Google Git
Sign in
chromium / chromium / src.git / 0de7df17b0f15613b30a422226d96c6429255d5c / . / net / data / verify_certificate_chain_unittest / expired-constrained-root.pem
blob: 190fb56253a3156edd1a17c0bd8504dd90f236c7 [file] [log] [blame]
[Created by: generate-expired-constrained-root.py]
Certificate chain with 1 intermediate, where the root certificate is expired
(violates validity.notAfter). Verification is expected to succeed even though
the trust anchor is initialized with anchor constraints, since validity is
not enforced.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a8:bc:a9:2c:1c:80:81:33:16:83:62:e9:f7:0a:
0d:5a:8b:86:da:a8:45:2f:04:1c:18:c0:d6:e5:f7:
33:f3:76:86:eb:a3:07:6b:83:e1:75:e5:da:6d:1c:
ee:99:a1:d7:38:bb:29:9a:7d:8f:54:c6:d4:0e:88:
dd:b7:59:b2:a8:45:c3:c8:82:42:ca:8c:e5:21:f6:
94:b0:8f:59:41:64:0c:31:a2:93:f9:2a:38:fe:d8:
f5:e1:2e:b6:6c:f8:51:3f:9b:85:53:48:4e:34:30:
f1:cc:2b:c5:32:6d:ce:85:ed:69:d0:a3:53:3e:8c:
f7:4e:b1:d7:a6:ea:18:08:c6:23:d2:9e:13:e0:a6:
50:e7:ea:da:f8:a0:d0:0f:ef:54:9b:fe:8c:3f:a1:
ea:c8:13:1b:84:f6:44:c1:a9:7a:69:ef:34:99:41:
ec:a9:1c:b0:9b:39:ae:98:4c:fc:68:2d:ba:96:68:
d5:b7:cf:2c:f0:2f:35:8a:0f:73:7c:8a:a0:e1:7a:
0a:e4:3d:d0:05:e2:d9:d1:bd:30:d2:69:82:ba:31:
b4:c7:9a:29:d5:aa:97:36:e5:2a:92:85:fa:a9:87:
00:ef:5b:ec:db:5e:82:2b:78:dd:89:de:99:ff:d8:
35:17:eb:bc:57:c1:ae:11:52:63:ef:23:54:09:18:
f9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5D:22:BE:A2:20:5F:DC:69:8D:8A:6F:5B:CC:EF:D1:2A:AE:57:5B
X509v3 Authority Key Identifier:
keyid:9F:6B:C0:D8:24:51:E0:D7:89:F4:E0:74:B7:0D:D6:FF:8B:AF:58:04
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
1d:e0:a8:55:02:9d:d1:70:c6:ca:d2:82:75:35:ce:14:88:18:
65:5d:12:42:b2:80:8d:ae:c1:24:fe:e2:c8:ca:b0:51:d0:39:
24:e2:82:c1:96:bb:38:d1:54:dc:c0:51:dd:96:c0:d7:45:76:
cf:5c:37:fc:53:96:b0:c8:84:99:f9:4a:ad:03:98:1e:44:86:
81:36:e1:4b:3a:3d:bc:f0:b5:58:4d:83:3a:30:56:45:e0:89:
67:f6:61:cb:18:60:e9:53:42:a2:92:0b:dc:8f:6e:59:b2:9a:
bc:36:61:11:f2:90:17:72:5f:a8:e2:2f:43:22:e2:b0:7c:00:
69:64:e2:3f:69:15:32:56:1a:58:c3:b3:61:ec:37:a7:58:e3:
df:e2:e2:f0:04:5e:37:f5:07:7d:52:aa:21:32:35:d2:18:5a:
b8:17:ef:7a:cc:de:10:10:2b:ae:73:a7:d8:38:a5:32:58:65:
6c:9c:8e:e6:c9:93:e9:e0:54:bf:8b:01:cf:ee:a0:b6:dc:68:
26:af:fe:39:48:8b:aa:37:37:ca:9c:28:97:0a:60:f6:53:dd:
ff:81:34:c1:68:2f:05:84:86:9e:7e:89:cd:21:a5:66:85:63:
33:fb:1d:e6:70:88:56:f6:c2:34:60:0b:c3:f4:49:2a:c5:81:
82:72:da:1a
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCovKks
HICBMxaDYun3Cg1ai4baqEUvBBwYwNbl9zPzdobrowdrg+F15dptHO6Zodc4uyma
fY9UxtQOiN23WbKoRcPIgkLKjOUh9pSwj1lBZAwxopP5Kjj+2PXhLrZs+FE/m4VT
SE40MPHMK8Uybc6F7WnQo1M+jPdOsdem6hgIxiPSnhPgplDn6tr4oNAP71Sb/ow/
oerIExuE9kTBqXpp7zSZQeypHLCbOa6YTPxoLbqWaNW3zyzwLzWKD3N8iqDhegrk
PdAF4tnRvTDSaYK6MbTHminVqpc25SqShfqphwDvW+zbXoIreN2J3pn/2DUX67xX
wa4RUmPvI1QJGPl/AgMBAAGjgekwgeYwHQYDVR0OBBYEFCddIr6iIF/caY2Kb1vM
79EqrldbMB8GA1UdIwQYMBaAFJ9rwNgkUeDXifTgdLcN1v+Lr1gEMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAHeCoVQKd0XDGytKCdTXO
FIgYZV0SQrKAja7BJP7iyMqwUdA5JOKCwZa7ONFU3MBR3ZbA10V2z1w3/FOWsMiE
mflKrQOYHkSGgTbhSzo9vPC1WE2DOjBWReCJZ/Zhyxhg6VNCopIL3I9uWbKavDZh
EfKQF3JfqOIvQyLisHwAaWTiP2kVMlYaWMOzYew3p1jj3+Li8AReN/UHfVKqITI1
0hhauBfveszeEBArrnOn2DilMlhlbJyO5smT6eBUv4sBz+6gttxoJq/+OUiLqjc3
ypwolwpg9lPd/4E0wWgvBYSGnn6JzSGlZoVjM/sd5nCIVvbCNGALw/RJKsWBgnLa
Gg==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ae:5d:2a:68:be:2b:83:82:45:26:41:fc:7d:0a:
0a:91:4c:d4:b6:83:35:d5:ba:81:07:57:ce:9b:2c:
28:b0:e9:34:e3:60:f3:93:71:b2:a1:a7:57:9a:a4:
fb:5f:2f:22:c8:71:37:0a:22:de:b9:3d:d1:19:89:
06:3f:cd:bd:50:8d:57:4b:86:ca:2e:2c:5a:57:dd:
0d:2d:3b:83:31:d2:3a:ca:92:a1:a6:a5:79:3f:94:
a6:b3:b6:d0:64:31:ad:3e:28:cf:9c:6d:da:f4:df:
46:55:4b:89:ce:38:b1:dc:33:1d:05:56:ad:c0:75:
c2:21:0e:29:f5:10:52:85:a9:dd:cd:b1:cb:b3:74:
d7:d6:36:13:42:8b:d1:bc:71:8a:b9:65:64:b9:b4:
84:b7:49:6d:f7:95:f5:48:d9:0c:5f:84:b7:84:ab:
4c:4c:78:ed:b6:70:7b:f6:0c:3d:74:00:4a:e7:68:
fe:c2:00:f9:2e:dc:10:e7:4e:6e:87:6f:db:c7:cb:
06:53:2a:44:53:2f:84:f2:d0:2d:21:fc:60:00:69:
ba:fd:52:a0:86:84:c4:7e:88:7f:35:ab:41:45:38:
a7:c2:3f:d2:0f:20:26:3e:a4:8c:35:10:d3:93:52:
70:18:44:25:ef:89:ea:f3:10:a1:ce:33:69:88:11:
d1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6B:C0:D8:24:51:E0:D7:89:F4:E0:74:B7:0D:D6:FF:8B:AF:58:04
X509v3 Authority Key Identifier:
keyid:A8:0C:3D:AD:82:26:A9:EB:AF:61:CC:3D:E0:68:1D:82:DE:DB:D1:FD
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
69:1c:29:c5:7c:e3:18:58:86:0c:88:41:20:23:9d:75:07:22:
4b:89:1d:6a:08:15:cf:85:c2:8d:f4:17:37:9e:a0:7e:67:b9:
0e:95:80:b1:a8:8f:06:2d:5e:9d:67:5c:d3:a7:47:74:d3:f7:
00:fb:84:75:99:d4:b9:07:ba:3b:63:2c:d9:57:04:48:35:f4:
20:91:39:55:ad:86:27:4e:ba:22:17:85:9a:dd:e4:4f:dd:dd:
d4:d0:0a:5b:43:6c:2e:d1:4f:f8:50:32:64:a2:15:46:bb:82:
ef:d1:ff:17:2a:dd:13:50:81:7e:1c:5b:6e:50:7b:8c:72:03:
eb:58:9a:fd:e8:e6:f1:d7:c5:59:ff:18:2a:95:64:c0:53:84:
0f:c1:1c:66:73:24:29:81:ae:0d:b7:b1:fc:44:2d:fb:02:89:
70:97:c0:ed:91:6f:9b:57:7b:40:38:29:8c:fa:87:52:f8:db:
8a:3b:1c:a2:a3:c1:08:8b:cf:9a:6e:dc:a8:b3:96:5e:31:05:
af:5c:1c:21:8e:d3:fe:18:17:af:a9:77:92:6f:46:93:36:d2:
e1:4f:a2:d9:e4:5d:bf:61:ad:db:c4:87:61:79:c3:bd:c3:e1:
5b:d7:76:03:e3:fe:4a:75:a0:84:2b:ea:82:c1:d5:2c:6f:e7:
55:46:1f:36
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl0qaL4r
g4JFJkH8fQoKkUzUtoM11bqBB1fOmywosOk042Dzk3GyoadXmqT7Xy8iyHE3CiLe
uT3RGYkGP829UI1XS4bKLixaV90NLTuDMdI6ypKhpqV5P5Sms7bQZDGtPijPnG3a
9N9GVUuJzjix3DMdBVatwHXCIQ4p9RBShandzbHLs3TX1jYTQovRvHGKuWVkubSE
t0lt95X1SNkMX4S3hKtMTHjttnB79gw9dABK52j+wgD5LtwQ505uh2/bx8sGUypE
Uy+E8tAtIfxgAGm6/VKghoTEfoh/NatBRTinwj/SDyAmPqSMNRDTk1JwGEQl74nq
8xChzjNpiBHRCQIDAQABo4HLMIHIMB0GA1UdDgQWBBSfa8DYJFHg14n04HS3Ddb/
i69YBDAfBgNVHSMEGDAWgBSoDD2tgiap669hzD3gaB2C3tvR/TA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AGkcKcV84xhYhgyIQSAjnXUHIkuJHWoIFc+Fwo30FzeeoH5nuQ6VgLGojwYtXp1n
XNOnR3TT9wD7hHWZ1LkHujtjLNlXBEg19CCROVWthidOuiIXhZrd5E/d3dTQCltD
bC7RT/hQMmSiFUa7gu/R/xcq3RNQgX4cW25Qe4xyA+tYmv3o5vHXxVn/GCqVZMBT
hA/BHGZzJCmBrg23sfxELfsCiXCXwO2Rb5tXe0A4KYz6h1L424o7HKKjwQiLz5pu
3Kizll4xBa9cHCGO0/4YF6+pd5JvRpM20uFPotnkXb9hrdvEh2F5w73D4VvXdgPj
/kp1oIQr6oLB1Sxv51VGHzY=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Mar 1 12:00:00 2015 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b1:3a:fd:fa:bf:99:17:55:07:e6:61:ce:aa:d9:
34:6c:24:96:c6:72:78:40:b4:98:21:ba:82:d4:3c:
63:a2:17:75:45:d5:92:ee:63:e5:e1:75:16:cf:69:
fb:92:ee:80:a1:61:60:c4:bf:d1:a2:d8:e2:45:6b:
6b:0a:a0:2b:ee:c7:d4:9e:db:c7:7e:30:93:17:d8:
66:0d:c3:9e:da:d9:98:97:a2:bd:1a:3a:6e:cf:14:
d4:50:c6:30:60:09:9c:5c:4c:65:dd:23:5d:90:87:
80:06:16:5d:8b:0a:af:37:9b:bc:e9:83:61:dd:3e:
50:07:42:52:17:bc:68:de:20:d2:98:ee:5d:e5:24:
4d:7a:9d:50:e7:6a:81:2c:43:3f:0a:57:c1:a7:03:
a8:94:2e:e7:4f:0c:29:8e:cf:a2:13:06:e9:6f:e0:
22:ba:39:a9:d6:0f:0a:55:13:38:9b:67:5d:fa:59:
b5:6a:8c:8a:af:9e:73:b4:67:47:56:7f:1f:f6:96:
81:7f:b3:7f:9c:18:1e:3c:c6:76:3a:2d:ed:b0:ea:
81:60:0a:a1:d4:e3:70:c0:ef:62:58:4e:7e:43:c3:
3e:8e:c4:dd:13:64:57:ee:14:df:24:93:73:27:c4:
df:13:9a:87:67:b5:ea:e0:7e:0c:dd:1b:b2:88:1c:
a5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0C:3D:AD:82:26:A9:EB:AF:61:CC:3D:E0:68:1D:82:DE:DB:D1:FD
X509v3 Authority Key Identifier:
keyid:A8:0C:3D:AD:82:26:A9:EB:AF:61:CC:3D:E0:68:1D:82:DE:DB:D1:FD
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
45:91:23:ab:2f:b8:a2:2e:24:63:4b:bb:54:17:29:3d:86:9c:
7d:f8:a3:9d:88:4c:9e:89:bf:e9:1a:bc:35:73:27:e1:9d:3e:
e4:fc:3c:87:71:21:be:a5:bd:e7:e1:dd:44:b1:67:36:b6:1f:
0a:7c:a1:30:8a:57:23:5f:61:88:18:48:a4:15:0e:58:81:27:
a3:9a:42:f4:47:d7:f1:0c:c6:84:dd:03:8f:63:49:07:01:38:
6f:88:60:33:4d:45:73:9f:02:78:a2:1d:e1:a7:75:d7:18:7c:
b9:89:e5:ff:30:e6:45:5f:80:5f:f9:88:b5:89:bd:8f:d4:6c:
7d:af:c2:c7:4e:a1:83:74:08:cb:4d:e9:c1:e6:c6:c4:de:55:
10:19:fa:6a:04:89:0a:d8:54:cf:5d:58:f0:17:63:cb:db:0a:
18:6b:75:2a:36:97:3f:f9:ed:3c:c9:2d:8b:40:dd:63:3b:82:
f6:fa:0f:5a:31:6e:f9:4a:b8:18:ca:1a:0d:77:6b:b6:01:8e:
a8:4b:15:be:29:b6:9a:db:15:2a:8a:66:49:29:74:c2:68:c9:
80:0b:ce:de:aa:4d:54:d2:43:c2:7f:6b:ed:80:5a:0a:c7:bf:
d3:95:ed:d1:c1:e8:d0:f2:1f:dc:a7:22:e6:2d:52:b0:fe:d8:
b7:3d:bc:d1
-----BEGIN TRUST_ANCHOR_CONSTRAINED-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE1MDMwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALE6/fq/mRdVB+ZhzqrZ
NGwklsZyeEC0mCG6gtQ8Y6IXdUXVku5j5eF1Fs9p+5LugKFhYMS/0aLY4kVrawqg
K+7H1J7bx34wkxfYZg3DntrZmJeivRo6bs8U1FDGMGAJnFxMZd0jXZCHgAYWXYsK
rzebvOmDYd0+UAdCUhe8aN4g0pjuXeUkTXqdUOdqgSxDPwpXwacDqJQu508MKY7P
ohMG6W/gIro5qdYPClUTOJtnXfpZtWqMiq+ec7RnR1Z/H/aWgX+zf5wYHjzGdjot
7bDqgWAKodTjcMDvYlhOfkPDPo7E3RNkV+4U3ySTcyfE3xOah2e16uB+DN0bsogc
pZ0CAwEAAaOByzCByDAdBgNVHQ4EFgQUqAw9rYImqeuvYcw94Ggdgt7b0f0wHwYD
VR0jBBgwFoAUqAw9rYImqeuvYcw94Ggdgt7b0f0wNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBFkSOrL7ii
LiRjS7tUFyk9hpx9+KOdiEyeib/pGrw1cyfhnT7k/DyHcSG+pb3n4d1EsWc2th8K
fKEwilcjX2GIGEikFQ5YgSejmkL0R9fxDMaE3QOPY0kHAThviGAzTUVznwJ4oh3h
p3XXGHy5ieX/MOZFX4Bf+Yi1ib2P1Gx9r8LHTqGDdAjLTenB5sbE3lUQGfpqBIkK
2FTPXVjwF2PL2woYa3UqNpc/+e08yS2LQN1jO4L2+g9aMW75SrgYyhoNd2u2AY6o
SxW+Kbaa2xUqimZJKXTCaMmAC87eqk1U0kPCf2vtgFoKx7/Tle3RwejQ8h/cpyLm
LVKw/ti3PbzR
-----END TRUST_ANCHOR_CONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
SUCCESS
-----BEGIN VERIFY_RESULT-----
U1VDQ0VTUw==
-----END VERIFY_RESULT-----