Google Git
Sign in
chromium / chromium / src.git / 0de7df17b0f15613b30a422226d96c6429255d5c / . / net / data / verify_certificate_chain_unittest / constrained-root-lacks-basic-constraints.pem
blob: 307b9f235db700a4766dc37338f8906087fa9071 [file] [log] [blame]
[Created by: generate-constrained-root-lacks-basic-constraints.py]
Certificate chain with 1 intermediate and a trust anchor. The trust anchor
lacks the basic constraints extension, and is loaded with anchor constraints.
This is not a problem and verification should succeed.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ad:75:ea:d9:63:a8:36:b6:47:9e:1f:f4:c4:38:
b8:81:a1:cb:46:09:41:00:e8:12:9e:fd:c1:f8:92:
cc:cb:92:90:72:e3:8c:74:20:9a:b2:d7:17:2a:c5:
91:d7:2f:99:64:ad:96:52:16:bc:cd:f0:7a:5d:c8:
04:90:f9:28:ec:05:40:4a:ca:29:33:9f:6c:98:5b:
da:9d:be:6a:a5:2d:82:a5:78:2e:b9:a9:20:77:c0:
53:3c:63:19:af:ca:1c:20:da:b6:69:bc:0b:ba:b5:
f0:a0:92:e7:f5:34:af:a2:41:32:86:6d:67:03:5e:
d5:e6:68:d0:e5:8d:54:89:5d:39:66:ae:af:f2:2f:
38:e2:f6:64:a5:7c:84:fe:2b:87:73:1b:76:29:c8:
d9:06:a8:bf:c7:c9:90:a2:7a:ab:36:b5:96:b2:e4:
1c:68:3a:27:d6:80:e8:f6:cd:61:cf:c5:a6:f8:60:
bf:bc:2c:8c:aa:fb:ae:a4:12:b7:3f:a5:db:cc:25:
f7:7e:fe:01:bf:0e:2d:26:ef:b4:da:d0:e7:31:53:
88:e6:3f:bc:85:f9:e7:9d:40:a9:70:8a:73:8d:f7:
b3:dd:7d:67:52:a5:98:7a:22:2b:e8:15:3f:82:4e:
10:27:ed:92:f8:fa:41:89:6b:26:e9:dd:93:4a:74:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9A:80:3A:5C:7F:B9:45:6C:C1:79:03:FC:BE:1D:F9:00:A5:ED:9E
X509v3 Authority Key Identifier:
keyid:A4:79:C2:53:F1:7B:AF:B0:97:61:6B:AE:EA:24:7A:98:C7:D7:41:18
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
5e:39:9f:dc:2f:71:14:dc:68:84:af:52:a3:3d:07:68:3f:cc:
db:fa:4e:b9:d8:7e:7a:a0:7c:9a:75:81:55:a4:c2:45:4f:90:
46:d4:8d:08:ca:3a:fa:64:04:b0:1c:42:e4:64:ad:4b:d3:c3:
3c:57:b5:47:76:fd:7e:e4:a5:6c:22:71:4b:1c:d2:0d:23:8c:
b1:9a:20:18:f5:78:49:fa:06:e6:47:e5:4a:43:88:b4:8e:b8:
d9:23:b8:75:97:d4:cd:db:58:dd:7a:21:c6:65:47:fa:2f:f5:
c5:c7:c3:43:7f:e2:61:ff:55:e5:0e:1e:f7:2b:a7:1a:45:16:
16:e6:bb:4b:f5:f5:2d:fd:01:f2:e3:41:b9:d1:dc:bb:52:97:
c5:90:cf:d1:57:70:46:46:ad:0f:e3:81:cc:18:e6:ce:05:fd:
29:09:b2:eb:91:18:79:38:92:23:33:9b:0f:53:b1:fe:5d:81:
65:b9:49:c9:64:6a:75:c4:e6:fe:8b:fc:3f:06:22:ab:e0:0a:
18:d9:d5:5e:a6:d5:bd:2d:9f:b4:48:b5:ba:42:54:c7:75:be:
8d:95:8b:ef:27:68:2a:a9:82:14:e4:9f:2c:ec:fd:27:cb:56:
c3:26:ec:10:96:85:f5:9b:42:b6:9c:99:ee:48:4a:3e:1b:81:
9c:5f:7d:ad
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtderZ
Y6g2tkeeH/TEOLiBoctGCUEA6BKe/cH4kszLkpBy44x0IJqy1xcqxZHXL5lkrZZS
FrzN8HpdyASQ+SjsBUBKyikzn2yYW9qdvmqlLYKleC65qSB3wFM8Yxmvyhwg2rZp
vAu6tfCgkuf1NK+iQTKGbWcDXtXmaNDljVSJXTlmrq/yLzji9mSlfIT+K4dzG3Yp
yNkGqL/HyZCieqs2tZay5BxoOifWgOj2zWHPxab4YL+8LIyq+66kErc/pdvMJfd+
/gG/Di0m77Ta0OcxU4jmP7yF+eedQKlwinON97PdfWdSpZh6IivoFT+CThAn7ZL4
+kGJaybp3ZNKdNOpAgMBAAGjgekwgeYwHQYDVR0OBBYEFJKagDpcf7lFbMF5A/y+
HfkApe2eMB8GA1UdIwQYMBaAFKR5wlPxe6+wl2FrruokepjH10EYMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAXjmf3C9xFNxohK9Soz0H
aD/M2/pOudh+eqB8mnWBVaTCRU+QRtSNCMo6+mQEsBxC5GStS9PDPFe1R3b9fuSl
bCJxSxzSDSOMsZogGPV4SfoG5kflSkOItI642SO4dZfUzdtY3XohxmVH+i/1xcfD
Q3/iYf9V5Q4e9yunGkUWFua7S/X1Lf0B8uNBudHcu1KXxZDP0VdwRkatD+OBzBjm
zgX9KQmy65EYeTiSIzObD1Ox/l2BZblJyWRqdcTm/ov8PwYiq+AKGNnVXqbVvS2f
tEi1ukJUx3W+jZWL7ydoKqmCFOSfLOz9J8tWwybsEJaF9ZtCtpyZ7khKPhuBnF99
rQ==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9b:ae:24:f7:35:a1:99:8f:a3:2e:f8:62:c1:ba:
f3:f3:92:a8:18:1e:57:b1:40:17:0a:3a:3b:67:64:
7d:7c:97:98:ce:b0:e4:4b:aa:98:5e:66:4f:d6:4a:
83:2d:c2:db:ac:4e:d0:83:3c:07:0a:f1:51:3f:7d:
8f:5f:1d:48:14:e1:39:98:bf:c9:44:f6:a0:72:6c:
1d:1c:13:91:cd:90:e2:19:88:80:59:2f:13:62:ac:
9b:d0:19:53:a8:fe:f3:43:a7:94:fb:8c:df:98:10:
48:6c:4b:20:c5:70:21:27:43:02:fe:15:ed:37:bf:
ee:71:d0:7d:69:f6:94:82:8e:83:a5:f8:b2:31:47:
bf:af:5c:94:d8:d8:a7:f8:bd:a2:fa:89:62:61:43:
9e:46:10:e9:32:73:9c:32:bd:b9:a2:fe:35:96:df:
10:b5:a6:8f:af:ed:4b:e0:4b:22:00:7f:e8:78:bf:
e9:0f:2d:26:80:d2:96:3a:0a:2e:02:b9:f7:49:57:
d6:7e:df:e4:97:dd:50:69:c7:49:f2:b2:74:94:1e:
ea:f9:7b:61:45:36:3b:7d:29:6b:09:de:ac:58:19:
14:58:2c:83:b8:99:08:ba:be:78:ba:e8:f1:bb:f1:
09:32:44:18:fb:72:4e:41:1c:6b:43:16:a2:73:6a:
63:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:79:C2:53:F1:7B:AF:B0:97:61:6B:AE:EA:24:7A:98:C7:D7:41:18
X509v3 Authority Key Identifier:
keyid:75:7D:62:57:BC:81:26:58:67:4D:49:F8:04:11:12:62:63:3C:3C:DC
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
93:d8:9b:e5:69:16:43:e6:5b:3b:c0:70:44:ec:1d:7d:9e:4f:
28:16:99:b5:70:6f:5a:f6:f3:90:1f:e9:3c:eb:8f:bb:3b:28:
d0:e1:3f:60:6d:81:de:01:77:71:88:54:44:41:16:73:48:3c:
f6:5c:7d:6b:6d:81:e4:35:05:f6:4c:91:cb:a3:bf:06:d3:b2:
33:39:06:07:4f:2d:99:ff:34:85:6b:75:02:18:5f:b1:9e:5d:
a7:a0:78:b9:26:aa:1e:87:51:37:3f:47:af:56:07:04:95:01:
cf:40:39:0a:ce:01:7b:e0:34:dc:14:e3:06:57:d8:93:0c:6c:
90:51:92:51:6e:b8:f7:ff:62:81:e3:73:f1:34:5f:a0:19:7c:
39:d7:d1:81:10:5a:90:52:e1:32:c7:3a:66:69:c5:5b:d7:54:
15:70:d0:9b:42:bd:70:74:37:2b:a2:e7:ee:d3:20:96:3a:32:
ee:53:21:f0:f6:4b:c8:fb:a7:e1:ce:9d:72:cf:d0:e2:7c:e4:
13:20:66:62:8d:b6:b9:9d:56:4b:c8:cc:e9:00:b6:c7:f7:e4:
dc:ed:2c:25:af:32:05:98:ef:56:de:7a:07:ff:eb:62:c1:7b:
0b:56:95:ee:90:55:d6:6f:c9:8d:8f:15:dd:d3:65:c1:c7:8c:
94:f9:82:5d
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm64k9zWh
mY+jLvhiwbrz85KoGB5XsUAXCjo7Z2R9fJeYzrDkS6qYXmZP1kqDLcLbrE7QgzwH
CvFRP32PXx1IFOE5mL/JRPagcmwdHBORzZDiGYiAWS8TYqyb0BlTqP7zQ6eU+4zf
mBBIbEsgxXAhJ0MC/hXtN7/ucdB9afaUgo6DpfiyMUe/r1yU2Nin+L2i+oliYUOe
RhDpMnOcMr25ov41lt8QtaaPr+1L4EsiAH/oeL/pDy0mgNKWOgouArn3SVfWft/k
l91QacdJ8rJ0lB7q+XthRTY7fSlrCd6sWBkUWCyDuJkIur54uujxu/EJMkQY+3JO
QRxrQxaic2pjZQIDAQABo4HLMIHIMB0GA1UdDgQWBBSkecJT8XuvsJdha67qJHqY
x9dBGDAfBgNVHSMEGDAWgBR1fWJXvIEmWGdNSfgEERJiYzw83DA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AJPYm+VpFkPmWzvAcETsHX2eTygWmbVwb1r285Af6Tzrj7s7KNDhP2Btgd4Bd3GI
VERBFnNIPPZcfWttgeQ1BfZMkcujvwbTsjM5BgdPLZn/NIVrdQIYX7GeXaegeLkm
qh6HUTc/R69WBwSVAc9AOQrOAXvgNNwU4wZX2JMMbJBRklFuuPf/YoHjc/E0X6AZ
fDnX0YEQWpBS4TLHOmZpxVvXVBVw0JtCvXB0Nyui5+7TIJY6Mu5TIfD2S8j7p+HO
nXLP0OJ85BMgZmKNtrmdVkvIzOkAtsf35NztLCWvMgWY71beegf/62LBewtWle6Q
VdZvyY2PFd3TZcHHjJT5gl0=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d6:d2:49:ce:36:d3:12:76:22:3f:67:89:7e:64:
6e:09:f4:eb:b8:d7:66:3e:92:18:f2:2b:2c:4e:4a:
ca:77:97:83:cc:79:38:d2:50:ea:cf:7e:cf:dc:fa:
83:05:61:d1:70:8f:e3:32:85:39:52:57:0b:77:62:
a0:63:ce:69:79:d0:a5:2c:95:06:92:38:f1:12:41:
4b:5d:87:1e:8e:c5:40:28:36:16:c6:bd:fc:1f:ca:
07:73:d5:1d:c5:5d:46:56:03:c7:f6:67:fb:91:ab:
43:fb:53:48:a4:6f:75:e7:0b:10:f1:3d:aa:14:42:
32:0b:b1:fc:10:81:d0:18:1b:1b:bd:d1:fd:e9:0d:
53:64:3e:8f:3e:df:f0:07:2e:b8:b2:23:74:ea:9b:
23:7c:15:42:e5:53:1a:0c:80:1e:49:dd:4e:fa:e4:
50:a8:e2:74:3f:09:4f:bc:1c:71:7d:72:fe:7a:15:
ac:2e:0b:9b:8c:41:2b:ce:32:a4:f5:40:71:6b:e8:
2c:93:a9:41:03:53:95:a0:4a:68:2d:f0:b6:1e:01:
da:7d:34:47:3d:d5:fb:ef:63:9a:72:df:e8:14:08:
1a:29:29:aa:c3:ff:37:f4:ee:37:a4:45:da:d1:2c:
94:1c:f3:df:62:41:f2:d0:00:0e:2c:06:88:12:71:
8d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7D:62:57:BC:81:26:58:67:4D:49:F8:04:11:12:62:63:3C:3C:DC
X509v3 Authority Key Identifier:
keyid:75:7D:62:57:BC:81:26:58:67:4D:49:F8:04:11:12:62:63:3C:3C:DC
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
52:16:ce:5c:55:aa:c3:76:80:5a:60:ee:8a:85:f5:9f:64:ca:
6d:b9:66:53:73:a4:92:47:a9:d5:8e:b5:90:b2:a9:62:69:32:
e3:2c:f5:28:e6:d3:6c:d9:94:af:83:11:04:30:95:48:e2:9e:
2d:bf:67:63:95:97:32:99:28:b7:87:3d:dc:97:41:08:72:f7:
89:6a:94:bb:fe:62:cd:08:f6:d6:0b:86:60:5b:d7:4d:eb:df:
40:70:d9:bd:cb:e0:24:b8:ee:62:5a:7f:58:d3:3d:11:53:63:
34:aa:af:59:6b:86:30:ab:fb:55:40:cc:e3:65:0e:d6:36:b4:
dc:d1:db:a4:bc:1c:7a:51:cf:8a:7d:41:0a:e6:3a:16:c9:43:
e6:9e:41:31:f3:4f:81:c1:24:e8:fb:c5:db:87:c8:01:f5:b8:
60:ed:2a:0e:fc:31:59:26:63:fb:60:26:8f:52:0c:7c:19:b7:
29:18:c9:12:eb:80:6c:aa:25:46:41:92:1a:3a:e1:df:9e:94:
1f:92:01:90:b0:92:2c:e0:dd:31:81:a2:c0:ae:05:ae:85:c2:
ee:ce:63:2c:c8:3f:41:f9:06:8b:66:56:05:e7:58:7d:3f:d0:
ed:05:25:ea:1e:d0:69:24:f0:e3:dd:0a:d8:2e:ba:fe:d9:1a:
ba:39:2b:7d
-----BEGIN TRUST_ANCHOR_CONSTRAINED-----
MIIDVDCCAjygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbSSc420xJ2Ij9niX5k
bgn067jXZj6SGPIrLE5KyneXg8x5ONJQ6s9+z9z6gwVh0XCP4zKFOVJXC3dioGPO
aXnQpSyVBpI48RJBS12HHo7FQCg2Fsa9/B/KB3PVHcVdRlYDx/Zn+5GrQ/tTSKRv
decLEPE9qhRCMgux/BCB0BgbG73R/ekNU2Q+jz7f8AcuuLIjdOqbI3wVQuVTGgyA
HkndTvrkUKjidD8JT7wccX1y/noVrC4Lm4xBK84ypPVAcWvoLJOpQQNTlaBKaC3w
th4B2n00Rz3V++9jmnLf6BQIGikpqsP/N/TuN6RF2tEslBzz32JB8tAADiwGiBJx
jX8CAwEAAaOBujCBtzAdBgNVHQ4EFgQUdX1iV7yBJlhnTUn4BBESYmM8PNwwHwYD
VR0jBBgwFoAUdX1iV7yBJlhnTUn4BBESYmM8PNwwNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAUhbOXFWqw3aAWmDuioX1n2TKbblmU3Ok
kkep1Y61kLKpYmky4yz1KObTbNmUr4MRBDCVSOKeLb9nY5WXMpkot4c93JdBCHL3
iWqUu/5izQj21guGYFvXTevfQHDZvcvgJLjuYlp/WNM9EVNjNKqvWWuGMKv7VUDM
42UO1ja03NHbpLwcelHPin1BCuY6FslD5p5BMfNPgcEk6PvF24fIAfW4YO0qDvwx
WSZj+2Amj1IMfBm3KRjJEuuAbKolRkGSGjrh356UH5IBkLCSLODdMYGiwK4FroXC
7s5jLMg/QfkGi2ZWBedYfT/Q7QUl6h7QaSTw490K2C66/tkaujkrfQ==
-----END TRUST_ANCHOR_CONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
SUCCESS
-----BEGIN VERIFY_RESULT-----
U1VDQ0VTUw==
-----END VERIFY_RESULT-----