inspecting RPKI data:

Dear all,

I'd like to introduce another tool to inspect RPKI data... the
rpki-client console! Comes with an authentic 90s look & feel :slight_smile:

The Frontpage -

Thank You!

In before snark of “OMG “http” links to RPKI info HURF BLURF!”

( Just add the ‘s’ yourself kids, Job is a good boy and does have this properly TLS’d. :slight_smile: )

Thank you Job, excellent tool!

But Tom, that is exactly the whole point of the RPKI :slight_smile:

It's funny, but true! You really can safely use the RPKI data from the
console website in your own production environment, even after it has
been transported via mere HTTP - provided you have the TAL files to
build the chain of trust.

This applies also applies to the console's HTML itself: if you have the
TAL files + rpki-client + rsync + the openssl cli utility + ksh + perl;
you can generate any of the pages yourself and thus confirm their
authenticity and integrity.

Of course I don't expect anyone to jump through those hoops, but the
source code is here:

I'll concede HTTPS does provide some privacy while looking at these
gorgeous ASN.1 data structures :wink:

Kind regards,