFhRzHor2XOu6heyu+FwUTy/MH+OcsVt8hMrdLcWig6iKXOJYbz5NB8y/azmY
-Dl5+MgWa3zFn/142ENc7JUegb/+dLia0ZuoUl5emkDy9zZ8tCrEFzg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/03.pem b/scripts/resource-cert-samples/LIR2/03.pem
deleted file mode 100644
index 380a3354..00000000
--- a/scripts/resource-cert-samples/LIR2/03.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 3 (0x3)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:05:29 2007 GMT
- Not After : Jul 31 14:05:29 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 55:03:75:e5:85:6b:3b:7d:fd:6b:04:94:5c:6b:65:bb:c2:46:
- 93:29:ba:ec:40:93:6c:65:b7:e4:eb:f9:47:cf:ed:cd:bf:a5:
- 3e:32:1e:ce:d4:1c:39:9e:47:e4:31:c7:d9:8a:68:ea:ec:fa:
- 5b:74:df:2d:5e:e4:7c:1a:41:53:1f:07:4f:7b:51:df:0d:0f:
- e3:48:87:51:7c:81:72:25:1a:43:4f:f7:2e:1c:f5:3e:86:ae:
- 72:b4:0c:5a:1e:4b:5d:57:16:4a:bf:ab:1f:23:4e:80:5b:b6:
- de:09:f6:36:03:dc:9a:34:d5:52:47:c6:65:98:3a:2e:e1:4d:
- 18:37:c9:24:f3:18:11:f1:81:0e:0c:9d:f5:6c:4d:c1:1c:bb:
- 21:73:3c:b0:62:4d:83:28:40:2b:ce:9f:9e:2d:2b:59:f3:e2:
- 5d:dc:03:98:db:c3:99:35:22:e7:a8:93:43:41:91:56:c0:6e:
- af:df:83:a0:8e:2c:16:9c:00:ce:c6:db:86:f8:75:62:d8:fe:
- af:e5:4d:dd:38:9d:bd:67:f8:2f:27:b1:f3:26:cd:7f:ad:af:
- d0:e4:aa:09:6a:47:17:95:62:33:08:40:d5:09:c4:ee:ee:3a:
- 4f:b2:82:f8:3a:74:d4:a5:b9:db:54:33:9b:c1:00:27:a7:8d:
- 38:25:77:a4
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0MDUyOVoXDTA4MDczMTE0MDUyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCATgwggE0MA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABDbgA
-AAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBAFUDdeWFazt9/WsElFxrZbvC
-RpMpuuxAk2xlt+Tr+UfP7c2/pT4yHs7UHDmeR+Qxx9mKaOrs+lt03y1e5HwaQVMf
-B097Ud8ND+NIh1F8gXIlGkNP9y4c9T6GrnK0DFoeS11XFkq/qx8jToBbtt4J9jYD
-3Jo01VJHxmWYOi7hTRg3ySTzGBHxgQ4MnfVsTcEcuyFzPLBiTYMoQCvOn54tK1nz
-4l3cA5jbw5k1Iueok0NBkVbAbq/fg6COLBacAM7G24b4dWLY/q/lTd04nb1n+C8n
-sfMmzX+tr9DkqglqRxeVYjMIQNUJxO7uOk+ygvg6dNSludtUM5vBACenjTgld6Q=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/04.pem b/scripts/resource-cert-samples/LIR2/04.pem
deleted file mode 100644
index 55678af1..00000000
--- a/scripts/resource-cert-samples/LIR2/04.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 4 (0x4)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:05:29 2007 GMT
- Not After : Jul 31 14:05:29 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha1WithRSAEncryption
- e5:f9:79:e8:d7:09:da:a8:1b:3b:35:a2:2a:47:66:5e:ef:c7:
- 0e:a3:0a:d5:28:d6:2c:78:42:c5:73:69:31:9b:89:fa:2e:7a:
- 95:95:36:bd:bf:c7:09:de:04:3f:4e:fc:8b:52:d0:2b:db:da:
- 91:a9:2c:c0:1e:d1:a4:2d:22:0a:e4:57:e4:06:e3:9c:08:22:
- f9:02:1f:a9:b1:a2:ae:15:eb:40:d7:08:78:83:f4:de:0b:54:
- 93:a6:c9:1c:0f:73:f3:43:d0:12:64:c8:29:19:d3:9b:07:91:
- 24:4a:33:85:45:03:a7:73:01:80:b6:17:cf:24:18:1a:1e:e4:
- 33:9d:1f:53:34:c6:fa:a3:ab:fa:2f:ea:ff:eb:69:a4:6e:d7:
- 87:d6:aa:ed:64:d4:81:2f:aa:de:35:c4:44:3a:65:72:05:8e:
- 3e:30:a4:30:3d:2b:b4:a5:53:12:af:0e:3c:56:bb:e3:24:d3:
- bd:c7:b5:ad:25:19:2a:d0:f7:f3:9f:cf:21:33:9a:46:23:43:
- 0b:13:9d:62:ac:bb:3d:3e:8a:f5:19:37:1f:05:4c:8f:be:2e:
- 69:d6:78:ac:76:25:64:15:0c:12:65:6a:f9:4d:1d:eb:95:8c:
- ef:00:d0:08:c0:5a:59:e0:cd:c5:78:51:cc:63:40:7e:36:a3:
- 05:82:9e:67
------BEGIN CERTIFICATE-----
-MIID5DCCAsygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0MDUyOVoXDTA4MDczMTE0MDUyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCATEwggEtMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMEEGCCsGAQUFBwEHAQH/
-BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABADANBgkqhkiG9w0BAQUFAAOCAQEA5fl56NcJ2qgbOzWiKkdmXu/HDqMK1SjW
-LHhCxXNpMZuJ+i56lZU2vb/HCd4EP078i1LQK9vakakswB7RpC0iCuRX5AbjnAgi
-+QIfqbGirhXrQNcIeIP03gtUk6bJHA9z80PQEmTIKRnTmweRJEozhUUDp3MBgLYX
-zyQYGh7kM50fUzTG+qOr+i/q/+tppG7Xh9aq7WTUgS+q3jXERDplcgWOPjCkMD0r
-tKVTEq8OPFa74yTTvce1rSUZKtD385/PITOaRiNDCxOdYqy7PT6K9Rk3HwVMj74u
-adZ4rHYlZBUMEmVq+U0d65WM7wDQCMBaWeDNxXhRzGNAfjajBYKeZw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/05.pem b/scripts/resource-cert-samples/LIR2/05.pem
deleted file mode 100644
index 21fc68de..00000000
--- a/scripts/resource-cert-samples/LIR2/05.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 5 (0x5)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:08:29 2007 GMT
- Not After : Jul 31 14:08:29 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- cf:89:36:be:f0:e0:c8:98:8d:4d:af:19:f7:14:c6:98:8c:7d:
- 80:88:38:7e:4a:86:21:11:11:48:d1:5d:ab:45:c7:13:ea:40:
- de:69:2b:a4:ed:b9:19:34:74:95:2d:65:5a:38:4d:5c:04:0b:
- 1e:5c:59:15:ac:6c:0e:38:b0:ec:bf:f4:61:3c:78:5b:61:24:
- 2a:e0:ec:38:df:f8:f0:6e:9f:91:52:56:c1:14:8f:b1:57:4a:
- 3f:62:8d:55:a3:83:38:e2:e7:3f:bb:16:14:59:9a:97:b7:60:
- 05:29:cc:0f:2d:74:1c:71:0e:1f:fb:59:31:76:c5:69:8f:98:
- aa:9a:d2:d9:50:07:c8:67:23:cd:31:9a:ae:70:bd:be:82:7e:
- a5:7d:4a:2a:eb:77:8e:59:cd:4b:eb:6b:78:39:82:ac:46:5d:
- 0b:7c:26:76:ce:cc:c4:94:b3:3e:c6:7d:75:d0:32:ab:32:fd:
- 5c:96:fa:aa:b3:c2:56:4d:6f:43:a4:7a:28:94:ce:40:1d:1c:
- a6:72:d1:a3:66:7b:9b:5c:d2:cc:69:55:15:09:1d:aa:84:d2:
- 4c:c1:65:d5:6c:d3:c0:82:7a:a9:6e:dc:37:77:ab:29:b3:8f:
- 10:19:49:21:b4:e3:85:8d:d7:2a:34:5c:8c:fb:88:12:3c:23:
- ea:18:34:22
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0MDgyOVoXDTA4MDczMTE0MDgyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCATgwggE0MA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABDbgA
-AAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBAM+JNr7w4MiYjU2vGfcUxpiM
-fYCIOH5KhiEREUjRXatFxxPqQN5pK6TtuRk0dJUtZVo4TVwECx5cWRWsbA44sOy/
-9GE8eFthJCrg7Djf+PBun5FSVsEUj7FXSj9ijVWjgzji5z+7FhRZmpe3YAUpzA8t
-dBxxDh/7WTF2xWmPmKqa0tlQB8hnI80xmq5wvb6CfqV9Sirrd45ZzUvra3g5gqxG
-XQt8JnbOzMSUsz7GfXXQMqsy/VyW+qqzwlZNb0OkeiiUzkAdHKZy0aNme5tc0sxp
-VRUJHaqE0kzBZdVs08CCeqlu3Dd3qymzjxAZSSG044WN1yo0XIz7iBI8I+oYNCI=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/06.pem b/scripts/resource-cert-samples/LIR2/06.pem
deleted file mode 100644
index cdd0108c..00000000
--- a/scripts/resource-cert-samples/LIR2/06.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 6 (0x6)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:08:29 2007 GMT
- Not After : Jul 31 14:08:29 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha1WithRSAEncryption
- 82:d3:6f:ff:0f:ea:b2:49:89:b9:7a:6f:9f:7a:67:11:40:9e:
- aa:00:cd:04:3e:6d:1f:88:c9:af:63:1e:ec:bd:7e:11:38:3c:
- a0:cf:7f:89:9f:18:e5:ae:f6:3c:a9:f3:2a:84:4d:15:b3:6d:
- 83:39:08:45:f6:ab:e0:d4:96:0d:38:93:0e:92:6a:ec:3e:ed:
- ae:fc:42:1f:2e:d3:ef:e3:18:32:da:4c:ed:18:a6:08:a1:3d:
- 79:af:41:b5:b4:f6:17:12:32:6a:bd:88:76:89:76:50:52:3d:
- 71:01:b9:bf:79:6a:bf:e5:dd:d1:89:2d:8e:4f:89:7b:d2:9d:
- 12:bc:42:d1:0b:a2:ff:b6:61:4e:86:79:af:f3:a5:57:a0:39:
- 3b:e8:2e:6d:aa:65:1c:e7:58:36:47:de:3c:5f:a2:04:02:5b:
- 63:d4:86:d1:2b:4a:1a:ce:00:8b:81:5b:9c:d1:71:a4:dd:4e:
- d2:41:34:f7:69:f8:e0:df:80:08:35:90:c6:52:3b:4a:97:e0:
- de:09:ad:36:f6:c1:aa:77:3d:26:e1:c9:7d:a3:34:3b:09:b9:
- 83:40:86:d8:c9:7b:d1:05:48:8a:f6:90:97:bd:05:9b:6a:8f:
- cf:96:7e:9b:f5:fa:aa:21:1a:95:aa:31:ce:fb:78:5d:d5:a8:
- a6:2e:ca:c6
------BEGIN CERTIFICATE-----
-MIID5DCCAsygAwIBAgIBBjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0MDgyOVoXDTA4MDczMTE0MDgyOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCATEwggEtMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMEEGCCsGAQUFBwEHAQH/
-BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABADANBgkqhkiG9w0BAQUFAAOCAQEAgtNv/w/qskmJuXpvn3pnEUCeqgDNBD5t
-H4jJr2Me7L1+ETg8oM9/iZ8Y5a72PKnzKoRNFbNtgzkIRfar4NSWDTiTDpJq7D7t
-rvxCHy7T7+MYMtpM7RimCKE9ea9BtbT2FxIyar2Idol2UFI9cQG5v3lqv+Xd0Ykt
-jk+Je9KdErxC0Qui/7ZhToZ5r/OlV6A5O+gubaplHOdYNkfePF+iBAJbY9SG0StK
-Gs4Ai4FbnNFxpN1O0kE092n44N+ACDWQxlI7Spfg3gmtNvbBqnc9JuHJfaM0Owm5
-g0CG2Ml70QVIivaQl70Fm2qPz5Z+m/X6qiEalaoxzvt4XdWopi7Kxg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/07.pem b/scripts/resource-cert-samples/LIR2/07.pem
deleted file mode 100644
index 00cf79e5..00000000
--- a/scripts/resource-cert-samples/LIR2/07.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 7 (0x7)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:09:35 2007 GMT
- Not After : Jul 31 14:09:35 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- b8:19:54:a2:c8:99:67:2c:52:0c:a7:ab:fa:60:12:7e:3e:e9:
- 72:81:c0:89:11:85:e0:cf:b7:f8:27:b4:18:3d:fd:cc:3c:69:
- 9b:ec:f8:73:f8:81:ef:06:63:90:95:ad:9c:85:bf:ec:ad:13:
- 53:59:d8:a3:1e:17:49:0d:94:ba:f1:38:4a:1e:9b:9d:a4:34:
- b5:1b:c8:d4:8c:b8:35:07:04:d0:9f:54:81:05:3e:8f:56:10:
- 32:6a:e8:32:ce:89:bb:44:c1:09:7a:c6:69:9b:12:2d:05:e2:
- d9:5c:f9:ba:16:07:bc:d0:8b:92:68:5a:93:5b:d0:25:0a:4e:
- 3c:7c:f4:62:44:43:98:7f:97:81:43:43:ef:1f:38:59:55:64:
- ca:68:a6:bb:91:0f:26:51:47:d3:6c:19:c2:30:4d:55:55:91:
- e9:fb:30:01:10:cd:eb:7e:42:33:1b:5b:82:95:c7:38:54:ab:
- e5:0b:fc:8a:15:3d:7e:48:45:57:4c:26:e9:22:79:71:58:86:
- 25:22:38:4d:c7:78:8c:58:a2:17:1b:ce:ff:ff:34:22:ba:6f:
- 17:be:f0:47:76:a5:01:e6:33:07:62:f0:d8:47:8c:00:15:04:
- d5:37:73:6d:62:7e:b9:de:60:41:e5:e3:f2:e4:96:c9:e2:7a:
- db:56:f0:3a
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIBBzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0MDkzNVoXDTA4MDczMTE0MDkzNVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCATgwggE0MA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABDbgA
-AAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBALgZVKLImWcsUgynq/pgEn4+
-6XKBwIkRheDPt/gntBg9/cw8aZvs+HP4ge8GY5CVrZyFv+ytE1NZ2KMeF0kNlLrx
-OEoem52kNLUbyNSMuDUHBNCfVIEFPo9WEDJq6DLOibtEwQl6xmmbEi0F4tlc+boW
-B7zQi5JoWpNb0CUKTjx89GJEQ5h/l4FDQ+8fOFlVZMpopruRDyZRR9NsGcIwTVVV
-ken7MAEQzet+QjMbW4KVxzhUq+UL/IoVPX5IRVdMJukieXFYhiUiOE3HeIxYohcb
-zv//NCK6bxe+8Ed2pQHmMwdi8NhHjAAVBNU3c21ifrneYEHl4/LklsniettW8Do=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/08.pem b/scripts/resource-cert-samples/LIR2/08.pem
deleted file mode 100644
index 0d2eebd5..00000000
--- a/scripts/resource-cert-samples/LIR2/08.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 8 (0x8)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:09:35 2007 GMT
- Not After : Jul 31 14:09:35 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha1WithRSAEncryption
- c9:76:93:8c:9f:ac:9a:b1:29:fb:5b:b0:ad:c4:e4:70:74:5b:
- e3:a2:91:cd:39:ab:25:82:6b:8b:46:3d:86:74:73:04:95:5d:
- f4:5d:6f:9b:78:91:44:f9:16:07:ca:75:56:2f:ac:84:3c:3c:
- b4:1d:fe:f3:62:f2:70:16:86:7f:94:16:22:f3:7a:a5:98:7e:
- 6b:1b:cc:61:3e:7c:a0:57:f4:80:3d:69:0b:a0:3c:3b:a1:3f:
- f6:50:a6:1a:40:c0:85:e6:20:88:94:20:f2:b7:41:a1:42:39:
- 91:b0:46:4f:07:df:b5:59:30:18:22:97:ad:95:4b:92:cc:d7:
- 31:ee:cb:99:90:ec:82:e2:19:34:99:9e:94:2c:16:9f:6e:f4:
- 89:9a:79:40:96:d2:1b:d6:79:e0:da:f2:a2:f7:ee:c4:3a:91:
- 21:02:77:8a:6c:5f:c6:aa:77:c7:ae:15:6e:3f:38:b9:97:69:
- ac:cf:44:95:74:dc:a6:bc:c8:e4:a0:f4:e4:c4:f9:55:de:5a:
- ba:f5:ae:d7:e9:b9:44:c7:46:54:53:dc:74:cd:f7:fe:48:9a:
- 1a:1a:57:bc:af:3d:47:38:9f:67:10:7f:6a:4f:17:d7:7d:45:
- d0:05:ec:fd:8b:a2:aa:52:c3:7b:73:eb:96:f8:11:cc:12:4f:
- e8:81:ad:f1
------BEGIN CERTIFICATE-----
-MIID5DCCAsygAwIBAgIBCDANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0MDkzNVoXDTA4MDczMTE0MDkzNVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCATEwggEtMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMEEGCCsGAQUFBwEHAQH/
-BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABADANBgkqhkiG9w0BAQUFAAOCAQEAyXaTjJ+smrEp+1uwrcTkcHRb46KRzTmr
-JYJri0Y9hnRzBJVd9F1vm3iRRPkWB8p1Vi+shDw8tB3+82LycBaGf5QWIvN6pZh+
-axvMYT58oFf0gD1pC6A8O6E/9lCmGkDAheYgiJQg8rdBoUI5kbBGTwfftVkwGCKX
-rZVLkszXMe7LmZDsguIZNJmelCwWn270iZp5QJbSG9Z54NryovfuxDqRIQJ3imxf
-xqp3x64Vbj84uZdprM9ElXTcprzI5KD05MT5Vd5auvWu1+m5RMdGVFPcdM33/kia
-GhpXvK89RzifZxB/ak8X131F0AXs/YuiqlLDe3PrlvgRzBJP6IGt8Q==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/09.pem b/scripts/resource-cert-samples/LIR2/09.pem
deleted file mode 100644
index b117c94d..00000000
--- a/scripts/resource-cert-samples/LIR2/09.pem
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 9 (0x9)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:48:22 2007 GMT
- Not After : Jul 31 14:48:22 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 1c:53:2a:8f:55:44:b1:71:d1:50:79:f1:3c:3d:fe:15:1d:72:
- 5e:22:91:d1:54:3d:a4:e0:9e:ba:e4:8d:b3:71:c5:93:cd:5b:
- 54:5c:e5:2c:af:a1:a9:d7:8d:32:b7:92:95:8c:0e:2e:05:d3:
- 9d:da:ac:a9:7a:01:d2:19:9e:b7:88:80:92:b1:26:95:6d:0a:
- b4:01:a3:f1:9f:15:fe:0b:29:0f:0f:72:b7:72:d2:18:9e:5d:
- 7e:65:59:7b:30:75:33:7f:95:fc:cb:9d:7b:0f:36:44:0f:d0:
- e6:a3:c1:a5:6b:d0:db:13:4b:fa:06:35:df:66:01:c3:d8:51:
- 47:e7:89:26:56:6f:2a:2a:ba:46:29:a8:cb:9d:cc:5f:d9:9f:
- 14:01:d5:fd:08:e9:db:1a:7a:89:3e:c8:36:6b:b4:6c:ca:a9:
- df:43:46:89:48:a0:13:32:bb:c9:17:14:01:2d:21:fe:68:11:
- 61:5a:b4:6f:af:ba:3b:0a:96:4c:25:33:5a:a6:cf:29:21:45:
- 76:b8:e1:d9:20:0c:22:f7:7c:85:b2:45:90:94:c5:2c:ca:e1:
- 82:65:36:75:9d:46:9b:f8:9a:d6:85:2f:71:8b:cd:88:fd:87:
- 1b:1c:36:f8:36:f5:1c:18:e5:5b:68:3f:36:60:de:a0:59:e1:
- cd:54:61:4c
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIBCTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCATgwggE0MA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMBoGCCsGAQUFBwEIAQH/
-BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABDbgA
-AAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBABxTKo9VRLFx0VB58Tw9/hUd
-cl4ikdFUPaTgnrrkjbNxxZPNW1Rc5SyvoanXjTK3kpWMDi4F053arKl6AdIZnreI
-gJKxJpVtCrQBo/GfFf4LKQ8Pcrdy0hieXX5lWXswdTN/lfzLnXsPNkQP0OajwaVr
-0NsTS/oGNd9mAcPYUUfniSZWbyoqukYpqMudzF/ZnxQB1f0I6dsaeok+yDZrtGzK
-qd9DRolIoBMyu8kXFAEtIf5oEWFatG+vujsKlkwlM1qmzykhRXa44dkgDCL3fIWy
-RZCUxSzK4YJlNnWdRpv4mtaFL3GLzYj9hxscNvg29RwY5VtoPzZg3qBZ4c1UYUw=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/0A.pem b/scripts/resource-cert-samples/LIR2/0A.pem
deleted file mode 100644
index c8f4890e..00000000
--- a/scripts/resource-cert-samples/LIR2/0A.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10 (0xa)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 1 14:48:22 2007 GMT
- Not After : Jul 31 14:48:22 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Authority Key Identifier:
- keyid:03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha1WithRSAEncryption
- 05:ba:27:d4:55:52:1b:f7:61:da:37:98:b3:16:e6:53:6a:2c:
- 65:f5:80:7f:d4:cb:8f:fb:c2:1d:1a:9f:54:ed:a0:7a:03:a6:
- ff:5a:e7:d6:c1:06:31:11:b5:c1:dc:ab:33:87:d7:57:0e:cd:
- 19:44:16:9f:92:84:43:32:8b:d0:64:12:00:a7:ad:b7:fb:79:
- c1:ec:e3:d0:77:3c:73:8a:5f:90:6b:da:a4:d4:e0:28:0a:45:
- 99:5a:b8:b0:fa:96:3e:c3:a3:de:a6:df:f9:55:e9:1b:3e:37:
- f0:21:38:7f:5f:b2:e0:75:f2:8c:82:10:e9:60:76:3b:de:dd:
- 85:f2:1e:3c:22:f5:77:40:d9:a4:f9:72:46:29:99:a8:2e:5d:
- b8:05:5c:b3:2b:d0:44:c5:8b:07:c7:69:d0:a9:cf:83:31:d1:
- ed:36:d7:ce:b4:c6:7e:4a:58:10:20:46:16:ed:b5:e3:60:47:
- e8:b2:36:1e:79:ed:ac:08:da:8b:a0:6d:92:f1:e4:73:60:6b:
- 10:61:07:69:78:78:a9:51:fd:24:1d:3d:d6:63:62:c3:d4:1e:
- 70:8d:f6:41:fc:42:09:cc:7b:1c:19:c7:59:0b:a0:da:5b:00:
- fd:33:24:8b:9f:1e:d8:d8:04:cd:f4:71:06:ea:c6:2e:8d:8b:
- 6f:cd:b9:a6
------BEGIN CERTIFICATE-----
-MIID5DCCAsygAwIBAgIBCjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCATEwggEtMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MB8GA1UdIwQY
-MBaAFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
-BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
-L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2VyMEEGCCsGAQUFBwEHAQH/
-BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABADANBgkqhkiG9w0BAQUFAAOCAQEABbon1FVSG/dh2jeYsxbmU2osZfWAf9TL
-j/vCHRqfVO2gegOm/1rn1sEGMRG1wdyrM4fXVw7NGUQWn5KEQzKL0GQSAKett/t5
-wezj0Hc8c4pfkGvapNTgKApFmVq4sPqWPsOj3qbf+VXpGz438CE4f1+y4HXyjIIQ
-6WB2O97dhfIePCL1d0DZpPlyRimZqC5duAVcsyvQRMWLB8dp0KnPgzHR7TbXzrTG
-fkpYECBGFu2142BH6LI2HnntrAjai6BtkvHkc2BrEGEHaXh4qVH9JB091mNiw9Qe
-cI32QfxCCcx7HBnHWQug2lsA/TMki58e2NgEzfRxBurGLo2Lb825pg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/0B.pem b/scripts/resource-cert-samples/LIR2/0B.pem
deleted file mode 100644
index d4720f0d..00000000
--- a/scripts/resource-cert-samples/LIR2/0B.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11 (0xb)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Signature Algorithm: sha256WithRSAEncryption
- 87:7d:49:12:b5:b5:ca:35:8f:2c:ae:da:fc:4a:35:b2:09:2b:
- ed:7e:64:3d:a2:3c:ce:a5:e6:f4:77:ca:6f:a0:fb:ff:d0:46:
- db:d8:fc:2b:09:35:a3:f6:ca:c1:00:ae:e6:02:93:96:ff:f8:
- 2c:f5:40:18:d1:43:aa:ba:80:a7:71:7c:aa:99:ba:bb:59:74:
- fb:b9:64:40:4c:d6:ec:4a:f4:a1:7e:32:ae:94:8d:15:f0:ba:
- bb:0c:20:0c:58:3c:eb:52:5a:02:32:56:1b:97:95:38:8e:a4:
- a7:4d:33:92:d5:5e:8c:e4:ab:81:c9:48:dd:39:28:c3:0b:5d:
- ea:13:8e:69:b0:e3:b6:e3:fb:d3:fe:a6:24:4c:48:fe:55:63:
- dd:27:36:68:a5:51:86:8b:b5:8a:95:4c:ef:89:47:0e:d9:af:
- 98:b6:e5:3d:52:5b:a7:b8:5d:d2:d0:bc:b8:7e:cf:65:d3:51:
- 78:58:49:27:6c:3b:12:36:21:20:36:dd:e8:ea:d0:9d:55:9d:
- e0:06:49:d2:27:58:a4:4a:64:65:72:8e:f9:43:80:53:94:04:
- c0:de:0b:e1:42:81:da:c6:a0:1c:c6:d6:8b:d2:1b:ee:39:3b:
- e5:c4:9e:99:da:2a:37:88:d7:e5:51:f8:55:d9:c3:4a:a3:69:
- ff:3c:20:0c
------BEGIN CERTIFICATE-----
-MIIDODCCAiCgAwIBAgIBCzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAwNTgxN1oXDTA4MDgwOTAwNTgxN1owGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOBhjCBgzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBSYz/gAguzX6RdPvXqHYDKlu521DjAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDQvMA0GCSqGSIb3DQEBCwUAA4IBAQCHfUkS
-tbXKNY8srtr8SjWyCSvtfmQ9ojzOpeb0d8pvoPv/0Ebb2PwrCTWj9srBAK7mApOW
-//gs9UAY0UOquoCncXyqmbq7WXT7uWRATNbsSvShfjKulI0V8Lq7DCAMWDzrUloC
-MlYbl5U4jqSnTTOS1V6M5KuByUjdOSjDC13qE45psOO24/vT/qYkTEj+VWPdJzZo
-pVGGi7WKlUzviUcO2a+YtuU9UlunuF3S0Ly4fs9l01F4WEknbDsSNiEgNt3o6tCd
-VZ3gBknSJ1ikSmRlco75Q4BTlATA3gvhQoHaxqAcxtaL0hvuOTvlxJ6Z2io3iNfl
-UfhV2cNKo2n/PCAM
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/0C.pem b/scripts/resource-cert-samples/LIR2/0C.pem
deleted file mode 100644
index 42755368..00000000
--- a/scripts/resource-cert-samples/LIR2/0C.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12 (0xc)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 00:58:18 2007 GMT
- Not After : Aug 9 00:58:18 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Signature Algorithm: sha256WithRSAEncryption
- 97:a4:c3:69:4c:4d:c3:a6:15:69:99:75:4b:04:37:02:b4:f2:
- 02:ad:5d:22:4b:c8:73:e3:34:d0:20:34:e3:83:48:ef:e2:75:
- f8:d7:67:4f:9f:d6:20:a4:0d:b1:ab:ba:64:cd:c6:98:0b:67:
- c3:a8:a5:7a:48:fe:4c:a0:34:1c:01:ea:91:79:2c:37:05:56:
- 4e:fe:4b:97:c5:f4:65:7b:a2:31:a5:6d:e2:47:c1:15:55:d7:
- 90:cb:83:3b:d9:d6:62:3e:09:e1:a4:8b:aa:82:21:de:4b:39:
- d5:c2:d1:c8:88:fc:73:ad:f7:e2:ca:c6:ec:7e:12:67:4c:f1:
- e2:78:21:bf:b9:59:21:d1:3a:36:bc:6f:e8:1e:be:7a:74:4b:
- 6e:60:d2:9d:62:21:ac:26:7d:f4:df:da:37:2e:b2:dd:4c:f1:
- 64:b6:ef:75:2a:a8:dd:d2:d2:fb:64:c5:fe:e0:f5:68:44:e4:
- 1c:48:99:a9:fb:5d:4b:34:bd:d3:4b:c0:40:e7:21:7c:dd:43:
- f1:f7:4d:6b:f2:32:bd:34:14:c5:6c:3c:df:bb:ff:eb:bc:5b:
- d2:76:d1:2c:e8:c0:8e:0c:03:3c:2d:a3:6e:76:00:9d:8d:b9:
- 7d:86:8a:84:f9:76:7e:af:f3:ef:3c:8b:a6:0b:59:c0:8c:cf:
- f8:6f:90:6d
------BEGIN CERTIFICATE-----
-MIIDODCCAiCgAwIBAgIBDDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAwNTgxOFoXDTA4MDgwOTAwNTgxOFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOBhjCBgzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBThly4ZcLV//IJPMz1rLN6amzY9fjAOBgNVHQ8BAf8E
-BAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L0lTUDMvMA0GCSqGSIb3DQEBCwUAA4IBAQCXpMNp
-TE3DphVpmXVLBDcCtPICrV0iS8hz4zTQIDTjg0jv4nX412dPn9YgpA2xq7pkzcaY
-C2fDqKV6SP5MoDQcAeqReSw3BVZO/kuXxfRle6IxpW3iR8EVVdeQy4M72dZiPgnh
-pIuqgiHeSznVwtHIiPxzrffiysbsfhJnTPHieCG/uVkh0To2vG/oHr56dEtuYNKd
-YiGsJn3039o3LrLdTPFktu91Kqjd0tL7ZMX+4PVoROQcSJmp+11LNL3TS8BA5yF8
-3UPx901r8jK9NBTFbDzfu//rvFvSdtEs6MCODAM8LaNudgCdjbl9hoqE+XZ+r/Pv
-PIumC1nAjM/4b5Bt
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/0D.pem b/scripts/resource-cert-samples/LIR2/0D.pem
deleted file mode 100644
index a3e8fbab..00000000
--- a/scripts/resource-cert-samples/LIR2/0D.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13 (0xd)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 39:43:cf:68:33:e0:80:03:70:71:f7:ae:88:a1:cb:0e:11:a3:
- 5c:aa:a4:09:a3:4c:cc:b6:73:92:09:2f:50:57:f3:f8:4a:c2:
- eb:f0:b8:64:19:37:7b:d2:3b:c9:43:50:ed:89:69:73:05:85:
- bd:3c:dd:5b:47:b7:1b:0f:d2:ab:18:93:3a:bf:0a:20:9a:b3:
- 2b:4c:b2:e1:08:df:39:53:9b:36:be:6b:54:b4:f3:7f:4d:5d:
- 6f:b6:68:ee:26:3f:5f:a0:3f:89:8e:d2:10:54:0e:03:da:4f:
- 22:4f:b8:d3:07:e8:51:6b:df:20:4f:2d:5b:67:fa:66:49:34:
- 45:77:9f:88:57:aa:53:68:3c:9b:50:b3:71:74:34:79:26:29:
- b2:2b:b3:8b:e1:24:fe:56:94:af:cc:56:cb:c6:5d:f3:cf:bb:
- ff:16:32:90:96:72:76:14:10:d6:64:52:44:98:49:1b:9b:10:
- 17:f8:8d:6d:27:6e:2e:8d:d7:d2:6d:73:31:70:31:fe:8a:be:
- 74:06:62:33:13:c5:87:7a:89:c1:af:96:77:1f:af:da:e8:0d:
- 38:8f:00:da:b3:3f:29:31:80:a1:32:a1:60:cc:6c:56:cb:8f:
- 63:59:1f:a0:e4:50:9c:3e:4e:c3:53:8b:6f:88:b3:3c:97:d3:
- 66:91:6e:a7
------BEGIN CERTIFICATE-----
-MIIDyjCCArKgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMDIzMVoXDTA4MDgwOTAxMDIzMVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCARcwggETMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBsw
-GQQCAAIwEwMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQELBQADggEBADlD
-z2gz4IADcHH3roihyw4Ro1yqpAmjTMy2c5IJL1BX8/hKwuvwuGQZN3vSO8lDUO2J
-aXMFhb083VtHtxsP0qsYkzq/CiCasytMsuEI3zlTmza+a1S0839NXW+2aO4mP1+g
-P4mO0hBUDgPaTyJPuNMH6FFr3yBPLVtn+mZJNEV3n4hXqlNoPJtQs3F0NHkmKbIr
-s4vhJP5WlK/MVsvGXfPPu/8WMpCWcnYUENZkUkSYSRubEBf4jW0nbi6N19JtczFw
-Mf6KvnQGYjMTxYd6icGvlncfr9roDTiPANqzPykxgKEyoWDMbFbLj2NZH6DkUJw+
-TsNTi2+IszyX02aRbqc=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/0E.pem b/scripts/resource-cert-samples/LIR2/0E.pem
deleted file mode 100644
index 05f06437..00000000
--- a/scripts/resource-cert-samples/LIR2/0E.pem
+++ /dev/null
@@ -1,89 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14 (0xe)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha256WithRSAEncryption
- ab:ee:14:3e:c4:4b:ea:20:a8:9a:0d:48:6e:12:6d:da:9c:c5:
- e5:c0:23:8e:d8:13:5f:cf:ed:b6:b6:b7:4a:b7:50:81:c1:61:
- 92:22:af:a3:47:60:21:89:74:6e:8a:5a:c6:16:2d:60:8e:c9:
- 45:44:62:a6:73:07:3f:d7:db:85:a9:22:a1:f1:7c:b7:a5:e1:
- 40:42:e5:0b:1a:a4:80:63:24:79:e8:87:82:6c:fa:ce:74:97:
- c0:e2:81:77:bd:9b:06:ea:c8:3c:4d:84:93:44:38:c5:c9:b7:
- 94:0a:d1:e9:ee:5f:02:a1:0f:2c:db:af:f4:7a:bb:a7:65:b0:
- d6:a5:cb:df:21:ce:b5:4e:46:33:76:95:6b:c8:e5:2e:c6:54:
- 14:e0:25:ee:9b:e9:14:42:a6:2b:53:59:36:6d:43:55:91:4f:
- 97:08:e0:56:f4:f7:46:83:1d:46:34:6b:26:d7:14:4c:47:23:
- 7c:31:73:d7:0d:1f:68:c5:19:ae:b4:c4:db:24:89:ae:a7:3c:
- a3:90:7b:db:0d:fa:cc:1f:3f:f9:78:97:ec:c3:72:10:8b:44:
- 4d:c7:1d:ae:20:ec:af:19:90:0d:ac:95:16:eb:73:d8:e5:30:
- 2e:bc:f9:4e:d3:6a:48:13:f4:d7:b4:c5:a1:1a:c3:ef:b9:81:
- e7:6a:fc:a4
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIBDjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMDIzMVoXDTA4MDgwOTAxMDIzMVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCARAwggEMMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABE
-AxEAIAENuAAAAAAAAAAAAAABADANBgkqhkiG9w0BAQsFAAOCAQEAq+4UPsRL6iCo
-mg1IbhJt2pzF5cAjjtgTX8/ttra3SrdQgcFhkiKvo0dgIYl0bopaxhYtYI7JRURi
-pnMHP9fbhakiofF8t6XhQELlCxqkgGMkeeiHgmz6znSXwOKBd72bBurIPE2Ek0Q4
-xcm3lArR6e5fAqEPLNuv9Hq7p2Ww1qXL3yHOtU5GM3aVa8jlLsZUFOAl7pvpFEKm
-K1NZNm1DVZFPlwjgVvT3RoMdRjRrJtcUTEcjfDFz1w0faMUZrrTE2ySJrqc8o5B7
-2w36zB8/+XiX7MNyEItETccdriDsrxmQDayVFutz2OUwLrz5TtNqSBP017TFoRrD
-77mB52r8pA==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/0F.pem b/scripts/resource-cert-samples/LIR2/0F.pem
deleted file mode 100644
index 0509dec8..00000000
--- a/scripts/resource-cert-samples/LIR2/0F.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 15 (0xf)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:07:09 2007 GMT
- Not After : Aug 9 01:07:09 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- d5:b7:00:47:e6:b8:94:45:1f:7b:52:17:86:bc:e3:6c:37:b5:
- f8:78:15:78:f9:8f:f1:59:b0:a5:ad:1d:d8:59:d4:9b:09:38:
- 36:95:24:3a:9a:18:bb:52:52:19:30:80:1c:08:8c:7d:0c:de:
- d5:59:5b:19:99:6c:53:69:d6:bc:b4:8a:f6:df:90:57:29:68:
- 4e:db:81:8a:6b:ab:c8:2a:2b:cd:ed:7e:14:09:67:83:5b:ae:
- d8:0d:b0:05:56:e5:4b:91:ed:5e:5b:88:b5:cc:71:c4:93:4a:
- 57:c5:d5:c2:fb:da:ef:ab:d1:96:84:6b:af:53:80:12:75:7d:
- 6c:37:9f:8c:45:e7:8e:3b:e1:a1:20:2e:2c:78:24:0e:98:82:
- b7:73:21:0d:9d:8e:12:3a:cc:04:ea:94:e7:7b:c5:ee:c7:66:
- 09:ac:b6:7e:d3:07:16:2c:48:3f:f5:38:e4:12:a7:24:50:26:
- 7d:8c:1d:07:15:9a:1d:c1:bb:7f:95:44:30:7b:3d:06:ee:10:
- 23:be:b0:91:0c:62:77:0f:3f:f1:51:d1:5a:8a:09:0d:83:d6:
- 90:7f:41:8e:17:03:f2:c9:04:4e:7f:fb:4d:ab:49:73:de:96:
- fd:33:3f:23:90:5b:38:38:73:c8:9a:dc:03:2e:d7:3f:7b:c5:
- 96:96:5c:f2
------BEGIN CERTIFICATE-----
-MIIDyjCCArKgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMDcwOVoXDTA4MDgwOTAxMDcwOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCARcwggETMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBsw
-GQQCAAIwEwMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQELBQADggEBANW3
-AEfmuJRFH3tSF4a842w3tfh4FXj5j/FZsKWtHdhZ1JsJODaVJDqaGLtSUhkwgBwI
-jH0M3tVZWxmZbFNp1ry0ivbfkFcpaE7bgYprq8gqK83tfhQJZ4NbrtgNsAVW5UuR
-7V5biLXMccSTSlfF1cL72u+r0ZaEa69TgBJ1fWw3n4xF54474aEgLix4JA6Ygrdz
-IQ2djhI6zATqlOd7xe7HZgmstn7TBxYsSD/1OOQSpyRQJn2MHQcVmh3Bu3+VRDB7
-PQbuECO+sJEMYncPP/FR0VqKCQ2D1pB/QY4XA/LJBE5/+02rSXPelv0zPyOQWzg4
-c8ia3AMu1z97xZaWXPI=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/10.pem b/scripts/resource-cert-samples/LIR2/10.pem
deleted file mode 100644
index a1ca8f31..00000000
--- a/scripts/resource-cert-samples/LIR2/10.pem
+++ /dev/null
@@ -1,89 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 16 (0x10)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:07:09 2007 GMT
- Not After : Aug 9 01:07:09 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha256WithRSAEncryption
- 46:39:56:56:54:34:70:e5:dd:f8:30:56:02:6f:45:81:e2:c3:
- f4:1c:fa:82:1e:87:11:3f:64:28:14:22:b2:9b:6d:d0:84:ca:
- 78:81:cb:f6:ed:45:5e:fd:7a:f8:e0:9d:a4:c9:8c:f5:a6:f8:
- 63:a1:5d:b2:6f:e9:fd:83:1e:1b:82:a9:3a:03:f9:57:3c:81:
- 0f:ef:6d:a6:5c:14:8f:38:49:38:c1:26:4b:d1:e5:13:94:77:
- 63:b9:f8:7c:fc:bc:82:01:d0:f7:90:94:14:d9:32:b1:49:e3:
- b1:e5:0f:da:8c:8e:0f:4a:e3:b1:60:38:b4:88:2f:a0:ed:68:
- ee:f8:90:23:b1:1f:9a:6c:7a:24:12:a7:0f:57:aa:81:57:b3:
- 37:66:79:1c:a0:9b:dc:f6:80:30:5d:02:5d:1f:9f:cb:e8:fe:
- 4e:3d:67:85:2c:40:b4:f9:94:11:57:9c:22:4d:b0:51:83:1d:
- bb:aa:83:a1:20:f0:ed:68:c5:82:9e:23:db:e4:ab:45:71:f6:
- c6:fd:69:23:fb:dd:7e:cd:f8:32:49:a8:e7:42:c9:64:4b:c0:
- e5:c2:c6:88:20:2c:df:89:82:01:f4:4d:e3:a4:fc:71:f5:a8:
- 49:cb:88:00:48:a0:2c:19:04:ea:e9:74:b1:e4:a2:7a:63:d1:
- 53:5d:e3:13
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIBEDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMDcwOVoXDTA4MDgwOTAxMDcwOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCARAwggEMMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABE
-AxEAIAENuAAAAAAAAAAAAAABADANBgkqhkiG9w0BAQsFAAOCAQEARjlWVlQ0cOXd
-+DBWAm9FgeLD9Bz6gh6HET9kKBQisptt0ITKeIHL9u1FXv16+OCdpMmM9ab4Y6Fd
-sm/p/YMeG4KpOgP5VzyBD+9tplwUjzhJOMEmS9HlE5R3Y7n4fPy8ggHQ95CUFNky
-sUnjseUP2oyOD0rjsWA4tIgvoO1o7viQI7Efmmx6JBKnD1eqgVezN2Z5HKCb3PaA
-MF0CXR+fy+j+Tj1nhSxAtPmUEVecIk2wUYMdu6qDoSDw7WjFgp4j2+SrRXH2xv1p
-I/vdfs34Mkmo50LJZEvA5cLGiCAs34mCAfRN46T8cfWoScuIAEigLBkE6ul0seSi
-emPRU13jEw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/11.pem b/scripts/resource-cert-samples/LIR2/11.pem
deleted file mode 100644
index 44471417..00000000
--- a/scripts/resource-cert-samples/LIR2/11.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 17 (0x11)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Signature Algorithm: sha256WithRSAEncryption
- a8:55:fe:aa:11:d7:ec:08:34:d2:a3:70:f6:13:67:b5:7e:68:
- 6e:b1:e8:3e:f6:e8:49:3f:4d:aa:86:19:01:43:2a:93:de:f3:
- 43:06:cc:ff:bf:23:81:a4:42:50:92:cf:d9:64:de:a3:92:1c:
- 3c:08:f3:97:6d:76:3c:b3:5f:cb:70:49:52:ec:bf:5d:c0:fc:
- 72:4a:79:d9:19:02:96:cc:f5:3c:3d:b8:ea:b1:5a:6e:9d:17:
- 08:d8:3e:4e:9f:d6:b6:6d:3f:0c:f5:28:ca:84:3d:65:1a:ba:
- d5:72:52:e5:e6:01:d9:66:df:a7:42:4c:6e:76:f6:50:13:78:
- 29:13:bd:0c:bc:a8:15:fb:9d:56:5e:cb:c2:36:86:b9:41:74:
- 2c:79:83:06:fb:83:6b:80:56:9f:a3:b6:01:ab:58:d9:20:ba:
- 9c:2c:47:b7:06:f0:55:18:89:02:34:e1:ae:f1:53:a2:66:5a:
- 86:3c:2a:c2:ba:92:33:6e:18:20:2c:ae:f8:4f:bc:2f:2f:e4:
- cc:f2:80:de:f5:2c:4d:4a:dc:29:3e:af:f9:f0:86:4a:a7:b7:
- 3e:7a:42:11:69:5a:35:8a:5c:96:00:eb:65:d9:a8:2b:03:db:
- fb:7e:c8:c9:dd:8c:55:b8:b6:da:58:51:a9:b6:59:60:45:6d:
- b2:b5:64:7e
------BEGIN CERTIFICATE-----
-MIIDFzCCAf+gAwIBAgIBETANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMTMzOVoXDTA4MDgwOTAxMTMzOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaNmMGQwDwYDVR0TAQH/BAUw
-AwEB/zAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAF
-hiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDQvMA0GCSqGSIb3
-DQEBCwUAA4IBAQCoVf6qEdfsCDTSo3D2E2e1fmhuseg+9uhJP02qhhkBQyqT3vND
-Bsz/vyOBpEJQks/ZZN6jkhw8CPOXbXY8s1/LcElS7L9dwPxySnnZGQKWzPU8Pbjq
-sVpunRcI2D5On9a2bT8M9SjKhD1lGrrVclLl5gHZZt+nQkxudvZQE3gpE70MvKgV
-+51WXsvCNoa5QXQseYMG+4NrgFafo7YBq1jZILqcLEe3BvBVGIkCNOGu8VOiZlqG
-PCrCupIzbhggLK74T7wvL+TM8oDe9SxNStwpPq/58IZKp7c+ekIRaVo1ilyWAOtl
-2agrA9v7fsjJ3YxVuLbaWFGptllgRW2ytWR+
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/12.pem b/scripts/resource-cert-samples/LIR2/12.pem
deleted file mode 100644
index 91e549e7..00000000
--- a/scripts/resource-cert-samples/LIR2/12.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 18 (0x12)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Signature Algorithm: sha256WithRSAEncryption
- 7c:d9:69:a5:fc:d6:93:9c:2a:ee:7e:1b:f5:86:69:22:8c:66:
- fb:d1:97:63:65:5c:1d:7c:81:c0:ff:ce:6f:48:bd:37:14:7b:
- a6:51:c0:8d:82:a8:a0:97:e4:9a:cd:e8:b8:f8:6c:66:78:50:
- 69:b4:66:82:a0:a4:4d:d8:0e:44:60:92:11:49:ab:70:28:95:
- 41:a2:6f:8f:b9:8e:45:81:6f:74:4e:14:f9:a5:b6:07:bd:12:
- 99:f9:7b:57:9a:0c:06:52:a0:93:d4:dd:23:ab:ae:92:0f:6d:
- 8f:76:7b:30:cd:f6:07:ee:63:ff:82:88:bf:e1:25:73:98:f4:
- 77:b0:00:16:cc:df:47:8d:c9:54:d0:f3:6b:04:f2:f1:5e:96:
- e6:22:9b:3b:bf:25:89:2f:60:6e:4d:1a:ae:ed:d8:79:7a:8c:
- e6:37:ac:ec:23:60:65:d6:63:38:64:77:1e:2f:b9:17:5f:8d:
- 02:06:43:36:01:3f:20:f5:eb:ea:f6:a3:a4:f3:7f:da:d7:ae:
- 92:6f:fe:b1:f7:4c:8c:ef:4d:e1:06:98:43:77:de:ea:07:1a:
- 6a:3e:75:79:c1:5e:62:f3:f2:1d:8c:5e:d3:2f:6b:a5:f0:6e:
- 8b:da:58:97:ec:16:35:3c:a5:7a:56:8f:80:c5:97:e3:30:df:
- ab:8d:cd:36
------BEGIN CERTIFICATE-----
-MIIDFzCCAf+gAwIBAgIBEjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMTMzOVoXDTA4MDgwOTAxMTMzOVowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaNmMGQwDwYDVR0TAQH/BAUw
-AwEB/zAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYBBQUHAQsENTAzMDEGCCsGAQUFBzAF
-hiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDMvMA0GCSqGSIb3
-DQEBCwUAA4IBAQB82Wml/NaTnCrufhv1hmkijGb70ZdjZVwdfIHA/85vSL03FHum
-UcCNgqigl+Sazei4+GxmeFBptGaCoKRN2A5EYJIRSatwKJVBom+PuY5FgW90ThT5
-pbYHvRKZ+XtXmgwGUqCT1N0jq66SD22PdnswzfYH7mP/goi/4SVzmPR3sAAWzN9H
-jclU0PNrBPLxXpbmIps7vyWJL2BuTRqu7dh5eozmN6zsI2Bl1mM4ZHceL7kXX40C
-BkM2AT8g9evq9qOk83/a166Sb/6x90yM703hBphDd97qBxpqPnV5wV5i8/IdjF7T
-L2ul8G6L2liX7BY1PKV6Vo+AxZfjMN+rjc02
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/13.pem b/scripts/resource-cert-samples/LIR2/13.pem
deleted file mode 100644
index 415517d5..00000000
--- a/scripts/resource-cert-samples/LIR2/13.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 19 (0x13)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- c4:46:cc:b9:a5:85:42:ff:9b:32:39:a8:0f:f6:51:35:09:fa:
- b0:a8:1c:14:4f:72:ff:2c:17:fb:ab:6a:c2:c4:48:2a:2a:fe:
- 42:c5:c2:92:4a:37:01:b7:69:b1:6c:83:52:2d:8e:8c:aa:04:
- 82:bb:93:64:c2:0a:a9:7f:bd:82:2a:82:e4:df:2c:0e:5c:16:
- 12:c7:33:39:0b:f7:99:5b:f5:5d:e0:d3:f8:48:3e:ff:25:a0:
- e2:38:bb:fe:f1:fa:44:da:54:41:b2:1a:2c:1b:41:d2:54:3e:
- 3b:43:35:a0:71:72:ff:a8:76:03:e2:9f:78:75:45:6c:8f:5e:
- c2:5b:4f:e7:6b:ab:66:0a:d4:6c:47:10:ab:90:c5:b2:c9:53:
- a6:2a:a4:c2:ca:b9:b3:f1:3d:9a:75:d0:d4:94:aa:79:6d:ec:
- 16:1a:85:91:1d:d8:4a:ef:79:88:9e:2c:96:b0:bd:33:6b:e4:
- 21:f1:ee:68:14:4b:58:cc:11:8f:6f:05:2d:6f:c3:99:9b:e6:
- 8f:06:6b:a6:f9:45:2f:41:9f:38:9b:c8:80:98:1f:15:02:7d:
- f1:08:19:a5:5a:30:c1:eb:72:ee:f4:a7:c5:fa:7a:35:af:24:
- 62:b1:54:4c:d5:4c:42:ef:fe:9e:5f:65:80:4f:42:7e:e3:7f:
- 35:18:5c:6b
------BEGIN CERTIFICATE-----
-MIIDyjCCArKgAwIBAgIBEzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMTUxMFoXDTA4MDgwOTAxMTUxMFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCARcwggETMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBsw
-GQQCAAIwEwMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQELBQADggEBAMRG
-zLmlhUL/mzI5qA/2UTUJ+rCoHBRPcv8sF/urasLESCoq/kLFwpJKNwG3abFsg1It
-joyqBIK7k2TCCql/vYIqguTfLA5cFhLHMzkL95lb9V3g0/hIPv8loOI4u/7x+kTa
-VEGyGiwbQdJUPjtDNaBxcv+odgPin3h1RWyPXsJbT+drq2YK1GxHEKuQxbLJU6Yq
-pMLKubPxPZp10NSUqnlt7BYahZEd2ErveYieLJawvTNr5CHx7mgUS1jMEY9vBS1v
-w5mb5o8Ga6b5RS9BnzibyICYHxUCffEIGaVaMMHrcu70p8X6ejWvJGKxVEzVTELv
-/p5fZYBPQn7jfzUYXGs=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/14.pem b/scripts/resource-cert-samples/LIR2/14.pem
deleted file mode 100644
index c31add0d..00000000
--- a/scripts/resource-cert-samples/LIR2/14.pem
+++ /dev/null
@@ -1,89 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 20 (0x14)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha256WithRSAEncryption
- 58:b8:cd:b3:34:ce:a2:4f:39:c1:15:09:b4:95:f8:5e:7b:23:
- 9b:fb:42:6f:92:5a:29:ce:17:c1:99:d6:c7:39:00:43:e1:60:
- bb:17:f5:34:df:33:86:73:77:f4:8f:6f:d5:88:1d:68:be:f8:
- 13:fd:02:38:fa:aa:9c:39:80:1b:dc:50:72:23:d6:0a:64:55:
- 14:78:fe:64:1a:63:53:bb:e6:78:35:88:2c:d1:7a:1b:3c:23:
- 72:8a:a5:c0:5b:5c:7c:85:b1:26:a1:c0:ce:a9:c0:16:5d:30:
- eb:2d:7e:69:48:57:6b:dc:34:88:56:47:99:ed:31:47:c1:3e:
- ff:b6:9e:69:cc:68:2e:1c:4c:77:27:d4:a5:45:f9:cb:a5:21:
- 23:46:18:20:2a:a0:7c:b9:eb:d1:d8:91:30:2e:b4:16:07:b6:
- 9f:3a:28:71:1d:ee:f9:a7:88:59:45:78:b7:36:0e:15:f6:77:
- e4:69:b4:b1:61:9a:5c:66:0f:c5:7c:67:d7:af:d3:24:24:4e:
- e7:94:ce:a6:d6:3b:5a:c8:d7:49:58:93:d7:f5:41:2f:b3:9a:
- 93:c8:6c:ec:2f:be:6a:c1:74:2a:44:bb:5c:7b:d8:16:f6:01:
- ed:5b:e8:6b:02:48:ef:5b:57:f4:07:fd:5f:47:e6:06:38:3c:
- a2:4b:d0:f9
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIBFDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MDgxMDAxMTUxMFoXDTA4MDgwOTAxMTUxMFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCARAwggEMMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABE
-AxEAIAENuAAAAAAAAAAAAAABADANBgkqhkiG9w0BAQsFAAOCAQEAWLjNszTOok85
-wRUJtJX4Xnsjm/tCb5JaKc4XwZnWxzkAQ+Fguxf1NN8zhnN39I9v1YgdaL74E/0C
-OPqqnDmAG9xQciPWCmRVFHj+ZBpjU7vmeDWILNF6GzwjcoqlwFtcfIWxJqHAzqnA
-Fl0w6y1+aUhXa9w0iFZHme0xR8E+/7aeacxoLhxMdyfUpUX5y6UhI0YYICqgfLnr
-0diRMC60Fge2nzoocR3u+aeIWUV4tzYOFfZ35Gm0sWGaXGYPxXxn16/TJCRO55TO
-ptY7WsjXSViT1/VBL7Oak8hs7C++asF0KkS7XHvYFvYB7VvoawJI71tX9Af9X0fm
-Bjg8okvQ+Q==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/15.pem b/scripts/resource-cert-samples/LIR2/15.pem
deleted file mode 100644
index 8b2c9de2..00000000
--- a/scripts/resource-cert-samples/LIR2/15.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 21 (0x15)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- d5:47:18:ec:04:c6:96:47:1d:cc:78:2c:ca:f4:89:7a:bb:9f:
- 92:b3:3a:f0:64:2e:36:34:25:98:0d:d7:74:95:5b:2a:9d:ee:
- 00:42:52:17:35:c9:66:b4:7c:8c:15:84:1a:35:ee:e7:9e:21:
- 93:6e:ab:67:a1:e3:7d:66:51:47:14:cb:13:f9:ae:e3:0e:75:
- c6:ec:34:1d:97:85:7f:a2:c0:e0:f5:c7:d6:e4:ce:67:97:46:
- 9c:72:2d:32:27:d3:05:c9:5e:d4:67:81:c9:7c:0a:e5:16:4f:
- 37:6d:c2:e0:2b:a1:e9:de:ce:e9:05:28:3c:98:6b:51:0b:1f:
- d7:27:98:3e:90:8a:79:24:29:72:d6:0d:f7:db:78:16:53:bd:
- 94:b6:04:40:37:a7:bc:ca:38:d4:eb:9a:5f:de:45:8d:1d:c7:
- 5f:58:a6:95:eb:77:1a:b1:66:cb:f6:cc:a2:f2:34:2c:db:b2:
- d4:71:6e:08:9e:ad:58:40:13:13:5d:2e:5d:5a:5a:f0:38:1c:
- 51:fa:ba:2d:9c:cb:6b:3c:86:bf:b6:73:53:83:66:a0:97:f6:
- 37:9d:37:f4:9e:82:0f:f8:be:2c:a6:28:a9:04:fa:70:bb:f8:
- d3:6a:1a:2c:c0:c7:97:6b:d6:8a:9c:f4:50:7b:0e:26:6a:a4:
- 05:e2:b1:0f
------BEGIN CERTIFICATE-----
-MIIDyjCCArKgAwIBAgIBFTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAxOTE5MDYwN1oXDTA4MTAxODE5MDYwN1owGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCARcwggETMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBsw
-GQQCAAIwEwMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQELBQADggEBANVH
-GOwExpZHHcx4LMr0iXq7n5KzOvBkLjY0JZgN13SVWyqd7gBCUhc1yWa0fIwVhBo1
-7ueeIZNuq2eh431mUUcUyxP5ruMOdcbsNB2XhX+iwOD1x9bkzmeXRpxyLTIn0wXJ
-XtRngcl8CuUWTzdtwuAroenezukFKDyYa1ELH9cnmD6QinkkKXLWDffbeBZTvZS2
-BEA3p7zKONTrml/eRY0dx19YppXrdxqxZsv2zKLyNCzbstRxbgierVhAExNdLl1a
-WvA4HFH6ui2cy2s8hr+2c1ODZqCX9jedN/Segg/4viymKKkE+nC7+NNqGizAx5dr
-1oqc9FB7DiZqpAXisQ8=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/16.pem b/scripts/resource-cert-samples/LIR2/16.pem
deleted file mode 100644
index 45d8df97..00000000
--- a/scripts/resource-cert-samples/LIR2/16.pem
+++ /dev/null
@@ -1,89 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 22 (0x16)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha256WithRSAEncryption
- c9:f3:8e:d8:05:88:2d:19:ef:5d:2a:09:16:52:73:01:fa:86:
- 22:a6:ec:1c:27:02:13:5c:0e:25:8f:0a:8b:da:a9:d3:5b:68:
- db:54:0f:6b:28:47:3e:cf:16:e8:15:d1:01:eb:c0:f3:30:f5:
- 8b:62:3c:29:97:be:29:45:2d:60:36:04:eb:cc:38:24:8f:eb:
- 2c:5b:e9:c0:36:ff:a9:22:b3:6b:f5:fb:e9:a9:69:71:c5:f2:
- 41:64:a4:2f:1f:b4:ad:56:01:c3:d9:02:c6:b8:88:de:fb:9a:
- fd:31:95:47:87:ba:97:7c:3c:0c:7d:ad:31:3f:0f:67:66:b7:
- c3:15:46:7c:7b:2c:8d:3d:82:2b:6f:85:91:97:9d:9c:4e:f1:
- 0d:92:d6:5e:48:ed:d6:94:f5:e5:ad:17:09:38:af:97:1f:0d:
- af:b3:f1:f1:88:37:83:05:c0:1b:d7:32:5d:4a:9e:ae:ae:05:
- db:a5:51:e2:20:a3:88:29:73:ac:9d:31:f0:20:79:5f:e1:95:
- cb:79:68:bf:36:16:61:71:db:05:57:92:d1:cc:f4:6d:99:a8:
- 8b:14:8f:40:03:0b:91:7e:68:42:3a:ab:fd:de:1c:4b:3c:33:
- 0e:2f:89:be:67:28:a8:e5:47:cd:c5:dc:26:1b:d2:fe:22:7b:
- 7c:75:7f:9b
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIBFjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAxOTE5MDYwN1oXDTA4MTAxODE5MDYwN1owGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCARAwggEMMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABE
-AxEAIAENuAAAAAAAAAAAAAABADANBgkqhkiG9w0BAQsFAAOCAQEAyfOO2AWILRnv
-XSoJFlJzAfqGIqbsHCcCE1wOJY8Ki9qp01to21QPayhHPs8W6BXRAevA8zD1i2I8
-KZe+KUUtYDYE68w4JI/rLFvpwDb/qSKza/X76alpccXyQWSkLx+0rVYBw9kCxriI
-3vua/TGVR4e6l3w8DH2tMT8PZ2a3wxVGfHssjT2CK2+FkZednE7xDZLWXkjt1pT1
-5a0XCTivlx8Nr7Px8Yg3gwXAG9cyXUqerq4F26VR4iCjiClzrJ0x8CB5X+GVy3lo
-vzYWYXHbBVeS0cz0bZmoixSPQAMLkX5oQjqr/d4cSzwzDi+JvmcoqOVHzcXcJhvS
-/iJ7fHV/mw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/17.pem b/scripts/resource-cert-samples/LIR2/17.pem
deleted file mode 100644
index 881741df..00000000
--- a/scripts/resource-cert-samples/LIR2/17.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 23 (0x17)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 29 16:03:52 2007 GMT
- Not After : Oct 28 16:03:52 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 16:93:aa:d0:4e:99:13:31:ad:92:a7:ed:88:46:05:31:3e:ea:
- 46:16:93:44:64:30:98:c3:20:62:b6:f4:05:e8:f5:ca:2d:46:
- 65:6b:d0:47:24:cf:aa:95:56:6c:61:22:ce:38:8a:3c:33:6e:
- ef:2e:f6:f0:6f:35:47:7e:bb:c9:97:be:da:87:38:9c:dd:d4:
- 2f:b1:0a:43:c0:60:65:92:aa:c1:a7:6b:4a:b0:bd:65:e8:89:
- f1:20:0e:02:f5:31:79:aa:32:9e:fb:e2:c6:0f:43:58:e5:3b:
- 41:10:8c:8b:2b:64:0b:10:68:6e:a5:f1:b2:8c:38:be:b5:5b:
- 82:df:af:17:58:ff:fc:37:ee:fe:9b:37:53:2c:d7:90:01:d3:
- c5:38:8b:5f:85:bd:02:3e:00:1f:e1:e4:75:19:ad:e2:d3:5f:
- eb:48:32:e6:82:79:fc:36:cf:9e:dc:aa:13:f4:36:69:87:e0:
- f3:4e:d1:21:2d:f6:04:d1:c0:37:55:5e:2f:58:b3:65:49:ed:
- 24:96:33:9a:fe:d9:ba:a8:61:ab:45:2f:95:8d:39:33:17:15:
- c1:bf:26:01:79:40:43:1b:50:40:0d:98:39:5a:d5:2b:af:9f:
- fd:8a:5d:b6:20:01:c6:0f:03:00:d5:39:75:f7:24:62:9c:bf:
- 6b:a5:f8:a8
------BEGIN CERTIFICATE-----
-MIIDyjCCArKgAwIBAgIBFzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAyOTE2MDM1MloXDTA4MTAyODE2MDM1MlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCARcwggETMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBsw
-GQQCAAIwEwMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQELBQADggEBABaT
-qtBOmRMxrZKn7YhGBTE+6kYWk0RkMJjDIGK29AXo9cotRmVr0Eckz6qVVmxhIs44
-ijwzbu8u9vBvNUd+u8mXvtqHOJzd1C+xCkPAYGWSqsGna0qwvWXoifEgDgL1MXmq
-Mp774sYPQ1jlO0EQjIsrZAsQaG6l8bKMOL61W4LfrxdY//w37v6bN1Ms15AB08U4
-i1+FvQI+AB/h5HUZreLTX+tIMuaCefw2z57cqhP0NmmH4PNO0SEt9gTRwDdVXi9Y
-s2VJ7SSWM5r+2bqoYatFL5WNOTMXFcG/JgF5QEMbUEANmDla1Suvn/2KXbYgAcYP
-AwDVOXX3JGKcv2ul+Kg=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/18.pem b/scripts/resource-cert-samples/LIR2/18.pem
deleted file mode 100644
index d3d0cfac..00000000
--- a/scripts/resource-cert-samples/LIR2/18.pem
+++ /dev/null
@@ -1,89 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 24 (0x18)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 29 16:03:52 2007 GMT
- Not After : Oct 28 16:03:52 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha256WithRSAEncryption
- 1f:e4:62:d3:16:47:b1:20:de:bd:de:98:ec:ec:0e:8f:89:3e:
- 61:c7:4c:40:6f:4c:41:e8:f6:e7:b1:c1:f3:09:5a:6d:e6:53:
- 62:fd:44:de:d5:42:01:73:d6:5c:ca:39:dc:97:8d:2c:29:83:
- 4a:a3:09:dd:dc:44:9b:12:6e:d7:be:93:e0:2e:d2:a4:6f:16:
- 1c:4a:e7:fc:3d:d9:5a:59:95:2f:6c:54:a5:cb:25:82:9b:4f:
- ed:3e:24:13:5b:38:69:37:dc:f2:58:1b:c9:b0:74:a7:12:36:
- b4:23:b7:db:63:bb:ff:3e:bd:82:e2:b4:bf:1c:13:22:2a:b8:
- 5a:cc:f2:4c:55:e0:48:36:fe:07:62:b7:8a:3a:4e:51:19:7c:
- 0d:1b:19:0c:83:28:45:e4:c1:9b:b7:bd:4a:9c:eb:f4:90:87:
- 83:39:7c:b2:cf:4d:78:2a:2b:b4:e7:4f:ee:63:54:13:5a:ac:
- 1e:82:c0:e4:3d:7d:a3:40:6d:a0:22:64:25:e8:af:5d:e9:f6:
- 85:1a:a7:98:e0:77:f4:94:03:3c:84:62:e0:f1:be:f5:e4:53:
- aa:0c:b9:24:19:b4:92:e1:05:4b:eb:16:ab:3c:3d:cc:60:c2:
- ce:69:d5:66:4a:29:12:72:3e:85:f7:06:97:f3:b4:ba:26:5a:
- d1:f5:2c:a8
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIBGDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAyOTE2MDM1MloXDTA4MTAyODE2MDM1MlowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCARAwggEMMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABE
-AxEAIAENuAAAAAAAAAAAAAABADANBgkqhkiG9w0BAQsFAAOCAQEAH+Ri0xZHsSDe
-vd6Y7OwOj4k+YcdMQG9MQej257HB8wlabeZTYv1E3tVCAXPWXMo53JeNLCmDSqMJ
-3dxEmxJu176T4C7SpG8WHErn/D3ZWlmVL2xUpcslgptP7T4kE1s4aTfc8lgbybB0
-pxI2tCO322O7/z69guK0vxwTIiq4WszyTFXgSDb+B2K3ijpOURl8DRsZDIMoReTB
-m7e9Spzr9JCHgzl8ss9NeCortOdP7mNUE1qsHoLA5D19o0BtoCJkJeivXen2hRqn
-mOB39JQDPIRi4PG+9eRTqgy5JBm0kuEFS+sWqzw9zGDCzmnVZkopEnI+hfcGl/O0
-uiZa0fUsqA==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/19.pem b/scripts/resource-cert-samples/LIR2/19.pem
deleted file mode 100644
index b8a5574d..00000000
--- a/scripts/resource-cert-samples/LIR2/19.pem
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b3:05:ad:fb:06:db:49:81:ad:df:50:04:e0:18:
- e8:f1:f4:83:e6:26:4b:9e:fc:2d:1c:df:e2:2b:57:
- 38:48:eb:c4:13:a3:fd:6c:c5:e2:1c:d5:3a:fd:66:
- d7:ff:2e:ff:4a:b7:5a:c5:f4:19:b1:8d:9e:a8:49:
- 4e:3b:20:46:da:08:de:b0:9c:71:5e:77:a9:14:e2:
- 4c:20:0e:ff:c5:20:fa:f3:6d:3b:0b:ce:e1:72:b6:
- ff:f5:75:7f:3e:35:af:1c:4f:e0:92:45:f0:1f:57:
- ce:38:6c:3e:f6:2f:96:73:1f:60:db:63:8e:63:b3:
- f3:35:85:e9:00:39:92:b3:9f:4a:6b:bd:e9:a0:00:
- ca:be:fe:27:78:9b:44:23:53:56:13:48:7d:cd:d1:
- 01:3a:88:36:66:4f:7f:f3:2c:9f:c7:c4:52:75:1e:
- 0e:3c:50:29:c9:39:e0:ff:90:4d:95:47:56:13:e1:
- 30:f3:30:33:ee:02:60:70:b0:bd:dd:3b:aa:b9:2a:
- 86:bf:e7:e2:a8:ec:64:2a:0b:12:05:08:03:7e:d8:
- 41:bb:23:de:29:e5:0f:9b:3b:00:2e:4f:0e:f5:31:
- 91:ec:bd:34:02:68:6d:d7:71:a9:8c:4d:23:d2:43:
- ae:d7:f8:e5:69:2b:ae:13:86:13:27:38:72:48:70:
- f8:1f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:CF:F8:00:82:EC:D7:E9:17:4F:BD:7A:87:60:32:A5:BB:9D:B5:0E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP4/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 7d:61:80:4e:39:a7:2f:32:90:94:a0:93:18:80:b5:2c:28:44:
- ab:84:74:d5:e2:94:b6:7a:b2:1a:ae:54:f1:61:53:c8:b1:fc:
- cc:96:0e:44:b3:62:a1:05:a0:e4:d5:ad:0b:96:86:53:0e:f9:
- 17:04:e5:30:ab:21:20:3e:91:66:30:08:a4:c2:4e:14:a6:80:
- 41:90:0c:a6:d6:14:43:0e:2b:60:55:8f:01:64:d6:72:24:43:
- e9:b1:67:6b:da:a1:fe:93:0d:03:85:bb:49:49:13:13:70:db:
- a7:a8:70:e5:93:12:7c:4d:fe:ba:d0:13:f4:7e:23:c7:2c:ea:
- 7b:a1:2a:75:39:39:ba:b3:58:ec:c6:8e:89:ce:6b:3e:d0:0d:
- 90:e5:e0:ef:41:f8:0b:5c:0a:cf:ec:3d:1e:c7:33:ad:2a:57:
- 34:cc:77:2a:f7:e6:7c:73:f0:79:c0:34:d1:a5:07:f6:fb:66:
- 4a:c4:1f:72:51:30:e5:af:9a:f6:63:da:8d:b3:90:b5:62:9e:
- 53:ff:29:77:50:2f:6c:cc:86:80:e9:3a:a9:eb:4b:d2:bf:d0:
- c0:77:4f:9e:ed:57:7a:0d:f9:65:93:87:5a:f4:a9:35:8c:4d:
- 19:d0:56:a0:36:38:51:5d:52:54:a5:1f:ce:6f:30:7c:27:71:
- da:42:79:8e
------BEGIN CERTIFICATE-----
-MIIDyjCCArKgAwIBAgIBGTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBALMFrfsG20mBrd9QBOAY6PH0g+YmS578LRzf4itXOEjrxBOj/WzF
-4hzVOv1m1/8u/0q3WsX0GbGNnqhJTjsgRtoI3rCccV53qRTiTCAO/8Ug+vNtOwvO
-4XK2//V1fz41rxxP4JJF8B9XzjhsPvYvlnMfYNtjjmOz8zWF6QA5krOfSmu96aAA
-yr7+J3ibRCNTVhNIfc3RATqINmZPf/Msn8fEUnUeDjxQKck54P+QTZVHVhPhMPMw
-M+4CYHCwvd07qrkqhr/n4qjsZCoLEgUIA37YQbsj3inlD5s7AC5PDvUxkey9NAJo
-bddxqYxNI9JDrtf45WkrrhOGEyc4ckhw+B8CAwEAAaOCARcwggETMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFJjP+ACC7NfpF0+9eodgMqW7nbUOMA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQNC8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD8IDAsBggrBgEFBQcBBwEB/wQdMBsw
-GQQCAAIwEwMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQELBQADggEBAH1h
-gE45py8ykJSgkxiAtSwoRKuEdNXilLZ6shquVPFhU8ix/MyWDkSzYqEFoOTVrQuW
-hlMO+RcE5TCrISA+kWYwCKTCThSmgEGQDKbWFEMOK2BVjwFk1nIkQ+mxZ2vaof6T
-DQOFu0lJExNw26eocOWTEnxN/rrQE/R+I8cs6nuhKnU5ObqzWOzGjonOaz7QDZDl
-4O9B+AtcCs/sPR7HM60qVzTMdyr35nxz8HnANNGlB/b7ZkrEH3JRMOWvmvZj2o2z
-kLVinlP/KXdQL2zMhoDpOqnrS9K/0MB3T57tV3oN+WWTh1r0qTWMTRnQVqA2OFFd
-UlSlH85vMHwncdpCeY4=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/1A.pem b/scripts/resource-cert-samples/LIR2/1A.pem
deleted file mode 100644
index e8e63c2a..00000000
--- a/scripts/resource-cert-samples/LIR2/1A.pem
+++ /dev/null
@@ -1,89 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR2
- Validity
- Not Before: Oct 29 16:32:34 2007 GMT
- Not After : Oct 28 16:32:34 2008 GMT
- Subject: CN=TEST ENTITY ISP3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:d1:24:75:c1:44:29:12:9a:fe:8c:1d:1e:01:aa:
- 05:ea:1f:47:ab:1a:8d:cf:d2:42:a1:31:7d:9c:3e:
- 66:72:ce:2c:df:01:17:15:40:40:94:d1:ae:6d:d7:
- ca:fd:52:d9:ec:5f:f0:64:30:a3:42:70:a1:a1:6f:
- 05:2d:10:ee:b1:05:65:3f:f2:c1:78:84:cc:1d:66:
- ee:35:52:c7:ae:99:76:b1:63:4d:c1:2e:24:fb:f7:
- 43:2d:0b:21:0d:d3:d6:b7:cf:60:50:49:3d:17:53:
- 3e:2b:f8:68:95:7e:1c:c5:e2:1e:73:06:8c:b2:53:
- a1:70:39:d9:9e:e5:56:fc:58:d0:b3:f3:90:37:5a:
- 6e:5a:3b:ef:05:be:f1:64:2f:31:2e:5a:58:f2:30:
- 7a:73:52:7f:b8:0d:71:3c:63:52:17:0f:b7:07:3b:
- c3:46:b9:9c:88:bc:73:df:14:5a:bc:16:fc:f8:79:
- b0:a1:41:87:05:f9:52:a8:36:61:62:de:90:68:21:
- 83:bb:8c:83:47:af:bb:82:3e:44:28:97:2b:02:a8:
- 81:04:05:16:cd:bf:ef:9e:02:f9:54:66:2a:28:99:
- 79:2b:b5:19:10:d4:df:35:95:f3:3f:fa:13:6a:06:
- 6f:f5:38:28:d6:b6:0b:8a:70:5b:8d:70:8d:34:99:
- 96:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E1:97:2E:19:70:B5:7F:FC:82:4F:33:3D:6B:2C:DE:9A:9B:36:3D:7E
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR2.cer
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
-
- Signature Algorithm: sha256WithRSAEncryption
- 01:16:7e:4c:bd:b7:d8:6c:23:58:7f:26:76:ac:97:37:06:64:
- 2d:a8:66:59:65:d3:9a:1c:d6:79:11:d3:e9:87:cc:1f:a9:9d:
- 8b:74:1e:f0:b7:47:58:e9:40:e0:d5:29:2b:1f:5b:89:72:2c:
- fe:ca:cf:8a:04:e6:3e:e8:d9:f6:26:15:18:c4:67:10:c4:a8:
- 13:59:1b:cc:04:e8:96:a9:68:c8:90:54:e9:16:16:c0:7f:dd:
- 1a:7d:5a:af:82:26:70:ff:c4:34:3f:d6:f3:3e:0b:45:61:f9:
- a4:5e:59:b9:cf:6b:6b:32:f1:8d:2e:4f:78:de:ac:0d:5f:1e:
- b0:59:b2:a9:c5:a4:cc:48:87:50:6c:8d:7d:41:ef:cd:68:4d:
- 3b:e7:a9:f2:2d:50:ad:7e:d0:84:51:03:55:b6:a3:f1:e3:0a:
- 46:f8:e7:23:b6:7b:76:5d:8b:13:a5:14:ac:07:e5:9c:13:df:
- 6f:b2:a0:48:3d:00:3e:f0:16:7f:6d:b4:c0:e7:1f:8d:86:7b:
- 9e:6e:31:17:22:98:d4:53:82:6b:21:01:d2:82:10:9f:43:fc:
- c5:df:92:56:b9:eb:10:44:dc:46:58:82:3b:05:54:14:58:e1:
- 2c:f8:2f:ca:e3:54:0b:d1:f1:87:5a:67:9f:3b:b3:a7:28:b3:
- bb:5b:bf:1c
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIBGjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIyMB4XDTA3MTAyOTE2MzIzNFoXDTA4MTAyODE2MzIzNFowGzEZ
-MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBANEkdcFEKRKa/owdHgGqBeofR6sajc/SQqExfZw+ZnLOLN8BFxVA
-QJTRrm3Xyv1S2exf8GQwo0JwoaFvBS0Q7rEFZT/ywXiEzB1m7jVSx66ZdrFjTcEu
-JPv3Qy0LIQ3T1rfPYFBJPRdTPiv4aJV+HMXiHnMGjLJToXA52Z7lVvxY0LPzkDda
-blo77wW+8WQvMS5aWPIwenNSf7gNcTxjUhcPtwc7w0a5nIi8c98UWrwW/Ph5sKFB
-hwX5Uqg2YWLekGghg7uMg0evu4I+RCiXKwKogQQFFs2/754C+VRmKiiZeSu1GRDU
-3zWV8z/6E2oGb/U4KNa2C4pwW41wjTSZlj8CAwEAAaOCARAwggEMMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFOGXLhlwtX/8gk8zPWss3pqbNj1+MA4GA1UdDwEB
-/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29t
-YmF0cy1yLXVzLmhhY3Rybi5uZXQvSVNQMy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjIuY2Vy
-MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMCYDEQIgAQ24AAAAAAAAAAAAAABE
-AxEAIAENuAAAAAAAAAAAAAABADANBgkqhkiG9w0BAQsFAAOCAQEAARZ+TL232Gwj
-WH8mdqyXNwZkLahmWWXTmhzWeRHT6YfMH6mdi3Qe8LdHWOlA4NUpKx9biXIs/srP
-igTmPujZ9iYVGMRnEMSoE1kbzATolqloyJBU6RYWwH/dGn1ar4ImcP/END/W8z4L
-RWH5pF5Zuc9razLxjS5PeN6sDV8esFmyqcWkzEiHUGyNfUHvzWhNO+ep8i1QrX7Q
-hFEDVbaj8eMKRvjnI7Z7dl2LE6UUrAflnBPfb7KgSD0APvAWf220wOcfjYZ7nm4x
-FyKY1FOCayEB0oIQn0P8xd+SVrnrEETcRliCOwVUFFjhLPgvyuNUC9Hxh1pnnzuz
-pyizu1u/HA==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR2/index b/scripts/resource-cert-samples/LIR2/index
deleted file mode 100644
index 50320ebe..00000000
--- a/scripts/resource-cert-samples/LIR2/index
+++ /dev/null
@@ -1,26 +0,0 @@
-V 080731054527Z 01 unknown /CN=TEST ENTITY ISP4
-V 080731054528Z 02 unknown /CN=TEST ENTITY ISP3
-V 080731140529Z 03 unknown /CN=TEST ENTITY ISP4
-V 080731140529Z 04 unknown /CN=TEST ENTITY ISP3
-V 080731140829Z 05 unknown /CN=TEST ENTITY ISP4
-V 080731140829Z 06 unknown /CN=TEST ENTITY ISP3
-V 080731140935Z 07 unknown /CN=TEST ENTITY ISP4
-V 080731140935Z 08 unknown /CN=TEST ENTITY ISP3
-V 080731144822Z 09 unknown /CN=TEST ENTITY ISP4
-V 080731144822Z 0A unknown /CN=TEST ENTITY ISP3
-V 080809005817Z 0B unknown /CN=TEST ENTITY ISP4
-V 080809005818Z 0C unknown /CN=TEST ENTITY ISP3
-V 080809010231Z 0D unknown /CN=TEST ENTITY ISP4
-V 080809010231Z 0E unknown /CN=TEST ENTITY ISP3
-V 080809010709Z 0F unknown /CN=TEST ENTITY ISP4
-V 080809010709Z 10 unknown /CN=TEST ENTITY ISP3
-V 080809011339Z 11 unknown /CN=TEST ENTITY ISP4
-V 080809011339Z 12 unknown /CN=TEST ENTITY ISP3
-V 080809011510Z 13 unknown /CN=TEST ENTITY ISP4
-V 080809011510Z 14 unknown /CN=TEST ENTITY ISP3
-V 081018190607Z 15 unknown /CN=TEST ENTITY ISP4
-V 081018190607Z 16 unknown /CN=TEST ENTITY ISP3
-V 081028160352Z 17 unknown /CN=TEST ENTITY ISP4
-V 081028160352Z 18 unknown /CN=TEST ENTITY ISP3
-V 081028163234Z 19 unknown /CN=TEST ENTITY ISP4
-V 081028163234Z 1A unknown /CN=TEST ENTITY ISP3
diff --git a/scripts/resource-cert-samples/LIR2/index.attr b/scripts/resource-cert-samples/LIR2/index.attr
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/LIR2/index.attr
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/LIR2/index.attr.old b/scripts/resource-cert-samples/LIR2/index.attr.old
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/LIR2/index.attr.old
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/LIR2/index.old b/scripts/resource-cert-samples/LIR2/index.old
deleted file mode 100644
index 219f32cb..00000000
--- a/scripts/resource-cert-samples/LIR2/index.old
+++ /dev/null
@@ -1,25 +0,0 @@
-V 080731054527Z 01 unknown /CN=TEST ENTITY ISP4
-V 080731054528Z 02 unknown /CN=TEST ENTITY ISP3
-V 080731140529Z 03 unknown /CN=TEST ENTITY ISP4
-V 080731140529Z 04 unknown /CN=TEST ENTITY ISP3
-V 080731140829Z 05 unknown /CN=TEST ENTITY ISP4
-V 080731140829Z 06 unknown /CN=TEST ENTITY ISP3
-V 080731140935Z 07 unknown /CN=TEST ENTITY ISP4
-V 080731140935Z 08 unknown /CN=TEST ENTITY ISP3
-V 080731144822Z 09 unknown /CN=TEST ENTITY ISP4
-V 080731144822Z 0A unknown /CN=TEST ENTITY ISP3
-V 080809005817Z 0B unknown /CN=TEST ENTITY ISP4
-V 080809005818Z 0C unknown /CN=TEST ENTITY ISP3
-V 080809010231Z 0D unknown /CN=TEST ENTITY ISP4
-V 080809010231Z 0E unknown /CN=TEST ENTITY ISP3
-V 080809010709Z 0F unknown /CN=TEST ENTITY ISP4
-V 080809010709Z 10 unknown /CN=TEST ENTITY ISP3
-V 080809011339Z 11 unknown /CN=TEST ENTITY ISP4
-V 080809011339Z 12 unknown /CN=TEST ENTITY ISP3
-V 080809011510Z 13 unknown /CN=TEST ENTITY ISP4
-V 080809011510Z 14 unknown /CN=TEST ENTITY ISP3
-V 081018190607Z 15 unknown /CN=TEST ENTITY ISP4
-V 081018190607Z 16 unknown /CN=TEST ENTITY ISP3
-V 081028160352Z 17 unknown /CN=TEST ENTITY ISP4
-V 081028160352Z 18 unknown /CN=TEST ENTITY ISP3
-V 081028163234Z 19 unknown /CN=TEST ENTITY ISP4
diff --git a/scripts/resource-cert-samples/LIR2/serial b/scripts/resource-cert-samples/LIR2/serial
deleted file mode 100644
index 8787ed81..00000000
--- a/scripts/resource-cert-samples/LIR2/serial
+++ /dev/null
@@ -1 +0,0 @@
-1B
diff --git a/scripts/resource-cert-samples/LIR2/serial.old b/scripts/resource-cert-samples/LIR2/serial.old
deleted file mode 100644
index 268de3f3..00000000
--- a/scripts/resource-cert-samples/LIR2/serial.old
+++ /dev/null
@@ -1 +0,0 @@
-1A
diff --git a/scripts/resource-cert-samples/LIR3.cer b/scripts/resource-cert-samples/LIR3.cer
deleted file mode 100644
index c466f22e..00000000
--- a/scripts/resource-cert-samples/LIR3.cer
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 48 (0x30)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 18:25:58:2e:ac:98:93:f2:ce:b9:cf:fe:31:1d:4e:a4:64:bc:
- f6:59:19:88:af:01:cb:72:68:04:4a:41:5f:d6:dc:86:f6:c3:
- a3:83:06:ba:96:4c:fd:eb:26:a5:5d:64:07:08:fa:87:94:df:
- 00:b2:44:2e:dd:23:f6:cb:6b:80:b4:65:3d:61:e1:4c:3f:de:
- db:a1:90:0f:da:0d:f1:cc:7c:72:1d:0e:07:50:87:3b:76:4b:
- 17:06:67:b8:a4:65:4e:94:7c:1e:e0:3f:99:3f:90:8e:9a:c5:
- 42:6f:35:bb:78:48:6b:0f:83:59:b9:57:70:94:dc:ad:d9:c4:
- c0:bb:72:9c:c4:0d:e9:d8:69:7b:f1:dc:72:52:95:38:3c:6c:
- c0:ed:e9:19:f3:48:9c:e5:60:d9:46:55:66:ab:b2:fb:bd:cd:
- f0:c3:43:eb:48:1a:86:1f:71:6a:b6:11:65:e2:88:43:ab:4e:
- 69:a3:a7:ba:5c:09:f6:30:c5:93:f3:6a:72:be:9a:cf:5f:ba:
- ea:3a:76:4f:43:03:13:12:4f:a6:ca:ed:c5:09:2f:2d:be:4a:
- 02:50:05:7d:f5:2c:61:af:1b:79:31:ad:b1:3b:4c:61:b0:99:
- 9f:95:19:ab:71:5f:b0:df:0f:9b:bf:38:42:a6:38:b3:a8:e8:
- 2c:c1:68:13
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIBMDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBQjCCAT4wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAh
-BggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/
-BEIwQDASBAIAATAMAwQACgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAK
-AAADEAAgAQ24AAAAAAAAAAAKAwAwDQYJKoZIhvcNAQELBQADggEBABglWC6smJPy
-zrnP/jEdTqRkvPZZGYivActyaARKQV/W3Ib2w6ODBrqWTP3rJqVdZAcI+oeU3wCy
-RC7dI/bLa4C0ZT1h4Uw/3tuhkA/aDfHMfHIdDgdQhzt2SxcGZ7ikZU6UfB7gP5k/
-kI6axUJvNbt4SGsPg1m5V3CU3K3ZxMC7cpzEDenYaXvx3HJSlTg8bMDt6RnzSJzl
-YNlGVWarsvu9zfDDQ+tIGoYfcWq2EWXiiEOrTmmjp7pcCfYwxZPzanK+ms9fuuo6
-dk9DAxMST6bK7cUJLy2+SgJQBX31LGGvG3kxrbE7TGGwmZ+VGatxX7DfD5u/OEKm
-OLOo6CzBaBM=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3.cnf b/scripts/resource-cert-samples/LIR3.cnf
deleted file mode 100644
index 0f65ce12..00000000
--- a/scripts/resource-cert-samples/LIR3.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = LIR3.cer
-serial = LIR3/serial
-private_key = LIR3.key
-database = LIR3/index
-new_certs_dir = LIR3
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY LIR3
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/LIR3/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-sbgp-autonomousSysNum = critical,AS:64534-64540
-sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv4:10.3.0.0/24,IPv6:2001:db8::a00:0/120,IPv6:2001:db8::a03:0/120
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/LIR3/
-authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-sbgp-autonomousSysNum = critical,AS:64534-64540
-sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv4:10.3.0.0/24,IPv6:2001:db8::a00:0/120,IPv6:2001:db8::a03:0/120
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/LIR3.key b/scripts/resource-cert-samples/LIR3.key
deleted file mode 100644
index d4d89f21..00000000
--- a/scripts/resource-cert-samples/LIR3.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP
-5tw9g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxcc
-q8GMN0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+
-zoS+tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o
-3nlszv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzX
-BWJshlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABAoIBAFqJhaqrK7KsemYP
-08JExnR6g0TneIEn5veWrvrkoGft5h/riu5RK966zz4d6SlS9Omgk2/NbCRNJ91+
-XgNs4a8fCOnhx9u41ux6P1FUzBlwlvlHvYTh7cU4WxTC/ohDlnor56ZP6h32+bjt
-5VfzjcF2dBaZ04sPRUIaT6t9mWtaGmUolbHPAV6nsVfE+n6O5zLC2rTVhvdRuE83
-OUuw0PsgmathhpCSdm+kYhjgYEKb5gIv9EUQ8k0+b1+JTczJXJ0UbJpAQFGAnUPm
-kW3D4G4RedlIlP5ngCwPGa6cgTixTVZqMkP7BaBfPdkKuwvPOAHWjhy5JU37GQfj
-YubemXECgYEA2IYt0k1rHjT3r2hfMdUcScx2tTGzHBa0YkeDMtz3gpSDQEzehhHj
-UtP/vj+/XrVGK8V0Zv5bkKdJLjUCzCSVPjS5vESVHdzXrRFQUItMcG7FoqDV/hIt
-sFE2yYnrEx93xoHgSK6r0Btnn7GGKeYg8p8nLPI2Ed+vgmVsQ3C0VnUCgYEAwN8c
-iA5YNZKCOnL3ZFN7cYVVar6k04/T+StWRCqQyoKCUqTU2w0TMQ6HRzwpoCbTIPow
-Zz6cHY121pP0CI0Pdl0YYCbyQXLH0+hhRxBZ8LNBWVkuvn6Fv81J9idpO+yeCD0L
-dZzBXj1ZFa4T4zSWN5TdpcHd5yMjxl9Xo9J5Ed0CgYBtarDxG0pMQ3v+2gFxDz5y
-VK6QNgNK6HZTS8wTAfLZu+7vqWix24xCqPsNyu0MERLav7do7JSc7sxeW0+EleAN
-RVuutgGcy6L5xEwPx7TjBDc/TYOWFt2bwg6rndR7H2XJnIwYbpxIV/DvlCg2OCLi
-OGb1oZiNQ7pPbK1fDy8ymQKBgF5WAoeNtJlncqkSCG0a5BsPY0sVulr8U2rhRo2K
-4E0c7o9rre0ChSuOdp5iD94Uf1n25WvqVMOjqMelkEwKatCzEjQdeIqIkLLWS5ZN
-qiAwHTuNgm6MRfEdgRqUBkXYIyfWa99376Cfkw4mmfWciAjhmFP18gqWxm3FvoET
-dkJFAoGBAMVd38IG4NUbjhHs/8X0YyOD5CASxgFo29ByzCVpl/NUascqkpHRDh0l
-nhvGleI9YZvXSR8K8SJCkg65DwMfbAdlZKyrzr+Eo6/x6LlLOVDLMXFHiri+1Oaz
-nqjwZBLkzWGxtbVr+q1qWJUPzxzODgdPaaagMzrEK5BriWdw4Fil
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/LIR3.req b/scripts/resource-cert-samples/LIR3.req
deleted file mode 100644
index e22e9dd3..00000000
--- a/scripts/resource-cert-samples/LIR3.req
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIDtzCCAp8CAQAwGzEZMBcGA1UEAxMQVEVTVCBFTlRJVFkgTElSMzCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMhV2FkrxEY1Mveptyt2SwPD1iffsiF
-VREmTHzwa2ganmoMj+bcPYNYKsx3rBlzb1rzbiSszRrcHQtMRPVtiwoXPYb56P7m
-YOWfQGrllOiaVhcXHKvBjDdAK1W/LF7cjcolf4pf7vsWhuvgCNMm5eNwxQxr+xuP
-a1z24kpYpTUB6gUbPs6EvrU/bRgWS2jleUyIfbalZaM6wjLcrY+KBe726XqA2hKp
-D1q10tMxrD7TGSUtKN55bM79d2bV4y+py/mFjCC7ooYj8JOVIAR4x8cHpv7w9EW7
-z3gr3c6cCKVGaBBM1wVibIZaLX8GOMJNu0SHAEN50o/za7L0XBy5aAECAwEAAaCC
-AVUwggFRBgkqhkiG9w0BCQ4xggFCMIIBPjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQQYIKwYB
-BQUHAQsENTAzMDEGCCsGAQUFBzAFhiVyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0xJUjMvMEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYncnN5bmM6
-Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9SSVIuY2VyMCEGCCsGAQUFBwEIAQH/
-BBIwEKAOMAwwCgIDAPwWAgMA/BwwUQYIKwYBBQUHAQcBAf8EQjBAMBIEAgABMAwD
-BAAKAAADBAAKAwAwKgQCAAIwJAMQACABDbgAAAAAAAAAAAoAAAMQACABDbgAAAAA
-AAAAAAoDADANBgkqhkiG9w0BAQUFAAOCAQEAmuU3fGe4uEXPaD9zY3elmjHYcZ2m
-rMClydTpxMjNwJIoNdEP7DNolC3aHkDj27gbD2MVuMeKDb7XksmLgnAiJc9f6hMb
-NxpfLPVLHL5GTLQoaKUeLnNZenWElgFU3J2ebPFkhsqItb3YE3ok/0VGRhS+fMrI
-vNfPlx/7JpeuS0IZuEHrhQ4qy5xq+c9E9xFlytT2Txsqz6xWBccOO18cZ24nrexJ
-9xLS9RuD16z0RCM/WsGqlA6AiQXYKd3T8fOuB6CEklZNSCY4iLjK5jJDx/8HgHtg
-6FOQWM1bFGmOpKBFuSjQjNqgfpYpKaIIT81gPSUy/oG9bT5G8mkN4iWDOg==
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/LIR3/01.pem b/scripts/resource-cert-samples/LIR3/01.pem
deleted file mode 100644
index 5f7a0a59..00000000
--- a/scripts/resource-cert-samples/LIR3/01.pem
+++ /dev/null
@@ -1,92 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 1 14:48:18 2007 GMT
- Not After : Jul 31 14:48:18 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Authority Key Identifier:
- keyid:98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha1WithRSAEncryption
- 50:6b:1b:84:77:e5:93:08:5e:dc:42:24:86:70:11:24:f8:11:
- 91:68:0f:08:9b:49:f6:4a:27:85:13:93:ed:59:49:d0:f8:a6:
- d2:44:ab:25:69:41:59:40:8b:78:ab:d2:8d:09:a8:c0:fe:20:
- 49:d7:47:c4:de:19:a1:79:d2:8d:bd:29:08:37:a8:9a:b6:5e:
- 56:25:50:da:1c:47:e8:bf:ed:1e:49:79:48:81:07:97:d3:2f:
- 14:e7:bc:8e:e9:ef:82:9a:bd:18:60:08:08:57:22:6e:45:bb:
- 1a:9f:69:e0:0f:86:42:49:ec:d2:5f:6f:fb:01:b0:b9:56:66:
- aa:62:64:e1:80:68:ee:11:d9:45:b8:3a:fc:81:4b:d4:c0:f7:
- 1c:a7:97:9a:7d:f7:94:2c:05:86:35:2e:0c:83:17:45:b6:3f:
- d6:4e:5f:ba:2d:77:41:4a:25:37:b9:8b:4a:4e:b4:36:f5:c9:
- f7:84:e0:6b:af:1c:d5:e0:88:a5:aa:6f:87:10:18:c3:af:46:
- ee:63:97:e3:66:98:bb:51:67:89:d6:4d:8f:b2:ed:f6:33:ae:
- 5b:44:44:1e:56:af:ac:6d:7b:1f:13:f9:96:84:ee:08:db:4b:
- 1f:56:48:ac:97:0e:ee:b5:33:f4:2d:03:62:a3:32:6d:85:85:
- 52:a6:47:ca
------BEGIN CERTIFICATE-----
-MIIDxjCCAq6gAwIBAgIBATANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgxOFoXDTA4MDczMTE0NDgxOFowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjggESMIIBDjAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQth8Ga+FgrvcL4fjBHs6mIN8nrRjAfBgNVHSME
-GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
-BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0lTUDVjLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
-Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwIQYIKwYBBQUHAQgB
-Af8EEjAQoA4wDDAKAgMA/BYCAwD8HDANBgkqhkiG9w0BAQUFAAOCAQEAUGsbhHfl
-kwhe3EIkhnARJPgRkWgPCJtJ9konhROT7VlJ0Pim0kSrJWlBWUCLeKvSjQmowP4g
-SddHxN4ZoXnSjb0pCDeomrZeViVQ2hxH6L/tHkl5SIEHl9MvFOe8junvgpq9GGAI
-CFcibkW7Gp9p4A+GQkns0l9v+wGwuVZmqmJk4YBo7hHZRbg6/IFL1MD3HKeXmn33
-lCwFhjUuDIMXRbY/1k5fui13QUolN7mLSk60NvXJ94Tga68c1eCIpapvhxAYw69G
-7mOX42aYu1FnidZNj7Lt9jOuW0REHlavrG17HxP5loTuCNtLH1ZIrJcO7rUz9C0D
-YqMybYWFUqZHyg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/02.pem b/scripts/resource-cert-samples/LIR3/02.pem
deleted file mode 100644
index 47299c75..00000000
--- a/scripts/resource-cert-samples/LIR3/02.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 2 (0x2)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 1 14:48:20 2007 GMT
- Not After : Jul 31 14:48:20 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Authority Key Identifier:
- keyid:98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha1WithRSAEncryption
- 44:d8:15:ad:71:7e:e9:6e:ec:33:2b:42:ed:8c:8a:4a:df:82:
- a4:91:99:57:b0:2f:cc:a3:59:2a:ff:24:c5:ac:e1:79:fa:d7:
- 92:ba:72:2b:47:1a:cf:80:6d:08:76:e9:b5:91:60:35:1f:dd:
- 0c:e0:bd:33:7c:27:d0:f7:11:4e:1f:48:4a:05:bc:6d:e3:5f:
- ba:dd:7a:ba:3d:45:7d:97:72:94:9b:cd:31:76:b8:96:df:f0:
- 7d:16:f3:2a:a3:e2:72:eb:02:1f:49:ee:b6:44:48:5b:69:99:
- b8:bb:80:3b:cb:f5:bc:aa:f8:ba:68:19:53:ec:ff:ad:75:ae:
- 82:51:00:ec:e7:81:c2:6b:cf:a2:a2:a2:c5:b8:04:47:91:ad:
- 9d:33:72:48:a2:15:55:ad:43:52:8f:f6:09:a3:d3:fd:88:d3:
- e3:c3:f4:cd:71:e8:cb:aa:e7:36:07:27:d9:e9:a4:a1:e8:33:
- cd:2d:9c:37:ee:48:e4:8f:8e:f0:84:67:64:89:ea:9a:23:e0:
- 12:01:25:80:41:70:fa:b8:3a:c7:0d:b7:c9:ac:79:37:2a:b1:
- d7:62:79:ea:db:74:b4:f5:86:86:b6:1e:d5:d0:b0:29:96:a3:
- 58:a9:f7:3f:df:8d:31:c1:90:d1:df:1b:c3:f4:14:f8:1d:d1:
- c9:57:95:7f
------BEGIN CERTIFICATE-----
-MIID3jCCAsagAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMFoXDTA4MDczMTE0NDgyMFowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEqMIIBJjAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAfBgNVHSME
-GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
-BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
-Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB
-Af8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoDADAN
-BgkqhkiG9w0BAQUFAAOCAQEARNgVrXF+6W7sMytC7YyKSt+CpJGZV7AvzKNZKv8k
-xazhefrXkrpyK0caz4BtCHbptZFgNR/dDOC9M3wn0PcRTh9ISgW8beNfut16uj1F
-fZdylJvNMXa4lt/wfRbzKqPicusCH0nutkRIW2mZuLuAO8v1vKr4umgZU+z/rXWu
-glEA7OeBwmvPoqKixbgER5GtnTNySKIVVa1DUo/2CaPT/YjT48P0zXHoy6rnNgcn
-2emkoegzzS2cN+5I5I+O8IRnZInqmiPgEgElgEFw+rg6xw23yax5Nyqx12J56tt0
-tPWGhrYe1dCwKZajWKn3P9+NMcGQ0d8bw/QU+B3RyVeVfw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/03.pem b/scripts/resource-cert-samples/LIR3/03.pem
deleted file mode 100644
index 50780320..00000000
--- a/scripts/resource-cert-samples/LIR3/03.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 3 (0x3)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 1 14:48:22 2007 GMT
- Not After : Jul 31 14:48:22 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Authority Key Identifier:
- keyid:98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha1WithRSAEncryption
- 93:32:99:62:dd:c5:ea:f0:1f:58:50:10:37:d3:39:37:d9:f6:
- 92:51:26:2f:d6:fd:6f:82:b8:56:6b:fd:0c:f3:42:04:56:ed:
- 67:2b:42:02:98:56:07:f1:48:2d:2e:b4:32:bb:d7:1c:27:14:
- a0:e9:ad:3b:1d:fe:0b:0e:43:df:22:97:f1:8f:73:d8:76:d6:
- 9b:0d:bf:ee:20:e8:77:17:a3:83:01:b3:23:43:85:6b:bf:6f:
- cc:2e:69:47:05:73:f4:21:45:94:c8:ae:21:28:41:16:91:ee:
- 48:49:66:5a:67:31:71:04:c9:49:71:94:d5:f4:86:5c:7b:c6:
- 3e:fe:91:1d:21:b3:14:98:54:ad:6e:51:28:e9:a8:22:ba:a4:
- d0:9c:8c:e3:d4:7c:21:10:0c:f9:a3:00:f8:c3:9f:00:b4:53:
- 34:06:af:5b:4a:43:95:cb:b2:fb:8c:18:00:86:11:28:5e:24:
- e1:90:d8:67:d8:00:fc:b6:27:1f:9e:b1:be:91:17:c1:11:35:
- 6e:9c:60:50:2e:67:f3:04:2b:74:89:f9:fe:92:73:dd:1e:44:
- 81:67:b8:08:63:a8:9f:f4:8c:bc:47:de:f1:df:8b:11:cd:02:
- ec:b9:ad:0b:06:28:0c:e2:84:36:83:85:f3:4f:46:56:46:d5:
- f5:f8:cb:f3
------BEGIN CERTIFICATE-----
-MIID3jCCAsagAwIBAgIBAzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEqMIIBJjAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAfBgNVHSME
-GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
-BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
-cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
-Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB
-Af8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoAADAN
-BgkqhkiG9w0BAQUFAAOCAQEAkzKZYt3F6vAfWFAQN9M5N9n2klEmL9b9b4K4Vmv9
-DPNCBFbtZytCAphWB/FILS60MrvXHCcUoOmtOx3+Cw5D3yKX8Y9z2HbWmw2/7iDo
-dxejgwGzI0OFa79vzC5pRwVz9CFFlMiuIShBFpHuSElmWmcxcQTJSXGU1fSGXHvG
-Pv6RHSGzFJhUrW5RKOmoIrqk0JyM49R8IRAM+aMA+MOfALRTNAavW0pDlcuy+4wY
-AIYRKF4k4ZDYZ9gA/LYnH56xvpEXwRE1bpxgUC5n8wQrdIn5/pJz3R5EgWe4CGOo
-n/SMvEfe8d+LEc0C7LmtCwYoDOKENoOF809GVkbV9fjL8w==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/04.pem b/scripts/resource-cert-samples/LIR3/04.pem
deleted file mode 100644
index 2f339d8c..00000000
--- a/scripts/resource-cert-samples/LIR3/04.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 4 (0x4)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Signature Algorithm: sha256WithRSAEncryption
- 54:9d:09:01:1d:1f:b7:ac:f9:0a:05:b4:68:22:0d:e2:d4:b3:
- 28:80:eb:2b:e9:86:2b:6a:03:e5:a7:d4:34:cd:58:fd:0d:90:
- d9:f4:1d:0d:95:ff:cf:23:1c:9d:dd:38:e4:54:4d:1f:9a:1d:
- 20:8e:c0:b9:06:37:0b:06:ba:e9:6d:df:f4:07:d6:1d:2b:0b:
- c4:16:24:38:98:6e:56:85:0f:c3:43:87:af:0c:b5:90:c1:c4:
- 84:96:1d:d9:d0:d0:35:fe:ff:c1:ab:38:42:70:19:bd:3e:b2:
- eb:4e:0a:20:a5:18:c0:aa:e8:8e:6b:ad:4f:51:a2:04:82:d6:
- ef:12:33:57:fb:6e:9b:a3:9b:9e:a9:49:15:cd:f1:e1:38:40:
- 11:af:06:88:48:52:2e:0a:ec:9a:03:4a:1b:3f:86:cf:67:f3:
- 83:34:f9:53:f7:af:8f:cb:67:1a:23:b2:0c:89:38:4a:1e:44:
- d1:25:4d:22:02:41:8a:1f:45:7d:8b:99:c1:83:90:1e:5b:f1:
- 1b:ba:67:ba:c2:b8:93:2e:cd:5f:23:41:ba:f2:d5:2a:6e:33:
- 1f:63:4c:ac:a5:be:fa:d9:18:13:42:71:43:2e:e2:24:5c:fb:
- 25:5a:39:ab:b0:0a:81:31:51:13:65:eb:7d:0d:2b:7a:7c:3e:
- 09:c0:4c:c8
------BEGIN CERTIFICATE-----
-MIIDOjCCAiKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAwNTgxN1oXDTA4MDgwOTAwNTgxN1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgYcwgYQwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wDQYJKoZIhvcNAQELBQADggEBAFSd
-CQEdH7es+QoFtGgiDeLUsyiA6yvphitqA+Wn1DTNWP0NkNn0HQ2V/88jHJ3dOORU
-TR+aHSCOwLkGNwsGuult3/QH1h0rC8QWJDiYblaFD8NDh68MtZDBxISWHdnQ0DX+
-/8GrOEJwGb0+sutOCiClGMCq6I5rrU9RogSC1u8SM1f7bpujm56pSRXN8eE4QBGv
-BohIUi4K7JoDShs/hs9n84M0+VP3r4/LZxojsgyJOEoeRNElTSICQYofRX2LmcGD
-kB5b8Ru6Z7rCuJMuzV8jQbry1SpuMx9jTKylvvrZGBNCcUMu4iRc+yVaOauwCoEx
-URNl630NK3p8PgnATMg=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/05.pem b/scripts/resource-cert-samples/LIR3/05.pem
deleted file mode 100644
index b3efd764..00000000
--- a/scripts/resource-cert-samples/LIR3/05.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 5 (0x5)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Signature Algorithm: sha256WithRSAEncryption
- 60:54:f0:88:c1:6e:25:22:90:35:05:b5:d9:a0:ca:1c:22:da:
- 3e:32:f7:a2:c3:b7:31:f0:02:11:66:8f:be:be:ae:c7:69:bc:
- 47:b9:ed:6e:d2:8f:b4:cc:0d:43:00:7a:3e:e0:d4:3d:08:c7:
- c3:4e:5e:40:6a:30:bb:30:7c:f4:5e:2e:e0:74:fc:5d:8e:b4:
- 2f:2e:98:12:41:31:0b:4c:d3:14:f5:1d:5c:66:e3:4f:e2:e1:
- 1e:cb:48:80:b2:3b:59:10:30:90:7a:cd:9c:e4:a5:14:f8:b9:
- 2a:39:3b:0b:a5:5d:5b:f2:4f:93:d9:2c:fb:3e:14:1b:f1:cd:
- 8b:0c:9d:85:9e:1f:7c:b1:a9:97:fd:9b:51:12:62:c9:a7:9f:
- a2:d0:86:ac:40:e5:6f:f5:57:00:df:60:5a:65:20:ae:a2:25:
- 84:c3:04:d0:de:2e:15:28:22:cf:0d:d6:3a:03:70:2b:89:4e:
- 72:08:00:ef:5f:fb:3f:82:6b:5b:a1:55:4f:60:54:aa:60:cb:
- 3a:e4:5e:16:f7:e6:ca:30:5a:c9:1e:51:5f:b1:70:e8:7f:e4:
- eb:be:e1:c0:37:b3:e3:46:a5:c1:e7:e7:30:81:8f:23:c7:24:
- 63:c1:36:4a:fa:df:4d:34:35:86:fb:cc:ce:ba:2e:0e:d1:27:
- bd:bc:55:54
------BEGIN CERTIFICATE-----
-MIIDOjCCAiKgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAwNTgxN1oXDTA4MDgwOTAwNTgxN1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjgYcwgYQwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUbLNllP7Gn0pQnU2LQBqh/ZcXl5IwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yi8wDQYJKoZIhvcNAQELBQADggEBAGBU
-8IjBbiUikDUFtdmgyhwi2j4y96LDtzHwAhFmj76+rsdpvEe57W7Sj7TMDUMAej7g
-1D0Ix8NOXkBqMLswfPReLuB0/F2OtC8umBJBMQtM0xT1HVxm40/i4R7LSICyO1kQ
-MJB6zZzkpRT4uSo5OwulXVvyT5PZLPs+FBvxzYsMnYWeH3yxqZf9m1ESYsmnn6LQ
-hqxA5W/1VwDfYFplIK6iJYTDBNDeLhUoIs8N1joDcCuJTnIIAO9f+z+Ca1uhVU9g
-VKpgyzrkXhb35sowWskeUV+xcOh/5Ou+4cA3s+NGpcHn5zCBjyPHJGPBNkr63000
-NYb7zM66Lg7RJ728VVQ=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/06.pem b/scripts/resource-cert-samples/LIR3/06.pem
deleted file mode 100644
index cbf5d122..00000000
--- a/scripts/resource-cert-samples/LIR3/06.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 6 (0x6)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Signature Algorithm: sha256WithRSAEncryption
- 6b:75:56:d5:11:aa:e9:73:f5:1c:b8:ec:d8:52:52:8f:84:c4:
- 3f:80:26:cc:f3:57:f5:71:db:2d:e6:33:9b:25:e4:c0:d8:ff:
- 6e:96:30:d0:be:e4:0c:16:c1:0c:2f:5f:bc:94:44:14:64:74:
- 11:37:2e:42:c5:2e:31:ca:09:2e:ca:d1:4e:76:74:a4:0d:2a:
- 92:50:3e:c4:6d:85:98:23:e2:ce:28:9e:67:8e:35:27:af:06:
- af:fb:af:e4:28:c6:ac:ad:e9:29:f9:5d:ba:fb:26:5a:e4:7c:
- 0c:29:f0:d3:a5:b7:b8:b0:3b:93:6b:cb:6a:3f:73:b1:e0:2c:
- c2:6e:35:6b:c9:56:e0:0e:b4:64:94:6a:7e:eb:be:52:2d:22:
- 2c:4e:9d:09:8d:cb:20:5d:c2:f9:51:40:d4:f9:a5:0d:b3:4b:
- 0c:a2:8a:fe:d1:63:16:54:68:1c:8d:d3:12:9b:96:84:9d:d9:
- ba:02:68:04:7f:88:ac:2a:5b:f5:31:0a:d1:35:36:6b:ab:96:
- c3:de:56:16:a8:71:a7:af:c5:a4:42:24:ba:a4:cf:2b:99:96:
- 8a:eb:ce:5a:6b:40:0a:36:55:be:c5:ab:50:46:8f:66:4d:7d:
- 6c:04:11:2a:0c:e0:2b:11:5e:53:48:32:39:f8:62:58:25:59:
- c8:7e:31:22
------BEGIN CERTIFICATE-----
-MIIDOjCCAiKgAwIBAgIBBjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAwNTgxN1oXDTA4MDgwOTAwNTgxN1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjgYcwgYQwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUCfAUC3n7C/+o71S57D65i9DLnOwwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1YS8wDQYJKoZIhvcNAQELBQADggEBAGt1
-VtURqulz9Ry47NhSUo+ExD+AJszzV/Vx2y3mM5sl5MDY/26WMNC+5AwWwQwvX7yU
-RBRkdBE3LkLFLjHKCS7K0U52dKQNKpJQPsRthZgj4s4onmeONSevBq/7r+Qoxqyt
-6Sn5Xbr7JlrkfAwp8NOlt7iwO5Nry2o/c7HgLMJuNWvJVuAOtGSUan7rvlItIixO
-nQmNyyBdwvlRQNT5pQ2zSwyiiv7RYxZUaByN0xKbloSd2boCaAR/iKwqW/UxCtE1
-NmurlsPeVhaocaevxaRCJLqkzyuZlorrzlprQAo2Vb7Fq1BGj2ZNfWwEESoM4CsR
-XlNIMjn4YlglWch+MSI=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/07.pem b/scripts/resource-cert-samples/LIR3/07.pem
deleted file mode 100644
index 96c90b92..00000000
--- a/scripts/resource-cert-samples/LIR3/07.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 7 (0x7)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha256WithRSAEncryption
- 0c:a5:20:ee:a9:16:f5:45:6f:f6:55:c7:42:48:01:84:8a:e6:
- be:11:15:47:85:bd:8b:f1:11:b9:32:0f:77:52:bf:64:cd:f9:
- f2:c9:70:78:0e:d7:21:e0:79:4e:7e:08:a3:9f:07:0d:73:55:
- 79:31:3f:93:a0:cb:88:3f:91:7b:83:6a:da:57:92:71:6c:a2:
- 03:dc:e8:3d:dc:ab:07:5d:30:d1:62:fe:28:40:29:07:80:b1:
- 41:36:58:fa:f0:a6:6a:ae:c8:a5:7d:01:e9:cb:84:7d:c7:39:
- ec:87:c2:14:3b:ae:7a:85:66:6c:da:72:88:7e:aa:6b:81:a6:
- 3d:bc:5d:de:fd:ad:20:42:8f:1e:75:73:4e:18:11:95:0e:87:
- 15:d6:be:01:0a:77:ca:33:ce:d2:3b:9e:07:4a:55:e5:7a:70:
- 46:e6:59:46:79:6e:0f:3d:1d:98:d1:a4:59:50:d6:22:e0:f1:
- cd:44:97:72:9f:67:3a:23:ec:c7:68:44:5c:84:ba:30:60:01:
- 06:78:dd:96:cf:98:e0:24:9b:f7:38:ea:6c:55:7a:f2:78:d6:
- 0f:b3:03:1b:d9:d6:cc:b6:c4:b5:42:75:f8:fd:6f:bc:f0:8f:
- 23:ba:8a:22:6b:f9:cc:d8:90:76:d4:7c:78:b5:ff:ee:96:6e:
- f8:3b:db:31
------BEGIN CERTIFICATE-----
-MIIDozCCAougAwIBAgIBBzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMDIzMVoXDTA4MDgwOTAxMDIzMVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgfAwge0wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2Vy
-MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEL
-BQADggEBAAylIO6pFvVFb/ZVx0JIAYSK5r4RFUeFvYvxEbkyD3dSv2TN+fLJcHgO
-1yHgeU5+CKOfBw1zVXkxP5Ogy4g/kXuDatpXknFsogPc6D3cqwddMNFi/ihAKQeA
-sUE2WPrwpmquyKV9AenLhH3HOeyHwhQ7rnqFZmzacoh+qmuBpj28Xd79rSBCjx51
-c04YEZUOhxXWvgEKd8ozztI7ngdKVeV6cEbmWUZ5bg89HZjRpFlQ1iLg8c1El3Kf
-Zzoj7MdoRFyEujBgAQZ43ZbPmOAkm/c46mxVevJ41g+zAxvZ1sy2xLVCdfj9b7zw
-jyO6iiJr+czYkHbUfHi1/+6Wbvg72zE=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/08.pem b/scripts/resource-cert-samples/LIR3/08.pem
deleted file mode 100644
index eda14481..00000000
--- a/scripts/resource-cert-samples/LIR3/08.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 8 (0x8)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 13:01:ba:b0:04:4c:97:5c:4a:37:a9:4f:0d:4e:ba:3a:b4:7f:
- ba:30:a6:e8:d6:ad:5a:6f:d2:67:23:a4:92:33:b2:b7:3d:8f:
- e6:57:95:d4:98:b5:d4:4d:95:dc:36:e0:39:02:7d:b9:49:6e:
- 27:6e:d6:a1:37:85:fa:59:bf:97:5d:73:63:64:88:a7:87:36:
- 17:8b:ed:40:8c:3c:29:f6:75:3e:cf:22:5b:83:d6:f6:b7:5d:
- d3:05:c7:93:5d:d0:f3:5e:38:3b:21:66:0d:ef:ac:66:d9:a9:
- 38:ee:0a:cc:8a:d5:1a:5a:8e:8d:05:df:f9:29:18:b7:0c:11:
- 4f:e4:b3:34:f3:b7:f8:da:c5:6b:15:e1:1f:a4:29:e1:26:99:
- 57:1c:08:83:2d:1c:15:39:bb:d6:23:4c:40:9d:be:2c:ce:12:
- 31:ea:47:15:2d:c2:59:d1:02:95:cb:7f:21:6c:86:2b:b5:58:
- 02:80:9c:81:5f:b9:34:c8:d9:b9:47:64:22:2b:ec:37:41:ac:
- f5:b7:3d:d2:f4:da:56:c3:ed:dd:f3:fe:13:83:b5:e7:23:53:
- 18:63:87:9a:6b:b6:89:16:c1:72:0a:95:7d:74:93:6d:ee:2d:
- 54:ac:69:d0:06:03:71:fc:e9:7d:8f:ec:b3:a9:12:ef:06:a3:
- 85:85:f4:13
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBCDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMDIzMVoXDTA4MDgwOTAxMDIzMVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoDADANBgkqhkiG9w0BAQsFAAOCAQEAEwG6sARMl1xKN6lPDU66
-OrR/ujCm6NatWm/SZyOkkjOytz2P5leV1Ji11E2V3DbgOQJ9uUluJ27WoTeF+lm/
-l11zY2SIp4c2F4vtQIw8KfZ1Ps8iW4PW9rdd0wXHk13Q8144OyFmDe+sZtmpOO4K
-zIrVGlqOjQXf+SkYtwwRT+SzNPO3+NrFaxXhH6Qp4SaZVxwIgy0cFTm71iNMQJ2+
-LM4SMepHFS3CWdEClct/IWyGK7VYAoCcgV+5NMjZuUdkIivsN0Gs9bc90vTaVsPt
-3fP+E4O15yNTGGOHmmu2iRbBcgqVfXSTbe4tVKxp0AYDcfzpfY/ss6kS7wajhYX0
-Ew==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/09.pem b/scripts/resource-cert-samples/LIR3/09.pem
deleted file mode 100644
index 280892fd..00000000
--- a/scripts/resource-cert-samples/LIR3/09.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 9 (0x9)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- a2:9f:a6:5b:b3:c0:3c:68:b5:0f:d2:2f:fb:1a:6e:88:bb:29:
- 53:68:29:48:c1:0e:8a:b6:02:58:24:16:d9:9c:e6:75:da:c6:
- f1:24:51:d9:2e:a1:e1:46:ae:03:bb:55:2f:5c:0e:01:ce:cf:
- 1b:65:3c:c7:7e:3c:37:84:88:86:70:91:eb:31:03:ba:48:f0:
- 70:2f:b3:fe:a6:9d:62:75:a1:16:c8:10:a9:27:38:b1:34:53:
- d7:4c:30:58:3f:49:c8:a5:59:b5:0c:7d:e1:70:40:ad:57:83:
- 2b:66:cd:d7:82:28:85:f2:b0:ef:0e:ee:28:02:ac:59:27:b9:
- e7:9f:a3:5a:09:da:34:b5:27:62:f5:7f:6b:d3:0b:85:66:f7:
- fd:7d:cc:30:28:49:5a:da:1d:9f:21:38:d6:10:59:9e:e8:a8:
- 5b:02:23:18:c8:20:e2:e7:df:34:a9:c0:aa:99:ec:20:25:35:
- 38:a8:36:2a:08:e2:98:23:2c:ed:f0:85:2d:0c:2f:dc:a2:81:
- 60:7b:f3:1b:53:ab:dd:f2:ea:1e:e7:bc:4d:20:a9:5e:a3:02:
- 3c:24:c0:73:66:e1:2b:c1:8b:c5:7d:f7:04:09:8b:38:1a:95:
- 6b:c0:d8:23:10:18:9d:61:37:03:d5:76:29:f2:a8:4e:a4:78:
- 37:d1:5d:59
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMDIzMVoXDTA4MDgwOTAxMDIzMVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoAADANBgkqhkiG9w0BAQsFAAOCAQEAop+mW7PAPGi1D9Iv+xpu
-iLspU2gpSMEOirYCWCQW2ZzmddrG8SRR2S6h4UauA7tVL1wOAc7PG2U8x348N4SI
-hnCR6zEDukjwcC+z/qadYnWhFsgQqSc4sTRT10wwWD9JyKVZtQx94XBArVeDK2bN
-14IohfKw7w7uKAKsWSe555+jWgnaNLUnYvV/a9MLhWb3/X3MMChJWtodnyE41hBZ
-nuioWwIjGMgg4uffNKnAqpnsICU1OKg2KgjimCMs7fCFLQwv3KKBYHvzG1Or3fLq
-Hue8TSCpXqMCPCTAc2bhK8GLxX33BAmLOBqVa8DYIxAYnWE3A9V2KfKoTqR4N9Fd
-WQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/0A.pem b/scripts/resource-cert-samples/LIR3/0A.pem
deleted file mode 100644
index e34e0d82..00000000
--- a/scripts/resource-cert-samples/LIR3/0A.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10 (0xa)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:07:09 2007 GMT
- Not After : Aug 9 01:07:09 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha256WithRSAEncryption
- 2b:e4:c0:d0:33:fd:74:82:bc:70:b2:2f:e9:5d:9b:9e:b0:f8:
- fb:be:db:ec:36:e5:55:03:82:a0:53:f1:9f:bb:06:b1:b2:3c:
- cb:f5:b8:6d:f8:0d:b8:f3:00:b8:2d:84:0a:ca:ac:08:b9:0c:
- 73:d9:5f:d9:87:97:8b:67:81:59:16:52:8a:f4:da:1c:94:5b:
- 4b:4a:bf:01:7d:6e:1e:99:cf:fe:c3:93:79:ef:7a:d3:51:72:
- 51:6d:cc:c3:60:25:f6:0a:ce:1b:de:3d:2a:82:3e:6c:ae:17:
- 9a:ae:86:44:b6:7c:9d:41:ee:89:81:18:32:18:8b:46:42:7b:
- 11:d2:03:71:93:d5:1e:3a:a5:90:d1:a3:45:16:a8:d5:37:63:
- a7:89:01:6a:e6:1a:25:bb:68:e6:4c:13:ee:e3:3e:36:a7:33:
- 8c:f3:b9:8d:fd:0d:db:73:e8:af:42:14:c7:bc:32:b7:2a:fd:
- 9c:1d:fe:f0:2a:32:9d:35:6b:08:dc:06:81:ec:06:be:ad:56:
- 77:6b:26:95:9d:09:ae:90:23:5d:50:30:1d:4a:67:70:80:88:
- 72:ea:de:17:b4:03:35:0e:a7:36:b6:e2:aa:30:ba:1d:90:0e:
- 1d:e6:9d:f0:f7:00:74:ee:39:09:3a:3e:e3:23:12:41:25:fc:
- 9f:e6:8d:0c
------BEGIN CERTIFICATE-----
-MIIDozCCAougAwIBAgIBCjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMDcwOVoXDTA4MDgwOTAxMDcwOVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgfAwge0wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2Vy
-MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEL
-BQADggEBACvkwNAz/XSCvHCyL+ldm56w+Pu+2+w25VUDgqBT8Z+7BrGyPMv1uG34
-DbjzALgthArKrAi5DHPZX9mHl4tngVkWUor02hyUW0tKvwF9bh6Zz/7Dk3nvetNR
-clFtzMNgJfYKzhvePSqCPmyuF5quhkS2fJ1B7omBGDIYi0ZCexHSA3GT1R46pZDR
-o0UWqNU3Y6eJAWrmGiW7aOZME+7jPjanM4zzuY39Ddtz6K9CFMe8Mrcq/Zwd/vAq
-Mp01awjcBoHsBr6tVndrJpWdCa6QI11QMB1KZ3CAiHLq3he0AzUOpza24qowuh2Q
-Dh3mnfD3AHTuOQk6PuMjEkEl/J/mjQw=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/0B.pem b/scripts/resource-cert-samples/LIR3/0B.pem
deleted file mode 100644
index 78d2f693..00000000
--- a/scripts/resource-cert-samples/LIR3/0B.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11 (0xb)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:07:09 2007 GMT
- Not After : Aug 9 01:07:09 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 3f:f3:c1:ed:2e:d8:80:65:aa:b8:ea:d0:78:a9:fe:62:aa:70:
- 6e:2e:af:19:8a:75:69:37:a0:d1:42:7e:da:c0:24:96:bc:00:
- 7d:af:e9:a9:ab:c3:f1:e2:73:69:46:1c:61:83:ef:c9:7a:e3:
- 75:4b:ca:93:91:9c:1f:c9:ab:2b:e5:71:f6:b2:06:55:eb:06:
- b5:e4:89:76:44:c7:05:9e:b1:ee:7c:02:23:2e:6f:b0:ae:e8:
- 80:ad:8f:de:20:e7:a8:6f:bf:8d:a5:6d:cf:c0:4a:c8:a0:24:
- d1:65:34:29:58:87:eb:f1:4f:4b:bd:0a:ba:d0:e5:19:39:7b:
- 8f:03:78:37:a6:fd:95:22:7d:be:ed:c6:af:90:e2:e3:bb:8a:
- 74:73:93:2d:b8:76:ac:56:d8:a3:2b:d1:48:d6:51:46:32:72:
- 7f:1d:b6:5b:ef:07:4f:f2:87:16:cd:8b:e5:f7:5a:c4:37:6f:
- b7:dd:38:dc:c7:8b:21:91:46:b0:ba:76:3a:00:a8:fa:5d:24:
- 80:56:14:d3:c3:8e:90:a8:4f:fa:de:79:91:9c:24:cc:aa:a1:
- 85:b9:13:aa:88:12:f3:19:77:18:0e:62:a2:91:d9:fb:82:9e:
- 13:83:b9:26:2e:cd:55:02:07:f4:53:35:f0:c4:e1:ec:99:ae:
- 0f:ff:08:02
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBCzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMDcwOVoXDTA4MDgwOTAxMDcwOVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoDADANBgkqhkiG9w0BAQsFAAOCAQEAP/PB7S7YgGWquOrQeKn+
-Yqpwbi6vGYp1aTeg0UJ+2sAklrwAfa/pqavD8eJzaUYcYYPvyXrjdUvKk5GcH8mr
-K+Vx9rIGVesGteSJdkTHBZ6x7nwCIy5vsK7ogK2P3iDnqG+/jaVtz8BKyKAk0WU0
-KViH6/FPS70KutDlGTl7jwN4N6b9lSJ9vu3Gr5Di47uKdHOTLbh2rFbYoyvRSNZR
-RjJyfx22W+8HT/KHFs2L5fdaxDdvt9043MeLIZFGsLp2OgCo+l0kgFYU08OOkKhP
-+t55kZwkzKqhhbkTqogS8xl3GA5iopHZ+4KeE4O5Ji7NVQIH9FM18MTh7JmuD/8I
-Ag==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/0C.pem b/scripts/resource-cert-samples/LIR3/0C.pem
deleted file mode 100644
index e3a801b4..00000000
--- a/scripts/resource-cert-samples/LIR3/0C.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12 (0xc)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:07:09 2007 GMT
- Not After : Aug 9 01:07:09 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 9c:79:5a:46:1a:3d:cc:72:7d:86:1f:86:4e:b9:13:a6:82:be:
- 43:15:5b:dd:b0:1e:e0:f8:98:dc:5e:6b:b7:f4:05:45:36:29:
- 73:1f:22:89:0a:7d:d9:7a:7c:b7:c0:31:f0:93:80:a0:66:68:
- 72:15:4a:5a:09:9d:96:36:08:7c:78:ff:6f:81:ca:54:15:1f:
- 57:4e:b2:b8:63:98:4d:12:20:6a:b1:91:ab:b0:a0:c0:dc:a6:
- c2:03:88:58:e4:4d:2d:de:32:8f:1a:22:ef:c3:36:4c:ad:f6:
- af:74:4f:2c:b2:55:3f:e2:0d:82:d1:d8:0d:c4:15:c9:3b:f4:
- 9e:5c:de:47:62:e4:b5:59:6b:59:db:48:ca:46:10:af:2c:9c:
- 31:c7:dc:50:bb:18:a7:ce:ec:50:f5:fb:90:55:4d:ff:3f:c1:
- 6f:82:8f:0f:a3:00:00:fe:cf:5e:cf:48:59:15:de:36:37:ff:
- c2:c8:bf:f8:82:39:52:eb:43:84:c4:d5:5f:de:e8:d8:56:58:
- 7e:dd:82:a4:76:b8:31:42:45:cd:36:0b:52:87:4f:41:55:c4:
- 42:4f:6b:2b:e5:57:1a:19:04:f9:70:d1:47:7a:ab:6e:94:91:
- c8:d5:a4:17:01:56:ec:21:85:f9:03:1a:a8:6b:14:fc:a5:51:
- cb:80:84:e3
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBDDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMDcwOVoXDTA4MDgwOTAxMDcwOVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoAADANBgkqhkiG9w0BAQsFAAOCAQEAnHlaRho9zHJ9hh+GTrkT
-poK+QxVb3bAe4PiY3F5rt/QFRTYpcx8iiQp92Xp8t8Ax8JOAoGZochVKWgmdljYI
-fHj/b4HKVBUfV06yuGOYTRIgarGRq7CgwNymwgOIWORNLd4yjxoi78M2TK32r3RP
-LLJVP+INgtHYDcQVyTv0nlzeR2LktVlrWdtIykYQryycMcfcULsYp87sUPX7kFVN
-/z/Bb4KPD6MAAP7PXs9IWRXeNjf/wsi/+II5UutDhMTVX97o2FZYft2CpHa4MUJF
-zTYLUodPQVXEQk9rK+VXGhkE+XDRR3qrbpSRyNWkFwFW7CGF+QMaqGsU/KVRy4CE
-4w==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/0D.pem b/scripts/resource-cert-samples/LIR3/0D.pem
deleted file mode 100644
index 6634de32..00000000
--- a/scripts/resource-cert-samples/LIR3/0D.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13 (0xd)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Signature Algorithm: sha256WithRSAEncryption
- 1f:7e:d1:95:bc:b5:52:1b:fc:3f:0b:29:18:d2:72:db:70:8b:
- 00:7b:9a:d0:1e:f1:cc:bc:c7:7b:bf:eb:0f:01:13:8f:d4:29:
- 5b:53:46:7b:d3:cb:72:a9:7b:98:ca:25:d3:8a:72:d2:f5:53:
- 67:c6:e1:59:7b:1a:6b:92:37:fd:ce:98:12:5c:ae:f2:37:c4:
- 41:7c:30:5d:19:54:9d:d2:ad:59:a2:df:b5:4a:d8:fb:ca:06:
- bf:fb:2a:a5:85:64:d2:80:ab:d2:67:4e:a5:fa:92:cb:70:14:
- 62:5d:ac:bf:1e:13:1f:7e:51:e7:56:08:7e:f7:6a:ae:d1:a2:
- 14:d2:e7:e3:c7:aa:c6:29:65:66:f1:71:7f:59:8a:20:ba:01:
- a4:12:c1:53:01:b4:c3:7c:fe:50:df:d9:7c:61:6f:e1:5d:54:
- e4:1f:91:9c:80:ce:c9:e6:e9:c6:1c:8e:60:c2:dd:bf:72:6f:
- 32:cb:37:fb:4b:b8:c3:46:16:53:ee:74:40:d4:f3:78:8a:1e:
- e1:2d:2b:2b:fa:16:ea:f5:e3:85:10:57:43:68:33:54:cc:4d:
- a7:16:ad:ce:79:da:dc:28:94:1d:54:36:2b:6a:37:9e:b0:85:
- 44:9d:5c:f4:97:25:b0:3a:42:cf:c6:d0:c2:7c:f1:fc:81:53:
- 0b:b7:b4:71
------BEGIN CERTIFICATE-----
-MIIDGTCCAgGgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMTMzOVoXDTA4MDgwOTAxMTMzOVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjZzBlMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcw
-BYYmcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wDQYJKoZI
-hvcNAQELBQADggEBAB9+0ZW8tVIb/D8LKRjScttwiwB7mtAe8cy8x3u/6w8BE4/U
-KVtTRnvTy3Kpe5jKJdOKctL1U2fG4Vl7GmuSN/3OmBJcrvI3xEF8MF0ZVJ3SrVmi
-37VK2PvKBr/7KqWFZNKAq9JnTqX6kstwFGJdrL8eEx9+UedWCH73aq7RohTS5+PH
-qsYpZWbxcX9ZiiC6AaQSwVMBtMN8/lDf2Xxhb+FdVOQfkZyAzsnm6cYcjmDC3b9y
-bzLLN/tLuMNGFlPudEDU83iKHuEtKyv6Fur144UQV0NoM1TMTacWrc552twolB1U
-NitqN56whUSdXPSXJbA6Qs/G0MJ88fyBUwu3tHE=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/0E.pem b/scripts/resource-cert-samples/LIR3/0E.pem
deleted file mode 100644
index a6a893b1..00000000
--- a/scripts/resource-cert-samples/LIR3/0E.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14 (0xe)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Signature Algorithm: sha256WithRSAEncryption
- 96:34:8a:58:26:99:07:8d:0c:24:fe:84:fb:00:19:d6:cc:64:
- 39:28:1b:33:69:82:b7:1f:3b:0c:ae:96:94:d6:fa:a3:00:2c:
- 7e:f7:68:60:e3:11:98:5c:86:1e:7b:47:44:0d:b0:e7:62:60:
- ec:57:d6:ea:64:7c:66:45:57:5e:c9:b3:c3:54:9a:18:59:7d:
- d4:2e:5e:30:cd:a8:41:51:21:83:ad:b2:b1:27:4d:a1:e7:72:
- 25:43:f3:34:50:5a:dd:67:4e:72:ba:fa:5a:6d:c9:aa:01:67:
- b5:71:4a:28:ee:1e:e7:5f:27:59:11:be:ee:25:f3:a5:b2:2e:
- 8f:9a:6d:19:54:17:0b:97:a9:4a:49:bf:c3:44:3e:73:7d:93:
- 03:f6:e2:a1:b1:7c:0a:a5:62:b5:5c:9e:9c:c7:f1:3f:ce:f3:
- 35:2b:47:30:e6:f4:a4:b3:27:9e:37:08:1f:da:d5:ac:19:e8:
- ba:72:ab:85:fe:c1:c9:d2:cc:75:f2:62:bc:37:21:ff:0f:df:
- 8f:7f:6e:07:c6:8f:84:80:16:4a:1d:a3:fe:28:78:ba:10:9a:
- ad:ef:03:f9:0a:c0:b9:fe:20:f7:6d:49:30:c0:26:e3:63:8d:
- f3:6d:88:6a:b3:74:28:a2:a3:5c:2e:4e:2c:1f:46:d3:4a:c5:
- b1:6f:aa:06
------BEGIN CERTIFICATE-----
-MIIDGTCCAgGgAwIBAgIBDjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMTMzOVoXDTA4MDgwOTAxMTMzOVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjZzBlMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcw
-BYYmcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yi8wDQYJKoZI
-hvcNAQELBQADggEBAJY0ilgmmQeNDCT+hPsAGdbMZDkoGzNpgrcfOwyulpTW+qMA
-LH73aGDjEZhchh57R0QNsOdiYOxX1upkfGZFV17Js8NUmhhZfdQuXjDNqEFRIYOt
-srEnTaHnciVD8zRQWt1nTnK6+lptyaoBZ7VxSijuHudfJ1kRvu4l86WyLo+abRlU
-FwuXqUpJv8NEPnN9kwP24qGxfAqlYrVcnpzH8T/O8zUrRzDm9KSzJ543CB/a1awZ
-6Lpyq4X+wcnSzHXyYrw3If8P349/bgfGj4SAFkodo/4oeLoQmq3vA/kKwLn+IPdt
-STDAJuNjjfNtiGqzdCiio1wuTiwfRtNKxbFvqgY=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/0F.pem b/scripts/resource-cert-samples/LIR3/0F.pem
deleted file mode 100644
index cca0bb04..00000000
--- a/scripts/resource-cert-samples/LIR3/0F.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 15 (0xf)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Signature Algorithm: sha256WithRSAEncryption
- 71:9a:80:f3:ba:b7:60:6f:6c:f5:31:18:c9:e3:45:61:0a:93:
- d9:c3:23:35:dc:11:da:cf:b4:c7:d5:36:cd:48:a7:63:c2:e9:
- 44:3c:56:c1:60:e1:7a:ab:b1:03:32:22:c7:8d:d8:24:a9:e4:
- 70:e9:d2:fd:7b:e6:20:2c:9d:ed:71:d2:9e:30:a0:f0:b2:67:
- 87:87:f7:d5:96:da:67:d4:8a:e2:aa:f2:e8:2f:b2:cd:d7:92:
- ed:9f:44:7f:f9:3d:f8:5d:c6:44:ef:a0:d3:98:41:ce:5b:c7:
- c3:b1:bb:fc:08:ec:b4:4e:0c:4d:8e:30:63:f9:06:50:a3:b1:
- 48:6e:c0:5b:ed:9a:7c:0e:ec:32:2e:c2:9e:12:28:94:9d:ed:
- 3c:99:4c:74:73:6b:ec:58:41:b3:f9:58:fb:2c:31:00:7d:20:
- 13:07:63:3e:a4:ca:59:95:37:3f:cf:b0:ae:6a:15:5a:09:8c:
- 4b:77:c4:78:76:73:90:98:c6:2a:97:70:e1:c0:90:24:c0:3c:
- a5:99:3f:74:d0:a2:e5:f5:d3:dc:52:35:71:7a:bd:48:38:a9:
- 66:a7:42:28:ae:93:82:f3:1a:99:be:52:69:d4:f9:d1:15:4d:
- 3f:2f:65:c6:9f:9f:73:00:59:f5:45:75:1f:35:06:e9:4a:b7:
- b5:77:9a:bf
------BEGIN CERTIFICATE-----
-MIIDGTCCAgGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMTMzOVoXDTA4MDgwOTAxMTMzOVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjZzBlMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcw
-BYYmcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1YS8wDQYJKoZI
-hvcNAQELBQADggEBAHGagPO6t2BvbPUxGMnjRWEKk9nDIzXcEdrPtMfVNs1Ip2PC
-6UQ8VsFg4XqrsQMyIseN2CSp5HDp0v175iAsne1x0p4woPCyZ4eH99WW2mfUiuKq
-8ugvss3Xku2fRH/5PfhdxkTvoNOYQc5bx8Oxu/wI7LRODE2OMGP5BlCjsUhuwFvt
-mnwO7DIuwp4SKJSd7TyZTHRza+xYQbP5WPssMQB9IBMHYz6kylmVNz/PsK5qFVoJ
-jEt3xHh2c5CYxiqXcOHAkCTAPKWZP3TQouX109xSNXF6vUg4qWanQiiuk4LzGpm+
-UmnU+dEVTT8vZcafn3MAWfVFdR81BulKt7V3mr8=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/10.pem b/scripts/resource-cert-samples/LIR3/10.pem
deleted file mode 100644
index 16656abb..00000000
--- a/scripts/resource-cert-samples/LIR3/10.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 16 (0x10)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha256WithRSAEncryption
- 67:a7:55:49:7b:68:d4:dd:67:16:e5:09:f3:ac:fb:1b:ea:83:
- 58:e4:ba:4f:a4:2f:88:af:1e:05:da:46:b5:85:1a:14:87:c1:
- 34:74:2d:35:4f:3d:2e:63:9a:cc:ac:28:8d:e5:61:a0:a5:73:
- f5:25:c0:1b:11:27:b6:dc:4c:41:81:f4:d6:0d:f1:8a:af:69:
- ae:32:23:d0:4a:fe:1d:d2:c6:ef:87:f5:93:01:42:c5:54:4d:
- ce:73:d5:19:c7:c9:e6:1d:4c:2f:92:28:03:b2:cd:c5:a6:f6:
- 6b:b1:bf:7c:1d:71:38:ac:85:93:c8:c2:a4:73:06:4b:f4:ff:
- 5e:44:e0:57:9a:7e:f5:5f:4c:7d:6f:b6:6a:30:27:5e:ff:7d:
- 8d:49:04:34:05:1a:87:2e:36:c3:aa:13:b1:91:f0:57:ad:a7:
- 9e:d3:be:fa:de:af:db:42:f6:bd:06:04:2e:71:e0:5e:82:4a:
- 4f:dd:57:0f:29:ca:09:db:a8:e4:fd:82:5d:ff:55:24:a4:9a:
- 64:26:d0:02:1f:f2:4d:92:28:9b:1d:bb:f6:6f:2a:d3:25:48:
- 87:04:96:37:9f:90:7c:15:6d:c7:18:ef:a7:6b:0e:b1:37:6c:
- ae:69:7e:49:81:8c:de:b9:f7:34:ee:6d:48:26:92:7f:8f:0c:
- 95:7d:08:eb
------BEGIN CERTIFICATE-----
-MIIDozCCAougAwIBAgIBEDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMTUxMFoXDTA4MDgwOTAxMTUxMFowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgfAwge0wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2Vy
-MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEL
-BQADggEBAGenVUl7aNTdZxblCfOs+xvqg1jkuk+kL4ivHgXaRrWFGhSHwTR0LTVP
-PS5jmsysKI3lYaClc/UlwBsRJ7bcTEGB9NYN8Yqvaa4yI9BK/h3Sxu+H9ZMBQsVU
-Tc5z1RnHyeYdTC+SKAOyzcWm9muxv3wdcTishZPIwqRzBkv0/15E4FeafvVfTH1v
-tmowJ17/fY1JBDQFGocuNsOqE7GR8Fetp57Tvvrer9tC9r0GBC5x4F6CSk/dVw8p
-ygnbqOT9gl3/VSSkmmQm0AIf8k2SKJsdu/ZvKtMlSIcEljefkHwVbccY76drDrE3
-bK5pfkmBjN659zTubUgmkn+PDJV9COs=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/11.pem b/scripts/resource-cert-samples/LIR3/11.pem
deleted file mode 100644
index 7342b3c4..00000000
--- a/scripts/resource-cert-samples/LIR3/11.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 17 (0x11)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 76:a6:64:04:5d:a3:16:7a:fe:0a:e7:44:c0:de:82:1c:c8:06:
- a3:08:2b:4a:fb:44:99:79:dc:52:c8:8c:af:6f:17:24:9a:08:
- 29:37:e2:ae:e7:39:cf:7e:ef:53:d1:82:87:1d:f8:a3:5c:ee:
- db:a8:dc:6f:7b:78:9f:29:6b:c7:1c:98:28:e0:e3:e5:35:bb:
- 87:46:fd:14:c1:d2:b7:92:6f:9d:d0:74:8a:54:30:97:ef:b5:
- d3:4f:18:10:fc:ec:21:3f:76:08:7d:e9:ac:c5:5d:a7:b7:e8:
- 4d:24:00:fa:e6:2b:82:b9:65:5f:b6:a3:7f:8c:bf:5d:9e:1b:
- 9c:61:66:a3:37:db:59:d1:c4:eb:c3:06:3a:1b:2a:a1:a8:21:
- 05:77:ab:bc:36:ef:08:7e:40:87:e3:c7:4c:eb:0c:5a:2a:03:
- f8:26:b6:30:a8:04:a4:af:ad:63:e3:5c:19:7f:a9:50:30:e8:
- f7:cc:fb:ef:ee:ba:90:e0:1b:24:dd:aa:dc:d9:90:11:5e:cb:
- 3f:3a:d8:fd:c0:80:6b:1e:c2:eb:bb:70:57:b4:54:78:a2:12:
- eb:6f:cd:5f:65:c3:3d:cf:62:0c:18:02:f1:8f:6e:04:30:25:
- 82:15:6e:25:0f:3c:09:5e:e6:49:cd:73:e5:68:a9:82:3c:93:
- 22:47:07:4f
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBETANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMTUxMFoXDTA4MDgwOTAxMTUxMFowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoDADANBgkqhkiG9w0BAQsFAAOCAQEAdqZkBF2jFnr+CudEwN6C
-HMgGowgrSvtEmXncUsiMr28XJJoIKTfiruc5z37vU9GChx34o1zu26jcb3t4nylr
-xxyYKODj5TW7h0b9FMHSt5JvndB0ilQwl++1008YEPzsIT92CH3prMVdp7foTSQA
-+uYrgrllX7ajf4y/XZ4bnGFmozfbWdHE68MGOhsqoaghBXervDbvCH5Ah+PHTOsM
-WioD+Ca2MKgEpK+tY+NcGX+pUDDo98z77+66kOAbJN2q3NmQEV7LPzrY/cCAax7C
-67twV7RUeKIS62/NX2XDPc9iDBgC8Y9uBDAlghVuJQ88CV7mSc1z5WipgjyTIkcH
-Tw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/12.pem b/scripts/resource-cert-samples/LIR3/12.pem
deleted file mode 100644
index 2ca7eef4..00000000
--- a/scripts/resource-cert-samples/LIR3/12.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 18 (0x12)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 36:9d:84:eb:95:7f:1e:45:82:16:54:14:e6:50:f9:61:6f:a2:
- 16:01:57:9c:f6:c3:00:d7:00:8f:a4:af:12:c7:71:f9:ac:e7:
- f5:57:5e:8a:92:6e:00:08:d4:b1:2e:bf:07:cc:e8:f9:05:97:
- 21:fe:00:12:ab:33:ad:77:3d:01:54:be:c7:57:1d:b6:ba:e8:
- 71:56:35:71:67:10:5f:78:67:92:d9:b2:3f:26:12:78:e2:5b:
- 24:ed:b3:45:95:d7:6c:c3:0a:c9:7c:e7:db:e3:e9:90:24:cb:
- a1:a0:3e:05:7f:8d:4e:bc:a5:39:c6:b1:ac:29:21:28:9f:d4:
- 58:3f:cd:07:d0:81:fd:d4:e2:b8:cc:ef:b1:75:cb:eb:73:30:
- f8:84:7a:bb:42:bf:bf:23:4e:e9:34:1e:c0:49:ea:ed:9a:62:
- 70:f8:79:08:4b:b1:80:a1:da:a6:c5:3e:78:20:5e:10:da:81:
- 29:8f:ff:6d:0e:d8:91:be:ee:2e:f7:c0:cc:87:88:45:3f:73:
- 63:ba:a0:66:73:94:6c:79:aa:f4:ec:85:62:32:2b:aa:f2:0d:
- a5:66:42:f4:ca:83:8b:b5:73:a5:78:2f:0e:bc:87:e4:ec:1a:
- 2b:c3:83:55:8e:35:65:39:62:41:86:74:d5:2a:a5:c6:05:03:
- 0a:e2:ea:76
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBEjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MDgxMDAxMTUxMFoXDTA4MDgwOTAxMTUxMFowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoAADANBgkqhkiG9w0BAQsFAAOCAQEANp2E65V/HkWCFlQU5lD5
-YW+iFgFXnPbDANcAj6SvEsdx+azn9VdeipJuAAjUsS6/B8zo+QWXIf4AEqszrXc9
-AVS+x1cdtrrocVY1cWcQX3hnktmyPyYSeOJbJO2zRZXXbMMKyXzn2+PpkCTLoaA+
-BX+NTrylOcaxrCkhKJ/UWD/NB9CB/dTiuMzvsXXL63Mw+IR6u0K/vyNO6TQewEnq
-7ZpicPh5CEuxgKHapsU+eCBeENqBKY//bQ7Ykb7uLvfAzIeIRT9zY7qgZnOUbHmq
-9OyFYjIrqvINpWZC9MqDi7VzpXgvDryH5OwaK8ODVY41ZTliQYZ01SqlxgUDCuLq
-dg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/13.pem b/scripts/resource-cert-samples/LIR3/13.pem
deleted file mode 100644
index 3fea16ec..00000000
--- a/scripts/resource-cert-samples/LIR3/13.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 19 (0x13)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha256WithRSAEncryption
- 36:12:96:70:b8:91:46:d3:30:35:cf:9b:f2:ce:98:5b:0c:25:
- a6:3e:10:60:44:b3:1a:fc:3d:93:b6:f3:e9:50:30:aa:16:29:
- 18:6f:62:f1:02:2a:fd:51:02:79:5b:30:ee:2a:f9:fb:16:fb:
- 31:eb:ab:cf:cb:f8:af:82:ad:42:24:06:0c:c2:bd:88:c4:d9:
- d3:b2:7a:51:e7:70:24:d1:33:73:ae:3f:9a:ec:7c:56:88:ae:
- b3:0a:49:03:4a:74:11:02:96:c0:be:8c:8c:f3:d0:53:3e:63:
- 08:72:ce:6c:3d:6a:2f:c2:6a:7f:f5:1a:aa:af:f0:9a:03:be:
- 15:38:27:9a:e3:c4:53:8d:d3:69:bb:18:c6:2e:a5:25:ba:08:
- f7:86:fe:c0:a1:a0:b0:60:3b:66:aa:52:d1:a0:92:87:1b:96:
- 52:ba:4e:32:0f:72:5d:6f:61:52:2c:c5:1b:b8:74:34:f5:77:
- 16:47:44:af:de:10:f7:0f:e8:ff:6e:6f:dd:a0:8e:3c:0b:b7:
- 5c:d8:76:00:1c:dd:26:ba:fd:a5:42:6e:ea:69:12:59:64:8d:
- bc:5d:90:eb:5b:04:85:2f:e8:b7:a2:cb:af:9e:a8:0c:f6:c3:
- bd:e0:b1:5b:58:12:36:b2:ed:bd:61:53:33:5c:4a:a2:d3:79:
- e5:dc:54:56
------BEGIN CERTIFICATE-----
-MIIDozCCAougAwIBAgIBEzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAxOTE5MDYwN1oXDTA4MTAxODE5MDYwN1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgfAwge0wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2Vy
-MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEL
-BQADggEBADYSlnC4kUbTMDXPm/LOmFsMJaY+EGBEsxr8PZO28+lQMKoWKRhvYvEC
-Kv1RAnlbMO4q+fsW+zHrq8/L+K+CrUIkBgzCvYjE2dOyelHncCTRM3OuP5rsfFaI
-rrMKSQNKdBEClsC+jIzz0FM+Ywhyzmw9ai/Can/1Gqqv8JoDvhU4J5rjxFON02m7
-GMYupSW6CPeG/sChoLBgO2aqUtGgkocbllK6TjIPcl1vYVIsxRu4dDT1dxZHRK/e
-EPcP6P9ub92gjjwLt1zYdgAc3Sa6/aVCbuppEllkjbxdkOtbBIUv6Leiy6+eqAz2
-w73gsVtYEjay7b1hUzNcSqLTeeXcVFY=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/14.pem b/scripts/resource-cert-samples/LIR3/14.pem
deleted file mode 100644
index 6173347f..00000000
--- a/scripts/resource-cert-samples/LIR3/14.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 20 (0x14)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 22:c9:29:33:23:37:da:af:8a:41:20:fe:35:f1:2a:25:86:ba:
- 88:08:d5:a5:26:79:f7:86:75:50:9b:ef:69:e0:c6:04:6b:0a:
- e0:3f:06:78:ee:b5:9c:c3:23:45:8c:2b:f0:26:4d:9e:94:da:
- c8:d0:a0:b3:71:bd:b5:89:dc:f5:0a:c5:56:a6:f8:1e:0f:fc:
- 27:cc:ec:42:ae:ca:7b:f6:61:f9:df:80:8d:87:85:e0:79:1b:
- 0c:32:82:37:e2:59:7c:65:7b:bd:48:ba:c0:13:24:74:f2:6a:
- 73:f8:47:a8:c7:7b:b3:89:0d:2e:5e:fc:09:06:5c:4d:4d:6e:
- 3b:c4:c1:57:c7:59:68:96:bd:97:91:df:91:d9:9d:8c:08:ef:
- 82:7c:0a:dc:54:5b:7b:1d:d9:cb:1b:a6:ca:ce:82:1b:1c:4e:
- cb:42:2e:42:7a:8c:0b:00:74:2c:b6:14:41:fc:e8:51:f0:20:
- 1b:81:61:3d:47:ef:a2:9b:0d:0b:89:57:11:34:9f:f2:21:9e:
- c9:9f:f1:39:d0:2f:73:97:86:8a:cb:ab:90:67:76:25:06:8b:
- a2:cf:94:1a:84:09:bd:0e:d1:28:52:7f:f1:52:69:9b:d2:66:
- b9:51:7a:87:e2:b1:cf:b2:d2:c4:00:fe:16:d1:29:ac:f6:61:
- 6b:58:89:0d
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBFDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAxOTE5MDYwN1oXDTA4MTAxODE5MDYwN1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoDADANBgkqhkiG9w0BAQsFAAOCAQEAIskpMyM32q+KQSD+NfEq
-JYa6iAjVpSZ594Z1UJvvaeDGBGsK4D8GeO61nMMjRYwr8CZNnpTayNCgs3G9tYnc
-9QrFVqb4Hg/8J8zsQq7Ke/Zh+d+AjYeF4HkbDDKCN+JZfGV7vUi6wBMkdPJqc/hH
-qMd7s4kNLl78CQZcTU1uO8TBV8dZaJa9l5HfkdmdjAjvgnwK3FRbex3Zyxumys6C
-GxxOy0IuQnqMCwB0LLYUQfzoUfAgG4FhPUfvopsNC4lXETSf8iGeyZ/xOdAvc5eG
-isurkGd2JQaLos+UGoQJvQ7RKFJ/8VJpm9JmuVF6h+Kxz7LSxAD+FtEprPZha1iJ
-DQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/15.pem b/scripts/resource-cert-samples/LIR3/15.pem
deleted file mode 100644
index 53d5d71f..00000000
--- a/scripts/resource-cert-samples/LIR3/15.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 21 (0x15)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 88:85:75:52:a4:57:62:32:86:d7:72:f8:f5:a2:ea:4c:a9:a7:
- 09:c7:a8:b0:12:0e:e1:69:d2:99:de:46:59:52:d8:ef:9e:3f:
- 45:8e:b4:03:cf:64:e1:db:f0:57:37:e8:f3:23:d2:7e:f4:6a:
- 74:64:3a:7a:3b:e1:e6:bb:0d:f0:1d:12:e3:1a:59:c3:b5:6f:
- 29:b7:80:3c:c2:76:2a:b2:be:09:3a:95:99:5a:82:05:b4:10:
- 70:f0:29:2f:96:27:0c:c4:83:e6:df:e0:ce:37:ad:32:0a:0b:
- a8:38:4b:a8:50:e9:17:61:c6:fb:bc:41:54:8b:fc:e4:a7:e9:
- 69:03:23:90:2c:bd:3f:e5:74:13:91:89:77:df:88:cb:4c:58:
- af:be:7e:af:e7:2c:e2:28:64:e6:5f:f3:09:a0:21:89:12:85:
- 89:50:a2:ff:d6:88:c0:9f:25:5b:40:b1:b2:6f:6c:bb:d3:32:
- b9:24:9c:70:bb:94:be:63:a2:da:fb:a8:2c:8b:ff:83:00:8b:
- 8d:cb:8f:cc:6d:b8:05:ba:0d:b3:67:05:ff:f6:40:2d:bb:7d:
- c5:0d:df:6d:42:d4:79:11:2c:12:34:55:8a:63:4b:50:e4:95:
- 92:86:36:b8:a6:24:15:33:40:7f:c7:32:b9:de:fc:fd:eb:60:
- eb:81:3d:e2
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBFTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAxOTE5MDYwN1oXDTA4MTAxODE5MDYwN1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoAADANBgkqhkiG9w0BAQsFAAOCAQEAiIV1UqRXYjKG13L49aLq
-TKmnCceosBIO4WnSmd5GWVLY754/RY60A89k4dvwVzfo8yPSfvRqdGQ6ejvh5rsN
-8B0S4xpZw7VvKbeAPMJ2KrK+CTqVmVqCBbQQcPApL5YnDMSD5t/gzjetMgoLqDhL
-qFDpF2HG+7xBVIv85KfpaQMjkCy9P+V0E5GJd9+Iy0xYr75+r+cs4ihk5l/zCaAh
-iRKFiVCi/9aIwJ8lW0Cxsm9su9MyuSSccLuUvmOi2vuoLIv/gwCLjcuPzG24BboN
-s2cF//ZALbt9xQ3fbULUeREsEjRVimNLUOSVkoY2uKYkFTNAf8cyud78/etg64E9
-4g==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/16.pem b/scripts/resource-cert-samples/LIR3/16.pem
deleted file mode 100644
index a35e6d8c..00000000
--- a/scripts/resource-cert-samples/LIR3/16.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 22 (0x16)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:03:51 2007 GMT
- Not After : Oct 28 16:03:51 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha256WithRSAEncryption
- 8b:32:d1:76:91:99:a4:fe:a9:47:f9:ad:1b:e4:09:b2:91:49:
- 01:ea:21:09:e1:db:ae:45:07:73:e1:be:99:6b:e5:73:30:20:
- 57:95:c0:e0:9f:32:29:75:e7:fd:15:06:0c:48:aa:17:0a:4b:
- 21:9e:b2:b8:ba:03:d7:fb:40:69:19:80:28:c7:a4:bd:e0:63:
- ec:e4:88:db:82:b9:03:bb:88:bb:48:40:c5:ea:34:4d:39:38:
- 5f:a1:0b:4b:8b:60:b6:a5:08:01:20:2b:44:b9:1b:2f:c6:72:
- dc:90:4c:b3:56:9d:0c:64:dc:5e:d2:da:4e:4f:c5:63:22:18:
- 67:0b:77:fc:fd:7f:31:73:70:81:cd:f8:9a:67:07:6f:b2:b7:
- ea:f4:68:19:86:9a:60:59:c4:3c:a1:ea:ba:09:6d:13:9d:3f:
- 76:cc:5f:2e:3f:e0:9b:5b:3c:72:5f:39:ed:9f:34:48:97:b3:
- c1:bb:c5:de:5a:6b:11:71:ba:d1:c4:63:20:2c:bf:75:e8:c2:
- 4a:b8:80:b8:ac:bf:46:cc:d7:2a:8b:c3:63:23:ca:9e:8d:94:
- 2c:6a:53:2f:68:7e:cd:3d:71:fd:32:c7:f7:16:11:c6:a3:3a:
- 2f:1f:05:0c:98:3f:17:3d:8c:7a:e4:47:cd:75:55:f8:b3:1b:
- a3:bc:27:3d
------BEGIN CERTIFICATE-----
-MIIDozCCAougAwIBAgIBFjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MDM1MVoXDTA4MTAyODE2MDM1MVowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgfAwge0wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2Vy
-MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEL
-BQADggEBAIsy0XaRmaT+qUf5rRvkCbKRSQHqIQnh265FB3Phvplr5XMwIFeVwOCf
-Mil15/0VBgxIqhcKSyGesri6A9f7QGkZgCjHpL3gY+zkiNuCuQO7iLtIQMXqNE05
-OF+hC0uLYLalCAEgK0S5Gy/GctyQTLNWnQxk3F7S2k5PxWMiGGcLd/z9fzFzcIHN
-+JpnB2+yt+r0aBmGmmBZxDyh6roJbROdP3bMXy4/4JtbPHJfOe2fNEiXs8G7xd5a
-axFxutHEYyAsv3Xowkq4gLisv0bM1yqLw2Mjyp6NlCxqUy9ofs09cf0yx/cWEcaj
-Oi8fBQyYPxc9jHrkR811VfizG6O8Jz0=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/17.pem b/scripts/resource-cert-samples/LIR3/17.pem
deleted file mode 100644
index b4d63508..00000000
--- a/scripts/resource-cert-samples/LIR3/17.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 23 (0x17)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:03:52 2007 GMT
- Not After : Oct 28 16:03:52 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 6c:20:82:cb:ed:5f:a4:c6:fa:b5:4c:20:7d:e8:18:e7:a9:8a:
- a4:43:aa:1b:0a:47:01:e9:d5:29:f2:58:40:e1:b0:64:37:b1:
- 54:e0:49:4c:b9:98:a4:41:b0:cf:33:87:c7:47:30:58:f9:46:
- 51:5d:d4:8c:65:24:59:a6:8a:01:c0:bc:46:38:45:fa:64:51:
- eb:ff:87:7c:18:33:41:7e:e9:52:98:a6:0f:1a:d8:43:2f:34:
- 9d:14:b4:14:e8:68:2e:16:5f:06:a7:85:96:7e:dc:49:67:f9:
- 56:5b:42:1a:af:00:fb:b5:d3:84:b8:e0:79:3c:b6:b7:b9:f3:
- 04:fc:e4:9a:9f:74:6c:ea:ff:8a:14:9d:69:15:ac:b6:5b:09:
- eb:78:64:a7:7d:81:f9:f1:c9:4c:73:ae:88:43:da:39:32:37:
- 4c:df:16:74:4d:dd:27:3a:bf:99:39:5c:a8:8d:f5:47:a8:60:
- 7c:3d:56:5b:ab:73:f7:57:26:00:55:16:f1:dc:ae:d7:e1:48:
- ed:b0:32:75:aa:76:4c:5b:7e:ef:be:6f:bc:8c:1e:12:70:27:
- 25:3d:b6:fd:6e:34:3f:9b:9f:cb:13:37:26:f4:56:fc:5b:9d:
- 7c:b5:b9:7a:29:ff:ca:c0:55:bb:57:55:25:45:b5:a1:c4:2d:
- 3c:2d:9c:8d
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBFzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MDM1MloXDTA4MTAyODE2MDM1MlowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoDADANBgkqhkiG9w0BAQsFAAOCAQEAbCCCy+1fpMb6tUwgfegY
-56mKpEOqGwpHAenVKfJYQOGwZDexVOBJTLmYpEGwzzOHx0cwWPlGUV3UjGUkWaaK
-AcC8RjhF+mRR6/+HfBgzQX7pUpimDxrYQy80nRS0FOhoLhZfBqeFln7cSWf5VltC
-Gq8A+7XThLjgeTy2t7nzBPzkmp90bOr/ihSdaRWstlsJ63hkp32B+fHJTHOuiEPa
-OTI3TN8WdE3dJzq/mTlcqI31R6hgfD1WW6tz91cmAFUW8dyu1+FI7bAydap2TFt+
-775vvIweEnAnJT22/W40P5ufyxM3JvRW/FudfLW5ein/ysBVu1dVJUW1ocQtPC2c
-jQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/18.pem b/scripts/resource-cert-samples/LIR3/18.pem
deleted file mode 100644
index d264ae2f..00000000
--- a/scripts/resource-cert-samples/LIR3/18.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 24 (0x18)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:03:52 2007 GMT
- Not After : Oct 28 16:03:52 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 31:60:cb:59:95:02:29:ad:2e:2d:92:c4:e9:61:2b:e7:a2:bc:
- 39:70:7b:b0:62:af:56:08:81:c5:50:7f:ec:4e:d4:ff:7f:4a:
- c7:34:4c:d5:dd:dc:dd:92:64:f7:5f:7b:ab:3c:9d:9d:15:b8:
- c4:73:31:eb:c6:2d:af:0c:1f:a9:05:e7:3e:28:a8:1d:f0:6f:
- ca:4b:c9:76:ff:5b:95:dd:d8:48:4a:d6:93:10:3a:1a:36:3d:
- 2a:10:2c:89:c5:19:fa:e8:fa:eb:b8:51:37:de:af:30:e3:ae:
- 09:d3:21:9c:83:4a:c1:70:ec:f6:f3:4b:72:40:75:61:02:bd:
- fc:1b:96:e2:24:39:be:9a:43:29:8c:d7:c6:90:e2:14:fd:5e:
- 22:9f:32:45:67:d2:f6:6d:45:5e:43:e6:1c:ed:74:18:2c:9c:
- ba:eb:a5:ee:76:2b:5f:b1:7a:06:18:94:95:52:58:fe:ef:61:
- d9:f0:fd:ba:b4:88:af:a3:78:f1:d9:36:42:4f:df:55:f9:9e:
- 4d:f1:c9:12:85:f6:6c:1f:a5:1b:17:f2:2a:4a:1e:65:fa:18:
- 1a:22:ee:c6:fb:b9:65:1d:30:1a:a7:f9:78:87:27:a5:c8:4a:
- 35:6d:92:2d:f0:13:75:a2:77:df:fa:28:d0:68:0b:19:7f:38:
- f3:64:0c:93
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBGDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MDM1MloXDTA4MTAyODE2MDM1MlowHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoAADANBgkqhkiG9w0BAQsFAAOCAQEAMWDLWZUCKa0uLZLE6WEr
-56K8OXB7sGKvVgiBxVB/7E7U/39KxzRM1d3c3ZJk9197qzydnRW4xHMx68Ytrwwf
-qQXnPiioHfBvykvJdv9bld3YSErWkxA6GjY9KhAsicUZ+uj667hRN96vMOOuCdMh
-nINKwXDs9vNLckB1YQK9/BuW4iQ5vppDKYzXxpDiFP1eIp8yRWfS9m1FXkPmHO10
-GCycuuul7nYrX7F6BhiUlVJY/u9h2fD9urSIr6N48dk2Qk/fVfmeTfHJEoX2bB+l
-GxfyKkoeZfoYGiLuxvu5ZR0wGqf5eIcnpchKNW2SLfATdaJ33/oo0GgLGX8482QM
-kw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/19.pem b/scripts/resource-cert-samples/LIR3/19.pem
deleted file mode 100644
index 969f45e5..00000000
--- a/scripts/resource-cert-samples/LIR3/19.pem
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY ISP5c
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:c8:8b:a1:25:65:df:ee:a2:7f:54:af:52:0a:1a:
- 1a:fa:0d:75:b3:3c:e9:e0:29:d3:89:20:e9:51:49:
- 67:2c:43:da:a0:2c:d4:44:b3:96:14:a9:07:77:60:
- b9:6f:01:ef:8e:54:a5:74:ac:5a:67:f8:30:4d:10:
- f9:ac:9f:b8:75:61:0b:f6:e7:7c:ea:9b:5c:98:7a:
- 4b:3e:c4:e2:59:42:d3:19:ca:0f:58:0e:b7:c8:82:
- 4e:e5:bb:ac:fd:92:e5:88:b2:fc:64:cf:6e:38:3b:
- 18:83:fc:e7:a6:ae:fb:90:36:d0:e1:ca:4d:90:41:
- 0f:0f:3b:2a:c0:0c:d9:7b:7d:e8:50:13:f6:09:73:
- 82:a3:d2:e3:bb:82:08:87:7f:d2:bb:0e:0e:7a:28:
- b6:25:02:b5:d9:51:fc:33:32:47:47:ff:cf:7f:bc:
- ee:00:01:bb:05:5e:2e:03:9a:ad:95:3b:ca:c2:c6:
- 87:64:74:39:aa:59:6b:ae:e0:a7:51:1a:07:f2:8e:
- 4c:8e:65:2f:df:f2:99:ba:e0:b6:8a:4f:c0:20:72:
- 79:98:00:8f:0d:50:13:3d:d1:3e:8c:bd:dc:74:a9:
- 33:a8:56:1d:31:78:7c:e7:02:9e:8d:0a:14:12:6d:
- d3:37:c7:7a:f0:84:10:fe:fe:4d:28:97:26:6e:08:
- 85:a1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 2D:87:C1:9A:F8:58:2B:BD:C2:F8:7E:30:47:B3:A9:88:37:C9:EB:46
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5c/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- Signature Algorithm: sha256WithRSAEncryption
- 2c:6e:f1:28:d7:06:69:d5:38:e5:77:75:9c:d0:9f:3b:52:f4:
- ff:83:1d:51:70:18:b1:76:57:29:1c:f4:0c:fc:bd:6d:dc:c6:
- 95:68:2d:38:fc:5b:b8:66:b8:92:95:3e:0d:cb:f6:49:3f:6e:
- 63:01:88:9b:44:7a:d1:7a:48:03:20:73:c7:f1:c8:f6:8d:be:
- 1c:6e:ca:28:0e:32:93:90:9a:76:d1:7f:f3:33:55:24:67:65:
- fd:05:03:c8:1f:7e:68:7d:c9:83:f9:47:26:d1:dc:4b:04:a2:
- 68:bb:74:2c:9c:f3:33:ec:d7:0e:d9:23:f9:a4:10:9e:af:94:
- 41:09:a0:67:2d:21:d7:b5:0a:e1:41:b3:b6:4d:bc:8d:74:6c:
- f6:b6:32:fe:ee:c4:71:b6:73:e1:bc:2a:25:54:df:91:84:4e:
- 15:09:05:98:a1:99:33:48:38:7e:7e:b1:38:73:c7:66:a2:19:
- 31:2e:93:86:65:40:20:c0:0f:86:e9:a4:77:d9:61:a5:a4:92:
- 35:c7:9c:51:15:a0:dd:21:56:76:a4:d1:75:76:0a:b6:51:9a:
- 08:c3:d4:21:ec:86:f0:b7:66:2e:7c:8b:0f:76:5c:29:3d:a6:
- 9c:ea:0c:e0:5d:14:14:b5:cc:cc:84:e0:33:95:17:06:11:c4:
- d9:d9:98:d1
------BEGIN CERTIFICATE-----
-MIIDozCCAougAwIBAgIBGTANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MzIzM1oXDTA4MTAyODE2MzIzM1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
-s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
-DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
-c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
-dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
-eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjgfAwge0wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQULYfBmvhYK73C+H4wR7OpiDfJ60YwDgYDVR0PAQH/
-BAQDAgEGMEIGCCsGAQUFBwELBDYwNDAyBggrBgEFBQcwBYYmcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9JU1A1Yy8wRAYIKwYBBQUHAQEEODA2MDQGCCsG
-AQUFBzAChihyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjMuY2Vy
-MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAPwWAgMA/BwwDQYJKoZIhvcNAQEL
-BQADggEBACxu8SjXBmnVOOV3dZzQnztS9P+DHVFwGLF2Vykc9Az8vW3cxpVoLTj8
-W7hmuJKVPg3L9kk/bmMBiJtEetF6SAMgc8fxyPaNvhxuyigOMpOQmnbRf/MzVSRn
-Zf0FA8gffmh9yYP5RybR3EsEomi7dCyc8zPs1w7ZI/mkEJ6vlEEJoGctIde1CuFB
-s7ZNvI10bPa2Mv7uxHG2c+G8KiVU35GEThUJBZihmTNIOH5+sThzx2aiGTEuk4Zl
-QCDAD4bppHfZYaWkkjXHnFEVoN0hVnak0XV2CrZRmgjD1CHshvC3Zi58iw92XCk9
-ppzqDOBdFBS1zMyE4DOVFwYRxNnZmNE=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/1A.pem b/scripts/resource-cert-samples/LIR3/1A.pem
deleted file mode 100644
index 8f133ac8..00000000
--- a/scripts/resource-cert-samples/LIR3/1A.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY ISP5b
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:bf:8f:59:d8:fc:fa:1d:04:70:29:ce:7b:01:64:
- 21:40:dc:5c:43:fe:4c:af:88:c8:62:9b:be:9c:72:
- 8f:8a:a5:34:8a:3b:23:8d:9b:8a:4f:bf:66:ac:68:
- 71:9c:fd:68:59:f5:bf:9f:4d:2e:b5:d6:e3:fa:bd:
- f3:60:53:5c:b7:11:ac:95:0b:c0:87:cd:99:9e:94:
- 57:8d:ec:05:b8:df:aa:fc:8e:38:d3:0f:65:6d:09:
- 60:f2:e1:98:81:72:d8:51:3e:41:91:b3:10:95:f5:
- f5:d0:f9:e5:5c:a1:85:fa:71:26:85:e3:d1:4c:02:
- 7f:14:e2:1e:4a:8a:96:68:9e:d6:16:a5:ef:ad:b5:
- 83:62:cd:23:74:7c:82:56:b4:d1:34:53:5a:8a:7a:
- 61:9f:ae:54:5b:ef:f9:56:de:87:6b:42:92:bc:49:
- f4:b5:c3:35:07:4a:18:47:d2:92:c6:1c:16:74:74:
- b1:e9:39:3c:53:12:05:9d:eb:dc:9c:72:2b:97:4d:
- 27:21:77:96:7d:4c:ce:79:0c:fb:a7:b8:99:6b:66:
- 20:2e:56:9c:44:b4:e3:5e:80:c4:7d:78:a1:b4:05:
- f7:20:7d:26:1e:44:bf:5d:69:15:3c:7a:24:67:bd:
- b9:b5:08:0f:33:4d:af:3b:2d:e7:b9:ab:1d:2b:d6:
- fb:73
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 6C:B3:65:94:FE:C6:9F:4A:50:9D:4D:8B:40:1A:A1:FD:97:17:97:92
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5b/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 3a:6d:f2:b8:e4:50:4d:f6:f0:f3:04:1b:73:bf:36:13:d5:e6:
- 70:d9:31:b4:47:b7:5e:ca:8a:25:93:fc:6c:dd:63:5e:09:dc:
- 47:d9:d4:43:39:f3:ed:c5:f2:64:d5:ac:72:02:76:f2:07:ca:
- a5:d9:1a:e3:9d:6a:7d:90:4c:d5:c7:09:c9:64:dd:38:f0:2f:
- ab:0d:5f:e4:13:02:2c:85:02:56:f4:6d:31:07:f9:0b:c7:e9:
- a4:0a:ee:13:03:18:9d:81:b8:78:68:d2:99:a3:e4:4f:e7:96:
- 86:99:06:10:8c:b5:c2:39:03:8a:94:2e:21:00:67:82:f5:25:
- 6c:cb:71:6b:8c:e6:31:0a:19:ed:1a:34:0c:a9:48:ca:c8:69:
- fc:91:4e:f9:0c:e5:24:2b:70:52:1c:ff:1c:cf:38:28:17:3a:
- 3d:22:a7:fa:93:dd:8f:46:03:2e:b0:ce:10:57:4a:3c:fc:a8:
- 1a:a6:c1:0e:fa:09:49:9e:d1:89:b8:4c:b0:7a:5b:76:25:05:
- fe:80:d9:8d:c1:9e:84:0b:83:53:16:9a:1e:2d:55:9a:b7:81:
- d4:3f:0a:c7:56:ac:87:58:fa:3b:27:77:c6:f6:31:c1:c8:56:
- 4a:28:6a:de:20:32:c4:80:b0:d1:36:25:ac:2c:94:28:8a:b8:
- 2b:f2:04:f0
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBGjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MzIzM1oXDTA4MTAyODE2MzIzM1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
-m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
-D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
-tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
-OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
-RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoDADANBgkqhkiG9w0BAQsFAAOCAQEAOm3yuORQTfbw8wQbc782
-E9XmcNkxtEe3XsqKJZP8bN1jXgncR9nUQznz7cXyZNWscgJ28gfKpdka451qfZBM
-1ccJyWTdOPAvqw1f5BMCLIUCVvRtMQf5C8fppAruEwMYnYG4eGjSmaPkT+eWhpkG
-EIy1wjkDipQuIQBngvUlbMtxa4zmMQoZ7Ro0DKlIyshp/JFO+QzlJCtwUhz/HM84
-KBc6PSKn+pPdj0YDLrDOEFdKPPyoGqbBDvoJSZ7RibhMsHpbdiUF/oDZjcGehAuD
-UxaaHi1VmreB1D8Kx1ash1j6Oyd3xvYxwchWSihq3iAyxICw0TYlrCyUKIq4K/IE
-8A==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/1B.pem b/scripts/resource-cert-samples/LIR3/1B.pem
deleted file mode 100644
index 787aacd7..00000000
--- a/scripts/resource-cert-samples/LIR3/1B.pem
+++ /dev/null
@@ -1,91 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 27 (0x1b)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY LIR3
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY ISP5a
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e6:4b:ad:78:28:6b:e6:50:1b:65:81:d5:8d:2b:
- 56:77:cd:bb:c9:47:a0:aa:32:b0:2c:ac:1f:f1:e4:
- 90:2b:c2:33:6f:e7:53:b1:d0:1d:ab:05:27:9d:b7:
- a1:ee:a8:4f:c8:5b:36:23:e3:12:e4:51:59:27:cd:
- fd:7a:aa:dc:56:05:a1:73:ab:79:dd:3c:82:b2:8f:
- ae:f9:ec:c0:36:38:e6:02:aa:fd:89:60:21:52:5b:
- b6:33:80:75:e5:7f:fd:ac:6e:ec:d4:9a:26:2f:7e:
- 28:45:16:29:47:7d:f3:8a:72:d5:e4:65:fa:f4:54:
- 6f:ae:48:33:62:c1:32:f1:2b:83:33:36:63:60:9e:
- bc:c7:e7:99:5d:51:da:cd:2f:8f:83:47:20:9e:e9:
- cc:a3:72:c0:72:bd:49:2d:c4:52:ea:6f:da:42:46:
- 71:90:c7:af:7f:9f:c7:dd:0b:96:96:3c:45:9f:c0:
- ea:65:6a:43:e3:f3:92:d5:e1:73:c0:6e:20:f5:17:
- e5:d1:58:da:21:b3:e9:0c:4d:f0:e8:bd:7c:b7:ef:
- 81:c9:f5:70:cf:a8:20:7d:e2:6a:f9:1b:66:a9:c8:
- 71:d6:32:f8:72:3d:83:99:19:0d:0c:6b:e9:f8:92:
- cd:33:17:86:6a:3d:af:0d:05:94:ab:1c:d4:2c:a4:
- 45:cb
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 09:F0:14:0B:79:FB:0B:FF:A8:EF:54:B9:EC:3E:B9:8B:D0:CB:9C:EC
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/ISP5a/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/LIR3.cer
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 38:f3:dc:20:93:3e:ff:25:8d:0e:90:b3:7f:65:ea:67:69:9a:
- f0:6a:a1:77:5b:49:da:26:66:ac:3d:4d:20:a9:39:bb:e1:85:
- 8a:a2:eb:5c:e8:b6:d2:d8:6b:04:19:32:cc:a7:1b:f6:24:d9:
- 30:ee:ef:e3:d7:9f:85:01:02:6e:4e:4b:ad:af:97:71:59:e2:
- 24:b3:29:86:16:79:ae:04:be:9c:43:70:99:63:98:f9:6e:1c:
- 8a:69:48:64:90:70:b4:51:e6:12:95:b3:c1:bc:d4:1d:c0:dc:
- 3e:cc:af:6e:a5:a5:d2:79:b3:bb:d7:b5:8a:a6:d7:64:83:87:
- 8c:54:49:b8:c9:e8:76:18:40:20:ec:2c:52:0a:57:4c:7a:a0:
- 87:f2:c7:13:42:24:c6:10:e7:db:d3:4c:6a:d7:65:ec:19:13:
- 7c:15:13:74:9b:95:13:0a:91:9f:ad:ad:e7:85:40:16:8d:44:
- ff:fa:e7:3b:a1:96:da:46:cb:e8:18:92:7f:9a:42:bb:8b:7f:
- 25:bb:da:46:a3:2f:92:59:26:eb:66:17:b9:12:3f:52:58:a7:
- b6:31:f6:2a:68:35:11:a7:f0:b9:aa:44:c3:f3:ad:05:7e:3a:
- 25:96:9e:01:ce:6b:e5:87:b5:c5:99:da:e3:b6:00:8a:e7:11:
- f7:98:16:3a
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIBGzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBURVNU
-IEVOVElUWSBMSVIzMB4XDTA3MTAyOTE2MzIzM1oXDTA4MTAyODE2MzIzM1owHDEa
-MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
-0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
-YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
-nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
-akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
-PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEJMIIBBTAPBgNVHRMB
-Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAOBgNVHQ8B
-Af8EBAMCAQYwQgYIKwYBBQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dv
-bWJhdHMtci11cy5oYWN0cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYI
-KwYBBQUHMAKGKHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5j
-ZXIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACAB
-DbgAAAAAAAAAAAoAADANBgkqhkiG9w0BAQsFAAOCAQEAOPPcIJM+/yWNDpCzf2Xq
-Z2ma8Gqhd1tJ2iZmrD1NIKk5u+GFiqLrXOi20thrBBkyzKcb9iTZMO7v49efhQEC
-bk5Lra+XcVniJLMphhZ5rgS+nENwmWOY+W4cimlIZJBwtFHmEpWzwbzUHcDcPsyv
-bqWl0nmzu9e1iqbXZIOHjFRJuMnodhhAIOwsUgpXTHqgh/LHE0IkxhDn29NMatdl
-7BkTfBUTdJuVEwqRn62t54VAFo1E//rnO6GW2kbL6BiSf5pCu4t/JbvaRqMvklkm
-62YXuRI/UlintjH2Kmg1EafwuapEw/OtBX46JZaeAc5r5Ye1xZna47YAiucR95gW
-Og==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/LIR3/index b/scripts/resource-cert-samples/LIR3/index
deleted file mode 100644
index c03799ef..00000000
--- a/scripts/resource-cert-samples/LIR3/index
+++ /dev/null
@@ -1,27 +0,0 @@
-V 080731144818Z 01 unknown /CN=TEST ENTITY ISP5c
-V 080731144820Z 02 unknown /CN=TEST ENTITY ISP5b
-V 080731144822Z 03 unknown /CN=TEST ENTITY ISP5a
-V 080809005817Z 04 unknown /CN=TEST ENTITY ISP5c
-V 080809005817Z 05 unknown /CN=TEST ENTITY ISP5b
-V 080809005817Z 06 unknown /CN=TEST ENTITY ISP5a
-V 080809010231Z 07 unknown /CN=TEST ENTITY ISP5c
-V 080809010231Z 08 unknown /CN=TEST ENTITY ISP5b
-V 080809010231Z 09 unknown /CN=TEST ENTITY ISP5a
-V 080809010709Z 0A unknown /CN=TEST ENTITY ISP5c
-V 080809010709Z 0B unknown /CN=TEST ENTITY ISP5b
-V 080809010709Z 0C unknown /CN=TEST ENTITY ISP5a
-V 080809011339Z 0D unknown /CN=TEST ENTITY ISP5c
-V 080809011339Z 0E unknown /CN=TEST ENTITY ISP5b
-V 080809011339Z 0F unknown /CN=TEST ENTITY ISP5a
-V 080809011510Z 10 unknown /CN=TEST ENTITY ISP5c
-V 080809011510Z 11 unknown /CN=TEST ENTITY ISP5b
-V 080809011510Z 12 unknown /CN=TEST ENTITY ISP5a
-V 081018190607Z 13 unknown /CN=TEST ENTITY ISP5c
-V 081018190607Z 14 unknown /CN=TEST ENTITY ISP5b
-V 081018190607Z 15 unknown /CN=TEST ENTITY ISP5a
-V 081028160351Z 16 unknown /CN=TEST ENTITY ISP5c
-V 081028160352Z 17 unknown /CN=TEST ENTITY ISP5b
-V 081028160352Z 18 unknown /CN=TEST ENTITY ISP5a
-V 081028163233Z 19 unknown /CN=TEST ENTITY ISP5c
-V 081028163233Z 1A unknown /CN=TEST ENTITY ISP5b
-V 081028163233Z 1B unknown /CN=TEST ENTITY ISP5a
diff --git a/scripts/resource-cert-samples/LIR3/index.attr b/scripts/resource-cert-samples/LIR3/index.attr
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/LIR3/index.attr
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/LIR3/index.attr.old b/scripts/resource-cert-samples/LIR3/index.attr.old
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/LIR3/index.attr.old
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/LIR3/index.old b/scripts/resource-cert-samples/LIR3/index.old
deleted file mode 100644
index 82ed2ae6..00000000
--- a/scripts/resource-cert-samples/LIR3/index.old
+++ /dev/null
@@ -1,26 +0,0 @@
-V 080731144818Z 01 unknown /CN=TEST ENTITY ISP5c
-V 080731144820Z 02 unknown /CN=TEST ENTITY ISP5b
-V 080731144822Z 03 unknown /CN=TEST ENTITY ISP5a
-V 080809005817Z 04 unknown /CN=TEST ENTITY ISP5c
-V 080809005817Z 05 unknown /CN=TEST ENTITY ISP5b
-V 080809005817Z 06 unknown /CN=TEST ENTITY ISP5a
-V 080809010231Z 07 unknown /CN=TEST ENTITY ISP5c
-V 080809010231Z 08 unknown /CN=TEST ENTITY ISP5b
-V 080809010231Z 09 unknown /CN=TEST ENTITY ISP5a
-V 080809010709Z 0A unknown /CN=TEST ENTITY ISP5c
-V 080809010709Z 0B unknown /CN=TEST ENTITY ISP5b
-V 080809010709Z 0C unknown /CN=TEST ENTITY ISP5a
-V 080809011339Z 0D unknown /CN=TEST ENTITY ISP5c
-V 080809011339Z 0E unknown /CN=TEST ENTITY ISP5b
-V 080809011339Z 0F unknown /CN=TEST ENTITY ISP5a
-V 080809011510Z 10 unknown /CN=TEST ENTITY ISP5c
-V 080809011510Z 11 unknown /CN=TEST ENTITY ISP5b
-V 080809011510Z 12 unknown /CN=TEST ENTITY ISP5a
-V 081018190607Z 13 unknown /CN=TEST ENTITY ISP5c
-V 081018190607Z 14 unknown /CN=TEST ENTITY ISP5b
-V 081018190607Z 15 unknown /CN=TEST ENTITY ISP5a
-V 081028160351Z 16 unknown /CN=TEST ENTITY ISP5c
-V 081028160352Z 17 unknown /CN=TEST ENTITY ISP5b
-V 081028160352Z 18 unknown /CN=TEST ENTITY ISP5a
-V 081028163233Z 19 unknown /CN=TEST ENTITY ISP5c
-V 081028163233Z 1A unknown /CN=TEST ENTITY ISP5b
diff --git a/scripts/resource-cert-samples/LIR3/serial b/scripts/resource-cert-samples/LIR3/serial
deleted file mode 100644
index cc9c0531..00000000
--- a/scripts/resource-cert-samples/LIR3/serial
+++ /dev/null
@@ -1 +0,0 @@
-1C
diff --git a/scripts/resource-cert-samples/LIR3/serial.old b/scripts/resource-cert-samples/LIR3/serial.old
deleted file mode 100644
index 8787ed81..00000000
--- a/scripts/resource-cert-samples/LIR3/serial.old
+++ /dev/null
@@ -1 +0,0 @@
-1B
diff --git a/scripts/resource-cert-samples/Makefile b/scripts/resource-cert-samples/Makefile
deleted file mode 100644
index 90c85ac0..00000000
--- a/scripts/resource-cert-samples/Makefile
+++ /dev/null
@@ -1,232 +0,0 @@
-# Automatically generated, do not edit.
-
-all:: RIR.cer
-
-RIR.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-RIR.req: RIR.key RIR.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config RIR.cnf -key RIR.key -out $@
-
-RIR.cer: RIR.req RIR.cnf RIR.key Makefile
- @test -d RIR || mkdir RIR
- @test -f RIR/index || touch RIR/index
- @test -f RIR/serial || echo 01 >RIR/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in RIR.req -extfile RIR.cnf -config RIR.cnf -selfsign
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in RIR.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in RIR.cer
-
-all:: LIR3.cer
-
-LIR3.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-LIR3.req: LIR3.key LIR3.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config LIR3.cnf -key LIR3.key -out $@
-
-LIR3.cer: LIR3.req LIR3.cnf RIR.key Makefile
- @test -d LIR3 || mkdir LIR3
- @test -f LIR3/index || touch LIR3/index
- @test -f LIR3/serial || echo 01 >LIR3/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in LIR3.req -extfile LIR3.cnf -config RIR.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in LIR3.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in LIR3.cer
-
-all:: LIR2.cer
-
-LIR2.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-LIR2.req: LIR2.key LIR2.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config LIR2.cnf -key LIR2.key -out $@
-
-LIR2.cer: LIR2.req LIR2.cnf RIR.key Makefile
- @test -d LIR2 || mkdir LIR2
- @test -f LIR2/index || touch LIR2/index
- @test -f LIR2/serial || echo 01 >LIR2/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in LIR2.req -extfile LIR2.cnf -config RIR.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in LIR2.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in LIR2.cer
-
-all:: LIR1.cer
-
-LIR1.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-LIR1.req: LIR1.key LIR1.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config LIR1.cnf -key LIR1.key -out $@
-
-LIR1.cer: LIR1.req LIR1.cnf RIR.key Makefile
- @test -d LIR1 || mkdir LIR1
- @test -f LIR1/index || touch LIR1/index
- @test -f LIR1/serial || echo 01 >LIR1/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in LIR1.req -extfile LIR1.cnf -config RIR.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in LIR1.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in LIR1.cer
-
-all:: ISP5c.cer
-
-ISP5c.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-ISP5c.req: ISP5c.key ISP5c.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config ISP5c.cnf -key ISP5c.key -out $@
-
-ISP5c.cer: ISP5c.req ISP5c.cnf LIR3.key Makefile
- @test -d ISP5c || mkdir ISP5c
- @test -f ISP5c/index || touch ISP5c/index
- @test -f ISP5c/serial || echo 01 >ISP5c/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in ISP5c.req -extfile ISP5c.cnf -config LIR3.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in ISP5c.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in ISP5c.cer
-
-all:: ISP5b.cer
-
-ISP5b.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-ISP5b.req: ISP5b.key ISP5b.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config ISP5b.cnf -key ISP5b.key -out $@
-
-ISP5b.cer: ISP5b.req ISP5b.cnf LIR3.key Makefile
- @test -d ISP5b || mkdir ISP5b
- @test -f ISP5b/index || touch ISP5b/index
- @test -f ISP5b/serial || echo 01 >ISP5b/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in ISP5b.req -extfile ISP5b.cnf -config LIR3.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in ISP5b.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in ISP5b.cer
-
-all:: ISP5a.cer
-
-ISP5a.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-ISP5a.req: ISP5a.key ISP5a.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config ISP5a.cnf -key ISP5a.key -out $@
-
-ISP5a.cer: ISP5a.req ISP5a.cnf LIR3.key Makefile
- @test -d ISP5a || mkdir ISP5a
- @test -f ISP5a/index || touch ISP5a/index
- @test -f ISP5a/serial || echo 01 >ISP5a/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in ISP5a.req -extfile ISP5a.cnf -config LIR3.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in ISP5a.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in ISP5a.cer
-
-all:: ISP4.cer
-
-ISP4.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-ISP4.req: ISP4.key ISP4.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config ISP4.cnf -key ISP4.key -out $@
-
-ISP4.cer: ISP4.req ISP4.cnf LIR2.key Makefile
- @test -d ISP4 || mkdir ISP4
- @test -f ISP4/index || touch ISP4/index
- @test -f ISP4/serial || echo 01 >ISP4/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in ISP4.req -extfile ISP4.cnf -config LIR2.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in ISP4.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in ISP4.cer
-
-all:: ISP3.cer
-
-ISP3.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-ISP3.req: ISP3.key ISP3.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config ISP3.cnf -key ISP3.key -out $@
-
-ISP3.cer: ISP3.req ISP3.cnf LIR2.key Makefile
- @test -d ISP3 || mkdir ISP3
- @test -f ISP3/index || touch ISP3/index
- @test -f ISP3/serial || echo 01 >ISP3/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in ISP3.req -extfile ISP3.cnf -config LIR2.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in ISP3.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in ISP3.cer
-
-all:: ISP2.cer
-
-ISP2.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-ISP2.req: ISP2.key ISP2.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config ISP2.cnf -key ISP2.key -out $@
-
-ISP2.cer: ISP2.req ISP2.cnf LIR1.key Makefile
- @test -d ISP2 || mkdir ISP2
- @test -f ISP2/index || touch ISP2/index
- @test -f ISP2/serial || echo 01 >ISP2/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in ISP2.req -extfile ISP2.cnf -config LIR1.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in ISP2.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in ISP2.cer
-
-all:: ISP1.cer
-
-ISP1.key:
- ../../openssl/openssl/apps/openssl genrsa -out $@ 2048
-
-ISP1.req: ISP1.key ISP1.cnf Makefile
- ../../openssl/openssl/apps/openssl req -new -config ISP1.cnf -key ISP1.key -out $@
-
-ISP1.cer: ISP1.req ISP1.cnf LIR1.key Makefile
- @test -d ISP1 || mkdir ISP1
- @test -f ISP1/index || touch ISP1/index
- @test -f ISP1/serial || echo 01 >ISP1/serial
- ../../openssl/openssl/apps/openssl ca -batch -out $@ -in ISP1.req -extfile ISP1.cnf -config LIR1.cnf
-
-
-show_req::
- ../../openssl/openssl/apps/openssl req -noout -text -in ISP1.req -config /dev/null
-
-show_cer::
- ../../openssl/openssl/apps/openssl x509 -noout -text -in ISP1.cer
diff --git a/scripts/resource-cert-samples/RIR.cer b/scripts/resource-cert-samples/RIR.cer
deleted file mode 100644
index d7154c7c..00000000
--- a/scripts/resource-cert-samples/RIR.cer
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 47 (0x2f)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 90:3c:6e:1d:89:9d:00:53:b4:b1:36:ea:2b:cf:21:d5:b2:77:
- 66:be:da:ad:db:92:35:0d:83:55:f5:92:11:73:93:af:1a:ec:
- 1d:7a:1a:84:8f:c0:61:29:f1:51:c7:a6:7c:95:7c:a8:38:40:
- 57:6b:fc:51:38:fd:6b:8a:7a:58:d8:c6:36:a5:0d:9b:7a:b9:
- b4:47:e1:a5:fc:66:b6:51:22:45:50:94:b4:f2:47:f2:a2:29:
- 6a:33:6a:3c:26:44:c5:5a:17:ce:7a:f3:4a:46:0e:f4:fd:36:
- 01:7c:c5:1e:59:bc:3a:e7:36:f3:64:d4:0c:7a:f7:6a:ef:11:
- ae:32:5a:77:62:b3:e4:b3:9e:16:9f:11:28:cb:11:dd:79:ff:
- a5:b8:3e:3f:fd:df:34:92:2f:f4:0e:d2:50:a8:80:a1:17:91:
- 50:c7:d3:af:c5:6e:d8:ca:cd:28:e0:92:28:b3:c4:13:39:9d:
- fc:a1:57:61:22:22:70:57:27:5f:33:72:17:a8:04:89:9d:44:
- 9b:7d:1a:66:10:19:f3:b9:9c:17:48:22:71:c6:a5:e0:ba:00:
- ab:a4:01:bb:c7:2b:8f:0f:25:8a:20:71:21:4f:c0:74:34:14:
- e5:23:3a:70:48:c2:04:9a:93:97:29:f9:39:7b:ac:1a:e4:2b:
- 0d:13:b6:b7
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBLzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBCwUAA4IBAQCQPG4diZ0AU7SxNuorzyHVsndmvtqt25I1DYNV
-9ZIRc5OvGuwdehqEj8BhKfFRx6Z8lXyoOEBXa/xROP1rinpY2MY2pQ2berm0R+Gl
-/Ga2USJFUJS08kfyoilqM2o8JkTFWhfOevNKRg70/TYBfMUeWbw65zbzZNQMevdq
-7xGuMlp3YrPks54WnxEoyxHdef+luD4//d80ki/0DtJQqIChF5FQx9OvxW7Yys0o
-4JIos8QTOZ38oVdhIiJwVydfM3IXqASJnUSbfRpmEBnzuZwXSCJxxqXgugCrpAG7
-xyuPDyWKIHEhT8B0NBTlIzpwSMIEmpOXKfk5e6wa5CsNE7a3
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR.cnf b/scripts/resource-cert-samples/RIR.cnf
deleted file mode 100644
index b70b41e8..00000000
--- a/scripts/resource-cert-samples/RIR.cnf
+++ /dev/null
@@ -1,64 +0,0 @@
-# Automatically generated, do not edit.
-
-[ ca ]
-default_ca = ca_default
-
-[ ca_default ]
-certificate = RIR.cer
-serial = RIR/serial
-private_key = RIR.key
-database = RIR/index
-new_certs_dir = RIR
-name_opt = ca_default
-cert_opt = ca_default
-default_days = 365
-default_crl_days = 30
-default_md = sha256
-preserve = no
-copy_extensions = copy
-policy = ca_policy_anything
-unique_subject = no
-x509_extensions = ca_x509_ext
-crl_extensions = crl_x509_ext
-
-[ ca_policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-givenName = optional
-surname = optional
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = TEST ENTITY RIR
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/RIR/
-#authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/???.cer
-sbgp-autonomousSysNum = critical,AS:64533,AS:64534-64540,AS:64544
-sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv4:10.3.0.0/24,IPv4:192.0.2.1-192.0.2.33,IPv4:192.0.2.44-192.0.2.100,IPv6:2001:db8::44-2001:db8::100,IPv6:2001:db8::a00:0/120,IPv6:2001:db8::a03:0/120,IPv6:2001:db8::10:0:44/128
-
-[ ca_x509_ext ]
-basicConstraints = critical,CA:true
-#authorityKeyIdentifier = keyid:always
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/RIR/
-#authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/???.cer
-sbgp-autonomousSysNum = critical,AS:64533,AS:64534-64540,AS:64544
-sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv4:10.3.0.0/24,IPv4:192.0.2.1-192.0.2.33,IPv4:192.0.2.44-192.0.2.100,IPv6:2001:db8::44-2001:db8::100,IPv6:2001:db8::a00:0/120,IPv6:2001:db8::a03:0/120,IPv6:2001:db8::10:0:44/128
-
-[ crl_x509_ext ]
-authorityKeyIdentifier = keyid:always
diff --git a/scripts/resource-cert-samples/RIR.key b/scripts/resource-cert-samples/RIR.key
deleted file mode 100644
index 5721f051..00000000
--- a/scripts/resource-cert-samples/RIR.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEArKcmxJhombby58WXBX751/LsOeYrjsJCiLmPIrY8WbAOih0O
-+IGxyP9KihpDvHiRPq+ysJVgqT6dwv+Zj4+23NhGt4Y1pvZCBcLFm4QV4lgPcJy8
-U9codvjyFHkivdaLbA4rAuXY8zP6FkObgIf5skWrvX0UsiQvQRNvRcTc+U1/2NPh
-qlxSncl6OLewQ723ajdD7Oc0xDtMysx7H5Hvq9Q1dkKC1PV54BI8JJIu3KJcg/Bx
-iiaWMNS4lk0ALBrwD3lSxydzVHfBhvmGYc7gaaeoPXc55yTuQY1SGTtXjITMmtUF
-fOaDLOMTbWYbhyCCR+EFJvA7KWltvK9IkcRA8QIDAQABAoIBAQCUKyLfJvjlqhcO
-BwlTQyRBSo2mJr0M1/PniG+pV4G1ap0ftE5rwEoF9+lNWbr13PaxOHF+j8OTm1Qi
-y95KUQiawNT3nSsgLUh9zyhtDU8Gn5Ioj6ojvYtRhtWh8k95YcznH8WTyBOGq/2c
-68pg5NDKSHZZuSVwuBMBox8kXg1RuOI7iEcj1q3QjkzZDQURzkW4jSrWgTeIXt6p
-+0fngY15xhYP3FGNAOuqfs1GJK33sQO7A7XWew2UAiiPCxfgGDFRe/tV1I4KuS3/
-Uw23ZtGLQ3nu+SEvTK491uZ38Gld2qEBzNdQv+DwhBRyGl0K5QWFmr90Ko0zYgV8
-9OAGebYBAoGBAOBG2+6erAjy+wdeNLcY+pmgsNBZ9rPkHB2XQaxagId5WTYza0Yv
-JwjEiRo6/r1lZ1F0su7rtjQK9V0jfCHVe4jlpLA/qB+HRIbcTFI+GTr3onZwWLuK
-CX21a6Nw+FS462DBYWqh8qOUbi/14csGOYwU1ZB7vfSvlZZZyZYosbihAoGBAMUS
-+XP0BCPtnY19BnrWBaQqzLNFiuDA/uBcxq9/BlLifu419Ado6EmqVn8A6aD0zWoE
-OSQrtJJhvMMLM/2ihYZaW/YtI1IAnDzV51QSbc/biFrSzvT102ABFOwpB33uFeWK
-hrQF+7n6imU4f+9iGceAOe/si3fieDUjJ2aEyxZRAoGAO7oDJgfxjqyOt4aaCUzI
-qBMII2Rh88RCzIqUfb7YTbu+S1XkMpuqDIaycF7Xqj6QBjxKzp/NNQzaDQS/MQ92
-R53Ifvtk3YibckLGvHw3IeICzQHcT41SO70Nvkf+iil43ZqCQ/B++pszwOf9SqEM
-wEZoHYMmsjv0XUbqDWgm9CECgYBliV8pFOJFOJniWjZKd5a0fLC29O+W2Rj4tBRS
-O1ogvj2zseynHLABtFeYW/oDSd3D76UZM8N3YBAHVfBVj7TIAio7bgoyp8nXtkXX
-lR8q5uscEF087KMZZbVH7+PCSDbT60l321VU/vbrK+8OgTbTCQfQy8kX3YEdr50P
-Pv/74QKBgAn1B3+6n6WYFkpIPFKrs4MhVmVveqXQy2DcZb+W0WTm+Z7xBCP496mc
-E3FEyKSYocIrDdmtcGDWO4kudrkXmpFJvd6Mi7v076khvQwDQ0++F7JWkAeUFEm4
-kBOCpCRpGlDgr14klqRJzO9swvt2TbPstE3Tofl9mIXaflud3bd3
------END RSA PRIVATE KEY-----
diff --git a/scripts/resource-cert-samples/RIR.req b/scripts/resource-cert-samples/RIR.req
deleted file mode 100644
index d86020df..00000000
--- a/scripts/resource-cert-samples/RIR.req
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIID0zCCArsCAQAwGjEYMBYGA1UEAxMPVEVTVCBFTlRJVFkgUklSMIIBIjANBgkq
-hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKcmxJhombby58WXBX751/LsOeYrjsJC
-iLmPIrY8WbAOih0O+IGxyP9KihpDvHiRPq+ysJVgqT6dwv+Zj4+23NhGt4Y1pvZC
-BcLFm4QV4lgPcJy8U9codvjyFHkivdaLbA4rAuXY8zP6FkObgIf5skWrvX0UsiQv
-QRNvRcTc+U1/2NPhqlxSncl6OLewQ723ajdD7Oc0xDtMysx7H5Hvq9Q1dkKC1PV5
-4BI8JJIu3KJcg/BxiiaWMNS4lk0ALBrwD3lSxydzVHfBhvmGYc7gaaeoPXc55yTu
-QY1SGTtXjITMmtUFfOaDLOMTbWYbhyCCR+EFJvA7KWltvK9IkcRA8QIDAQABoIIB
-cjCCAW4GCSqGSIb3DQEJDjGCAV8wggFbMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFPu4p6M2SAqgn/Au3ItovLNcRSXXMA4GA1UdDwEB/wQEAwIBBjBABggrBgEF
-BQcBCwQ0MDIwMAYIKwYBBQUHMAWGJHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
-bi5uZXQvUklSLzAmBggrBgEFBQcBCAEB/wQXMBWgEzARMAoCAwD8FQIDAPwcAgMA
-/CAwga4GCCsGAQUFBwEHAQH/BIGeMIGbMDIEAgABMCwDBAAKAAADBAAKAwAwDgMF
-AMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDBlBAIAAjBfMCYDEQIgAQ24AAAA
-AAAAAAAAAABEAxEAIAENuAAAAAAAAAAAAAABAAMQACABDbgAAAAAAAAAAAoAAAMQ
-ACABDbgAAAAAAAAAAAoDAAMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEF
-BQADggEBACxlBDXYMPg+b4ob7rJxpi+V7mYAUkkdk3GlPuSJMyURO+51kSrEpp+q
-V7F8bWccjXR123Qjo6agabR22r+d961GflRKimhMZAY8rVRGHO+Pdca7eqxMRxwF
-kfuxb2W3TPGcdpuUsoMfe2vxjHZRd3uKL47SrctNpXYrvesjhQpLz1UTQ4Hnv/aw
-Ks0pxPqaVNcGXbJKSUwu5x36Cuky4r3dK299QBAuAsv0qPuxOPOLOY0bKTliEHlg
-qkadGSvnzLkTvFn41SDBZpFZY2o3RbIwMY0tSvnLN8lvlS9P20Wgl4xUJ39qRRfO
-94XlYnKios+AFEUAEzqFh/VnNclb1dw=
------END CERTIFICATE REQUEST-----
diff --git a/scripts/resource-cert-samples/RIR/01.pem b/scripts/resource-cert-samples/RIR/01.pem
deleted file mode 100644
index 07ee97f6..00000000
--- a/scripts/resource-cert-samples/RIR/01.pem
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMDU0NTIzWhcNMDgwNzMxMDU0NTIzWjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFGMIIBQjAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAfBgNVHSMEGDAW
-gBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8EBAMCAQYwQAYIKwYBBQUH
-AQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4u
-bmV0L1JJUi8wHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAPwVAgMA/CAwfAYIKwYB
-BQUHAQcBAf8EbTBrMCYEAgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUA
-wAACZDBBBAIAAjA7MCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABAAMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBAAMSdVb0
-8uyFbF8CPlOzqgJv/jG+qPWDRUh8XqHiMvoGtUXbHUn7dO/XHJ2rsdL14F7mUPbI
-jzdtbVeK4aMKQBJ9u2ZYsCcpmJYiF/GBMva93X5Fpbnzzj7pJ5AeoIo2qEi7zqqq
-hhnInDZmTNRvV21u18VMaz1YBsEJZjr99lqNibba6UsoISVU2KEPVxob/nRHisGX
-Sd7mxhkkpTKO11Z4/viUxEQORfjtqnkIk3lmJwTjz2ASmBfuwH4QsLLu9m92ueF5
-PoHO/P8c2TZg1go8jYlBAd61AZHNaixF9EFObfcRNRuFiUfdnMpn8msPpiM3WCbj
-CgdEWb4i5d2+jZM=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/02.pem b/scripts/resource-cert-samples/RIR/02.pem
deleted file mode 100644
index b9922644..00000000
--- a/scripts/resource-cert-samples/RIR/02.pem
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEETCCAvmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMDU0NTI0WhcNMDgwNzMxMDU0NTI0WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBXzCCAVswDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEEAgACMDswJgMRAiABDbgA
-AAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEAIAENuAAAAAAAAAAQAAAA
-RDANBgkqhkiG9w0BAQUFAAOCAQEAiSIKq9RWuFEow+iALzmf/bwwB8cn7TOcfQjf
-6U5/CHb4FlSMCfrcsxXdHQtDD2CAVhj3J3o2CDZ4FRVnROahg9QGbUv9CExEvAVZ
-PJWFvU2/i3yWblucCWonl9ObxmNiScYgU/wpjoSwO7uxlGujc8Weraqq9qW85vk3
-F17jB8O2aEGnKn2/wmAhgXcwrnZTVRSEtEqXc2CucpFkonLrGID1UCwkY83z5XRy
-h6UUSHf+XtpRLmEwxtTSYGLTUgMQFQPzyBL+OBSPJSJyAm1NbZuY9hvJ4Yn9at0d
-S6H1J1l1y6MTQBMF84qSaAVsuy0tZrsPaBh5tMK9Wtl6ACrHtQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/03.pem b/scripts/resource-cert-samples/RIR/03.pem
deleted file mode 100644
index 3b7fe4ac..00000000
--- a/scripts/resource-cert-samples/RIR/03.pem
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID9jCCAt6gAwIBAgIBAzANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMDU0NTI1WhcNMDgwNzMxMDU0NTI1WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBRDCCAUAwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDgMFAMAAAgED
-BQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEAPENXZekh
-lKRhT+y1XgSOwZ2C9y7Gk6Ogdwj7yv8CIuCD/Es5+ekAYqW4vpch9jYvRind+MAU
-5DriEtdsjhn7cxQVgSgGJk3dyymhRvODLSR0r+KUYj0Yo4I6XB71ZdbsfCcY5KpG
-/r0MkM6aJxwDR26WvzMUcfU5tN1Dug2iW7dzKfnt/yo3w2vfr/f7ForU/eOde9Jr
-JAVXctcYLfYrAmaYEYZBMnWBeHKhLSzWEkhsW5EeFULIlSDvCDB0zXPvEjOY+PhT
-IM0GCPNv2OruGLAmCdc6MGfmhUKIxXMyXGBES3kjphudTF+zcZx9TV9U+M4/35M3
-X51eZH/pyqBKBw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/04.pem b/scripts/resource-cert-samples/RIR/04.pem
deleted file mode 100644
index 29900503..00000000
--- a/scripts/resource-cert-samples/RIR/04.pem
+++ /dev/null
@@ -1,99 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 4 (0x4)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:05:29 2007 GMT
- Not After : Jul 31 14:05:29 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 0a:c5:a7:72:a7:bf:b4:e6:ab:04:40:0f:39:bd:54:88:30:2b:
- e7:a7:91:f4:e8:2f:38:8a:ff:99:68:0a:ab:ce:d8:7d:51:e3:
- 73:2b:64:bf:6a:b5:78:db:96:2e:0d:5b:ec:99:da:aa:63:62:
- 43:5c:f7:df:a8:c0:93:ab:5e:ff:de:8f:c6:c9:de:fd:f9:b6:
- 6e:6e:96:81:db:db:cc:2c:47:3b:60:33:e2:8d:6d:28:23:13:
- f8:e1:84:2d:6f:1c:45:fc:54:91:0e:21:53:3b:a3:23:37:2b:
- 64:ab:99:33:66:30:b6:bb:20:c1:d6:d4:34:b4:2a:c8:84:5b:
- 87:38:69:ea:82:ef:6d:59:2a:ed:7f:d3:ba:02:34:47:b7:75:
- a8:43:30:15:24:9d:58:ed:0a:d3:a0:3f:32:f5:9b:4c:7b:2d:
- 9d:73:91:5f:37:08:aa:e4:b3:48:5c:b8:64:dc:09:c4:13:72:
- 15:f8:3d:f9:d4:96:d0:9a:83:52:8d:17:b9:c7:ea:33:10:08:
- 67:c7:85:23:26:57:f2:cc:b5:d2:a0:65:cc:57:4e:77:7d:2f:
- 68:7c:d7:e6:9a:9c:2f:c3:0b:c6:9d:05:5d:56:17:45:81:7f:
- 7c:2c:77:fc:2a:f4:33:18:0d:ea:e8:3d:fd:00:55:90:8a:1d:
- b8:2c:64:69
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIBBDANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwNTI5WhcNMDgwNzMxMTQwNTI5WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFGMIIBQjAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAfBgNVHSMEGDAW
-gBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8EBAMCAQYwQAYIKwYBBQUH
-AQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4u
-bmV0L1JJUi8wHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAPwVAgMA/CAwfAYIKwYB
-BQUHAQcBAf8EbTBrMCYEAgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUA
-wAACZDBBBAIAAjA7MCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABAAMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBAArFp3Kn
-v7TmqwRADzm9VIgwK+enkfToLziK/5loCqvO2H1R43MrZL9qtXjbli4NW+yZ2qpj
-YkNc99+owJOrXv/ej8bJ3v35tm5uloHb28wsRztgM+KNbSgjE/jhhC1vHEX8VJEO
-IVM7oyM3K2SrmTNmMLa7IMHW1DS0KsiEW4c4aeqC721ZKu1/07oCNEe3dahDMBUk
-nVjtCtOgPzL1m0x7LZ1zkV83CKrks0hcuGTcCcQTchX4PfnUltCag1KNF7nH6jMQ
-CGfHhSMmV/LMtdKgZcxXTnd9L2h81+aanC/DC8adBV1WF0WBf3wsd/wq9DMYDero
-Pf0AVZCKHbgsZGk=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/05.pem b/scripts/resource-cert-samples/RIR/05.pem
deleted file mode 100644
index 3e86b43b..00000000
--- a/scripts/resource-cert-samples/RIR/05.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 5 (0x5)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:05:29 2007 GMT
- Not After : Jul 31 14:05:29 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 2c:7e:f1:e6:b5:3f:58:22:09:5d:48:ab:9a:3b:67:b8:6c:c6:
- 3d:f4:2e:81:f5:63:42:a0:3f:78:4a:9c:0f:6d:d5:64:21:7a:
- a9:56:1c:2c:f6:d3:1e:7b:f8:c9:3a:69:09:18:4b:56:88:de:
- c7:51:19:bf:63:2f:8b:a7:24:63:b9:a9:b1:93:21:14:e4:3d:
- 38:68:0d:b8:f1:33:6b:1c:fa:5f:87:40:42:5e:f5:8d:15:f7:
- 9d:7f:89:02:23:f3:fb:7e:29:4c:32:61:d5:b4:8e:68:5d:00:
- a0:25:3a:99:76:c2:f2:48:b8:1f:05:5a:65:84:e6:71:a1:02:
- ad:6e:b0:72:39:06:49:bc:ab:f9:d7:b4:76:a9:84:8b:fe:8a:
- 45:11:1f:c3:58:f0:b4:9d:ee:0a:90:a7:2b:4b:11:ab:7a:90:
- aa:b6:a2:63:c6:7d:bc:07:1d:f5:6e:67:b9:7d:bd:8e:c4:11:
- cc:4f:96:2c:8e:95:ec:50:3c:e0:cf:e3:e1:ea:7e:4e:92:54:
- 58:5b:82:58:8b:51:8a:79:3f:0b:00:d5:c1:00:7b:8d:75:ce:
- 7b:36:2d:26:36:63:0e:43:01:17:6e:28:fe:d1:5d:12:68:34:
- 85:0d:59:d3:81:33:73:b0:7c:57:cb:3b:f2:43:e0:7c:4a:44:
- 89:6d:a3:4c
------BEGIN CERTIFICATE-----
-MIIEETCCAvmgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwNTI5WhcNMDgwNzMxMTQwNTI5WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBXzCCAVswDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEEAgACMDswJgMRAiABDbgA
-AAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEAIAENuAAAAAAAAAAQAAAA
-RDANBgkqhkiG9w0BAQUFAAOCAQEALH7x5rU/WCIJXUirmjtnuGzGPfQugfVjQqA/
-eEqcD23VZCF6qVYcLPbTHnv4yTppCRhLVojex1EZv2Mvi6ckY7mpsZMhFOQ9OGgN
-uPEzaxz6X4dAQl71jRX3nX+JAiPz+34pTDJh1bSOaF0AoCU6mXbC8ki4HwVaZYTm
-caECrW6wcjkGSbyr+de0dqmEi/6KRREfw1jwtJ3uCpCnK0sRq3qQqraiY8Z9vAcd
-9W5nuX29jsQRzE+WLI6V7FA84M/j4ep+TpJUWFuCWItRink/CwDVwQB7jXXOezYt
-JjZjDkMBF24o/tFdEmg0hQ1Z04Ezc7B8V8s78kPgfEpEiW2jTA==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/06.pem b/scripts/resource-cert-samples/RIR/06.pem
deleted file mode 100644
index 3a8ea7f2..00000000
--- a/scripts/resource-cert-samples/RIR/06.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 6 (0x6)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:05:29 2007 GMT
- Not After : Jul 31 14:05:29 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 9c:f0:67:dc:b1:6f:9b:d1:1f:45:d2:2f:8d:09:75:80:39:4c:
- 51:0b:73:7d:99:8e:e6:8a:89:55:c4:5d:69:6d:fb:55:ea:af:
- ba:8c:45:3d:ee:b5:e4:7e:76:b9:d6:78:49:23:c9:df:c3:f5:
- cb:f8:a8:d6:9a:6b:55:92:06:7d:58:84:35:78:df:5c:cc:28:
- 4e:6c:43:17:31:89:6a:73:86:da:ec:42:ab:1f:94:a3:a4:7a:
- aa:6b:31:99:22:b1:43:c0:e3:c0:ae:40:88:43:98:cf:8e:b6:
- b4:e2:b3:46:ca:10:c9:35:8d:cc:8e:1b:d8:fa:a3:2c:24:29:
- 03:7c:3c:65:78:70:e0:eb:89:96:e6:7f:76:da:cf:c9:d1:c7:
- 2d:41:b2:3c:e6:8c:39:ca:52:2e:ed:74:81:dd:c2:e9:54:b3:
- b7:05:53:96:67:6c:50:a3:b9:1c:a6:5a:23:02:c6:5a:df:f4:
- 27:3f:13:25:25:e9:7f:14:96:90:eb:bd:4d:a7:b4:f5:42:f3:
- 50:81:34:b9:c9:0b:19:a1:fd:62:96:b1:ed:24:f4:1a:41:60:
- 9b:59:22:33:69:d3:d2:1e:73:ac:06:68:1c:4a:82:46:6d:57:
- 9d:6a:d6:64:75:0b:d3:bb:33:31:fb:76:e6:9f:8e:48:de:3f:
- b4:d7:12:18
------BEGIN CERTIFICATE-----
-MIID9jCCAt6gAwIBAgIBBjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwNTI5WhcNMDgwNzMxMTQwNTI5WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBRDCCAUAwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDgMFAMAAAgED
-BQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEAnPBn3LFv
-m9EfRdIvjQl1gDlMUQtzfZmO5oqJVcRdaW37VeqvuoxFPe615H52udZ4SSPJ38P1
-y/io1pprVZIGfViENXjfXMwoTmxDFzGJanOG2uxCqx+Uo6R6qmsxmSKxQ8DjwK5A
-iEOYz462tOKzRsoQyTWNzI4b2PqjLCQpA3w8ZXhw4OuJluZ/dtrPydHHLUGyPOaM
-OcpSLu10gd3C6VSztwVTlmdsUKO5HKZaIwLGWt/0Jz8TJSXpfxSWkOu9Tae09ULz
-UIE0uckLGaH9Ypax7ST0GkFgm1kiM2nT0h5zrAZoHEqCRm1XnWrWZHUL07szMft2
-5p+OSN4/tNcSGA==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/07.pem b/scripts/resource-cert-samples/RIR/07.pem
deleted file mode 100644
index 3d305e50..00000000
--- a/scripts/resource-cert-samples/RIR/07.pem
+++ /dev/null
@@ -1,99 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 7 (0x7)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:08:29 2007 GMT
- Not After : Jul 31 14:08:29 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 86:f6:b9:a8:10:25:3d:b8:28:c9:14:27:cc:5c:ef:31:6e:cc:
- 30:b5:0e:9d:ab:c9:ec:4d:ae:8f:62:c9:11:ac:ef:1a:df:05:
- e2:45:63:66:a4:cd:24:98:49:f0:e7:a2:8c:2c:5a:27:bc:03:
- 60:1a:f9:0c:d5:dc:27:15:99:9f:c2:dd:cf:dc:b5:6d:1d:ef:
- b5:1c:6c:14:49:15:ea:a2:1c:84:b8:95:0b:21:91:dd:e9:ee:
- 26:59:0c:3b:f5:4a:b3:f7:90:42:af:3c:b6:bb:8a:d5:66:a4:
- 42:28:48:53:81:c0:77:f5:65:27:7f:f0:3f:cf:a5:61:cd:6e:
- 27:78:63:ea:ab:f5:34:d4:78:99:5e:a4:8f:df:61:32:97:55:
- 16:55:68:01:83:ee:43:22:6d:7c:6d:cb:da:02:6b:24:68:78:
- e8:f1:99:eb:f1:78:6b:6e:69:d8:9f:de:a5:bc:65:65:b1:c8:
- 05:91:ce:ec:76:ef:81:01:e8:af:8f:c7:f8:89:98:8e:1e:77:
- c4:81:22:96:3f:48:38:29:af:0f:f4:57:68:b2:83:13:95:55:
- a5:02:64:1c:ed:0b:bb:59:35:69:d4:7a:cf:89:48:86:93:2f:
- 03:1d:8f:3d:f3:bb:7c:06:f9:c3:aa:39:0d:c5:f0:15:f4:b4:
- e2:85:6b:71
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIBBzANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwODI5WhcNMDgwNzMxMTQwODI5WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFGMIIBQjAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAfBgNVHSMEGDAW
-gBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8EBAMCAQYwQAYIKwYBBQUH
-AQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4u
-bmV0L1JJUi8wHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAPwVAgMA/CAwfAYIKwYB
-BQUHAQcBAf8EbTBrMCYEAgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUA
-wAACZDBBBAIAAjA7MCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABAAMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBAIb2uagQ
-JT24KMkUJ8xc7zFuzDC1Dp2ryexNro9iyRGs7xrfBeJFY2akzSSYSfDnoowsWie8
-A2Aa+QzV3CcVmZ/C3c/ctW0d77UcbBRJFeqiHIS4lQshkd3p7iZZDDv1SrP3kEKv
-PLa7itVmpEIoSFOBwHf1ZSd/8D/PpWHNbid4Y+qr9TTUeJlepI/fYTKXVRZVaAGD
-7kMibXxty9oCayRoeOjxmevxeGtuadif3qW8ZWWxyAWRzux274EB6K+Px/iJmI4e
-d8SBIpY/SDgprw/0V2iygxOVVaUCZBztC7tZNWnUes+JSIaTLwMdjz3zu3wG+cOq
-OQ3F8BX0tOKFa3E=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/08.pem b/scripts/resource-cert-samples/RIR/08.pem
deleted file mode 100644
index 056b591f..00000000
--- a/scripts/resource-cert-samples/RIR/08.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 8 (0x8)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:08:29 2007 GMT
- Not After : Jul 31 14:08:29 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- a5:ff:47:52:d6:cf:31:7d:5d:61:f7:71:ca:49:aa:94:9d:82:
- c6:79:7d:b3:a4:f8:79:6d:df:35:91:a8:2f:d5:98:77:26:6d:
- a6:9c:78:dd:cd:85:72:b4:4a:7c:b7:7d:01:18:61:29:e1:33:
- 49:72:3e:f8:21:2c:70:2d:90:fd:5a:84:71:d6:86:79:ee:a4:
- 4e:47:d3:cc:51:50:44:48:9f:f1:40:f2:4a:11:d0:2b:6d:b5:
- 83:44:81:f5:18:0f:59:15:60:98:60:b0:81:98:4d:22:49:d6:
- 1f:0d:8e:f4:7a:87:26:e9:e1:ac:dc:e3:b4:8e:3e:cb:be:25:
- 7c:79:9d:d5:5a:ee:99:59:b7:ce:2f:29:3a:6f:af:73:28:46:
- 9c:c6:d3:78:c8:62:c1:d1:79:bd:19:07:ff:75:68:20:29:4e:
- ef:e9:73:9b:ff:86:ff:3f:7f:d0:a3:5e:15:df:2b:e4:35:1e:
- 6c:03:fe:7a:6b:e2:94:ae:d5:fe:00:b1:4a:e0:48:e0:72:30:
- d2:26:73:83:c1:df:6a:bf:f8:9f:be:69:db:c6:2c:7b:e1:57:
- 45:05:c0:e4:ee:d9:f9:59:53:8f:68:01:9b:0c:6b:8f:a5:80:
- 23:c2:26:76:8f:79:26:a1:31:e1:c8:42:c8:b3:4f:22:d6:32:
- 46:62:dc:d2
------BEGIN CERTIFICATE-----
-MIIEETCCAvmgAwIBAgIBCDANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwODI5WhcNMDgwNzMxMTQwODI5WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBXzCCAVswDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEEAgACMDswJgMRAiABDbgA
-AAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEAIAENuAAAAAAAAAAQAAAA
-RDANBgkqhkiG9w0BAQUFAAOCAQEApf9HUtbPMX1dYfdxykmqlJ2Cxnl9s6T4eW3f
-NZGoL9WYdyZtppx43c2FcrRKfLd9ARhhKeEzSXI++CEscC2Q/VqEcdaGee6kTkfT
-zFFQREif8UDyShHQK221g0SB9RgPWRVgmGCwgZhNIknWHw2O9HqHJunhrNzjtI4+
-y74lfHmd1VrumVm3zi8pOm+vcyhGnMbTeMhiwdF5vRkH/3VoIClO7+lzm/+G/z9/
-0KNeFd8r5DUebAP+emvilK7V/gCxSuBI4HIw0iZzg8Hfar/4n75p28Yse+FXRQXA
-5O7Z+VlTj2gBmwxrj6WAI8Imdo95JqEx4chCyLNPItYyRmLc0g==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/09.pem b/scripts/resource-cert-samples/RIR/09.pem
deleted file mode 100644
index b490cd62..00000000
--- a/scripts/resource-cert-samples/RIR/09.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 9 (0x9)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:08:29 2007 GMT
- Not After : Jul 31 14:08:29 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 9a:f2:47:ba:06:1a:9f:bd:cc:87:8a:8f:14:ac:99:bb:3f:9c:
- d4:2c:71:5e:3e:75:75:49:e4:9c:bf:57:83:f7:c9:d4:de:6d:
- d2:53:0a:0b:9b:95:69:b2:26:52:6b:b0:d7:09:7f:40:4d:34:
- 7e:5d:42:80:b4:9a:1c:82:d0:e0:13:d9:7c:d0:15:81:cb:77:
- d8:dc:4b:68:fa:33:8f:cd:6b:44:ba:fb:9e:79:23:f9:2b:f1:
- c5:34:84:3b:e1:80:e8:08:e6:b4:f3:3f:17:ee:be:b0:57:6a:
- 49:79:8f:c8:b8:75:8f:88:49:29:db:32:ee:4d:fb:f1:b4:96:
- 28:26:f2:2e:00:27:ae:0c:b2:77:a6:f7:5a:e4:db:a2:0d:9a:
- c1:77:90:9f:85:40:ef:d3:67:f2:51:99:57:ee:09:07:6a:43:
- 82:ab:a7:4b:aa:9a:a7:87:84:de:29:ef:64:bd:e6:9b:be:9d:
- 8f:17:f2:c0:0b:e8:21:ee:42:00:69:f8:9e:c3:06:c2:4f:08:
- 49:84:a7:33:76:6d:77:ae:be:24:9c:9e:d3:d6:7d:72:5f:79:
- 5b:ab:b8:1c:5f:95:0c:11:78:e3:94:11:ae:48:ae:33:fa:c4:
- cb:af:b3:6a:0f:04:c9:a4:54:a6:c0:a5:a3:a2:57:31:53:bc:
- 8e:e1:f3:28
------BEGIN CERTIFICATE-----
-MIID9jCCAt6gAwIBAgIBCTANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwODI5WhcNMDgwNzMxMTQwODI5WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBRDCCAUAwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDgMFAMAAAgED
-BQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEAmvJHugYa
-n73Mh4qPFKyZuz+c1CxxXj51dUnknL9Xg/fJ1N5t0lMKC5uVabImUmuw1wl/QE00
-fl1CgLSaHILQ4BPZfNAVgct32NxLaPozj81rRLr7nnkj+SvxxTSEO+GA6AjmtPM/
-F+6+sFdqSXmPyLh1j4hJKdsy7k378bSWKCbyLgAnrgyyd6b3WuTbog2awXeQn4VA
-79Nn8lGZV+4JB2pDgqunS6qap4eE3invZL3mm76djxfywAvoIe5CAGn4nsMGwk8I
-SYSnM3Ztd66+JJye09Z9cl95W6u4HF+VDBF445QRrkiuM/rEy6+zag8EyaRUpsCl
-o6JXMVO8juHzKA==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/0A.pem b/scripts/resource-cert-samples/RIR/0A.pem
deleted file mode 100644
index 433dc6c9..00000000
--- a/scripts/resource-cert-samples/RIR/0A.pem
+++ /dev/null
@@ -1,99 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10 (0xa)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:09:34 2007 GMT
- Not After : Jul 31 14:09:34 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 67:ed:a0:29:b8:66:7d:a6:2c:4f:76:52:df:45:15:6f:23:3d:
- 9c:57:05:19:57:31:f0:76:17:32:17:a0:aa:55:6a:5d:ee:51:
- 2b:06:6e:75:bd:f2:6c:79:2f:5a:ee:f0:2d:e8:59:dc:a3:86:
- 5d:b2:98:e1:59:b3:ec:c9:9b:ed:3a:b0:c7:72:56:28:77:a1:
- 4a:a7:17:03:37:e8:b1:d7:19:a3:85:5c:c8:5c:fb:ad:bc:6a:
- 0a:65:d7:90:c3:f8:12:83:53:89:c5:7a:71:b4:1f:61:69:5a:
- 23:b5:24:5a:6f:23:9d:b0:ac:bc:83:01:c1:e9:41:f8:9e:ae:
- e0:2b:a7:76:03:10:86:7f:76:3d:3d:f4:5f:04:2f:1b:e0:37:
- 14:6d:97:7c:4f:ba:34:84:d7:6d:c0:90:7c:6d:97:11:c9:a8:
- aa:96:7f:65:f7:f4:b6:57:0f:13:2a:3e:68:23:98:b5:f6:11:
- 5b:1a:b4:ab:0f:db:77:5b:0d:ff:a7:71:7c:21:93:b4:e3:76:
- 22:9a:0e:dc:f3:a3:1f:34:b0:10:f9:f1:4e:ef:b2:42:c8:ed:
- e3:03:1f:2d:65:09:20:9e:66:a2:b6:05:df:39:63:e3:ce:ff:
- 11:ed:f0:46:39:ca:2f:43:39:59:b2:1e:1b:ea:61:12:e9:02:
- 1b:0c:1d:95
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIBCjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwOTM0WhcNMDgwNzMxMTQwOTM0WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFGMIIBQjAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAfBgNVHSMEGDAW
-gBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8EBAMCAQYwQAYIKwYBBQUH
-AQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4u
-bmV0L1JJUi8wHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAPwVAgMA/CAwfAYIKwYB
-BQUHAQcBAf8EbTBrMCYEAgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUA
-wAACZDBBBAIAAjA7MCYDEQIgAQ24AAAAAAAAAAAAAABEAxEAIAENuAAAAAAAAAAA
-AAABAAMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEFBQADggEBAGftoCm4
-Zn2mLE92Ut9FFW8jPZxXBRlXMfB2FzIXoKpVal3uUSsGbnW98mx5L1ru8C3oWdyj
-hl2ymOFZs+zJm+06sMdyVih3oUqnFwM36LHXGaOFXMhc+628agpl15DD+BKDU4nF
-enG0H2FpWiO1JFpvI52wrLyDAcHpQfieruArp3YDEIZ/dj099F8ELxvgNxRtl3xP
-ujSE123AkHxtlxHJqKqWf2X39LZXDxMqPmgjmLX2EVsatKsP23dbDf+ncXwhk7Tj
-diKaDtzzox80sBD58U7vskLI7eMDHy1lCSCeZqK2Bd85Y+PO/xHt8EY5yi9DOVmy
-HhvqYRLpAhsMHZU=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/0B.pem b/scripts/resource-cert-samples/RIR/0B.pem
deleted file mode 100644
index 0d858937..00000000
--- a/scripts/resource-cert-samples/RIR/0B.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11 (0xb)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:09:34 2007 GMT
- Not After : Jul 31 14:09:34 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 98:f6:66:a8:a7:f1:b4:d9:11:3c:57:d8:d6:45:e4:73:8f:ca:
- a5:e2:1d:d0:7b:46:a0:1a:c5:96:df:3c:f8:6b:1b:07:12:75:
- 80:74:64:2e:e6:6b:cf:df:25:d5:c9:2f:2e:06:4e:ca:c2:bf:
- ba:35:0c:ae:ed:27:85:70:8f:2b:7f:71:bf:68:c9:bf:ed:4f:
- 19:7c:31:69:84:3e:47:1a:05:96:bd:06:16:a9:46:42:98:22:
- 3c:24:7b:fb:1f:c0:a3:b6:ce:f1:e1:37:d2:d3:52:f9:bc:e4:
- 6d:30:26:3e:79:70:71:62:85:ad:cf:93:15:97:19:2c:f3:86:
- 5e:33:13:8e:3d:83:6b:af:5c:b4:2b:f0:9e:fe:cc:1c:8e:79:
- b6:28:26:5d:9d:4b:84:4b:81:5b:fa:f7:bc:e6:cd:5f:dc:4a:
- ae:61:eb:83:6d:d1:63:68:f5:de:7f:97:1c:80:9d:43:e1:6b:
- 6b:6d:43:fb:7a:32:73:26:ab:bb:c2:cf:bd:ae:cf:0a:dd:5b:
- ee:bc:76:ea:57:0f:ed:9e:43:8d:6a:eb:8a:39:13:1d:13:85:
- 85:4e:80:73:57:d8:7d:4a:ef:75:3e:cd:70:cc:f6:b0:f6:f9:
- 5c:9a:50:32:c4:d3:f3:76:07:54:98:54:fa:c1:6a:78:33:36:
- c6:eb:60:87
------BEGIN CERTIFICATE-----
-MIIEETCCAvmgAwIBAgIBCzANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwOTM0WhcNMDgwNzMxMTQwOTM0WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBXzCCAVswDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEEAgACMDswJgMRAiABDbgA
-AAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEAIAENuAAAAAAAAAAQAAAA
-RDANBgkqhkiG9w0BAQUFAAOCAQEAmPZmqKfxtNkRPFfY1kXkc4/KpeId0HtGoBrF
-lt88+GsbBxJ1gHRkLuZrz98l1ckvLgZOysK/ujUMru0nhXCPK39xv2jJv+1PGXwx
-aYQ+RxoFlr0GFqlGQpgiPCR7+x/Ao7bO8eE30tNS+bzkbTAmPnlwcWKFrc+TFZcZ
-LPOGXjMTjj2Da69ctCvwnv7MHI55tigmXZ1LhEuBW/r3vObNX9xKrmHrg23RY2j1
-3n+XHICdQ+Fra21D+3oycyaru8LPva7PCt1b7rx26lcP7Z5DjWrrijkTHROFhU6A
-c1fYfUrvdT7NcMz2sPb5XJpQMsTT83YHVJhU+sFqeDM2xutghw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/0C.pem b/scripts/resource-cert-samples/RIR/0C.pem
deleted file mode 100644
index 0e7d6905..00000000
--- a/scripts/resource-cert-samples/RIR/0C.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12 (0xc)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:09:34 2007 GMT
- Not After : Jul 31 14:09:34 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 4c:57:4d:fd:a9:e6:f1:92:4a:d1:28:22:c5:f2:97:5f:3b:fd:
- e6:c1:bf:a6:8f:20:43:45:c3:b1:20:ea:d4:9f:2e:6f:2c:0a:
- 0b:74:d8:87:1e:b3:15:47:1d:78:7d:61:65:ae:2e:38:6e:9b:
- d6:68:d0:21:21:e5:6c:45:b7:18:95:e4:05:94:52:93:b4:5e:
- 02:e8:c9:fc:4f:2d:f6:de:3a:9b:35:c2:9e:e5:98:c3:77:40:
- 41:eb:ca:55:33:5f:74:9a:27:44:b3:37:63:55:ae:1c:f2:26:
- d7:ae:33:73:53:8a:7d:9f:89:82:19:9e:e1:05:04:a6:6e:ce:
- 74:b3:aa:46:63:58:79:bf:49:ca:f0:c4:ac:1d:0d:29:bf:e4:
- 43:66:fc:26:a4:4f:13:55:4f:0b:ae:b1:67:8c:f2:2c:7e:32:
- 21:80:a6:1d:03:44:9d:50:98:8a:62:3b:ff:88:64:c8:e8:29:
- ff:8b:dd:53:84:c7:5f:1a:42:12:64:6b:9d:18:c9:1c:6f:aa:
- 48:cd:68:e3:d9:ed:fd:d9:85:7c:fc:00:8a:5f:8b:27:eb:05:
- b0:40:f3:4e:f4:d7:17:0c:98:7d:58:f2:8c:0f:d6:8c:70:30:
- cd:37:2e:bf:00:78:91:a4:ed:4a:61:87:b6:88:bd:bb:22:52:
- 0f:9f:e1:4d
------BEGIN CERTIFICATE-----
-MIID9jCCAt6gAwIBAgIBDDANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQwOTM0WhcNMDgwNzMxMTQwOTM0WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBRDCCAUAwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDgMFAMAAAgED
-BQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEATFdN/anm
-8ZJK0SgixfKXXzv95sG/po8gQ0XDsSDq1J8ubywKC3TYhx6zFUcdeH1hZa4uOG6b
-1mjQISHlbEW3GJXkBZRSk7ReAujJ/E8t9t46mzXCnuWYw3dAQevKVTNfdJonRLM3
-Y1WuHPIm164zc1OKfZ+Jghme4QUEpm7OdLOqRmNYeb9JyvDErB0NKb/kQ2b8JqRP
-E1VPC66xZ4zyLH4yIYCmHQNEnVCYimI7/4hkyOgp/4vdU4THXxpCEmRrnRjJHG+q
-SM1o49nt/dmFfPwAil+LJ+sFsEDzTvTXFwyYfVjyjA/WjHAwzTcuvwB4kaTtSmGH
-toi9uyJSD5/hTQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/0D.pem b/scripts/resource-cert-samples/RIR/0D.pem
deleted file mode 100644
index 86579fdb..00000000
--- a/scripts/resource-cert-samples/RIR/0D.pem
+++ /dev/null
@@ -1,104 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13 (0xd)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:48:16 2007 GMT
- Not After : Jul 31 14:48:16 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 4c:d4:6d:b2:81:45:07:3e:7b:b4:8b:6c:db:42:2b:30:73:cd:
- e7:07:39:c3:e6:13:4b:ac:21:33:13:11:00:1c:e6:d1:d4:cf:
- 96:08:6e:86:7b:41:64:93:88:20:ac:04:81:65:1a:ae:a9:52:
- be:36:c0:2a:6a:c9:3a:2e:86:83:a2:cc:3e:5d:12:60:49:fb:
- 48:23:6c:d7:9f:98:fa:b4:b0:d5:48:01:29:74:ca:d1:74:3c:
- a7:8c:bb:1c:b3:85:90:2a:99:52:9e:e2:31:9a:09:28:2d:d6:
- ca:eb:f5:c6:da:6f:1b:89:83:eb:b7:d9:6d:56:71:e9:82:8e:
- b7:84:e1:40:ab:87:15:d2:a6:df:30:11:e1:52:a0:a1:4b:ef:
- 8e:3a:db:e1:d1:23:74:39:ff:48:d4:4d:2f:74:4e:e3:77:3c:
- f7:1b:16:0b:b3:1a:c7:46:8b:7c:63:3d:9d:2b:75:82:b7:5c:
- 9d:7b:df:f9:78:d2:e8:98:48:6c:54:5f:71:2a:a6:95:c6:56:
- 3e:6c:e2:0c:20:a2:2c:22:f4:1d:3c:05:b2:31:bd:58:f3:23:
- 60:dd:1d:d2:5e:ab:65:72:06:d2:da:c9:d4:c4:33:c2:b0:7d:
- 37:13:66:25:b7:28:9b:a3:9c:92:c4:58:b8:02:a2:82:63:fc:
- a8:93:65:69
------BEGIN CERTIFICATE-----
-MIIEMTCCAxmgAwIBAgIBDTANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE2WhcNMDgwNzMxMTQ0ODE2WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggGAMIIBfDAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAfBgNVHSMEGDAW
-gBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8EBAMCAQYwQAYIKwYBBQUH
-AQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJhdHMtci11cy5oYWN0cm4u
-bmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAKAgMA/BUCAwD8HAIDAPwg
-MIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQACgAAAwQACgMAMA4DBQDA
-AAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIwXzAmAxECIAENuAAAAAAA
-AAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24AAAAAAAAAAAKAAADEAAg
-AQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABEMA0GCSqGSIb3DQEBBQUA
-A4IBAQBM1G2ygUUHPnu0i2zbQiswc83nBznD5hNLrCEzExEAHObR1M+WCG6Ge0Fk
-k4ggrASBZRquqVK+NsAqask6LoaDosw+XRJgSftII2zXn5j6tLDVSAEpdMrRdDyn
-jLscs4WQKplSnuIxmgkoLdbK6/XG2m8biYPrt9ltVnHpgo63hOFAq4cV0qbfMBHh
-UqChS++OOtvh0SN0Of9I1E0vdE7jdzz3GxYLsxrHRot8Yz2dK3WCt1yde9/5eNLo
-mEhsVF9xKqaVxlY+bOIMIKIsIvQdPAWyMb1Y8yNg3R3SXqtlcgbS2snUxDPCsH03
-E2Yltyibo5ySxFi4AqKCY/yok2Vp
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/0E.pem b/scripts/resource-cert-samples/RIR/0E.pem
deleted file mode 100644
index 54acaf38..00000000
--- a/scripts/resource-cert-samples/RIR/0E.pem
+++ /dev/null
@@ -1,101 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14 (0xe)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:48:18 2007 GMT
- Not After : Jul 31 14:48:18 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha1WithRSAEncryption
- 48:66:09:ae:e4:52:ea:33:07:a6:92:4f:41:9d:d9:74:ad:24:
- 17:11:d6:85:88:f2:66:52:e5:61:0e:8e:78:db:56:fb:ab:c8:
- 31:1b:d1:f2:ec:df:1d:87:80:21:d9:81:9e:c8:00:e8:37:d5:
- c3:71:26:97:35:15:fe:99:60:41:be:9b:72:e9:91:c1:bf:c8:
- e3:25:95:f3:95:2b:c4:50:49:8f:a7:2a:ec:9a:d9:f9:b6:27:
- 77:42:38:aa:20:12:30:56:db:41:f0:c4:d7:75:5a:01:4b:ac:
- 36:8e:4d:1f:55:fa:24:4e:04:f2:ac:de:9a:4c:3e:9e:a4:b0:
- fa:84:a8:35:3f:dc:dd:db:2c:74:4e:20:84:a5:17:05:87:8a:
- 55:ee:4c:ae:59:02:7c:e7:70:32:10:9e:6f:b3:52:ec:48:ff:
- 47:77:bf:a1:69:f1:5c:55:94:d0:47:ab:3a:34:56:96:a4:64:
- e9:31:c2:aa:34:d6:a2:51:b2:8c:55:68:8c:5e:7a:d1:8d:43:
- 89:e8:3e:1b:63:e9:b1:0c:e1:8f:31:0d:2f:5f:dd:1e:e8:78:
- 41:d4:49:39:ca:a2:73:1e:9a:6f:c0:07:72:99:9e:3c:0b:ee:
- b9:0b:d8:52:35:4e:19:83:44:ed:d9:de:5a:6b:6d:38:63:4e:
- 12:45:f0:45
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBDjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBYzCCAV8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAhBggrBgEFBQcBCAEB/wQS
-MBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQA
-CgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAA
-AAAKAwAwDQYJKoZIhvcNAQEFBQADggEBAEhmCa7kUuozB6aST0Gd2XStJBcR1oWI
-8mZS5WEOjnjbVvuryDEb0fLs3x2HgCHZgZ7IAOg31cNxJpc1Ff6ZYEG+m3LpkcG/
-yOMllfOVK8RQSY+nKuya2fm2J3dCOKogEjBW20HwxNd1WgFLrDaOTR9V+iROBPKs
-3ppMPp6ksPqEqDU/3N3bLHROIISlFwWHilXuTK5ZAnzncDIQnm+zUuxI/0d3v6Fp
-8VxVlNBHqzo0VpakZOkxwqo01qJRsoxVaIxeetGNQ4noPhtj6bEM4Y8xDS9f3R7o
-eEHUSTnKonMemm/AB3KZnjwL7rkL2FI1ThmDRO3Z3lprbThjThJF8EU=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/0F.pem b/scripts/resource-cert-samples/RIR/0F.pem
deleted file mode 100644
index 1094cb06..00000000
--- a/scripts/resource-cert-samples/RIR/0F.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 15 (0xf)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:48:18 2007 GMT
- Not After : Jul 31 14:48:18 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 1b:9a:85:77:61:fe:eb:5a:f8:ef:ad:5d:4d:79:4b:09:b3:c9:
- 3e:46:f2:cf:4f:0c:26:28:7c:ec:72:da:17:6e:a0:2a:f2:4b:
- 0f:af:e6:2e:b5:d7:2d:03:ae:8c:13:65:ec:cb:c2:4a:02:8f:
- 81:60:44:60:eb:d2:d2:22:12:63:04:8c:6d:56:5a:c2:b8:f6:
- c8:f5:17:99:69:25:bd:3e:1d:2a:ef:ce:51:48:4a:67:d0:b4:
- ee:64:99:35:42:10:26:88:ac:e0:26:c8:27:cc:89:30:40:18:
- 72:9c:82:03:ea:62:9d:83:c9:ab:c8:32:0a:59:98:50:0c:50:
- 23:5a:93:ff:43:ba:08:b3:7d:61:d5:ed:a4:42:f2:cf:ab:2e:
- 62:6b:67:bd:06:74:2c:bc:b7:b1:7e:1b:f4:c9:e4:40:94:ec:
- 14:55:04:54:ce:44:26:d0:93:e3:ff:e2:e2:a2:a4:3f:44:87:
- 7a:c2:29:a3:48:5f:12:1d:e4:eb:18:b3:1f:30:f4:e6:d3:a7:
- 5a:7c:73:da:0a:8f:1e:29:63:cb:b6:16:2e:fe:76:84:93:88:
- a1:72:83:4d:3d:8d:16:ef:16:df:c7:c6:d7:67:00:68:ec:4d:
- b8:ed:b8:ff:3e:bf:c9:d5:3a:34:cf:4c:c0:7b:6e:11:60:46:
- 25:91:d8:ad
------BEGIN CERTIFICATE-----
-MIIEETCCAvmgAwIBAgIBDzANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBXzCCAVswDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEEAgACMDswJgMRAiABDbgA
-AAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEAIAENuAAAAAAAAAAQAAAA
-RDANBgkqhkiG9w0BAQUFAAOCAQEAG5qFd2H+61r4761dTXlLCbPJPkbyz08MJih8
-7HLaF26gKvJLD6/mLrXXLQOujBNl7MvCSgKPgWBEYOvS0iISYwSMbVZawrj2yPUX
-mWklvT4dKu/OUUhKZ9C07mSZNUIQJois4CbIJ8yJMEAYcpyCA+pinYPJq8gyClmY
-UAxQI1qT/0O6CLN9YdXtpELyz6suYmtnvQZ0LLy3sX4b9MnkQJTsFFUEVM5EJtCT
-4//i4qKkP0SHesIpo0hfEh3k6xizHzD05tOnWnxz2gqPHiljy7YWLv52hJOIoXKD
-TT2NFu8W38fG12cAaOxNuO24/z6/ydU6NM9MwHtuEWBGJZHYrQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/10.pem b/scripts/resource-cert-samples/RIR/10.pem
deleted file mode 100644
index 64f73b83..00000000
--- a/scripts/resource-cert-samples/RIR/10.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 16 (0x10)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 1 14:48:18 2007 GMT
- Not After : Jul 31 14:48:18 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Authority Key Identifier:
- keyid:FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha1WithRSAEncryption
- 72:7d:dd:a4:60:23:71:e4:99:28:0b:9a:ba:5c:d3:97:4b:72:
- eb:89:81:3c:11:85:8c:25:ed:79:b2:50:a5:e8:ae:0e:37:74:
- f9:2c:a1:be:96:83:35:40:0d:36:f9:32:16:74:25:9c:f7:0f:
- cd:46:47:8e:b9:cd:ac:0c:7e:d3:ac:84:5e:f6:31:f4:a9:f2:
- 05:cd:82:d7:e0:d7:3b:24:9b:c7:15:d1:db:9d:c2:1d:92:f7:
- 19:a9:b8:a1:67:0a:fb:3d:23:3a:05:83:29:05:50:e3:00:27:
- a9:80:fe:bb:51:f1:3e:3b:0c:98:ae:f1:ee:d1:13:72:46:64:
- 8f:4b:32:4e:cf:64:cf:1a:a5:b1:34:a6:f0:5f:18:f8:44:bb:
- 13:ea:8d:5f:24:7d:3b:15:60:8e:be:f4:bd:d8:04:a7:d0:10:
- 7e:d3:10:67:bf:35:49:c9:56:cf:b7:8b:7b:9b:17:0b:54:ee:
- 21:cb:75:b0:3e:8d:b2:c1:c6:7c:26:b1:7c:58:a9:4a:31:24:
- cd:e5:3f:a5:9a:1d:7d:11:14:41:2a:e5:55:b6:db:f4:75:34:
- 37:9f:5e:1d:f1:86:2a:f6:74:be:88:e1:b9:63:ce:ad:5c:e9:
- 3c:91:8a:4c:8d:b4:69:03:e7:f9:52:79:28:7d:cd:7f:52:02:
- 49:ae:d5:c7
------BEGIN CERTIFICATE-----
-MIID9jCCAt6gAwIBAgIBEDANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBRDCCAUAwDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwHwYDVR0jBBgw
-FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
-BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
-Lm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
-d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
-MAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDgMFAMAAAgED
-BQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEAcn3dpGAj
-ceSZKAuaulzTl0ty64mBPBGFjCXtebJQpeiuDjd0+SyhvpaDNUANNvkyFnQlnPcP
-zUZHjrnNrAx+06yEXvYx9KnyBc2C1+DXOySbxxXR253CHZL3Gam4oWcK+z0jOgWD
-KQVQ4wAnqYD+u1HxPjsMmK7x7tETckZkj0syTs9kzxqlsTSm8F8Y+ES7E+qNXyR9
-OxVgjr70vdgEp9AQftMQZ781SclWz7eLe5sXC1TuIct1sD6NssHGfCaxfFipSjEk
-zeU/pZodfREUQSrlVbbb9HU0N59eHfGGKvZ0vojhuWPOrVzpPJGKTI20aQPn+VJ5
-KH3Nf1ICSa7Vxw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/11.pem b/scripts/resource-cert-samples/RIR/11.pem
deleted file mode 100644
index f8e33d59..00000000
--- a/scripts/resource-cert-samples/RIR/11.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 17 (0x11)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 9 23:30:59 2007 GMT
- Not After : Aug 8 23:30:59 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 7b:22:d4:c2:f4:0b:74:d7:34:f4:f0:42:fa:cd:94:79:82:c3:
- 12:dd:34:a3:e1:16:ea:de:f4:f6:b4:4d:fc:93:0e:f6:6f:7a:
- e1:f9:bc:66:ee:56:b3:5b:28:36:ca:e8:0d:25:5b:62:31:c8:
- 55:21:3f:4a:59:e7:cd:68:c7:6b:7c:e9:33:00:d2:59:80:23:
- d8:58:17:e5:c6:3a:a3:d6:c3:fa:27:b2:12:9e:13:58:c3:37:
- c2:c9:e9:d0:aa:4c:d4:82:e5:ce:ba:cc:11:d9:6d:95:24:04:
- 75:bc:1c:56:57:2d:5f:90:19:54:38:06:13:fa:3f:b1:b4:8c:
- 83:6c:2e:8a:e1:ca:e8:c0:6b:5c:2b:36:c5:9d:f0:65:1d:f2:
- ab:97:77:20:5b:28:13:8f:d7:b4:1e:c3:89:5d:0f:03:fb:2c:
- 9e:ac:59:98:ca:62:9c:cf:63:a3:ed:31:dd:0f:8f:d0:26:e8:
- 40:bc:94:7c:b0:e6:44:07:7f:59:19:9d:1a:f7:04:d7:05:d9:
- fc:0d:16:16:66:9c:2b:cd:87:dc:00:02:f1:e8:48:de:5f:8f:
- b4:3e:22:fb:74:3b:7f:cb:90:7f:d6:6c:1d:26:65:e2:cc:55:
- 3a:07:01:6c:48:61:7a:d4:55:09:c1:13:bb:ed:f5:69:e6:ba:
- b6:80:9d:e5
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBETANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODA5MjMzMDU5WhcNMDgwODA4MjMzMDU5WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBBQUAA4IBAQB7ItTC9At01zT08EL6zZR5gsMS3TSj4Rbq3vT2
-tE38kw72b3rh+bxm7lazWyg2yugNJVtiMchVIT9KWefNaMdrfOkzANJZgCPYWBfl
-xjqj1sP6J7ISnhNYwzfCyenQqkzUguXOuswR2W2VJAR1vBxWVy1fkBlUOAYT+j+x
-tIyDbC6K4crowGtcKzbFnfBlHfKrl3cgWygTj9e0HsOJXQ8D+yyerFmYymKcz2Oj
-7THdD4/QJuhAvJR8sOZEB39ZGZ0a9wTXBdn8DRYWZpwrzYfcAALx6EjeX4+0PiL7
-dDt/y5B/1mwdJmXizFU6BwFsSGF61FUJwRO77fVp5rq2gJ3l
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/12.pem b/scripts/resource-cert-samples/RIR/12.pem
deleted file mode 100644
index 71bb1954..00000000
--- a/scripts/resource-cert-samples/RIR/12.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 18 (0x12)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 9 23:35:48 2007 GMT
- Not After : Aug 8 23:35:48 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha1WithRSAEncryption
- 80:5c:c5:27:3a:5d:bb:11:2c:ec:b4:89:ab:3f:79:a7:31:ef:
- 7f:ed:93:75:2c:9d:4b:5c:f1:28:38:3e:cc:c4:98:e5:81:01:
- db:e1:61:5c:37:0a:3f:91:52:34:a5:6b:28:8c:b7:ae:38:95:
- a7:67:26:39:b2:43:cb:a5:db:fc:4f:12:6c:f4:69:82:ab:80:
- 9c:8f:aa:d9:21:6e:3e:e1:f5:78:f4:59:d0:2e:97:1d:23:3d:
- 27:86:70:5b:b7:59:e7:98:1c:ae:19:42:e8:65:ef:eb:bf:6c:
- f8:94:6a:27:b9:11:5e:81:b6:ee:5f:10:ae:9f:b7:30:50:30:
- e6:84:5c:90:ef:3d:24:e7:6a:20:5c:d2:4c:96:66:28:15:46:
- 40:63:00:65:96:a5:5f:78:2a:66:d2:16:b1:86:77:e0:39:7d:
- fc:14:e1:bc:54:5b:b1:08:65:aa:f1:1b:39:2f:bf:ca:07:a0:
- ab:e7:e4:b0:8c:cb:48:c7:44:94:ff:04:a4:c9:85:6d:40:ca:
- 8f:0c:01:e6:11:f6:eb:07:96:b5:83:15:87:27:88:72:b3:d9:
- 41:4e:d0:f0:88:1a:17:10:72:89:85:c0:12:79:c1:5c:07:bb:
- d7:39:ef:ce:49:85:11:62:01:50:71:91:b9:e3:7e:45:a8:45:
- d6:d0:a9:3a
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBEjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODA5MjMzNTQ4WhcNMDgwODA4MjMzNTQ4WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBBQUAA4IBAQCAXMUnOl27ESzstImrP3mnMe9/7ZN1LJ1LXPEo
-OD7MxJjlgQHb4WFcNwo/kVI0pWsojLeuOJWnZyY5skPLpdv8TxJs9GmCq4Ccj6rZ
-IW4+4fV49FnQLpcdIz0nhnBbt1nnmByuGULoZe/rv2z4lGonuRFegbbuXxCun7cw
-UDDmhFyQ7z0k52ogXNJMlmYoFUZAYwBllqVfeCpm0haxhnfgOX38FOG8VFuxCGWq
-8Rs5L7/KB6Cr5+SwjMtIx0SU/wSkyYVtQMqPDAHmEfbrB5a1gxWHJ4hys9lBTtDw
-iBoXEHKJhcASecFcB7vXOe/OSYURYgFQcZG5435FqEXW0Kk6
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/13.pem b/scripts/resource-cert-samples/RIR/13.pem
deleted file mode 100644
index 3b1e67f4..00000000
--- a/scripts/resource-cert-samples/RIR/13.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 19 (0x13)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- Signature Algorithm: sha256WithRSAEncryption
- 62:6a:d0:3e:02:bf:ad:3c:e5:c9:23:1f:66:6d:cc:80:59:a5:
- 64:61:f2:20:64:bc:91:5d:76:d9:ce:6e:db:d1:c0:89:77:9d:
- cc:a6:e2:4a:43:0e:bb:f3:36:60:3f:1d:b7:9a:38:ad:10:e0:
- 89:82:61:c7:4a:48:70:c3:03:73:ae:ab:37:31:0c:36:cc:46:
- 12:ea:54:3d:03:d6:ba:4c:d6:cf:73:ea:90:4c:37:da:a3:f6:
- b6:f3:af:d8:a7:82:e7:1a:7b:05:23:77:20:52:b3:53:64:d0:
- bd:24:83:21:49:2f:30:fc:12:3b:fa:73:c3:c9:de:3f:af:bb:
- 5e:ed:b3:bf:9b:9e:71:83:37:f1:98:e3:77:e1:72:4f:1d:c6:
- 7b:59:32:34:f7:e4:76:70:52:41:72:97:bb:61:c0:c8:26:ac:
- 28:6e:e7:ef:f8:6c:ea:b2:4c:62:d0:28:5e:6c:50:94:09:a1:
- d4:ab:0c:d3:b3:d1:4a:ea:ef:33:ed:08:43:54:71:fb:6d:40:
- c8:dc:75:84:28:ff:4e:47:2c:08:54:72:40:af:cc:94:00:a8:
- 9f:8e:d9:35:64:49:f1:db:69:a8:d5:71:86:41:46:e0:27:62:
- 50:a4:0a:1e:f5:99:b4:d8:db:1c:4f:8b:af:51:4d:80:2b:af:
- e3:b6:b0:6b
------BEGIN CERTIFICATE-----
-MIIDNTCCAh2gAwIBAgIBEzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDA1ODE3WhcNMDgwODA5MDA1ODE3WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjgYUwgYIwDwYDVR0TAQH/BAUw
-AwEB/zAdBgNVHQ4EFgQU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQD
-AgEGMEAGCCsGAQUFBwELBDQwMjAwBggrBgEFBQcwBYYkcnN5bmM6Ly93b21iYXRz
-LXItdXMuaGFjdHJuLm5ldC9SSVIvMA0GCSqGSIb3DQEBCwUAA4IBAQBiatA+Ar+t
-POXJIx9mbcyAWaVkYfIgZLyRXXbZzm7b0cCJd53MpuJKQw678zZgPx23mjitEOCJ
-gmHHSkhwwwNzrqs3MQw2zEYS6lQ9A9a6TNbPc+qQTDfao/a286/Yp4LnGnsFI3cg
-UrNTZNC9JIMhSS8w/BI7+nPDyd4/r7te7bO/m55xgzfxmON34XJPHcZ7WTI09+R2
-cFJBcpe7YcDIJqwobufv+Gzqskxi0ChebFCUCaHUqwzTs9FK6u8z7QhDVHH7bUDI
-3HWEKP9ORywIVHJAr8yUAKifjtk1ZEnx22mo1XGGQUbgJ2JQpAoe9Zm02NscT4uv
-UU2AK6/jtrBr
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/14.pem b/scripts/resource-cert-samples/RIR/14.pem
deleted file mode 100644
index 430d3895..00000000
--- a/scripts/resource-cert-samples/RIR/14.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 20 (0x14)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Signature Algorithm: sha256WithRSAEncryption
- 5a:9b:65:02:d5:6c:fc:4f:b2:df:3b:a8:a2:44:3b:fd:bc:4d:
- 9f:32:30:e7:4f:e6:44:37:3f:35:68:d0:7e:ee:a5:cc:6e:0a:
- 79:2d:6a:2d:35:45:13:ed:f8:67:fb:5b:41:fa:00:04:f5:28:
- d4:72:0e:fe:05:d6:76:20:cf:4b:15:13:05:6c:9f:aa:05:8c:
- 77:eb:e7:1d:57:ed:32:11:45:ba:3e:e8:53:68:85:98:bd:bf:
- 56:7e:04:85:f1:7f:70:ba:e8:16:03:46:ff:c5:be:df:42:79:
- 57:01:2f:1a:e2:bc:6b:79:3e:fa:79:ec:08:ca:7d:32:02:0c:
- 94:47:9e:c8:01:60:de:b9:43:76:be:22:64:89:47:d7:b9:63:
- 9f:1d:7d:c8:93:e6:48:2a:a6:f7:51:9c:bd:06:8a:c9:01:5d:
- 51:83:85:09:1a:18:03:49:10:e9:fa:80:0a:d1:7c:2c:69:c0:
- 6b:53:e6:97:24:cd:f1:ad:e2:b6:5f:ac:72:28:0c:e8:cb:ab:
- 00:15:29:9e:cb:af:74:1e:dc:3b:c6:24:bc:2d:50:e3:12:fc:
- 00:63:ec:b6:09:c9:27:33:d6:42:a2:87:d4:35:48:63:16:1a:
- e0:f7:50:ed:e3:d9:11:d9:f1:1c:cd:a5:21:e0:56:ad:4d:fc:
- da:a6:97:e9
------BEGIN CERTIFICATE-----
-MIIDNzCCAh+gAwIBAgIBFDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDA1ODE3WhcNMDgwODA5MDA1ODE3WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4GGMIGDMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFJi+BP+A0auVOao98g5nfQCto/3FMA4GA1UdDwEB/wQE
-AwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0
-cy1yLXVzLmhhY3Rybi5uZXQvTElSMy8wDQYJKoZIhvcNAQELBQADggEBAFqbZQLV
-bPxPst87qKJEO/28TZ8yMOdP5kQ3PzVo0H7upcxuCnktai01RRPt+Gf7W0H6AAT1
-KNRyDv4F1nYgz0sVEwVsn6oFjHfr5x1X7TIRRbo+6FNohZi9v1Z+BIXxf3C66BYD
-Rv/Fvt9CeVcBLxrivGt5Pvp57AjKfTICDJRHnsgBYN65Q3a+ImSJR9e5Y58dfciT
-5kgqpvdRnL0GiskBXVGDhQkaGANJEOn6gArRfCxpwGtT5pckzfGt4rZfrHIoDOjL
-qwAVKZ7Lr3Qe3DvGJLwtUOMS/ABj7LYJyScz1kKih9Q1SGMWGuD3UO3j2RHZ8RzN
-pSHgVq1N/Nqml+k=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/15.pem b/scripts/resource-cert-samples/RIR/15.pem
deleted file mode 100644
index 625589ac..00000000
--- a/scripts/resource-cert-samples/RIR/15.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 21 (0x15)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Signature Algorithm: sha256WithRSAEncryption
- 6f:1a:6a:59:42:4b:0d:64:9e:e4:6e:80:ae:d4:ed:00:cc:52:
- eb:04:bf:e2:48:2e:24:89:bd:df:a9:cf:93:27:47:80:c5:d6:
- e1:94:f5:4a:d0:f7:52:48:49:c3:2a:20:de:87:76:e1:a0:11:
- d5:a0:19:f5:70:df:45:1c:72:47:6b:af:5b:53:5d:1d:49:5a:
- 62:21:f9:3b:49:18:9d:b1:6c:53:6d:9d:85:2c:fc:83:72:ff:
- b7:7d:4f:01:36:41:df:a3:03:51:34:e2:5e:25:65:4c:d1:25:
- f8:e3:92:06:7a:ca:97:42:6c:60:58:05:54:f5:9d:b9:90:fc:
- ae:32:a3:c5:dc:db:75:55:97:2e:db:1a:32:65:44:e6:ab:81:
- 14:b2:e1:8c:c5:a5:09:a4:07:2e:ed:ee:44:28:6a:29:0e:6f:
- a0:08:aa:2a:28:24:e8:cf:7f:22:db:56:b4:fc:45:26:13:9a:
- 41:55:5c:81:31:b3:6d:d0:3e:cc:62:6d:d1:d8:b9:2a:0f:2b:
- 58:40:7a:e0:02:d2:31:4c:4f:df:c5:2c:d1:ba:c9:8c:e3:b9:
- 74:7e:5c:dd:a5:f8:75:93:fe:26:69:52:70:bd:2e:01:1a:37:
- d1:53:ae:80:d5:5b:56:0c:72:e4:c6:ba:7b:3f:99:2a:bf:a7:
- b0:d7:3b:ec
------BEGIN CERTIFICATE-----
-MIIDNzCCAh+gAwIBAgIBFTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDA1ODE3WhcNMDgwODA5MDA1ODE3WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4GGMIGDMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFAN63wzf3JM996XMJ3vcIvbpVZfwMA4GA1UdDwEB/wQE
-AwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0
-cy1yLXVzLmhhY3Rybi5uZXQvTElSMi8wDQYJKoZIhvcNAQELBQADggEBAG8aallC
-Sw1knuRugK7U7QDMUusEv+JILiSJvd+pz5MnR4DF1uGU9UrQ91JIScMqIN6HduGg
-EdWgGfVw30Ucckdrr1tTXR1JWmIh+TtJGJ2xbFNtnYUs/INy/7d9TwE2Qd+jA1E0
-4l4lZUzRJfjjkgZ6ypdCbGBYBVT1nbmQ/K4yo8Xc23VVly7bGjJlROargRSy4YzF
-pQmkBy7t7kQoaikOb6AIqiooJOjPfyLbVrT8RSYTmkFVXIExs23QPsxibdHYuSoP
-K1hAeuAC0jFMT9/FLNG6yYzjuXR+XN2l+HWT/iZpUnC9LgEaN9FTroDVW1YMcuTG
-uns/mSq/p7DXO+w=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/16.pem b/scripts/resource-cert-samples/RIR/16.pem
deleted file mode 100644
index ebfd1e7b..00000000
--- a/scripts/resource-cert-samples/RIR/16.pem
+++ /dev/null
@@ -1,79 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 22 (0x16)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 00:58:17 2007 GMT
- Not After : Aug 9 00:58:17 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Signature Algorithm: sha256WithRSAEncryption
- 45:76:2c:fa:d1:3b:02:23:5f:e3:3f:07:7e:ad:92:c0:7d:ba:
- 8b:6d:ff:3c:33:c2:d4:06:4d:ca:71:41:6a:36:a2:e3:3a:34:
- 0c:9e:b1:21:a2:17:91:3b:e9:e3:50:57:25:2e:dc:4f:1a:67:
- 30:52:3e:36:04:0a:ce:03:84:f6:b0:1b:1c:59:66:4b:d1:68:
- 5a:cf:3b:7d:f4:28:74:6d:16:ba:7c:ad:5c:f0:6a:39:73:33:
- fe:c0:8d:d7:55:c0:cb:df:f3:d4:51:34:fe:62:42:97:70:61:
- bd:cc:bc:1c:c7:37:5f:d4:f1:2b:cb:3b:11:4c:84:77:db:5e:
- 66:2d:37:71:d5:f5:91:01:be:4e:97:8b:ae:6e:83:9a:9a:e3:
- d8:47:a9:fc:7f:b3:80:67:c1:60:60:3e:66:64:e8:ae:d8:7a:
- 72:50:fd:59:75:dd:fd:f0:69:92:ce:f6:c9:cc:49:72:eb:70:
- 48:28:e7:f7:1c:d4:a0:75:40:ef:50:f4:9f:e4:74:26:e5:90:
- ae:c4:fb:c5:b9:0a:5f:da:61:c2:78:f4:0d:0b:b8:ed:28:d9:
- b7:26:6a:8f:1d:43:22:72:f3:a6:3c:36:d8:40:9f:d7:49:68:
- d0:af:64:48:f8:69:55:98:9c:e9:47:5b:1b:15:06:5f:60:80:
- e9:e2:72:f7
------BEGIN CERTIFICATE-----
-MIIDNzCCAh+gAwIBAgIBFjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDA1ODE3WhcNMDgwODA5MDA1ODE3WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4GGMIGDMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQE
-AwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0
-cy1yLXVzLmhhY3Rybi5uZXQvTElSMS8wDQYJKoZIhvcNAQELBQADggEBAEV2LPrR
-OwIjX+M/B36tksB9uott/zwzwtQGTcpxQWo2ouM6NAyesSGiF5E76eNQVyUu3E8a
-ZzBSPjYECs4DhPawGxxZZkvRaFrPO330KHRtFrp8rVzwajlzM/7AjddVwMvf89RR
-NP5iQpdwYb3MvBzHN1/U8SvLOxFMhHfbXmYtN3HV9ZEBvk6Xi65ug5qa49hHqfx/
-s4BnwWBgPmZk6K7YenJQ/Vl13f3waZLO9snMSXLrcEgo5/cc1KB1QO9Q9J/kdCbl
-kK7E+8W5Cl/aYcJ49A0LuO0o2bcmao8dQyJy86Y8NthAn9dJaNCvZEj4aVWYnOlH
-WxsVBl9ggOnicvc=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/17.pem b/scripts/resource-cert-samples/RIR/17.pem
deleted file mode 100644
index 08089ed2..00000000
--- a/scripts/resource-cert-samples/RIR/17.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 23 (0x17)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 98:59:33:64:37:e0:05:3f:f1:4a:d6:c3:45:92:92:f4:da:0e:
- 35:de:70:0a:ab:49:10:c9:a2:74:c6:ad:2b:cb:de:3e:0e:3f:
- 2e:2d:0d:f1:65:0a:b9:f6:c6:fe:80:8a:d2:a9:fe:41:f7:6d:
- 8f:92:f4:f6:4a:d0:36:6f:06:de:f6:30:91:ac:1d:c3:a7:d0:
- 7a:4a:40:9c:88:fd:0f:b8:f7:46:0c:d0:a5:85:48:e7:47:e1:
- 9a:d2:e7:3e:36:fc:e5:e4:13:98:b2:48:a7:b1:bb:b5:86:11:
- 35:42:20:97:6a:d6:a1:ae:1b:33:1b:6d:1c:9b:e8:9d:8c:05:
- 44:e3:d3:7e:53:d6:d8:da:76:85:6d:8f:dc:d1:1b:c4:cd:87:
- de:73:dd:09:26:eb:ac:49:62:5f:fb:44:42:d5:81:0f:11:eb:
- 3f:5c:83:2d:ed:51:12:66:e6:ff:2c:83:ac:40:0a:85:01:b4:
- 08:4b:32:14:ff:a5:a6:33:30:f2:10:ac:bb:55:9c:65:3b:78:
- 35:0e:45:c6:0d:64:b0:ef:1f:f7:7f:79:43:fd:97:b9:ea:8b:
- 8e:5d:56:76:fa:cb:39:17:f3:27:b2:b0:1d:87:1f:52:50:54:
- 55:69:5a:37:f1:42:07:ed:68:90:b0:63:7c:f1:10:19:29:44:
- f7:58:ee:eb
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBFzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwMjMxWhcNMDgwODA5MDEwMjMxWjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBCwUAA4IBAQCYWTNkN+AFP/FK1sNFkpL02g413nAKq0kQyaJ0
-xq0ry94+Dj8uLQ3xZQq59sb+gIrSqf5B922PkvT2StA2bwbe9jCRrB3Dp9B6SkCc
-iP0PuPdGDNClhUjnR+Ga0uc+Nvzl5BOYskinsbu1hhE1QiCXatahrhszG20cm+id
-jAVE49N+U9bY2naFbY/c0RvEzYfec90JJuusSWJf+0RC1YEPEes/XIMt7VESZub/
-LIOsQAqFAbQISzIU/6WmMzDyEKy7VZxlO3g1DkXGDWSw7x/3f3lD/Ze56ouOXVZ2
-+ss5F/MnsrAdhx9SUFRVaVo38UIH7WiQsGN88RAZKUT3WO7r
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/18.pem b/scripts/resource-cert-samples/RIR/18.pem
deleted file mode 100644
index 61f31504..00000000
--- a/scripts/resource-cert-samples/RIR/18.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 24 (0x18)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 48:75:33:bf:1e:19:3b:50:a8:af:35:67:af:b3:e9:f5:53:68:
- ea:41:f9:cf:21:a6:cb:ad:f3:ac:20:2b:79:c9:15:7a:9b:7f:
- 88:70:ac:34:64:44:92:7f:56:41:f1:8e:af:9f:e6:28:6f:74:
- d5:d3:d3:7b:99:1f:92:8f:58:9d:03:b3:f9:b1:9f:c4:8e:b1:
- ea:bb:cf:11:02:70:7b:9c:0e:36:f9:13:41:fb:3f:94:aa:95:
- 33:25:f4:4b:4c:cf:11:c4:39:1b:74:fc:98:92:84:4a:58:09:
- f3:e5:d2:1c:06:cf:73:79:98:68:ec:17:c2:4f:24:38:7d:47:
- b9:6d:62:c6:70:69:2e:83:0c:d1:77:e1:78:a2:b5:ea:0e:17:
- d4:93:7b:9c:c1:1d:48:aa:ba:95:03:9d:0f:1a:d8:65:36:84:
- 5b:2b:57:44:af:ef:0e:56:f8:3f:63:34:79:d4:98:8d:c6:7c:
- 3c:b5:cc:26:ab:5c:04:01:aa:ff:c7:00:2c:12:4c:e4:9e:29:
- f4:30:95:ab:28:d5:f0:91:b1:4b:cc:a9:43:58:d1:81:45:7b:
- 48:50:7e:b8:21:25:2a:58:d7:65:e7:1f:09:30:25:09:08:83:
- 5b:fd:c4:42:bd:d7:a1:72:e4:97:ce:f6:c9:72:38:59:2f:e6:
- e4:06:a4:99
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIBGDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwMjMxWhcNMDgwODA5MDEwMjMxWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBQjCCAT4wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAh
-BggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/
-BEIwQDASBAIAATAMAwQACgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAK
-AAADEAAgAQ24AAAAAAAAAAAKAwAwDQYJKoZIhvcNAQELBQADggEBAEh1M78eGTtQ
-qK81Z6+z6fVTaOpB+c8hpsut86wgK3nJFXqbf4hwrDRkRJJ/VkHxjq+f5ihvdNXT
-03uZH5KPWJ0Ds/mxn8SOseq7zxECcHucDjb5E0H7P5SqlTMl9EtMzxHEORt0/JiS
-hEpYCfPl0hwGz3N5mGjsF8JPJDh9R7ltYsZwaS6DDNF34XiiteoOF9STe5zBHUiq
-upUDnQ8a2GU2hFsrV0Sv7w5W+D9jNHnUmI3GfDy1zCarXAQBqv/HACwSTOSeKfQw
-laso1fCRsUvMqUNY0YFFe0hQfrghJSpY12XnHwkwJQkIg1v9xEK916Fy5JfO9sly
-OFkv5uQGpJk=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/19.pem b/scripts/resource-cert-samples/RIR/19.pem
deleted file mode 100644
index e258d4d7..00000000
--- a/scripts/resource-cert-samples/RIR/19.pem
+++ /dev/null
@@ -1,95 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- ab:e6:eb:32:dd:27:9e:57:ba:21:b7:f2:7f:38:ba:b9:35:c6:
- fb:73:c8:70:83:63:80:8f:10:99:56:fc:27:66:d3:19:36:61:
- 0d:96:f5:aa:1e:2b:8d:75:3f:cf:9a:5e:8c:17:51:21:31:6f:
- ac:ce:d7:18:21:03:3e:b9:b5:4b:50:23:3a:1c:45:5e:51:d9:
- 91:73:84:19:98:bd:52:3f:77:f9:c1:ae:94:e0:be:5a:70:20:
- 1b:68:55:4a:9b:02:7b:7f:a0:4c:86:d8:41:54:58:f0:65:b9:
- 18:03:9e:92:d0:5e:bf:6b:d9:42:b3:20:fe:f8:87:65:54:17:
- 88:69:cd:e1:b7:73:37:2b:bf:e0:10:52:0a:4f:72:e7:3e:c8:
- 6c:91:37:cb:16:6b:e3:76:45:4d:68:80:92:45:7d:0f:7d:46:
- 11:6d:5a:e9:63:38:c3:7f:84:87:4c:66:28:11:d9:a3:db:75:
- d8:72:5e:a6:46:3a:14:28:9d:86:e3:bc:a5:15:4c:8c:0c:54:
- 8c:9a:0b:4a:ad:72:9a:c5:60:f5:92:ef:9e:ef:be:38:c4:28:
- 44:a8:26:80:dc:26:4a:27:4c:d0:ba:f6:ba:fb:9c:5c:7c:3b:
- 80:7a:37:3f:bd:eb:8f:f5:21:db:b4:80:77:a8:bb:b0:19:07:
- 00:65:9a:82
------BEGIN CERTIFICATE-----
-MIID8DCCAtigAwIBAgIBGTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwMjMxWhcNMDgwODA5MDEwMjMxWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBPjCCATowDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEE
-AgACMDswJgMRAiABDbgAAAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEA
-IAENuAAAAAAAAAAQAAAARDANBgkqhkiG9w0BAQsFAAOCAQEAq+brMt0nnle6Ibfy
-fzi6uTXG+3PIcINjgI8QmVb8J2bTGTZhDZb1qh4rjXU/z5pejBdRITFvrM7XGCED
-Prm1S1AjOhxFXlHZkXOEGZi9Uj93+cGulOC+WnAgG2hVSpsCe3+gTIbYQVRY8GW5
-GAOektBev2vZQrMg/viHZVQXiGnN4bdzNyu/4BBSCk9y5z7IbJE3yxZr43ZFTWiA
-kkV9D31GEW1a6WM4w3+Eh0xmKBHZo9t12HJepkY6FCidhuO8pRVMjAxUjJoLSq1y
-msVg9ZLvnu++OMQoRKgmgNwmSidM0Lr2uvucXHw7gHo3P73rj/Uh27SAd6i7sBkH
-AGWagg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/1A.pem b/scripts/resource-cert-samples/RIR/1A.pem
deleted file mode 100644
index 9b92b771..00000000
--- a/scripts/resource-cert-samples/RIR/1A.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:02:31 2007 GMT
- Not After : Aug 9 01:02:31 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 1f:83:71:23:e8:ef:c9:a9:7f:c1:a3:c3:73:64:67:f3:0a:c0:
- b8:1f:17:71:b0:f6:97:be:db:5d:bf:79:ea:d8:af:cc:16:f4:
- ee:f1:01:e3:df:a4:f5:a7:d9:d0:12:28:fc:02:69:91:eb:1f:
- e5:fa:b3:3c:ba:9a:34:20:ce:0a:68:73:b8:aa:62:dd:b1:54:
- f9:b6:ab:70:23:e0:c6:55:d5:a7:ad:ab:5b:bf:12:38:44:7b:
- b1:36:20:6e:1b:d1:30:5e:c2:a3:c6:db:19:4e:f1:e8:71:32:
- 1a:04:b4:96:31:9b:5e:c8:25:94:72:05:f1:96:a4:82:69:62:
- c6:67:7f:53:b6:71:b1:72:7f:9b:94:f4:04:fe:32:ed:7b:ee:
- 4e:4a:6a:6c:b8:70:db:2d:4a:7c:b9:23:8b:d0:39:b1:a5:9f:
- c8:ee:51:95:3d:e0:e6:d2:45:0b:8a:83:d0:41:13:f6:39:ce:
- 5f:a6:91:00:6c:e1:dc:51:e0:b8:7c:6c:e4:a7:54:b8:26:04:
- 8c:bb:5a:35:0b:d9:4f:dd:52:78:21:e2:a7:ca:ef:a7:10:cf:
- 44:27:2b:f4:88:d8:18:c3:e1:5a:42:12:a3:05:1e:08:7a:06:
- 1f:24:64:05:14:d9:b2:2d:92:4e:cd:45:8b:45:c6:9e:ca:10:
- 72:0d:43:09
------BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIBGjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwMjMxWhcNMDgwODA5MDEwMjMxWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBIzCCAR8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYE
-AgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0B
-AQsFAAOCAQEAH4NxI+jvyal/waPDc2Rn8wrAuB8XcbD2l77bXb956tivzBb07vEB
-49+k9afZ0BIo/AJpkesf5fqzPLqaNCDOCmhzuKpi3bFU+barcCPgxlXVp62rW78S
-OER7sTYgbhvRMF7Co8bbGU7x6HEyGgS0ljGbXsgllHIF8Zakgmlixmd/U7ZxsXJ/
-m5T0BP4y7XvuTkpqbLhw2y1KfLkji9A5saWfyO5RlT3g5tJFC4qD0EET9jnOX6aR
-AGzh3FHguHxs5KdUuCYEjLtaNQvZT91SeCHip8rvpxDPRCcr9IjYGMPhWkISowUe
-CHoGHyRkBRTZsi2STs1Fi0XGnsoQcg1DCQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/1B.pem b/scripts/resource-cert-samples/RIR/1B.pem
deleted file mode 100644
index 300059d2..00000000
--- a/scripts/resource-cert-samples/RIR/1B.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 27 (0x1b)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:07:08 2007 GMT
- Not After : Aug 9 01:07:08 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 7c:1c:ce:a8:d1:0f:62:6e:a9:c2:b1:1a:5d:12:64:0b:07:3f:
- 32:63:9e:f5:0c:29:f6:5a:72:40:7d:a2:02:a0:cb:2a:c0:e0:
- 66:d7:bd:0a:1e:c4:59:ee:99:33:f8:c3:a7:4b:56:8c:1d:62:
- f5:c3:ee:12:45:3e:2f:29:ed:11:29:ae:1f:c0:8f:d6:ac:dd:
- f4:74:21:07:b0:54:cc:6b:ca:37:38:82:7b:d4:e1:1f:00:b4:
- ac:be:b4:71:5f:74:96:1b:39:ef:fc:ae:0c:b5:b2:7b:be:e5:
- 16:66:21:2f:aa:ba:1a:52:63:d3:3f:38:91:7b:2d:c8:fd:f6:
- aa:f0:f1:c5:39:4f:7d:79:b3:e3:e6:a0:95:6b:a3:66:10:dd:
- d4:0f:93:0f:34:13:b0:1c:a3:b4:88:ba:ba:b6:f5:55:ba:f2:
- 1c:6c:1c:9d:1d:fe:e7:49:c9:10:9a:c7:68:b0:2c:d7:0e:c1:
- 73:93:07:65:2b:3f:ed:98:ff:4d:f4:6b:b6:c0:4b:25:40:43:
- 33:b6:44:b9:de:62:27:bf:cd:6d:36:9d:60:a8:bd:25:67:21:
- 53:a4:64:d7:67:7b:0b:ff:a2:22:72:cd:8a:b2:57:7c:13:02:
- 97:93:96:cc:3b:61:40:6d:5c:da:d6:79:b6:ac:e0:05:fe:dd:
- f9:7f:24:2c
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBGzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwNzA4WhcNMDgwODA5MDEwNzA4WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBCwUAA4IBAQB8HM6o0Q9ibqnCsRpdEmQLBz8yY571DCn2WnJA
-faICoMsqwOBm170KHsRZ7pkz+MOnS1aMHWL1w+4SRT4vKe0RKa4fwI/WrN30dCEH
-sFTMa8o3OIJ71OEfALSsvrRxX3SWGznv/K4MtbJ7vuUWZiEvqroaUmPTPziRey3I
-/faq8PHFOU99ebPj5qCVa6NmEN3UD5MPNBOwHKO0iLq6tvVVuvIcbBydHf7nSckQ
-msdosCzXDsFzkwdlKz/tmP9N9Gu2wEslQEMztkS53mInv81tNp1gqL0lZyFTpGTX
-Z3sL/6Iics2Ksld8EwKXk5bMO2FAbVza1nm2rOAF/t35fyQs
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/1C.pem b/scripts/resource-cert-samples/RIR/1C.pem
deleted file mode 100644
index 786dc6b4..00000000
--- a/scripts/resource-cert-samples/RIR/1C.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 28 (0x1c)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:07:08 2007 GMT
- Not After : Aug 9 01:07:08 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 59:02:31:4f:92:0b:01:2d:98:ab:45:b8:7b:a9:b8:60:88:a1:
- 8c:e3:84:e7:0b:20:a7:9c:e1:a2:7c:aa:9f:e3:a2:f2:5c:0e:
- 55:bd:a7:1d:96:e1:fb:0c:16:7d:85:07:42:95:bf:e9:14:c5:
- 6f:e5:91:84:88:b7:e7:3b:16:7a:77:08:8e:68:ff:da:44:65:
- 04:65:3e:7e:18:5f:ed:56:62:57:fb:b6:da:b4:08:c9:cf:17:
- bb:83:34:7a:49:f6:22:02:a4:49:d7:55:c5:d1:22:df:92:f3:
- 65:5d:2c:de:ac:0e:f3:9c:18:36:f9:b7:8a:5f:df:d6:5d:84:
- 31:7f:76:95:e2:59:53:4a:40:8e:99:6d:ae:3b:9d:86:ce:2a:
- 75:1d:49:7c:26:3e:90:2b:34:87:c9:4a:7a:aa:70:59:68:d3:
- 81:7f:1b:ee:fc:ea:72:65:60:c9:9e:94:50:8d:62:93:d5:7e:
- 52:68:06:c9:d8:e5:bf:a0:db:cd:c2:90:93:0e:9f:1a:66:2f:
- 14:16:4a:57:4a:15:bb:0e:d4:73:96:91:1b:a6:00:5f:77:13:
- 03:a7:93:65:9a:df:03:42:a8:7c:4e:dc:89:32:ae:80:94:f7:
- c3:d7:ed:33:7c:45:ea:34:4d:ea:fe:bd:31:50:c3:81:3f:12:
- c8:1f:f8:63
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIBHDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwNzA4WhcNMDgwODA5MDEwNzA4WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBQjCCAT4wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAh
-BggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/
-BEIwQDASBAIAATAMAwQACgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAK
-AAADEAAgAQ24AAAAAAAAAAAKAwAwDQYJKoZIhvcNAQELBQADggEBAFkCMU+SCwEt
-mKtFuHupuGCIoYzjhOcLIKec4aJ8qp/jovJcDlW9px2W4fsMFn2FB0KVv+kUxW/l
-kYSIt+c7Fnp3CI5o/9pEZQRlPn4YX+1WYlf7ttq0CMnPF7uDNHpJ9iICpEnXVcXR
-It+S82VdLN6sDvOcGDb5t4pf39ZdhDF/dpXiWVNKQI6Zba47nYbOKnUdSXwmPpAr
-NIfJSnqqcFlo04F/G+786nJlYMmelFCNYpPVflJoBsnY5b+g283CkJMOnxpmLxQW
-SldKFbsO1HOWkRumAF93EwOnk2Wa3wNCqHxO3IkyroCU98PX7TN8Reo0Ter+vTFQ
-w4E/Esgf+GM=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/1D.pem b/scripts/resource-cert-samples/RIR/1D.pem
deleted file mode 100644
index ef7eb793..00000000
--- a/scripts/resource-cert-samples/RIR/1D.pem
+++ /dev/null
@@ -1,95 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 29 (0x1d)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:07:08 2007 GMT
- Not After : Aug 9 01:07:08 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 0c:51:a0:58:12:e3:9e:03:0a:45:a2:db:eb:7b:98:b1:32:a8:
- 87:e2:0a:79:4d:a6:56:83:7c:a3:14:78:98:ba:4d:8f:e4:59:
- 06:15:f6:3a:01:6c:5c:21:a5:1e:97:09:42:24:7c:11:a0:4e:
- f3:9a:de:50:c2:88:2b:1b:59:6c:12:0e:26:10:40:21:16:e1:
- 60:96:bb:4d:53:0f:79:47:28:e0:10:cf:61:f3:82:5f:3a:7f:
- ec:e2:3f:f5:60:70:d8:ca:05:ce:cb:f9:49:f8:15:be:0e:18:
- e2:f4:3c:f3:1f:5a:31:77:9d:e4:69:17:4a:4f:4d:d6:eb:58:
- d6:c7:28:87:15:7c:d0:51:69:59:02:a9:e7:14:a8:d6:5f:6e:
- 25:b3:2c:8b:ed:58:f7:84:40:ae:95:4d:67:f5:86:d8:2e:9b:
- 1f:29:3a:38:a9:7b:8c:6f:62:df:31:a6:a3:17:ec:19:94:93:
- c9:17:36:9b:51:6c:79:c7:4a:4a:08:25:ef:db:13:d8:de:95:
- 80:87:28:aa:ae:3d:fb:d8:80:54:cb:31:f3:40:49:28:8f:08:
- c9:dc:c3:6d:1d:de:16:57:11:f5:56:89:1d:5a:b9:54:d1:f0:
- c4:48:c6:39:05:53:26:15:be:1a:dc:6c:70:6c:f9:71:59:d8:
- 2f:f4:b4:81
------BEGIN CERTIFICATE-----
-MIID8DCCAtigAwIBAgIBHTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwNzA4WhcNMDgwODA5MDEwNzA4WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBPjCCATowDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEE
-AgACMDswJgMRAiABDbgAAAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEA
-IAENuAAAAAAAAAAQAAAARDANBgkqhkiG9w0BAQsFAAOCAQEADFGgWBLjngMKRaLb
-63uYsTKoh+IKeU2mVoN8oxR4mLpNj+RZBhX2OgFsXCGlHpcJQiR8EaBO85reUMKI
-KxtZbBIOJhBAIRbhYJa7TVMPeUco4BDPYfOCXzp/7OI/9WBw2MoFzsv5SfgVvg4Y
-4vQ88x9aMXed5GkXSk9N1utY1scohxV80FFpWQKp5xSo1l9uJbMsi+1Y94RArpVN
-Z/WG2C6bHyk6OKl7jG9i3zGmoxfsGZSTyRc2m1FsecdKSggl79sT2N6VgIcoqq49
-+9iAVMsx80BJKI8IydzDbR3eFlcR9VaJHVq5VNHwxEjGOQVTJhW+GtxscGz5cVnY
-L/S0gQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/1E.pem b/scripts/resource-cert-samples/RIR/1E.pem
deleted file mode 100644
index 93d846b8..00000000
--- a/scripts/resource-cert-samples/RIR/1E.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 30 (0x1e)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:07:08 2007 GMT
- Not After : Aug 9 01:07:08 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 1e:aa:13:82:d7:ac:b4:cf:87:8f:61:5e:f4:b5:0a:2c:36:5f:
- 6c:ae:a2:65:46:06:b2:f7:86:f5:81:a7:15:51:87:a8:f1:9d:
- b8:37:e8:5a:27:9a:27:a6:c4:fc:eb:64:03:b1:b9:ee:93:e4:
- 6f:b6:b8:d7:40:47:20:91:a2:ba:50:f0:c4:98:a6:96:14:3f:
- 79:1a:8c:de:3e:b2:57:6a:7a:83:22:9d:8c:05:4e:22:46:4a:
- de:98:7f:9d:78:9e:e4:43:10:8c:29:4f:9f:d0:51:a4:70:e4:
- ed:ef:b6:72:99:08:8c:5d:c3:4e:60:82:66:05:ae:a0:b8:31:
- 4f:77:33:c9:57:9a:7d:bc:d2:8c:1f:60:10:58:8d:db:0a:c0:
- 96:f4:29:a7:e1:54:d5:fa:a7:50:93:fa:18:3d:e3:98:14:c4:
- 9d:d5:61:af:31:79:f6:af:eb:07:ae:ce:58:e6:62:ed:a0:2a:
- c3:4a:93:8b:03:06:6a:e8:2a:ef:c9:82:c7:ae:49:25:65:94:
- 85:e6:94:d6:6f:71:17:c7:e6:ab:50:60:a3:c8:7e:e6:51:05:
- de:e8:bf:d5:9d:90:9d:b6:a7:eb:97:4d:47:99:b0:d9:de:ae:
- d9:de:fb:36:3c:c2:7b:f5:25:ed:72:1a:c4:6b:eb:7c:ad:37:
- 34:04:c5:cb
------BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIBHjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDEwNzA4WhcNMDgwODA5MDEwNzA4WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBIzCCAR8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYE
-AgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0B
-AQsFAAOCAQEAHqoTgtestM+Hj2Fe9LUKLDZfbK6iZUYGsveG9YGnFVGHqPGduDfo
-WieaJ6bE/OtkA7G57pPkb7a410BHIJGiulDwxJimlhQ/eRqM3j6yV2p6gyKdjAVO
-IkZK3ph/nXie5EMQjClPn9BRpHDk7e+2cpkIjF3DTmCCZgWuoLgxT3czyVeafbzS
-jB9gEFiN2wrAlvQpp+FU1fqnUJP6GD3jmBTEndVhrzF59q/rB67OWOZi7aAqw0qT
-iwMGaugq78mCx65JJWWUheaU1m9xF8fmq1Bgo8h+5lEF3ui/1Z2Qnban65dNR5mw
-2d6u2d77NjzCe/Ul7XIaxGvrfK03NATFyw==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/1F.pem b/scripts/resource-cert-samples/RIR/1F.pem
deleted file mode 100644
index 9dd25967..00000000
--- a/scripts/resource-cert-samples/RIR/1F.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 31 (0x1f)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- Signature Algorithm: sha256WithRSAEncryption
- 4f:b2:00:11:14:e9:a9:dc:f3:20:a2:78:94:b7:c5:dd:0c:ff:
- fc:e1:68:13:24:a6:e1:f5:32:47:b2:3a:d4:4c:90:e2:cd:64:
- ef:6d:7d:5c:35:01:96:8f:68:69:dd:be:ff:fa:a2:33:a4:23:
- 28:e5:8d:2e:f6:05:fd:54:85:84:86:2f:01:ba:71:cd:b0:ea:
- d5:ab:06:8a:55:15:1e:1e:55:e5:c2:f5:93:0d:43:fc:c8:2d:
- f6:d7:57:8b:d9:71:9a:e6:8b:5a:ce:ea:5d:3c:e8:ae:66:7d:
- 69:3f:6d:1e:bd:5d:f4:7b:69:90:bb:72:4a:f3:7c:8e:08:33:
- 75:c9:48:53:20:16:ca:02:71:0f:6d:e7:bd:14:73:60:42:69:
- 8f:2e:b9:f5:fb:39:e5:5d:51:94:7b:3f:d3:6d:25:64:f8:0c:
- 68:e6:cd:d5:e1:10:da:d5:24:00:b0:3c:97:b1:69:e5:67:0b:
- 05:1b:46:86:d1:d7:2f:17:0e:17:98:bb:54:9f:4e:60:40:0f:
- 7a:77:9e:f0:33:d4:0a:8e:56:f9:57:30:a0:cf:b1:86:41:35:
- dd:d3:f3:b3:35:56:4b:e1:83:ba:a0:9d:40:8d:d0:70:dc:ff:
- 60:9d:73:15:84:c5:8a:20:2b:28:02:16:5a:dd:b0:19:ee:cb:
- bd:ea:1f:9b
------BEGIN CERTIFICATE-----
-MIIDFDCCAfygAwIBAgIBHzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExMzM5WhcNMDgwODA5MDExMzM5WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjZTBjMA8GA1UdEwEB/wQFMAMB
-Af8wDgYDVR0PAQH/BAQDAgEGMEAGCCsGAQUFBwELBDQwMjAwBggrBgEFBQcwBYYk
-cnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJuLm5ldC9SSVIvMA0GCSqGSIb3DQEB
-CwUAA4IBAQBPsgARFOmp3PMgoniUt8XdDP/84WgTJKbh9TJHsjrUTJDizWTvbX1c
-NQGWj2hp3b7/+qIzpCMo5Y0u9gX9VIWEhi8BunHNsOrVqwaKVRUeHlXlwvWTDUP8
-yC3211eL2XGa5otazupdPOiuZn1pP20evV30e2mQu3JK83yOCDN1yUhTIBbKAnEP
-bee9FHNgQmmPLrn1+znlXVGUez/TbSVk+Axo5s3V4RDa1SQAsDyXsWnlZwsFG0aG
-0dcvFw4XmLtUn05gQA96d57wM9QKjlb5VzCgz7GGQTXd0/OzNVZL4YO6oJ1AjdBw
-3P9gnXMVhMWKICsoAhZa3bAZ7su96h+b
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/20.pem b/scripts/resource-cert-samples/RIR/20.pem
deleted file mode 100644
index fe5d4fc2..00000000
--- a/scripts/resource-cert-samples/RIR/20.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 32 (0x20)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Signature Algorithm: sha256WithRSAEncryption
- 21:11:08:a5:7c:20:fa:f3:da:ce:31:cd:f4:f4:e2:dc:46:9c:
- 7c:3f:b0:02:04:9c:f8:2e:63:c9:d6:2d:8c:01:44:ea:99:5e:
- 50:e2:33:f0:20:0b:df:3d:a5:59:2d:16:d7:e7:8f:3b:f0:84:
- 57:d0:23:a3:52:7c:27:34:af:62:b3:97:aa:c4:21:93:8d:34:
- 8d:56:9b:8e:b5:b7:da:24:46:e8:2f:e7:b5:f3:92:2b:46:21:
- b2:b2:1f:7a:c2:be:f4:af:5d:1b:18:bb:39:3c:ee:e3:18:25:
- 22:b4:fd:72:0c:4c:5a:e2:99:75:28:9b:9c:81:a1:da:64:83:
- cf:26:22:99:d8:77:b4:6a:80:84:5d:cc:cb:62:5c:f5:00:dc:
- 72:14:33:20:90:06:20:01:ed:3a:08:28:a4:7c:e4:51:00:33:
- 8b:09:8a:bc:8a:fa:f0:81:a9:ae:69:a6:e6:df:4c:4d:08:47:
- cf:46:6f:03:eb:7e:85:86:34:9a:0d:18:51:24:39:cf:47:23:
- 25:b3:6e:27:3f:f9:59:7e:da:e0:bf:08:e5:8f:55:f0:cf:e4:
- c5:c1:f4:a9:91:ae:09:3e:41:1b:f0:76:2d:0f:a8:4d:05:8d:
- 3c:3e:81:81:ec:6c:62:2d:3a:63:81:12:b2:36:23:ed:25:8c:
- b5:f4:3d:e1
------BEGIN CERTIFICATE-----
-MIIDFjCCAf6gAwIBAgIBIDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExMzM5WhcNMDgwODA5MDExMzM5WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo2YwZDAPBgNVHRMBAf8EBTAD
-AQH/MA4GA1UdDwEB/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWG
-JXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy8wDQYJKoZIhvcN
-AQELBQADggEBACERCKV8IPrz2s4xzfT04txGnHw/sAIEnPguY8nWLYwBROqZXlDi
-M/AgC989pVktFtfnjzvwhFfQI6NSfCc0r2Kzl6rEIZONNI1Wm461t9okRugv57Xz
-kitGIbKyH3rCvvSvXRsYuzk87uMYJSK0/XIMTFrimXUom5yBodpkg88mIpnYd7Rq
-gIRdzMtiXPUA3HIUMyCQBiAB7ToIKKR85FEAM4sJiryK+vCBqa5ppubfTE0IR89G
-bwPrfoWGNJoNGFEkOc9HIyWzbic/+Vl+2uC/COWPVfDP5MXB9KmRrgk+QRvwdi0P
-qE0FjTw+gYHsbGItOmOBErI2I+0ljLX0PeE=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/21.pem b/scripts/resource-cert-samples/RIR/21.pem
deleted file mode 100644
index 0465b7a4..00000000
--- a/scripts/resource-cert-samples/RIR/21.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 33 (0x21)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Signature Algorithm: sha256WithRSAEncryption
- 69:44:b7:68:fa:e8:4a:16:7e:93:63:18:39:f4:3b:12:19:62:
- 6b:9a:b8:2e:cf:b4:26:a7:fc:e1:01:9a:c9:33:00:34:47:76:
- 24:1d:c3:09:65:fb:d4:68:31:47:ca:e8:07:20:6f:af:fe:ad:
- 28:19:d5:12:31:d7:dd:60:3f:35:6d:fd:02:7a:a6:99:42:d5:
- f4:c7:42:34:8f:53:20:a2:fb:8c:f6:87:97:c9:81:95:09:02:
- a5:60:ad:0c:2d:01:15:8a:92:16:34:d6:5b:2e:ac:95:4f:93:
- 04:27:ac:47:d8:f4:48:53:36:bc:2a:77:4b:16:f9:21:be:a4:
- 85:65:62:9d:75:68:dd:95:fb:0f:74:2d:e0:be:4a:8b:86:88:
- 03:fa:e4:58:a9:46:51:26:b4:d7:5c:a8:cf:6a:29:86:be:68:
- 66:46:e0:92:b2:18:9a:14:e9:c0:02:51:68:31:9c:17:75:ac:
- 86:b1:e1:41:d7:22:4d:9c:ef:55:4d:2a:85:0b:62:e6:b2:5c:
- 04:8e:09:21:0a:a7:f6:cd:1e:f3:00:20:71:01:55:cf:7d:a0:
- 03:85:82:49:7e:7a:e0:ba:a8:c8:e7:43:a7:29:08:f7:b6:ad:
- fe:f7:4a:69:a5:03:47:87:c5:87:bd:f1:86:6e:ea:5b:34:51:
- fe:00:a9:a7
------BEGIN CERTIFICATE-----
-MIIDFjCCAf6gAwIBAgIBITANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExMzM5WhcNMDgwODA5MDExMzM5WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo2YwZDAPBgNVHRMBAf8EBTAD
-AQH/MA4GA1UdDwEB/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWG
-JXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMi8wDQYJKoZIhvcN
-AQELBQADggEBAGlEt2j66EoWfpNjGDn0OxIZYmuauC7PtCan/OEBmskzADRHdiQd
-wwll+9RoMUfK6Acgb6/+rSgZ1RIx191gPzVt/QJ6pplC1fTHQjSPUyCi+4z2h5fJ
-gZUJAqVgrQwtARWKkhY01lsurJVPkwQnrEfY9EhTNrwqd0sW+SG+pIVlYp11aN2V
-+w90LeC+SouGiAP65FipRlEmtNdcqM9qKYa+aGZG4JKyGJoU6cACUWgxnBd1rIax
-4UHXIk2c71VNKoULYuayXASOCSEKp/bNHvMAIHEBVc99oAOFgkl+euC6qMjnQ6cp
-CPe2rf73SmmlA0eHxYe98YZu6ls0Uf4Aqac=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/22.pem b/scripts/resource-cert-samples/RIR/22.pem
deleted file mode 100644
index f46564dd..00000000
--- a/scripts/resource-cert-samples/RIR/22.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 34 (0x22)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:13:39 2007 GMT
- Not After : Aug 9 01:13:39 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Signature Algorithm: sha256WithRSAEncryption
- 64:a2:b2:a2:9e:50:69:0e:9f:15:f1:85:10:e8:5e:bf:22:c0:
- 2e:4c:58:1c:43:c8:ba:7d:3d:67:8c:a6:94:99:b0:fc:ec:2c:
- e2:0c:69:a7:d6:9e:35:b7:06:bd:d0:30:9a:ba:c9:1c:49:96:
- ee:06:68:45:e3:ed:48:4d:7a:c0:68:4f:57:52:e6:e7:f1:1c:
- 14:58:d5:a2:da:d0:19:c5:e9:c4:63:4f:bc:3b:10:8b:2e:fe:
- b7:95:8a:f4:7e:00:ac:f8:5b:dc:4e:70:81:d7:9e:d8:4b:e8:
- 89:03:05:3e:11:dc:8f:7a:45:a3:14:78:5f:9d:dc:fe:7f:fd:
- 4a:b0:bb:33:e0:7c:46:f4:e3:df:f7:2b:9e:64:44:ba:39:b0:
- d4:72:a3:cf:35:55:ae:04:29:ed:d8:23:22:b0:a3:16:d2:5d:
- 69:b9:c6:5a:e5:53:42:71:2b:5e:37:e1:1e:26:42:ce:29:23:
- 64:2e:51:fd:a9:e4:9b:20:65:b1:f1:c2:ce:14:56:10:68:2f:
- fc:f3:eb:55:6d:d7:a0:0e:1a:0c:52:4a:81:47:e6:34:1f:9e:
- 3a:c5:38:2e:e6:f2:43:bf:f8:e3:cb:cd:44:83:4f:7c:fb:69:
- a9:41:96:d6:50:22:b7:3c:06:e0:09:ff:34:cb:41:f6:17:97:
- 86:7d:f0:c5
------BEGIN CERTIFICATE-----
-MIIDFjCCAf6gAwIBAgIBIjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExMzM5WhcNMDgwODA5MDExMzM5WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo2YwZDAPBgNVHRMBAf8EBTAD
-AQH/MA4GA1UdDwEB/wQEAwIBBjBBBggrBgEFBQcBCwQ1MDMwMQYIKwYBBQUHMAWG
-JXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMS8wDQYJKoZIhvcN
-AQELBQADggEBAGSisqKeUGkOnxXxhRDoXr8iwC5MWBxDyLp9PWeMppSZsPzsLOIM
-aafWnjW3Br3QMJq6yRxJlu4GaEXj7UhNesBoT1dS5ufxHBRY1aLa0BnF6cRjT7w7
-EIsu/reVivR+AKz4W9xOcIHXnthL6IkDBT4R3I96RaMUeF+d3P5//UqwuzPgfEb0
-49/3K55kRLo5sNRyo881Va4EKe3YIyKwoxbSXWm5xlrlU0JxK1434R4mQs4pI2Qu
-Uf2p5JsgZbHxws4UVhBoL/zz61Vt16AOGgxSSoFH5jQfnjrFOC7m8kO/+OPLzUSD
-T3z7aalBltZQIrc8BuAJ/zTLQfYXl4Z98MU=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/23.pem b/scripts/resource-cert-samples/RIR/23.pem
deleted file mode 100644
index 62954cf1..00000000
--- a/scripts/resource-cert-samples/RIR/23.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 35 (0x23)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:15:09 2007 GMT
- Not After : Aug 9 01:15:09 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 6b:3e:b4:ef:05:b1:6c:d0:7f:e1:86:49:86:64:44:10:16:65:
- d2:ae:52:cf:da:08:79:bd:08:a2:fc:3b:90:bf:ec:6a:a3:cc:
- 78:51:cf:f9:c7:9a:65:5e:a9:11:b3:db:76:0a:2d:14:96:c5:
- d0:21:22:f1:64:b3:2c:ea:2e:20:f1:52:32:8d:c9:9a:3c:eb:
- d1:82:53:e9:57:c9:01:ed:4f:c7:0f:b5:1f:a7:8f:1a:9d:9b:
- 42:b2:c8:fa:c0:e9:24:7c:ea:b3:26:55:54:6c:fb:fc:36:3d:
- 42:84:e1:b1:40:62:d9:d8:59:fd:02:9d:c9:eb:69:54:47:1a:
- d6:b8:0a:ee:27:0c:59:ea:a4:e7:73:a8:cd:47:14:e0:2e:68:
- f3:46:79:a9:7c:d6:07:8c:06:26:d1:66:7a:a5:e8:56:f8:5e:
- f8:37:49:0a:f1:52:5c:78:c0:92:90:81:05:a5:4a:a7:60:0f:
- 4b:d3:62:14:70:be:5f:90:5b:54:9f:79:d9:a8:c9:50:bc:ab:
- ed:17:e6:a2:e0:25:b8:74:56:8c:12:66:19:41:fc:ed:eb:37:
- 21:e5:3f:56:d0:d5:ee:f2:e6:d4:53:4e:ae:78:d4:50:fd:dd:
- 03:6a:e3:29:72:5a:40:d5:3c:90:8e:d2:77:d2:28:9e:cb:77:
- 85:8c:c3:e1
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBIzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExNTA5WhcNMDgwODA5MDExNTA5WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBCwUAA4IBAQBrPrTvBbFs0H/hhkmGZEQQFmXSrlLP2gh5vQii
-/DuQv+xqo8x4Uc/5x5plXqkRs9t2Ci0UlsXQISLxZLMs6i4g8VIyjcmaPOvRglPp
-V8kB7U/HD7Ufp48anZtCssj6wOkkfOqzJlVUbPv8Nj1ChOGxQGLZ2Fn9Ap3J62lU
-RxrWuAruJwxZ6qTnc6jNRxTgLmjzRnmpfNYHjAYm0WZ6pehW+F74N0kK8VJceMCS
-kIEFpUqnYA9L02IUcL5fkFtUn3nZqMlQvKvtF+ai4CW4dFaMEmYZQfzt6zch5T9W
-0NXu8ubUU06ueNRQ/d0DauMpclpA1TyQjtJ30iiey3eFjMPh
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/24.pem b/scripts/resource-cert-samples/RIR/24.pem
deleted file mode 100644
index 419b192d..00000000
--- a/scripts/resource-cert-samples/RIR/24.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 36 (0x24)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 2a:bc:5b:b8:bc:0a:4f:52:b5:d5:01:bd:97:c3:79:df:8f:fd:
- 7b:d7:0f:fd:fc:0c:8c:3f:69:b0:24:c0:b0:65:63:bf:ca:62:
- 41:29:04:0a:52:73:b3:e1:c8:18:89:77:ba:b8:7c:6a:b7:19:
- d7:b7:93:fa:dc:62:78:f9:bd:67:45:be:cd:97:bc:b7:f0:47:
- 95:9b:97:92:70:ae:9c:58:04:49:d7:fa:af:2e:9e:d1:57:22:
- 5b:10:c3:38:68:94:bf:0f:a8:a6:f4:1f:06:59:49:57:30:11:
- 77:66:2a:f4:64:65:13:40:6b:e4:a9:6b:4d:75:4a:11:53:ab:
- 28:44:67:b5:be:45:48:47:bf:67:61:4f:83:63:bf:33:3a:68:
- 88:4e:0e:3a:60:79:86:52:65:a0:43:c6:0a:b8:ce:bc:37:eb:
- 3c:7e:ed:11:f7:e6:42:c0:64:52:70:b3:5c:4c:dc:ed:49:96:
- 64:2d:a6:19:27:87:11:ed:2d:10:96:c1:7f:ae:2d:a7:98:31:
- 70:9b:35:1d:87:b9:ec:33:0a:f3:c3:d4:47:b6:7b:ff:7a:9f:
- 04:a8:b6:bd:9d:10:12:e1:24:5a:44:5c:5b:68:c4:9a:09:64:
- 27:21:aa:f1:d4:05:42:37:41:4f:8d:f9:0a:e2:c6:3b:94:76:
- d9:d7:97:66
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIBJDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExNTEwWhcNMDgwODA5MDExNTEwWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBQjCCAT4wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAh
-BggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/
-BEIwQDASBAIAATAMAwQACgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAK
-AAADEAAgAQ24AAAAAAAAAAAKAwAwDQYJKoZIhvcNAQELBQADggEBACq8W7i8Ck9S
-tdUBvZfDed+P/XvXD/38DIw/abAkwLBlY7/KYkEpBApSc7PhyBiJd7q4fGq3Gde3
-k/rcYnj5vWdFvs2XvLfwR5Wbl5JwrpxYBEnX+q8untFXIlsQwzholL8PqKb0HwZZ
-SVcwEXdmKvRkZRNAa+Spa011ShFTqyhEZ7W+RUhHv2dhT4NjvzM6aIhODjpgeYZS
-ZaBDxgq4zrw36zx+7RH35kLAZFJws1xM3O1JlmQtphknhxHtLRCWwX+uLaeYMXCb
-NR2HuewzCvPD1Ee2e/96nwSotr2dEBLhJFpEXFtoxJoJZCchqvHUBUI3QU+N+Qri
-xjuUdtnXl2Y=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/25.pem b/scripts/resource-cert-samples/RIR/25.pem
deleted file mode 100644
index 06ca26ad..00000000
--- a/scripts/resource-cert-samples/RIR/25.pem
+++ /dev/null
@@ -1,95 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 37 (0x25)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 13:0b:5a:02:21:8a:26:5a:fd:8a:66:9c:ff:7c:61:aa:43:72:
- d0:ac:b7:9f:91:85:a9:3d:97:2b:4c:cb:5b:c1:69:0d:d2:32:
- 28:2b:5e:e6:fe:2b:71:1f:62:72:b0:ea:fd:5b:86:b0:86:09:
- e8:a1:53:86:5a:7c:58:3d:b1:74:6d:9a:40:08:b6:33:46:7d:
- 03:43:13:03:d3:c3:13:8c:71:92:5d:c0:76:bb:e0:08:95:4b:
- ca:ac:0a:c5:3d:d2:50:f5:96:8a:db:c2:ea:d0:f7:a2:00:fa:
- 10:19:44:1e:5b:93:30:ff:0f:e9:af:81:a2:6d:c4:46:d7:af:
- e9:a7:42:7c:ba:db:9f:b9:46:3d:f5:b2:19:81:2c:a7:c6:56:
- d1:37:3e:50:f1:93:0a:8a:0a:81:42:c6:f1:7f:e0:63:fa:a1:
- 7b:74:c6:ea:be:d7:37:5c:df:c1:8f:46:81:d8:a2:ce:d9:ee:
- d9:03:71:8c:cb:1c:69:2a:29:8e:09:58:de:09:7b:93:ab:7b:
- b6:56:a0:22:1c:31:e9:4d:13:19:ae:ab:f5:fa:19:5a:ad:54:
- 46:d1:6b:b3:48:7c:ac:41:75:9b:87:10:bd:ab:fa:df:37:a8:
- 29:37:65:8b:f4:90:81:85:0f:e8:e4:6e:df:84:ab:4f:99:ae:
- 67:b9:8c:db
------BEGIN CERTIFICATE-----
-MIID8DCCAtigAwIBAgIBJTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExNTEwWhcNMDgwODA5MDExNTEwWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBPjCCATowDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEE
-AgACMDswJgMRAiABDbgAAAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEA
-IAENuAAAAAAAAAAQAAAARDANBgkqhkiG9w0BAQsFAAOCAQEAEwtaAiGKJlr9imac
-/3xhqkNy0Ky3n5GFqT2XK0zLW8FpDdIyKCte5v4rcR9icrDq/VuGsIYJ6KFThlp8
-WD2xdG2aQAi2M0Z9A0MTA9PDE4xxkl3AdrvgCJVLyqwKxT3SUPWWitvC6tD3ogD6
-EBlEHluTMP8P6a+Bom3ERtev6adCfLrbn7lGPfWyGYEsp8ZW0Tc+UPGTCooKgULG
-8X/gY/qhe3TG6r7XN1zfwY9Ggdiiztnu2QNxjMscaSopjglY3gl7k6t7tlagIhwx
-6U0TGa6r9foZWq1URtFrs0h8rEF1m4cQvav63zeoKTdli/SQgYUP6ORu34SrT5mu
-Z7mM2w==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/26.pem b/scripts/resource-cert-samples/RIR/26.pem
deleted file mode 100644
index 77486c96..00000000
--- a/scripts/resource-cert-samples/RIR/26.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 38 (0x26)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Aug 10 01:15:10 2007 GMT
- Not After : Aug 9 01:15:10 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 5d:4b:e6:c3:ad:38:f8:49:32:34:7c:6a:06:ed:d0:7a:cf:9a:
- c8:a9:22:e5:46:93:37:f1:ec:4d:cd:26:43:f6:e8:ea:7a:5c:
- 08:2a:7d:e3:37:e4:98:45:16:d2:a8:0b:eb:df:d4:a0:91:04:
- 35:40:a8:c7:a5:c9:db:86:03:e3:e0:c4:17:6a:27:49:e6:4b:
- 63:68:84:0c:57:5a:ac:43:79:4e:05:41:05:e5:fc:89:f7:f4:
- 03:95:7c:b2:9e:d8:aa:a4:b5:35:26:58:96:e0:f6:70:08:f2:
- de:5c:f5:0a:c9:6a:21:3a:e6:c7:19:af:e3:d9:b1:50:e2:bf:
- db:28:df:3c:ae:e3:29:8f:22:b6:7a:a9:f6:f4:f3:7f:48:92:
- da:f4:f5:19:4d:50:63:e0:87:f6:9e:fc:8f:5e:3a:d0:81:3b:
- 8d:8a:7a:8a:0c:e9:24:a3:83:16:ca:24:4e:ef:80:7a:61:1e:
- 96:ee:5f:8d:07:68:e5:c2:13:44:30:60:02:71:9b:ef:5b:df:
- cc:a6:62:60:95:38:41:ff:93:e9:9f:c7:b8:60:34:93:db:55:
- 2b:e7:27:91:d9:06:56:8e:a4:38:28:ae:dc:02:b4:fd:33:d0:
- 17:4a:29:0f:86:19:ed:48:dc:5a:b4:e4:7a:8d:de:bc:10:c1:
- 14:d5:b2:59
------BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIBJjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcwODEwMDExNTEwWhcNMDgwODA5MDExNTEwWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBIzCCAR8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYE
-AgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0B
-AQsFAAOCAQEAXUvmw604+EkyNHxqBu3Qes+ayKki5UaTN/HsTc0mQ/bo6npcCCp9
-4zfkmEUW0qgL69/UoJEENUCox6XJ24YD4+DEF2onSeZLY2iEDFdarEN5TgVBBeX8
-iff0A5V8sp7YqqS1NSZYluD2cAjy3lz1CslqITrmxxmv49mxUOK/2yjfPK7jKY8i
-tnqp9vTzf0iS2vT1GU1QY+CH9p78j1460IE7jYp6igzpJKODFsokTu+AemEelu5f
-jQdo5cITRDBgAnGb71vfzKZiYJU4Qf+T6Z/HuGA0k9tVK+cnkdkGVo6kOCiu3AK0
-/TPQF0opD4YZ7UjcWrTkeo3evBDBFNWyWQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/27.pem b/scripts/resource-cert-samples/RIR/27.pem
deleted file mode 100644
index 899f8afe..00000000
--- a/scripts/resource-cert-samples/RIR/27.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 39 (0x27)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 2e:45:6d:53:05:ed:dd:c9:79:ad:3e:69:42:51:c2:83:f4:d6:
- e6:9b:ab:ec:70:45:6f:8b:08:83:9e:db:91:69:e2:62:03:c8:
- 84:e0:6b:9e:0a:76:80:ff:06:b3:28:ad:8b:7d:75:6c:89:0d:
- d0:91:55:a3:ed:bb:00:9b:36:23:8e:b2:77:58:05:62:30:4d:
- c5:90:f3:38:0d:75:ab:4e:5c:2e:40:15:38:76:fe:12:21:14:
- 32:52:1d:0c:3f:3a:b7:76:ef:60:98:58:ef:47:2a:20:23:bc:
- ce:63:fe:ef:d7:d5:6a:2c:08:19:61:ec:be:0d:f0:23:09:1d:
- eb:24:c0:f5:fa:30:dd:3b:65:82:09:23:e1:4b:14:15:35:8b:
- 71:88:bb:15:4b:a5:69:ff:77:b3:65:7b:32:ee:e8:5a:af:64:
- 05:cc:7f:f3:eb:72:01:5e:10:66:4c:2f:3b:d7:49:1a:21:9a:
- 1a:21:01:17:18:a3:b2:39:96:7f:3c:a4:25:c7:ea:a8:36:34:
- 60:5e:6d:95:32:a4:a7:c8:7d:af:f3:9a:fc:ed:90:05:07:5c:
- 2e:b3:f2:46:3a:ca:d0:4a:37:41:19:38:9d:f2:32:f8:b7:f2:
- b8:9b:a7:2a:e2:b2:77:8a:98:49:33:d7:33:04:de:1e:a8:5c:
- d0:e6:db:45
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBJzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDE5MTkwNjA3WhcNMDgxMDE4MTkwNjA3WjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBCwUAA4IBAQAuRW1TBe3dyXmtPmlCUcKD9Nbmm6vscEVviwiD
-ntuRaeJiA8iE4GueCnaA/wazKK2LfXVsiQ3QkVWj7bsAmzYjjrJ3WAViME3FkPM4
-DXWrTlwuQBU4dv4SIRQyUh0MPzq3du9gmFjvRyogI7zOY/7v19VqLAgZYey+DfAj
-CR3rJMD1+jDdO2WCCSPhSxQVNYtxiLsVS6Vp/3ezZXsy7uhar2QFzH/z63IBXhBm
-TC8710kaIZoaIQEXGKOyOZZ/PKQlx+qoNjRgXm2VMqSnyH2v85r87ZAFB1wus/JG
-OsrQSjdBGTid8jL4t/K4m6cq4rJ3iphJM9czBN4eqFzQ5ttF
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/28.pem b/scripts/resource-cert-samples/RIR/28.pem
deleted file mode 100644
index 5bf407ac..00000000
--- a/scripts/resource-cert-samples/RIR/28.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 40 (0x28)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 1e:63:2b:cd:40:87:83:32:a1:6e:ed:4e:17:08:9e:e9:19:3c:
- 6b:14:68:0b:7a:81:b3:fe:3e:9b:de:9e:19:a5:7d:76:6c:18:
- 5f:ed:9e:9b:59:5c:a8:1e:08:2a:71:ac:e1:40:61:89:38:fe:
- 46:c2:ba:81:d0:85:db:0f:78:a6:f6:72:03:43:e1:d5:af:21:
- 38:d8:77:fc:12:b8:b6:fe:09:8e:a2:c9:db:77:9c:94:f0:28:
- 28:bc:41:ee:42:7c:65:ce:bb:9a:15:b5:06:8f:c8:a4:cf:10:
- 39:4d:72:a0:f0:e6:7e:c3:2a:40:fc:be:c5:17:98:fe:3a:08:
- a5:cb:7b:4c:49:59:5d:c2:bd:87:ac:fe:10:1e:e0:45:69:eb:
- 2d:3d:ff:f9:12:ef:2f:ef:8a:f9:4d:e6:c1:f8:27:b5:fc:78:
- 64:cc:ee:94:95:17:cc:ed:2b:03:d6:4e:85:06:0f:a1:e2:70:
- 0a:a1:fc:01:a0:8e:70:04:0e:b0:0c:86:3e:9a:2f:a9:64:9a:
- 00:62:b0:82:30:74:6f:2c:fd:e6:bd:2c:9c:74:da:cd:07:a2:
- 0d:a4:a2:e2:1a:ad:57:4c:35:04:c5:16:7e:c8:9c:a0:57:53:
- 28:e2:8d:34:92:1a:77:9c:ff:6b:8a:4f:78:e6:2e:70:08:67:
- 82:b4:7d:9f
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIBKDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDE5MTkwNjA3WhcNMDgxMDE4MTkwNjA3WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBQjCCAT4wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAh
-BggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/
-BEIwQDASBAIAATAMAwQACgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAK
-AAADEAAgAQ24AAAAAAAAAAAKAwAwDQYJKoZIhvcNAQELBQADggEBAB5jK81Ah4My
-oW7tThcInukZPGsUaAt6gbP+PpvenhmlfXZsGF/tnptZXKgeCCpxrOFAYYk4/kbC
-uoHQhdsPeKb2cgND4dWvITjYd/wSuLb+CY6iydt3nJTwKCi8Qe5CfGXOu5oVtQaP
-yKTPEDlNcqDw5n7DKkD8vsUXmP46CKXLe0xJWV3CvYes/hAe4EVp6y09//kS7y/v
-ivlN5sH4J7X8eGTM7pSVF8ztKwPWToUGD6HicAqh/AGgjnAEDrAMhj6aL6lkmgBi
-sIIwdG8s/ea9LJx02s0Hog2kouIarVdMNQTFFn7InKBXUyjijTSSGnec/2uKT3jm
-LnAIZ4K0fZ8=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/29.pem b/scripts/resource-cert-samples/RIR/29.pem
deleted file mode 100644
index aaed0d68..00000000
--- a/scripts/resource-cert-samples/RIR/29.pem
+++ /dev/null
@@ -1,95 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 41 (0x29)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 23:d8:22:41:32:ce:3b:82:26:87:5c:52:4b:b3:ec:81:8e:06:
- 8e:a4:8d:a2:8e:e8:f6:0a:5f:d8:65:43:d2:f6:cf:2d:cb:33:
- 78:1f:ce:a4:2a:a3:18:8f:23:ef:4c:56:ae:3c:a8:21:19:3d:
- 98:e2:19:58:99:93:e3:da:25:4e:f1:2a:c9:e8:5b:5b:ed:3a:
- 2c:2c:9b:7e:5e:f3:8a:63:bf:e8:92:3b:e0:80:8e:50:ee:6e:
- 16:37:51:eb:34:b1:90:13:a8:13:9e:49:7f:da:aa:e4:b8:c8:
- e6:c7:5c:5e:15:e4:19:c2:ea:81:54:65:fc:8b:c1:c2:54:89:
- 0a:2d:d9:ad:96:e7:2b:92:c7:ca:bf:b2:d4:fb:f2:45:51:f3:
- a0:0e:39:cf:5c:10:f4:7e:8c:4c:e5:0c:65:00:38:fa:d6:24:
- 5d:5d:93:eb:a7:ee:78:65:05:6c:c5:2b:de:08:a0:3a:65:e8:
- 13:7f:1e:6c:2e:58:ce:3e:00:4d:a6:e1:28:89:61:ef:b3:66:
- 2e:6f:81:91:a5:4d:56:47:27:c2:33:28:d8:ae:ac:74:7c:76:
- eb:bc:0c:43:9a:a9:ae:52:f9:22:24:4b:3c:96:a9:3e:4e:5c:
- 8b:85:6e:f2:84:9a:5f:fa:b9:c8:66:67:cd:fa:17:3f:23:c4:
- 45:97:64:36
------BEGIN CERTIFICATE-----
-MIID8DCCAtigAwIBAgIBKTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDE5MTkwNjA3WhcNMDgxMDE4MTkwNjA3WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBPjCCATowDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEE
-AgACMDswJgMRAiABDbgAAAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEA
-IAENuAAAAAAAAAAQAAAARDANBgkqhkiG9w0BAQsFAAOCAQEAI9giQTLOO4Imh1xS
-S7PsgY4GjqSNoo7o9gpf2GVD0vbPLcszeB/OpCqjGI8j70xWrjyoIRk9mOIZWJmT
-49olTvEqyehbW+06LCybfl7zimO/6JI74ICOUO5uFjdR6zSxkBOoE55Jf9qq5LjI
-5sdcXhXkGcLqgVRl/IvBwlSJCi3ZrZbnK5LHyr+y1PvyRVHzoA45z1wQ9H6MTOUM
-ZQA4+tYkXV2T66fueGUFbMUr3gigOmXoE38ebC5Yzj4ATabhKIlh77NmLm+BkaVN
-VkcnwjMo2K6sdHx267wMQ5qprlL5IiRLPJapPk5ci4Vu8oSaX/q5yGZnzfoXPyPE
-RZdkNg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/2A.pem b/scripts/resource-cert-samples/RIR/2A.pem
deleted file mode 100644
index 7f7116ad..00000000
--- a/scripts/resource-cert-samples/RIR/2A.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 42 (0x2a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 19 19:06:07 2007 GMT
- Not After : Oct 18 19:06:07 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 56:79:7d:ae:75:85:0f:e2:2f:f9:77:f6:34:78:f7:da:4f:d2:
- 6d:df:9d:6e:0d:ab:06:15:d9:e3:99:06:ab:7f:5d:09:ec:23:
- 2b:38:75:bf:f5:43:1d:3b:b9:a7:27:a9:77:89:ba:48:47:a5:
- 72:14:50:1b:33:3b:bc:cd:9b:5a:fb:17:f3:33:7e:14:59:24:
- 9c:5c:53:01:68:8a:34:db:43:e7:ef:1c:ad:e6:ba:82:e2:dc:
- 1c:e6:7e:59:64:5d:58:89:a1:01:c5:23:10:b0:32:c1:62:54:
- 97:e8:3b:b0:0c:51:52:12:56:ea:7a:4f:4c:b7:43:ef:d0:8c:
- 65:b3:39:de:7b:95:2b:e4:99:df:2e:d5:9e:b5:77:c6:4d:d4:
- b8:0a:40:86:13:40:7f:53:ad:c6:5a:38:6a:48:1b:5e:da:7e:
- 5a:1b:d4:66:c0:cc:4e:e9:0d:48:4d:7f:f5:f0:9a:c8:17:63:
- 1a:08:80:34:35:ac:ad:b8:5f:26:a1:b7:dc:4f:08:98:3b:36:
- 2b:d1:65:6d:0c:ce:2d:77:94:88:79:a1:34:7a:55:74:7c:a0:
- 04:87:e1:a2:7b:1f:c1:06:f5:ea:61:d1:20:69:ea:cd:be:21:
- b9:41:17:04:a4:3e:8f:bf:dc:da:51:b9:ea:41:77:f3:c0:f6:
- 02:65:c3:d5
------BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIBKjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDE5MTkwNjA3WhcNMDgxMDE4MTkwNjA3WjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBIzCCAR8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYE
-AgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0B
-AQsFAAOCAQEAVnl9rnWFD+Iv+Xf2NHj32k/Sbd+dbg2rBhXZ45kGq39dCewjKzh1
-v/VDHTu5pyepd4m6SEelchRQGzM7vM2bWvsX8zN+FFkknFxTAWiKNNtD5+8crea6
-guLcHOZ+WWRdWImhAcUjELAywWJUl+g7sAxRUhJW6npPTLdD79CMZbM53nuVK+SZ
-3y7VnrV3xk3UuApAhhNAf1Otxlo4akgbXtp+WhvUZsDMTukNSE1/9fCayBdjGgiA
-NDWsrbhfJqG33E8ImDs2K9FlbQzOLXeUiHmhNHpVdHygBIfhonsfwQb16mHRIGnq
-zb4huUEXBKQ+j7/c2lG56kF388D2AmXD1Q==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/2B.pem b/scripts/resource-cert-samples/RIR/2B.pem
deleted file mode 100644
index 7d69f853..00000000
--- a/scripts/resource-cert-samples/RIR/2B.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 43 (0x2b)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:03:51 2007 GMT
- Not After : Oct 28 16:03:51 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 21:d1:04:bf:8b:88:c1:6f:c5:0b:25:0e:54:72:03:59:1f:bc:
- c1:16:e1:9b:0b:5c:fa:1d:3d:39:b7:c1:3a:5c:74:a4:12:f3:
- ae:59:75:f8:82:64:58:24:c5:dd:fb:8b:ae:85:23:e0:6a:3b:
- de:76:ae:b8:55:df:71:42:5e:26:d6:e7:dc:7e:64:47:fa:2b:
- 93:c2:2f:b7:3a:bd:f9:a1:4b:5d:8c:c5:91:51:42:82:9b:49:
- c3:02:3a:a6:b6:c6:f0:3b:df:cb:78:f9:11:87:69:c4:76:dd:
- 00:8d:c1:35:37:f6:09:0b:7b:d9:62:c0:2e:8b:83:70:0f:47:
- c5:22:27:39:91:28:95:65:c3:24:d5:54:a0:22:2a:aa:60:a5:
- ba:4b:72:12:4a:02:ac:15:11:45:cc:70:34:0e:bf:54:f2:fb:
- 5b:d1:15:3d:04:73:66:0c:2b:58:07:5f:c6:1f:49:a5:bc:c1:
- 63:6b:5b:d8:f0:0c:07:41:f6:f3:0b:93:27:53:79:77:c6:1b:
- b1:46:0a:00:d5:55:57:1e:b3:df:1e:40:54:bf:22:b0:92:ff:
- 54:47:ce:26:ba:75:2b:4c:ad:dd:98:af:12:7b:01:66:b3:94:
- bc:39:7f:ba:91:f7:eb:5c:cc:f3:58:4a:7d:7d:0e:fc:4c:3f:
- dc:1e:62:c3
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBKzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYwMzUxWhcNMDgxMDI4MTYwMzUxWjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBCwUAA4IBAQAh0QS/i4jBb8ULJQ5UcgNZH7zBFuGbC1z6HT05
-t8E6XHSkEvOuWXX4gmRYJMXd+4uuhSPgajvedq64Vd9xQl4m1ufcfmRH+iuTwi+3
-Or35oUtdjMWRUUKCm0nDAjqmtsbwO9/LePkRh2nEdt0AjcE1N/YJC3vZYsAui4Nw
-D0fFIic5kSiVZcMk1VSgIiqqYKW6S3ISSgKsFRFFzHA0Dr9U8vtb0RU9BHNmDCtY
-B1/GH0mlvMFja1vY8AwHQfbzC5MnU3l3xhuxRgoA1VVXHrPfHkBUvyKwkv9UR84m
-unUrTK3dmK8SewFms5S8OX+6kffrXMzzWEp9fQ78TD/cHmLD
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/2C.pem b/scripts/resource-cert-samples/RIR/2C.pem
deleted file mode 100644
index b32d729e..00000000
--- a/scripts/resource-cert-samples/RIR/2C.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 44 (0x2c)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:03:51 2007 GMT
- Not After : Oct 28 16:03:51 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 5f:28:81:1a:2c:d6:f6:55:be:cc:d2:3c:a1:fe:6c:86:6f:7d:
- cc:9d:be:96:0d:03:45:27:cd:c4:e7:a5:be:9e:24:59:76:24:
- ef:4b:3e:14:4a:d4:88:29:90:bf:87:38:75:68:d7:3d:c6:b5:
- cc:dd:dc:6c:71:3f:92:de:f0:79:c5:f1:3c:83:d7:f9:bb:22:
- ad:3e:f7:69:df:73:9c:06:9b:cc:47:d9:ef:d4:1f:09:69:38:
- a9:e4:a9:f6:a6:b7:ec:f7:ee:6e:fd:cf:90:31:db:3b:dc:fe:
- 8b:45:dc:34:39:8c:fe:0f:6a:53:b6:7f:25:1d:aa:e3:23:9a:
- 73:73:cc:6f:ad:63:e9:c8:e7:f7:98:68:52:e7:1f:5d:f1:f4:
- f6:ac:4e:9b:f5:c8:22:ab:b2:01:b5:25:b1:39:d9:21:25:5f:
- b6:e0:a2:b0:41:7e:15:30:71:ed:39:f2:0a:f9:84:ef:13:78:
- 9b:91:96:4f:e7:9a:26:a7:5d:f5:7b:36:15:4a:1d:6c:dd:91:
- 85:8d:be:7c:76:59:05:b9:19:41:76:09:e7:29:d9:86:90:53:
- b0:64:8a:3e:7c:43:aa:1f:aa:68:60:19:fd:bf:15:9c:be:a8:
- a6:b8:24:13:76:88:c5:fe:2a:6e:df:4d:67:f4:26:b1:8c:ce:
- b9:ba:fb:d6
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIBLDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYwMzUxWhcNMDgxMDI4MTYwMzUxWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBQjCCAT4wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAh
-BggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/
-BEIwQDASBAIAATAMAwQACgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAK
-AAADEAAgAQ24AAAAAAAAAAAKAwAwDQYJKoZIhvcNAQELBQADggEBAF8ogRos1vZV
-vszSPKH+bIZvfcydvpYNA0UnzcTnpb6eJFl2JO9LPhRK1IgpkL+HOHVo1z3Gtczd
-3GxxP5Le8HnF8TyD1/m7Iq0+92nfc5wGm8xH2e/UHwlpOKnkqfamt+z37m79z5Ax
-2zvc/otF3DQ5jP4PalO2fyUdquMjmnNzzG+tY+nI5/eYaFLnH13x9PasTpv1yCKr
-sgG1JbE52SElX7bgorBBfhUwce058gr5hO8TeJuRlk/nmianXfV7NhVKHWzdkYWN
-vnx2WQW5GUF2Cecp2YaQU7Bkij58Q6ofqmhgGf2/FZy+qKa4JBN2iMX+Km7fTWf0
-JrGMzrm6+9Y=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/2D.pem b/scripts/resource-cert-samples/RIR/2D.pem
deleted file mode 100644
index 61bb37a9..00000000
--- a/scripts/resource-cert-samples/RIR/2D.pem
+++ /dev/null
@@ -1,95 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 45 (0x2d)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:03:51 2007 GMT
- Not After : Oct 28 16:03:51 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 5c:f7:ec:cb:ed:16:f2:e4:e2:cd:ca:e8:3c:ae:2f:9d:16:7e:
- 8b:f1:e7:bf:db:ef:44:85:95:15:ed:d7:8e:99:a5:9d:f5:98:
- 9e:c2:96:c4:c7:78:23:9a:36:fe:aa:9f:d5:fc:dc:b4:cc:b5:
- 25:21:79:cd:74:e9:a8:95:b2:05:c4:4f:a0:37:d1:16:b5:bd:
- 48:de:9b:b1:c1:91:d7:a3:e3:7f:bb:af:ed:59:21:57:1d:ef:
- 20:ed:a2:4d:a9:34:35:0c:05:a4:cb:8a:8a:08:d6:16:53:07:
- 9f:a4:63:29:0e:9d:ed:69:34:3f:6e:35:53:8c:90:11:17:36:
- 75:96:ea:f1:34:fa:d7:73:7c:0c:ab:95:44:d1:a5:e9:85:74:
- 05:f8:5c:f6:70:6c:94:c2:ea:61:e1:6a:94:f4:b8:66:8d:c3:
- c5:0e:f5:47:a2:8a:1e:40:f1:30:97:b0:e1:de:e4:89:95:a3:
- f6:a0:56:64:9f:e6:63:23:24:f5:41:4f:36:01:c2:50:2f:99:
- dc:53:e8:e0:b0:eb:bd:1d:8d:28:3f:ce:b5:0b:68:2b:a2:cf:
- e2:14:53:ae:10:2a:3e:51:00:96:5c:09:b5:41:97:fb:ba:19:
- 94:d4:3e:74:f3:65:9d:bf:0b:77:45:7a:1d:1c:aa:74:f2:ea:
- 53:a6:92:6d
------BEGIN CERTIFICATE-----
-MIID8DCCAtigAwIBAgIBLTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYwMzUxWhcNMDgxMDI4MTYwMzUxWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBPjCCATowDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEE
-AgACMDswJgMRAiABDbgAAAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEA
-IAENuAAAAAAAAAAQAAAARDANBgkqhkiG9w0BAQsFAAOCAQEAXPfsy+0W8uTizcro
-PK4vnRZ+i/Hnv9vvRIWVFe3XjpmlnfWYnsKWxMd4I5o2/qqf1fzctMy1JSF5zXTp
-qJWyBcRPoDfRFrW9SN6bscGR16Pjf7uv7VkhVx3vIO2iTak0NQwFpMuKigjWFlMH
-n6RjKQ6d7Wk0P241U4yQERc2dZbq8TT613N8DKuVRNGl6YV0Bfhc9nBslMLqYeFq
-lPS4Zo3DxQ71R6KKHkDxMJew4d7kiZWj9qBWZJ/mYyMk9UFPNgHCUC+Z3FPo4LDr
-vR2NKD/OtQtoK6LP4hRTrhAqPlEAllwJtUGX+7oZlNQ+dPNlnb8Ld0V6HRyqdPLq
-U6aSbQ==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/2E.pem b/scripts/resource-cert-samples/RIR/2E.pem
deleted file mode 100644
index 272d774d..00000000
--- a/scripts/resource-cert-samples/RIR/2E.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 46 (0x2e)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:03:51 2007 GMT
- Not After : Oct 28 16:03:51 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 51:ad:f6:e5:8b:1c:98:ed:f8:31:15:2c:ec:d5:be:9e:97:0d:
- 4a:f8:ab:6d:dd:35:6c:57:d1:d7:f1:c6:e4:c7:1d:b9:e6:c9:
- 5b:92:21:ec:64:79:9d:83:0f:5d:5e:5c:20:1b:8f:01:d5:a8:
- e3:5f:7e:c3:0c:c2:3c:80:f7:f0:aa:e6:ff:c7:6a:16:7f:e7:
- 94:dc:69:42:1b:dd:36:f0:45:61:f5:cd:1f:a7:6f:20:04:af:
- 1e:6e:84:76:00:e2:6a:8d:02:81:31:a4:5f:3f:41:62:7a:87:
- 21:0b:da:08:6a:d3:90:4b:fe:c3:48:99:92:23:c9:f6:35:0b:
- d8:48:9d:44:8c:e5:26:79:62:7a:78:c6:4b:18:42:65:0b:63:
- a0:63:18:15:e6:8d:1d:93:12:15:eb:c3:93:c8:7d:10:5a:8f:
- 49:c5:a4:53:95:11:5c:db:f5:26:b7:2f:90:bd:6e:76:84:f9:
- 57:90:96:f5:25:75:7f:18:c6:4c:bb:aa:6a:ce:72:6d:0a:a7:
- 59:11:ea:9e:6f:b5:1f:5d:c9:db:f5:56:74:fe:ca:60:62:80:
- b5:b1:6c:e7:24:d6:c4:c1:b0:05:0b:76:31:af:82:07:2d:9a:
- a2:75:4d:18:54:0e:24:29:22:2d:02:ba:bd:51:cd:f0:02:6e:
- 5b:6e:12:f8
------BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIBLjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYwMzUxWhcNMDgxMDI4MTYwMzUxWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBIzCCAR8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYE
-AgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0B
-AQsFAAOCAQEAUa325YscmO34MRUs7NW+npcNSvirbd01bFfR1/HG5McduebJW5Ih
-7GR5nYMPXV5cIBuPAdWo419+wwzCPID38Krm/8dqFn/nlNxpQhvdNvBFYfXNH6dv
-IASvHm6EdgDiao0CgTGkXz9BYnqHIQvaCGrTkEv+w0iZkiPJ9jUL2EidRIzlJnli
-enjGSxhCZQtjoGMYFeaNHZMSFevDk8h9EFqPScWkU5URXNv1JrcvkL1udoT5V5CW
-9SV1fxjGTLuqas5ybQqnWRHqnm+1H13J2/VWdP7KYGKAtbFs5yTWxMGwBQt2Ma+C
-By2aonVNGFQOJCkiLQK6vVHN8AJuW24S+A==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/2F.pem b/scripts/resource-cert-samples/RIR/2F.pem
deleted file mode 100644
index d7154c7c..00000000
--- a/scripts/resource-cert-samples/RIR/2F.pem
+++ /dev/null
@@ -1,100 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 47 (0x2f)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY RIR
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ac:a7:26:c4:98:68:99:b6:f2:e7:c5:97:05:7e:
- f9:d7:f2:ec:39:e6:2b:8e:c2:42:88:b9:8f:22:b6:
- 3c:59:b0:0e:8a:1d:0e:f8:81:b1:c8:ff:4a:8a:1a:
- 43:bc:78:91:3e:af:b2:b0:95:60:a9:3e:9d:c2:ff:
- 99:8f:8f:b6:dc:d8:46:b7:86:35:a6:f6:42:05:c2:
- c5:9b:84:15:e2:58:0f:70:9c:bc:53:d7:28:76:f8:
- f2:14:79:22:bd:d6:8b:6c:0e:2b:02:e5:d8:f3:33:
- fa:16:43:9b:80:87:f9:b2:45:ab:bd:7d:14:b2:24:
- 2f:41:13:6f:45:c4:dc:f9:4d:7f:d8:d3:e1:aa:5c:
- 52:9d:c9:7a:38:b7:b0:43:bd:b7:6a:37:43:ec:e7:
- 34:c4:3b:4c:ca:cc:7b:1f:91:ef:ab:d4:35:76:42:
- 82:d4:f5:79:e0:12:3c:24:92:2e:dc:a2:5c:83:f0:
- 71:8a:26:96:30:d4:b8:96:4d:00:2c:1a:f0:0f:79:
- 52:c7:27:73:54:77:c1:86:f9:86:61:ce:e0:69:a7:
- a8:3d:77:39:e7:24:ee:41:8d:52:19:3b:57:8c:84:
- cc:9a:d5:05:7c:e6:83:2c:e3:13:6d:66:1b:87:20:
- 82:47:e1:05:26:f0:3b:29:69:6d:bc:af:48:91:c4:
- 40:f1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- FB:B8:A7:A3:36:48:0A:A0:9F:F0:2E:DC:8B:68:BC:B3:5C:45:25:D7
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/RIR/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533-64540
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 90:3c:6e:1d:89:9d:00:53:b4:b1:36:ea:2b:cf:21:d5:b2:77:
- 66:be:da:ad:db:92:35:0d:83:55:f5:92:11:73:93:af:1a:ec:
- 1d:7a:1a:84:8f:c0:61:29:f1:51:c7:a6:7c:95:7c:a8:38:40:
- 57:6b:fc:51:38:fd:6b:8a:7a:58:d8:c6:36:a5:0d:9b:7a:b9:
- b4:47:e1:a5:fc:66:b6:51:22:45:50:94:b4:f2:47:f2:a2:29:
- 6a:33:6a:3c:26:44:c5:5a:17:ce:7a:f3:4a:46:0e:f4:fd:36:
- 01:7c:c5:1e:59:bc:3a:e7:36:f3:64:d4:0c:7a:f7:6a:ef:11:
- ae:32:5a:77:62:b3:e4:b3:9e:16:9f:11:28:cb:11:dd:79:ff:
- a5:b8:3e:3f:fd:df:34:92:2f:f4:0e:d2:50:a8:80:a1:17:91:
- 50:c7:d3:af:c5:6e:d8:ca:cd:28:e0:92:28:b3:c4:13:39:9d:
- fc:a1:57:61:22:22:70:57:27:5f:33:72:17:a8:04:89:9d:44:
- 9b:7d:1a:66:10:19:f3:b9:9c:17:48:22:71:c6:a5:e0:ba:00:
- ab:a4:01:bb:c7:2b:8f:0f:25:8a:20:71:21:4f:c0:74:34:14:
- e5:23:3a:70:48:c2:04:9a:93:97:29:f9:39:7b:ac:1a:e4:2b:
- 0d:13:b6:b7
------BEGIN CERTIFICATE-----
-MIIEEDCCAvigAwIBAgIBLzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAaMRgw
-FgYDVQQDEw9URVNUIEVOVElUWSBSSVIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCspybEmGiZtvLnxZcFfvnX8uw55iuOwkKIuY8itjxZsA6KHQ74gbHI
-/0qKGkO8eJE+r7KwlWCpPp3C/5mPj7bc2Ea3hjWm9kIFwsWbhBXiWA9wnLxT1yh2
-+PIUeSK91otsDisC5djzM/oWQ5uAh/myRau9fRSyJC9BE29FxNz5TX/Y0+GqXFKd
-yXo4t7BDvbdqN0Ps5zTEO0zKzHsfke+r1DV2QoLU9XngEjwkki7colyD8HGKJpYw
-1LiWTQAsGvAPeVLHJ3NUd8GG+YZhzuBpp6g9dznnJO5BjVIZO1eMhMya1QV85oMs
-4xNtZhuHIIJH4QUm8DspaW28r0iRxEDxAgMBAAGjggFfMIIBWzAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBT7uKejNkgKoJ/wLtyLaLyzXEUl1zAOBgNVHQ8BAf8E
-BAMCAQYwQAYIKwYBBQUHAQsENDAyMDAGCCsGAQUFBzAFhiRyc3luYzovL3dvbWJh
-dHMtci11cy5oYWN0cm4ubmV0L1JJUi8wJgYIKwYBBQUHAQgBAf8EFzAVoBMwETAK
-AgMA/BUCAwD8HAIDAPwgMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAyBAIAATAsAwQA
-CgAAAwQACgMAMA4DBQDAAAIBAwUBwAACIDAOAwUCwAACLAMFAMAAAmQwZQQCAAIw
-XzAmAxECIAENuAAAAAAAAAAAAAAARAMRACABDbgAAAAAAAAAAAAAAQADEAAgAQ24
-AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAAAAAKAwADEQAgAQ24AAAAAAAAABAAAABE
-MA0GCSqGSIb3DQEBCwUAA4IBAQCQPG4diZ0AU7SxNuorzyHVsndmvtqt25I1DYNV
-9ZIRc5OvGuwdehqEj8BhKfFRx6Z8lXyoOEBXa/xROP1rinpY2MY2pQ2berm0R+Gl
-/Ga2USJFUJS08kfyoilqM2o8JkTFWhfOevNKRg70/TYBfMUeWbw65zbzZNQMevdq
-7xGuMlp3YrPks54WnxEoyxHdef+luD4//d80ki/0DtJQqIChF5FQx9OvxW7Yys0o
-4JIos8QTOZ38oVdhIiJwVydfM3IXqASJnUSbfRpmEBnzuZwXSCJxxqXgugCrpAG7
-xyuPDyWKIHEhT8B0NBTlIzpwSMIEmpOXKfk5e6wa5CsNE7a3
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/30.pem b/scripts/resource-cert-samples/RIR/30.pem
deleted file mode 100644
index c466f22e..00000000
--- a/scripts/resource-cert-samples/RIR/30.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 48 (0x30)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY LIR3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:a3:21:57:61:64:af:11:18:d4:cb:de:a6:dc:ad:
- d9:2c:0f:0f:58:9f:7e:c8:85:55:11:26:4c:7c:f0:
- 6b:68:1a:9e:6a:0c:8f:e6:dc:3d:83:58:2a:cc:77:
- ac:19:73:6f:5a:f3:6e:24:ac:cd:1a:dc:1d:0b:4c:
- 44:f5:6d:8b:0a:17:3d:86:f9:e8:fe:e6:60:e5:9f:
- 40:6a:e5:94:e8:9a:56:17:17:1c:ab:c1:8c:37:40:
- 2b:55:bf:2c:5e:dc:8d:ca:25:7f:8a:5f:ee:fb:16:
- 86:eb:e0:08:d3:26:e5:e3:70:c5:0c:6b:fb:1b:8f:
- 6b:5c:f6:e2:4a:58:a5:35:01:ea:05:1b:3e:ce:84:
- be:b5:3f:6d:18:16:4b:68:e5:79:4c:88:7d:b6:a5:
- 65:a3:3a:c2:32:dc:ad:8f:8a:05:ee:f6:e9:7a:80:
- da:12:a9:0f:5a:b5:d2:d3:31:ac:3e:d3:19:25:2d:
- 28:de:79:6c:ce:fd:77:66:d5:e3:2f:a9:cb:f9:85:
- 8c:20:bb:a2:86:23:f0:93:95:20:04:78:c7:c7:07:
- a6:fe:f0:f4:45:bb:cf:78:2b:dd:ce:9c:08:a5:46:
- 68:10:4c:d7:05:62:6c:86:5a:2d:7f:06:38:c2:4d:
- bb:44:87:00:43:79:d2:8f:f3:6b:b2:f4:5c:1c:b9:
- 68:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 98:BE:04:FF:80:D1:AB:95:39:AA:3D:F2:0E:67:7D:00:AD:A3:FD:C5
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR3/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64534-64540
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 10.0.0.0/24
- 10.3.0.0/24
- IPv6:
- 2001:db8:0:0:0:0:a00::/120
- 2001:db8:0:0:0:0:a03::/120
-
- Signature Algorithm: sha256WithRSAEncryption
- 18:25:58:2e:ac:98:93:f2:ce:b9:cf:fe:31:1d:4e:a4:64:bc:
- f6:59:19:88:af:01:cb:72:68:04:4a:41:5f:d6:dc:86:f6:c3:
- a3:83:06:ba:96:4c:fd:eb:26:a5:5d:64:07:08:fa:87:94:df:
- 00:b2:44:2e:dd:23:f6:cb:6b:80:b4:65:3d:61:e1:4c:3f:de:
- db:a1:90:0f:da:0d:f1:cc:7c:72:1d:0e:07:50:87:3b:76:4b:
- 17:06:67:b8:a4:65:4e:94:7c:1e:e0:3f:99:3f:90:8e:9a:c5:
- 42:6f:35:bb:78:48:6b:0f:83:59:b9:57:70:94:dc:ad:d9:c4:
- c0:bb:72:9c:c4:0d:e9:d8:69:7b:f1:dc:72:52:95:38:3c:6c:
- c0:ed:e9:19:f3:48:9c:e5:60:d9:46:55:66:ab:b2:fb:bd:cd:
- f0:c3:43:eb:48:1a:86:1f:71:6a:b6:11:65:e2:88:43:ab:4e:
- 69:a3:a7:ba:5c:09:f6:30:c5:93:f3:6a:72:be:9a:cf:5f:ba:
- ea:3a:76:4f:43:03:13:12:4f:a6:ca:ed:c5:09:2f:2d:be:4a:
- 02:50:05:7d:f5:2c:61:af:1b:79:31:ad:b1:3b:4c:61:b0:99:
- 9f:95:19:ab:71:5f:b0:df:0f:9b:bf:38:42:a6:38:b3:a8:e8:
- 2c:c1:68:13
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIBMDANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
-g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
-N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
-tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
-zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
-hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBQjCCAT4wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAh
-BggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/
-BEIwQDASBAIAATAMAwQACgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAK
-AAADEAAgAQ24AAAAAAAAAAAKAwAwDQYJKoZIhvcNAQELBQADggEBABglWC6smJPy
-zrnP/jEdTqRkvPZZGYivActyaARKQV/W3Ib2w6ODBrqWTP3rJqVdZAcI+oeU3wCy
-RC7dI/bLa4C0ZT1h4Uw/3tuhkA/aDfHMfHIdDgdQhzt2SxcGZ7ikZU6UfB7gP5k/
-kI6axUJvNbt4SGsPg1m5V3CU3K3ZxMC7cpzEDenYaXvx3HJSlTg8bMDt6RnzSJzl
-YNlGVWarsvu9zfDDQ+tIGoYfcWq2EWXiiEOrTmmjp7pcCfYwxZPzanK+ms9fuuo6
-dk9DAxMST6bK7cUJLy2+SgJQBX31LGGvG3kxrbE7TGGwmZ+VGatxX7DfD5u/OEKm
-OLOo6CzBaBM=
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/31.pem b/scripts/resource-cert-samples/RIR/31.pem
deleted file mode 100644
index dcc97dd1..00000000
--- a/scripts/resource-cert-samples/RIR/31.pem
+++ /dev/null
@@ -1,95 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 49 (0x31)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY LIR2
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:f1:18:b6:79:0b:35:c5:83:64:48:83:31:03:9e:
- e7:72:28:65:b1:ac:61:e1:77:2e:c0:4d:f0:b1:1c:
- 61:d8:cc:5a:2d:c7:0b:9b:78:7a:3e:fd:37:ad:fa:
- b0:73:0b:9c:fc:bb:6f:60:ea:38:ef:ae:d1:27:b8:
- 81:59:0f:b3:e7:d0:67:b2:a2:f5:4f:e2:04:c6:cc:
- 13:9f:33:28:35:96:7a:db:ce:ac:9d:d3:64:3d:b8:
- 44:bc:cb:43:22:92:d6:3c:2e:bf:97:6e:39:6a:6e:
- 68:93:5d:1c:a8:58:b7:a3:7a:26:44:fe:fe:30:ad:
- e2:05:89:4c:c9:ef:2c:e0:4e:31:69:3f:dd:91:1c:
- f0:b0:25:4c:3e:84:8a:ea:5e:03:b3:a8:cd:90:1a:
- 1e:c8:e0:af:fe:11:ed:21:06:bd:3c:5e:08:a1:93:
- e2:41:43:43:38:d3:21:b3:4c:fa:85:8b:43:57:60:
- 5d:bb:a0:78:e5:33:47:a8:33:76:be:df:6e:63:61:
- e3:31:8b:5d:8e:0c:c7:f5:c8:91:0c:be:57:c7:f2:
- bc:be:0b:ba:7a:1f:f6:19:f1:eb:00:74:c1:12:c2:
- dc:2b:2e:8d:f0:0a:ff:7f:e8:60:08:90:ba:51:fc:
- d0:90:11:37:f3:9e:44:b6:64:43:69:5d:61:d3:e1:
- 8d:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 03:7A:DF:0C:DF:DC:93:3D:F7:A5:CC:27:7B:DC:22:F6:E9:55:97:F0
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR2/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64544
-
- sbgp-ipAddrBlock: critical
- IPv6:
- 2001:db8:0:0:0:0:0:44-2001:db8:0:0:0:0:0:100
- 2001:db8:0:0:0:10:0:44/128
-
- Signature Algorithm: sha256WithRSAEncryption
- 02:2b:a6:e7:ef:15:1e:a6:bf:dc:1f:4e:c5:5d:41:de:c2:82:
- 03:1b:94:25:3e:35:3f:ed:ac:cc:25:49:cb:f2:a3:91:cb:33:
- 72:3a:ef:f8:93:24:42:f9:3e:13:5d:50:07:6c:00:40:60:80:
- 06:22:db:07:43:d2:58:17:37:bd:22:89:d2:8d:9f:a0:e3:7e:
- 10:cd:e7:98:3d:4e:fa:5a:8b:05:23:b1:c6:88:9c:41:72:a9:
- b7:7c:b8:a2:37:9f:76:6f:98:23:e2:90:02:75:dc:94:ae:3f:
- 72:1d:51:53:f3:dc:ec:a1:00:28:6e:13:5f:66:4f:6e:4a:61:
- c1:0e:4e:b9:db:4e:11:bc:d9:57:fd:07:05:6e:05:5d:7a:52:
- ae:7f:d5:50:cf:e3:6b:ff:87:03:9f:6c:b2:aa:f4:28:c3:75:
- 6d:09:bf:31:da:cb:40:fa:8f:ed:15:32:59:a7:9e:5b:8b:0d:
- b2:4b:f1:1d:fd:37:ac:dc:6b:56:b5:64:1b:ce:56:12:41:e0:
- d6:ff:7e:f4:84:f5:27:42:a2:2c:c5:b7:47:14:e1:f9:84:80:
- a9:6e:cf:5f:64:40:ac:36:6e:03:f2:db:ae:e2:bf:ba:d4:98:
- 99:35:21:6f:5d:d9:db:f1:a9:1b:dc:13:11:aa:86:e7:a8:bc:
- aa:ee:dd:ce
------BEGIN CERTIFICATE-----
-MIID8DCCAtigAwIBAgIBMTANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA8Ri2eQs1xYNkSIMxA57ncihlsaxh4XcuwE3wsRxh2MxaLccLm3h6
-Pv03rfqwcwuc/LtvYOo4767RJ7iBWQ+z59BnsqL1T+IExswTnzMoNZZ6286sndNk
-PbhEvMtDIpLWPC6/l245am5ok10cqFi3o3omRP7+MK3iBYlMye8s4E4xaT/dkRzw
-sCVMPoSK6l4Ds6jNkBoeyOCv/hHtIQa9PF4IoZPiQUNDONMhs0z6hYtDV2Bdu6B4
-5TNHqDN2vt9uY2HjMYtdjgzH9ciRDL5Xx/K8vgu6eh/2GfHrAHTBEsLcKy6N8Ar/
-f+hgCJC6UfzQkBE3855EtmRDaV1h0+GNdwIDAQABo4IBPjCCATowDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUA3rfDN/ckz33pcwne9wi9ulVl/AwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIyLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/CAwVAYIKwYBBQUHAQcBAf8ERTBDMEEE
-AgACMDswJgMRAiABDbgAAAAAAAAAAAAAAEQDEQAgAQ24AAAAAAAAAAAAAAEAAxEA
-IAENuAAAAAAAAAAQAAAARDANBgkqhkiG9w0BAQsFAAOCAQEAAium5+8VHqa/3B9O
-xV1B3sKCAxuUJT41P+2szCVJy/Kjkcszcjrv+JMkQvk+E11QB2wAQGCABiLbB0PS
-WBc3vSKJ0o2foON+EM3nmD1O+lqLBSOxxoicQXKpt3y4ojefdm+YI+KQAnXclK4/
-ch1RU/Pc7KEAKG4TX2ZPbkphwQ5OudtOEbzZV/0HBW4FXXpSrn/VUM/ja/+HA59s
-sqr0KMN1bQm/MdrLQPqP7RUyWaeeW4sNskvxHf03rNxrVrVkG85WEkHg1v9+9IT1
-J0KiLMW3RxTh+YSAqW7PX2RArDZuA/LbruK/utSYmTUhb13Z2/GpG9wTEaqG56i8
-qu7dzg==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/32.pem b/scripts/resource-cert-samples/RIR/32.pem
deleted file mode 100644
index 348c6275..00000000
--- a/scripts/resource-cert-samples/RIR/32.pem
+++ /dev/null
@@ -1,94 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 50 (0x32)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=TEST ENTITY RIR
- Validity
- Not Before: Oct 29 16:32:33 2007 GMT
- Not After : Oct 28 16:32:33 2008 GMT
- Subject: CN=TEST ENTITY LIR1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:af:5d:1c:f9:d9:bb:d5:01:e1:5b:36:cc:51:f6:
- fd:86:57:60:aa:9e:c7:ec:4e:05:af:fb:51:5c:7a:
- c2:58:c4:a8:57:ae:14:62:e9:bc:b6:72:7d:cf:49:
- c8:4a:40:82:4a:f4:3e:30:b5:94:25:9e:6c:78:81:
- 57:43:d6:85:02:8d:d1:9c:b5:d7:34:2f:e2:a9:7d:
- 18:27:b5:47:9a:42:16:c8:90:7f:96:2c:dd:b8:98:
- 17:1f:77:62:4a:08:00:2d:e0:73:0c:39:37:ba:0f:
- a7:59:59:4c:7c:cd:e2:5c:d7:98:36:10:6c:88:3e:
- 45:99:a6:88:2f:f6:7f:31:49:ba:42:2b:13:79:c2:
- b2:f1:09:d9:ad:37:a4:41:b6:6d:46:a1:18:05:a0:
- 53:07:8e:e0:98:b2:d1:fd:67:68:77:64:d5:f3:fe:
- 1d:22:36:9e:26:5a:1a:aa:18:94:c3:2c:7e:9a:af:
- be:2c:9d:5e:75:2c:49:d6:37:2b:06:1f:cc:63:97:
- 7e:ee:2c:5f:67:af:4d:62:3e:7a:1f:0c:e1:1e:02:
- f2:d2:06:75:ae:3f:11:bc:8e:0f:13:64:38:14:36:
- 1d:5d:02:ec:af:65:d5:b9:68:f4:22:66:2b:ef:47:
- 5b:ad:3b:f2:af:b6:71:0c:94:56:8a:7c:01:36:f0:
- 3a:3f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 8A:94:17:F9:53:F2:5B:94:54:56:DF:76:51:13:29:F6:71:19:A8:B3
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombats-r-us.hactrn.net/LIR1/
-
- Authority Information Access:
- CA Issuers - URI:rsync://wombats-r-us.hactrn.net/RIR.cer
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 64533
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 192.0.2.1-192.0.2.33
- 192.0.2.44-192.0.2.100
-
- Signature Algorithm: sha256WithRSAEncryption
- 71:ca:3c:b4:39:4f:ec:c2:ba:bd:c4:e5:9d:b8:9e:12:5a:0d:
- af:f6:e0:f5:65:0c:54:ac:5c:17:d2:29:92:a4:84:ea:47:09:
- 53:75:52:7c:af:67:11:7b:fb:35:14:77:9e:8e:34:a9:39:5a:
- 87:65:7f:5e:e7:81:80:82:4b:b2:e4:07:c3:7d:1e:bf:0a:31:
- ff:43:9c:66:31:b0:19:0a:ea:52:14:67:62:f6:91:15:5c:d4:
- da:f7:bb:87:1c:9d:31:4c:0d:8c:f6:c9:1c:44:68:21:09:49:
- a9:d7:cc:7f:54:c2:cd:44:09:98:e9:7c:73:a3:9d:36:38:e8:
- e2:bd:16:19:94:fd:97:ff:91:ca:62:22:1a:ff:f7:2c:a0:b9:
- 79:a4:07:84:37:bb:50:8b:6a:6b:25:9a:8e:3c:fb:4f:09:2b:
- e1:75:c4:d4:2e:73:a2:cd:ce:f5:83:3c:a5:ca:33:f6:c8:39:
- f8:dd:78:3f:61:05:7a:ae:09:3c:d4:bc:b1:4e:0d:4d:83:f8:
- 77:6c:a0:ea:6d:e6:5d:df:c4:e4:e0:7f:0f:9c:da:d0:f1:3b:
- 37:05:e4:77:1f:54:7b:d0:57:6d:55:dd:ba:41:ba:4b:90:df:
- 54:8e:a3:cd:0c:a8:ae:c9:09:e8:02:a6:23:e3:f9:62:f8:0e:
- 39:f7:87:f9
------BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIBMjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9URVNU
-IEVOVElUWSBSSVIwHhcNMDcxMDI5MTYzMjMzWhcNMDgxMDI4MTYzMjMzWjAbMRkw
-FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
-tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
-uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
-8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
-dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
-uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBIzCCAR8wDwYDVR0TAQH/
-BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwDgYDVR0PAQH/
-BAQDAgEGMEEGCCsGAQUFBwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21i
-YXRzLXItdXMuaGFjdHJuLm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYB
-BQUHMAKGJ3JzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAa
-BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYE
-AgABMCAwDgMFAMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0B
-AQsFAAOCAQEAcco8tDlP7MK6vcTlnbieEloNr/bg9WUMVKxcF9IpkqSE6kcJU3VS
-fK9nEXv7NRR3no40qTlah2V/XueBgIJLsuQHw30evwox/0OcZjGwGQrqUhRnYvaR
-FVzU2ve7hxydMUwNjPbJHERoIQlJqdfMf1TCzUQJmOl8c6OdNjjo4r0WGZT9l/+R
-ymIiGv/3LKC5eaQHhDe7UItqayWajjz7Twkr4XXE1C5zos3O9YM8pcoz9sg5+N14
-P2EFeq4JPNS8sU4NTYP4d2yg6m3mXd/E5OB/D5za0PE7NwXkdx9Ue9BXbVXdukG6
-S5DfVI6jzQyorskJ6AKmI+P5YvgOOfeH+Q==
------END CERTIFICATE-----
diff --git a/scripts/resource-cert-samples/RIR/index b/scripts/resource-cert-samples/RIR/index
deleted file mode 100644
index 66733b3b..00000000
--- a/scripts/resource-cert-samples/RIR/index
+++ /dev/null
@@ -1,50 +0,0 @@
-V 080731054523Z 01 unknown /CN=TEST ENTITY RIR
-V 080731054524Z 02 unknown /CN=TEST ENTITY LIR2
-V 080731054525Z 03 unknown /CN=TEST ENTITY LIR1
-V 080731140529Z 04 unknown /CN=TEST ENTITY RIR
-V 080731140529Z 05 unknown /CN=TEST ENTITY LIR2
-V 080731140529Z 06 unknown /CN=TEST ENTITY LIR1
-V 080731140829Z 07 unknown /CN=TEST ENTITY RIR
-V 080731140829Z 08 unknown /CN=TEST ENTITY LIR2
-V 080731140829Z 09 unknown /CN=TEST ENTITY LIR1
-V 080731140934Z 0A unknown /CN=TEST ENTITY RIR
-V 080731140934Z 0B unknown /CN=TEST ENTITY LIR2
-V 080731140934Z 0C unknown /CN=TEST ENTITY LIR1
-V 080731144816Z 0D unknown /CN=TEST ENTITY RIR
-V 080731144818Z 0E unknown /CN=TEST ENTITY LIR3
-V 080731144818Z 0F unknown /CN=TEST ENTITY LIR2
-V 080731144818Z 10 unknown /CN=TEST ENTITY LIR1
-V 080808233059Z 11 unknown /CN=TEST ENTITY RIR
-V 080808233548Z 12 unknown /CN=TEST ENTITY RIR
-V 080809005817Z 13 unknown /CN=TEST ENTITY RIR
-V 080809005817Z 14 unknown /CN=TEST ENTITY LIR3
-V 080809005817Z 15 unknown /CN=TEST ENTITY LIR2
-V 080809005817Z 16 unknown /CN=TEST ENTITY LIR1
-V 080809010231Z 17 unknown /CN=TEST ENTITY RIR
-V 080809010231Z 18 unknown /CN=TEST ENTITY LIR3
-V 080809010231Z 19 unknown /CN=TEST ENTITY LIR2
-V 080809010231Z 1A unknown /CN=TEST ENTITY LIR1
-V 080809010708Z 1B unknown /CN=TEST ENTITY RIR
-V 080809010708Z 1C unknown /CN=TEST ENTITY LIR3
-V 080809010708Z 1D unknown /CN=TEST ENTITY LIR2
-V 080809010708Z 1E unknown /CN=TEST ENTITY LIR1
-V 080809011339Z 1F unknown /CN=TEST ENTITY RIR
-V 080809011339Z 20 unknown /CN=TEST ENTITY LIR3
-V 080809011339Z 21 unknown /CN=TEST ENTITY LIR2
-V 080809011339Z 22 unknown /CN=TEST ENTITY LIR1
-V 080809011509Z 23 unknown /CN=TEST ENTITY RIR
-V 080809011510Z 24 unknown /CN=TEST ENTITY LIR3
-V 080809011510Z 25 unknown /CN=TEST ENTITY LIR2
-V 080809011510Z 26 unknown /CN=TEST ENTITY LIR1
-V 081018190607Z 27 unknown /CN=TEST ENTITY RIR
-V 081018190607Z 28 unknown /CN=TEST ENTITY LIR3
-V 081018190607Z 29 unknown /CN=TEST ENTITY LIR2
-V 081018190607Z 2A unknown /CN=TEST ENTITY LIR1
-V 081028160351Z 2B unknown /CN=TEST ENTITY RIR
-V 081028160351Z 2C unknown /CN=TEST ENTITY LIR3
-V 081028160351Z 2D unknown /CN=TEST ENTITY LIR2
-V 081028160351Z 2E unknown /CN=TEST ENTITY LIR1
-V 081028163233Z 2F unknown /CN=TEST ENTITY RIR
-V 081028163233Z 30 unknown /CN=TEST ENTITY LIR3
-V 081028163233Z 31 unknown /CN=TEST ENTITY LIR2
-V 081028163233Z 32 unknown /CN=TEST ENTITY LIR1
diff --git a/scripts/resource-cert-samples/RIR/index.attr b/scripts/resource-cert-samples/RIR/index.attr
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/RIR/index.attr
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/RIR/index.attr.old b/scripts/resource-cert-samples/RIR/index.attr.old
deleted file mode 100644
index 3a7e39e6..00000000
--- a/scripts/resource-cert-samples/RIR/index.attr.old
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/scripts/resource-cert-samples/RIR/index.old b/scripts/resource-cert-samples/RIR/index.old
deleted file mode 100644
index e5d3f927..00000000
--- a/scripts/resource-cert-samples/RIR/index.old
+++ /dev/null
@@ -1,49 +0,0 @@
-V 080731054523Z 01 unknown /CN=TEST ENTITY RIR
-V 080731054524Z 02 unknown /CN=TEST ENTITY LIR2
-V 080731054525Z 03 unknown /CN=TEST ENTITY LIR1
-V 080731140529Z 04 unknown /CN=TEST ENTITY RIR
-V 080731140529Z 05 unknown /CN=TEST ENTITY LIR2
-V 080731140529Z 06 unknown /CN=TEST ENTITY LIR1
-V 080731140829Z 07 unknown /CN=TEST ENTITY RIR
-V 080731140829Z 08 unknown /CN=TEST ENTITY LIR2
-V 080731140829Z 09 unknown /CN=TEST ENTITY LIR1
-V 080731140934Z 0A unknown /CN=TEST ENTITY RIR
-V 080731140934Z 0B unknown /CN=TEST ENTITY LIR2
-V 080731140934Z 0C unknown /CN=TEST ENTITY LIR1
-V 080731144816Z 0D unknown /CN=TEST ENTITY RIR
-V 080731144818Z 0E unknown /CN=TEST ENTITY LIR3
-V 080731144818Z 0F unknown /CN=TEST ENTITY LIR2
-V 080731144818Z 10 unknown /CN=TEST ENTITY LIR1
-V 080808233059Z 11 unknown /CN=TEST ENTITY RIR
-V 080808233548Z 12 unknown /CN=TEST ENTITY RIR
-V 080809005817Z 13 unknown /CN=TEST ENTITY RIR
-V 080809005817Z 14 unknown /CN=TEST ENTITY LIR3
-V 080809005817Z 15 unknown /CN=TEST ENTITY LIR2
-V 080809005817Z 16 unknown /CN=TEST ENTITY LIR1
-V 080809010231Z 17 unknown /CN=TEST ENTITY RIR
-V 080809010231Z 18 unknown /CN=TEST ENTITY LIR3
-V 080809010231Z 19 unknown /CN=TEST ENTITY LIR2
-V 080809010231Z 1A unknown /CN=TEST ENTITY LIR1
-V 080809010708Z 1B unknown /CN=TEST ENTITY RIR
-V 080809010708Z 1C unknown /CN=TEST ENTITY LIR3
-V 080809010708Z 1D unknown /CN=TEST ENTITY LIR2
-V 080809010708Z 1E unknown /CN=TEST ENTITY LIR1
-V 080809011339Z 1F unknown /CN=TEST ENTITY RIR
-V 080809011339Z 20 unknown /CN=TEST ENTITY LIR3
-V 080809011339Z 21 unknown /CN=TEST ENTITY LIR2
-V 080809011339Z 22 unknown /CN=TEST ENTITY LIR1
-V 080809011509Z 23 unknown /CN=TEST ENTITY RIR
-V 080809011510Z 24 unknown /CN=TEST ENTITY LIR3
-V 080809011510Z 25 unknown /CN=TEST ENTITY LIR2
-V 080809011510Z 26 unknown /CN=TEST ENTITY LIR1
-V 081018190607Z 27 unknown /CN=TEST ENTITY RIR
-V 081018190607Z 28 unknown /CN=TEST ENTITY LIR3
-V 081018190607Z 29 unknown /CN=TEST ENTITY LIR2
-V 081018190607Z 2A unknown /CN=TEST ENTITY LIR1
-V 081028160351Z 2B unknown /CN=TEST ENTITY RIR
-V 081028160351Z 2C unknown /CN=TEST ENTITY LIR3
-V 081028160351Z 2D unknown /CN=TEST ENTITY LIR2
-V 081028160351Z 2E unknown /CN=TEST ENTITY LIR1
-V 081028163233Z 2F unknown /CN=TEST ENTITY RIR
-V 081028163233Z 30 unknown /CN=TEST ENTITY LIR3
-V 081028163233Z 31 unknown /CN=TEST ENTITY LIR2
diff --git a/scripts/resource-cert-samples/RIR/serial b/scripts/resource-cert-samples/RIR/serial
deleted file mode 100644
index bb95160c..00000000
--- a/scripts/resource-cert-samples/RIR/serial
+++ /dev/null
@@ -1 +0,0 @@
-33
diff --git a/scripts/resource-cert-samples/RIR/serial.old b/scripts/resource-cert-samples/RIR/serial.old
deleted file mode 100644
index f5c89552..00000000
--- a/scripts/resource-cert-samples/RIR/serial.old
+++ /dev/null
@@ -1 +0,0 @@
-32
diff --git a/scripts/rootd.cer b/scripts/rootd.cer
deleted file mode 100644
index 205fee80..00000000
--- a/scripts/rootd.cer
+++ /dev/null
@@ -1,93 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- a7:85:aa:b9:ac:55:06:68
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=Completely Bogus Test Root (NOT FOR PRODUCTION USE)
- Validity
- Not Before: Nov 7 01:24:37 2007 GMT
- Not After : Dec 7 01:24:37 2007 GMT
- Subject: CN=Completely Bogus Test Root (NOT FOR PRODUCTION USE)
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b1:b5:66:85:a4:cc:91:81:15:0c:de:bf:dc:fe:
- 53:bd:34:20:ed:b0:3b:be:25:8c:1e:ab:da:07:20:
- cd:c3:c0:22:22:1a:0e:dc:38:c8:3a:c2:35:23:9a:
- 1f:91:32:ea:29:53:fc:be:4a:ce:f1:c2:23:44:16:
- 0d:cc:9c:c5:02:b7:06:53:46:b1:20:60:c2:73:3c:
- f8:c2:61:15:c5:c8:65:b9:cd:5d:56:ef:03:e9:44:
- 80:27:f1:f8:d5:28:d6:f1:be:6b:51:d8:5e:24:26:
- 8e:5e:29:2d:3d:6b:ac:1c:ce:d9:d1:51:00:22:2c:
- fb:64:a4:c4:4d:0c:ce:45:10:a0:d6:a1:b5:ac:fa:
- 4f:1d:41:78:f8:6c:87:8b:e4:52:0c:25:66:6b:75:
- 42:1e:10:a6:fe:e6:17:2f:ad:07:f7:bc:a8:f3:57:
- c9:1c:b4:95:e7:f1:19:2d:ab:a6:ef:6d:b2:dd:6e:
- fe:c2:bb:1a:1c:d5:dd:21:e9:d7:92:27:0b:bb:df:
- f0:3b:6e:ad:f1:21:55:d1:6e:e2:cc:0b:05:0f:25:
- 5a:4a:5b:d2:9b:74:f0:2f:fc:c3:45:37:68:ac:6a:
- d5:3b:f6:09:dd:41:fd:f7:48:47:f9:ab:93:2b:79:
- 8f:47:ae:d9:34:69:42:f8:60:46:a0:52:d7:b2:a3:
- 17:55
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- BC:C8:FF:91:73:B7:5F:60:75:A9:CC:2A:5C:DC:CE:AC:83:A0:04:F1
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Subject Information Access:
- 1.3.6.1.5.5.7.48.5 - URI:rsync://wombat.invalid/
-
- sbgp-autonomousSysNum: critical
- Autonomous System Numbers:
- 1-65535
-
- sbgp-ipAddrBlock: critical
- IPv4:
- 0.0.0.0/0
- IPv6:
- :/0
-
- Signature Algorithm: sha256WithRSAEncryption
- 9b:05:00:c1:1c:2a:4e:5f:52:1e:2a:2b:c5:46:2e:e9:a4:2f:
- 4c:a8:4a:67:08:56:e9:62:70:7c:0b:48:c2:13:46:89:7b:31:
- ba:60:ad:0d:62:0d:fe:df:05:f6:2f:ab:73:ae:4a:1a:b0:7a:
- 77:7a:11:66:a2:09:6c:99:b6:bc:b2:a6:f5:06:e4:8e:d7:4d:
- 09:a4:0f:35:11:51:1d:22:42:4e:1a:93:a8:fd:dc:b0:d5:d6:
- 16:cf:30:a8:c4:fa:21:47:c0:97:ed:26:71:e7:a0:05:d2:8d:
- 68:f0:b9:cb:48:00:da:d4:c2:18:94:b3:fa:22:f8:57:d1:76:
- b4:7f:b9:b3:95:21:07:1a:56:71:3d:51:6e:2e:cd:93:ff:48:
- a0:7c:4a:eb:c3:e0:0a:30:19:4e:b4:8d:d0:33:b8:3b:e8:43:
- dd:c0:76:76:b8:ff:07:ad:10:67:7f:09:d4:54:86:3d:61:87:
- c4:56:c4:be:f5:4a:9e:5a:aa:35:a3:10:33:ae:86:e6:10:3b:
- 2a:6b:d7:3d:cb:3e:c8:94:d8:d3:c0:9a:f6:ae:14:f7:1c:f4:
- 13:2f:14:45:bb:12:55:00:84:1c:e7:24:f0:f2:a8:42:c0:59:
- 9c:bb:25:ed:f5:fa:46:6f:43:89:2e:e6:ad:75:c1:ff:df:52:
- 25:85:c3:37
------BEGIN CERTIFICATE-----
-MIIDwjCCAqqgAwIBAgIJAKeFqrmsVQZoMA0GCSqGSIb3DQEBCwUAMD4xPDA6BgNV
-BAMTM0NvbXBsZXRlbHkgQm9ndXMgVGVzdCBSb290IChOT1QgRk9SIFBST0RVQ1RJ
-T04gVVNFKTAeFw0wNzExMDcwMTI0MzdaFw0wNzEyMDcwMTI0MzdaMD4xPDA6BgNV
-BAMTM0NvbXBsZXRlbHkgQm9ndXMgVGVzdCBSb290IChOT1QgRk9SIFBST0RVQ1RJ
-T04gVVNFKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALG1ZoWkzJGB
-FQzev9z+U700IO2wO74ljB6r2gcgzcPAIiIaDtw4yDrCNSOaH5Ey6ilT/L5KzvHC
-I0QWDcycxQK3BlNGsSBgwnM8+MJhFcXIZbnNXVbvA+lEgCfx+NUo1vG+a1HYXiQm
-jl4pLT1rrBzO2dFRACIs+2SkxE0MzkUQoNahtaz6Tx1BePhsh4vkUgwlZmt1Qh4Q
-pv7mFy+tB/e8qPNXyRy0lefxGS2rpu9tst1u/sK7GhzV3SHp15InC7vf8DturfEh
-VdFu4swLBQ8lWkpb0pt08C/8w0U3aKxq1Tv2Cd1B/fdIR/mrkyt5j0eu2TRpQvhg
-RqBS17KjF1UCAwEAAaOBwjCBvzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS8
-yP+Rc7dfYHWpzCpc3M6sg6AE8TAOBgNVHQ8BAf8EBAMCAQYwMwYIKwYBBQUHAQsE
-JzAlMCMGCCsGAQUFBzAFhhdyc3luYzovL3dvbWJhdC5pbnZhbGlkLzAfBggrBgEF
-BQcBCAEB/wQQMA6gDDAKMAgCAQECAwD//zAnBggrBgEFBQcBBwEB/wQYMBYwCQQC
-AAEwAwMBADAJBAIAAjADAwEAMA0GCSqGSIb3DQEBCwUAA4IBAQCbBQDBHCpOX1Ie
-KivFRi7ppC9MqEpnCFbpYnB8C0jCE0aJezG6YK0NYg3+3wX2L6tzrkoasHp3ehFm
-oglsmba8sqb1BuSO100JpA81EVEdIkJOGpOo/dyw1dYWzzCoxPohR8CX7SZx56AF
-0o1o8LnLSADa1MIYlLP6IvhX0Xa0f7mzlSEHGlZxPVFuLs2T/0igfErrw+AKMBlO
-tI3QM7g76EPdwHZ2uP8HrRBnfwnUVIY9YYfEVsS+9UqeWqo1oxAzrobmEDsqa9c9
-yz7IlNjTwJr2rhT3HPQTLxRFuxJVAIQc5yTw8qhCwFmcuyXt9fpGb0OJLuatdcH/
-31IlhcM3
------END CERTIFICATE-----
diff --git a/scripts/rootd.cnf b/scripts/rootd.cnf
deleted file mode 100644
index 1e400c04..00000000
--- a/scripts/rootd.cnf
+++ /dev/null
@@ -1,30 +0,0 @@
-# $Id$
-#
-# Generate test root resource certificate for use with rootd.py server.
-
-[ req ]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[ req_dn ]
-CN = Completely Bogus Test Root (NOT FOR PRODUCTION USE)
-
-[ req_x509_ext ]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombat.invalid/
-sbgp-autonomousSysNum = critical,@req_asid_ext
-sbgp-ipAddrBlock = critical,@req_addr_ext
-
-[ req_asid_ext ]
-
-AS.0 = 1-65535
-
-[ req_addr_ext ]
-
-IPv4.0 = 0.0.0.0/0
-IPv6.0 = 0::/0
diff --git a/scripts/rootd.key b/scripts/rootd.key
deleted file mode 100644
index d97fc64d..00000000
--- a/scripts/rootd.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAsbVmhaTMkYEVDN6/3P5TvTQg7bA7viWMHqvaByDNw8AiIhoO
-3DjIOsI1I5ofkTLqKVP8vkrO8cIjRBYNzJzFArcGU0axIGDCczz4wmEVxchluc1d
-Vu8D6USAJ/H41SjW8b5rUdheJCaOXiktPWusHM7Z0VEAIiz7ZKTETQzORRCg1qG1
-rPpPHUF4+GyHi+RSDCVma3VCHhCm/uYXL60H97yo81fJHLSV5/EZLaum722y3W7+
-wrsaHNXdIenXkicLu9/wO26t8SFV0W7izAsFDyVaSlvSm3TwL/zDRTdorGrVO/YJ
-3UH990hH+auTK3mPR67ZNGlC+GBGoFLXsqMXVQIDAQABAoIBAG5CxlzPltoFBGGa
-5+Kfrqdra67utPLS6zCwojPgB6uYT9Vm46eCV8IVc9EmNMXrmFySLvSHCAX61dTN
-9jvpXVfE5djPuOEFCEFmKFa61D6Gi4+QO4TQAlY+2WFvglwH3e3an04F+MtnXNhR
-pi9A2mZ5da6pGnMaA9U7Yk0IUAeLMva/WfsMtY3+HvTyjNfYtULAOw82nuC4wddc
-SYAOlFL9dw/QJ1bICddVoV0HfyiSJgGWQZbVGFacTeh8w6ir47sXxTOvWiCiUWYn
-gDuhknDI7yXAFIUZYSiJKlJfrSLrbfPEg3l8xNvwZR0FCVZLdrmldhVNSyLg2II8
-IALn92ECgYEA6RcuOx29gjdz9uwFxlkEMYpVKLGOEBABGeSCo8dyFmbBKY1iw22e
-OzSDzVAQoaPk6Fqgbs0XNsrpDpkqoejnrXeqgK6BlyikcE4qelnWXWEvDQy+1tXs
-nJsS9jHGVEr0e+aUGhJAJn9pO3TbDtQnswwbxmLkvSGy35SnNMSAfFkCgYEAwyy/
-dNP02y8zEdpt+8CHysOEnnS/VlJvDXoYGVu6AZ3dWPLwxymJC2YGdxGLqHpVkoNI
-oKlNFrnRbhYMbMIGFOJr6pvTDsM4zxJ0wy86PSE1Oid9JqZwXrNJqnPo861nNW86
-xRopLlZjsQ2RU0VNiPjYgoriaDXOAvTzppzr410CgYA0ddEj4Per/QsOgeRy1coJ
-1FaCSCPvHYsB5to4PkVBIXNMBNQ7o8o/DPy1EtYLazWzzeHZzjLxVA3MCVD9C8xI
-0GwBdkUYXj9UP2N0EhAbCCpsx3eUJqWQQZ6s5lr60bvgvu6KR51EjNyEUzKSTdF5
-jLobllpg7tqxU2WmjKtWUQKBgHUVXAlmuaXfa8CTC5WSCyQdJGq2WK4dJ5erHdfg
-ifY8ULPykXS4uwjGfKxjLyezs6//58rRpXgzoqpquatovaM7rUeBkRxzCppWVQte
-Qo63ZCnt1IsiH5j/7vo9LIs6BAcvIc9qAThWBNoK7JpKodfAiInPbUDcvihR7/SM
-gInVAoGBAKLrNc91EygUaXJR92z/PzEoNI6UGYAbP+z0bmn67jpPLxCjN2aZRUkm
-18MElOmSoedsf+dIcqOHdWvoyiDHVo2i0yxRy0nD54VVH2ZqS2fRLX6+pnCE0XiI
-ulAAjPazIPG5XOugl17O7cKsPAI/uF7bWRcg4OLjXQy7XvPPMoR3
------END RSA PRIVATE KEY-----
diff --git a/scripts/rootd.py b/scripts/rootd.py
deleted file mode 100755
index 212e6469..00000000
--- a/scripts/rootd.py
+++ /dev/null
@@ -1,202 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-Trivial RPKI up-down protocol root server, for testing. Not suitable
-for production use. Overrides a bunch of method definitions from the
-rpki.* classes in order to reuse as much code as possible.
-
-Usage: python rootd.py [ { -c | --config } configfile ] [ { -h | --help } ]
-
-Default configuration file is rootd.conf, override with --config option.
-"""
-
-import traceback, os, time, getopt, sys, lxml
-import rpki.resource_set, rpki.up_down, rpki.left_right, rpki.x509
-import rpki.https, rpki.config, rpki.cms, rpki.exceptions, rpki.relaxng
-import rpki.sundial, rpki.log
-
-rpki_subject_lifetime = rpki.sundial.timedelta(days = 30)
-
-def get_subject_cert():
- try:
- x = rpki.x509.X509(Auto_file = rpki_subject_filename)
- return x
- except IOError:
- return None
-
-def set_subject_cert(cert):
- f = open(rpki_subject_filename, "wb")
- f.write(cert.get_DER())
- f.close()
-
-def del_subject_cert():
- os.remove(rpki_subject_filename)
-
-def stash_subject_pkcs10(pkcs10):
- if rpki_pkcs10_filename:
- f = open(rpki_pkcs10_filename, "wb")
- f.write(pkcs10.get_DER())
- f.close()
-
-def compose_response(r_msg):
- rc = rpki.up_down.class_elt()
- rc.class_name = rootd_name
- rc.cert_url = rpki.up_down.multi_uri(rootd_cert)
- rc.from_resource_bag(rpki_issuer.get_3779resources())
- rc.issuer = rpki_issuer
- r_msg.payload.classes.append(rc)
- rpki_subject = get_subject_cert()
- if rpki_subject is not None:
- rc.certs.append(rpki.up_down.certificate_elt())
- rc.certs[0].cert_url = rpki.up_down.multi_uri(rootd_cert)
- rc.certs[0].cert = rpki_subject
-
-class list_pdu(rpki.up_down.list_pdu):
- def serve_pdu(self, xxx1, q_msg, r_msg, xxx2):
- r_msg.payload = rpki.up_down.list_response_pdu()
- compose_response(r_msg)
-
-class issue_pdu(rpki.up_down.issue_pdu):
- def serve_pdu(self, xxx1, q_msg, r_msg, xxx2):
- stash_subject_pkcs10(self.pkcs10)
- self.pkcs10.check_valid_rpki()
- r_msg.payload = rpki.up_down.issue_response_pdu()
- rpki_subject = get_subject_cert()
- if rpki_subject is None:
- resources = rpki_issuer.get_3779resources()
- rpki.log.info("Generating subject cert with resources " + str(resources))
- req_key = self.pkcs10.getPublicKey()
- req_sia = self.pkcs10.get_SIA()
- crldp = rootd_base + rpki_issuer.gSKI() + ".crl"
- set_subject_cert(rpki_issuer.issue(keypair = rpki_key,
- subject_key = req_key,
- serial = int(time.time()),
- sia = req_sia,
- aia = rootd_cert,
- crldp = crldp,
- resources = resources,
- notAfter = rpki.sundial.datetime.utcnow() + rpki_subject_lifetime))
- now = rpki.sundial.datetime.utcnow()
- crl = rpki.x509.CRL.generate(
- keypair = rpki_key,
- issuer = rpki_issuer,
- serial = 1,
- thisUpdate = now,
- nextUpdate = now + rpki_subject_lifetime,
- revokedCertificates = ())
- f = open(os.path.dirname(rpki_subject_filename) + "/" + rpki_issuer.gSKI() + ".crl", "wb")
- f.write(crl.get_DER())
- f.close()
- compose_response(r_msg)
-
-class revoke_pdu(rpki.up_down.revoke_pdu):
- def serve_pdu(self, xxx1, q_msg, r_msg, xxx2):
- rpki_subject = get_subject_cert()
- if rpki_subject is None or rpki_subject.gSKI() != self.ski:
- raise rpki.exceptions.NotInDatabase
- del_subject_cert()
- r_msg.payload = rpki.up_down.revoke_response_pdu()
- r_msg.payload.class_name = self.class_name
- r_msg.payload.ski = self.ski
-
-class message_pdu(rpki.up_down.message_pdu):
- name2type = {
- "list" : list_pdu,
- "list_response" : rpki.up_down.list_response_pdu,
- "issue" : issue_pdu,
- "issue_response" : rpki.up_down.issue_response_pdu,
- "revoke" : revoke_pdu,
- "revoke_response" : rpki.up_down.revoke_response_pdu,
- "error_response" : rpki.up_down.error_response_pdu }
- type2name = dict((v,k) for k,v in name2type.items())
-
-class sax_handler(rpki.sax_utils.handler):
- def create_top_level(self, name, attrs):
- return message_pdu()
-
-def up_down_handler(query, path):
- try:
- q_elt = rpki.cms.xml_verify(query, cms_ta)
- rpki.relaxng.up_down.assertValid(q_elt)
- q_msg = sax_handler.saxify(q_elt)
- except Exception, data:
- rpki.log.error(traceback.format_exc())
- return 400, "Could not process PDU: %s" % data
- try:
- r_msg = q_msg.serve_top_level(None, None)
- r_elt = r_msg.toXML()
- try:
- rpki.relaxng.up_down.assertValid(r_elt)
- except lxml.etree.DocumentInvalid:
- rpki.log.debug(lxml.etree.tostring(r_elt, pretty_print = True, encoding ="utf-8", xml_declaration = True))
- raise
- return 200, rpki.cms.xml_sign(r_elt, cms_key, cms_certs, encoding = "utf-8")
- except Exception, data:
- rpki.log.error(traceback.format_exc())
- try:
- r_msg = q_msg.serve_error(data)
- r_elt = r_msg.toXML()
- rpki.relaxng.up_down.assertValid(r_elt)
- return 200, rpki.cms.xml_sign(r_elt, cms_key, cms_certs, encoding = "utf-8")
- except Exception, data:
- rpki.log.error(traceback.format_exc())
- return 500, "Could not process PDU: %s" % data
-
-os.environ["TZ"] = "UTC"
-time.tzset()
-
-rpki.log.init("rootd")
-
-cfg_file = "rootd.conf"
-
-opts,argv = getopt.getopt(sys.argv[1:], "c:h?", ["config=", "help"])
-for o,a in opts:
- if o in ("-h", "--help", "-?"):
- print __doc__
- sys.exit(0)
- if o in ("-c", "--config"):
- cfg_file = a
-if argv:
- raise RuntimeError, "Unexpected arguments %s" % argv
-
-cfg = rpki.config.parser(cfg_file, "rootd")
-
-cms_ta = rpki.x509.X509(Auto_file = cfg.get("cms-ta"))
-cms_key = rpki.x509.RSA(Auto_file = cfg.get("cms-key"))
-cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-certs"))
-
-https_key = rpki.x509.RSA(Auto_file = cfg.get("https-key"))
-https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-certs"))
-
-https_server_host = cfg.get("server-host", "")
-https_server_port = int(cfg.get("server-port"))
-
-rpki_key = rpki.x509.RSA(Auto_file = cfg.get("rpki-key"))
-rpki_issuer = rpki.x509.X509(Auto_file = cfg.get("rpki-issuer"))
-
-rpki_subject_filename = cfg.get("rpki-subject-filename")
-rpki_pkcs10_filename = cfg.get("rpki-pkcs10-filename", "")
-
-rootd_name = cfg.get("rootd_name", "wombat")
-rootd_base = cfg.get("rootd_base", "rsync://" + rootd_name + ".invalid/")
-rootd_cert = cfg.get("rootd_cert", rootd_base + "rootd.cer")
-
-rpki.https.server(privateKey = https_key,
- certChain = https_certs,
- host = https_server_host,
- port = https_server_port,
- handlers = up_down_handler)
diff --git a/scripts/rootd.sh b/scripts/rootd.sh
deleted file mode 100644
index 50f2e90f..00000000
--- a/scripts/rootd.sh
+++ /dev/null
@@ -1,143 +0,0 @@
-#!/bin/sh -
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-# Script to test against rootd.py.
-#
-# This blows away rpkid's database and rebuilds it with what we need
-# for this test, and knows far too much about the id numbers that
-# rpkid and mysql will assign. In the long run we must do better than
-# this, but gotta start somewhere.
-
-openssl=../openssl/openssl/apps/openssl
-
-# Halt on first error
-
-set -e
-
-# Generate new key and cert for rootd.py if needed
-
-if test ! -r rootd.cer -o ! -r rootd.key
-then
- $openssl req -new -newkey rsa:2048 -nodes -keyout rootd.key -out rootd.req -config rootd.cnf
- $openssl x509 -req -in rootd.req -out rootd.cer -extfile rootd.cnf -extensions req_x509_ext -signkey rootd.key -text -sha256
- rm -f rootd.req
-fi
-
-# Blow away old rpkid database (!) so we can start clean
-
-mysql -u rpki -p`awk '$1 == "sql-password" {print $3}' rpkid.conf` rpki <../docs/rpki-db-schema.sql
-
-# Start rpkid so we can configure it, make sure we shut it down on exit
-
-python rpkid.py & rpkid=$!
-trap "kill $rpkid" 0 1 2 3 13 15
-
-: Waiting to let rpkid start up; sleep 5
-
-# Create a self instance
-
-time python irbe-cli.py self --action create --crl_interval 84600
-
-# Create a business signing context, issue the necessary business cert, and set up the cert chain
-
-time python irbe-cli.py --pem_out bsc.req bsc --action create --self_id 1 --generate_keypair --signing_cert biz-certs/Bob-CA.cer
-time $openssl x509 -req -in bsc.req -out bsc.cer -CA biz-certs/Bob-CA.cer -CAkey biz-certs/Bob-CA.key -CAserial biz-certs/Bob-CA.srl
-time python irbe-cli.py bsc --action set --self_id 1 --bsc_id 1 --signing_cert bsc.cer
-rm -f bsc.req bsc.cer
-
-# Create a repository context
-
-time python irbe-cli.py repository --self_id 1 --action create --bsc_id 1
-
-# Create a parent context pointing at rootd.py
-
-time python irbe-cli.py parent --self_id 1 --action create --bsc_id 1 --repository_id 1 \
- --peer_contact_uri https://localhost:44333/ \
- --cms_ta biz-certs/Elena-Root.cer \
- --https_ta biz-certs/Elena-Root.cer \
- --sia_base rsync://wombat.invalid/ \
- --sender_name tweedledee \
- --recipient_name tweedledum
-
-# Create a child context
-
-time python irbe-cli.py child --self_id 1 --action create --bsc_id 1 --cms_ta biz-certs/Frank-Root.cer
-
-# Need to link irdb to created child and clear conflicting links.
-# For now, just do this "manually" in MySQL CLI.
-
-echo '
- UPDATE registrant SET rpki_self_id = NULL, rpki_child_id = NULL;
- UPDATE registrant SET rpki_self_id = 1, rpki_child_id = 1 WHERE subject_name = "Epilogue Technology Corporation";
-' |
-mysql -u irdb -p`awk '$1 == "sql-password" {print $3}' irbe.conf` irdb
-
-if test "$1" = "run"
-then
-
- rm -rf publication
-
- python rootd.py & rootd=$!
- python irdbd.py & irdbd=$!
- trap "kill $rpkid $irdbd $rootd" 0 1 2 3 13 15
-
- : Waiting to let daemons start up; sleep 5
-
- date; time python cronjob.py
- date; time python testpoke.py -r list
- date; time python testpoke.py -r issue
-
- date; time python cronjob.py
- date; time python testpoke.py -r list
- date; time python testpoke.py -r issue
-
- date; python testpoke.py -r issue |
- qh |
- sed -n '/^(certificate/,/^)certificate/s/^-//p' |
- mimencode -u |
- $openssl x509 -noout -inform DER -text
-
- date; time python testpoke.py -r revoke
- date; time python testpoke.py -r list
- date; time python cronjob.py
- date; time python testpoke.py -r list
-
- date; time python cronjob.py
- date; time python testpoke.py -r list
- date; time python testpoke.py -r issue
-
- date; time python testpoke.py -r revoke
- date; time python testpoke.py -r list
- date; time python cronjob.py
- date; time python testpoke.py -r list
-
- date; time python testpoke.py -r issue
- date; time python testpoke.py -r revoke
- date; time python testpoke.py -r issue
- date; time python testpoke.py -r revoke
- date; time python testpoke.py -r issue
- date; time python testpoke.py -r revoke
- date; time python testpoke.py -r list
- date; time python cronjob.py
- date; time python testpoke.py -r list
-
- date; time python testpoke.py -r issue
- date; time python cronjob.py
- date; time python testpoke.py -r list
- date
-
-fi
diff --git a/scripts/rootd.yaml b/scripts/rootd.yaml
deleted file mode 100644
index 2ee5dcd4..00000000
--- a/scripts/rootd.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-# $Id$
----
-version: 1
-posturl: https://localhost:4401/up-down/1
-recipient-id: "rootd"
-sender-id: "RIR"
-
-cms-cert-file: RIR-RPKI-EE.cer
-cms-key-file: RIR-RPKI-EE.key
-cms-ca-cert-file: rootd-TA.cer
-cms-cert-chain-file: [ RIR-RPKI-CA.cer ]
-
-ssl-cert-file: RIR-RPKI-EE.cer
-ssl-key-file: RIR-RPKI-EE.key
-ssl-ca-cert-file: rootd-TA.cer
-
-requests:
- list:
- type: list
- issue:
- type: issue
- class: 1
- sia:
- - rsync://localhost:4400/testbed/RIR/
diff --git a/scripts/rpki/Doxyfile b/scripts/rpki/Doxyfile
deleted file mode 100644
index 276c0967..00000000
--- a/scripts/rpki/Doxyfile
+++ /dev/null
@@ -1,1269 +0,0 @@
-# $Id$
-
-# Doxyfile 1.5.2
-
-# This file describes the settings to be used by the documentation system
-# doxygen (www.doxygen.org) for a project
-#
-# All text after a hash (#) is considered a comment and will be ignored
-# The format is:
-# TAG = value [value, ...]
-# For lists items can also be appended using:
-# TAG += value [value, ...]
-# Values that contain spaces should be placed between quotes (" ")
-
-#---------------------------------------------------------------------------
-# Project related configuration options
-#---------------------------------------------------------------------------
-
-# This tag specifies the encoding used for all characters in the config file that
-# follow. The default is UTF-8 which is also the encoding used for all text before
-# the first occurrence of this tag. Doxygen uses libiconv (or the iconv built into
-# libc) for the transcoding. See http://www.gnu.org/software/libiconv for the list of
-# possible encodings.
-
-DOXYFILE_ENCODING = UTF-8
-
-# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
-# by quotes) that should identify the project.
-
-PROJECT_NAME = "Resource PKI Engine"
-
-# The PROJECT_NUMBER tag can be used to enter a project or revision number.
-# This could be handy for archiving the generated documentation or
-# if some version control system is used.
-
-PROJECT_NUMBER = RPKI
-
-# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
-# base path where the generated documentation will be put.
-# If a relative path is entered, it will be relative to the location
-# where doxygen was started. If left blank the current directory will be used.
-
-OUTPUT_DIRECTORY =
-
-# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
-# 4096 sub-directories (in 2 levels) under the output directory of each output
-# format and will distribute the generated files over these directories.
-# Enabling this option can be useful when feeding doxygen a huge amount of
-# source files, where putting all generated files in the same directory would
-# otherwise cause performance problems for the file system.
-
-CREATE_SUBDIRS = NO
-
-# The OUTPUT_LANGUAGE tag is used to specify the language in which all
-# documentation generated by doxygen is written. Doxygen will use this
-# information to generate all constant output in the proper language.
-# The default language is English, other supported languages are:
-# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional,
-# Croatian, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian,
-# Italian, Japanese, Japanese-en (Japanese with English messages), Korean,
-# Korean-en, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian,
-# Serbian, Slovak, Slovene, Spanish, Swedish, and Ukrainian.
-
-OUTPUT_LANGUAGE = English
-
-# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
-# include brief member descriptions after the members that are listed in
-# the file and class documentation (similar to JavaDoc).
-# Set to NO to disable this.
-
-BRIEF_MEMBER_DESC = YES
-
-# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
-# the brief description of a member or function before the detailed description.
-# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
-# brief descriptions will be completely suppressed.
-
-REPEAT_BRIEF = YES
-
-# This tag implements a quasi-intelligent brief description abbreviator
-# that is used to form the text in various listings. Each string
-# in this list, if found as the leading text of the brief description, will be
-# stripped from the text and the result after processing the whole list, is
-# used as the annotated text. Otherwise, the brief description is used as-is.
-# If left blank, the following values are used ("$name" is automatically
-# replaced with the name of the entity): "The $name class" "The $name widget"
-# "The $name file" "is" "provides" "specifies" "contains"
-# "represents" "a" "an" "the"
-
-ABBREVIATE_BRIEF = "The $name class" \
- "The $name widget" \
- "The $name file" \
- is \
- provides \
- specifies \
- contains \
- represents \
- a \
- an \
- the
-
-# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
-# Doxygen will generate a detailed section even if there is only a brief
-# description.
-
-ALWAYS_DETAILED_SEC = NO
-
-# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
-# inherited members of a class in the documentation of that class as if those
-# members were ordinary class members. Constructors, destructors and assignment
-# operators of the base classes will not be shown.
-
-INLINE_INHERITED_MEMB = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
-# path before files name in the file list and in the header files. If set
-# to NO the shortest path that makes the file name unique will be used.
-
-FULL_PATH_NAMES = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
-# can be used to strip a user-defined part of the path. Stripping is
-# only done if one of the specified strings matches the left-hand part of
-# the path. The tag can be used to show relative paths in the file list.
-# If left blank the directory from which doxygen is run is used as the
-# path to strip.
-
-STRIP_FROM_PATH =
-
-# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
-# the path mentioned in the documentation of a class, which tells
-# the reader which header file to include in order to use a class.
-# If left blank only the name of the header file containing the class
-# definition is used. Otherwise one should specify the include paths that
-# are normally passed to the compiler using the -I flag.
-
-STRIP_FROM_INC_PATH =
-
-# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
-# (but less readable) file names. This can be useful is your file systems
-# doesn't support long names like on DOS, Mac, or CD-ROM.
-
-SHORT_NAMES = NO
-
-# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
-# will interpret the first line (until the first dot) of a JavaDoc-style
-# comment as the brief description. If set to NO, the JavaDoc
-# comments will behave just like the Qt-style comments (thus requiring an
-# explicit @brief command for a brief description.
-
-JAVADOC_AUTOBRIEF = NO
-
-# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
-# treat a multi-line C++ special comment block (i.e. a block of //! or ///
-# comments) as a brief description. This used to be the default behaviour.
-# The new default is to treat a multi-line C++ comment block as a detailed
-# description. Set this tag to YES if you prefer the old behaviour instead.
-
-MULTILINE_CPP_IS_BRIEF = NO
-
-# If the DETAILS_AT_TOP tag is set to YES then Doxygen
-# will output the detailed description near the top, like JavaDoc.
-# If set to NO, the detailed description appears after the member
-# documentation.
-
-DETAILS_AT_TOP = NO
-
-# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
-# member inherits the documentation from any documented member that it
-# re-implements.
-
-INHERIT_DOCS = YES
-
-# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce
-# a new page for each member. If set to NO, the documentation of a member will
-# be part of the file/class/namespace that contains it.
-
-SEPARATE_MEMBER_PAGES = NO
-
-# The TAB_SIZE tag can be used to set the number of spaces in a tab.
-# Doxygen uses this value to replace tabs by spaces in code fragments.
-
-TAB_SIZE = 8
-
-# This tag can be used to specify a number of aliases that acts
-# as commands in the documentation. An alias has the form "name=value".
-# For example adding "sideeffect=\par Side Effects:\n" will allow you to
-# put the command \sideeffect (or @sideeffect) in the documentation, which
-# will result in a user-defined paragraph with heading "Side Effects:".
-# You can put \n's in the value part of an alias to insert newlines.
-
-ALIASES =
-
-# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
-# sources only. Doxygen will then generate output that is more tailored for C.
-# For instance, some of the names that are used will be different. The list
-# of all members will be omitted, etc.
-
-OPTIMIZE_OUTPUT_FOR_C = NO
-
-# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java
-# sources only. Doxygen will then generate output that is more tailored for Java.
-# For instance, namespaces will be presented as packages, qualified scopes
-# will look different, etc.
-
-OPTIMIZE_OUTPUT_JAVA = YES
-
-# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want to
-# include (a tag file for) the STL sources as input, then you should
-# set this tag to YES in order to let doxygen match functions declarations and
-# definitions whose arguments contain STL classes (e.g. func(std::string); v.s.
-# func(std::string) {}). This also make the inheritance and collaboration
-# diagrams that involve STL classes more complete and accurate.
-
-BUILTIN_STL_SUPPORT = NO
-
-# If you use Microsoft's C++/CLI language, you should set this option to YES to
-# enable parsing support.
-
-CPP_CLI_SUPPORT = NO
-
-# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
-# tag is set to YES, then doxygen will reuse the documentation of the first
-# member in the group (if any) for the other members of the group. By default
-# all members of a group must be documented explicitly.
-
-DISTRIBUTE_GROUP_DOC = NO
-
-# Set the SUBGROUPING tag to YES (the default) to allow class member groups of
-# the same type (for instance a group of public functions) to be put as a
-# subgroup of that type (e.g. under the Public Functions section). Set it to
-# NO to prevent subgrouping. Alternatively, this can be done per class using
-# the \nosubgrouping command.
-
-SUBGROUPING = YES
-
-#---------------------------------------------------------------------------
-# Build related configuration options
-#---------------------------------------------------------------------------
-
-# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
-# documentation are documented, even if no documentation was available.
-# Private class members and static file members will be hidden unless
-# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
-
-EXTRACT_ALL = YES
-
-# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
-# will be included in the documentation.
-
-EXTRACT_PRIVATE = YES
-
-# If the EXTRACT_STATIC tag is set to YES all static members of a file
-# will be included in the documentation.
-
-EXTRACT_STATIC = YES
-
-# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
-# defined locally in source files will be included in the documentation.
-# If set to NO only classes defined in header files are included.
-
-EXTRACT_LOCAL_CLASSES = YES
-
-# This flag is only useful for Objective-C code. When set to YES local
-# methods, which are defined in the implementation section but not in
-# the interface are included in the documentation.
-# If set to NO (the default) only methods in the interface are included.
-
-EXTRACT_LOCAL_METHODS = NO
-
-# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
-# undocumented members of documented classes, files or namespaces.
-# If set to NO (the default) these members will be included in the
-# various overviews, but no documentation section is generated.
-# This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_MEMBERS = NO
-
-# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
-# undocumented classes that are normally visible in the class hierarchy.
-# If set to NO (the default) these classes will be included in the various
-# overviews. This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_CLASSES = NO
-
-# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
-# friend (class|struct|union) declarations.
-# If set to NO (the default) these declarations will be included in the
-# documentation.
-
-HIDE_FRIEND_COMPOUNDS = NO
-
-# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
-# documentation blocks found inside the body of a function.
-# If set to NO (the default) these blocks will be appended to the
-# function's detailed documentation block.
-
-HIDE_IN_BODY_DOCS = NO
-
-# The INTERNAL_DOCS tag determines if documentation
-# that is typed after a \internal command is included. If the tag is set
-# to NO (the default) then the documentation will be excluded.
-# Set it to YES to include the internal documentation.
-
-INTERNAL_DOCS = NO
-
-# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
-# file names in lower-case letters. If set to YES upper-case letters are also
-# allowed. This is useful if you have classes or files whose names only differ
-# in case and if your file system supports case sensitive file names. Windows
-# and Mac users are advised to set this option to NO.
-
-CASE_SENSE_NAMES = YES
-
-# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
-# will show members with their full class and namespace scopes in the
-# documentation. If set to YES the scope will be hidden.
-
-HIDE_SCOPE_NAMES = NO
-
-# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
-# will put a list of the files that are included by a file in the documentation
-# of that file.
-
-SHOW_INCLUDE_FILES = YES
-
-# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
-# is inserted in the documentation for inline members.
-
-INLINE_INFO = YES
-
-# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
-# will sort the (detailed) documentation of file and class members
-# alphabetically by member name. If set to NO the members will appear in
-# declaration order.
-
-SORT_MEMBER_DOCS = YES
-
-# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the
-# brief documentation of file, namespace and class members alphabetically
-# by member name. If set to NO (the default) the members will appear in
-# declaration order.
-
-SORT_BRIEF_DOCS = YES
-
-# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be
-# sorted by fully-qualified names, including namespaces. If set to
-# NO (the default), the class list will be sorted only by class name,
-# not including the namespace part.
-# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
-# Note: This option applies only to the class list, not to the
-# alphabetical list.
-
-SORT_BY_SCOPE_NAME = YES
-
-# The GENERATE_TODOLIST tag can be used to enable (YES) or
-# disable (NO) the todo list. This list is created by putting \todo
-# commands in the documentation.
-
-GENERATE_TODOLIST = YES
-
-# The GENERATE_TESTLIST tag can be used to enable (YES) or
-# disable (NO) the test list. This list is created by putting \test
-# commands in the documentation.
-
-GENERATE_TESTLIST = YES
-
-# The GENERATE_BUGLIST tag can be used to enable (YES) or
-# disable (NO) the bug list. This list is created by putting \bug
-# commands in the documentation.
-
-GENERATE_BUGLIST = YES
-
-# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
-# disable (NO) the deprecated list. This list is created by putting
-# \deprecated commands in the documentation.
-
-GENERATE_DEPRECATEDLIST= YES
-
-# The ENABLED_SECTIONS tag can be used to enable conditional
-# documentation sections, marked by \if sectionname ... \endif.
-
-ENABLED_SECTIONS =
-
-# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
-# the initial value of a variable or define consists of for it to appear in
-# the documentation. If the initializer consists of more lines than specified
-# here it will be hidden. Use a value of 0 to hide initializers completely.
-# The appearance of the initializer of individual variables and defines in the
-# documentation can be controlled using \showinitializer or \hideinitializer
-# command in the documentation regardless of this setting.
-
-MAX_INITIALIZER_LINES = 30
-
-# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
-# at the bottom of the documentation of classes and structs. If set to YES the
-# list will mention the files that were used to generate the documentation.
-
-SHOW_USED_FILES = YES
-
-# If the sources in your project are distributed over multiple directories
-# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy
-# in the documentation. The default is NO.
-
-SHOW_DIRECTORIES = NO
-
-# The FILE_VERSION_FILTER tag can be used to specify a program or script that
-# doxygen should invoke to get the current version for each file (typically from the
-# version control system). Doxygen will invoke the program by executing (via
-# popen()) the command <command> <input-file>, where <command> is the value of
-# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file
-# provided by doxygen. Whatever the program writes to standard output
-# is used as the file version. See the manual for examples.
-
-FILE_VERSION_FILTER = "perl -e '@a = split(q( ), qx(svn stat -v $ARGV[0])); shift @a until $a[0] =~ /^[0-9]+$/ or @a == 0; shift @a; print shift(@a), qq(\n)'"
-
-#---------------------------------------------------------------------------
-# configuration options related to warning and progress messages
-#---------------------------------------------------------------------------
-
-# The QUIET tag can be used to turn on/off the messages that are generated
-# by doxygen. Possible values are YES and NO. If left blank NO is used.
-
-QUIET = YES
-
-# The WARNINGS tag can be used to turn on/off the warning messages that are
-# generated by doxygen. Possible values are YES and NO. If left blank
-# NO is used.
-
-WARNINGS = YES
-
-# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
-# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
-# automatically be disabled.
-
-WARN_IF_UNDOCUMENTED = YES
-
-# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
-# potential errors in the documentation, such as not documenting some
-# parameters in a documented function, or documenting parameters that
-# don't exist or using markup commands wrongly.
-
-WARN_IF_DOC_ERROR = YES
-
-# This WARN_NO_PARAMDOC option can be abled to get warnings for
-# functions that are documented, but have no documentation for their parameters
-# or return value. If set to NO (the default) doxygen will only warn about
-# wrong or incomplete parameter documentation, but not about the absence of
-# documentation.
-
-WARN_NO_PARAMDOC = NO
-
-# The WARN_FORMAT tag determines the format of the warning messages that
-# doxygen can produce. The string should contain the $file, $line, and $text
-# tags, which will be replaced by the file and line number from which the
-# warning originated and the warning text. Optionally the format may contain
-# $version, which will be replaced by the version of the file (if it could
-# be obtained via FILE_VERSION_FILTER)
-
-WARN_FORMAT = "$file:$line: $text"
-
-# The WARN_LOGFILE tag can be used to specify a file to which warning
-# and error messages should be written. If left blank the output is written
-# to stderr.
-
-WARN_LOGFILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the input files
-#---------------------------------------------------------------------------
-
-# The INPUT tag can be used to specify the files and/or directories that contain
-# documented source files. You may enter file names like "myfile.cpp" or
-# directories like "/usr/src/myproject". Separate the files or directories
-# with spaces.
-
-INPUT = .
-
-# This tag can be used to specify the character encoding of the source files that
-# doxygen parses. Internally doxygen uses the UTF-8 encoding, which is also the default
-# input encoding. Doxygen uses libiconv (or the iconv built into libc) for the transcoding.
-# See http://www.gnu.org/software/libiconv for the list of possible encodings.
-
-INPUT_ENCODING = UTF-8
-
-# If the value of the INPUT tag contains directories, you can use the
-# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank the following patterns are tested:
-# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx
-# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py
-
-FILE_PATTERNS = *.py
-
-# The RECURSIVE tag can be used to turn specify whether or not subdirectories
-# should be searched for input files as well. Possible values are YES and NO.
-# If left blank NO is used.
-
-RECURSIVE = NO
-
-# The EXCLUDE tag can be used to specify files and/or directories that should
-# excluded from the INPUT source files. This way you can easily exclude a
-# subdirectory from a directory tree whose root is specified with the INPUT tag.
-
-EXCLUDE =
-
-# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
-# directories that are symbolic links (a Unix filesystem feature) are excluded
-# from the input.
-
-EXCLUDE_SYMLINKS = NO
-
-# If the value of the INPUT tag contains directories, you can use the
-# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
-# certain files from those directories. Note that the wildcards are matched
-# against the file with absolute path, so to exclude all test directories
-# for example use the pattern */test/*
-
-EXCLUDE_PATTERNS =
-
-# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
-# (namespaces, classes, functions, etc.) that should be excluded from the output.
-# The symbol name can be a fully qualified name, a word, or if the wildcard * is used,
-# a substring. Examples: ANamespace, AClass, AClass::ANamespace, ANamespace::*Test
-
-EXCLUDE_SYMBOLS =
-
-# The EXAMPLE_PATH tag can be used to specify one or more files or
-# directories that contain example code fragments that are included (see
-# the \include command).
-
-EXAMPLE_PATH =
-
-# If the value of the EXAMPLE_PATH tag contains directories, you can use the
-# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank all files are included.
-
-EXAMPLE_PATTERNS = *
-
-# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
-# searched for input files to be used with the \include or \dontinclude
-# commands irrespective of the value of the RECURSIVE tag.
-# Possible values are YES and NO. If left blank NO is used.
-
-EXAMPLE_RECURSIVE = NO
-
-# The IMAGE_PATH tag can be used to specify one or more files or
-# directories that contain image that are included in the documentation (see
-# the \image command).
-
-IMAGE_PATH =
-
-# The INPUT_FILTER tag can be used to specify a program that doxygen should
-# invoke to filter for each input file. Doxygen will invoke the filter program
-# by executing (via popen()) the command <filter> <input-file>, where <filter>
-# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
-# input file. Doxygen will then use the output that the filter program writes
-# to standard output. If FILTER_PATTERNS is specified, this tag will be
-# ignored.
-
-INPUT_FILTER =
-
-# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
-# basis. Doxygen will compare the file name with each pattern and apply the
-# filter if there is a match. The filters are a list of the form:
-# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
-# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
-# is applied to all files.
-
-FILTER_PATTERNS =
-
-# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
-# INPUT_FILTER) will be used to filter the input files when producing source
-# files to browse (i.e. when SOURCE_BROWSER is set to YES).
-
-FILTER_SOURCE_FILES = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to source browsing
-#---------------------------------------------------------------------------
-
-# If the SOURCE_BROWSER tag is set to YES then a list of source files will
-# be generated. Documented entities will be cross-referenced with these sources.
-# Note: To get rid of all source code in the generated output, make sure also
-# VERBATIM_HEADERS is set to NO.
-
-SOURCE_BROWSER = YES
-
-# Setting the INLINE_SOURCES tag to YES will include the body
-# of functions and classes directly in the documentation.
-
-INLINE_SOURCES = NO
-
-# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
-# doxygen to hide any special comment blocks from generated source code
-# fragments. Normal C and C++ comments will always remain visible.
-
-STRIP_CODE_COMMENTS = YES
-
-# If the REFERENCED_BY_RELATION tag is set to YES (the default)
-# then for each documented function all documented
-# functions referencing it will be listed.
-
-REFERENCED_BY_RELATION = YES
-
-# If the REFERENCES_RELATION tag is set to YES (the default)
-# then for each documented function all documented entities
-# called/used by that function will be listed.
-
-REFERENCES_RELATION = YES
-
-# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
-# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
-# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
-# link to the source code. Otherwise they will link to the documentstion.
-
-REFERENCES_LINK_SOURCE = YES
-
-# If the USE_HTAGS tag is set to YES then the references to source code
-# will point to the HTML generated by the htags(1) tool instead of doxygen
-# built-in source browser. The htags tool is part of GNU's global source
-# tagging system (see http://www.gnu.org/software/global/global.html). You
-# will need version 4.8.6 or higher.
-
-USE_HTAGS = NO
-
-# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
-# will generate a verbatim copy of the header file for each class for
-# which an include is specified. Set to NO to disable this.
-
-VERBATIM_HEADERS = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the alphabetical class index
-#---------------------------------------------------------------------------
-
-# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
-# of all compounds will be generated. Enable this if the project
-# contains a lot of classes, structs, unions or interfaces.
-
-ALPHABETICAL_INDEX = YES
-
-# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
-# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
-# in which this list will be split (can be a number in the range [1..20])
-
-COLS_IN_ALPHA_INDEX = 5
-
-# In case all classes in a project start with a common prefix, all
-# classes will be put under the same header in the alphabetical index.
-# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
-# should be ignored while generating the index headers.
-
-IGNORE_PREFIX =
-
-#---------------------------------------------------------------------------
-# configuration options related to the HTML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
-# generate HTML output.
-
-GENERATE_HTML = YES
-
-# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `html' will be used as the default path.
-
-HTML_OUTPUT = html
-
-# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
-# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
-# doxygen will generate files with .html extension.
-
-HTML_FILE_EXTENSION = .html
-
-# The HTML_HEADER tag can be used to specify a personal HTML header for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard header.
-
-HTML_HEADER =
-
-# The HTML_FOOTER tag can be used to specify a personal HTML footer for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard footer.
-
-HTML_FOOTER =
-
-# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
-# style sheet that is used by each HTML page. It can be used to
-# fine-tune the look of the HTML output. If the tag is left blank doxygen
-# will generate a default style sheet. Note that doxygen will try to copy
-# the style sheet file to the HTML output directory, so don't put your own
-# stylesheet in the HTML output directory as well, or it will be erased!
-
-HTML_STYLESHEET =
-
-# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
-# files or namespaces will be aligned in HTML using tables. If set to
-# NO a bullet list will be used.
-
-HTML_ALIGN_MEMBERS = YES
-
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files
-# will be generated that can be used as input for tools like the
-# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
-# of the generated HTML documentation.
-
-GENERATE_HTMLHELP = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
-# be used to specify the file name of the resulting .chm file. You
-# can add a path in front of the file if the result should not be
-# written to the html output directory.
-
-CHM_FILE =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
-# be used to specify the location (absolute path including file name) of
-# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
-# the HTML help compiler on the generated index.hhp.
-
-HHC_LOCATION =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
-# controls if a separate .chi index file is generated (YES) or that
-# it should be included in the master .chm file (NO).
-
-GENERATE_CHI = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
-# controls whether a binary table of contents is generated (YES) or a
-# normal table of contents (NO) in the .chm file.
-
-BINARY_TOC = NO
-
-# The TOC_EXPAND flag can be set to YES to add extra items for group members
-# to the contents of the HTML help documentation and to the tree view.
-
-TOC_EXPAND = NO
-
-# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
-# top of each HTML page. The value NO (the default) enables the index and
-# the value YES disables it.
-
-DISABLE_INDEX = NO
-
-# This tag can be used to set the number of enum values (range [1..20])
-# that doxygen will group on one line in the generated HTML documentation.
-
-ENUM_VALUES_PER_LINE = 4
-
-# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
-# generated containing a tree-like index structure (just like the one that
-# is generated for HTML Help). For this to work a browser that supports
-# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+,
-# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
-# probably better off using the HTML help feature.
-
-GENERATE_TREEVIEW = NO
-
-# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
-# used to set the initial width (in pixels) of the frame in which the tree
-# is shown.
-
-TREEVIEW_WIDTH = 250
-
-#---------------------------------------------------------------------------
-# configuration options related to the LaTeX output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
-# generate Latex output.
-
-GENERATE_LATEX = NO
-
-# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `latex' will be used as the default path.
-
-LATEX_OUTPUT = latex
-
-# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
-# invoked. If left blank `latex' will be used as the default command name.
-
-LATEX_CMD_NAME = latex
-
-# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
-# generate index for LaTeX. If left blank `makeindex' will be used as the
-# default command name.
-
-MAKEINDEX_CMD_NAME = makeindex
-
-# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
-# LaTeX documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_LATEX = YES
-
-# The PAPER_TYPE tag can be used to set the paper type that is used
-# by the printer. Possible values are: a4, a4wide, letter, legal and
-# executive. If left blank a4wide will be used.
-
-PAPER_TYPE = letter
-
-# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
-# packages that should be included in the LaTeX output.
-
-EXTRA_PACKAGES =
-
-# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
-# the generated latex document. The header should contain everything until
-# the first chapter. If it is left blank doxygen will generate a
-# standard header. Notice: only use this tag if you know what you are doing!
-
-LATEX_HEADER =
-
-# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
-# is prepared for conversion to pdf (using ps2pdf). The pdf file will
-# contain links (just like the HTML output) instead of page references
-# This makes the output suitable for online browsing using a pdf viewer.
-
-PDF_HYPERLINKS = YES
-
-# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
-# plain latex in the generated Makefile. Set this option to YES to get a
-# higher quality PDF documentation.
-
-USE_PDFLATEX = YES
-
-# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
-# command to the generated LaTeX files. This will instruct LaTeX to keep
-# running if errors occur, instead of asking the user for help.
-# This option is also used when generating formulas in HTML.
-
-LATEX_BATCHMODE = YES
-
-# If LATEX_HIDE_INDICES is set to YES then doxygen will not
-# include the index chapters (such as File Index, Compound Index, etc.)
-# in the output.
-
-LATEX_HIDE_INDICES = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to the RTF output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
-# The RTF output is optimized for Word 97 and may not look very pretty with
-# other RTF readers or editors.
-
-GENERATE_RTF = NO
-
-# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `rtf' will be used as the default path.
-
-RTF_OUTPUT = rtf
-
-# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
-# RTF documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_RTF = NO
-
-# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
-# will contain hyperlink fields. The RTF file will
-# contain links (just like the HTML output) instead of page references.
-# This makes the output suitable for online browsing using WORD or other
-# programs which support those fields.
-# Note: wordpad (write) and others do not support links.
-
-RTF_HYPERLINKS = NO
-
-# Load stylesheet definitions from file. Syntax is similar to doxygen's
-# config file, i.e. a series of assignments. You only have to provide
-# replacements, missing definitions are set to their default value.
-
-RTF_STYLESHEET_FILE =
-
-# Set optional variables used in the generation of an rtf document.
-# Syntax is similar to doxygen's config file.
-
-RTF_EXTENSIONS_FILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the man page output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
-# generate man pages
-
-GENERATE_MAN = NO
-
-# The MAN_OUTPUT tag is used to specify where the man pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `man' will be used as the default path.
-
-MAN_OUTPUT = man
-
-# The MAN_EXTENSION tag determines the extension that is added to
-# the generated man pages (default is the subroutine's section .3)
-
-MAN_EXTENSION = .3
-
-# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
-# then it will generate one additional man file for each entity
-# documented in the real man page(s). These additional files
-# only source the real man page, but without them the man command
-# would be unable to find the correct page. The default is NO.
-
-MAN_LINKS = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the XML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_XML tag is set to YES Doxygen will
-# generate an XML file that captures the structure of
-# the code including all documentation.
-
-GENERATE_XML = NO
-
-# The XML_OUTPUT tag is used to specify where the XML pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `xml' will be used as the default path.
-
-XML_OUTPUT = xml
-
-# The XML_SCHEMA tag can be used to specify an XML schema,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_SCHEMA =
-
-# The XML_DTD tag can be used to specify an XML DTD,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_DTD =
-
-# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
-# dump the program listings (including syntax highlighting
-# and cross-referencing information) to the XML output. Note that
-# enabling this will significantly increase the size of the XML output.
-
-XML_PROGRAMLISTING = YES
-
-#---------------------------------------------------------------------------
-# configuration options for the AutoGen Definitions output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
-# generate an AutoGen Definitions (see autogen.sf.net) file
-# that captures the structure of the code including all
-# documentation. Note that this feature is still experimental
-# and incomplete at the moment.
-
-GENERATE_AUTOGEN_DEF = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the Perl module output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_PERLMOD tag is set to YES Doxygen will
-# generate a Perl module file that captures the structure of
-# the code including all documentation. Note that this
-# feature is still experimental and incomplete at the
-# moment.
-
-GENERATE_PERLMOD = NO
-
-# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
-# the necessary Makefile rules, Perl scripts and LaTeX code to be able
-# to generate PDF and DVI output from the Perl module output.
-
-PERLMOD_LATEX = NO
-
-# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
-# nicely formatted so it can be parsed by a human reader. This is useful
-# if you want to understand what is going on. On the other hand, if this
-# tag is set to NO the size of the Perl module output will be much smaller
-# and Perl will parse it just the same.
-
-PERLMOD_PRETTY = YES
-
-# The names of the make variables in the generated doxyrules.make file
-# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
-# This is useful so different doxyrules.make files included by the same
-# Makefile don't overwrite each other's variables.
-
-PERLMOD_MAKEVAR_PREFIX =
-
-#---------------------------------------------------------------------------
-# Configuration options related to the preprocessor
-#---------------------------------------------------------------------------
-
-# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
-# evaluate all C-preprocessor directives found in the sources and include
-# files.
-
-ENABLE_PREPROCESSING = YES
-
-# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
-# names in the source code. If set to NO (the default) only conditional
-# compilation will be performed. Macro expansion can be done in a controlled
-# way by setting EXPAND_ONLY_PREDEF to YES.
-
-MACRO_EXPANSION = NO
-
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
-# then the macro expansion is limited to the macros specified with the
-# PREDEFINED and EXPAND_AS_DEFINED tags.
-
-EXPAND_ONLY_PREDEF = NO
-
-# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
-# in the INCLUDE_PATH (see below) will be search if a #include is found.
-
-SEARCH_INCLUDES = YES
-
-# The INCLUDE_PATH tag can be used to specify one or more directories that
-# contain include files that are not input files but should be processed by
-# the preprocessor.
-
-INCLUDE_PATH =
-
-# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
-# patterns (like *.h and *.hpp) to filter out the header-files in the
-# directories. If left blank, the patterns specified with FILE_PATTERNS will
-# be used.
-
-INCLUDE_FILE_PATTERNS =
-
-# The PREDEFINED tag can be used to specify one or more macro names that
-# are defined before the preprocessor is started (similar to the -D option of
-# gcc). The argument of the tag is a list of macros of the form: name
-# or name=definition (no spaces). If the definition and the = are
-# omitted =1 is assumed. To prevent a macro definition from being
-# undefined via #undef or recursively expanded use the := operator
-# instead of the = operator.
-
-PREDEFINED =
-
-# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
-# this tag can be used to specify a list of macro names that should be expanded.
-# The macro definition that is found in the sources will be used.
-# Use the PREDEFINED tag if you want to use a different macro definition.
-
-EXPAND_AS_DEFINED =
-
-# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
-# doxygen's preprocessor will remove all function-like macros that are alone
-# on a line, have an all uppercase name, and do not end with a semicolon. Such
-# function macros are typically used for boiler-plate code, and will confuse
-# the parser if not removed.
-
-SKIP_FUNCTION_MACROS = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to external references
-#---------------------------------------------------------------------------
-
-# The TAGFILES option can be used to specify one or more tagfiles.
-# Optionally an initial location of the external documentation
-# can be added for each tagfile. The format of a tag file without
-# this location is as follows:
-# TAGFILES = file1 file2 ...
-# Adding location for the tag files is done as follows:
-# TAGFILES = file1=loc1 "file2 = loc2" ...
-# where "loc1" and "loc2" can be relative or absolute paths or
-# URLs. If a location is present for each tag, the installdox tool
-# does not have to be run to correct the links.
-# Note that each tag file must have a unique name
-# (where the name does NOT include the path)
-# If a tag file is not located in the directory in which doxygen
-# is run, you must also specify the path to the tagfile here.
-
-TAGFILES =
-
-# When a file name is specified after GENERATE_TAGFILE, doxygen will create
-# a tag file that is based on the input files it reads.
-
-GENERATE_TAGFILE =
-
-# If the ALLEXTERNALS tag is set to YES all external classes will be listed
-# in the class index. If set to NO only the inherited external classes
-# will be listed.
-
-ALLEXTERNALS = NO
-
-# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
-# in the modules index. If set to NO, only the current project's groups will
-# be listed.
-
-EXTERNAL_GROUPS = YES
-
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of `which perl').
-
-PERL_PATH = /usr/bin/perl
-
-#---------------------------------------------------------------------------
-# Configuration options related to the dot tool
-#---------------------------------------------------------------------------
-
-# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
-# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
-# or super classes. Setting the tag to NO turns the diagrams off. Note that
-# this option is superseded by the HAVE_DOT option below. This is only a
-# fallback. It is recommended to install and use dot, since it yields more
-# powerful graphs.
-
-CLASS_DIAGRAMS = NO
-
-# You can define message sequence charts within doxygen comments using the \msc
-# command. Doxygen will then run the mscgen tool (see http://www.mcternan.me.uk/mscgen/) to
-# produce the chart and insert it in the documentation. The MSCGEN_PATH tag allows you to
-# specify the directory where the mscgen tool resides. If left empty the tool is assumed to
-# be found in the default search path.
-
-MSCGEN_PATH =
-
-# If set to YES, the inheritance and collaboration graphs will hide
-# inheritance and usage relations if the target is undocumented
-# or is not a class.
-
-HIDE_UNDOC_RELATIONS = NO
-
-# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
-# available from the path. This tool is part of Graphviz, a graph visualization
-# toolkit from AT&T and Lucent Bell Labs. The other options in this section
-# have no effect if this option is set to NO (the default)
-
-HAVE_DOT = YES
-
-# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect inheritance relations. Setting this tag to YES will force the
-# the CLASS_DIAGRAMS tag to NO.
-
-CLASS_GRAPH = YES
-
-# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect implementation dependencies (inheritance, containment, and
-# class references variables) of the class with other documented classes.
-
-COLLABORATION_GRAPH = NO
-
-# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for groups, showing the direct groups dependencies
-
-GROUP_GRAPHS = YES
-
-# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
-# collaboration diagrams in a style similar to the OMG's Unified Modeling
-# Language.
-
-UML_LOOK = YES
-
-# If set to YES, the inheritance and collaboration graphs will show the
-# relations between templates and their instances.
-
-TEMPLATE_RELATIONS = NO
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
-# tags are set to YES then doxygen will generate a graph for each documented
-# file showing the direct and indirect include dependencies of the file with
-# other documented files.
-
-INCLUDE_GRAPH = YES
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
-# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
-# documented header file showing the documented files that directly or
-# indirectly include this file.
-
-INCLUDED_BY_GRAPH = YES
-
-# If the CALL_GRAPH and HAVE_DOT tags are set to YES then doxygen will
-# generate a call dependency graph for every global function or class method.
-# Note that enabling this option will significantly increase the time of a run.
-# So in most cases it will be better to enable call graphs for selected
-# functions only using the \callgraph command.
-
-CALL_GRAPH = YES
-
-# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then doxygen will
-# generate a caller dependency graph for every global function or class method.
-# Note that enabling this option will significantly increase the time of a run.
-# So in most cases it will be better to enable caller graphs for selected
-# functions only using the \callergraph command.
-
-CALLER_GRAPH = YES
-
-# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
-# will graphical hierarchy of all classes instead of a textual one.
-
-GRAPHICAL_HIERARCHY = NO
-
-# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES
-# then doxygen will show the dependencies a directory has on other directories
-# in a graphical way. The dependency relations are determined by the #include
-# relations between the files in the directories.
-
-DIRECTORY_GRAPH = YES
-
-# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
-# generated by dot. Possible values are png, jpg, or gif
-# If left blank png will be used.
-
-DOT_IMAGE_FORMAT = png
-
-# The tag DOT_PATH can be used to specify the path where the dot tool can be
-# found. If left blank, it is assumed the dot tool can be found in the path.
-
-DOT_PATH =
-
-# The DOTFILE_DIRS tag can be used to specify one or more directories that
-# contain dot files that are included in the documentation (see the
-# \dotfile command).
-
-DOTFILE_DIRS =
-
-# The MAX_DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
-# nodes that will be shown in the graph. If the number of nodes in a graph
-# becomes larger than this value, doxygen will truncate the graph, which is
-# visualized by representing a node as a red box. Note that doxygen will always
-# show the root nodes and its direct children regardless of this setting.
-
-DOT_GRAPH_MAX_NODES = 50
-
-# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
-# background. This is disabled by default, which results in a white background.
-# Warning: Depending on the platform used, enabling this option may lead to
-# badly anti-aliased labels on the edges of a graph (i.e. they become hard to
-# read).
-
-DOT_TRANSPARENT = NO
-
-# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output
-# files in one run (i.e. multiple -o and -T options on the command line). This
-# makes dot run faster, but since only newer versions of dot (>1.8.10)
-# support this, this feature is disabled by default.
-
-DOT_MULTI_TARGETS = NO
-
-# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
-# generate a legend page explaining the meaning of the various boxes and
-# arrows in the dot generated graphs.
-
-GENERATE_LEGEND = NO
-
-# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
-# remove the intermediate dot files that are used to generate
-# the various graphs.
-
-DOT_CLEANUP = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to the search engine
-#---------------------------------------------------------------------------
-
-# The SEARCHENGINE tag specifies whether or not a search engine should be
-# used. If set to NO the values of all tags below this one will be ignored.
-
-SEARCHENGINE = NO
diff --git a/scripts/rpki/__init__.py b/scripts/rpki/__init__.py
deleted file mode 100644
index 690c7f9c..00000000
--- a/scripts/rpki/__init__.py
+++ /dev/null
@@ -1,42 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-# This file exists to tell Python that this the content of this
-# directory constitute a Python package. Since we're not doing
-# anything exotic, this file doesn't need to contain any code, but
-# since its existance defines the package, it's as sensible a place as
-# any to put the Doxygen mainpage.
-
-## @mainpage
-##
-## This collection of Python modules implements a prototype of the
-## RPKI Engine. This is a work in progress.
-##
-## See http://viewvc.hactrn.net/subvert-rpki.hactrn.net/ for code,
-## design documents, a text mirror of portions of APNIC's Wiki, etc.
-##
-## The documentation you're reading is generated automatically by
-## Doxygen from comments and documentation in
-## <a href="http://viewvc.hactrn.net/subvert-rpki.hactrn.net/scripts/rpki/">the code</a>.
-##
-## This work is funded by <a href="http://www.arin.net/">ARIN</a>, in
-## collaboration with the other RIRs. If you're interested in this
-## package you might also be interested in:
-##
-## @li <a href="http://viewvc.hactrn.net/subvert-rpki.hactrn.net/rcynic/">the rcynic validation tool</a>
-## @li <a href="http://www.hactrn.net/opaque/rcynic.html">a sample of rcynic's summary output</a>
-## @li <a href="http://mirin.apnic.net/resourcecerts/wiki/">APNIC's Wiki</a>
-## @li <a href="http://mirin.apnic.net/trac/">APNIC's project Trac instance</a>
diff --git a/scripts/rpki/cms.py b/scripts/rpki/cms.py
deleted file mode 100644
index 7b4916dc..00000000
--- a/scripts/rpki/cms.py
+++ /dev/null
@@ -1,120 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""CMS routines.
-
-These used to use the OpenSSL CLI too, which was slow. I've since
-added minimal PKCS #7 / CMS capability to POW, so we now use that
-instead. I should write a pretty DER_object wrapper around the POW
-code and include it in x509.py, but I haven't gotten to that yet.
-"""
-
-import os, rpki.x509, rpki.exceptions, lxml.etree, rpki.log, POW
-
-debug = 1
-
-# openssl smime -sign -nodetach -outform DER -signer biz-certs/Alice-EE.cer
-# -certfile biz-certs/Alice-CA.cer -inkey biz-certs/Alice-EE.key
-# -in THING -out THING.der
-
-def sign(plaintext, keypair, certs):
- """Sign plaintext as CMS with specified key and bag of certificates.
-
- We have to sort the certificates into the correct order before the
- OpenSSL CLI tool will accept them. rpki.x509 handles that for us.
- """
-
- p7 = POW.PKCS7()
- p7.sign(certs[0].get_POW(), keypair.get_POW(), [x.get_POW() for x in certs[1:]], plaintext)
- cms = p7.derWrite()
-
- if debug >= 2:
- print
- print "Signed CMS:"
- dumpasn1(cms)
-
- return cms
-
-# openssl smime -verify -inform DER -in THING.der -CAfile biz-certs/Alice-Root.cer
-
-def verify(cms, ta):
- """Verify the signature of a chunk of CMS.
-
- Returns the plaintext on success, otherwise raise an exception.
- """
-
- if debug >= 2:
- print
- print "Verifying CMS:"
- dumpasn1(cms)
-
- p7 = POW.derRead(POW.PKCS7_MESSAGE, cms)
-
- store = POW.X509Store()
- store.addTrust(ta.get_POW())
-
- try:
- return p7.verify(store)
-
- except:
- if debug >= 1:
- print "CMS verification failed, dumping inputs:"
- print
- print "TA:"
- dumpasn1(ta.get_DER())
- print
- print "CMS:"
- dumpasn1(cms)
- raise rpki.exceptions.CMSVerificationFailed, "CMS verification failed"
-
-# openssl smime -verify -noverify -inform DER -in THING.der
-
-def extract(cms):
- """Extract the content of a signed CMS message WITHOUT verifying the
- signature. Don't try this at home, kids.
- """
-
- return POW.derRead(POW.PKCS7_MESSAGE, cms).extract()
-
-def xml_verify(cms, ta):
- """Composite routine to verify CMS-wrapped XML."""
-
- val = lxml.etree.fromstring(verify(cms, ta))
- return val
-
-def xml_sign(elt, key, certs, encoding = "us-ascii"):
- """Composite routine to sign CMS-wrapped XML."""
-
- val = sign(lxml.etree.tostring(elt, pretty_print = True, encoding = encoding, xml_declaration = True),
- key, certs)
- return val
-
-def dumpasn1(thing):
- """Prettyprint an ASN.1 DER object using cryptlib dumpasn1 tool.
- Use a temporary file rather than popen4() because dumpasn1 uses
- seek() when decoding ASN.1 content nested in OCTET STRING values.
- """
-
- fn = "dumpasn1.tmp"
- try:
- f = open(fn, "w")
- f.write(thing)
- f.close()
- f = os.popen("dumpasn1 2>&1 -a " + fn)
- print "\n".join(x for x in f.read().splitlines() if x.startswith(" "))
- f.close()
- finally:
- os.unlink(fn)
diff --git a/scripts/rpki/config.py b/scripts/rpki/config.py
deleted file mode 100644
index 54540bbc..00000000
--- a/scripts/rpki/config.py
+++ /dev/null
@@ -1,57 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Configuration file parsing utilities.
-
-Layered on top of stock Python ConfigParser module.
-"""
-
-import ConfigParser
-
-class parser(ConfigParser.RawConfigParser):
-
- def __init__(self, file = None, section = None):
- """Initialize this parser."""
- ConfigParser.RawConfigParser.__init__(self)
- if file:
- self.read(file)
- self.default_section = section
-
- def multiget(self, option, section = None):
- """Parse OpenSSL-style foo.0, foo.1, ... subscripted options.
-
- Returns a list of values matching the specified option name.
- """
- matches = []
- if section is None:
- section = self.default_section
- if self.has_option(section, option):
- matches.append((-1, self.get(option, section = section)))
- for key, value in self.items(section):
- s = key.rsplit(".", 1)
- if len(s) == 2 and s[0] == option and s[1].isdigit():
- matches.append((int(s[1]), value))
- matches.sort()
- return [match[1] for match in matches]
-
- def get(self, option, default = None, section = None):
- """Get an option, perhaps with a default value."""
- if section is None:
- section = self.default_section
- if default is None or self.has_option(section, option):
- return ConfigParser.RawConfigParser.get(self, section, option)
- else:
- return default
diff --git a/scripts/rpki/exceptions.py b/scripts/rpki/exceptions.py
deleted file mode 100644
index c1475680..00000000
--- a/scripts/rpki/exceptions.py
+++ /dev/null
@@ -1,86 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Exception definitions for RPKI modules."""
-
-class NotInDatabase(Exception):
- """Lookup failed for an object expected to be in the database."""
-
-class BadURISyntax(Exception):
- """Illegal syntax for a URI."""
-
-class BadStatusCode(Exception):
- """Unrecognized protocol status code."""
-
-class BadQuery(Exception):
- """Unexpected protocol query."""
-
-class DBConsistancyError(Exception):
- """Found multiple matches for a database query that shouldn't ever return that."""
-
-class CMSVerificationFailed(Exception):
- """Verification of a CMS message failed."""
-
-class HTTPRequestFailed(Exception):
- """HTTP request failed."""
-
-class DERObjectConversionError(Exception):
- """Error trying to convert a DER-based object from one representation to another."""
-
-class NotACertificateChain(Exception):
- """Certificates don't form a proper chain."""
-
-class BadContactURL(Exception):
- """Error trying to parse up-down protocol contact URL."""
-
-class BadClassNameSyntax(Exception):
- """Illegal syntax for a class_name."""
-
-class BadIssueResponse(Exception):
- """issue_response PDU with wrong number of classes or certificates."""
-
-class NotImplementedYet(Exception):
- """Internal error -- not implemented yet."""
-
-class BadPKCS10(Exception):
- """Bad PKCS #10 object."""
-
-class UpstreamError(Exception):
- """Received an error from upstream."""
-
-class ChildNotFound(Exception):
- """Could not find specified child in database."""
-
-class BSCNotFound(Exception):
- """Could not find specified BSC in database."""
-
-class BadSender(Exception):
- """Unexpected XML sender value."""
-
-class ClassNameMismatch(Exception):
- """class_name does not match child context."""
-
-class SKIMismatch(Exception):
- """SKI value in response does not match request."""
-
-class SubprocessError(Exception):
- """Subprocess returned unexpected error."""
-
-class BadIRDBReply(Exception):
- """Unexpected reply to IRDB query."""
-
-class NotFound(Exception):
- """Object not found in database."""
diff --git a/scripts/rpki/https.py b/scripts/rpki/https.py
deleted file mode 100644
index bca5a8b1..00000000
--- a/scripts/rpki/https.py
+++ /dev/null
@@ -1,146 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""HTTPS utilities, both client and server.
-
-At the moment this only knows how to use the PEM certs in my
-subversion repository; generalizing it would not be hard, but the more
-general version should use SQL anyway.
-"""
-
-import httplib, BaseHTTPServer, tlslite.api, glob, traceback, urlparse, socket
-import rpki.x509, rpki.exceptions, rpki.log
-
-rpki_content_type = "application/x-rpki"
-
-def client(msg, privateKey, certChain, x509TrustList, url, timeout = 300):
- """Open client HTTPS connection, send a message, wait for response.
-
- This function wraps most of what one needs to do to send a message
- over HTTPS and get a response. The certificate checking isn't quite
- up to snuff; it's better than with the other packages I've found,
- but doesn't appear to handle subjectAltName extensions (sigh).
- """
-
- u = urlparse.urlparse(url)
-
- assert u.scheme in ("", "https") and \
- u.username is None and \
- u.password is None and \
- u.params == "" and \
- u.query == "" and \
- u.fragment == ""
-
- # We could add a "settings = foo" argument to the following call to
- # pass in a tlslite.HandshakeSettings object that would let us
- # insist on, eg, particular SSL/TLS versions.
-
- httpc = tlslite.api.HTTPTLSConnection(host = u.hostname or "localhost",
- port = u.port or 443,
- privateKey = privateKey.get_tlslite(),
- certChain = certChain.tlslite_certChain(),
- x509TrustList = x509TrustList.tlslite_trustList())
- httpc.connect()
- httpc.sock.settimeout(timeout)
- httpc.request("POST", u.path, msg, {"Content-Type" : rpki_content_type})
- response = httpc.getresponse()
- if response.status == httplib.OK:
- return response.read()
- else:
- r = response.read()
- raise rpki.exceptions.HTTPRequestFailed, \
- "HTTP request failed with status %s, response %s" % (response.status, r)
-
-class requestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
- """Derived type to supply POST handler and override logging."""
-
- rpki_handlers = None # Subclass must bind
-
- def rpki_find_handler(self):
- """Helper method to search self.rpki_handlers."""
- for s,h in self.rpki_handlers:
- if self.path.startswith(s):
- return h
- return None
-
- def do_POST(self):
- """POST handler."""
- try:
- handler = self.rpki_find_handler()
- if self.headers["Content-Type"] != rpki_content_type:
- rcode, rtext = 415, "Received Content-Type %s, expected %s" \
- % (self.headers["Content-Type"], rpki_content_type)
- elif handler is None:
- rcode, rtext = 404, "No handler found for URL " + self.path
- else:
- rcode, rtext = handler(query = self.rfile.read(int(self.headers["Content-Length"])),
- path = self.path)
- except Exception, edata:
- rpki.log.error(traceback.format_exc())
- rcode, rtext = 500, "Unhandled exception %s" % edata
- self.send_response(rcode)
- self.send_header("Content-Type", rpki_content_type)
- self.end_headers()
- self.wfile.write(rtext)
-
- def log_message(self, format, *args):
- """Redirect HTTP server logging into our own logging system."""
- if args:
- rpki.log.info(format % args)
- else:
- rpki.log.info(format)
-
-class httpServer(tlslite.api.TLSSocketServerMixIn, BaseHTTPServer.HTTPServer):
- """Derived type to handle TLS aspects of HTTPS."""
-
- rpki_certChain = None
- rpki_privateKey = None
- rpki_sessionCache = None
-
- def handshake(self, tlsConnection):
- """TLS handshake handler."""
- assert self.rpki_certChain is not None
- assert self.rpki_privateKey is not None
- assert self.rpki_sessionCache is not None
- try:
- # We could add a "settings = foo" argument to the following call
- # to pass in a tlslite.HandshakeSettings object that would let
- # us insist on, eg, particular SSL/TLS versions.
- tlsConnection.handshakeServer(certChain = self.rpki_certChain,
- privateKey = self.rpki_privateKey,
- sessionCache = self.rpki_sessionCache)
- tlsConnection.ignoreAbruptClose = True
- return True
- except tlslite.api.TLSError, error:
- rpki.log.warn("TLS handshake failure: " + str(error))
- return False
-
-def server(handlers, privateKey, certChain, port = 4433, host = ""):
- """Run an HTTPS server and wait (forever) for connections."""
-
- if not isinstance(handlers, (tuple, list)):
- handlers = (("/", handlers),)
-
- class boundRequestHandler(requestHandler):
- rpki_handlers = handlers
-
- httpd = httpServer((host, port), boundRequestHandler)
-
- httpd.rpki_privateKey = privateKey.get_tlslite()
- httpd.rpki_certChain = certChain.tlslite_certChain()
- httpd.rpki_sessionCache = tlslite.api.SessionCache()
-
- httpd.serve_forever()
diff --git a/scripts/rpki/ipaddrs.py b/scripts/rpki/ipaddrs.py
deleted file mode 100644
index 4de2f428..00000000
--- a/scripts/rpki/ipaddrs.py
+++ /dev/null
@@ -1,70 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Classes to represent IP addresses.
-
-Given some of the other operations we need to perform on them, it's
-most convenient to represent IP addresses as Python "long" values.
-The classes in this module just wrap suitable read/write syntax around
-the underlying "long" type.
-
-These classes also supply a "bits" attribute for use by other code
-built on these classes; for the most part, IPv6 addresses really are
-just IPv4 addresses with more bits, so we supply the number of bits
-once, here, thus avoiding a lot of duplicate code elsewhere.
-"""
-
-import socket, struct
-
-class v4addr(long):
- """IPv4 address.
-
- Derived from long, but supports IPv4 print syntax.
- """
-
- bits = 32
-
- def __new__(cls, x):
- """Construct a v4addr object."""
- if isinstance(x, str):
- x = ".".join(str(int(i)) for i in x.split("."))
- y = struct.unpack("!I", socket.inet_pton(socket.AF_INET, x))
- x = y[0]
- return long.__new__(cls, x)
-
- def __str__(self):
- """Convert a v4addr object to string format."""
- return socket.inet_ntop(socket.AF_INET, struct.pack("!I", long(self)))
-
-class v6addr(long):
- """IPv6 address.
-
- Derived from long, but supports IPv6 print syntax.
- """
-
- bits = 128
-
- def __new__(cls, x):
- """Construct a v6addr object."""
- if isinstance(x, str):
- y = struct.unpack("!QQ", socket.inet_pton(socket.AF_INET6, x))
- x = (y[0] << 64) | y[1]
- return long.__new__(cls, x)
-
- def __str__(self):
- """Convert a v6addr object to string format."""
- return socket.inet_ntop(socket.AF_INET6,
- struct.pack("!QQ", long(self) >> 64, long(self) & 0xFFFFFFFFFFFFFFFF))
diff --git a/scripts/rpki/left_right.py b/scripts/rpki/left_right.py
deleted file mode 100644
index 8a5e3433..00000000
--- a/scripts/rpki/left_right.py
+++ /dev/null
@@ -1,1002 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""RPKI "left-right" protocol."""
-
-import base64, lxml.etree, time, traceback, os
-import rpki.sax_utils, rpki.resource_set, rpki.x509, rpki.sql, rpki.exceptions
-import rpki.https, rpki.up_down, rpki.relaxng, rpki.sundial, rpki.log
-
-xmlns = "http://www.hactrn.net/uris/rpki/left-right-spec/"
-
-nsmap = { None : xmlns }
-
-class base_elt(object):
- """Virtual base type for left-right message elements."""
-
- attributes = ()
- elements = ()
- booleans = ()
-
- def startElement(self, stack, name, attrs):
- """Default startElement() handler: just process attributes."""
- self.read_attrs(attrs)
-
- def endElement(self, stack, name, text):
- """Default endElement() handler: just pop the stack."""
- stack.pop()
-
- def read_attrs(self, attrs):
- """Template-driven attribute reader."""
- for key in self.attributes:
- val = attrs.get(key, None)
- if isinstance(val, str) and val.isdigit():
- val = long(val)
- setattr(self, key, val)
- for key in self.booleans:
- setattr(self, key, attrs.get(key, False))
-
- def make_elt(self):
- """XML element constructor."""
- elt = lxml.etree.Element("{%s}%s" % (xmlns, self.element_name), nsmap = nsmap)
- for key in self.attributes:
- val = getattr(self, key, None)
- if val is not None:
- elt.set(key, str(val))
- for key in self.booleans:
- if getattr(self, key, False):
- elt.set(key, "yes")
- return elt
-
- def make_b64elt(self, elt, name, value = None):
- """Constructor for Base64-encoded subelement."""
- if value is None:
- value = getattr(self, name, None)
- if value is not None:
- lxml.etree.SubElement(elt, "{%s}%s" % (xmlns, name), nsmap = nsmap).text = base64.b64encode(value)
-
- def __str__(self):
- """Convert a base_elt object to string format."""
- lxml.etree.tostring(self.toXML(), pretty_print = True, encoding = "us-ascii")
-
-class data_elt(base_elt, rpki.sql.sql_persistant):
- """Virtual class for top-level left-right protocol data elements."""
-
- def self(this, gctx):
- """Fetch self object to which this object links."""
- return self_elt.sql_fetch(gctx, this.self_id)
-
- def bsc(self, gctx):
- """Return BSC object to which this object links."""
- return bsc_elt.sql_fetch(gctx, self.bsc_id)
-
- @classmethod
- def make_pdu(cls, **kargs):
- """Generic left-right PDU constructor."""
- self = cls()
- for k,v in kargs.items():
- setattr(self, k, v)
- return self
-
- def make_reply(self, r_pdu = None):
- """Construct a reply PDU."""
- if r_pdu is None:
- r_pdu = self.__class__()
- r_pdu.self_id = self.self_id
- setattr(r_pdu, self.sql_template.index, getattr(self, self.sql_template.index))
- else:
- for b in r_pdu.booleans:
- setattr(r_pdu, b, False)
- r_pdu.action = self.action
- r_pdu.type = "reply"
- r_pdu.tag = self.tag
- return r_pdu
-
- def serve_pre_save_hook(self, gctx, q_pdu, r_pdu):
- """Overridable hook."""
- pass
-
- def serve_post_save_hook(self, gctx, q_pdu, r_pdu):
- """Overridable hook."""
- pass
-
- def serve_create(self, gctx, r_msg):
- """Handle a create action."""
- r_pdu = self.make_reply()
- self.serve_pre_save_hook(gctx, self, r_pdu)
- self.sql_store(gctx)
- setattr(r_pdu, self.sql_template.index, getattr(self, self.sql_template.index))
- self.serve_post_save_hook(gctx, self, r_pdu)
- r_msg.append(r_pdu)
-
- def serve_fetch_one(self, gctx):
- """Find the object on which a get, set, or destroy method should
- operate. This is a separate method because the self object needs
- to override it.
- """
- where = self.sql_template.index + " = %s AND self_id = %s"
- args = (getattr(self, self.sql_template.index), self.self_id)
- r = self.sql_fetch_where1(gctx, where, args)
- if r is None:
- raise rpki.exceptions.NotFound, "Lookup failed where %s" + (where % args)
- return r
-
- def serve_set(self, gctx, r_msg):
- """Handle a set action."""
- db_pdu = self.serve_fetch_one(gctx)
- r_pdu = self.make_reply()
- for a in db_pdu.sql_template.columns[1:]:
- v = getattr(self, a)
- if v is not None:
- setattr(db_pdu, a, v)
- db_pdu.sql_mark_dirty()
- db_pdu.serve_pre_save_hook(gctx, self, r_pdu)
- db_pdu.sql_store(gctx)
- db_pdu.serve_post_save_hook(gctx, self, r_pdu)
- r_msg.append(r_pdu)
-
- def serve_get(self, gctx, r_msg):
- """Handle a get action."""
- r_pdu = self.serve_fetch_one(gctx)
- self.make_reply(r_pdu)
- r_msg.append(r_pdu)
-
- def serve_list(self, gctx, r_msg):
- """Handle a list action for non-self objects."""
- for r_pdu in self.sql_fetch_where(gctx, "self_id = %s", (self.self_id,)):
- self.make_reply(r_pdu)
- r_msg.append(r_pdu)
-
- def serve_destroy(self, gctx, r_msg):
- """Handle a destroy action."""
- db_pdu = self.serve_fetch_one(gctx)
- db_pdu.sql_delete(gctx)
- r_msg.append(self.make_reply())
-
- def serve_dispatch(self, gctx, r_msg):
- """Action dispatch handler."""
- dispatch = { "create" : self.serve_create,
- "set" : self.serve_set,
- "get" : self.serve_get,
- "list" : self.serve_list,
- "destroy" : self.serve_destroy }
- if self.type != "query" or self.action not in dispatch:
- raise rpki.exceptions.BadQuery, "Unexpected query: type %s, action %s" % (self.type, self.action)
- dispatch[self.action](gctx, r_msg)
-
- def unimplemented_control(self, *controls):
- """Uniform handling for unimplemented control operations."""
- unimplemented = [x for x in controls if getattr(self, x, False)]
- if unimplemented:
- raise rpki.exceptions.NotImplementedYet, "Unimplemented control %s" % ", ".join(unimplemented)
-
-class extension_preference_elt(base_elt):
- """Container for extension preferences."""
-
- element_name = "extension_preference"
- attributes = ("name",)
-
- def startElement(self, stack, name, attrs):
- """Handle <extension_preference/> elements."""
- assert name == "extension_preference", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
-
- def endElement(self, stack, name, text):
- """Handle <extension_preference/> elements."""
- self.value = text
- stack.pop()
-
- def toXML(self):
- """Generate <extension_preference/> elements."""
- elt = self.make_elt()
- elt.text = self.value
- return elt
-
-class self_elt(data_elt):
- """<self/> element."""
-
- element_name = "self"
- attributes = ("action", "type", "tag", "self_id", "crl_interval")
- elements = ("extension_preference",)
- booleans = ("rekey", "reissue", "revoke", "run_now", "publish_world_now", "clear_extension_preferences")
-
- sql_template = rpki.sql.template("self", "self_id", "use_hsm", "crl_interval")
-
- self_id = None
- use_hsm = False
- crl_interval = None
-
- def __init__(self):
- """Initialize a self_elt."""
- self.prefs = []
-
- def sql_fetch_hook(self, gctx):
- """Extra SQL fetch actions for self_elt -- handle extension preferences."""
- gctx.cur.execute("SELECT pref_name, pref_value FROM self_pref WHERE self_id = %s", (self.self_id,))
- for name, value in gctx.cur.fetchall():
- e = extension_preference_elt()
- e.name = name
- e.value = value
- self.prefs.append(e)
-
- def sql_insert_hook(self, gctx):
- """Extra SQL insert actions for self_elt -- handle extension preferences."""
- if self.prefs:
- gctx.cur.executemany("INSERT self_pref (self_id, pref_name, pref_value) VALUES (%s, %s, %s)",
- ((e.name, e.value, self.self_id) for e in self.prefs))
-
- def sql_delete_hook(self, gctx):
- """Extra SQL delete actions for self_elt -- handle extension preferences."""
- gctx.cur.execute("DELETE FROM self_pref WHERE self_id = %s", (self.self_id,))
-
- def bscs(self, gctx):
- """Fetch all BSC objects that link to this self object."""
- return bsc_elt.sql_fetch_where(gctx, "self_id = %s", (self.self_id,))
-
- def repositories(self, gctx):
- """Fetch all repository objects that link to this self object."""
- return repository_elt.sql_fetch_where(gctx, "self_id = %s", (self.self_id,))
-
- def parents(self, gctx):
- """Fetch all parent objects that link to this self object."""
- return parent_elt.sql_fetch_where(gctx, "self_id = %s", (self.self_id,))
-
- def children(self, gctx):
- """Fetch all child objects that link to this self object."""
- return child_elt.sql_fetch_where(gctx, "self_id = %s", (self.self_id,))
-
- def route_origins(self, gctx):
- """Fetch all route_origin objects that link to this self object."""
- return route_origin_elt.sql_fetch_where(gctx, "self_id = %s", (self.self_id,))
-
- def serve_pre_save_hook(self, gctx, q_pdu, r_pdu):
- """Extra server actions for self_elt -- handle extension preferences."""
- rpki.log.trace()
- if self is not q_pdu:
- if q_pdu.clear_extension_preferences:
- self.prefs = []
- self.prefs.extend(q_pdu.prefs)
-
- def serve_post_save_hook(self, gctx, q_pdu, r_pdu):
- """Extra server actions for self_elt."""
- rpki.log.trace()
- if q_pdu.rekey:
- self.serve_rekey(gctx)
- if q_pdu.revoke:
- self.serve_revoke(gctx)
- self.unimplemented_control("reissue", "run_now", "publish_world_now")
-
- def serve_rekey(self, gctx):
- """Handle a left-right rekey action for this self."""
- rpki.log.trace()
- for parent in self.parents(gctx):
- parent.serve_rekey(gctx)
-
- def serve_revoke(self, gctx):
- """Handle a left-right revoke action for this self."""
- rpki.log.trace()
- for parent in self.parents(gctx):
- parent.serve_revoke(gctx)
-
- def serve_fetch_one(self, gctx):
- """Find the self object on which a get, set, or destroy method
- should operate.
- """
- r = self.sql_fetch(gctx, self.self_id)
- if r is None:
- raise rpki.exceptions.NotFound
- return r
-
- def serve_list(self, gctx, r_msg):
- """Handle a list action for self objects. This is different from
- the list action for all other objects, where list only works
- within a given self_id context.
- """
- for r_pdu in self.sql_fetch_all(gctx):
- self.make_reply(r_pdu)
- r_msg.append(r_pdu)
-
- def startElement(self, stack, name, attrs):
- """Handle <self/> element."""
- if name == "extension_preference":
- pref = extension_preference_elt()
- self.prefs.append(pref)
- stack.append(pref)
- pref.startElement(stack, name, attrs)
- else:
- assert name == "self", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
-
- def endElement(self, stack, name, text):
- """Handle <self/> element."""
- assert name == "self", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
-
- def toXML(self):
- """Generate <self/> element."""
- elt = self.make_elt()
- elt.extend([i.toXML() for i in self.prefs])
- return elt
-
- def client_poll(self, gctx):
- """Run the regular client poll cycle with each of this self's parents in turn."""
-
- rpki.log.trace()
-
- for parent in self.parents(gctx):
-
- # This will need a callback when we go event-driven
- r_msg = rpki.up_down.list_pdu.query(gctx, parent)
-
- ca_map = dict((ca.parent_resource_class, ca) for ca in parent.cas(gctx))
- for rc in r_msg.payload.classes:
- if rc.class_name in ca_map:
- ca = ca_map[rc.class_name]
- del ca_map[rc.class_name]
- ca.check_for_updates(gctx, parent, rc)
- else:
- rpki.sql.ca_obj.create(gctx, parent, rc)
- for ca in ca_map.values():
- ca.delete(gctx, parent) # CA not listed by parent
- rpki.sql.sql_sweep(gctx)
-
- def update_children(self, gctx):
- """Check for updated IRDB data for all of this self's children and
- issue new certs as necessary. Must handle changes both in
- resources and in expiration date.
- """
-
- rpki.log.trace()
-
- now = rpki.sundial.datetime.utcnow()
-
- for child in self.children(gctx):
- child_certs = child.child_certs(gctx)
- if not child_certs:
- continue
-
- # This will require a callback when we go event-driven
- irdb_resources = rpki.left_right.irdb_query(gctx, child.self_id, child.child_id)
-
- for child_cert in child_certs:
- ca_detail = child_cert.ca_detail(gctx)
- if ca_detail.state != "active":
- continue
- old_resources = child_cert.cert.get_3779resources()
- new_resources = irdb_resources.intersection(old_resources)
- if old_resources != new_resources:
- rpki.log.debug("Need to reissue %s" % repr(child_cert))
- child_cert.reissue(
- gctx = gctx,
- ca_detail = ca_detail,
- resources = new_resources)
- elif old_resources.valid_until < now:
- parent = ca.parent(gctx)
- repository = parent.repository(gctx)
- child_cert.sql_delete(gctx)
- ca_detail.generate_manifest(gctx)
- repository.withdraw(gctx, child_cert.cert, child_cert.uri(ca))
-
- def regenerate_crls_and_manifests(self, gctx):
- """Generate new CRLs and manifests as necessary for all of this
- self's CAs. Extracting nextUpdate from a manifest is hard at the
- moment due to implementation silliness, so for now we generate a
- new manifest whenever we generate a new CRL
-
- This method also cleans up tombstones left behind by revoked
- ca_detail objects, since we're walking through the relevant
- portions of the database anyway.
- """
-
- rpki.log.trace()
-
- now = rpki.sundial.datetime.utcnow()
- for parent in self.parents(gctx):
- repository = parent.repository(gctx)
- for ca in parent.cas(gctx):
- for ca_detail in ca.fetch_revoked(gctx):
- if now > ca_detail.latest_crl.getNextUpdate():
- ca_detail.delete(gctx, ca, repository)
- ca_detail = ca.fetch_active(gctx)
- if now > ca_detail.latest_crl.getNextUpdate():
- ca_detail.generate_crl(gctx)
- ca_detail.generate_manifest(gctx)
-
-class bsc_elt(data_elt):
- """<bsc/> (Business Signing Context) element."""
-
- element_name = "bsc"
- attributes = ("action", "type", "tag", "self_id", "bsc_id", "key_type", "hash_alg", "key_length")
- elements = ('signing_cert',)
- booleans = ("generate_keypair", "clear_signing_certs")
-
- sql_template = rpki.sql.template("bsc", "bsc_id", "self_id",
- ("public_key", rpki.x509.RSApublic),
- ("private_key_id", rpki.x509.RSA), "hash_alg")
-
- pkcs10_cert_request = None
- public_key = None
- private_key_id = None
-
- def __init__(self):
- """Initialize bsc_elt."""
- self.signing_cert = rpki.x509.X509_chain()
-
- def sql_fetch_hook(self, gctx):
- """Extra SQL fetch actions for bsc_elt -- handle signing certs."""
- gctx.cur.execute("SELECT cert FROM bsc_cert WHERE bsc_id = %s", (self.bsc_id,))
- self.signing_cert[:] = [rpki.x509.X509(DER = x) for (x,) in gctx.cur.fetchall()]
-
- def sql_insert_hook(self, gctx):
- """Extra SQL insert actions for bsc_elt -- handle signing certs."""
- if self.signing_cert:
- gctx.cur.executemany("INSERT bsc_cert (cert, bsc_id) VALUES (%s, %s)",
- ((x.get_DER(), self.bsc_id) for x in self.signing_cert))
-
- def sql_delete_hook(self, gctx):
- """Extra SQL delete actions for bsc_elt -- handle signing certs."""
- gctx.cur.execute("DELETE FROM bsc_cert WHERE bsc_id = %s", (self.bsc_id,))
-
- def repositories(self, gctx):
- """Fetch all repository objects that link to this BSC object."""
- return repository_elt.sql_fetch_where(gctx, "bsc_id = %s", (self.bsc_id,))
-
- def parents(self, gctx):
- """Fetch all parent objects that link to this BSC object."""
- return parent_elt.sql_fetch_where(gctx, "bsc_id = %s", (self.bsc_id,))
-
- def children(self, gctx):
- """Fetch all child objects that link to this BSC object."""
- return child_elt.sql_fetch_where(gctx, "bsc_id = %s", (self.bsc_id,))
-
- def serve_pre_save_hook(self, gctx, q_pdu, r_pdu):
- """Extra server actions for bsc_elt -- handle signing certs and key generation."""
- if self is not q_pdu:
- if q_pdu.clear_signing_certs:
- self.signing_cert[:] = []
- self.signing_cert.extend(q_pdu.signing_cert)
- if q_pdu.generate_keypair:
- #
- # For the moment we only support 2048-bit RSA with SHA-256, no
- # HSM. Assertion just checks that the schema hasn't changed out
- # from under this code.
- #
- assert (q_pdu.key_type is None or q_pdu.key_type == "rsa") and \
- (q_pdu.hash_alg is None or q_pdu.hash_alg == "sha256") and \
- (q_pdu.key_length is None or q_pdu.key_length == 2048)
- keypair = rpki.x509.RSA()
- keypair.generate()
- self.private_key_id = keypair
- self.public_key = keypair.get_RSApublic()
- r_pdu.pkcs10_cert_request = rpki.x509.PKCS10.create(keypair)
-
- def startElement(self, stack, name, attrs):
- """Handle <bsc/> element."""
- if not name in ("signing_cert", "public_key", "pkcs10_cert_request"):
- assert name == "bsc", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
-
- def endElement(self, stack, name, text):
- """Handle <bsc/> element."""
- if name == "signing_cert":
- self.signing_cert.append(rpki.x509.X509(Base64 = text))
- elif name == "public_key":
- self.public_key = rpki.x509.RSApublic(Base64 = text)
- elif name == "pkcs10_cert_request":
- self.pkcs10_cert_request = rpki.x509.PKCS10(Base64 = text)
- else:
- assert name == "bsc", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
-
- def toXML(self):
- """Generate <bsc/> element."""
- elt = self.make_elt()
- for cert in self.signing_cert:
- self.make_b64elt(elt, "signing_cert", cert.get_DER())
- if self.pkcs10_cert_request is not None:
- self.make_b64elt(elt, "pkcs10_cert_request", self.pkcs10_cert_request.get_DER())
- if self.public_key is not None:
- self.make_b64elt(elt, "public_key", self.public_key.get_DER())
- return elt
-
-class parent_elt(data_elt):
- """<parent/> element."""
-
- element_name = "parent"
- attributes = ("action", "type", "tag", "self_id", "parent_id", "bsc_id", "repository_id",
- "peer_contact_uri", "sia_base", "sender_name", "recipient_name")
- elements = ("cms_ta", "https_ta")
- booleans = ("rekey", "reissue", "revoke")
-
- sql_template = rpki.sql.template("parent", "parent_id", "self_id", "bsc_id", "repository_id",
- ("cms_ta", rpki.x509.X509), ("https_ta", rpki.x509.X509),
- "peer_contact_uri", "sia_base", "sender_name", "recipient_name")
-
- cms_ta = None
- https_ta = None
-
- def repository(self, gctx):
- """Fetch repository object to which this parent object links."""
- return repository_elt.sql_fetch(gctx, self.repository_id)
-
- def cas(self, gctx):
- """Fetch all CA objects that link to this parent object."""
- return rpki.sql.ca_obj.sql_fetch_where(gctx, "parent_id = %s", (self.parent_id,))
-
- def serve_post_save_hook(self, gctx, q_pdu, r_pdu):
- """Extra server actions for parent_elt."""
- if q_pdu.rekey:
- self.serve_rekey(gctx)
- if q_pdu.revoke:
- self.serve_revoke(gctx)
- self.unimplemented_control("reissue")
-
- def serve_rekey(self, gctx):
- """Handle a left-right rekey action for this parent."""
- for ca in self.cas(gctx):
- ca.rekey(gctx)
-
- def serve_revoke(self, gctx):
- """Handle a left-right revoke action for this parent."""
- for ca in self.cas(gctx):
- ca.revoke(gctx)
-
- def startElement(self, stack, name, attrs):
- """Handle <parent/> element."""
- if name not in ("cms_ta", "https_ta"):
- assert name == "parent", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
-
- def endElement(self, stack, name, text):
- """Handle <parent/> element."""
- if name == "cms_ta":
- self.cms_ta = rpki.x509.X509(Base64 = text)
- elif name == "https_ta":
- self.https_ta = rpki.x509.X509(Base64 = text)
- else:
- assert name == "parent", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
-
- def toXML(self):
- """Generate <parent/> element."""
- elt = self.make_elt()
- if self.cms_ta and not self.cms_ta.empty():
- self.make_b64elt(elt, "cms_ta", self.cms_ta.get_DER())
- if self.https_ta and not self.https_ta.empty():
- self.make_b64elt(elt, "https_ta", self.https_ta.get_DER())
- return elt
-
- def query_up_down(self, gctx, q_pdu):
- """Client code for sending one up-down query PDU to this parent.
-
- I haven't figured out yet whether this method should do something
- clever like dispatching via a method in the response PDU payload,
- or just hand back the whole response to the caller. In the long
- run this will have to become event driven with a context object
- that has methods of its own, but as this method is common code for
- several different queries and I don't yet know what the response
- processing looks like, it's too soon to tell what will make sense.
-
- For now, keep this dead simple lock step, rewrite it later.
- """
-
- rpki.log.trace()
-
- bsc = self.bsc(gctx)
- if bsc is None:
- raise rpki.exceptions.BSCNotFound, "Could not find BSC %s" % self.bsc_id
- q_msg = rpki.up_down.message_pdu.make_query(
- payload = q_pdu,
- sender = self.sender_name,
- recipient = self.recipient_name)
- q_elt = q_msg.toXML()
- try:
- rpki.relaxng.up_down.assertValid(q_elt)
- except lxml.etree.DocumentInvalid:
- rpki.log.error("Message does not pass schema check: " + lxml.etree.tostring(q_elt, pretty_print = True))
- raise
- q_cms = rpki.cms.xml_sign(q_elt, bsc.private_key_id, bsc.signing_cert, encoding = "UTF-8")
- r_cms = rpki.https.client(x509TrustList = rpki.x509.X509_chain(self.https_ta),
- privateKey = gctx.https_key,
- certChain = gctx.https_certs,
- msg = q_cms,
- url = self.peer_contact_uri)
- r_elt = rpki.cms.xml_verify(r_cms, self.cms_ta)
- rpki.relaxng.up_down.assertValid(r_elt)
- r_msg = rpki.up_down.sax_handler.saxify(r_elt)
- r_msg.payload.check_response()
- return r_msg
-
-
-class child_elt(data_elt):
- """<child/> element."""
-
- element_name = "child"
- attributes = ("action", "type", "tag", "self_id", "child_id", "bsc_id")
- elements = ("cms_ta",)
- booleans = ("reissue", )
-
- sql_template = rpki.sql.template("child", "child_id", "self_id", "bsc_id", ("cms_ta", rpki.x509.X509))
-
- cms_ta = None
-
- def child_certs(self, gctx, ca_detail = None, ski = None, revoked = False, unique = False):
- """Fetch all child_cert objects that link to this child object."""
- return rpki.sql.child_cert_obj.fetch(gctx, self, ca_detail, ski, revoked, unique)
-
- def parents(self, gctx):
- """Fetch all parent objects that link to self object to which this child object links."""
- return parent_elt.sql_fetch_where(gctx, "self_id = %s", (self.self_id,))
-
- def ca_from_class_name(self, gctx, class_name):
- """Fetch the CA corresponding to an up-down class_name."""
- if not class_name.isdigit():
- raise rpki.exceptions.BadClassNameSyntax, "Bad class name %s" % class_name
- ca = rpki.sql.ca_obj.sql_fetch(gctx, long(class_name))
- parent = ca.parent(gctx)
- if self.self_id != parent.self_id:
- raise rpki.exceptions.ClassNameMismatch, "child.self_id = %d, parent.self_id = %d" % (self.self_id, parent.self_id)
- return ca
-
- def serve_post_save_hook(self, gctx, q_pdu, r_pdu):
- """Extra server actions for child_elt."""
- self.unimplemented_control("reissue")
-
- def startElement(self, stack, name, attrs):
- """Handle <child/> element."""
- if name != "cms_ta":
- assert name == "child", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
-
- def endElement(self, stack, name, text):
- """Handle <child/> element."""
- if name == "cms_ta":
- self.cms_ta = rpki.x509.X509(Base64 = text)
- else:
- assert name == "child", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
-
- def toXML(self):
- """Generate <child/> element."""
- elt = self.make_elt()
- if self.cms_ta:
- self.make_b64elt(elt, "cms_ta", self.cms_ta.get_DER())
- return elt
-
- def serve_up_down(self, gctx, query):
- """Outer layer of server handling for one up-down PDU from this child."""
-
- rpki.log.trace()
-
- bsc = self.bsc(gctx)
- if bsc is None:
- raise rpki.exceptions.BSCNotFound, "Could not find BSC %s" % self.bsc_id
- q_elt = rpki.cms.xml_verify(query, self.cms_ta)
- rpki.relaxng.up_down.assertValid(q_elt)
- q_msg = rpki.up_down.sax_handler.saxify(q_elt)
- #if q_msg.sender != str(self.child_id):
- # raise rpki.exceptions.BadSender, "Unexpected XML sender %s" % q_msg.sender
- try:
- r_msg = q_msg.serve_top_level(gctx, self)
- except Exception, data:
- rpki.log.error(traceback.format_exc())
- r_msg = q_msg.serve_error(data)
- #
- # Exceptions from this point on are problematic, as we have no
- # sane way of reporting errors in the error reporting mechanism.
- # May require refactoring, ignore the issue for now.
- #
- r_elt = r_msg.toXML()
- try:
- rpki.relaxng.up_down.assertValid(r_elt)
- except:
- rpki.log.debug(lxml.etree.tostring(r_elt, pretty_print = True, encoding = "UTF-8"))
- rpki.log.error(traceback.format_exc())
- raise
- return rpki.cms.xml_sign(r_elt, bsc.private_key_id, bsc.signing_cert, encoding = "UTF-8")
-
-class repository_elt(data_elt):
- """<repository/> element."""
-
- element_name = "repository"
- attributes = ("action", "type", "tag", "self_id", "repository_id", "bsc_id", "peer_contact_uri")
- elements = ("cms_ta", "https_ta")
-
- sql_template = rpki.sql.template("repository", "repository_id", "self_id", "bsc_id",
- ("cms_ta", rpki.x509.X509), "peer_contact_uri",
- ("https_ta", rpki.x509.X509))
-
- cms_ta = None
- https_ta = None
-
- def parents(self, gctx):
- """Fetch all parent objects that link to this repository object."""
- return parent_elt.sql_fetch_where(gctx, "repository_id = %s", (self.repository_id,))
-
- def startElement(self, stack, name, attrs):
- """Handle <repository/> element."""
- if name not in ("cms_ta", "https_ta"):
- assert name == "repository", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
-
- def endElement(self, stack, name, text):
- """Handle <repository/> element."""
- if name == "cms_ta":
- self.cms_ta = rpki.x509.X509(Base64 = text)
- elif name == "https_ta":
- self.https_ta = rpki.x509.X509(Base64 = text)
- else:
- assert name == "repository", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
-
- def toXML(self):
- """Generate <repository/> element."""
- elt = self.make_elt()
- if self.cms_ta:
- self.make_b64elt(elt, "cms_ta", self.cms_ta.get_DER())
- if self.https_ta:
- self.make_b64elt(elt, "https_ta", self.https_ta.get_DER())
- return elt
-
- @staticmethod
- def uri_to_filename(base, uri):
- """Convert a URI to a filename. [TEMPORARY]"""
- if not uri.startswith("rsync://"):
- raise rpki.exceptions.BadURISyntax
- filename = base + uri[len("rsync://"):]
- if filename.find("//") >= 0 or filename.find("/../") >= 0 or filename.endswith("/.."):
- raise rpki.exceptions.BadURISyntax
- return filename
-
- @classmethod
- def object_write(cls, base, uri, obj):
- """Write an object to disk. [TEMPORARY]"""
- rpki.log.trace()
- filename = cls.uri_to_filename(base, uri)
- dirname = os.path.dirname(filename)
- if not os.path.isdir(dirname):
- os.makedirs(dirname)
- f = open(filename, "wb")
- f.write(obj.get_DER())
- f.close()
-
- @classmethod
- def object_delete(cls, base, uri):
- """Delete an object from disk. [TEMPORARY]"""
- rpki.log.trace()
- os.remove(cls.uri_to_filename(base, uri))
-
- def publish(self, gctx, obj, uri):
- """Placeholder for publication operation. [TEMPORARY]"""
- rpki.log.trace()
- rpki.log.info("Publishing %s to repository %s at %s" % (repr(obj), repr(self), repr(uri)))
- self.object_write(gctx.publication_kludge_base, uri, obj)
-
- def withdraw(self, gctx, obj, uri):
- """Placeholder for publication withdrawal operation. [TEMPORARY]"""
- rpki.log.trace()
- rpki.log.info("Withdrawing %s from repository %s at %s" % (repr(obj), repr(self), repr(uri)))
- self.object_delete(gctx.publication_kludge_base, uri)
-
-class route_origin_elt(data_elt):
- """<route_origin/> element."""
-
- element_name = "route_origin"
- attributes = ("action", "type", "tag", "self_id", "route_origin_id", "as_number", "ipv4", "ipv6")
- booleans = ("suppress_publication",)
-
- sql_template = rpki.sql.template("route_origin", "route_origin_id", "self_id", "as_number",
- "ca_detail_id", "roa")
-
- ca_detail_id = None
- roa = None
-
- def sql_fetch_hook(self, gctx):
- """Extra SQL fetch actions for route_origin_elt -- handle address ranges."""
- self.ipv4 = rpki.resource_set.resource_set_ipv4.from_sql(gctx.cur, """
- SELECT start_ip, end_ip FROM route_origin_range
- WHERE route_origin_id = %s AND start_ip NOT LIKE '%:%'
- """, (self.route_origin_id,))
- self.ipv6 = rpki.resource_set.resource_set_ipv6.from_sql(gctx.cur, """
- SELECT start_ip, end_ip FROM route_origin_range
- WHERE route_origin_id = %s AND start_ip LIKE '%:%'
- """, (self.route_origin_id,))
-
- def sql_insert_hook(self, gctx):
- """Extra SQL insert actions for route_origin_elt -- handle address ranges."""
- if self.ipv4 + self.ipv6:
- gctx.cur.executemany("""
- INSERT route_origin_range (route_origin_id, start_ip, end_ip)
- VALUES (%s, %s, %s)""",
- ((self.route_origin_id, x.min, x.max) for x in self.ipv4 + self.ipv6))
-
- def sql_delete_hook(self, gctx):
- """Extra SQL delete actions for route_origin_elt -- handle address ranges."""
- gctx.cur.execute("DELETE FROM route_origin_range WHERE route_origin_id = %s", (self.route_origin_id,))
-
- def ca_detail(self, gctx):
- """Fetch all ca_detail objects that link to this route_origin object."""
- return rpki.sql.ca_detail_obj.sql_fetch(gctx, self.ca_detail_id)
-
- def serve_post_save_hook(self, gctx, q_pdu, r_pdu):
- """Extra server actions for route_origin_elt."""
- self.unimplemented_control("suppress_publication")
-
- def startElement(self, stack, name, attrs):
- """Handle <route_origin/> element."""
- assert name == "route_origin", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
- if self.as_number is not None:
- self.as_number = long(self.as_number)
- if self.ipv4 is not None:
- self.ipv4 = rpki.resource_set.resource_set_ipv4(self.ipv4)
- if self.ipv6 is not None:
- self.ipv6 = rpki.resource_set.resource_set_ipv6(self.ipv4)
-
- def endElement(self, stack, name, text):
- """Handle <route_origin/> element."""
- assert name == "route_origin", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
-
- def toXML(self):
- """Generate <route_origin/> element."""
- return self.make_elt()
-
-class list_resources_elt(base_elt):
- """<list_resources/> element."""
-
- element_name = "list_resources"
- attributes = ("type", "self_id", "tag", "child_id", "valid_until", "as", "ipv4", "ipv6", "subject_name")
- valid_until = None
-
- def startElement(self, stack, name, attrs):
- """Handle <list_resources/> element."""
- assert name == "list_resources", "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
- if isinstance(self.valid_until, str):
- self.valid_until = rpki.sundial.datetime.fromXMLtime(self.valid_until)
- if self.as is not None:
- self.as = rpki.resource_set.resource_set_as(self.as)
- if self.ipv4 is not None:
- self.ipv4 = rpki.resource_set.resource_set_ipv4(self.ipv4)
- if self.ipv6 is not None:
- self.ipv6 = rpki.resource_set.resource_set_ipv6(self.ipv6)
-
- def toXML(self):
- """Generate <list_resources/> element."""
- elt = self.make_elt()
- if isinstance(self.valid_until, int):
- elt.set("valid_until", self.valid_until.toXMLtime())
- return elt
-
-class report_error_elt(base_elt):
- """<report_error/> element."""
-
- element_name = "report_error"
- attributes = ("tag", "self_id", "error_code")
-
- def startElement(self, stack, name, attrs):
- """Handle <report_error/> element."""
- assert name == self.element_name, "Unexpected name %s, stack %s" % (name, stack)
- self.read_attrs(attrs)
-
- def toXML(self):
- """Generate <report_error/> element."""
- return self.make_elt()
-
- @classmethod
- def from_exception(cls, exc, self_id = None):
- """Generate a <report_error/> element from an exception."""
- self = cls()
- self.self_id = self_id
- self.error_code = exc.__class__.__name__
- return self
-
-class msg(list):
- """Left-right PDU."""
-
- ## @var version
- # Protocol version
- version = 1
-
- ## @var pdus
- # Dispatch table of PDUs for this protocol.
- pdus = dict((x.element_name, x)
- for x in (self_elt, child_elt, parent_elt, bsc_elt, repository_elt,
- route_origin_elt, list_resources_elt, report_error_elt))
-
- def startElement(self, stack, name, attrs):
- """Handle left-right PDU."""
- if name == "msg":
- assert self.version == int(attrs["version"])
- else:
- elt = self.pdus[name]()
- self.append(elt)
- stack.append(elt)
- elt.startElement(stack, name, attrs)
-
- def endElement(self, stack, name, text):
- """Handle left-right PDU."""
- assert name == "msg", "Unexpected name %s, stack %s" % (name, stack)
- assert len(stack) == 1
- stack.pop()
-
- def __str__(self):
- """Convert msg object to string."""
- lxml.etree.tostring(self.toXML(), pretty_print = True, encoding = "us-ascii")
-
- def toXML(self):
- """Generate left-right PDU."""
- elt = lxml.etree.Element("{%s}msg" % (xmlns), nsmap = nsmap, version = str(self.version))
- elt.extend([i.toXML() for i in self])
- return elt
-
- def serve_top_level(self, gctx):
- """Serve one msg PDU."""
- r_msg = self.__class__()
- for q_pdu in self:
- q_pdu.serve_dispatch(gctx, r_msg)
- return r_msg
-
-class sax_handler(rpki.sax_utils.handler):
- """SAX handler for Left-Right protocol."""
-
- ## @var pdu
- # Top-level PDU class
- pdu = msg
-
- def create_top_level(self, name, attrs):
- """Top-level PDU for this protocol is <msg/>."""
- assert name == "msg" and attrs["version"] == "1"
- return self.pdu()
-
-def irdb_query(gctx, self_id, child_id = None):
- """Perform an IRDB callback query. In the long run this should not
- be a blocking routine, it should instead issue a query and set up a
- handler to receive the response. For the moment, though, we are
- doing simple lock step and damn the torpedos. Not yet doing
- anything useful with subject name. Most likely this function should
- really be wrapped up in a class that carries both the query result
- and also the intermediate state needed for the event-driven code
- that this function will need to become.
- """
-
- rpki.log.trace()
-
- q_msg = msg()
- q_msg.append(list_resources_elt())
- q_msg[0].type = "query"
- q_msg[0].self_id = self_id
- q_msg[0].child_id = child_id
- q_elt = q_msg.toXML()
- rpki.relaxng.left_right.assertValid(q_elt)
- q_cms = rpki.cms.xml_sign(q_elt, gctx.cms_key, gctx.cms_certs)
- r_cms = rpki.https.client(
- privateKey = gctx.https_key,
- certChain = gctx.https_certs,
- x509TrustList = gctx.https_ta,
- url = gctx.irdb_url,
- msg = q_cms)
- r_elt = rpki.cms.xml_verify(r_cms, gctx.cms_ta_irdb)
- rpki.relaxng.left_right.assertValid(r_elt)
- r_msg = rpki.left_right.sax_handler.saxify(r_elt)
- if len(r_msg) == 0 or not isinstance(r_msg[0], list_resources_elt) or r_msg[0].type != "reply":
- raise rpki.exceptions.BadIRDBReply, "Unexpected response to IRDB query: %s" % lxml.etree.tostring(r_msg.toXML(), pretty_print = True, encoding = "us-ascii")
- return rpki.resource_set.resource_bag(
- as = r_msg[0].as,
- v4 = r_msg[0].ipv4,
- v6 = r_msg[0].ipv6,
- valid_until = r_msg[0].valid_until)
diff --git a/scripts/rpki/log.py b/scripts/rpki/log.py
deleted file mode 100644
index 1f85f667..00000000
--- a/scripts/rpki/log.py
+++ /dev/null
@@ -1,54 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Logging facilities for RPKI libraries.
-"""
-
-import syslog, traceback
-
-enable_trace = False
-
-def init(ident = "rpki", flags = syslog.LOG_PID | syslog.LOG_PERROR, facility = syslog.LOG_DAEMON):
- """Initialize logging system."""
-
- return syslog.openlog(ident, flags, facility)
-
-def set_trace(trace):
- """Enable or disable call tracing."""
-
- global enable_trace
- enable_trace = trace
-
-class logger(object):
- """Closure for logging."""
-
- def __init__(self, priority):
- self.priority = priority
-
- def __call__(self, message):
- return syslog.syslog(self.priority, message)
-
-error = logger(syslog.LOG_ERR)
-warn = logger(syslog.LOG_WARNING)
-note = logger(syslog.LOG_NOTICE)
-info = logger(syslog.LOG_INFO)
-debug = logger(syslog.LOG_DEBUG)
-
-def trace():
- """Execution trace -- where are we now, and whence came we here?"""
- if enable_trace:
- bt = traceback.extract_stack(limit = 3)
- return debug("[%s() at %s:%d from %s:%d]" % (bt[1][2], bt[1][0], bt[1][1], bt[0][0], bt[0][1]))
diff --git a/scripts/rpki/manifest.py b/scripts/rpki/manifest.py
deleted file mode 100644
index c219cc8f..00000000
--- a/scripts/rpki/manifest.py
+++ /dev/null
@@ -1,53 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Signed manifests. This is just the ASN.1 encoder, the rest is in
-rpki.x509 with the rest of the DER_object code.
-
-Note that rpki.x509.SignedManifest implements the signed manifest;
-the structures here are just the payload of the CMS eContent field.
-"""
-
-from POW._der import *
-
-class FileAndHash(Sequence):
- def __init__(self, optional=0, default=''):
- self.file = IA5String()
- self.hash = AltBitString()
- contents = [ self.file, self.hash ]
- Sequence.__init__(self, contents, optional, default)
-
-class FilesAndHashes(SequenceOf):
- def __init__(self, optional=0, default=''):
- SequenceOf.__init__(self, FileAndHash, optional, default)
-
-class Manifest(Sequence):
- def __init__(self, optional=0, default=''):
- self.version = Integer()
- self.explicitVersion = Explicit(CLASS_CONTEXT, FORM_CONSTRUCTED, 0, self.version, 0, 'oAMCAQA=')
- self.manifestNumber = Integer()
- self.thisUpdate = GeneralizedTime()
- self.nextUpdate = GeneralizedTime()
- self.fileHashAlg = Oid()
- self.fileList = FilesAndHashes()
-
- contents = [ self.explicitVersion,
- self.manifestNumber,
- self.thisUpdate,
- self.nextUpdate,
- self.fileHashAlg,
- self.fileList ]
- Sequence.__init__(self, contents, optional, default)
diff --git a/scripts/rpki/oids.py b/scripts/rpki/oids.py
deleted file mode 100644
index 4e08aef7..00000000
--- a/scripts/rpki/oids.py
+++ /dev/null
@@ -1,49 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""OID database."""
-
-## @var oid2name
-# Mapping table of OIDs to conventional string names.
-
-oid2name = {
- (1, 2, 840, 113549, 1, 1, 11) : "sha256WithRSAEncryption",
- (1, 2, 840, 113549, 1, 1, 12) : "sha384WithRSAEncryption",
- (1, 2, 840, 113549, 1, 1, 13) : "sha512WithRSAEncryption",
- (1, 3, 6, 1, 5, 5, 7, 1, 1) : "authorityInfoAccess",
- (1, 3, 6, 1, 5, 5, 7, 1, 11) : "subjectInfoAccess",
- (1, 3, 6, 1, 5, 5, 7, 1, 7) : "sbgp-ipAddrBlock",
- (1, 3, 6, 1, 5, 5, 7, 1, 8) : "sbgp-autonomousSysNum",
- (1, 3, 6, 1, 5, 5, 7, 14, 2) : "id-cp-ipAddr-asNumber",
- (1, 3, 6, 1, 5, 5, 7, 48, 2) : "id-ad-caIssuers",
- (1, 3, 6, 1, 5, 5, 7, 48, 5) : "id-ad-caRepository",
- (1, 3, 6, 1, 5, 5, 7, 48, 9) : "id-ad-signedObjectRepository",
- (1, 3, 6, 1, 5, 5, 7, 48, 10) : "id-ad-rpkiManifest",
- (1, 3, 6, 1, 5, 5, 7, 48, 11) : "id-ad-signedObject",
- (2, 5, 29, 14) : "subjectKeyIdentifier",
- (2, 5, 29, 15) : "keyUsage",
- (2, 5, 29, 19) : "basicConstraints",
- (2, 5, 29, 20) : "cRLNumber",
- (2, 5, 29, 31) : "cRLDistributionPoints",
- (2, 5, 29, 32) : "certificatePolicies",
- (2, 5, 29, 35) : "authorityKeyIdentifier",
- (2, 5, 4, 3) : "commonName",
-}
-
-## @var name2oid
-# Mapping table of string names to OIDs
-
-name2oid = dict((v,k) for k,v in oid2name.items())
diff --git a/scripts/rpki/pkcs10.py b/scripts/rpki/pkcs10.py
deleted file mode 100644
index 9ed38470..00000000
--- a/scripts/rpki/pkcs10.py
+++ /dev/null
@@ -1,62 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Old code to generate PKCS #10 certification requests.
-
-This has been replaced by direct support for PKCS #10 in my hacked
-version of the POW package. This module will go away eventually, I'm
-just keeping it around in case I discover some horrible bug in the new
-code that would make me want to fall back to this.
-"""
-
-raise NotImplementedError, "You shouldn't be using this module anymore, see rpki.x509.PKCS10"
-
-import POW, rpki.x509, os, rpki.exceptions, binascii
-
-req_fmt = '''
-[ req ]
-distinguished_name = req_dn
-default_md = sha256
-prompt = no
-
-[ req_dn ]
-CN = %s
-'''
-
-def make_request(keypair):
- """Generate a PKCS #10 request."""
-
- digest = POW.Digest(POW.SHA1_DIGEST)
- digest.update(keypair.get_POW().derWrite(POW.RSA_PUBLIC_KEY))
- commonName = "0x" + binascii.hexlify(digest.digest())
-
- try:
- config_filename = "req.tmp.conf"
- f = open(config_filename, "w")
- f.write(req_fmt % commonName)
- f.close()
-
- i,o = os.popen2(["openssl", "req", "-config", config_filename, "-new",
- "-key", "/dev/stdin", "-outform", "DER"])
- i.write(keypair.get_PEM())
- i.close()
- pkcs10 = rpki.x509.PKCS10(DER = o.read())
- o.close()
-
- finally:
- os.unlink(config_filename)
-
- return pkcs10
diff --git a/scripts/rpki/relaxng.py b/scripts/rpki/relaxng.py
deleted file mode 100644
index b045b1c6..00000000
--- a/scripts/rpki/relaxng.py
+++ /dev/null
@@ -1,1208 +0,0 @@
-# Automatically generated, do not edit.
-
-import lxml.etree
-
-## @var left_right
-## Parsed RelaxNG left_right schema
-left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?>
-<!--
- $Id: left-right-schema.rnc 1383 2007-12-17 18:20:46Z sra $
-
- RelaxNG (Compact Syntax) Schema for RPKI left-right protocol.
-
- libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
- run the compact syntax through trang to get XML syntax.
--->
-<grammar ns="http://www.hactrn.net/uris/rpki/left-right-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
- <!-- Top level PDU -->
- <start>
- <element name="msg">
- <attribute name="version">
- <data type="positiveInteger">
- <param name="maxInclusive">1</param>
- </data>
- </attribute>
- <zeroOrMore>
- <choice>
- <ref name="self_elt"/>
- <ref name="bsc_elt"/>
- <ref name="parent_elt"/>
- <ref name="child_elt"/>
- <ref name="repository_elt"/>
- <ref name="ro_elt"/>
- <ref name="list_resources_elt"/>
- <ref name="report_error_elt"/>
- </choice>
- </zeroOrMore>
- </element>
- </start>
- <!-- Tag attributes for bulk operations -->
- <define name="tag">
- <optional>
- <attribute name="tag">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- </define>
- <!--
- Combinations of action and type attributes used in later definitions.
- The same patterns repeat in most of the elements in this protocol.
- -->
- <define name="ctl_cq">
- <attribute name="action">
- <value>create</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_sq">
- <attribute name="action">
- <value>set</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_gq">
- <attribute name="action">
- <value>get</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_lq">
- <attribute name="action">
- <value>list</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_dq">
- <attribute name="action">
- <value>destroy</value>
- </attribute>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_cr">
- <attribute name="action">
- <value>create</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_sr">
- <attribute name="action">
- <value>set</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_gr">
- <attribute name="action">
- <value>get</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_lr">
- <attribute name="action">
- <value>list</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <define name="ctl_dr">
- <attribute name="action">
- <value>destroy</value>
- </attribute>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- </define>
- <!-- Base64 encoded DER stuff -->
- <define name="base64">
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </define>
- <!-- How we wrap trust anchor elements -->
- <define name="cms_ta">
- <element name="cms_ta">
- <ref name="base64"/>
- </element>
- </define>
- <define name="https_ta">
- <element name="https_ta">
- <ref name="base64"/>
- </element>
- </define>
- <!-- Base definition for all fields that are really just SQL primary indices -->
- <define name="sql_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </define>
- <!-- <self/> element -->
- <define name="self_bool">
- <optional>
- <attribute name="rekey">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="reissue">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="revoke">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="run_now">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="publish_world_now">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="clear_extension_preferences">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="self_payload">
- <optional>
- <attribute name="use_hsm">
- <choice>
- <value>yes</value>
- <value>no</value>
- </choice>
- </attribute>
- </optional>
- <optional>
- <attribute name="crl_interval">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <zeroOrMore>
- <element name="extension_preference">
- <attribute name="name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <data type="string">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </zeroOrMore>
- </define>
- <define name="self_id">
- <attribute name="self_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_cq"/>
- <ref name="self_bool"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="self_bool"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_lq"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="self_payload"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="self_elt" combine="choice">
- <element name="self">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- </element>
- </define>
- <!-- <bsc/> element. Key parameters hardwired for now. -->
- <define name="bsc_bool">
- <optional>
- <attribute name="generate_keypair">
- <value>yes</value>
- </attribute>
- <optional>
- <attribute name="key_type">
- <value>rsa</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="hash_alg">
- <value>sha256</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="key_length">
- <value>2048</value>
- </attribute>
- </optional>
- </optional>
- <optional>
- <attribute name="clear_signing_certs">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="bsc_id">
- <attribute name="bsc_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="bsc_payload">
- <zeroOrMore>
- <element name="signing_cert">
- <ref name="base64"/>
- </element>
- </zeroOrMore>
- <optional>
- <element name="public_key">
- <ref name="base64"/>
- </element>
- </optional>
- </define>
- <define name="bsc_pkcs10">
- <optional>
- <element name="pkcs10_cert_request">
- <ref name="base64"/>
- </element>
- </optional>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="bsc_bool"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_pkcs10"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_bool"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_pkcs10"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- <ref name="bsc_payload"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- </element>
- </define>
- <define name="bsc_elt" combine="choice">
- <element name="bsc">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="bsc_id"/>
- </element>
- </define>
- <!-- <parent/> element -->
- <define name="parent_id">
- <attribute name="parent_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="parent_bool">
- <optional>
- <attribute name="rekey">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="reissue">
- <value>yes</value>
- </attribute>
- </optional>
- <optional>
- <attribute name="revoke">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="parent_payload">
- <optional>
- <attribute name="peer_contact_uri">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="sia_base">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="bsc_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="repository_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="sender_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="recipient_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <ref name="cms_ta"/>
- </optional>
- <optional>
- <ref name="https_ta"/>
- </optional>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="parent_bool"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- <ref name="parent_bool"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- <ref name="parent_payload"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <define name="parent_elt" combine="choice">
- <element name="parent">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="parent_id"/>
- </element>
- </define>
- <!-- <child/> element -->
- <define name="child_id">
- <attribute name="child_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="child_bool">
- <optional>
- <attribute name="reissue">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="child_payload">
- <optional>
- <attribute name="bsc_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <ref name="cms_ta"/>
- </optional>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="child_bool"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <ref name="child_bool"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <ref name="child_payload"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <define name="child_elt" combine="choice">
- <element name="child">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </element>
- </define>
- <!-- <repository/> element -->
- <define name="repository_id">
- <attribute name="repository_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="repository_payload">
- <optional>
- <attribute name="peer_contact_uri">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="bsc_id">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <ref name="cms_ta"/>
- </optional>
- <optional>
- <ref name="https_ta"/>
- </optional>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- <ref name="repository_payload"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <define name="repository_elt" combine="choice">
- <element name="repository">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="repository_id"/>
- </element>
- </define>
- <!-- <route_origin/> element -->
- <define name="ro_id">
- <attribute name="route_origin_id">
- <ref name="sql_id"/>
- </attribute>
- </define>
- <define name="ro_bool">
- <optional>
- <attribute name="suppress_publication">
- <value>yes</value>
- </attribute>
- </optional>
- </define>
- <define name="ro_payload">
- <optional>
- <attribute name="as_number">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv4">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv6">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_cq"/>
- <ref name="self_id"/>
- <ref name="ro_bool"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_cr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_sq"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- <ref name="ro_bool"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_sr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_gq"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_gr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_lq"/>
- <ref name="self_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_lr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- <ref name="ro_payload"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_dq"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <define name="ro_elt" combine="choice">
- <element name="route_origin">
- <ref name="ctl_dr"/>
- <ref name="self_id"/>
- <ref name="ro_id"/>
- </element>
- </define>
- <!-- <list_resources/> element -->
- <define name="list_resources_elt">
- <element name="list_resources">
- <choice>
- <group>
- <attribute name="type">
- <value>query</value>
- </attribute>
- <ref name="tag"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- </group>
- <group>
- <attribute name="type">
- <value>reply</value>
- </attribute>
- <ref name="tag"/>
- <ref name="self_id"/>
- <ref name="child_id"/>
- <attribute name="valid_until">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <optional>
- <attribute name="subject_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="as">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv4">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="ipv6">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </optional>
- </group>
- </choice>
- </element>
- </define>
- <!-- <report_error/> element -->
- <define name="report_error_elt">
- <element name="report_error">
- <ref name="tag"/>
- <ref name="self_id"/>
- <attribute name="error_code">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <optional>
- <data type="string">
- <param name="maxLength">512000</param>
- </data>
- </optional>
- </element>
- </define>
-</grammar>
-'''))
-
-## @var up_down
-## Parsed RelaxNG up_down schema
-up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?>
-<!--
- $Id: up-down-schema.rng 1354 2007-12-04 06:20:10Z sra $
-
- RelaxNG (Compact Syntax) Scheme for up-down protocol, extracted
- from APNIC Wiki.
-
- libxml2 (including xmllint) only groks the XML syntax of RelaxNG,
- so run this through a converter like /usr/ports/textproc/trang to get
- XML syntax:
-
- $ trang up-down-schema.rnc up-down-schema.rng
--->
-<grammar ns="http://www.apnic.net/specs/rescerts/up-down/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
- <start>
- <element name="message">
- <attribute name="version">
- <data type="positiveInteger">
- <param name="maxInclusive">1</param>
- </data>
- </attribute>
- <attribute name="sender">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <attribute name="recipient">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <ref name="payload"/>
- </element>
- </start>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>list</value>
- </attribute>
- <ref name="list_request"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>list_response</value>
- </attribute>
- <ref name="list_response"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>issue</value>
- </attribute>
- <ref name="issue_request"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>issue_response</value>
- </attribute>
- <ref name="issue_response"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>revoke</value>
- </attribute>
- <ref name="revoke_request"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>revoke_response</value>
- </attribute>
- <ref name="revoke_response"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>error_response</value>
- </attribute>
- <ref name="error_response"/>
- </define>
- <define name="list_request">
- <empty/>
- </define>
- <define name="list_response">
- <zeroOrMore>
- <ref name="class"/>
- </zeroOrMore>
- </define>
- <define name="class">
- <element name="class">
- <attribute name="class_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <attribute name="cert_url">
- <data type="string">
- <param name="maxLength">4096</param>
- </data>
- </attribute>
- <attribute name="resource_set_as">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,0-9]*</param>
- </data>
- </attribute>
- <attribute name="resource_set_ipv4">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/.0-9]*</param>
- </data>
- </attribute>
- <attribute name="resource_set_ipv6">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/:0-9a-fA-F]*</param>
- </data>
- </attribute>
- <optional>
- <attribute name="resource_set_notafter">
- <data type="dateTime">
- <param name="pattern">.*Z</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="suggested_sia_head">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- <param name="pattern">rsync://.+</param>
- </data>
- </attribute>
- </optional>
- <zeroOrMore>
- <element name="certificate">
- <attribute name="cert_url">
- <data type="string">
- <param name="maxLength">4096</param>
- </data>
- </attribute>
- <optional>
- <attribute name="req_resource_set_as">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv4">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/.0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv6">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/:0-9a-fA-F]*</param>
- </data>
- </attribute>
- </optional>
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </zeroOrMore>
- <element name="issuer">
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </element>
- </define>
- <define name="issue_request">
- <element name="request">
- <attribute name="class_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <optional>
- <attribute name="req_resource_set_as">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv4">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/.0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv6">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/:0-9a-fA-F]*</param>
- </data>
- </attribute>
- </optional>
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </define>
- <define name="issue_response">
- <ref name="class"/>
- </define>
- <define name="revoke_request">
- <ref name="revocation"/>
- </define>
- <define name="revoke_response">
- <ref name="revocation"/>
- </define>
- <define name="revocation">
- <element name="key">
- <attribute name="class_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <attribute name="ski">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </element>
- </define>
- <define name="error_response">
- <element name="status">
- <data type="positiveInteger">
- <param name="maxInclusive">999999999999999</param>
- </data>
- </element>
- <optional>
- <element name="description">
- <attribute name="xml:lang">
- <data type="language"/>
- </attribute>
- <data type="string">
- <param name="maxLength">1024</param>
- </data>
- </element>
- </optional>
- </define>
-</grammar>
-'''))
diff --git a/scripts/rpki/resource_set.py b/scripts/rpki/resource_set.py
deleted file mode 100644
index 8497dad5..00000000
--- a/scripts/rpki/resource_set.py
+++ /dev/null
@@ -1,528 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Classes dealing with sets of resources.
-
-The basic mechanics of a resource set are the same for any of the
-resources we handle (ASNs, IPv4 addresses, or IPv6 addresses), so we
-can provide the same operations on any of them, even though the
-underlying details vary.
-
-We also provide some basic set operations (union, intersection, etc).
-"""
-
-import re
-import rpki.ipaddrs, rpki.oids
-
-inherit_token = "<inherit>"
-
-class resource_range(object):
- """Generic resource range type.
-
- Assumes underlying type is some kind of integer. You probably don't
- want to use this type directly.
- """
-
- def __init__(self, min, max):
- """Initialize and sanity check a resource_range."""
- assert min <= max, "Mis-ordered range: %s before %s" % (str(min), str(max))
- self.min = min
- self.max = max
-
- def __cmp__(self, other):
- """Compare two resource_range objects."""
- c = self.min - other.min
- if c == 0: c = self.max - other.max
- if c < 0: c = -1
- if c > 0: c = 1
- return c
-
-class resource_range_as(resource_range):
- """Range of Autonomous System Numbers.
-
- Denotes a single ASN by a range whose min and max values are identical.
- """
-
- datum_type = long
-
- def __str__(self):
- """Convert a resource_range_as to string format."""
- if self.min == self.max:
- return str(self.min)
- else:
- return str(self.min) + "-" + str(self.max)
-
- def to_tuple(self):
- """Convert a resource_range_as to tuple format for ASN.1 encoding."""
- if self.min == self.max:
- return ("id", self.min)
- else:
- return ("range", (self.min, self.max))
-
-class resource_range_ip(resource_range):
- """Range of (generic) IP addresses.
-
- Prefixes are converted to ranges on input, and ranges that can be
- represented as prefixes are written as prefixes on output.
- """
-
- def _prefixlen(self):
- """Determine whether a resource_range_ip can be expressed as a prefix."""
- mask = self.min ^ self.max
- prefixlen = self.datum_type.bits
- while mask & 1:
- prefixlen -= 1
- mask >>= 1
- if mask:
- return -1
- else:
- return prefixlen
-
- def __str__(self):
- """Convert a resource_range_ip to string format."""
- prefixlen = self._prefixlen()
- if prefixlen < 0:
- return str(self.min) + "-" + str(self.max)
- else:
- return str(self.min) + "/" + str(prefixlen)
-
- def to_tuple(self):
- """Convert a resource_range_ip to tuple format for ASN.1 encoding."""
- prefixlen = self._prefixlen()
- if prefixlen < 0:
- return ("addressRange", (_long2bs(self.min, self.datum_type.bits, strip = 0),
- _long2bs(self.max, self.datum_type.bits, strip = 1)))
- else:
- return ("addressPrefix", _long2bs(self.min, self.datum_type.bits, prefixlen = prefixlen))
-
-class resource_range_ipv4(resource_range_ip):
- """Range of IPv4 addresses."""
-
- datum_type = rpki.ipaddrs.v4addr
-
-class resource_range_ipv6(resource_range_ip):
- """Range of IPv6 addresses."""
-
- datum_type = rpki.ipaddrs.v6addr
-
-def _rsplit(rset, that):
- """Split a resource range into two resource ranges."""
- this = rset.pop(0)
- cell_type = type(this.min)
- assert type(this) is type(that) and type(this.max) is cell_type and \
- type(that.min) is cell_type and type(that.max) is cell_type
- if this.min < that.min:
- rset.insert(0, type(this)(this.min, cell_type(that.min - 1)))
- rset.insert(1, type(this)(that.min, this.max))
- else:
- assert this.max > that.max
- rset.insert(0, type(this)(this.min, that.max))
- rset.insert(1, type(this)(cell_type(that.max + 1), this.max))
-
-class resource_set(list):
- """Generic resource set.
-
- List type containing resource ranges. You probably don't want to
- use this type directly.
- """
-
- inherit = False
-
- def __init__(self, ini = None):
- """Initialize a resource_set."""
- if isinstance(ini, int) or isinstance(ini, long):
- ini = str(ini)
- if ini == inherit_token:
- self.inherit = True
- elif isinstance(ini, str) and len(ini):
- self.extend(map(self.parse_str, ini.split(",")))
- elif isinstance(ini, tuple):
- self.parse_tuple(ini)
- elif isinstance(ini, list):
- self.extend(ini)
- else:
- assert ini is None or ini == "", "Unexpected initializer: %s" % str(ini)
- assert not self.inherit or not self
- self.sort()
- if __debug__:
- for i in range(0, len(self) - 1):
- assert self[i].max < self[i+1].min, "Resource overlap: %s %s" % (self[i], self[i+1])
-
- def __str__(self):
- """Convert a resource_set to string format."""
- if self.inherit:
- return inherit_token
- else:
- return ",".join(map(str, self))
-
- def _comm(self, other):
- """Like comm(1), sort of.
-
- Returns a tuple of three resource sets: resources only in self,
- resources only in other, and resources in both. Used (not very
- efficiently) as the basis for most set operations on resource
- sets.
- """
- assert not self.inherit
- assert type(self) is type(other), "Type mismatch %s %s" % (repr(type(self)), repr(type(other)))
- set1 = self[:]
- set2 = other[:]
- only1, only2, both = [], [], []
- while set1 or set2:
- if set1 and (not set2 or set1[0].max < set2[0].min):
- only1.append(set1.pop(0))
- elif set2 and (not set1 or set2[0].max < set1[0].min):
- only2.append(set2.pop(0))
- elif set1[0].min < set2[0].min:
- _rsplit(set1, set2[0])
- elif set2[0].min < set1[0].min:
- _rsplit(set2, set1[0])
- elif set1[0].max < set2[0].max:
- _rsplit(set2, set1[0])
- elif set2[0].max < set1[0].max:
- _rsplit(set1, set2[0])
- else:
- assert set1[0].min == set2[0].min and set1[0].max == set2[0].max
- both.append(set1.pop(0))
- set2.pop(0)
- return type(self)(only1), type(self)(only2), type(self)(both)
-
- def union(self, other):
- """Set union for resource sets."""
- assert not self.inherit
- assert type(self) is type(other), "Type mismatch: %s %s" % (repr(type(self)), repr(type(other)))
- set1 = self[:]
- set2 = other[:]
- result = []
- while set1 or set2:
- if set1 and (not set2 or set1[0].max < set2[0].min):
- result.append(set1.pop(0))
- elif set2 and (not set1 or set2[0].max < set1[0].min):
- result.append(set2.pop(0))
- else:
- this = set1.pop(0)
- that = set2.pop(0)
- assert type(this) is type(that)
- if this.min < that.min: min = this.min
- else: min = that.min
- if this.max > that.max: max = this.max
- else: max = that.max
- result.append(type(this)(min, max))
- for i in range(len(result) - 2, -1, -1):
- if result[i].max + 1 == result[i + 1].min:
- result[i].max = result[i + 1].max
- result.pop(i + 1)
- return type(self)(result)
-
- def intersection(self, other):
- """Set intersection for resource sets."""
- return self._comm(other)[2]
-
- def difference(self, other):
- """Set difference for resource sets."""
- return self._comm(other)[0]
-
- def symmetric_difference(self, other):
- """Set symmetric difference (XOR) for resource sets."""
- com = self._comm(other)
- return com[0].union(com[1])
-
- def contains(self, item):
- """Set membership test for resource sets."""
- assert not self.inherit
- for i in self:
- if isinstance(item, type(i)) and i.min <= item.min and i.max >= item.max:
- return True
- elif isinstance(item, type(i.min)) and i.min <= item and i.max >= item:
- return True
- else:
- assert isinstance(item, (type(i), type(i.min)))
- return False
-
- def issubset(self, other):
- """Test whether self is a subset (possibly improper) of other."""
- for i in self:
- if not other.contains(i):
- return False
- return True
-
- def issuperset(self, other):
- """Test whether self is a superset (possibly improper) of other."""
- return other.issubset(self)
-
- @classmethod
- def from_sql(cls, cur, query, args = None):
- """Create resource set from an SQL query.
-
- cur is a DB API 2.0 cursor object.
-
- query is an SQL query that returns a sequence of (min, max) pairs.
- """
-
- cur.execute(query, args)
- return cls(ini = [cls.range_type(cls.range_type.datum_type(b),
- cls.range_type.datum_type(e))
- for (b,e) in cur.fetchall()])
-
-class resource_set_as(resource_set):
- """ASN resource set."""
-
- range_type = resource_range_as
-
- def parse_str(self, x):
- """Parse AS resource sets from text (eg, XML attributes)."""
- r = re.match("^([0-9]+)-([0-9]+)$", x)
- if r:
- return resource_range_as(long(r.group(1)), long(r.group(2)))
- else:
- return resource_range_as(long(x), long(x))
-
- def parse_tuple(self, x):
- """Parse AS resource sets from intermediate form generated by ASN.1 decoder."""
- if x[0] == "asIdsOrRanges":
- for aor in x[1]:
- if aor[0] == "range":
- min = aor[1][0]
- max = aor[1][1]
- else:
- min = aor[1]
- max = min
- self.append(resource_range_as(min, max))
- else:
- assert x[0] == "inherit"
- self.inherit = True
-
- def to_tuple(self):
- """Encode AS resource set into intermediate form used by ASN.1 encoder."""
- if self:
- return ("asIdsOrRanges", tuple(a.to_tuple() for a in self))
- elif self.inherit:
- return ("inherit", "")
- else:
- return None
-
-class resource_set_ip(resource_set):
- """(Generic) IP address resource set.
-
- You probably don't want to use this type directly.
- """
-
- def parse_str(self, x):
- """Parse IP address resource sets from text (eg, XML attributes)."""
- r = re.match("^([0-9:.a-fA-F]+)-([0-9:.a-fA-F]+)$", x)
- if r:
- return self.range_type(self.range_type.datum_type(r.group(1)), self.range_type.datum_type(r.group(2)))
- r = re.match("^([0-9:.a-fA-F]+)/([0-9]+)$", x)
- if r:
- min = self.range_type.datum_type(r.group(1))
- prefixlen = int(r.group(2))
- mask = (1 << (self.range_type.datum_type.bits - prefixlen)) - 1
- assert (min & mask) == 0, "Resource not in canonical form: %s" % (x)
- max = self.range_type.datum_type(min | mask)
- return self.range_type(min, max)
- raise RuntimeError, 'Bad IP resource "%s"' % (x)
-
- def parse_tuple(self, x):
- """Parse IP address resource sets from intermediate form generated by ASN.1 decoder."""
- if x[0] == "addressesOrRanges":
- for aor in x[1]:
- if aor[0] == "addressRange":
- min = _bs2long(aor[1][0]) << (self.range_type.datum_type.bits - len(aor[1][0]))
- max = _bs2long(aor[1][1]) << (self.range_type.datum_type.bits - len(aor[1][1]))
- mask = (1L << (self.range_type.datum_type.bits - len(aor[1][1]))) - 1
- else:
- min = _bs2long(aor[1]) << (self.range_type.datum_type.bits - len(aor[1]))
- mask = (1L << (self.range_type.datum_type.bits - len(aor[1]))) - 1
- assert (min & mask) == 0, "Resource not in canonical form: %s" % (str(x))
- max = min | mask
- self.append(self.range_type(self.range_type.datum_type(min), self.range_type.datum_type(max)))
- else:
- assert x[0] == "inherit"
- self.inherit = True
-
- def to_tuple(self):
- """Encode IP resource set into intermediate form used by ASN.1 encoder."""
- if self:
- return (self.afi, ("addressesOrRanges", tuple(a.to_tuple() for a in self)))
- elif self.inherit:
- return (self.afi, ("inherit", ""))
- else:
- return None
-
-class resource_set_ipv4(resource_set_ip):
- """IPv4 address resource set."""
-
- range_type = resource_range_ipv4
- afi = "\x00\x01"
-
-class resource_set_ipv6(resource_set_ip):
- """IPv6 address resource set."""
-
- range_type = resource_range_ipv6
- afi = "\x00\x02"
-
-def _bs2long(bs):
- """Convert a bitstring (tuple representation) into a long."""
- return reduce(lambda x, y: (x << 1) | y, bs, 0L)
-
-def _long2bs(number, addrlen, prefixlen = None, strip = None):
- """Convert a long into a tuple bitstring. This is a bit complicated
- because it supports the fiendishly compact encoding used in RFC 3779.
- """
- assert prefixlen is None or strip is None
- bs = []
- while number:
- bs.append(int(number & 1))
- number >>= 1
- if addrlen > len(bs):
- bs.extend((0 for i in xrange(addrlen - len(bs))))
- bs.reverse()
- if prefixlen is not None:
- return tuple(bs[0:prefixlen])
- if strip is not None:
- while bs and bs[-1] == strip:
- bs.pop()
- return tuple(bs)
-
-class resource_bag(object):
- """Container to simplify passing around the usual triple of AS,
- IPv4, and IPv6 resource sets.
- """
-
- def __init__(self, as = None, v4 = None, v6 = None, valid_until = None):
- self.as = as or resource_set_as()
- self.v4 = v4 or resource_set_ipv4()
- self.v6 = v6 or resource_set_ipv6()
- self.valid_until = valid_until
-
- def oversized(self, other):
- """True iff self is oversized with respect to other."""
- return not self.as.issubset(other.as) or \
- not self.v4.issubset(other.v4) or \
- not self.v6.issubset(other.v6)
-
- def undersized(self, other):
- """True iff self is undersized with respect to other."""
- return not other.as.issubset(self.as) or \
- not other.v4.issubset(self.v4) or \
- not other.v6.issubset(self.v6)
-
- @classmethod
- def from_asn1_tuples(cls, exts):
- """Build a resource_bag from intermediate form returned by ASN.1 decoder."""
- as = None
- v4 = None
- v6 = None
- for x in exts:
- if x[0] == rpki.oids.name2oid["sbgp-autonomousSysNum"]: #
- assert len(x[2]) == 1 or x[2][1] is None, "RDI not implemented: %s" % (str(x))
- assert as is None
- as = resource_set_as(x[2][0])
- if x[0] == rpki.oids.name2oid["sbgp-ipAddrBlock"]:
- for fam in x[2]:
- if fam[0] == resource_set_ipv4.afi:
- assert v4 is None
- v4 = resource_set_ipv4(fam[1])
- if fam[0] == resource_set_ipv6.afi:
- assert v6 is None
- v6 = resource_set_ipv6(fam[1])
- return cls(as, v4, v6)
-
- def empty(self):
- """Return True iff all resource sets in this bag are empty."""
- return not self.as and not self.v4 and not self.v6
-
- def __eq__(self, other):
- return self.as == other.as and \
- self.v4 == other.v4 and \
- self.v6 == other.v6 and \
- self.valid_until == other.valid_until
-
- def __ne__(self, other):
- return not (self == other)
-
- def intersection(self, other):
- """Compute intersection with another resource_bag.
- valid_until attribute (if any) inherits from self.
- """
- return self.__class__(self.as.intersection(other.as),
- self.v4.intersection(other.v4),
- self.v6.intersection(other.v6),
- self.valid_until)
-
- def union(self, other):
- """Compute union with another resource_bag.
- valid_until attribute (if any) inherits from self.
- """
- return self.__class__(self.as.union(other.as),
- self.v4.union(other.v4),
- self.v6.union(other.v6),
- self.valid_until)
-
- def __str__(self):
- s = ""
- if self.as:
- s += "AS: %s" % self.as
- if self.v4:
- if s:
- s += ", "
- s += "V4: %s" % self.v4
- if self.v6:
- if s:
- s += ", "
- s += "V6: %s" % self.v6
- return s
-
-# Test suite for set operations. This will probably go away eventually
-
-if __name__ == "__main__":
-
- def test(t, s1, s2):
- print
- r1 = t(s1)
- r2 = t(s2)
- print "x: ", r1
- print "y: ", r2
- v1 = r1._comm(r2)
- v2 = r2._comm(r1)
- assert v1[0] == v2[1] and v1[1] == v2[0] and v1[2] == v2[2]
- for i in r1: assert r1.contains(i) and r1.contains(i.min) and r1.contains(i.max)
- for i in r2: assert r2.contains(i) and r2.contains(i.min) and r2.contains(i.max)
- for i in v1[0]: assert r1.contains(i) and not r2.contains(i)
- for i in v1[1]: assert not r1.contains(i) and r2.contains(i)
- for i in v1[2]: assert r1.contains(i) and r2.contains(i)
- v1 = r1.union(r2)
- v2 = r2.union(r1)
- assert v1 == v2
- print "x|y:", v1
- v1 = r1.difference(r2)
- v2 = r2.difference(r1)
- print "x-y:", v1
- print "y-x:", v2
- v1 = r1.symmetric_difference(r2)
- v2 = r2.symmetric_difference(r1)
- assert v1 == v2
- print "x^y:", v1
- v1 = r1.intersection(r2)
- v2 = r2.intersection(r1)
- assert v1 == v2
- print "x&y:", v1
-
- print "Testing set operations on resource sets"
- test(resource_set_as, "1,2,3,4,5,6,11,12,13,14,15", "1,2,3,4,5,6,111,121,131,141,151")
- test(resource_set_ipv4, "10.0.0.44/32,10.6.0.2/32", "10.3.0.0/24,10.0.0.77/32")
- test(resource_set_ipv4, "10.0.0.44/32,10.6.0.2/32", "10.0.0.0/24")
- test(resource_set_ipv4, "10.0.0.0/24", "10.3.0.0/24,10.0.0.77/32")
diff --git a/scripts/rpki/roa.py b/scripts/rpki/roa.py
deleted file mode 100644
index 15d1c6eb..00000000
--- a/scripts/rpki/roa.py
+++ /dev/null
@@ -1,49 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-""" ROA (Route Origin Authorization).
-
-At the moment this is just the ASN.1 encoder.
-
-This corresponds to draft-ietf-sidr-roa-format-01, which is a work in
-progress, so this may need updating later.
-"""
-
-from POW._der import *
-
-class IPAddresses(SequenceOf):
- def __init__(self, optional=0, default=''):
- SequenceOf.__init__(self, BitString, optional, default)
-
-class ROAIPAddressFamily(Sequence):
- def __init__(self, optional=0, default=''):
- self.addressFamily = OctetString()
- self.addresses = IPAddresses()
- contents = [ self.addressFamily, self.addresses ]
- Sequence.__init__(self, contents, optional, default)
-
-class ROAIPAddrBlocks(SequenceOf):
- def __init__(self, optional=0, default=''):
- SequenceOf.__init__(self, ROAIPAddressFamily, optional, default)
-
-class RouteOriginAttestation(Sequence):
- def __init__(self, optional=0, default=''):
- self.version = Integer(0, chr(0x00))
- self.asID = Integer()
- self.exactMatch = Boolean()
- self.ipAddrBlocks = ROAIPAddrBlocks()
- contents = [ self.version, self.asID, self.exactMatch, self.ipAddrBlocks ]
- Sequence.__init__(self, contents, optional, default)
diff --git a/scripts/rpki/sax_utils.py b/scripts/rpki/sax_utils.py
deleted file mode 100644
index a472bee9..00000000
--- a/scripts/rpki/sax_utils.py
+++ /dev/null
@@ -1,93 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""SAX utilities."""
-
-import xml.sax, lxml.sax
-
-class handler(xml.sax.handler.ContentHandler):
- """SAX handler for RPKI protocols.
-
- This class provides some basic amenities for parsing protocol XML of
- the kind we use in the RPKI protocols, including whacking all the
- protocol element text into US-ASCII, simplifying accumulation of
- text fields, and hiding some of the fun relating to XML namespaces.
-
- General assumption: by the time this parsing code gets invoked, the
- XML has already passed RelaxNG validation, so we only have to check
- for errors that the schema can't catch, and we don't have to play as
- many XML namespace games.
- """
-
- def __init__(self):
- """Initialize SAX handler."""
- self.text = ""
- self.stack = []
-
- def startElementNS(self, name, qname, attrs):
- """Redirect startElementNS() events to startElement()."""
- return self.startElement(name[1], attrs)
-
- def endElementNS(self, name, qname):
- """Redirect endElementNS() events to endElement()."""
- return self.endElement(name[1])
-
- def characters(self, content):
- """Accumulate a chuck of element content (text)."""
- self.text += content
-
- def startElement(self, name, attrs):
- """Handle startElement() events.
-
- We maintain a stack of nested elements under construction so that
- we can feed events directly to the current element rather than
- having to pass them through all the nesting elements.
-
- If the stack is empty, this event is for the outermost element, so
- we call a virtual method to create the corresponding object and
- that's the object we'll be returning as our final result.
- """
- a = dict()
- for k,v in attrs.items():
- if isinstance(k, tuple):
- if k == ("http://www.w3.org/XML/1998/namespace", "lang"):
- k = "xml:lang"
- else:
- assert k[0] is None
- k = k[1]
- a[k.encode("ascii")] = v.encode("ascii")
- if len(self.stack) == 0:
- assert not hasattr(self, "result")
- self.result = self.create_top_level(name, a)
- self.stack.append(self.result)
- self.stack[-1].startElement(self.stack, name, a)
-
- def endElement(self, name):
- """Handle endElement() events.
-
- Mostly this means handling any accumulated element text.
- """
- text = self.text.encode("ascii").strip()
- self.text = ""
- self.stack[-1].endElement(self.stack, name, text)
-
- @classmethod
- def saxify(cls, elt):
- """Create a one-off SAX parser, parse an ETree, return the result.
- """
- self = cls()
- lxml.sax.saxify(elt, self)
- return self.result
diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py
deleted file mode 100644
index 022e4dd5..00000000
--- a/scripts/rpki/sql.py
+++ /dev/null
@@ -1,801 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-import MySQLdb, time
-import rpki.x509, rpki.resource_set, rpki.sundial
-
-def connect(cfg):
- """Connect to a MySQL database using connection parameters from an
- rpki.config.parser object.
- """
- return MySQLdb.connect(user = cfg.get("sql-username"),
- db = cfg.get("sql-database"),
- passwd = cfg.get("sql-password"))
-
-class template(object):
- """SQL template generator."""
- def __init__(self, table_name, index_column, *data_columns):
- """Build a SQL template."""
- type_map = dict((x[0],x[1]) for x in data_columns if isinstance(x, tuple))
- data_columns = tuple(isinstance(x, tuple) and x[0] or x for x in data_columns)
- columns = (index_column,) + data_columns
- self.table = table_name
- self.index = index_column
- self.columns = columns
- self.map = type_map
- self.select = "SELECT %s FROM %s" % (", ".join(columns), table_name)
- self.insert = "INSERT %s (%s) VALUES (%s)" % (table_name, ", ".join(data_columns),
- ", ".join("%(" + s + ")s" for s in data_columns))
- self.update = "UPDATE %s SET %s WHERE %s = %%(%s)s" % \
- (table_name, ", ".join(s + " = %(" + s + ")s" for s in data_columns),
- index_column, index_column)
- self.delete = "DELETE FROM %s WHERE %s = %%s" % (table_name, index_column)
-
-## @var sql_cache
-# Cache of objects pulled from SQL.
-
-sql_cache = {}
-
-## @var sql_dirty
-# Set of objects that need to be written back to SQL.
-
-sql_dirty = set()
-
-def sql_cache_clear():
- """Clear the object cache."""
- sql_cache.clear()
-
-def sql_assert_pristine():
- """Assert that there are no dirty objects in the cache."""
- assert not sql_dirty, "Dirty objects in SQL cache: %s" % sql_dirty
-
-def sql_sweep(gctx):
- """Write any dirty objects out to SQL."""
- for s in sql_dirty.copy():
- rpki.log.debug("Sweeping %s" % repr(s))
- s.sql_store(gctx)
- sql_assert_pristine()
-
-class sql_persistant(object):
- """Mixin for persistant class that needs to be stored in SQL.
- """
-
- ## @var sql_in_db
- # Whether this object is already in SQL or not.
- sql_in_db = False
-
- @classmethod
- def sql_fetch(cls, gctx, id):
- """Fetch one object from SQL, based on its primary key. Since in
- this one case we know that the primary index is also the cache
- key, we check for a cache hit directly in the hope of bypassing the
- SQL lookup entirely.
- """
- key = (cls, id)
- if key in sql_cache:
- return sql_cache[key]
- else:
- return cls.sql_fetch_where1(gctx, "%s = %s", (cls.sql_template.index, id))
-
- @classmethod
- def sql_fetch_where1(cls, gctx, where, args = None):
- """Fetch one object from SQL, based on an arbitrary SQL WHERE expression."""
- results = cls.sql_fetch_where(gctx, where, args)
- if len(results) == 0:
- return None
- elif len(results) == 1:
- return results[0]
- else:
- raise rpki.exceptions.DBConsistancyError, \
- "Database contained multiple matches for %s where %s" % \
- (cls.__name__, where % tuple(repr(a) for a in args))
-
- @classmethod
- def sql_fetch_all(cls, gctx):
- """Fetch all objects of this type from SQL."""
- return cls.sql_fetch_where(gctx, None)
-
- @classmethod
- def sql_fetch_where(cls, gctx, where, args = None):
- """Fetch objects of this type matching an arbitrary SQL WHERE expression."""
- if where is None:
- gctx.cur.execute(cls.sql_template.select)
- else:
- gctx.cur.execute(cls.sql_template.select + " WHERE " + where, args)
- results = []
- for row in gctx.cur.fetchall():
- key = (cls, row[0])
- if key in sql_cache:
- results.append(sql_cache[key])
- else:
- results.append(cls.sql_init(gctx, row, key))
- return results
-
- @classmethod
- def sql_init(cls, gctx, row, key):
- """Initialize one Python object from the result of a SQL query."""
- self = cls()
- self.sql_decode(dict(zip(cls.sql_template.columns, row)))
- sql_cache[key] = self
- self.sql_in_db = True
- self.sql_fetch_hook(gctx)
- return self
-
- def sql_mark_dirty(self):
- """Mark this object as needing to be written back to SQL."""
- sql_dirty.add(self)
-
- def sql_mark_clean(self):
- """Mark this object as not needing to be written back to SQL."""
- sql_dirty.discard(self)
-
- def sql_is_dirty(self):
- """Query whether this object needs to be written back to SQL."""
- return self in sql_dirty
-
- def sql_store(self, gctx):
- """Store this object to SQL."""
- if not self.sql_in_db:
- gctx.cur.execute(self.sql_template.insert, self.sql_encode())
- setattr(self, self.sql_template.index, gctx.cur.lastrowid)
- sql_cache[(self.__class__, gctx.cur.lastrowid)] = self
- self.sql_insert_hook(gctx)
- else:
- gctx.cur.execute(self.sql_template.update, self.sql_encode())
- self.sql_update_hook(gctx)
- key = (self.__class__, getattr(self, self.sql_template.index))
- assert key in sql_cache and sql_cache[key] == self
- self.sql_mark_clean()
- self.sql_in_db = True
-
- def sql_delete(self, gctx):
- """Delete this object from SQL."""
- if self.sql_in_db:
- id = getattr(self, self.sql_template.index)
- gctx.cur.execute(self.sql_template.delete, id)
- self.sql_delete_hook(gctx)
- key = (self.__class__, id)
- if sql_cache.get(key) == self:
- del sql_cache[key]
- self.sql_in_db = False
- self.sql_mark_clean()
-
- def sql_encode(self):
- """Convert object attributes into a dict for use with canned SQL
- queries. This is a default version that assumes a one-to-one
- mapping between column names in SQL and attribute names in Python.
- If you need something fancier, override this.
- """
- d = dict((a, getattr(self, a, None)) for a in self.sql_template.columns)
- for i in self.sql_template.map:
- if d.get(i) is not None:
- d[i] = self.sql_template.map[i].to_sql(d[i])
- return d
-
- def sql_decode(self, vals):
- """Initialize an object with values returned by self.sql_fetch().
- This is a default version that assumes a one-to-one mapping
- between column names in SQL and attribute names in Python. If you
- need something fancier, override this.
- """
- for a in self.sql_template.columns:
- if vals.get(a) is not None and a in self.sql_template.map:
- setattr(self, a, self.sql_template.map[a].from_sql(vals[a]))
- else:
- setattr(self, a, vals[a])
-
- def sql_fetch_hook(self, gctx):
- """Customization hook."""
- pass
-
- def sql_insert_hook(self, gctx):
- """Customization hook."""
- pass
-
- def sql_update_hook(self, gctx):
- """Customization hook."""
- self.sql_delete_hook(gctx)
- self.sql_insert_hook(gctx)
-
- def sql_delete_hook(self, gctx):
- """Customization hook."""
- pass
-
-# Some persistant objects are defined in rpki.left_right, since
-# they're also left-right PDUs. The rest are defined below, for now.
-
-class ca_obj(sql_persistant):
- """Internal CA object."""
-
- sql_template = template(
- "ca", "ca_id", "last_crl_sn",
- ("next_crl_update", rpki.sundial.datetime),
- "last_issued_sn", "last_manifest_sn",
- ("next_manifest_update", rpki.sundial.datetime),
- "sia_uri", "parent_id", "parent_resource_class")
-
- last_crl_sn = 0
- last_issued_sn = 0
- last_manifest_sn = 0
-
- def parent(self, gctx):
- """Fetch parent object to which this CA object links."""
- return rpki.left_right.parent_elt.sql_fetch(gctx, self.parent_id)
-
- def ca_details(self, gctx):
- """Fetch all ca_detail objects that link to this CA object."""
- return ca_detail_obj.sql_fetch_where(gctx, "ca_id = %s", (self.ca_id,))
-
- def fetch_pending(self, gctx):
- """Fetch the pending ca_details for this CA, if any."""
- return ca_detail_obj.sql_fetch_where(gctx, "ca_id = %s AND state = 'pending'", (self.ca_id,))
-
- def fetch_active(self, gctx):
- """Fetch the active ca_detail for this CA, if any."""
- return ca_detail_obj.sql_fetch_where1(gctx, "ca_id = %s AND state = 'active'", (self.ca_id,))
-
- def fetch_deprecated(self, gctx):
- """Fetch deprecated ca_details for this CA, if any."""
- return ca_detail_obj.sql_fetch_where(gctx, "ca_id = %s AND state = 'deprecated'", (self.ca_id,))
-
- def fetch_revoked(self, gctx):
- """Fetch revoked ca_details for this CA, if any."""
- return ca_detail_obj.sql_fetch_where(gctx, "ca_id = %s AND state = 'revoked'", (self.ca_id,))
-
- def construct_sia_uri(self, gctx, parent, rc):
- """Construct the sia_uri value for this CA given configured
- information and the parent's up-down protocol list_response PDU.
- """
-
- repository = parent.repository(gctx)
- sia_uri = rc.suggested_sia_head and rc.suggested_sia_head.rsync()
- if not sia_uri or not sia_uri.startswith(parent.sia_base):
- sia_uri = parent.sia_base
- elif not sia_uri.endswith("/"):
- raise rpki.exceptions.BadURISyntax, "SIA URI must end with a slash: %s" % sia_uri
- return sia_uri + str(self.ca_id) + "/"
-
- def check_for_updates(self, gctx, parent, rc):
- """Parent has signaled continued existance of a resource class we
- already knew about, so we need to check for an updated
- certificate, changes in resource coverage, revocation and reissue
- with the same key, etc.
- """
-
- sia_uri = self.construct_sia_uri(gctx, parent, rc)
- sia_uri_changed = self.sia_uri != sia_uri
- if sia_uri_changed:
- self.sia_uri = sia_uri
- self.sql_mark_dirty()
-
- rc_resources = rc.to_resource_bag()
- cert_map = dict((c.cert.get_SKI(), c) for c in rc.certs)
-
- for ca_detail in ca_detail_obj.sql_fetch_where(gctx, "ca_id = %s AND latest_ca_cert IS NOT NULL AND state != 'revoked'", (self.ca_id,)):
- ski = ca_detail.latest_ca_cert.get_SKI()
- if ca_detail.state in ("pending", "active"):
- current_resources = ca_detail.latest_ca_cert.get_3779resources()
- if sia_uri_changed or \
- ca_detail.latest_ca_cert != cert_map[ski].cert or \
- current_resources.undersized(rc_resources) or \
- current_resources.oversized(rc_resources):
- ca_detail.update(
- gctx = gctx,
- parent = parent,
- ca = self,
- rc = rc,
- sia_uri_changed = sia_uri_changed,
- old_resources = current_resources)
- del cert_map[ski]
- assert not cert_map, "Certificates in list_response missing from our database, SKIs %s" % ", ".join(c.cert.hSKI() for c in cert_map.values())
-
- @classmethod
- def create(cls, gctx, parent, rc):
- """Parent has signaled existance of a new resource class, so we
- need to create and set up a corresponding CA object.
- """
-
- self = cls()
- self.parent_id = parent.parent_id
- self.parent_resource_class = rc.class_name
- self.sql_store(gctx)
- self.sia_uri = self.construct_sia_uri(gctx, parent, rc)
- ca_detail = ca_detail_obj.create(gctx, self)
-
- # This will need a callback when we go event-driven
- issue_response = rpki.up_down.issue_pdu.query(gctx, parent, self, ca_detail)
-
- ca_detail.activate(
- gctx = gctx,
- ca = self,
- cert = issue_response.payload.classes[0].certs[0].cert,
- uri = issue_response.payload.classes[0].certs[0].cert_url)
-
- def delete(self, gctx, parent):
- """The list of current resource classes received from parent does
- not include the class corresponding to this CA, so we need to
- delete it (and its little dog too...).
-
- All certs published by this CA are now invalid, so need to
- withdraw them, the CRL, and the manifest from the repository,
- delete all child_cert and ca_detail records associated with this
- CA, then finally delete this CA itself.
- """
-
- repository = parent.repository(gctx)
- for ca_detail in self.ca_details(gctx):
- ca_detail.delete(gctx, ca, repository)
- self.sql_delete(gctx)
-
- def next_serial_number(self):
- """Allocate a certificate serial number."""
- self.last_issued_sn += 1
- self.sql_mark_dirty()
- return self.last_issued_sn
-
- def next_manifest_number(self):
- """Allocate a manifest serial number."""
- self.last_manifest_sn += 1
- self.sql_mark_dirty()
- return self.last_manifest_sn
-
- def next_crl_number(self):
- """Allocate a CRL serial number."""
- self.last_crl_sn += 1
- self.sql_mark_dirty()
- return self.last_crl_sn
-
- def rekey(self, gctx):
- """Initiate a rekey operation for this ca.
-
- Tasks:
-
- - Generate a new keypair.
-
- - Request cert from parent using new keypair.
-
- - Mark result as our active ca_detail.
-
- - Reissue all child certs issued by this ca using the new ca_detail.
- """
-
- rpki.log.trace()
-
- parent = self.parent(gctx)
- old_detail = self.fetch_active(gctx)
- new_detail = ca_detail_obj.create(gctx, self)
-
- # This will need a callback when we go event-driven
- issue_response = rpki.up_down.issue_pdu.query(gctx, parent, self, new_detail)
-
- new_detail.activate(
- gctx = gctx,
- ca = self,
- cert = issue_response.payload.classes[0].certs[0].cert,
- uri = issue_response.payload.classes[0].certs[0].cert_url,
- predecessor = old_detail)
-
- def revoke(self, gctx):
- """Revoke deprecated ca_detail objects associated with this ca."""
-
- rpki.log.trace()
-
- for ca_detail in self.fetch_deprecated(gctx):
- ca_detail.revoke(gctx)
-
-class ca_detail_obj(sql_persistant):
- """Internal CA detail object."""
-
- sql_template = template(
- "ca_detail",
- "ca_detail_id",
- ("private_key_id", rpki.x509.RSA),
- ("public_key", rpki.x509.RSApublic),
- ("latest_ca_cert", rpki.x509.X509),
- ("manifest_private_key_id", rpki.x509.RSA),
- ("manifest_public_key", rpki.x509.RSApublic),
- ("latest_manifest_cert", rpki.x509.X509),
- ("latest_manifest", rpki.x509.SignedManifest),
- ("latest_crl", rpki.x509.CRL),
- "state",
- "ca_cert_uri",
- "ca_id")
-
- def sql_decode(self, vals):
- """Extra assertions for SQL decode of a ca_detail_obj."""
- sql_persistant.sql_decode(self, vals)
- assert (self.public_key is None and self.private_key_id is None) or \
- self.public_key.get_DER() == self.private_key_id.get_public_DER()
- assert (self.manifest_public_key is None and self.manifest_private_key_id is None) or \
- self.manifest_public_key.get_DER() == self.manifest_private_key_id.get_public_DER()
-
- def ca(self, gctx):
- """Fetch CA object to which this ca_detail links."""
- return ca_obj.sql_fetch(gctx, self.ca_id)
-
- def child_certs(self, gctx, child = None, ski = None, revoked = False, unique = False):
- """Fetch all child_cert objects that link to this ca_detail."""
- return rpki.sql.child_cert_obj.fetch(gctx, child, self, ski, revoked, unique)
-
- def route_origins(self, gctx):
- """Fetch all route_origin objects that link to this ca_detail."""
- return rpki.left_right.route_origin_elt.sql_fetch_where(gctx, "ca_detail_id = %s", (self.ca_detail_id,))
-
- def crl_uri(self, ca):
- """Return publication URI for this ca_detail's CRL."""
- return ca.sia_uri + self.public_key.gSKI() + ".crl"
-
- def manifest_uri(self, ca):
- """Return publication URI for this ca_detail's manifest."""
- return ca.sia_uri + self.public_key.gSKI() + ".mnf"
-
- def activate(self, gctx, ca, cert, uri, predecessor = None):
- """Activate this ca_detail."""
-
- self.latest_ca_cert = cert
- self.ca_cert_uri = uri.rsync()
- self.generate_manifest_cert(ca)
- self.generate_crl(gctx)
- self.generate_manifest(gctx)
- self.state = "active"
- self.sql_mark_dirty()
-
- if predecessor is not None:
- predecessor.state = "deprecated"
- predecessor.sql_mark_dirty()
- for child_cert in predecessor.child_certs(gctx):
- child_cert.reissue(gctx, self)
-
- def delete(self, gctx, ca, repository):
- """Delete this ca_detail and all of its associated child_cert objects."""
-
- for child_cert in self.child_certs(gctx):
- repository.withdraw(gctx, child_cert.cert, child_cert.uri(ca))
- child_cert.sql_delete(gctx)
- for child_cert in self.child_certs(gctx, revoked = True):
- child_cert.sql_delete(gctx)
- repository.withdraw(gctx, self.latest_manifest, self.manifest_uri(ca))
- repository.withdraw(gctx, self.latest_crl, self.crl_uri())
- self.sql_delete(gctx)
-
- def revoke(self, gctx):
- """Request revocation of all certificates whose SKI matches the key for this ca_detail.
-
- Tasks:
-
- - Request revocation of old keypair by parent.
-
- - Revoke all child certs issued by the old keypair.
-
- - Generate a final CRL, signed with the old keypair, listing all
- the revoked certs, with a next CRL time after the last cert or
- CRL signed by the old keypair will have expired.
-
- - Destroy old keypair (and manifest keypair).
-
- - Leave final CRL in place until its next CRL time has passed.
- """
-
- # This will need a callback when we go event-driven
- r_msg = rpki.up_down.revoke_pdu.query(gctx, self)
-
- if r_msg.payload.ski != self.latest_ca_cert.gSKI():
- raise rpki.exceptions.SKIMismatch
-
- ca = self.ca(gctx)
- parent = ca.parent(gctx)
- crl_interval = rpki.sundial.timedelta(seconds = parent.self(gctx).crl_interval)
-
- nextUpdate = rpki.sundial.datetime.utcnow()
-
- if self.latest_manifest is not None:
- nextUpdate = nextUpdate.later(self.latest_manifest.getNextUpdate())
-
- if self.latest_crl is not None:
- nextUpdate = nextUpdate.later(self.latest_crl.getNextUpdate())
-
- for child_cert in self.child_certs(gctx):
- nextUpdate = nextUpdate.later(child_cert.cert.getNotAfter())
- child_cert.revoke(gctx)
-
- nextUpdate += crl_interval
-
- self.generate_crl(gctx, nextUpdate)
- self.generate_manifest(gctx, nextUpdate)
-
- self.private_key_id = None
- self.manifest_private_key_id = None
- self.manifest_public_key = None
- self.latest_manifest_cert = None
- self.state = "revoked"
- self.sql_mark_dirty()
-
- def update(self, gctx, parent, ca, rc, sia_uri_changed, old_resources):
- """Need to get a new certificate for this ca_detail and perhaps
- frob children of this ca_detail.
- """
-
- # This will need a callback when we go event-driven
- issue_response = rpki.up_down.issue_pdu.query(gctx, parent, ca, self)
-
- self.latest_ca_cert = issue_response.payload.classes[0].certs[0].cert
- new_resources = self.latest_ca_cert.get_3779resources()
-
- if sia_uri_changed or old_resources.oversized(new_resources):
- for child_cert in self.child_certs(gctx):
- child_resources = child_cert.cert.get_3779resources()
- if sia_uri_changed or child_resources.oversized(new_resources):
- child_cert.reissue(
- gctx = gctx,
- ca_detail = self,
- resources = child_resources.intersection(new_resources))
-
- @classmethod
- def create(cls, gctx, ca):
- """Create a new ca_detail object for a specified CA."""
- self = cls()
- self.ca_id = ca.ca_id
- self.state = "pending"
-
- self.private_key_id = rpki.x509.RSA()
- self.private_key_id.generate()
- self.public_key = self.private_key_id.get_RSApublic()
-
- self.manifest_private_key_id = rpki.x509.RSA()
- self.manifest_private_key_id.generate()
- self.manifest_public_key = self.manifest_private_key_id.get_RSApublic()
-
- self.sql_store(gctx)
- return self
-
- def generate_manifest_cert(self, ca):
- """Generate a new manifest certificate for this ca_detail."""
-
- resources = rpki.resource_set.resource_bag(
- as = rpki.resource_set.resource_set_as("<inherit>"),
- v4 = rpki.resource_set.resource_set_ipv4("<inherit>"),
- v6 = rpki.resource_set.resource_set_ipv6("<inherit>"))
-
- self.latest_manifest_cert = self.latest_ca_cert.issue(
- keypair = self.private_key_id,
- subject_key = self.manifest_public_key,
- serial = ca.next_manifest_number(),
- sia = None,
- aia = self.ca_cert_uri,
- crldp = self.crl_uri(ca),
- resources = resources,
- notAfter = self.latest_ca_cert.getNotAfter(),
- is_ca = False)
-
- def issue(self, gctx, ca, child, subject_key, sia, resources, child_cert = None):
- """Issue a new certificate to a child. Optional child_cert
- argument specifies an existing child_cert object to update in
- place; if not specified, we create a new one. Returns the
- child_cert object containing the newly issued cert.
- """
-
- assert child_cert is None or (child_cert.child_id == child.child_id and
- child_cert.ca_detail_id == self.ca_detail_id)
-
- cert = self.latest_ca_cert.issue(
- keypair = self.private_key_id,
- subject_key = subject_key,
- serial = ca.next_serial_number(),
- aia = self.ca_cert_uri,
- crldp = self.crl_uri(ca),
- sia = sia,
- resources = resources,
- notAfter = resources.valid_until)
-
- if child_cert is None:
- child_cert = rpki.sql.child_cert_obj(
- child_id = child.child_id,
- ca_detail_id = self.ca_detail_id,
- cert = cert)
- rpki.log.debug("Created new child_cert %s" % repr(child_cert))
- else:
- child_cert.cert = cert
- rpki.log.debug("Reusing existing child_cert %s" % repr(child_cert))
-
- child_cert.ski = cert.get_SKI()
-
- child_cert.sql_store(gctx)
-
- ca.parent(gctx).repository(gctx).publish(gctx, child_cert.cert, child_cert.uri(ca))
-
- self.generate_manifest(gctx)
-
- return child_cert
-
- def generate_crl(self, gctx, nextUpdate = None):
- """Generate a new CRL for this ca_detail. At the moment this is
- unconditional, that is, it is up to the caller to decide whether a
- new CRL is needed.
- """
-
- ca = self.ca(gctx)
- parent = ca.parent(gctx)
- repository = parent.repository(gctx)
- crl_interval = rpki.sundial.timedelta(seconds = parent.self(gctx).crl_interval)
- now = rpki.sundial.datetime.utcnow()
-
- if nextUpdate is None:
- nextUpdate = now + crl_interval
-
- certlist = []
- for child_cert in self.child_certs(gctx, revoked = True):
- if now > child_cert.cert.getNotAfter() + crl_interval:
- child_cert.sql_delete()
- else:
- certlist.append((child_cert.cert.getSerial(), child_cert.revoked.toASN1tuple(), ()))
- certlist.sort()
-
- self.latest_crl = rpki.x509.CRL.generate(
- keypair = self.private_key_id,
- issuer = self.latest_ca_cert,
- serial = ca.next_crl_number(),
- thisUpdate = now,
- nextUpdate = nextUpdate,
- revokedCertificates = certlist)
-
- repository.publish(gctx, self.latest_crl, self.crl_uri(ca))
-
- def generate_manifest(self, gctx, nextUpdate = None):
- """Generate a new manifest for this ca_detail."""
-
- ca = self.ca(gctx)
- parent = ca.parent(gctx)
- repository = parent.repository(gctx)
- crl_interval = rpki.sundial.timedelta(seconds = parent.self(gctx).crl_interval)
- now = rpki.sundial.datetime.utcnow()
-
- if nextUpdate is None:
- nextUpdate = now + crl_interval
-
- certs = self.child_certs(gctx)
-
- m = rpki.x509.SignedManifest()
- m.build(
- serial = ca.next_manifest_number(),
- thisUpdate = now,
- nextUpdate = nextUpdate,
- names_and_objs = [(c.uri_tail(), c.cert) for c in certs],
- keypair = self.manifest_private_key_id,
- certs = rpki.x509.X509_chain(self.latest_manifest_cert))
- self.latest_manifest = m
-
- repository.publish(gctx, self.latest_manifest, self.manifest_uri(ca))
-
-class child_cert_obj(sql_persistant):
- """Certificate that has been issued to a child."""
-
- sql_template = template("child_cert", "child_cert_id", ("cert", rpki.x509.X509), "child_id", "ca_detail_id", "ski", ("revoked", rpki.sundial.datetime))
-
- def __init__(self, child_id = None, ca_detail_id = None, cert = None):
- """Initialize a child_cert_obj."""
- self.child_id = child_id
- self.ca_detail_id = ca_detail_id
- self.cert = cert
- self.revoked = None
- if child_id or ca_detail_id or cert:
- self.sql_mark_dirty()
-
- def child(self, gctx):
- """Fetch child object to which this child_cert object links."""
- return rpki.left_right.child_elt.sql_fetch(gctx, self.child_id)
-
- def ca_detail(self, gctx):
- """Fetch ca_detail object to which this child_cert object links."""
- return ca_detail_obj.sql_fetch(gctx, self.ca_detail_id)
-
- def uri_tail(self):
- """Return the tail (filename) portion of the URI for this child_cert."""
- return self.cert.gSKI() + ".cer"
-
- def uri(self, ca):
- """Return the publication URI for this child_cert."""
- return ca.sia_uri + self.uri_tail()
-
- def revoke(self, gctx):
- """Mark a child cert as revoked."""
- if self.revoked is None:
- rpki.log.debug("Revoking %s" % repr(self))
- self.revoked = rpki.sundial.datetime.utcnow()
- ca = self.ca_detail(gctx).ca(gctx)
- repository = ca.parent(gctx).repository(gctx)
- repository.withdraw(gctx, self.cert, self.uri(ca))
- self.sql_mark_dirty()
-
- def reissue(self, gctx, ca_detail, resources = None, sia = None):
- """Reissue an existing cert, reusing the public key. If the cert
- we would generate is identical to the one we already have, we just
- return the one we already have. If we have to revoke the old
- certificate when generating the new one, we have to generate a new
- child_cert_obj, so calling code that needs the updated
- child_cert_obj must use the return value from this method.
- """
-
- ca = ca_detail.ca(gctx)
- child = self.child(gctx)
-
- old_resources = self.cert.get_3779resources()
- old_sia = self.cert.get_SIA()
- old_ca_detail = self.ca_detail(gctx)
-
- if resources is None:
- resources = old_resources
-
- if sia is None:
- sia = old_sia
-
- assert resources.valid_until is not None and old_resources.valid_until is not None
-
- if resources == old_resources and sia == old_sia and ca_detail == old_ca_detail:
- return self
-
- must_revoke = old_resources.oversized(resources) or old_resources.valid_until > resources.valid_until
- new_issuer = ca_detail != old_ca_detail
-
- if resources.valid_until != old_resources.valid_until:
- rpki.log.debug("Validity changed: %s %s" % ( old_resources.valid_until, resources.valid_until))
-
- if must_revoke or new_issuer:
- child_cert = None
- else:
- child_cert = self
-
- child_cert = ca_detail.issue(
- gctx = gctx,
- ca = ca,
- child = child,
- subject_key = self.cert.getPublicKey(),
- sia = sia,
- resources = resources,
- child_cert = child_cert)
-
- if must_revoke:
- for cert in child.child_certs(gctx = gctx, ca_detail = ca_detail, ski = self.ski):
- if cert is not child_cert:
- cert.revoke(gctx)
-
- return child_cert
-
- @classmethod
- def fetch(cls, gctx, child = None, ca_detail = None, ski = None, revoked = False, unique = False):
- """Fetch all child_cert objects matching a particular set of
- parameters. This is a wrapper to consolidate various queries that
- would otherwise be inline SQL WHERE expressions. In most cases
- code calls this indirectly, through methods in other classes.
- """
-
- args = []
- where = "revoked IS"
- if revoked:
- where += " NOT"
- where += " NULL"
- if child:
- where += " AND child_id = %s"
- args.append(child.child_id)
- if ca_detail:
- where += " AND ca_detail_id = %s"
- args.append(ca_detail.ca_detail_id)
- if ski:
- where += " AND ski = %s"
- args.append(ski)
- if unique:
- return cls.sql_fetch_where1(gctx, where, args)
- else:
- return cls.sql_fetch_where(gctx, where, args)
diff --git a/scripts/rpki/sundial.py b/scripts/rpki/sundial.py
deleted file mode 100644
index a1ffde62..00000000
--- a/scripts/rpki/sundial.py
+++ /dev/null
@@ -1,147 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""Unified RPKI date/time handling, based on the standard Python datetime module.
-
-Module name chosen to sidestep a nightmare of import-related errors
-that occur with the more obvious module names.
-"""
-
-import datetime as pydatetime
-
-class datetime(pydatetime.datetime):
- """RPKI extensions to standard datetime.datetime class. All work
- here is in UTC, so we use naive datetime objects.
- """
-
- def totimestamp(self):
- """Convert to seconds from epoch (like time.time()). Conversion
- method is a bit silly, but avoids time module timezone whackiness.
- """
- return int(self.strftime("%s"))
-
- @classmethod
- def fromUTCTime(cls, x):
- """Convert from ASN.1 UTCTime."""
- return cls.strptime(x, "%y%m%d%H%M%SZ")
-
- def toUTCTime(self):
- """Convert to ASN.1 UTCTime."""
- return self.strftime("%y%m%d%H%M%SZ")
-
- @classmethod
- def fromGeneralizedTime(cls, x):
- """Convert from ASN.1 GeneralizedTime."""
- return cls.strptime(x, "%Y%m%d%H%M%SZ")
-
- def toGeneralizedTime(self):
- """Convert to ASN.1 GeneralizedTime."""
- return self.strftime("%Y%m%d%H%M%SZ")
-
- @classmethod
- def fromASN1tuple(cls, x):
- """Convert from ASN.1 tuple representation."""
- assert isinstance(x, tuple) and len(x) == 2 and x[0] in ("utcTime", "generalTime")
- if x[0] == "utcTime":
- return cls.fromUTCTime(x[1])
- else:
- return cls.fromGeneralizedTime(x[1])
-
- ## @var PKIX_threshhold
- # Threshold specified in RFC 3280 for switchover from UTCTime to GeneralizedTime.
-
- PKIX_threshhold = pydatetime.datetime(2050, 1, 1)
-
- def toASN1tuple(self):
- """Convert to ASN.1 tuple representation."""
- if self < self.PKIX_threshhold:
- return "utcTime", self.toUTCTime()
- else:
- return "generalTime", self.toGeneralizedTime()
-
- @classmethod
- def fromXMLtime(cls, x):
- """Convert from XML time representation."""
- if x is None:
- return None
- else:
- return cls.strptime(x, "%Y-%m-%dT%H:%M:%SZ")
-
- def toXMLtime(self):
- """Convert to XML time representation."""
- return self.strftime("%Y-%m-%dT%H:%M:%SZ")
-
- def __str__(self):
- return self.toXMLtime()
-
- @classmethod
- def fromdatetime(cls, x):
- """Convert a datetime.datetime object into this subclass.
- This is whacky due to the weird constructors for datetime.
- """
- return cls.combine(x.date(), x.time())
-
- def __add__(self, other):
- """Force correct class for timedelta results."""
- return self.fromdatetime(pydatetime.datetime.__add__(self, other))
-
- def __sub__(self, other):
- """Force correct class for timedelta results."""
- return self.fromdatetime(pydatetime.datetime.__sub__(self, other))
-
- @classmethod
- def from_sql(cls, x):
- """Convert from SQL storage format."""
- return cls.fromdatetime(x)
-
- def to_sql(self):
- """Convert to SQL storage format."""
- return self
-
- def later(self, other):
- """Return the later of two timestamps."""
- return other if other > self else self
-
- def earlier(self, other):
- """Return the earlier of two timestamps."""
- return other if other < self else self
-
-# Alias to simplify imports for callers
-
-timedelta = pydatetime.timedelta
-
-if __name__ == "__main__":
-
- now = datetime.utcnow()
- print now
- print repr(now)
- print now.strftime("%s")
- print now.toUTCTime()
- print now.toGeneralizedTime()
- print now.toASN1tuple()
- print now.toXMLtime()
-
- print
-
- then = now
- then += timedelta(days = 30)
- print then
- print repr(then)
- print then.strftime("%s")
- print then.toUTCTime()
- print then.toGeneralizedTime()
- print then.toASN1tuple()
- print then.toXMLtime()
diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py
deleted file mode 100644
index f902d86c..00000000
--- a/scripts/rpki/up_down.py
+++ /dev/null
@@ -1,518 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""RPKI "up-down" protocol."""
-
-import base64, lxml.etree, time
-import rpki.sax_utils, rpki.resource_set, rpki.x509, rpki.exceptions
-
-xmlns="http://www.apnic.net/specs/rescerts/up-down/"
-
-nsmap = { None : xmlns }
-
-class base_elt(object):
- """Generic PDU object.
-
- Virtual class, just provides some default methods.
- """
-
- def startElement(self, stack, name, attrs):
- """Ignore startElement() if there's no specific handler.
-
- Some elements have no attributes and we only care about their
- text content.
- """
- pass
-
- def endElement(self, stack, name, text):
- """Ignore endElement() if there's no specific handler.
-
- If we don't need to do anything else, just pop the stack.
- """
- stack.pop()
-
- def make_elt(self, name, *attrs):
- """Construct a element, copying over a set of attributes."""
- elt = lxml.etree.Element("{%s}%s" % (xmlns, name), nsmap=nsmap)
- for key in attrs:
- val = getattr(self, key, None)
- if val is not None:
- elt.set(key, str(val))
- return elt
-
- def make_b64elt(self, elt, name, value=None):
- """Construct a sub-element with Base64 text content."""
- if value is None:
- value = getattr(self, name, None)
- if value is not None:
- lxml.etree.SubElement(elt, "{%s}%s" % (xmlns, name), nsmap=nsmap).text = base64.b64encode(value)
-
- def serve_pdu(self, gctx, q_msg, r_msg, child):
- """Default PDU handler to catch unexpected types."""
- raise rpki.exceptions.BadQuery, "Unexpected query type %s" % q_msg.type
-
- def check_response(self):
- """Placeholder for response checking."""
- pass
-
-class multi_uri(list):
- """Container for a set of URIs."""
-
- def __init__(self, ini):
- """Initialize a set of URIs, which includes basic some syntax checking."""
- if isinstance(ini, (list, tuple)):
- self[:] = ini
- elif isinstance(ini, str):
- self[:] = ini.split(",")
- for s in self:
- if s.strip() != s or s.find("://") < 0:
- raise rpki.exceptions.BadURISyntax, "Bad URI \"%s\"" % s
- else:
- raise TypeError
-
- def __str__(self):
- """Convert a multi_uri back to a string representation."""
- return ",".join(self)
-
- def rsync(self):
- """Find first rsync://... URI in self."""
- for s in self:
- if s.startswith("rsync://"):
- return s
- return None
-
-class certificate_elt(base_elt):
- """Up-Down protocol representation of an issued certificate."""
-
- def startElement(self, stack, name, attrs):
- """Handle attributes of <certificate/> element."""
- assert name == "certificate", "Unexpected name %s, stack %s" % (name, stack)
- self.cert_url = multi_uri(attrs["cert_url"])
- self.req_resource_set_as = rpki.resource_set.resource_set_as(attrs.get("req_resource_set_as"))
- self.req_resource_set_ipv4 = rpki.resource_set.resource_set_ipv4(attrs.get("req_resource_set_ipv4"))
- self.req_resource_set_ipv6 = rpki.resource_set.resource_set_ipv6(attrs.get("req_resource_set_ipv6"))
-
- def endElement(self, stack, name, text):
- """Handle text content of a <certificate/> element."""
- assert name == "certificate", "Unexpected name %s, stack %s" % (name, stack)
- self.cert = rpki.x509.X509(Base64=text)
- stack.pop()
-
- def toXML(self):
- """Generate a <certificate/> element."""
- elt = self.make_elt("certificate", "cert_url",
- "req_resource_set_as", "req_resource_set_ipv4", "req_resource_set_ipv6")
- elt.text = self.cert.get_Base64()
- return elt
-
-class class_elt(base_elt):
- """Up-Down protocol representation of a resource class."""
-
- issuer = None
-
- def __init__(self):
- """Initialize class_elt."""
- self.certs = []
-
- def startElement(self, stack, name, attrs):
- """Handle <class/> elements and their children."""
- if name == "certificate":
- cert = certificate_elt()
- self.certs.append(cert)
- stack.append(cert)
- cert.startElement(stack, name, attrs)
- elif name != "issuer":
- assert name == "class", "Unexpected name %s, stack %s" % (name, stack)
- self.class_name = attrs["class_name"]
- self.cert_url = multi_uri(attrs["cert_url"])
- self.suggested_sia_head = attrs.get("suggested_sia_head")
- self.resource_set_as = rpki.resource_set.resource_set_as(attrs["resource_set_as"])
- self.resource_set_ipv4 = rpki.resource_set.resource_set_ipv4(attrs["resource_set_ipv4"])
- self.resource_set_ipv6 = rpki.resource_set.resource_set_ipv6(attrs["resource_set_ipv6"])
- self.resource_set_notafter = rpki.sundial.datetime.fromXMLtime(attrs.get("resource_set_notafter"))
-
- def endElement(self, stack, name, text):
- """Handle <class/> elements and their children."""
- if name == "issuer":
- self.issuer = rpki.x509.X509(Base64=text)
- else:
- assert name == "class", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
-
- def toXML(self):
- """Generate a <class/> element."""
- elt = self.make_elt("class", "class_name", "cert_url", "resource_set_as",
- "resource_set_ipv4", "resource_set_ipv6",
- "resource_set_notafter", "suggested_sia_head")
- elt.extend([i.toXML() for i in self.certs])
- if self.issuer is not None:
- self.make_b64elt(elt, "issuer", self.issuer.get_DER())
- return elt
-
- def to_resource_bag(self):
- """Build a resource_bag from from this <class/> element."""
- return rpki.resource_set.resource_bag(self.resource_set_as,
- self.resource_set_ipv4,
- self.resource_set_ipv6,
- self.resource_set_notafter)
-
- def from_resource_bag(self, bag):
- """Set resources of this class element from a resource_bag."""
- self.resource_set_as = bag.as
- self.resource_set_ipv4 = bag.v4
- self.resource_set_ipv6 = bag.v6
- self.resource_set_notafter = bag.valid_until
-
-class list_pdu(base_elt):
- """Up-Down protocol "list" PDU."""
-
- def toXML(self):
- """Generate (empty) payload of "list" PDU."""
- return []
-
- def serve_pdu(self, gctx, q_msg, r_msg, child):
- """Serve one "list" PDU."""
- r_msg.payload = list_response_pdu()
-
- # This will require a callback when we go event-driven
- irdb_resources = rpki.left_right.irdb_query(gctx, child.self_id, child.child_id)
-
- for parent in child.parents(gctx):
- for ca in parent.cas(gctx):
- ca_detail = ca.fetch_active(gctx)
- if not ca_detail:
- continue
- resources = ca_detail.latest_ca_cert.get_3779resources().intersection(irdb_resources)
- if resources.empty():
- continue
- rc = class_elt()
- rc.class_name = str(ca.ca_id)
- rc.cert_url = multi_uri(ca_detail.ca_cert_uri)
- rc.from_resource_bag(resources)
- for child_cert in child.child_certs(gctx, ca_detail = ca_detail):
- c = certificate_elt()
- c.cert_url = multi_uri(child_cert.uri(ca))
- c.cert = child_cert.cert
- rc.certs.append(c)
- rc.issuer = ca_detail.latest_ca_cert
- r_msg.payload.classes.append(rc)
-
- @classmethod
- def query(cls, gctx, parent):
- """Send a "list" query to parent."""
- return parent.query_up_down(gctx, cls())
-
-class class_response_syntax(base_elt):
- """Syntax for Up-Down protocol "list_response" and "issue_response" PDUs."""
-
- def __init__(self):
- """Initialize class_response_syntax."""
- self.classes = []
-
- def startElement(self, stack, name, attrs):
- """Handle "list_response" and "issue_response" PDUs."""
- assert name == "class", "Unexpected name %s, stack %s" % (name, stack)
- c = class_elt()
- self.classes.append(c)
- stack.append(c)
- c.startElement(stack, name, attrs)
-
- def toXML(self):
- """Generate payload of "list_response" and "issue_response" PDUs."""
- return [c.toXML() for c in self.classes]
-
-class list_response_pdu(class_response_syntax):
- """Up-Down protocol "list_response" PDU."""
-
- pass
-
-class issue_pdu(base_elt):
- """Up-Down protocol "issue" PDU."""
-
- def startElement(self, stack, name, attrs):
- """Handle "issue" PDU."""
- assert name == "request", "Unexpected name %s, stack %s" % (name, stack)
- self.class_name = attrs["class_name"]
- self.req_resource_set_as = rpki.resource_set.resource_set_as(attrs.get("req_resource_set_as"))
- self.req_resource_set_ipv4 = rpki.resource_set.resource_set_ipv4(attrs.get("req_resource_set_ipv4"))
- self.req_resource_set_ipv6 = rpki.resource_set.resource_set_ipv6(attrs.get("req_resource_set_ipv6"))
-
- def endElement(self, stack, name, text):
- """Handle "issue" PDU."""
- assert name == "request", "Unexpected name %s, stack %s" % (name, stack)
- self.pkcs10 = rpki.x509.PKCS10(Base64=text)
- stack.pop()
-
- def toXML(self):
- """Generate payload of "issue" PDU."""
- elt = self.make_elt("request", "class_name", "req_resource_set_as",
- "req_resource_set_ipv4", "req_resource_set_ipv6")
- elt.text = self.pkcs10.get_Base64()
- return [elt]
-
- def serve_pdu(self, gctx, q_msg, r_msg, child):
- """Serve one issue request PDU."""
-
- # Check the request
- ca = child.ca_from_class_name(gctx, self.class_name)
- ca_detail = ca.fetch_active(gctx)
- self.pkcs10.check_valid_rpki()
-
- # Check current cert, if any
-
- # This will require a callback when we go event-driven
- irdb_resources = rpki.left_right.irdb_query(gctx, child.self_id, child.child_id)
-
- resources = irdb_resources.intersection(ca_detail.latest_ca_cert.get_3779resources())
- req_key = self.pkcs10.getPublicKey()
- req_sia = self.pkcs10.get_SIA()
- child_cert = child.child_certs(gctx, ca_detail = ca_detail, ski = req_key.get_SKI(), unique = True)
-
- # Generate new cert or regenerate old one if necessary
-
- if child_cert is None:
- child_cert = ca_detail.issue(
- gctx = gctx,
- ca = ca,
- child = child,
- subject_key = req_key,
- sia = req_sia,
- resources = resources)
- else:
- child_cert = child_cert.reissue(
- gctx = gctx,
- ca_detail = ca_detail,
- sia = req_sia,
- resources = resources)
-
- # Save anything we modified and generate response
- rpki.sql.sql_sweep(gctx)
- assert child_cert and child_cert.sql_in_db
- c = certificate_elt()
- c.cert_url = multi_uri(child_cert.uri(ca))
- c.cert = child_cert.cert
- rc = class_elt()
- rc.class_name = self.class_name
- rc.cert_url = multi_uri(ca_detail.ca_cert_uri)
- rc.from_resource_bag(resources)
- rc.certs.append(c)
- rc.issuer = ca_detail.latest_ca_cert
- r_msg.payload = issue_response_pdu()
- r_msg.payload.classes.append(rc)
-
- @classmethod
- def query(cls, gctx, parent, ca, ca_detail):
- """Send an "issue" request to parent associated with ca."""
- assert ca_detail is not None and ca_detail.state in ("pending", "active")
- sia = ((rpki.oids.name2oid["id-ad-caRepository"], ("uri", ca.sia_uri)),
- (rpki.oids.name2oid["id-ad-rpkiManifest"], ("uri", ca_detail.manifest_uri(ca))))
- self = cls()
- self.class_name = ca.parent_resource_class
- self.pkcs10 = rpki.x509.PKCS10.create_ca(ca_detail.private_key_id, sia)
- return parent.query_up_down(gctx, self)
-
-class issue_response_pdu(class_response_syntax):
- """Up-Down protocol "issue_response" PDU."""
-
- def check_response(self):
- """Check whether this looks like a reasonable issue_response PDU.
- XML schema should be tighter for this response.
- """
- if len(self.classes) != 1 or len(self.classes[0].certs) != 1:
- raise rpki.exceptions.BadIssueResponse
-
-class revoke_syntax(base_elt):
- """Syntax for Up-Down protocol "revoke" and "revoke_response" PDUs."""
-
- def startElement(self, stack, name, attrs):
- """Handle "revoke" PDU."""
- self.class_name = attrs["class_name"]
- self.ski = attrs["ski"]
-
- def toXML(self):
- """Generate payload of "revoke" PDU."""
- return [self.make_elt("key", "class_name", "ski")]
-
-class revoke_pdu(revoke_syntax):
- """Up-Down protocol "revoke" PDU."""
-
- def get_SKI(self):
- """Convert g(SKI) encoding from PDU back to raw SKI."""
- return base64.urlsafe_b64decode(self.ski + "=")
-
- def serve_pdu(self, gctx, q_msg, r_msg, child):
- """Serve one revoke request PDU."""
- for ca_detail in child.ca_from_class_name(gctx, self.class_name).ca_details(gctx):
- for child_cert in child.child_certs(gctx, ca_detail = ca_detail, ski = self.get_SKI()):
- child_cert.revoke(gctx)
- rpki.sql.sql_sweep(gctx)
- r_msg.payload = revoke_response_pdu()
- r_msg.payload.class_name = self.class_name
- r_msg.payload.ski = self.ski
-
- @classmethod
- def query(cls, gctx, ca_detail):
- """Send a "revoke" request to parent associated with ca_detail."""
- ca = ca_detail.ca(gctx)
- parent = ca.parent(gctx)
- self = cls()
- self.class_name = ca.parent_resource_class
- self.ski = ca_detail.latest_ca_cert.gSKI()
- return parent.query_up_down(gctx, self)
-
-class revoke_response_pdu(revoke_syntax):
- """Up-Down protocol "revoke_response" PDU."""
-
- pass
-
-class error_response_pdu(base_elt):
- """Up-Down protocol "error_response" PDU."""
-
- codes = {
- 1101 : "Already processing request",
- 1102 : "Version number error",
- 1103 : "Unrecognised request type",
- 1201 : "Request - no such resource class",
- 1202 : "Request - no resources allocated in resource class",
- 1203 : "Request - badly formed certificate request",
- 1301 : "Revoke - no such resource class",
- 1302 : "Revoke - no such key",
- 2001 : "Internal Server Error - Request not performed" }
-
- exceptions = {}
-
- def __init__(self, exception = None):
- """Initialize an error_response PDU from an exception object."""
- if exception is not None:
- if exception in self.exceptions:
- self.status = exceptions[exception]
- else:
- self.status = 2001
- self.description = str(exception)
-
- def endElement(self, stack, name, text):
- """Handle "error_response" PDU."""
- if name == "status":
- code = int(text)
- if code not in self.codes:
- raise rpki.exceptions.BadStatusCode, "%s is not a known status code"
- self.status = code
- elif name == "description":
- self.description = text
- else:
- assert name == "message", "Unexpected name %s, stack %s" % (name, stack)
- stack.pop()
- stack[-1].endElement(stack, name, text)
-
- def toXML(self):
- """Generate payload of "error_response" PDU."""
- assert self.status in self.codes
- elt = self.make_elt("status")
- elt.text = str(self.status)
- payload = [elt]
- if self.description:
- elt = self.make_elt("description")
- elt.text = str(self.description)
- elt.set("{http://www.w3.org/XML/1998/namespace}lang", "en-US")
- payload.append(elt)
- return payload
-
- def check_response(self):
- """Handle an error response. For now, just raise an exception,
- perhaps figure out something more clever to do later.
- """
- raise rpki.exceptions.UpstreamError, self.codes[self.status]
-
-class message_pdu(base_elt):
- """Up-Down protocol message wrapper PDU."""
-
- version = 1
-
- name2type = {
- "list" : list_pdu,
- "list_response" : list_response_pdu,
- "issue" : issue_pdu,
- "issue_response" : issue_response_pdu,
- "revoke" : revoke_pdu,
- "revoke_response" : revoke_response_pdu,
- "error_response" : error_response_pdu }
-
- type2name = dict((v,k) for k,v in name2type.items())
-
- def toXML(self):
- """Generate payload of message PDU."""
- elt = self.make_elt("message", "version", "sender", "recipient", "type")
- elt.extend(self.payload.toXML())
- return elt
-
- def startElement(self, stack, name, attrs):
- """Handle message PDU.
-
- Payload of the <message/> element varies depending on the "type"
- attribute, so after some basic checks we have to instantiate the
- right class object to handle whatever kind of PDU this is.
- """
- assert name == "message", "Unexpected name %s, stack %s" % (name, stack)
- assert self.version == int(attrs["version"])
- self.sender = attrs["sender"]
- self.recipient = attrs["recipient"]
- self.type = attrs["type"]
- self.payload = self.name2type[attrs["type"]]()
- stack.append(self.payload)
-
- def __str__(self):
- """Convert a message PDU to a string."""
- lxml.etree.tostring(self.toXML(), pretty_print = True, encoding = "UTF-8")
-
- def serve_top_level(self, gctx, child):
- """Serve one message request PDU."""
- r_msg = message_pdu()
- r_msg.sender = self.recipient
- r_msg.recipient = self.sender
- self.payload.serve_pdu(gctx, self, r_msg, child)
- r_msg.type = self.type2name[type(r_msg.payload)]
- return r_msg
-
- def serve_error(self, exception):
- """Generate an error_response message PDU."""
- r_msg = message_pdu()
- r_msg.sender = self.recipient
- r_msg.recipient = self.sender
- r_msg.payload = error_response_pdu(exception)
- r_msg.type = self.type2name[type(r_msg.payload)]
- return r_msg
-
- @classmethod
- def make_query(cls, payload, sender, recipient):
- """Construct one message PDU."""
- assert not cls.type2name[type(payload)].endswith("_response")
- if sender is None:
- sender = "tweedledee"
- if recipient is None:
- recipient = "tweedledum"
- self = cls()
- self.sender = sender
- self.recipient = recipient
- self.payload = payload
- self.type = self.type2name[type(payload)]
- return self
-
-class sax_handler(rpki.sax_utils.handler):
- """SAX handler for Up-Down protocol."""
-
- def create_top_level(self, name, attrs):
- """Top-level PDU for this protocol is <message/>."""
- return message_pdu()
diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py
deleted file mode 100644
index c029e5f3..00000000
--- a/scripts/rpki/x509.py
+++ /dev/null
@@ -1,700 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""One X.509 implementation to rule them all...
-
-...and in the darkness hide the twisty maze of partially overlapping
-X.509 support packages in Python.
-
-There are several existing packages, none of which do quite what I
-need, due to age, lack of documentation, specialization, or lack of
-foresight on somebody's part (perhaps mine). This module attempts to
-bring together the functionality I need in a way that hides at least
-some of the nasty details. This involves a lot of format conversion.
-"""
-
-import POW, tlslite.api, POW.pkix, base64, time
-import rpki.exceptions, rpki.resource_set, rpki.manifest, rpki.cms, rpki.oids, rpki.sundial
-
-def calculate_SKI(public_key_der):
- """Calculate the SKI value given the DER representation of a public
- key, which requires first peeling the ASN.1 wrapper off the key.
- """
- k = POW.pkix.SubjectPublicKeyInfo()
- k.fromString(public_key_der)
- d = POW.Digest(POW.SHA1_DIGEST)
- d.update(k.subjectPublicKey.get())
- return d.digest()
-
-class PEM_converter(object):
- """Convert between DER and PEM encodings for various kinds of ASN.1 data."""
-
- def __init__(self, kind): # "CERTIFICATE", "RSA PRIVATE KEY", ...
- """Initialize PEM_converter."""
- self.b = "-----BEGIN %s-----" % kind
- self.e = "-----END %s-----" % kind
-
- def looks_like_PEM(self, text):
- """Guess whether text looks like a PEM encoding."""
- b = text.find(self.b)
- return b >= 0 and text.find(self.e) > b + len(self.b)
-
- def to_DER(self, pem):
- """Convert from PEM to DER."""
- lines = [line.strip() for line in pem.splitlines(0)]
- while lines and lines.pop(0) != self.b:
- pass
- while lines and lines.pop(-1) != self.e:
- pass
- assert lines
- return base64.b64decode("".join(lines))
-
- def to_PEM(self, der):
- """Convert from DER to PEM."""
- b64 = base64.b64encode(der)
- pem = self.b + "\n"
- while len(b64) > 64:
- pem += b64[0:64] + "\n"
- b64 = b64[64:]
- return pem + b64 + "\n" + self.e + "\n"
-
-class DER_object(object):
- """Virtual class to hold a generic DER object."""
-
- ## Formats supported in this object
- formats = ("DER",)
-
- ## PEM converter for this object
- pem_converter = None
-
- ## Other attributes that self.clear() should whack
- other_clear = ()
-
- ## @var DER
- ## DER value of this object
-
- def empty(self):
- """Test whether this object is empty."""
- for a in self.formats:
- if getattr(self, a, None) is not None:
- return False
- return True
-
- def clear(self):
- """Make this object empty."""
- for a in self.formats + self.other_clear:
- setattr(self, a, None)
-
- def __init__(self, **kw):
- """Initialize a DER_object."""
- self.clear()
- if len(kw):
- self.set(**kw)
-
- def set(self, **kw):
- """Set this object by setting one of its known formats.
-
- This method only allows one to set one format at a time.
- Subsequent calls will clear the object first. The point of all
- this is to let the object's internal converters handle mustering
- the object into whatever format you need at the moment.
- """
- if len(kw) == 1:
- name = kw.keys()[0]
- if name in self.formats:
- self.clear()
- setattr(self, name, kw[name])
- return
- if name == "PEM":
- self.clear()
- self.DER = self.pem_converter.to_DER(kw[name])
- return
- if name == "Base64":
- self.clear()
- self.DER = base64.b64decode(kw[name])
- return
- if name in ("PEM_file", "DER_file", "Auto_file"):
- f = open(kw[name], "rb")
- value = f.read()
- f.close()
- if name == "PEM_file" or (name == "Auto_file" and self.pem_converter.looks_like_PEM(value)):
- value = self.pem_converter.to_DER(value)
- self.clear()
- self.DER = value
- return
- raise rpki.exceptions.DERObjectConversionError, "Can't honor conversion request %s" % repr(kw)
-
- def get_DER(self):
- """Get the DER value of this object.
-
- Subclasses will almost certainly override this method.
- """
- assert not self.empty()
- if self.DER:
- return self.DER
- raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available"
-
- def get_Base64(self):
- """Get the Base64 encoding of the DER value of this object."""
- return base64.b64encode(self.get_DER())
-
- def get_PEM(self):
- """Get the PEM representation of this object."""
- return self.pem_converter.to_PEM(self.get_DER())
-
- def __cmp__(self, other):
- """Compare two DER-encoded objects."""
- return cmp(self.get_DER(), other.get_DER())
-
- def hSKI(self):
- """Return hexadecimal string representation of SKI for this
- object. Only work for subclasses that implement get_SKI().
- """
- return ":".join(("%02X" % ord(i) for i in self.get_SKI()))
-
- def gSKI(self):
- """Calculate g(SKI) for this object. Only work for subclasses
- that implement get_SKI().
- """
- return base64.urlsafe_b64encode(self.get_SKI()).rstrip("=")
-
- def get_AKI(self):
- """Get the AKI extension from this object. Only works for subclasses that support getExtension()."""
- return (self.get_POWpkix().getExtension(rpki.oids.name2oid["authorityKeyIdentifier"]) or ((), 0, None))[2]
-
- def get_SKI(self):
- """Get the SKI extension from this object. Only works for subclasses that support getExtension()."""
- return (self.get_POWpkix().getExtension(rpki.oids.name2oid["subjectKeyIdentifier"]) or ((), 0, None))[2]
-
- def get_SIA(self):
- """Get the SIA extension from this object. Only works for subclasses that support getExtension()."""
- return (self.get_POWpkix().getExtension(rpki.oids.name2oid["subjectInfoAccess"]) or ((), 0, None))[2]
-
- def get_AIA(self):
- """Get the SIA extension from this object. Only works for subclasses that support getExtension()."""
- return (self.get_POWpkix().getExtension(rpki.oids.name2oid["subjectInfoAccess"]) or ((), 0, None))[2]
-
- def get_3779resources(self):
- """Get RFC 3779 resources as rpki.resource_set objects.
- Only works for subclasses that support getExtensions().
- """
- resources = rpki.resource_set.resource_bag.from_asn1_tuples(self.get_POWpkix().getExtensions())
- try:
- resources.valid_until = self.getNotAfter()
- except AttributeError:
- pass
- return resources
-
- @classmethod
- def from_sql(cls, x):
- """Convert from SQL storage format."""
- return cls(DER = x)
-
- def to_sql(self):
- """Convert to SQL storage format."""
- return self.get_DER()
-
-class X509(DER_object):
- """X.509 certificates.
-
- This class is designed to hold all the different representations of
- X.509 certs we're using and convert between them. X.509 support in
- Python a nasty maze of half-cooked stuff (except perhaps for
- cryptlib, which is just different). Users of this module should not
- have to care about this implementation nightmare.
- """
-
- formats = ("DER", "POW", "POWpkix", "tlslite")
- pem_converter = PEM_converter("CERTIFICATE")
-
- def get_DER(self):
- """Get the DER value of this certificate."""
- assert not self.empty()
- if self.DER:
- return self.DER
- if self.POW:
- self.DER = self.POW.derWrite()
- return self.get_DER()
- if self.POWpkix:
- self.DER = self.POWpkix.toString()
- return self.get_DER()
- raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available"
-
- def get_POW(self):
- """Get the POW value of this certificate."""
- assert not self.empty()
- if not self.POW:
- self.POW = POW.derRead(POW.X509_CERTIFICATE, self.get_DER())
- return self.POW
-
- def get_POWpkix(self):
- """Get the POW.pkix value of this certificate."""
- assert not self.empty()
- if not self.POWpkix:
- cert = POW.pkix.Certificate()
- cert.fromString(self.get_DER())
- self.POWpkix = cert
- return self.POWpkix
-
- def get_tlslite(self):
- """Get the tlslite value of this certificate."""
- assert not self.empty()
- if not self.tlslite:
- cert = tlslite.api.X509()
- cert.parseBinary(self.get_DER())
- self.tlslite = cert
- return self.tlslite
-
- def getIssuer(self):
- """Get the issuer of this certificate."""
- return self.get_POW().getIssuer()
-
- def getSubject(self):
- """Get the subject of this certificate."""
- return self.get_POW().getSubject()
-
- def getNotBefore(self):
- """Get the inception time of this certificate."""
- return rpki.sundial.datetime.fromASN1tuple(self.get_POWpkix().tbs.validity.notBefore.get())
-
- def getNotAfter(self):
- """Get the expiration time of this certificate."""
- return rpki.sundial.datetime.fromASN1tuple(self.get_POWpkix().tbs.validity.notAfter.get())
-
- def getSerial(self):
- """Get the serial number of this certificate."""
- return self.get_POW().getSerial()
-
- def getPublicKey(self):
- """Extract the public key from this certificate."""
- return RSApublic(DER = self.get_POWpkix().tbs.subjectPublicKeyInfo.toString())
-
- def issue(self, keypair, subject_key, serial, sia, aia, crldp, notAfter,
- cn = None, resources = None, is_ca = True):
- """Issue a certificate."""
-
- now = rpki.sundial.datetime.utcnow()
- aki = self.get_SKI()
- ski = subject_key.get_SKI()
-
- if cn is None:
- cn = "".join(("%02X" % ord(i) for i in ski))
-
- # if notAfter is None: notAfter = now + rpki.sundial.timedelta(days = 30)
-
- cert = POW.pkix.Certificate()
- cert.setVersion(2)
- cert.setSerial(serial)
- cert.setIssuer(self.get_POWpkix().getSubject())
- cert.setSubject((((rpki.oids.name2oid["commonName"], ("printableString", cn)),),))
- cert.setNotBefore(now.toASN1tuple())
- cert.setNotAfter(notAfter.toASN1tuple())
- cert.tbs.subjectPublicKeyInfo.fromString(subject_key.get_DER())
-
- exts = [ ["subjectKeyIdentifier", False, ski],
- ["authorityKeyIdentifier", False, (aki, (), None)],
- ["cRLDistributionPoints", False, ((("fullName", (("uri", crldp),)), None, ()),)],
- ["authorityInfoAccess", False, ((rpki.oids.name2oid["id-ad-caIssuers"], ("uri", aia)),)],
- ["certificatePolicies", True, ((rpki.oids.name2oid["id-cp-ipAddr-asNumber"], ()),)] ]
-
- if is_ca:
- exts.append(["basicConstraints", True, (1, None)])
- exts.append(["keyUsage", True, (0, 0, 0, 0, 0, 1, 1)])
- else:
- exts.append(["keyUsage", True, (1,)])
-
- if sia is not None:
- exts.append(["subjectInfoAccess", False, sia])
- else:
- assert not is_ca
-
- if resources is not None and resources.as:
- exts.append(["sbgp-autonomousSysNum", True, (resources.as.to_tuple(), None)])
-
- if resources is not None and (resources.v4 or resources.v6):
- exts.append(["sbgp-ipAddrBlock", True, [x for x in (resources.v4.to_tuple(), resources.v6.to_tuple()) if x is not None]])
-
- for x in exts:
- x[0] = rpki.oids.name2oid[x[0]]
- cert.setExtensions(exts)
-
- cert.sign(keypair.get_POW(), POW.SHA256_DIGEST)
-
- return X509(POWpkix = cert)
-
-class X509_chain(list):
- """Collections of certs.
-
- This class provides sorting and conversion functions for various
- packages.
- """
-
- def __init__(self, *args, **kw):
- """Initialize an X509_chain."""
- if args:
- self[:] = args
- elif "PEM_files" in kw:
- self.load_from_PEM(kw["PEM_files"])
- elif "DER_files" in kw:
- self.load_from_DER(kw["DER_files"])
- elif "Auto_files" in kw:
- self.load_from_Auto(kw["Auto_files"])
- elif kw:
- raise TypeError
-
- def chainsort(self):
- """Sort a bag of certs into a chain, leaf first.
-
- Various other routines want their certs presented in this order.
- """
- if len(self) > 1:
- bag = self[:]
- issuer_names = [x.getIssuer() for x in bag]
- subject_map = dict([(x.getSubject(), x) for x in bag])
- chain = []
- for subject in subject_map:
- if subject not in issuer_names:
- cert = subject_map[subject]
- chain.append(cert)
- bag.remove(cert)
- if len(chain) != 1:
- raise rpki.exceptions.NotACertificateChain, "Certificates in bag don't form a proper chain"
- while bag:
- cert = subject_map[chain[-1].getIssuer()]
- chain.append(cert)
- bag.remove(cert)
- self[:] = chain
-
- def tlslite_certChain(self):
- """Return a certChain in the format tlslite likes."""
- self.chainsort()
- return tlslite.api.X509CertChain([x.get_tlslite() for x in self])
-
- def tlslite_trustList(self):
- """Return a trustList in the format tlslite likes."""
- return [x.get_tlslite() for x in self]
-
- def clear(self):
- """Drop all certs from this bag onto the floor."""
- self[:] = []
-
- def load_from_PEM(self, files):
- """Load a set of certs from a list of PEM files."""
- self.extend([X509(PEM_file=f) for f in files])
-
- def load_from_DER(self, files):
- """Load a set of certs from a list of DER files."""
- self.extend([X509(DER_file=f) for f in files])
-
- def load_from_Auto(self, files):
- """Load a set of certs from a list of DER or PEM files (guessing)."""
- self.extend([X509(Auto_file=f) for f in files])
-
-class PKCS10(DER_object):
- """Class to hold a PKCS #10 request."""
-
- formats = ("DER", "POWpkix")
- pem_converter = PEM_converter("CERTIFICATE REQUEST")
-
- def get_DER(self):
- """Get the DER value of this certification request."""
- assert not self.empty()
- if self.DER:
- return self.DER
- if self.POWpkix:
- self.DER = self.POWpkix.toString()
- return self.get_DER()
- raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available"
-
- def get_POWpkix(self):
- """Get the POW.pkix value of this certification request."""
- assert not self.empty()
- if not self.POWpkix:
- req = POW.pkix.CertificationRequest()
- req.fromString(self.get_DER())
- self.POWpkix = req
- return self.POWpkix
-
- def getPublicKey(self):
- """Extract the public key from this certification request."""
- return RSApublic(DER = self.get_POWpkix().certificationRequestInfo.subjectPublicKeyInfo.toString())
-
- def check_valid_rpki(self):
- """Check this certification request to see whether it's a valid
- request for an RPKI certificate. This is broken out of the
- up-down protocol code because it's somewhat involved and the
- up-down code doesn't need to know the details.
-
- Throws an exception if the request isn't valid, so if this method
- returns at all, the request is ok.
- """
-
- if not self.get_POWpkix().verify():
- raise rpki.exceptions.BadPKCS10, "Signature check failed"
-
- if self.get_POWpkix().certificationRequestInfo.version.get() != 0:
- raise rpki.exceptions.BadPKCS10, \
- "Bad version number %s" % self.get_POWpkix().certificationRequestInfo.version
-
- if rpki.oids.oid2name.get(self.get_POWpkix().signatureAlgorithm.algorithm.get()) \
- not in ("sha256WithRSAEncryption", "sha384WithRSAEncryption", "sha512WithRSAEncryption"):
- raise rpki.exceptions.BadPKCS10, "Bad signature algorithm %s" % self.get_POWpkix().signatureAlgorithm
-
- exts = self.get_POWpkix().getExtensions()
- for oid, critical, value in exts:
- if rpki.oids.oid2name.get(oid) not in ("basicConstraints", "keyUsage", "subjectInfoAccess"):
- raise rpki.exceptions.BadExtension, "Forbidden extension %s" % oid
- req_exts = dict((rpki.oids.oid2name[oid], value) for (oid, critical, value) in exts)
-
- if "basicConstraints" not in req_exts or not req_exts["basicConstraints"][0]:
- raise rpki.exceptions.BadPKCS10, "request for EE cert not allowed here"
-
- if req_exts["basicConstraints"][1] is not None:
- raise rpki.exceptions.BadPKCS10, "basicConstraints must not specify Path Length"
-
- if "keyUsage" in req_exts and (not req_exts["keyUsage"][5] or not req_exts["keyUsage"][6]):
- raise rpki.exceptions.BadPKCS10, "keyUsage doesn't match basicConstraints"
-
- for method, location in req_exts.get("subjectInfoAccess", ()):
- if rpki.oids.oid2name.get(method) == "id-ad-caRepository" and \
- (location[0] != "uri" or (location[1].startswith("rsync://") and not location[1].endswith("/"))):
- raise rpki.exceptions.BadPKCS10, "Certificate request includes bad SIA component: %s" % repr(location)
-
- # This one is an implementation restriction. I don't yet
- # understand what the spec is telling me to do in this case.
- assert "subjectInfoAccess" in req_exts, "Can't (yet) handle PKCS #10 without an SIA extension"
-
- @classmethod
- def create_ca(cls, keypair, sia = None):
- """Create a new request for a given keypair, including given SIA value."""
- exts = [["basicConstraints", True, (1, None)],
- ["keyUsage", True, (0, 0, 0, 0, 0, 1, 1)]]
- if sia is not None:
- exts.append(["subjectInfoAccess", False, sia])
- for x in exts:
- x[0] = rpki.oids.name2oid[x[0]]
- return cls.create(keypair, exts)
-
- @classmethod
- def create(cls, keypair, exts = None):
- """Create a new request for a given keypair, including given extensions."""
- cn = "".join(("%02X" % ord(i) for i in keypair.get_SKI()))
- req = POW.pkix.CertificationRequest()
- req.certificationRequestInfo.version.set(0)
- req.certificationRequestInfo.subject.set((((rpki.oids.name2oid["commonName"],
- ("printableString", cn)),),))
- if exts is not None:
- req.setExtensions(exts)
- req.sign(keypair.get_POW(), POW.SHA256_DIGEST)
- return cls(POWpkix = req)
-
-class RSA(DER_object):
- """Class to hold an RSA key pair."""
-
- formats = ("DER", "POW", "tlslite")
- pem_converter = PEM_converter("RSA PRIVATE KEY")
-
- def get_DER(self):
- """Get the DER value of this keypair."""
- assert not self.empty()
- if self.DER:
- return self.DER
- if self.POW:
- self.DER = self.POW.derWrite(POW.RSA_PRIVATE_KEY)
- return self.get_DER()
- raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available"
-
- def get_POW(self):
- """Get the POW value of this keypair."""
- assert not self.empty()
- if not self.POW:
- self.POW = POW.derRead(POW.RSA_PRIVATE_KEY, self.get_DER())
- return self.POW
-
- def get_tlslite(self):
- """Get the tlslite value of this keypair."""
- assert not self.empty()
- if not self.tlslite:
- self.tlslite = tlslite.api.parsePEMKey(self.get_PEM(), private=True)
- return self.tlslite
-
- def generate(self, keylength = 2048):
- """Generate a new keypair."""
- self.clear()
- self.set(POW=POW.Asymmetric(POW.RSA_CIPHER, keylength))
-
- def get_public_DER(self):
- """Get the DER encoding of the public key from this keypair."""
- return self.get_POW().derWrite(POW.RSA_PUBLIC_KEY)
-
- def get_SKI(self):
- """Calculate the SKI of this keypair."""
- return calculate_SKI(self.get_public_DER())
-
- def get_RSApublic(self):
- """Convert the public key of this keypair into a RSApublic object."""
- return RSApublic(DER = self.get_public_DER())
-
-class RSApublic(DER_object):
- """Class to hold an RSA public key."""
-
- formats = ("DER", "POW")
- pem_converter = PEM_converter("RSA PUBLIC KEY")
-
- def get_DER(self):
- """Get the DER value of this public key."""
- assert not self.empty()
- if self.DER:
- return self.DER
- if self.POW:
- self.DER = self.POW.derWrite(POW.RSA_PUBLIC_KEY)
- return self.get_DER()
- raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available"
-
- def get_POW(self):
- """Get the POW value of this public key."""
- assert not self.empty()
- if not self.POW:
- self.POW = POW.derRead(POW.RSA_PUBLIC_KEY, self.get_DER())
- return self.POW
-
- def get_SKI(self):
- """Calculate the SKI of this public key."""
- return calculate_SKI(self.get_DER())
-
-class SignedManifest(DER_object):
- """Class to hold a signed manifest.
-
- Signed manifests are a little different from the other DER_object
- types because the signed object is CMS wrapping inner content that's
- also ASN.1, and due to our current minimal support for CMS we can't
- just handle this as a pretty composite object. So, for now anyway,
- this SignedManifest object refers to the outer CMS wrapped manifest
- so that the usual DER and PEM operations do the obvious things, and
- the inner content is handle via separate methods using rpki.manifest.
- """
-
- formats = ("DER",)
- other_clear = ("content",)
- pem_converter = PEM_converter("RPKI MANIFEST")
-
- def get_DER(self):
- """Get the DER value of this manifest."""
- assert not self.empty()
- if self.DER:
- return self.DER
- raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available"
-
- def get_content(self):
- """Get the inner content of this manifest."""
- assert self.content is not None
- return self.content
-
- def set_content(self, content):
- """Set the (inner) content of this manifest, clearing the wrapper."""
- self.clear()
- self.content = content
-
- def getThisUpdate(self):
- """Get thisUpdate value from this manifest."""
- return rpki.sundial.datetime.fromGeneralizedTime(self.get_content().thisUpdate.get())
-
- def getNextUpdate(self):
- """Get nextUpdate value from this manifest."""
- return rpki.sundial.datetime.fromGeneralizedTime(self.get_content().nextUpdate.get())
-
- def verify(self, ta):
- """Verify this manifest."""
- m = rpki.manifest.Manifest()
- s = rpki.cms.verify(self.get_DER(), ta)
- m.fromString(s)
- self.content = m
-
- def build(self, serial, thisUpdate, nextUpdate, names_and_objs, keypair, certs, version = 0):
- """Build the inner content of this manifest and sign it with CMS."""
- filelist = []
- for name, obj in names_and_objs:
- d = POW.Digest(POW.SHA256_DIGEST)
- d.update(obj.get_DER())
- filelist.append((name.rpartition("/")[2], d.digest()))
- filelist.sort(key = lambda x: x[0])
- m = rpki.manifest.Manifest()
- m.version.set(version)
- m.manifestNumber.set(serial)
- m.thisUpdate.set(thisUpdate.toGeneralizedTime())
- m.nextUpdate.set(nextUpdate.toGeneralizedTime())
- m.fileHashAlg.set((2, 16, 840, 1, 101, 3, 4, 2, 1)) # id-sha256
- m.fileList.set(filelist)
- self.set_content(m)
- self.DER = rpki.cms.sign(m.toString(), keypair, certs)
-
-class CRL(DER_object):
- """Class to hold a Certificate Revocation List."""
-
- formats = ("DER", "POW", "POWpkix")
- pem_converter = PEM_converter("X509 CRL")
-
- def get_DER(self):
- """Get the DER value of this CRL."""
- assert not self.empty()
- if self.DER:
- return self.DER
- if self.POW:
- self.DER = self.POW.derWrite()
- return self.get_DER()
- if self.POWpkix:
- self.DER = self.POWpkix.toString()
- return self.get_DER()
- raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available"
-
- def get_POW(self):
- """Get the POW value of this CRL."""
- assert not self.empty()
- if not self.POW:
- self.POW = POW.derRead(POW.X509_CRL, self.get_DER())
- return self.POW
-
- def get_POWpkix(self):
- """Get the POW.pkix value of this CRL."""
- assert not self.empty()
- if not self.POWpkix:
- crl = POW.pkix.CertificateList()
- crl.fromString(self.get_DER())
- self.POWpkix = crl
- return self.POWpkix
-
- def getThisUpdate(self):
- """Get thisUpdate value from this CRL."""
- return rpki.sundial.datetime.fromASN1tuple(self.get_POWpkix().getThisUpdate())
-
- def getNextUpdate(self):
- """Get nextUpdate value from this CRL."""
- return rpki.sundial.datetime.fromASN1tuple(self.get_POWpkix().getNextUpdate())
-
- @classmethod
- def generate(cls, keypair, issuer, serial, thisUpdate, nextUpdate, revokedCertificates, version = 1, digestType = "sha256WithRSAEncryption"):
- crl = POW.pkix.CertificateList()
- crl.setVersion(version)
- crl.setIssuer(issuer.get_POWpkix().getSubject())
- crl.setThisUpdate(thisUpdate.toASN1tuple())
- crl.setNextUpdate(nextUpdate.toASN1tuple())
- if revokedCertificates:
- crl.setRevokedCertificates(revokedCertificates)
- crl.setExtensions(
- ((rpki.oids.name2oid["authorityKeyIdentifier"], False, (issuer.get_SKI(), (), None)),
- (rpki.oids.name2oid["cRLNumber"], False, serial)))
- crl.sign(keypair.get_POW(), digestType)
- return cls(POWpkix = crl)
diff --git a/scripts/rpkid.py b/scripts/rpkid.py
deleted file mode 100755
index 5779753b..00000000
--- a/scripts/rpkid.py
+++ /dev/null
@@ -1,137 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-RPKI engine daemon. This is still very much a work in progress.
-
-Usage: python rpkid.py [ { -c | --config } configfile ] [ { -h | --help } ]
-
-Default configuration file is rpkid.conf, override with --config option.
-"""
-
-import traceback, os, time, getopt, sys, MySQLdb, lxml.etree
-import rpki.resource_set, rpki.up_down, rpki.left_right, rpki.x509, rpki.sql
-import rpki.https, rpki.config, rpki.cms, rpki.exceptions, rpki.relaxng, rpki.log
-
-def left_right_handler(query, path):
- """Process one left-right PDU."""
- rpki.log.trace()
- try:
- q_elt = rpki.cms.xml_verify(query, gctx.cms_ta_irbe)
- rpki.relaxng.left_right.assertValid(q_elt)
- q_msg = rpki.left_right.sax_handler.saxify(q_elt)
- r_msg = q_msg.serve_top_level(gctx)
- r_elt = r_msg.toXML()
- rpki.relaxng.left_right.assertValid(r_elt)
- reply = rpki.cms.xml_sign(r_elt, gctx.cms_key, gctx.cms_certs)
- rpki.sql.sql_sweep(gctx)
- return 200, reply
- except lxml.etree.DocumentInvalid:
- rpki.log.warn("Received reply document does not pass schema check: " + lxml.etree.tostring(r_elt, pretty_print = True))
- rpki.log.warn(traceback.format_exc())
- return 500, "Schema violation"
- except Exception, data:
- rpki.log.error(traceback.format_exc())
- return 500, "Unhandled exception %s" % data
-
-def up_down_handler(query, path):
- """Process one up-down PDU."""
- rpki.log.trace()
- try:
- child_id = path.partition("/up-down/")[2]
- if not child_id.isdigit():
- raise rpki.exceptions.BadContactURL, "Bad path: %s" % path
- child = rpki.left_right.child_elt.sql_fetch(gctx, long(child_id))
- if child is None:
- raise rpki.exceptions.ChildNotFound, "Could not find child %s" % child_id
- reply = child.serve_up_down(gctx, query)
- rpki.sql.sql_sweep(gctx)
- return 200, reply
- except Exception, data:
- rpki.log.error(traceback.format_exc())
- return 400, "Could not process PDU: %s" % data
-
-def cronjob_handler(query, path):
- """Periodic tasks. As simple as possible for now, may need to break
- this up into separate handlers later.
- """
-
- rpki.log.trace()
- for s in rpki.left_right.self_elt.sql_fetch_all(gctx):
- s.client_poll(gctx)
- s.update_children(gctx)
- s.regenerate_crls_and_manifests(gctx)
- rpki.sql.sql_sweep(gctx)
- return 200, "OK"
-
-class global_context(object):
- """A container for various global parameters."""
-
- def __init__(self, cfg):
-
- self.db = MySQLdb.connect(user = cfg.get("sql-username"),
- db = cfg.get("sql-database"),
- passwd = cfg.get("sql-password"))
- self.cur = self.db.cursor()
-
- self.cms_ta_irdb = rpki.x509.X509(Auto_file = cfg.get("cms-ta-irdb"))
- self.cms_ta_irbe = rpki.x509.X509(Auto_file = cfg.get("cms-ta-irbe"))
- self.cms_key = rpki.x509.RSA(Auto_file = cfg.get("cms-key"))
- self.cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-cert"))
-
- self.https_key = rpki.x509.RSA(Auto_file = cfg.get("https-key"))
- self.https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert"))
- self.https_ta = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta"))
-
- self.irdb_url = cfg.get("irdb-url")
-
- self.https_server_host = cfg.get("server-host", "")
- self.https_server_port = int(cfg.get("server-port", "4433"))
-
- self.publication_kludge_base = cfg.get("publication-kludge-base", "publication/")
-
-os.environ["TZ"] = "UTC"
-time.tzset()
-
-rpki.log.init("rpkid")
-
-cfg_file = "rpkid.conf"
-
-opts,argv = getopt.getopt(sys.argv[1:], "c:h?", ["config=", "help"])
-for o,a in opts:
- if o in ("-h", "--help", "-?"):
- print __doc__
- sys.exit(0)
- if o in ("-c", "--config"):
- cfg_file = a
-if argv:
- raise RuntimeError, "Unexpected arguments %s" % argv
-
-cfg = rpki.config.parser(cfg_file, "rpkid")
-
-startup_msg = cfg.get("startup-message", "")
-if startup_msg:
- rpki.log.info(startup_msg)
-
-gctx = global_context(cfg)
-
-rpki.https.server(privateKey = gctx.https_key,
- certChain = gctx.https_certs,
- host = gctx.https_server_host,
- port = gctx.https_server_port,
- handlers=(("/left-right", left_right_handler),
- ("/up-down/", up_down_handler),
- ("/cronjob", cronjob_handler)))
diff --git a/scripts/test-pow-tls.py b/scripts/test-pow-tls.py
deleted file mode 100644
index 99e412f0..00000000
--- a/scripts/test-pow-tls.py
+++ /dev/null
@@ -1,59 +0,0 @@
-# $Id$
-
-# Copyright (C) 2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-# Grope towards testing TLS functionality in POW
-
-# openssl s_server -tls1 -Verify 9 -cert biz-certs/Alice-EE.cer -key biz-certs/Alice-EE.key -www -CApath biz-certs -chain
-
-# openssl s_client -connect localhost:4433 -tls1 -cert biz-certs/Bob-EE.cer -key biz-certs/Bob-EE.key -verify 9 -CApath biz-certs -crlf
-
-import POW, socket
-
-def pow_error_iterator():
- err = POW.getError()
- if err is None:
- raise StopIteration
- else:
- yield err
-
-key = POW.pemRead(POW.RSA_PRIVATE_KEY, open("biz-certs/Bob-EE.key").read())
-cer = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-EE.cer").read())
-ca = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-CA.cer").read())
-
-s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-s.connect(("localhost", 4433))
-
-try:
- t = POW.Ssl(POW.TLSV1_CLIENT_METHOD)
- t.useCertificate(cer)
- t.useKey(key)
- t.addCertificate(ca)
- t.setFd(s.fileno())
- t.connect()
- x = t.peerCertificate()
- if x is not None:
- print "Peer", x.pprint()
- t.write("GET / HTTP/1.0\r\n")
- if False:
- print t.read(10000)
- else:
- while True:
- print t.read()
-except:
- print "ERROR:"
- for e in pow_error_iterator():
- print e
- raise
diff --git a/scripts/testbed.1.yaml b/scripts/testbed.1.yaml
deleted file mode 100644
index acee42e2..00000000
--- a/scripts/testbed.1.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-name: RIR
-#valid_until: 2008-07-14T12:30:00Z
-valid_for: 2d
-kids:
- - name: R0
- kids:
- - name: Alice
- ipv4: 192.0.2.1-192.0.2.33
- asn: 64533
----
-- name: R0
- rekey:
----
-- name: R0
- revoke:
----
-- name: Alice
- valid_add: 10
----
-- name: Alice
- add_as: 33
- valid_add: 2d
-# valid_until: 2009-07-14T12:30:00Z
----
-- name: Alice
-# valid_until: 2009-04-01T00:00:00
- valid_sub: 2d
----
-- name: Alice
-# valid_until: 2009-04-01T00:00:00
- valid_for: 10d
diff --git a/scripts/testbed.2.yaml b/scripts/testbed.2.yaml
deleted file mode 100644
index 9b154579..00000000
--- a/scripts/testbed.2.yaml
+++ /dev/null
@@ -1,92 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-name: RIR
-valid_until: 2008-07-14T12:30:00Z
-kids:
- - name: R0
- kids:
- - name: Alice
- ipv4: 192.0.2.1-192.0.2.33
- asn: 64533
- - name: Bob
- ipv4: 192.0.2.44-192.0.2.100
- - name: R1
- kids:
- - name: Carol
- ipv6: 2001:db8::44-2001:db8::100
- - name: Dave
- ipv6: 2001:db8::10:0:44/128
- asn: 64544
- - name: R2
- kids:
- - name: Elena
- ipv4: 10.0.0.0/24
- ipv6: 2001:db8::a00:0/120
- - name: Frank
- ipv4: 10.3.0.0/24
- ipv6: 2001:db8::a03:0/120
- - name: R3
- kids:
- - name: Ginny
- asn: 64534-64540
- - name: Harry
- asn: 666-677
- - name: R4
- kids:
- - name: Ilse
- ipv4: 10.3.0.0/16
- - name: Jack
- ipv4: 10.2.0.0/16
- - name: R5
- kids:
- - name: Kari
- asn: 222-233
- - name: Leon
- asn: 244-255
- - name: R6
- kids:
- - name: Mary
- ipv4: 10.77.0.0/16
- - name: Neal
- ipv4: 10.66.0.0/16
- - name: R7
- kids:
- - name: Olga
- ipv4: 10.88.0.0/16
- - name: Piet
- ipv4: 10.99.0.0/16
- - name: R8
- kids:
- - name: Qi
- asn: 111-122
- - name: Rex
- asn: 333-344
- - name: R9
- kids:
- - name: Sandra
- asn: 555-566
- - name: Thad
- asn: 577-588
----
-- name: Alice
- add_as: 33
----
-- name: Alice
- sub_as: 33
----
-- name: Alice
- valid_until: 2009-07-14T12:30:00Z
diff --git a/scripts/testbed.py b/scripts/testbed.py
deleted file mode 100644
index 67c1f30d..00000000
--- a/scripts/testbed.py
+++ /dev/null
@@ -1,941 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-Test framework to configure and drive a collection of rpkid.py and
-irdbd.py instances under control of a master script.
-
-Usage: python rpkid.py [ { -c | --config } config_file ]
- [ { -h | --help } ]
- [ { -y | --yaml } yaml_script ]
-
-Default config_file is testbed.conf, override with --config option.
-
-Default yaml_script is testbed.yaml, override with -yaml option.
-
-yaml_script is a YAML file describing the tests to be run, and is
-intended to be implementation agnostic.
-
-config_file contains settings for various implementation-specific
-things that don't belong in yaml_script.
-"""
-
-import os, yaml, MySQLdb, subprocess, signal, time, datetime, re, getopt, sys, lxml
-import rpki.resource_set, rpki.sundial, rpki.x509, rpki.https, rpki.log, rpki.left_right, rpki.config
-
-os.environ["TZ"] = "UTC"
-time.tzset()
-
-cfg_file = "testbed.conf"
-
-yaml_script = None
-
-opts,argv = getopt.getopt(sys.argv[1:], "c:hy:?", ["config=", "help", "yaml="])
-for o,a in opts:
- if o in ("-h", "--help", "-?"):
- print __doc__
- sys.exit(0)
- elif o in ("-c", "--config"):
- cfg_file = a
- elif o in ("-y", "--yaml"):
- yaml_script = a
-if argv:
- print __doc__
- raise RuntimeError, "Unexpected arguments %s" % argv
-
-cfg = rpki.config.parser(cfg_file, "testbed")
-
-# Load the YAML script early, so we can report errors ASAP
-
-if yaml_script is None:
- yaml_script = cfg.get("yaml_script", "testbed.yaml")
-try:
- yaml_script = [y for y in yaml.safe_load_all(open(yaml_script))]
-except:
- print __doc__
- raise
-
-# Define port allocator early, so we can use it while reading config
-
-def allocate_port():
- """Allocate a TCP port number."""
- global base_port
- p = base_port
- base_port += 1
- return p
-
-# Most filenames in the following are relative to the working directory.
-
-testbed_name = cfg.get("testbed_name", "testbed")
-testbed_dir = cfg.get("testbed_dir", testbed_name + ".dir")
-
-irdb_db_pass = cfg.get("irdb_db_pass", "fnord")
-rpki_db_pass = cfg.get("rpki_db_pass", "fnord")
-
-base_port = int(cfg.get("base_port", "4400"))
-
-rsyncd_port = allocate_port()
-rootd_port = allocate_port()
-
-rsyncd_module = cfg.get("rsyncd_module", testbed_name)
-rootd_sia = cfg.get("rootd_sia", "rsync://localhost:%d/%s/" % (rsyncd_port, rsyncd_module))
-
-rootd_name = cfg.get("rootd_name", "rootd")
-rsyncd_name = cfg.get("rcynic_name", "rsyncd")
-rcynic_name = cfg.get("rcynic_name", "rcynic")
-
-prog_python = cfg.get("prog_python", "python")
-prog_rpkid = cfg.get("prog_rpkid", "../rpkid.py")
-prog_irdbd = cfg.get("prog_irdbd", "../irdbd.py")
-prog_poke = cfg.get("prog_poke", "../testpoke.py")
-prog_rootd = cfg.get("prog_rootd", "../rootd.py")
-prog_openssl = cfg.get("prog_openssl", "../../openssl/openssl/apps/openssl")
-prog_rsyncd = cfg.get("prog_rsyncd", "rsync")
-prog_rcynic = cfg.get("prog_rcynic", "../../rcynic/rcynic")
-
-rcynic_stats = cfg.get("rcynic_stats", "xsltproc ../../rcynic/rcynic.xsl %s.xml | w3m -T text/html -dump | awk 'NR > 1'" % rcynic_name)
-
-rpki_sql_file = cfg.get("rpki_sql_file", "../docs/rpki-db-schema.sql")
-irdb_sql_file = cfg.get("irdb_sql_file", "../docs/sample-irdb.sql")
-
-rpki_sql = open(rpki_sql_file).read()
-irdb_sql = open(irdb_sql_file).read()
-
-testbed_key = None
-testbed_certs = None
-rootd_ta = None
-
-
-def main():
- """Main program, up front to make control logic more obvious."""
-
- rpki.log.init(testbed_name)
-
- signal.signal(signal.SIGALRM, wakeup)
-
- rootd_process = None
- rsyncd_process = None
-
- try:
- os.chdir(testbed_dir)
- except:
- os.makedirs(testbed_dir)
- os.chdir(testbed_dir)
-
- # Clean up old state
-
- subprocess.check_call(("rm", "-rf", "publication", "rcynic-data", "rootd.subject.pkcs10", "rootd.req"))
-
- # Read the first YAML document as our master configuration
-
- db = allocation_db(yaml_script.pop(0))
-
- # Construct biz keys and certs for this script to use
-
- setup_biz_cert_chain(testbed_name)
- global testbed_key, testbed_certs
- testbed_key = rpki.x509.RSA(PEM_file = testbed_name + "-EE.key")
- testbed_certs = rpki.x509.X509_chain(PEM_files = (testbed_name + "-EE.cer", testbed_name + "-CA.cer"))
-
- # Construct biz keys and certs for rootd instance to use
-
- setup_biz_cert_chain(rootd_name)
- global rootd_ta
- rootd_ta = rpki.x509.X509(PEM_file = rootd_name + "-TA.cer")
-
- # Construct biz keys and certs for rpkid and irdbd instances.
-
- for a in db:
- a.setup_biz_certs()
-
- # Create the (psuedo) publication directory
-
- setup_publication()
-
- # Construct config files for rootd, rsyncd, rcynic instances
-
- setup_rootd(db.root.name)
- setup_rsyncd()
- setup_rcynic()
-
- # Construct config files for rpkid and irdbd instances
-
- for a in db.engines:
- a.setup_conf_file()
-
- # Initialize SQL for rpkid and irdbd instances
-
- for a in db.engines:
- a.setup_sql(rpki_sql, irdb_sql)
-
- # Populate IRDB(s)
-
- for a in db.engines:
- a.sync_sql()
-
- try:
-
- # Start rootd instance
-
- rpki.log.info("Running rootd")
- rootd_process = subprocess.Popen((prog_python, prog_rootd, "-c", rootd_name + ".conf"))
-
- # Start rsyncd instance
-
- rpki.log.info("Running rsyncd")
- rsyncd_process = subprocess.Popen((prog_rsyncd, "--daemon", "--no-detach", "--config", rsyncd_name + ".conf"))
-
- # Start rpkid and irdbd instances
-
- for a in db.engines:
- a.run_daemons()
-
- # Wait a little while for all those instances to come up
-
- rpki.log.info("Sleeping while daemons start up")
- time.sleep(10)
-
- # Create objects in RPKI engines
-
- for a in db.engines:
- a.create_rpki_objects()
-
- # Write YAML files for leaves
-
- for a in db.leaves:
- a.write_leaf_yaml()
-
- # 8: Start cycle:
-
- while True:
-
- # Run cron in all RPKI instances
-
- for a in db.engines:
- a.run_cron()
-
- # Run all YAML clients
-
- for a in db.leaves:
- a.run_yaml()
-
- # Make sure that everybody got what they were supposed to get
- # and that everything that was supposed to be published has been
- # published.
- #
- # As a first cut at this, try running rcynic on the outputs.
-
- run_rcynic()
-
- # If we've run out of deltas to apply, we're done
-
- if not yaml_script:
- break
-
- # Apply next deltas and resync IRDBs
-
- db.apply_delta(yaml_script.pop(0))
-
- for a in db.engines:
- a.sync_sql()
-
- # Clean up
-
- finally:
-
- try:
- for a in db.engines:
- a.kill_daemons()
- for p,n in ((rootd_process, "rootd"), (rsyncd_process, "rsyncd")):
- if p is not None:
- rpki.log.info("Killing %s" % n)
- os.kill(p.pid, signal.SIGTERM)
- except Exception, data:
- rpki.log.warn("Couldn't clean up daemons (%s), continuing" % data)
-
-# Define time delta parser early, so we can use it while reading config
-
-class timedelta(datetime.timedelta):
- """Timedelta with text parsing. This accepts two input formats:
-
- - A simple integer, indicating a number of seconds.
-
- - A string of the form "wD xH yM zS" where w, x, y, and z are integers
- and D, H, M, and S indicate days, hours, minutes, and seconds.
- All of the fields are optional, but at least one must be specified.
- Eg, "3D4H" means "three days plus four hours".
- """
-
- ## @var regexp
- # Hideously ugly regular expression to parse the complex text form.
- # Tags are intended for use with re.MatchObject.groupdict() and map
- # directly to the keywords expected by the timedelta constructor.
-
- regexp = re.compile("\\s*(?:(?P<days>\\d+)D)?" +
- "\\s*(?:(?P<hours>\\d+)H)?" +
- "\\s*(?:(?P<minutes>\\d+)M)?" +
- "\\s*(?:(?P<seconds>\\d+)S)?\\s*", re.I)
-
- @classmethod
- def parse(cls, arg):
- """Parse text into a timedelta object."""
- if not isinstance(arg, str):
- return cls(seconds = arg)
- elif arg.isdigit():
- return cls(seconds = int(arg))
- else:
- return cls(**dict((k, int(v)) for (k, v) in cls.regexp.match(arg).groupdict().items() if v is not None))
-
- def convert_to_seconds(self):
- """Convert a timedelta interval to seconds."""
- return self.days * 24 * 60 * 60 + self.seconds
-
-def wakeup(signum, frame):
- """Handler called when we receive a SIGALRM signal."""
- rpki.log.info("Wakeup call received, continuing")
-
-def cmd_sleep(interval = None):
- """Set an alarm, then wait for it to go off."""
- if interval is None:
- rpki.log.info("Pausing indefinitely, send a SIGALRM to wake me up")
- else:
- seconds = timedelta.parse(interval).convert_to_seconds()
- rpki.log.info("Sleeping %s seconds" % seconds)
- signal.alarm(seconds)
- signal.pause()
-
-def cmd_shell(*cmd):
- """Run a shell command."""
- cmd = " ".join(cmd)
- status = subprocess.call(cmd, shell = True)
- rpki.log.info("Shell command returned status %d" % status)
-
-def cmd_echo(*words):
- """Echo some text to the log."""
- rpki.log.note(" ".join(words))
-
-## @var cmds
-# Dispatch table for commands embedded in delta sections
-
-cmds = { "sleep" : cmd_sleep,
- "shell" : cmd_shell,
- "echo" : cmd_echo }
-
-class allocation_db(list):
- """Representation of all the entities and allocations in the test system.
- Almost everything is generated out of this database.
- """
-
- def __init__(self, yaml):
- """Initialize database from the (first) YAML document."""
- self.root = allocation(yaml, self)
- assert self.root.is_root()
- if self.root.crl_interval is None:
- self.root.crl_interval = timedelta.parse(cfg.get("crl_interval", "1d")).convert_to_seconds()
- for a in self:
- if a.sia_base is None and a.parent is not None:
- a.sia_base = a.parent.sia_base + a.name + "/"
- elif a.sia_base is None and a.parent is None:
- a.sia_base = rootd_sia + a.name + "/"
- if a.base.valid_until is None:
- a.base.valid_until = a.parent.base.valid_until
- if a.crl_interval is None:
- a.crl_interval = a.parent.crl_interval
- self.root.closure()
- self.map = dict((a.name, a) for a in self)
- self.engines = [a for a in self if not a.is_leaf()]
- self.leaves = [a for a in self if a.is_leaf()]
- for i, a in zip(range(len(self.engines)), self.engines):
- a.set_engine_number(i)
-
- def apply_delta(self, delta):
- """Apply a delta or run a command."""
- for d in delta:
- if isinstance(d, str):
- c = d.split()
- cmds[c[0]](*c[1:])
- else:
- self.map[d["name"]].apply_delta(d)
- self.root.closure()
-
- def dump(self):
- """Print content of the database."""
- for a in self:
- print a
-
-class allocation(object):
-
- parent = None
- irdb_db_name = None
- irdb_port = None
- rpki_db_name = None
- rpki_port = None
- crl_interval = None
-
- def __init__(self, yaml, db, parent = None):
- """Initialize one entity and insert it into the database."""
- db.append(self)
- self.name = yaml["name"]
- self.parent = parent
- self.kids = [allocation(k, db, self) for k in yaml.get("kids", ())]
- valid_until = yaml.get("valid_until")
- if valid_until is None and "valid_for" in yaml:
- valid_until = datetime.datetime.utcnow() + timedelta.parse(yaml["valid_for"])
- self.base = rpki.resource_set.resource_bag(
- as = rpki.resource_set.resource_set_as(yaml.get("asn")),
- v4 = rpki.resource_set.resource_set_ipv4(yaml.get("ipv4")),
- v6 = rpki.resource_set.resource_set_ipv6(yaml.get("ipv6")),
- valid_until = valid_until)
- self.sia_base = yaml.get("sia_base")
- if "crl_interval" in yaml:
- self.crl_interval = timedelta.parse(yaml["crl_interval"]).convert_to_seconds()
- self.extra_conf = yaml.get("extra_conf", [])
-
- def closure(self):
- """Compute the transitive resource closure."""
- resources = self.base
- for kid in self.kids:
- resources = resources.union(kid.closure())
- self.resources = resources
- return resources
-
- def apply_delta(self, yaml):
- """Apply deltas to this entity."""
- rpki.log.info("Applying delta: %s" % yaml)
- for k,v in yaml.items():
- if k != "name":
- getattr(self, "apply_" + k)(v)
-
- def apply_add_as(self, text): self.base.as = self.base.as.union(rpki.resource_set.resource_set_as(text))
- def apply_add_v4(self, text): self.base.v4 = self.base.v4.union(rpki.resource_set.resource_set_ipv4(text))
- def apply_add_v6(self, text): self.base.v6 = self.base.v6.union(rpki.resource_set.resource_set_ipv6(text))
- def apply_sub_as(self, text): self.base.as = self.base.as.difference(rpki.resource_set.resource_set_as(text))
- def apply_sub_v4(self, text): self.base.v4 = self.base.v4.difference(rpki.resource_set.resource_set_ipv4(text))
- def apply_sub_v6(self, text): self.base.v6 = self.base.v6.difference(rpki.resource_set.resource_set_ipv6(text))
-
- def apply_valid_until(self, stamp): self.base.valid_until = stamp
- def apply_valid_for(self, text): self.base.valid_until = datetime.datetime.utcnow() + timedelta.parse(text)
- def apply_valid_add(self, text): self.base.valid_until += timedelta.parse(text)
- def apply_valid_sub(self, text): self.base.valid_until -= timedelta.parse(text)
-
- def apply_rekey(self, target):
- if self.is_leaf():
- raise RuntimeError, "Can't rekey YAML leaf %s, sorry" % self.name
- elif target is None:
- rpki.log.info("Rekeying <self/> %s" % self.name)
- self.call_rpkid(rpki.left_right.self_elt.make_pdu(action = "set", self_id = self.self_id, rekey = "yes"))
- else:
- rpki.log.info("Rekeying <parent/> %s %s" % (self.name, target))
- self.call_rpkid(rpki.left_right.parent_elt.make_pdu(action = "set", self_id = self.self_id, parent_id = target, rekey = "yes"))
-
- def apply_revoke(self, target):
- if self.is_leaf():
- rpki.log.info("Attempting to revoke YAML leaf %s" % self.name)
- subprocess.check_call((prog_python, prog_poke, "-y", self.name + ".yaml", "-r", "revoke"))
- elif target is None:
- rpki.log.info("Revoking <self/> %s" % self.name)
- self.call_rpkid(rpki.left_right.self_elt.make_pdu(action = "set", self_id = self.self_id, revoke = "yes"))
- else:
- rpki.log.info("Revoking <parent/> %s %s" % (self.name, target))
- self.call_rpkid(rpki.left_right.parent_elt.make_pdu(action = "set", self_id = self.self_id, parent_id = target, revoke = "yes"))
-
- def __str__(self):
- s = self.name + "\n"
- if self.resources.as: s += " ASN: %s\n" % self.resources.as
- if self.resources.v4: s += " IPv4: %s\n" % self.resources.v4
- if self.resources.v6: s += " IPv6: %s\n" % self.resources.v6
- if self.kids: s += " Kids: %s\n" % ", ".join(k.name for k in self.kids)
- if self.parent: s += " Up: %s\n" % self.parent.name
- if self.sia_base: s += " SIA: %s\n" % self.sia_base
- return s + "Until: %s\n" % self.resources.valid_until.strftime("%Y-%m-%dT%H:%M:%SZ")
-
- def is_leaf(self): return not self.kids
- def is_root(self): return self.parent is None
- def is_twig(self): return self.parent is not None and self.kids
-
- def set_engine_number(self, n):
- """Set the engine number for this entity."""
- self.irdb_db_name = "irdb%d" % n
- self.irdb_port = allocate_port()
- self.rpki_db_name = "rpki%d" % n
- self.rpki_port = allocate_port()
-
- def setup_biz_certs(self):
- """Create business certs for this entity."""
- rpki.log.info("Biz certs for %s" % self.name)
- for tag in ("RPKI", "IRDB"):
- setup_biz_cert_chain(self.name + "-" + tag)
- self.rpkid_ta = rpki.x509.X509(PEM_file = self.name + "-RPKI-TA.cer")
-
- def setup_conf_file(self):
- """Write config files for this entity."""
- rpki.log.info("Config files for %s" % self.name)
- d = { "my_name" : self.name,
- "testbed_name" : testbed_name,
- "irdb_db_name" : self.irdb_db_name,
- "irdb_db_pass" : irdb_db_pass,
- "irdb_port" : self.irdb_port,
- "rpki_db_name" : self.rpki_db_name,
- "rpki_db_pass" : rpki_db_pass,
- "rpki_port" : self.rpki_port }
- f = open(self.name + ".conf", "w")
- f.write(conf_fmt_1 % d)
- for line in self.extra_conf:
- f.write(line + "\n")
- f.close()
-
- def setup_sql(self, rpki_sql, irdb_sql):
- """Set up this entity's IRDB."""
- rpki.log.info("MySQL setup for %s" % self.name)
- db = MySQLdb.connect(user = "rpki", db = self.rpki_db_name, passwd = rpki_db_pass)
- cur = db.cursor()
- for sql in rpki_sql.split(";"):
- cur.execute(sql)
- db.close()
- db = MySQLdb.connect(user = "irdb", db = self.irdb_db_name, passwd = irdb_db_pass)
- cur = db.cursor()
- for sql in irdb_sql.split(";"):
- cur.execute(sql)
- for kid in self.kids:
- cur.execute("INSERT registrant (IRBE_mapped_id, subject_name, valid_until) VALUES (%s, %s, %s)", (kid.name, kid.name, kid.resources.valid_until))
- db.close()
-
- def sync_sql(self):
- """Whack this entity's IRDB to match our master database. We do
- this once during setup, then do it again every time we apply a
- delta to this entity.
- """
- rpki.log.info("MySQL sync for %s" % self.name)
- db = MySQLdb.connect(user = "irdb", db = self.irdb_db_name, passwd = irdb_db_pass)
- cur = db.cursor()
- cur.execute("DELETE FROM asn")
- cur.execute("DELETE FROM net")
- for kid in self.kids:
- cur.execute("SELECT registrant_id FROM registrant WHERE IRBE_mapped_id = %s", (kid.name,))
- registrant_id = cur.fetchone()[0]
- for as_range in kid.resources.as:
- cur.execute("INSERT asn (start_as, end_as, registrant_id) VALUES (%s, %s, %s)", (as_range.min, as_range.max, registrant_id))
- for v4_range in kid.resources.v4:
- cur.execute("INSERT net (start_ip, end_ip, version, registrant_id) VALUES (%s, %s, 4, %s)", (v4_range.min, v4_range.max, registrant_id))
- for v6_range in kid.resources.v6:
- cur.execute("INSERT net (start_ip, end_ip, version, registrant_id) VALUES (%s, %s, 6, %s)", (v6_range.min, v6_range.max, registrant_id))
- cur.execute("UPDATE registrant SET valid_until = %s WHERE registrant_id = %s", (kid.resources.valid_until, registrant_id))
- db.close()
-
- def run_daemons(self):
- """Run daemons for this entity."""
- rpki.log.info("Running daemons for %s" % self.name)
- self.rpkid_process = subprocess.Popen((prog_python, prog_rpkid, "-c", self.name + ".conf"))
- self.irdbd_process = subprocess.Popen((prog_python, prog_irdbd, "-c", self.name + ".conf"))
-
- def kill_daemons(self):
- """Kill daemons for this entity."""
- rpki.log.info("Killing daemons for %s" % self.name)
- for proc in (self.rpkid_process, self.irdbd_process):
- try:
- os.kill(proc.pid, signal.SIGTERM)
- except:
- pass
- proc.wait()
-
- def call_rpkid(self, pdu):
- """Send a left-right message to this entity's RPKI daemon and
- return the response.
- """
- rpki.log.info("Calling rpkid for %s" % self.name)
- pdu.type = "query"
- elt = rpki.left_right.msg((pdu,)).toXML()
- rpki.relaxng.left_right.assertValid(elt)
- rpki.log.debug(lxml.etree.tostring(elt, pretty_print = True, encoding = "us-ascii"))
- cms = rpki.cms.xml_sign(
- elt = elt,
- key = testbed_key,
- certs = testbed_certs)
- url = "https://localhost:%d/left-right" % self.rpki_port
- rpki.log.debug("Attempting to connect to %s" % url)
- cms = rpki.https.client(
- privateKey = testbed_key,
- certChain = testbed_certs,
- x509TrustList = rpki.x509.X509_chain(self.rpkid_ta),
- url = url,
- msg = cms)
- elt = rpki.cms.xml_verify(cms = cms, ta = self.rpkid_ta)
- rpki.relaxng.left_right.assertValid(elt)
- rpki.log.debug(lxml.etree.tostring(elt, pretty_print = True, encoding = "us-ascii"))
- pdu = rpki.left_right.sax_handler.saxify(elt)[0]
- assert pdu.type == "reply" and not isinstance(pdu, rpki.left_right.report_error_elt)
- return pdu
-
- def create_rpki_objects(self):
- """Create RPKI engine objects for this engine.
-
- Parent and child objects are tricky:
-
- - Parent object needs to know child_id by which parent refers to
- this engine in order to set the contact URI correctly.
-
- - Child object needs to record the child_id by which this engine
- refers to the child.
-
- This all just works so long as we walk the set of engines in the
- right order (parents before their children).
-
- Root node of the engine tree is special, it too has a parent but
- that one is the magic self-signed micro engine.
- """
-
- rpki.log.info("Creating rpkid self object for %s" % self.name)
- self.self_id = self.call_rpkid(rpki.left_right.self_elt.make_pdu(action = "create", crl_interval = self.crl_interval)).self_id
-
- rpki.log.info("Creating rpkid BSC object for %s" % self.name)
- pdu = self.call_rpkid(rpki.left_right.bsc_elt.make_pdu(action = "create", self_id = self.self_id, generate_keypair = True))
- self.bsc_id = pdu.bsc_id
-
- rpki.log.info("Issuing BSC EE cert for %s" % self.name)
- cmd = (prog_openssl, "x509", "-req", "-CA", self.name + "-RPKI-CA.cer", "-CAkey", self.name + "-RPKI-CA.key", "-CAserial", self.name + "-RPKI-CA.srl")
- signer = subprocess.Popen(cmd, stdin = subprocess.PIPE, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
- bsc_ee = rpki.x509.X509(PEM = signer.communicate(input = pdu.pkcs10_cert_request.get_PEM())[0])
-
- rpki.log.info("Installing BSC EE cert for %s" % self.name)
- self.call_rpkid(rpki.left_right.bsc_elt.make_pdu(action = "set", self_id = self.self_id, bsc_id = self.bsc_id,
- signing_cert = [bsc_ee, rpki.x509.X509(PEM_file = self.name + "-RPKI-CA.cer")]))
-
- rpki.log.info("Creating rpkid repository object for %s" % self.name)
- self.repository_id = self.call_rpkid(rpki.left_right.repository_elt.make_pdu(action = "create", self_id = self.self_id, bsc_id = self.bsc_id)).repository_id
-
- rpki.log.info("Creating rpkid parent object for %s" % self.name)
- if self.parent is None:
- self.parent_id = self.call_rpkid(rpki.left_right.parent_elt.make_pdu(
- action = "create", self_id = self.self_id, bsc_id = self.bsc_id, repository_id = self.repository_id, sia_base = self.sia_base,
- cms_ta = rootd_ta, https_ta = rootd_ta, sender_name = self.name, recipient_name = "Walrus",
- peer_contact_uri = "https://localhost:%s/" % rootd_port)).parent_id
- else:
- self.parent_id = self.call_rpkid(rpki.left_right.parent_elt.make_pdu(
- action = "create", self_id = self.self_id, bsc_id = self.bsc_id, repository_id = self.repository_id, sia_base = self.sia_base,
- cms_ta = self.parent.rpkid_ta, https_ta = self.parent.rpkid_ta, sender_name = self.name, recipient_name = self.parent.name,
- peer_contact_uri = "https://localhost:%s/up-down/%s" % (self.parent.rpki_port, self.child_id))).parent_id
-
- rpki.log.info("Creating rpkid child objects for %s" % self.name)
- db = MySQLdb.connect(user = "irdb", db = self.irdb_db_name, passwd = irdb_db_pass)
- cur = db.cursor()
- for kid in self.kids:
- kid.child_id = self.call_rpkid(rpki.left_right.child_elt.make_pdu(action = "create", self_id = self.self_id, bsc_id = self.bsc_id, cms_ta = kid.rpkid_ta)).child_id
- cur.execute("UPDATE registrant SET rpki_self_id = %s, rpki_child_id = %s WHERE IRBE_mapped_id = %s", (self.self_id, kid.child_id, kid.name))
- db.close()
-
- def write_leaf_yaml(self):
- """Write YAML scripts for leaf nodes. Only supports list requests
- at the moment: issue requests would require class and SIA values,
- revoke requests would require class and SKI values.
-
- ...Except that we can cheat and assume class 1 because we just
- know that rpkid will assign that with the current setup. So we
- also support issue, kludge though this is.
- """
-
- rpki.log.info("Writing leaf YAML for %s" % self.name)
- f = open(self.name + ".yaml", "w")
- f.write(yaml_fmt_1 % {
- "child_id" : self.child_id,
- "parent_name" : self.parent.name,
- "my_name" : self.name,
- "https_port" : self.parent.rpki_port,
- "sia" : self.sia_base })
- f.close()
-
- def run_cron(self):
- """Trigger cron run for this engine."""
-
- rpki.log.info("Running cron for %s" % self.name)
- rpki.https.client(privateKey = testbed_key,
- certChain = testbed_certs,
- x509TrustList = rpki.x509.X509_chain(self.rpkid_ta),
- url = "https://localhost:%d/cronjob" % self.rpki_port,
- msg = "Run cron now, please")
-
- def run_yaml(self):
- """Run YAML scripts for this leaf entity."""
- rpki.log.info("Running YAML for %s" % self.name)
- subprocess.check_call((prog_python, prog_poke, "-y", self.name + ".yaml", "-r", "list"))
- subprocess.check_call((prog_python, prog_poke, "-y", self.name + ".yaml", "-r", "issue"))
-
-def setup_biz_cert_chain(name):
- """Build a set of business certs."""
- s = "exec >/dev/null 2>&1\n"
- for kind in ("EE", "CA", "TA"):
- d = { "name" : name,
- "kind" : kind,
- "ca" : "true" if kind in ("CA", "TA") else "false",
- "openssl" : prog_openssl }
- f = open("%(name)s-%(kind)s.cnf" % d, "w")
- f.write(biz_cert_fmt_1 % d)
- f.close()
- if not os.path.exists("%(name)s-%(kind)s.key" % d):
- s += biz_cert_fmt_2 % d
- s += biz_cert_fmt_3 % d
- s += (biz_cert_fmt_4 % { "name" : name, "openssl" : prog_openssl })
- subprocess.check_call(s, shell = True)
-
-def setup_rootd(rpkid_name):
- """Write the config files for rootd."""
- rpki.log.info("Config files for %s" % rootd_name)
- d = { "rootd_name" : rootd_name,
- "rootd_port" : rootd_port,
- "rpkid_name" : rpkid_name,
- "rootd_sia" : rootd_sia,
- "rsyncd_dir" : rsyncd_dir,
- "openssl" : prog_openssl }
- f = open(rootd_name + ".conf", "w")
- f.write(rootd_fmt_1 % d)
- f.close()
- s = "exec >/dev/null 2>&1\n"
- if not os.path.exists(rootd_name + ".key"):
- s += rootd_fmt_2 % d
- s += rootd_fmt_3 % d
- subprocess.check_call(s, shell = True)
-
-def setup_rcynic():
- """Write the config file for rcynic."""
- rpki.log.info("Config file for rcynic")
- d = { "rcynic_name" : rcynic_name,
- "rootd_name" : rootd_name }
- f = open(rcynic_name + ".conf", "w")
- f.write(rcynic_fmt_1 % d)
- f.close()
-
-def setup_rsyncd():
- """Write the config file for rsyncd."""
- rpki.log.info("Config file for rsyncd")
- d = { "rsyncd_name" : rsyncd_name,
- "rsyncd_port" : rsyncd_port,
- "rsyncd_module" : rsyncd_module,
- "rsyncd_dir" : rsyncd_dir }
- f = open(rsyncd_name + ".conf", "w")
- f.write(rsyncd_fmt_1 % d)
- f.close()
-
-def setup_publication():
- """Set up (pseudo) publication directory."""
- rpki.log.info("Pseudo-publication directory")
- assert rootd_sia.startswith("rsync://")
- global rsyncd_dir
- rsyncd_dir = os.getcwd() + "/publication/" + rootd_sia[len("rsync://"):]
- os.makedirs(rsyncd_dir)
-
-def run_rcynic():
- """Run rcynic to see whether what was published makes sense."""
- rpki.log.info("Running rcynic")
- env = os.environ.copy()
- env["TZ"] = ""
- subprocess.check_call((prog_rcynic, "-c", rcynic_name + ".conf"), env = env)
- subprocess.call(rcynic_stats, shell = True, env = env)
-
-biz_cert_fmt_1 = '''\
-[ req ]
-distinguished_name = req_dn
-x509_extensions = req_x509_ext
-prompt = no
-default_md = sha256
-
-[ req_dn ]
-CN = Test Certificate %(name)s %(kind)s
-
-[ req_x509_ext ]
-basicConstraints = CA:%(ca)s
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-'''
-
-biz_cert_fmt_2 = '''\
-%(openssl)s genrsa -out %(name)s-%(kind)s.key 2048 &&
-'''
-
-biz_cert_fmt_3 = '''\
-%(openssl)s req -new -key %(name)s-%(kind)s.key -out %(name)s-%(kind)s.req -config %(name)s-%(kind)s.cnf &&
-'''
-
-biz_cert_fmt_4 = '''\
-%(openssl)s x509 -req -in %(name)s-TA.req -out %(name)s-TA.cer -extfile %(name)s-TA.cnf -extensions req_x509_ext -signkey %(name)s-TA.key -days 60 &&
-%(openssl)s x509 -req -in %(name)s-CA.req -out %(name)s-CA.cer -extfile %(name)s-CA.cnf -extensions req_x509_ext -CA %(name)s-TA.cer -CAkey %(name)s-TA.key -CAcreateserial &&
-%(openssl)s x509 -req -in %(name)s-EE.req -out %(name)s-EE.cer -extfile %(name)s-EE.cnf -extensions req_x509_ext -CA %(name)s-CA.cer -CAkey %(name)s-CA.key -CAcreateserial
-'''
-
-yaml_fmt_1 = '''---
-version: 1
-posturl: https://localhost:%(https_port)s/up-down/%(child_id)s
-recipient-id: "%(parent_name)s"
-sender-id: "%(my_name)s"
-
-cms-cert-file: %(my_name)s-RPKI-EE.cer
-cms-key-file: %(my_name)s-RPKI-EE.key
-cms-ca-cert-file: %(parent_name)s-RPKI-TA.cer
-cms-cert-chain-file: [ %(my_name)s-RPKI-CA.cer ]
-
-ssl-cert-file: %(my_name)s-RPKI-EE.cer
-ssl-key-file: %(my_name)s-RPKI-EE.key
-ssl-ca-cert-file: %(parent_name)s-RPKI-TA.cer
-
-requests:
- list:
- type: list
- issue:
- type: issue
- #
- # This is cheating, we know a priori that the class will be "1"
- #
- class: 1
- sia:
- - %(sia)s
-'''
-
-conf_fmt_1 = '''\
-
-[irdbd]
-
-startup-message = This is %(my_name)s irdbd
-
-sql-database = %(irdb_db_name)s
-sql-username = irdb
-sql-password = %(irdb_db_pass)s
-
-cms-key = %(my_name)s-IRDB-EE.key
-cms-certs.0 = %(my_name)s-IRDB-EE.cer
-cms-certs.1 = %(my_name)s-IRDB-CA.cer
-cms-ta = %(my_name)s-RPKI-TA.cer
-
-https-key = %(my_name)s-IRDB-EE.key
-https-certs.0 = %(my_name)s-IRDB-EE.cer
-https-certs.1 = %(my_name)s-IRDB-CA.cer
-
-https-url = https://localhost:%(irdb_port)d/
-
-[irbe-cli]
-
-cms-key = %(testbed_name)s-EE.key
-cms-certs.0 = %(testbed_name)s-EE.cer
-cms-certs.1 = %(testbed_name)s-CA.cer
-cms-tas = %(my_name)s-RPKI-TA.cer
-
-https-key = %(testbed_name)s-EE.key
-https-certs.0 = %(testbed_name)s-EE.cer
-https-certs.1 = %(testbed_name)s-CA.cer
-https-tas = %(my_name)s-RPKI-TA.cer
-
-https-url = https://localhost:%(rpki_port)d/left-right
-
-[rpkid]
-
-startup-message = This is %(my_name)s rpkid
-
-sql-database = %(rpki_db_name)s
-sql-username = rpki
-sql-password = %(rpki_db_pass)s
-
-cms-key = %(my_name)s-RPKI-EE.key
-cms-cert.0 = %(my_name)s-RPKI-EE.cer
-cms-cert.1 = %(my_name)s-RPKI-CA.cer
-
-cms-ta-irdb = %(my_name)s-IRDB-TA.cer
-cms-ta-irbe = %(testbed_name)s-TA.cer
-
-https-key = %(my_name)s-RPKI-EE.key
-https-cert.0 = %(my_name)s-RPKI-EE.cer
-https-cert.1 = %(my_name)s-RPKI-CA.cer
-
-https-ta = %(my_name)s-IRDB-TA.cer
-
-irdb-url = https://localhost:%(irdb_port)d/
-
-server-host = localhost
-server-port = %(rpki_port)d
-'''
-
-rootd_fmt_1 = '''\
-
-[rootd]
-
-cms-key = %(rootd_name)s-EE.key
-cms-certs.0 = %(rootd_name)s-EE.cer
-cms-certs.1 = %(rootd_name)s-CA.cer
-cms-ta = %(rpkid_name)s-RPKI-TA.cer
-
-https-key = %(rootd_name)s-EE.key
-https-certs.0 = %(rootd_name)s-EE.cer
-https-certs.1 = %(rootd_name)s-CA.cer
-
-server-port = %(rootd_port)s
-
-rootd_base = %(rootd_sia)s
-rootd_cert = %(rootd_sia)sWOMBAT.cer
-
-rpki-subject-filename = %(rsyncd_dir)sWOMBAT.cer
-
-rpki-key = %(rootd_name)s.key
-rpki-issuer = %(rootd_name)s.cer
-rpki-pkcs10-filename = %(rootd_name)s.subject.pkcs10
-
-[req]
-default_bits = 2048
-encrypt_key = no
-distinguished_name = req_dn
-req_extensions = req_x509_ext
-prompt = no
-
-[req_dn]
-CN = Completely Bogus Test Root (NOT FOR PRODUCTION USE)
-
-[req_x509_ext]
-basicConstraints = critical,CA:true
-subjectKeyIdentifier = hash
-keyUsage = critical,keyCertSign,cRLSign
-subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:%(rootd_sia)s
-sbgp-autonomousSysNum = critical,AS:0-4294967295
-sbgp-ipAddrBlock = critical,IPv4:0.0.0.0/0,IPv6:0::/0
-'''
-
-rootd_fmt_2 = '''\
-%(openssl)s genrsa -out %(rootd_name)s.key 2048 &&
-'''
-
-rootd_fmt_3 = '''\
-%(openssl)s req -new -key %(rootd_name)s.key -out %(rootd_name)s.req -config %(rootd_name)s.conf -text &&
-%(openssl)s x509 -req -in %(rootd_name)s.req -out %(rootd_name)s.cer -outform DER -extfile %(rootd_name)s.conf -extensions req_x509_ext -signkey %(rootd_name)s.key -sha256
-'''
-
-rcynic_fmt_1 = '''\
-[rcynic]
-xml-summary = %(rcynic_name)s.xml
-jitter = 0
-use-links = yes
-use-syslog = yes
-use-stderr = yes
-log-level = log_telemetry
-trust-anchor = %(rootd_name)s.cer
-'''
-
-rsyncd_fmt_1 = '''\
-port = %(rsyncd_port)d
-address = localhost
-
-[%(rsyncd_module)s]
-read only = yes
-transfer logging = yes
-use chroot = no
-path = %(rsyncd_dir)s
-comment = RPKI test
-'''
-
-main()
diff --git a/scripts/testbed.sql b/scripts/testbed.sql
deleted file mode 100644
index c8cb90b0..00000000
--- a/scripts/testbed.sql
+++ /dev/null
@@ -1,57 +0,0 @@
--- $Id$
---
--- Run this manually under the MySQL CLI to set up databases for testdb.py.
--- testdb.py doesn't do this automatically because it requires privileges
--- that testbed.py doesn't (or at least shouldn't) have.
-
-CREATE DATABASE irdb0;
-CREATE DATABASE irdb1;
-CREATE DATABASE irdb2;
-CREATE DATABASE irdb3;
-CREATE DATABASE irdb4;
-CREATE DATABASE irdb5;
-CREATE DATABASE irdb6;
-CREATE DATABASE irdb7;
-CREATE DATABASE irdb8;
-CREATE DATABASE irdb9;
-CREATE DATABASE irdb10;
-CREATE DATABASE irdb11;
-
-CREATE DATABASE rpki0;
-CREATE DATABASE rpki1;
-CREATE DATABASE rpki2;
-CREATE DATABASE rpki3;
-CREATE DATABASE rpki4;
-CREATE DATABASE rpki5;
-CREATE DATABASE rpki6;
-CREATE DATABASE rpki7;
-CREATE DATABASE rpki8;
-CREATE DATABASE rpki9;
-CREATE DATABASE rpki10;
-CREATE DATABASE rpki11;
-
-GRANT ALL ON irdb0.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb1.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb2.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb3.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb4.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb5.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb6.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb7.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb8.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb9.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb10.* TO irdb@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON irdb11.* TO irdb@localhost IDENTIFIED BY 'fnord';
-
-GRANT ALL ON rpki0.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki1.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki2.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki3.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki4.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki5.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki6.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki7.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki8.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki9.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki10.* TO rpki@localhost IDENTIFIED BY 'fnord';
-GRANT ALL ON rpki11.* TO rpki@localhost IDENTIFIED BY 'fnord';
diff --git a/scripts/testpoke.py b/scripts/testpoke.py
deleted file mode 100644
index 3d23751b..00000000
--- a/scripts/testpoke.py
+++ /dev/null
@@ -1,139 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-Trivial RPKI up-down protocol client, for testing.
-
-Configuration file is YAML to be compatable with APNIC rpki_poke.pl tool.
-
-Usage: python testpoke.py [ { -y | --yaml } configfile ]
- [ { -r | --request } requestname ]
- [ { -h | --help } ]
-
-Default configuration file is testpoke.yaml, override with --yaml option.
-"""
-
-import os, time, getopt, sys, lxml, yaml
-import rpki.resource_set, rpki.up_down, rpki.left_right, rpki.x509
-import rpki.https, rpki.config, rpki.cms, rpki.exceptions
-import rpki.relaxng, rpki.oids
-
-os.environ["TZ"] = "UTC"
-time.tzset()
-
-def usage(code):
- print __doc__
- sys.exit(code)
-
-yaml_file = "testpoke.yaml"
-yaml_cmd = None
-
-opts,argv = getopt.getopt(sys.argv[1:], "y:r:h?", ["yaml=", "request=", "help"])
-for o,a in opts:
- if o in ("-h", "--help", "-?"):
- usage(0)
- elif o in ("-y", "--yaml"):
- yaml_file = a
- elif o in ("-r", "--request"):
- yaml_cmd = a
-if argv:
- usage(1)
-
-f = open(yaml_file)
-yaml_data = yaml.load(f)
-f.close()
-
-if yaml_cmd is None and len(yaml_data["requests"]) == 1:
- yaml_cmd = yaml_data["requests"].keys()[0]
-
-if yaml_cmd is None:
- usage(1)
-
-yaml_req = yaml_data["requests"][yaml_cmd]
-
-def get_PEM(name, cls, y = yaml_data):
- if name in y:
- return cls(PEM = y[name])
- if name + "-file" in y:
- return cls(PEM_file = y[name + "-file"])
- return None
-
-def get_PEM_chain(name, cert = None):
- chain = rpki.x509.X509_chain()
- if cert is not None:
- chain.append(cert)
- if name in yaml_data:
- chain.extend([rpki.x509.X509(PEM = x) for x in yaml_data[name]])
- elif name + "-file" in yaml_data:
- chain.extend([rpki.x509.X509(PEM_file = x) for x in yaml_data[name + "-file"]])
- return chain
-
-def query_up_down(q_pdu):
- q_msg = rpki.up_down.message_pdu.make_query(
- payload = q_pdu,
- sender = yaml_data["sender-id"],
- recipient = yaml_data["recipient-id"])
- q_elt = q_msg.toXML()
- rpki.relaxng.up_down.assertValid(q_elt)
- q_cms = rpki.cms.xml_sign(q_elt, cms_key, cms_certs, encoding = "UTF-8")
- r_cms = rpki.https.client(
- x509TrustList = https_ta,
- privateKey = https_key,
- certChain = https_certs,
- msg = q_cms,
- url = yaml_data["posturl"])
- r_xml = rpki.cms.verify(r_cms, cms_ta)
- r_elt = lxml.etree.fromstring(r_xml)
- rpki.relaxng.up_down.assertValid(r_elt)
- return r_xml
-
-def do_list():
- print query_up_down(rpki.up_down.list_pdu())
-
-def do_issue():
- q_pdu = rpki.up_down.issue_pdu()
- req_key = get_PEM("cert-request-key", rpki.x509.RSA, yaml_req) or cms_key
- sia = ((rpki.oids.name2oid["id-ad-caRepository"], ("uri", yaml_req["sia"][0])),
- (rpki.oids.name2oid["id-ad-rpkiManifest"], ("uri", yaml_req["sia"][0] + req_key.gSKI() + ".mnf")))
- q_pdu.class_name = yaml_req["class"]
- q_pdu.pkcs10 = rpki.x509.PKCS10.create_ca(req_key, sia)
- print query_up_down(q_pdu)
-
-def do_revoke():
- q_pdu = rpki.up_down.revoke_pdu()
- q_pdu.class_name = yaml_req["class"]
- q_pdu.ski = yaml_req["ski"]
- print query_up_down(q_pdu)
-
-dispatch = { "list" : do_list, "issue" : do_issue, "revoke" : do_revoke }
-
-cms_ta = get_PEM("cms-ca-cert", rpki.x509.X509)
-cms_cert = get_PEM("cms-cert", rpki.x509.X509)
-cms_key = get_PEM("cms-key", rpki.x509.RSA)
-cms_certs = get_PEM_chain("cms-cert-chain", cms_cert)
-
-https_ta = get_PEM("ssl-ta", rpki.x509.X509)
-https_key = get_PEM("ssl-key", rpki.x509.RSA)
-https_cert = get_PEM("ssl-cert", rpki.x509.X509)
-https_certs = get_PEM_chain("ssl-cert-chain", https_cert)
-
-ta = https_ta
-https_ta = rpki.x509.X509_chain()
-if ta is not None:
- https_ta.append(ta)
-del ta
-
-dispatch[yaml_req["type"]]()
diff --git a/scripts/testpoke.sh b/scripts/testpoke.sh
deleted file mode 100644
index 6e6a0b74..00000000
--- a/scripts/testpoke.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh -
-# $Id$
-#
-# Test client using APNIC's rpki_poke.pl script.
-
-: ${pokedir=../../mirin.apnic.net/rpki_engine/branches/gary-poker/client/poke}
-
-exec perl -I $pokedir $pokedir/rpki_poke.pl ${1+"$@"}
diff --git a/scripts/testpoke.yaml b/scripts/testpoke.yaml
deleted file mode 100644
index 22e2d35f..00000000
--- a/scripts/testpoke.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
----
-# $Id$
-
-version: 1
-posturl: https://localhost:4433/up-down/1
-recipient-id: wombat
-sender-id: "1"
-
-cms-cert-file: biz-certs/Frank-EE.cer
-cms-key-file: biz-certs/Frank-EE.key
-cms-ca-cert-file: biz-certs/Bob-Root.cer
-cms-cert-chain-file: [ biz-certs/Frank-CA.cer ]
-
-ssl-cert-file: biz-certs/Frank-EE.cer
-ssl-key-file: biz-certs/Frank-EE.key
-ssl-ca-cert-file: biz-certs/Bob-Root.cer
-
-requests:
- list:
- type: list
- issue:
- type: issue
- class: 1
- sia: [ "rsync://bandicoot.invalid/some/where/" ]
- revoke:
- type: revoke
- class: 1
- ski: "CB5K6APY-4KcGAW9jaK_cVPXKX0"
diff --git a/scripts/up-down-protocol-samples/Makefile b/scripts/up-down-protocol-samples/Makefile
deleted file mode 100644
index 10ee791a..00000000
--- a/scripts/up-down-protocol-samples/Makefile
+++ /dev/null
@@ -1,11 +0,0 @@
-XMLLINT = xmllint --noout --relaxng
-JING = java -jar /usr/local/share/java/classes/jing.jar
-SCHEMA = ../up-down-medium-schema.rng
-
-all: jing xmllint
-
-jing:
- ${JING} ${SCHEMA} *.xml
-
-xmllint:
- ${XMLLINT} ${SCHEMA} *.xml
diff --git a/scripts/up-down-protocol-samples/error_response.xml b/scripts/up-down-protocol-samples/error_response.xml
deleted file mode 100644
index 83af6649..00000000
--- a/scripts/up-down-protocol-samples/error_response.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="error_response">
- <status>2001</status>
- <description xml:lang="en-US">[Readable text]</description>
-</message>
diff --git a/scripts/up-down-protocol-samples/issue1.xml b/scripts/up-down-protocol-samples/issue1.xml
deleted file mode 100644
index 4b8366f9..00000000
--- a/scripts/up-down-protocol-samples/issue1.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="issue">
- <request class_name="class name"
- req_resource_set_as="64534-64540"
- req_resource_set_ipv4=""
- req_resource_set_ipv6="">
- MIICYTCCAUkCAQAwHDEaMBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0G
- CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOng
- KdOJIOlRSWcsQ9qgLNREs5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zq
- m1yYeks+xOJZQtMZyg9YDrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2Q
- QQ8POyrADNl7fehQE/YJc4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4A
- AbsFXi4Dmq2VO8rCxodkdDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8N
- UBM90T6Mvdx0qTOoVh0xeHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGg
- ADANBgkqhkiG9w0BAQUFAAOCAQEAj9bYIVfREySBzUhQSlbNi9kfdXgivC/4A7pn
- b4sMm081S05u0QLhyh1XNF/L3/U5yVElVHE8xobM/CuAkXpy7N5GSYj2T28Fmn77
- 1y/xdGg6Jp26OkbrqY3gjQAaMigYg9/6tPAc9fgLiQAJLUUYb2hRqaqu4Ze8RrxU
- RsnVpAHWYDFWJhNqEp8eErzAVLqxpmoYJKgmpK6TKyYKuf8+xf3Rlkb4+iu2FotR
- DQrmcd6jmMjp9xLejDEuoPgcfpVP2CB1jUCAIW7yE7+a7vj9Mop1gs61zP8y/p2V
- rVnXgEy93WZLjQt1D29oKhlcFGtCG4nqIBCDAWVuz/LGACB85w==
- </request>
-</message>
diff --git a/scripts/up-down-protocol-samples/issue2.xml b/scripts/up-down-protocol-samples/issue2.xml
deleted file mode 100644
index a991cbcd..00000000
--- a/scripts/up-down-protocol-samples/issue2.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="issue">
- <request class_name="class name"
- req_resource_set_ipv4=""
- req_resource_set_ipv6="">
- MIICYTCCAUkCAQAwHDEaMBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0G
- CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOng
- KdOJIOlRSWcsQ9qgLNREs5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zq
- m1yYeks+xOJZQtMZyg9YDrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2Q
- QQ8POyrADNl7fehQE/YJc4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4A
- AbsFXi4Dmq2VO8rCxodkdDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8N
- UBM90T6Mvdx0qTOoVh0xeHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGg
- ADANBgkqhkiG9w0BAQUFAAOCAQEAj9bYIVfREySBzUhQSlbNi9kfdXgivC/4A7pn
- b4sMm081S05u0QLhyh1XNF/L3/U5yVElVHE8xobM/CuAkXpy7N5GSYj2T28Fmn77
- 1y/xdGg6Jp26OkbrqY3gjQAaMigYg9/6tPAc9fgLiQAJLUUYb2hRqaqu4Ze8RrxU
- RsnVpAHWYDFWJhNqEp8eErzAVLqxpmoYJKgmpK6TKyYKuf8+xf3Rlkb4+iu2FotR
- DQrmcd6jmMjp9xLejDEuoPgcfpVP2CB1jUCAIW7yE7+a7vj9Mop1gs61zP8y/p2V
- rVnXgEy93WZLjQt1D29oKhlcFGtCG4nqIBCDAWVuz/LGACB85w==
- </request>
-</message>
diff --git a/scripts/up-down-protocol-samples/issue_response.xml b/scripts/up-down-protocol-samples/issue_response.xml
deleted file mode 100644
index 39f6b954..00000000
--- a/scripts/up-down-protocol-samples/issue_response.xml
+++ /dev/null
@@ -1,116 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="issue_response">
- <class class_name="ISP5"
- cert_url="rsync://wombat.example/ISP5"
- resource_set_as="64534-64540"
- resource_set_ipv4="10.0.0.0/24,10.3.0.0/24"
- resource_set_ipv6="2001:db8:0:0:0:0:a00::/120,2001:db8:0:0:0:0:a03::/120"
- suggested_sia_head="rsync://wombat.example/fnord/">
- <certificate cert_url="rsync://wombat.example/ISP5a"
- req_resource_set_as=""
- req_resource_set_ipv4="10.0.0.0/24"
- req_resource_set_ipv6="2001:db8:0:0:0:0:a00::/120">
- MIID3jCCAsagAwIBAgIBAzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
- IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowHDEa
- MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
- 0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
- YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
- nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
- akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
- PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEqMIIBJjAPBgNVHRMB
- Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAfBgNVHSME
- GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
- BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
- cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
- Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB
- Af8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoAADAN
- BgkqhkiG9w0BAQUFAAOCAQEAkzKZYt3F6vAfWFAQN9M5N9n2klEmL9b9b4K4Vmv9
- DPNCBFbtZytCAphWB/FILS60MrvXHCcUoOmtOx3+Cw5D3yKX8Y9z2HbWmw2/7iDo
- dxejgwGzI0OFa79vzC5pRwVz9CFFlMiuIShBFpHuSElmWmcxcQTJSXGU1fSGXHvG
- Pv6RHSGzFJhUrW5RKOmoIrqk0JyM49R8IRAM+aMA+MOfALRTNAavW0pDlcuy+4wY
- AIYRKF4k4ZDYZ9gA/LYnH56xvpEXwRE1bpxgUC5n8wQrdIn5/pJz3R5EgWe4CGOo
- n/SMvEfe8d+LEc0C7LmtCwYoDOKENoOF809GVkbV9fjL8w==
- </certificate>
- <certificate cert_url="rsync://wombat.example/ISP5b"
- req_resource_set_as=""
- req_resource_set_ipv4="10.3.0.0/24"
- req_resource_set_ipv6="2001:db8:0:0:0:0:a03::/120">
- MIID3jCCAsagAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
- IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMFoXDTA4MDczMTE0NDgyMFowHDEa
- MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
- m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
- D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
- tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
- OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
- RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEqMIIBJjAPBgNVHRMB
- Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAfBgNVHSME
- GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
- BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
- cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
- Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB
- Af8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoDADAN
- BgkqhkiG9w0BAQUFAAOCAQEARNgVrXF+6W7sMytC7YyKSt+CpJGZV7AvzKNZKv8k
- xazhefrXkrpyK0caz4BtCHbptZFgNR/dDOC9M3wn0PcRTh9ISgW8beNfut16uj1F
- fZdylJvNMXa4lt/wfRbzKqPicusCH0nutkRIW2mZuLuAO8v1vKr4umgZU+z/rXWu
- glEA7OeBwmvPoqKixbgER5GtnTNySKIVVa1DUo/2CaPT/YjT48P0zXHoy6rnNgcn
- 2emkoegzzS2cN+5I5I+O8IRnZInqmiPgEgElgEFw+rg6xw23yax5Nyqx12J56tt0
- tPWGhrYe1dCwKZajWKn3P9+NMcGQ0d8bw/QU+B3RyVeVfw==
- </certificate>
- <certificate cert_url="rsync://wombat.example/ISP5c"
- req_resource_set_as="64534-64540"
- req_resource_set_ipv4=""
- req_resource_set_ipv6="">
- MIIDxjCCAq6gAwIBAgIBATANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
- IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgxOFoXDTA4MDczMTE0NDgxOFowHDEa
- MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
- s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
- DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
- c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
- dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
- eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjggESMIIBDjAPBgNVHRMB
- Af8EBTADAQH/MB0GA1UdDgQWBBQth8Ga+FgrvcL4fjBHs6mIN8nrRjAfBgNVHSME
- GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
- BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
- cm4ubmV0L0lTUDVjLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
- Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwIQYIKwYBBQUHAQgB
- Af8EEjAQoA4wDDAKAgMA/BYCAwD8HDANBgkqhkiG9w0BAQUFAAOCAQEAUGsbhHfl
- kwhe3EIkhnARJPgRkWgPCJtJ9konhROT7VlJ0Pim0kSrJWlBWUCLeKvSjQmowP4g
- SddHxN4ZoXnSjb0pCDeomrZeViVQ2hxH6L/tHkl5SIEHl9MvFOe8junvgpq9GGAI
- CFcibkW7Gp9p4A+GQkns0l9v+wGwuVZmqmJk4YBo7hHZRbg6/IFL1MD3HKeXmn33
- lCwFhjUuDIMXRbY/1k5fui13QUolN7mLSk60NvXJ94Tga68c1eCIpapvhxAYw69G
- 7mOX42aYu1FnidZNj7Lt9jOuW0REHlavrG17HxP5loTuCNtLH1ZIrJcO7rUz9C0D
- YqMybYWFUqZHyg==
- </certificate>
- <issuer>
- MIIEFTCCAv2gAwIBAgIBDjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
- IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw
- FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
- MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
- g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
- N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
- tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
- zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
- hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBYzCCAV8wDwYDVR0TAQH/
- BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwHwYDVR0jBBgw
- FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
- BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
- Lm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
- d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAhBggrBgEFBQcBCAEB/wQS
- MBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQA
- CgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAA
- AAAKAwAwDQYJKoZIhvcNAQEFBQADggEBAEhmCa7kUuozB6aST0Gd2XStJBcR1oWI
- 8mZS5WEOjnjbVvuryDEb0fLs3x2HgCHZgZ7IAOg31cNxJpc1Ff6ZYEG+m3LpkcG/
- yOMllfOVK8RQSY+nKuya2fm2J3dCOKogEjBW20HwxNd1WgFLrDaOTR9V+iROBPKs
- 3ppMPp6ksPqEqDU/3N3bLHROIISlFwWHilXuTK5ZAnzncDIQnm+zUuxI/0d3v6Fp
- 8VxVlNBHqzo0VpakZOkxwqo01qJRsoxVaIxeetGNQ4noPhtj6bEM4Y8xDS9f3R7o
- eEHUSTnKonMemm/AB3KZnjwL7rkL2FI1ThmDRO3Z3lprbThjThJF8EU=
- </issuer>
- </class>
-</message>
diff --git a/scripts/up-down-protocol-samples/list.xml b/scripts/up-down-protocol-samples/list.xml
deleted file mode 100644
index 01a803f3..00000000
--- a/scripts/up-down-protocol-samples/list.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="list" />
diff --git a/scripts/up-down-protocol-samples/list_response.xml b/scripts/up-down-protocol-samples/list_response.xml
deleted file mode 100644
index 9e368f5a..00000000
--- a/scripts/up-down-protocol-samples/list_response.xml
+++ /dev/null
@@ -1,169 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="list_response">
- <class class_name="ISP5"
- cert_url="rsync://wombat.example/ISP5"
- resource_set_as="64534-64540"
- resource_set_ipv4="10.0.0.0/24,10.3.0.0/24"
- resource_set_ipv6="2001:db8:0:0:0:0:a00::/120,2001:db8:0:0:0:0:a03::/120"
- suggested_sia_head="rsync://wombat.example/fnord/">
- <certificate cert_url="rsync://wombat.example/ISP5a"
- req_resource_set_as=""
- req_resource_set_ipv4="10.0.0.0/24"
- req_resource_set_ipv6="2001:db8:0:0:0:0:a00::/120">
- MIID3jCCAsagAwIBAgIBAzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
- IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowHDEa
- MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox
- 0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J
- YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg
- nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl
- akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy
- PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEqMIIBJjAPBgNVHRMB
- Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAfBgNVHSME
- GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
- BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
- cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
- Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB
- Af8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoAADAN
- BgkqhkiG9w0BAQUFAAOCAQEAkzKZYt3F6vAfWFAQN9M5N9n2klEmL9b9b4K4Vmv9
- DPNCBFbtZytCAphWB/FILS60MrvXHCcUoOmtOx3+Cw5D3yKX8Y9z2HbWmw2/7iDo
- dxejgwGzI0OFa79vzC5pRwVz9CFFlMiuIShBFpHuSElmWmcxcQTJSXGU1fSGXHvG
- Pv6RHSGzFJhUrW5RKOmoIrqk0JyM49R8IRAM+aMA+MOfALRTNAavW0pDlcuy+4wY
- AIYRKF4k4ZDYZ9gA/LYnH56xvpEXwRE1bpxgUC5n8wQrdIn5/pJz3R5EgWe4CGOo
- n/SMvEfe8d+LEc0C7LmtCwYoDOKENoOF809GVkbV9fjL8w==
- </certificate>
- <certificate cert_url="rsync://wombat.example/ISP5b"
- req_resource_set_as=""
- req_resource_set_ipv4="10.3.0.0/24"
- req_resource_set_ipv6="2001:db8:0:0:0:0:a03::/120">
- MIID3jCCAsagAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
- IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMFoXDTA4MDczMTE0NDgyMFowHDEa
- MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON
- m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT
- D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t
- tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp
- OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe
- RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEqMIIBJjAPBgNVHRMB
- Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAfBgNVHSME
- GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
- BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
- cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
- Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB
- Af8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoDADAN
- BgkqhkiG9w0BAQUFAAOCAQEARNgVrXF+6W7sMytC7YyKSt+CpJGZV7AvzKNZKv8k
- xazhefrXkrpyK0caz4BtCHbptZFgNR/dDOC9M3wn0PcRTh9ISgW8beNfut16uj1F
- fZdylJvNMXa4lt/wfRbzKqPicusCH0nutkRIW2mZuLuAO8v1vKr4umgZU+z/rXWu
- glEA7OeBwmvPoqKixbgER5GtnTNySKIVVa1DUo/2CaPT/YjT48P0zXHoy6rnNgcn
- 2emkoegzzS2cN+5I5I+O8IRnZInqmiPgEgElgEFw+rg6xw23yax5Nyqx12J56tt0
- tPWGhrYe1dCwKZajWKn3P9+NMcGQ0d8bw/QU+B3RyVeVfw==
- </certificate>
- <certificate cert_url="rsync://wombat.example/ISP5c"
- req_resource_set_as="64534-64540"
- req_resource_set_ipv4=""
- req_resource_set_ipv6="">
- MIIDxjCCAq6gAwIBAgIBATANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
- IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgxOFoXDTA4MDczMTE0NDgxOFowHDEa
- MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE
- s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y
- DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ
- c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk
- dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x
- eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjggESMIIBDjAPBgNVHRMB
- Af8EBTADAQH/MB0GA1UdDgQWBBQth8Ga+FgrvcL4fjBHs6mIN8nrRjAfBgNVHSME
- GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB
- BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0
- cm4ubmV0L0lTUDVjLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j
- Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwIQYIKwYBBQUHAQgB
- Af8EEjAQoA4wDDAKAgMA/BYCAwD8HDANBgkqhkiG9w0BAQUFAAOCAQEAUGsbhHfl
- kwhe3EIkhnARJPgRkWgPCJtJ9konhROT7VlJ0Pim0kSrJWlBWUCLeKvSjQmowP4g
- SddHxN4ZoXnSjb0pCDeomrZeViVQ2hxH6L/tHkl5SIEHl9MvFOe8junvgpq9GGAI
- CFcibkW7Gp9p4A+GQkns0l9v+wGwuVZmqmJk4YBo7hHZRbg6/IFL1MD3HKeXmn33
- lCwFhjUuDIMXRbY/1k5fui13QUolN7mLSk60NvXJ94Tga68c1eCIpapvhxAYw69G
- 7mOX42aYu1FnidZNj7Lt9jOuW0REHlavrG17HxP5loTuCNtLH1ZIrJcO7rUz9C0D
- YqMybYWFUqZHyg==
- </certificate>
- <issuer>
- MIIEFTCCAv2gAwIBAgIBDjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
- IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw
- FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
- MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9
- g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM
- N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+
- tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls
- zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs
- hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBYzCCAV8wDwYDVR0TAQH/
- BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwHwYDVR0jBBgw
- FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
- BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
- Lm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
- d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAhBggrBgEFBQcBCAEB/wQS
- MBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQA
- CgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAA
- AAAKAwAwDQYJKoZIhvcNAQEFBQADggEBAEhmCa7kUuozB6aST0Gd2XStJBcR1oWI
- 8mZS5WEOjnjbVvuryDEb0fLs3x2HgCHZgZ7IAOg31cNxJpc1Ff6ZYEG+m3LpkcG/
- yOMllfOVK8RQSY+nKuya2fm2J3dCOKogEjBW20HwxNd1WgFLrDaOTR9V+iROBPKs
- 3ppMPp6ksPqEqDU/3N3bLHROIISlFwWHilXuTK5ZAnzncDIQnm+zUuxI/0d3v6Fp
- 8VxVlNBHqzo0VpakZOkxwqo01qJRsoxVaIxeetGNQ4noPhtj6bEM4Y8xDS9f3R7o
- eEHUSTnKonMemm/AB3KZnjwL7rkL2FI1ThmDRO3Z3lprbThjThJF8EU=
- </issuer>
- </class>
- <class class_name="ISP2"
- cert_url="rsync://wombat.example/ISP2"
- resource_set_as=""
- resource_set_ipv4="192.0.2.44-192.0.2.100"
- resource_set_ipv6="">
- <certificate cert_url="http://wombat.example/ISP2a,rsync://wombat.example/ISP2a,ftp://wombat.example/ISP2a">
- MIIDzDCCArSgAwIBAgIBCTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU
- IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowGzEZ
- MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
- ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b
- K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1
- nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2
- lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK
- KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS
- Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOCARkwggEVMA8GA1UdEwEB
- /wQFMAMBAf8wHQYDVR0OBBYEFHOyFhrN3NcwYA/6gZX4ovVOlfOtMB8GA1UdIwQY
- MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF
- BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
- bi5uZXQvSVNQMi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov
- L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMCkGCCsGAQUFBwEHAQH/
- BBowGDAWBAIAATAQMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEA
- CvG1rzj5fZOV1Oq/SO+NYzxOHIA9egYgQg4NUpmqSz6v17RhR0+3tPfMmzxepTs8
- ut23KieOG7RcPGvR2f/CEvedgrrPdTS81wu01qhPWJNqriN6N+Mu8XCK3fUO+t+w
- PxLUWqwzrRUcpdy+CMOOGg81Eg7e77iAeJCp648AChUdBRI6HTfp9PlKd25pJ7fj
- f654MpKGbTkWXllPkxC1sL4cJUcq4o+Sn1zAKkjXUwAUjp6G6s+mIWZQiZU5Pv8n
- lYXvPciYf83+wTBllLGtSFyut8hk6WmiB8rC1/5jS96pJaGRSxejqd0r99GlPre+
- QgMe2TRfFuM1esod7j1M1Q==
- </certificate>
- <issuer>
- MIID9jCCAt6gAwIBAgIBEDANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU
- IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw
- FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
- MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8
- tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd
- uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy
- 8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e
- dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV
- uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBRDCCAUAwDwYDVR0TAQH/
- BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwHwYDVR0jBBgw
- FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF
- BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu
- Lm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v
- d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL
- MAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDgMFAMAAAgED
- BQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEAcn3dpGAj
- ceSZKAuaulzTl0ty64mBPBGFjCXtebJQpeiuDjd0+SyhvpaDNUANNvkyFnQlnPcP
- zUZHjrnNrAx+06yEXvYx9KnyBc2C1+DXOySbxxXR253CHZL3Gam4oWcK+z0jOgWD
- KQVQ4wAnqYD+u1HxPjsMmK7x7tETckZkj0syTs9kzxqlsTSm8F8Y+ES7E+qNXyR9
- OxVgjr70vdgEp9AQftMQZ781SclWz7eLe5sXC1TuIct1sD6NssHGfCaxfFipSjEk
- zeU/pZodfREUQSrlVbbb9HU0N59eHfGGKvZ0vojhuWPOrVzpPJGKTI20aQPn+VJ5
- KH3Nf1ICSa7Vxw==
- </issuer>
- </class>
-</message>
diff --git a/scripts/up-down-protocol-samples/revoke.xml b/scripts/up-down-protocol-samples/revoke.xml
deleted file mode 100644
index eb4b3efb..00000000
--- a/scripts/up-down-protocol-samples/revoke.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="revoke">
- <key class_name="ISP5"
- ski="CfAUC3n7C_-o71S57D65i9DLnOw"/>
-</message>
diff --git a/scripts/up-down-protocol-samples/revoke_response.xml b/scripts/up-down-protocol-samples/revoke_response.xml
deleted file mode 100644
index 9f4ebacc..00000000
--- a/scripts/up-down-protocol-samples/revoke_response.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<message xmlns="http://www.apnic.net/specs/rescerts/up-down/"
- version="1"
- sender="sender name"
- recipient="recipient name"
- type="revoke_response">
- <key class_name="ISP5"
- ski="CfAUC3n7C_-o71S57D65i9DLnOw"/>
-</message>
diff --git a/scripts/up-down-schema.rnc b/scripts/up-down-schema.rnc
deleted file mode 100644
index 10736576..00000000
--- a/scripts/up-down-schema.rnc
+++ /dev/null
@@ -1,71 +0,0 @@
-# $Id$
-#
-# RelaxNG (Compact Syntax) Scheme for up-down protocol, extracted
-# from APNIC Wiki.
-#
-# libxml2 (including xmllint) only groks the XML syntax of RelaxNG,
-# so run this through a converter like /usr/ports/textproc/trang to get
-# XML syntax:
-#
-# $ trang up-down-schema.rnc up-down-schema.rng
-
- default namespace = "http://www.apnic.net/specs/rescerts/up-down/"
-
- grammar {
- start = element message {
- attribute version { xsd:positiveInteger { maxInclusive="1" } },
- attribute sender { xsd:token { maxLength="1024" } },
- attribute recipient { xsd:token { maxLength="1024" } },
- payload
- }
-
- payload |= attribute type { "list" }, list_request
- payload |= attribute type { "list_response"}, list_response
- payload |= attribute type { "issue" }, issue_request
- payload |= attribute type { "issue_response"}, issue_response
- payload |= attribute type { "revoke" }, revoke_request
- payload |= attribute type { "revoke_response"}, revoke_response
- payload |= attribute type { "error_response"}, error_response
-
- list_request = empty
- list_response = class*
-
- class = element class {
- attribute class_name { xsd:token { maxLength="1024" } },
- attribute cert_url { xsd:string { maxLength="4096" } },
- attribute resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } },
- attribute resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } },
- attribute resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } },
- attribute resource_set_notafter { xsd:dateTime { pattern=".*Z" } }?,
- attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?,
- element certificate {
- attribute cert_url { xsd:string { maxLength="4096" } },
- attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?,
- attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?,
- attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?,
- xsd:base64Binary { maxLength="512000" }
- }*,
- element issuer { xsd:base64Binary { maxLength="512000" } }
- }
-
- issue_request = element request {
- attribute class_name { xsd:token { maxLength="1024" } },
- attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?,
- attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?,
- attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?,
- xsd:base64Binary { maxLength="512000" }
- }
- issue_response = class
-
- revoke_request = revocation
- revoke_response = revocation
-
- revocation = element key {
- attribute class_name { xsd:token { maxLength="1024" } },
- attribute ski { xsd:token { maxLength="1024" } }
- }
-
- error_response =
- element status { xsd:positiveInteger { maxInclusive="999999999999999" } },
- element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }?
- }
diff --git a/scripts/up-down-schema.rng b/scripts/up-down-schema.rng
deleted file mode 100644
index 1c6cd854..00000000
--- a/scripts/up-down-schema.rng
+++ /dev/null
@@ -1,249 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- $Id$
-
- RelaxNG (Compact Syntax) Scheme for up-down protocol, extracted
- from APNIC Wiki.
-
- libxml2 (including xmllint) only groks the XML syntax of RelaxNG,
- so run this through a converter like /usr/ports/textproc/trang to get
- XML syntax:
-
- $ trang up-down-schema.rnc up-down-schema.rng
--->
-<grammar ns="http://www.apnic.net/specs/rescerts/up-down/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
- <start>
- <element name="message">
- <attribute name="version">
- <data type="positiveInteger">
- <param name="maxInclusive">1</param>
- </data>
- </attribute>
- <attribute name="sender">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <attribute name="recipient">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <ref name="payload"/>
- </element>
- </start>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>list</value>
- </attribute>
- <ref name="list_request"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>list_response</value>
- </attribute>
- <ref name="list_response"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>issue</value>
- </attribute>
- <ref name="issue_request"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>issue_response</value>
- </attribute>
- <ref name="issue_response"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>revoke</value>
- </attribute>
- <ref name="revoke_request"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>revoke_response</value>
- </attribute>
- <ref name="revoke_response"/>
- </define>
- <define name="payload" combine="choice">
- <attribute name="type">
- <value>error_response</value>
- </attribute>
- <ref name="error_response"/>
- </define>
- <define name="list_request">
- <empty/>
- </define>
- <define name="list_response">
- <zeroOrMore>
- <ref name="class"/>
- </zeroOrMore>
- </define>
- <define name="class">
- <element name="class">
- <attribute name="class_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <attribute name="cert_url">
- <data type="string">
- <param name="maxLength">4096</param>
- </data>
- </attribute>
- <attribute name="resource_set_as">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,0-9]*</param>
- </data>
- </attribute>
- <attribute name="resource_set_ipv4">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/.0-9]*</param>
- </data>
- </attribute>
- <attribute name="resource_set_ipv6">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/:0-9a-fA-F]*</param>
- </data>
- </attribute>
- <optional>
- <attribute name="resource_set_notafter">
- <data type="dateTime">
- <param name="pattern">.*Z</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="suggested_sia_head">
- <data type="anyURI">
- <param name="maxLength">1024</param>
- <param name="pattern">rsync://.+</param>
- </data>
- </attribute>
- </optional>
- <zeroOrMore>
- <element name="certificate">
- <attribute name="cert_url">
- <data type="string">
- <param name="maxLength">4096</param>
- </data>
- </attribute>
- <optional>
- <attribute name="req_resource_set_as">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv4">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/.0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv6">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/:0-9a-fA-F]*</param>
- </data>
- </attribute>
- </optional>
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </zeroOrMore>
- <element name="issuer">
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </element>
- </define>
- <define name="issue_request">
- <element name="request">
- <attribute name="class_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <optional>
- <attribute name="req_resource_set_as">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv4">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/.0-9]*</param>
- </data>
- </attribute>
- </optional>
- <optional>
- <attribute name="req_resource_set_ipv6">
- <data type="string">
- <param name="maxLength">512000</param>
- <param name="pattern">[\-,/:0-9a-fA-F]*</param>
- </data>
- </attribute>
- </optional>
- <data type="base64Binary">
- <param name="maxLength">512000</param>
- </data>
- </element>
- </define>
- <define name="issue_response">
- <ref name="class"/>
- </define>
- <define name="revoke_request">
- <ref name="revocation"/>
- </define>
- <define name="revoke_response">
- <ref name="revocation"/>
- </define>
- <define name="revocation">
- <element name="key">
- <attribute name="class_name">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- <attribute name="ski">
- <data type="token">
- <param name="maxLength">1024</param>
- </data>
- </attribute>
- </element>
- </define>
- <define name="error_response">
- <element name="status">
- <data type="positiveInteger">
- <param name="maxInclusive">999999999999999</param>
- </data>
- </element>
- <optional>
- <element name="description">
- <attribute name="xml:lang">
- <data type="language"/>
- </attribute>
- <data type="string">
- <param name="maxLength">1024</param>
- </data>
- </element>
- </optional>
- </define>
-</grammar>
diff --git a/scripts/xml-parse-test.py b/scripts/xml-parse-test.py
deleted file mode 100755
index bde7d167..00000000
--- a/scripts/xml-parse-test.py
+++ /dev/null
@@ -1,67 +0,0 @@
-# $Id$
-
-# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-import glob, rpki.up_down, rpki.left_right, rpki.relaxng, xml.sax, lxml.etree, lxml.sax, POW, POW.pkix
-
-verbose = True
-
-def test(fileglob, rng, sax_handler, encoding, tester=None):
- files = glob.glob(fileglob)
- files.sort()
- for f in files:
- print "\n<!--", f, "-->"
- handler = sax_handler()
- elt_in = lxml.etree.parse(f).getroot()
- rng.assertValid(elt_in)
- lxml.sax.saxify(elt_in, handler)
- elt_out = handler.result.toXML()
- rng.assertValid(elt_out)
- if (tester):
- tester(elt_in, elt_out, handler.result)
- print lxml.etree.tostring(elt_out, pretty_print=True, encoding=encoding, xml_declaration=True)
-
-def pprint_cert(cert):
- print cert.get_POW().pprint()
-
-def ud_tester(elt_in, elt_out, msg):
- assert isinstance(msg, rpki.up_down.message_pdu)
- if verbose:
- if isinstance(msg.payload, rpki.up_down.list_response_pdu):
- for c in msg.payload.classes:
- for i in range(len(c.certs)):
- print "[Certificate #%d]" % i
- pprint_cert(c.certs[i].cert)
- print "[Issuer]"
- pprint_cert(c.issuer)
-
-def lr_tester(elt_in, elt_out, msg):
- assert isinstance(msg, rpki.left_right.msg)
- if verbose:
- for bsc in [x for x in msg if isinstance(x, rpki.left_right.bsc_elt)]:
- for cert in bsc.signing_cert:
- pprint_cert(cert)
-
-test(fileglob="up-down-protocol-samples/*.xml",
- rng=rpki.relaxng.up_down,
- sax_handler=rpki.up_down.sax_handler,
- encoding="utf-8",
- tester=ud_tester)
-
-test(fileglob="left-right-protocol-samples/*.xml",
- rng=rpki.relaxng.left_right,
- sax_handler=rpki.left_right.sax_handler,
- encoding="us-ascii",
- tester=lr_tester)
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-12 18:36:52 +0000