Closed ydahhrk closed 1 month ago
Orders from above. Something like
$ fort --mode=print cache/a.b/rpp1/achoo.roa { "ContentType": "signedData", "SignedData": { "version": 3, "digestAlgorithms": [ { "algorithm": "sha256" } ], "encapContentInfo": { "ContentType": "ROA", "RouteOriginAttestation": { "asId": 1234, "ipAddrBlocks": [ { "addressFamily": "IPv4", "addresses": [ { "prefix": "192.0.2.1", "length": 24, "maxLength": 26 } ] }, { "addressFamily": "IPv6", "addresses": [ { "prefix": "2001:db8::1", "length": 29, "maxLength": 48 } ] } ] } }, "certificates": [ { "tbsCertificate": { "version": 2, "serialNumber": "0123456", "signature": "sha256WithRSAEncryption", "issuer": { "commonName": "aabbccddeeff" }, "validity": { "notBefore": "2024-01-01 00:00:00Z", "notAfter": "2025-07-01 00:00:00Z" }, "subject": { "commonName": "001122334455" }, "subjectPublicKeyInfo": { "algorithm": "rsaEncryption", "subjectPublicKey": "---BEGIN PUBLIC KEY---blah blah---END PUBLIC KEY---\n" }, "issuerUniqueID": null, "subjectUniqueID": null, "extensions": { "X509v3 Subject Key Identifier": { "critical": false, "value": "abcdef" }, "X509v3 Authority Key Identifier": { "critical": false, "value": "56789" }, "X509v3 Key Usage": { "critical": true, "value": "Digital Signature" }, "Authority Information Access": { "critical": false, "value": "rsync://a.b.c/d/e.cer" }, "Subject Information Access": { "critical": false, "value": "rsync://a.b.c/d/f.roa" }, "X509v3 CRL Distribution Points": { "critical": false, "value": "rsync://a.b.c/d/g.crl" }, "X509v3 Certificate Policies": { "critical": true, "value": "ipAddr-asNumber" }, "sbgp-ipAddrBlock": { "critical": true, "value": "192.0.2.1/24" } } }, "signatureAlgorithm": "sha256WithRSAEncryption", "signatureValue": "blah blah blah" } ], "signerInfos": [ { "version": 3, "sid": "1234", "digestAlgorithm": { "algorithm": "sha256" }, "signedAttrs": { "Content-Type": [ "ROA" ], "Signing-Time": [ "2024-01-01 00:00:00Z" ], "Message-Digest": [ "aaabbbccc" ] }, "signatureAlgorithm": { "algorithm": "sha256WithRSAEncryption", "parameters": "0500" }, "signature": "blah blah blah" } ] } }
https://nicmx.github.io/FORT-validator/mode-print.html
Orders from above. Something like