rpkimancer.cert.base module¶
Base RPKI Resource Certificate implementation - RFC6487.
- class rpkimancer.cert.base.BaseResourceCertificate(*, common_name, days=365, issuer=None, ca=False, base_uri='rsync://rpki.example.net/rpki', ip_resources=None, as_resources=None)¶
Bases:
objectBase RPKI Resource Certificate class - RFC6487.
- Parameters:
common_name (str) –
days (int) –
issuer (Optional[CertificateAuthority]) –
ca (bool) –
base_uri (str) –
ip_resources (Optional[IpResourcesInfo]) –
as_resources (Optional[AsResourcesInfo]) –
- hash_algorithm¶
alias of
SHA256
- property sia: Optional[SubjectInformationAccess]¶
Construct the SIA extension.
- property cps: Optional[CertificatePolicies]¶
Construct the CPS extension.
- property mft_entry: Optional[Tuple[str, bytes]]¶
Get an entry for inclusion in the issuer’s manifest.
- publish(*, pub_path, recursive=True, **kwargs)¶
Publish artifact files in the PP.
- Parameters:
pub_path (str) –
recursive (bool) –
kwargs (Any) –
- Return type:
None
- property private_key: RSAPrivateKey¶
Get the private part of the RSA key pair.
- property public_key: RSAPublicKey¶
Get the public part of the RSA key pair.
- property cert_builder: CertificateBuilder¶
Get the certificate builder used to construct the certificate.
- property base_uri: str¶
Get the base URI of the RPKI publication service.
- property uri_path: str¶
Get the relative filesystem path equivalent of base_uri.
- property cert: Certificate¶
Get the underlying cryptography X.509 Certificate object.
- property cert_der: bytes¶
Get cert DER-encoded.
- property issuer: Optional[CertificateAuthority]¶
Get the issuing CertificateAuthority.
- property subject_cn: str¶
Get the common_name component of the subjectName.
- property ski_digest: bytes¶
Get the message digest of the SKI extension.
- property asn1_cert: Certificate¶
Get an ASN.1 Certificate for the certificate.
- property subject_public_key_info: SubjectPublicKeyInfo¶
Get the subjectPublicKeyInfo for the certificate.