aboutsummaryrefslogtreecommitdiff
path: root/scripts/resource-cert-samples/RIR.cnf
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/resource-cert-samples/RIR.cnf')
-rw-r--r--scripts/resource-cert-samples/RIR.cnf19
1 files changed, 16 insertions, 3 deletions
diff --git a/scripts/resource-cert-samples/RIR.cnf b/scripts/resource-cert-samples/RIR.cnf
index 95726761..b70b41e8 100644
--- a/scripts/resource-cert-samples/RIR.cnf
+++ b/scripts/resource-cert-samples/RIR.cnf
@@ -13,11 +13,13 @@ name_opt = ca_default
cert_opt = ca_default
default_days = 365
default_crl_days = 30
-default_md = sha1
+default_md = sha256
preserve = no
copy_extensions = copy
policy = ca_policy_anything
unique_subject = no
+x509_extensions = ca_x509_ext
+crl_extensions = crl_x509_ext
[ ca_policy_anything ]
countryName = optional
@@ -34,7 +36,7 @@ surname = optional
default_bits = 2048
encrypt_key = no
distinguished_name = req_dn
-x509_extensions = req_x509_ext
+req_extensions = req_x509_ext
prompt = no
[ req_dn ]
@@ -43,9 +45,20 @@ CN = TEST ENTITY RIR
[ req_x509_ext ]
basicConstraints = critical,CA:true
subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid
keyUsage = critical,keyCertSign,cRLSign
subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/RIR/
#authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/???.cer
sbgp-autonomousSysNum = critical,AS:64533,AS:64534-64540,AS:64544
sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv4:10.3.0.0/24,IPv4:192.0.2.1-192.0.2.33,IPv4:192.0.2.44-192.0.2.100,IPv6:2001:db8::44-2001:db8::100,IPv6:2001:db8::a00:0/120,IPv6:2001:db8::a03:0/120,IPv6:2001:db8::10:0:44/128
+
+[ ca_x509_ext ]
+basicConstraints = critical,CA:true
+#authorityKeyIdentifier = keyid:always
+keyUsage = critical,keyCertSign,cRLSign
+subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://wombats-r-us.hactrn.net/RIR/
+#authorityInfoAccess = caIssuers;URI:rsync://wombats-r-us.hactrn.net/???.cer
+sbgp-autonomousSysNum = critical,AS:64533,AS:64534-64540,AS:64544
+sbgp-ipAddrBlock = critical,IPv4:10.0.0.0/24,IPv4:10.3.0.0/24,IPv4:192.0.2.1-192.0.2.33,IPv4:192.0.2.44-192.0.2.100,IPv6:2001:db8::44-2001:db8::100,IPv6:2001:db8::a00:0/120,IPv6:2001:db8::a03:0/120,IPv6:2001:db8::10:0:44/128
+
+[ crl_x509_ext ]
+authorityKeyIdentifier = keyid:always
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-13 21:55:31 +0000