IETF Logo Mail Archive

Re: [Sidrops] I-D Action: draft-ietf-sidrops-aspa-profile-15.txt

Job Snijders <job@fastly.com> Fri, 23 June 2023 13:04 UTC

Return-Path: <job@fastly.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9765AC151083 for <sidrops@ietfa.amsl.com>; Fri, 23 Jun 2023 06:04:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A8GnJ938xgj1 for <sidrops@ietfa.amsl.com>; Fri, 23 Jun 2023 06:04:31 -0700 (PDT)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E474BC14CE3B for <sidrops@ietf.org>; Fri, 23 Jun 2023 06:04:31 -0700 (PDT)
Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-988883b0d8fso72385266b.1 for <sidrops@ietf.org>; Fri, 23 Jun 2023 06:04:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; t=1687525470; x=1690117470; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=U+EFFLeJdy9S2X02jS77XjKQ5TAh9qnjTloZpFibBqo=; b=qKZP+rkAzgHRqV7e9t8UG2BsbIGcF0iK9QUj9yl3Md7fCYlqDqKJghVLJ0z4NPJI62 RF+KL2QVS7T3IQs3zIOpHppEnA5w7vj+ozpiydtfbrzzE4VxC2+uH9TKgwDdcA2plktl TNp9G4UM1jBKeeoG50zRW1nbe15E7bxr51gmk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687525470; x=1690117470; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=U+EFFLeJdy9S2X02jS77XjKQ5TAh9qnjTloZpFibBqo=; b=MOfpnGd6YqhDkoe3S7N6SBwiiK2rTjPlT1eNewzyEZsAGu0ltSLafAglzeGTYG2rkz HIeXpvZUH0XDuBivHPRWkxb9hSJ/6QFVsc39NhwEPZG+wIXWYjDTF8EUXPIhhKA/NsYN eUuRUxzmP5DFE+hwwazS2SK2LQnYpJtCnOP8SdSMKKZUsHdbFbl8Az3ScmKc2QtnqSEy Dd4cXSNvu/r0IuubOa8rPTsT0o0KacjwaPFOilfJp1I0fcweBiDT1524hQfWcQDOkKJs fkAkEcaE9IOlZPG4LPbiDfn1vH5CxWM0mpSUGrLQUioP+DUNQjJyukq504/rG9aWDJE/ b2wg==
X-Gm-Message-State: AC+VfDwB6gDatcoMoQdca64nh+nzS6A3fEai2QgH6ZKgbRvzcEOpmX2F erbVt2yrOmNNldGWjZF+eXfBvA==
X-Google-Smtp-Source: ACHHUZ47xQjfajAwPDpKvvyyRWGlysW/IJ1vOj2OYuMp6fLkjehOBdp6+N7yeFN5FvOwuNm+1h1AWg==
X-Received: by 2002:a17:907:9309:b0:97e:aace:b6bc with SMTP id bu9-20020a170907930900b0097eaaceb6bcmr17515835ejc.53.1687525470208; Fri, 23 Jun 2023 06:04:30 -0700 (PDT)
Received: from snel ([2a10:3781:276:1:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id c15-20020a170906170f00b0098d2f703408sm2182822eje.118.2023.06.23.06.04.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 23 Jun 2023 06:04:29 -0700 (PDT)
Date: Fri, 23 Jun 2023 15:04:28 +0200
From: Job Snijders <job@fastly.com>
To: Ties de Kock <tdekock@ripe.net>
Cc: SIDR Operations WG <sidrops@ietf.org>
Message-ID: <ZJWYXLuafG2eLvJb@snel>
References: <20230608181440.33d6926f@glaurung.nlnetlabs.nl> <0C543A94-F70E-4A40-8350-C98FAAB5A9B5@vigilsec.com> <D100381E-6498-4EAD-B056-18F89836C097@ripe.net> <96D52BC8-C3BA-43C8-90E1-DD2621C2292F@vigilsec.com> <20230613094413.364aaa8c@smaug.local.partim.org> <26E1759F-08FA-430D-8F89-BDC6C3DC4B9D@vigilsec.com> <20230613150156.29022a0e@glaurung.nlnetlabs.nl> <ZIitpTWScXigugLD@feather.sobornost.net> <04D76EAA-AD2E-4A76-8709-0D063E4310EA@ripe.net> <8A5BE901-0BF5-4EDB-9612-ECC297C24D60@ripe.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <8A5BE901-0BF5-4EDB-9612-ECC297C24D60@ripe.net>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/DyBkPcoe8r1H1pgg9l9ZFSg3pgQ>
Subject: Re: [Sidrops] I-D Action: draft-ietf-sidrops-aspa-profile-15.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jun 2023 13:04:35 -0000

On Fri, Jun 23, 2023 at 02:59:50PM +0200, Ties de Kock wrote:
> I realised that I did not share an object for interoperability
> testing. I have included a sample that is generated by a property test
> (so values are random) by rpki-commons below.
> 
> rpki-commons generates and checks for version 1 with tag 0.

Thanks Ties, I was able to successfully decode it:

Hash identifier:          60taiK3+4GbA4DnxwYmd/iDxZ+lZ/LQme8pPB/WxS/U=
Subject key identifier:   23:E6:2B:A0:63:02:51:90:1A:D3:3E:76:71:56:FA:C6:98:9B:CE:A0
Certificate issuer:       /CN=issuer
Certificate serial:       0A
Authority key identifier: 23:E6:2B:A0:63:02:51:90:1A:D3:3E:76:71:56:FA:C6:98:9B:CE:A0
Authority info access:    rsync://certificate/repository/ca.cer
Subject info access:      rsync://certificate/repository/filename.asa
Signing time:             Fri 23 Jun 2023 12:26:08 +0000
ASPA not before:          Fri 23 Jun 2023 12:26:08 +0000
ASPA not after:           Sun 23 Jun 2024 12:27:08 +0000
Customer ASID:            3681266052
Provider set:             AS: 315330153
                          AS: 322185413
                          AS: 335760976
                          AS: 370328130
                          AS: 378223116
                          AS: 403178249
                          AS: 476206576
                          AS: 492230403
                          AS: 565013824
                          AS: 624784309
                          AS: 629883015
                          AS: 656132162
                          AS: 673569955
                          AS: 680352082
                          AS: 692535079
                          AS: 746687158
                          AS: 765211479
                          AS: 859139438
                          AS: 996411969
                          AS: 1037099804
                          AS: 1058003816
                          AS: 1060660712
                          AS: 1110568191
                          AS: 1164487717
                          AS: 1222488924
                          AS: 1273309205
                          AS: 1300572919
                          AS: 1334398861
                          AS: 1357703641
                          AS: 1360221517
                          AS: 1457031136
                          AS: 1459501681
                          AS: 1464659585
                          AS: 1465494779
                          AS: 1466371557
                          AS: 1473985188
                          AS: 1643497647
                          AS: 1684980818
                          AS: 1709776234
                          AS: 1786067148
                          AS: 1874574111
                          AS: 2014022633
                          AS: 2137785858
                          AS: 2159820312
                          AS: 2211371692
                          AS: 2259557209
                          AS: 2273930069
                          AS: 2336444538
                          AS: 2397490731
                          AS: 2465655524
                          AS: 2472852142
                          AS: 2491992879
                          AS: 2503802552
                          AS: 2514776417
                          AS: 2590593231
                          AS: 2663766062
                          AS: 2670570239
                          AS: 2697203733
                          AS: 2767445711
                          AS: 2790710442
                          AS: 2800923687
                          AS: 2900639749
                          AS: 2969882793
                          AS: 2981637276
                          AS: 3012614665
                          AS: 3195488983
                          AS: 3207381036
                          AS: 3228989035
                          AS: 3422770571
                          AS: 3468672520
                          AS: 3504807425
                          AS: 3558470724
                          AS: 3569461009
                          AS: 3571807857
                          AS: 3598609426
                          AS: 3611298772
                          AS: 3701068102
                          AS: 3798695172
                          AS: 3801084401
                          AS: 4072234386
                          AS: 4224081285
                          AS: 4254808914
Validation:               Failed, unable to get local issuer certificate

v2.23.0 | Report a Bug | By Email