aboutsummaryrefslogtreecommitdiff
path: root/scripts/resource-cert-samples/RIR.req
blob: d86020df421c7bc305c52d8093040f671c7f87e1 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

-----BEGIN CERTIFICATE REQUEST-----
MIID0zCCArsCAQAwGjEYMBYGA1UEAxMPVEVTVCBFTlRJVFkgUklSMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKcmxJhombby58WXBX751/LsOeYrjsJC
iLmPIrY8WbAOih0O+IGxyP9KihpDvHiRPq+ysJVgqT6dwv+Zj4+23NhGt4Y1pvZC
BcLFm4QV4lgPcJy8U9codvjyFHkivdaLbA4rAuXY8zP6FkObgIf5skWrvX0UsiQv
QRNvRcTc+U1/2NPhqlxSncl6OLewQ723ajdD7Oc0xDtMysx7H5Hvq9Q1dkKC1PV5
4BI8JJIu3KJcg/BxiiaWMNS4lk0ALBrwD3lSxydzVHfBhvmGYc7gaaeoPXc55yTu
QY1SGTtXjITMmtUFfOaDLOMTbWYbhyCCR+EFJvA7KWltvK9IkcRA8QIDAQABoIIB
cjCCAW4GCSqGSIb3DQEJDjGCAV8wggFbMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
BBYEFPu4p6M2SAqgn/Au3ItovLNcRSXXMA4GA1UdDwEB/wQEAwIBBjBABggrBgEF
BQcBCwQ0MDIwMAYIKwYBBQUHMAWGJHJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry
bi5uZXQvUklSLzAmBggrBgEFBQcBCAEB/wQXMBWgEzARMAoCAwD8FQIDAPwcAgMA
/CAwga4GCCsGAQUFBwEHAQH/BIGeMIGbMDIEAgABMCwDBAAKAAADBAAKAwAwDgMF
AMAAAgEDBQHAAAIgMA4DBQLAAAIsAwUAwAACZDBlBAIAAjBfMCYDEQIgAQ24AAAA
AAAAAAAAAABEAxEAIAENuAAAAAAAAAAAAAABAAMQACABDbgAAAAAAAAAAAoAAAMQ
ACABDbgAAAAAAAAAAAoDAAMRACABDbgAAAAAAAAAEAAAAEQwDQYJKoZIhvcNAQEF
BQADggEBACxlBDXYMPg+b4ob7rJxpi+V7mYAUkkdk3GlPuSJMyURO+51kSrEpp+q
V7F8bWccjXR123Qjo6agabR22r+d961GflRKimhMZAY8rVRGHO+Pdca7eqxMRxwF
kfuxb2W3TPGcdpuUsoMfe2vxjHZRd3uKL47SrctNpXYrvesjhQpLz1UTQ4Hnv/aw
Ks0pxPqaVNcGXbJKSUwu5x36Cuky4r3dK299QBAuAsv0qPuxOPOLOY0bKTliEHlg
qkadGSvnzLkTvFn41SDBZpFZY2o3RbIwMY0tSvnLN8lvlS9P20Wgl4xUJ39qRRfO
94XlYnKios+AFEUAEzqFh/VnNclb1dw=
-----END CERTIFICATE REQUEST-----
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-17 05:04:04 +0000
.fm { color: #06B; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #369 } /* Name.Variable.Class */ .highlight .vg { color: #D70 } /* Name.Variable.Global */ .highlight .vi { color: #33B } /* Name.Variable.Instance */ .highlight .vm { color: #369 } /* Name.Variable.Magic */ .highlight .il { color: #00D; font-weight: bold } /* Literal.Number.Integer.Long */
"""
Test parser and display tool for myrpki.xml files.

$Id$

Copyright (C) 2009  Internet Systems Consortium ("ISC")

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""

import lxml.etree, rpki.resource_set, base64, subprocess
import schema

tree = lxml.etree.parse("myrpki.xml").getroot()

if False:
  print lxml.etree.tostring(tree, pretty_print = True, encoding = "us-ascii", xml_declaration = True)

schema.myrpki.assertValid(tree)

def showitems(x):
  if False:
    for k, v in x.items():
      if v:
        print " ", k, v

def tag(t):
  return "{http://www.hactrn.net/uris/rpki/myrpki/}" + t

print "My handle:", tree.get("handle")

print "Children:"
for x in tree.getiterator(tag("child")):
  print " ", x
  print "  Handle:", x.get("handle")
  print "  ASNS:  ", rpki.resource_set.resource_set_as(x.get("asns"))
  print "  IPv4:  ", rpki.resource_set.resource_set_ipv4(x.get("v4"))
  print "  Valid: ", x.get("valid_until")
  showitems(x)
print

print "ROA requests:"
for x in tree.getiterator(tag("roa_request")):
  print " ", x
  print "  ASN: ", x.get("asn")
  print "  IPv4:", rpki.resource_set.roa_prefix_set_ipv4(x.get("v4"))
  print "  IPv6:", rpki.resource_set.roa_prefix_set_ipv6(x.get("v6"))
  showitems(x)
print

def showpem(label, b64, kind):
  cmd = ("openssl", kind, "-noout", "-text", "-inform", "DER")
  if kind == "x509":
    cmd += ("-certopt", "no_pubkey,no_sigdump")
  p = subprocess.Popen(cmd, stdin = subprocess.PIPE, stdout = subprocess.PIPE)
  text = p.communicate(input = base64.b64decode(b64))[0]
  if p.returncode != 0:
    raise subprocess.CalledProcessError(returncode = p.returncode, cmd = cmd)
  print label, text

for x in tree.getiterator(tag("child")):
  cert = x.findtext(tag("bpki_certificate"))
  if cert:
    showpem("Child", cert, "x509")

for x in tree.getiterator(tag("parent")):
  print "Parent URI:", x.get("service_uri")
  cert = x.findtext(tag("bpki_certificate"))
  if cert:
    showpem("Parent", cert, "x509")

ca = tree.findtext(tag("bpki_ca_certificate"))
if ca:
  showpem("CA", ca, "x509")

bsc = tree.findtext(tag("bpki_bsc_certificate"))
if bsc:
  showpem("BSC EE", bsc, "x509")

repo = tree.findtext(tag("bpki_repository_certificate"))
if repo:
  showpem("Repository", repo, "x509")

req = tree.findtext(tag("bpki_bsc_pkcs10"))
if req:
  showpem("BSC EE", req, "req")

crl = tree.findtext(tag("bpki_crl"))
if crl:
  showpem("CA", crl, "crl")
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-17 05:03:58 +0000