blob: cdb2edebb3a64c9df81139927d00742b52a34fcf [file] [log] [blame]
[Created by: generate-expired-unconstrained-root.py]
Certificate chain with 1 intermediate, where the root certificate is expired
(violates validity.notAfter). Verification is expected to succeed as
the trust anchor has no constraints (so expiration of the certificate is not
enforced).
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b3:fa:1c:ab:da:95:23:00:c5:f7:9d:3e:fa:be:
50:46:36:b3:b8:6c:9b:ed:57:22:ae:c1:19:65:f5:
53:9b:55:48:bd:9f:59:95:8f:a6:a8:33:25:87:f8:
69:be:58:ac:73:1f:aa:5b:0d:8d:ed:65:53:a8:fd:
a4:99:92:d7:9f:a2:ce:9d:09:a7:af:65:dd:e7:1c:
18:9d:61:6e:3f:05:7c:09:10:03:50:90:03:3a:20:
7c:b5:80:f3:16:8b:d8:1e:c9:e4:53:5d:1c:6e:e2:
b3:b3:9d:87:fa:2b:47:25:fe:ee:8b:4e:22:35:cc:
22:59:94:78:13:57:67:69:ab:99:14:70:94:2c:0e:
32:e3:bc:89:b4:e4:b1:09:4b:ae:bd:6d:7e:cd:a8:
ff:ee:37:8b:1a:25:5e:ae:21:51:e2:cb:9c:6a:a5:
27:23:62:c7:62:89:a1:69:13:c3:03:ec:f9:a7:5a:
90:e2:e0:c5:c7:6d:ec:76:f5:76:88:f5:15:1a:4d:
00:da:38:51:ea:03:16:a4:90:74:87:6e:ba:23:3a:
91:58:a0:94:6c:3c:8c:f1:c6:2f:69:9e:41:1a:50:
ea:3b:d1:a6:d2:9b:50:04:63:ca:b7:c1:eb:04:07:
89:40:43:07:1e:84:d5:6c:08:01:50:7f:7b:aa:9e:
c4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E0:2F:8E:DD:4A:65:2F:EE:52:E4:0F:3B:8A:28:80:D6:17:C4:76
X509v3 Authority Key Identifier:
keyid:A8:9E:04:25:6D:55:C9:D7:11:47:D3:DD:67:71:0E:7E:88:89:49:71
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
95:07:d3:f3:57:d3:2d:c3:f9:d5:4a:d4:54:85:1f:25:3d:3c:
e8:34:6f:6e:bc:5a:b3:50:fd:4f:b5:cf:87:54:26:7b:ab:4d:
5d:28:af:29:d1:24:ad:75:5d:3f:5b:68:63:b3:c0:20:82:8e:
c4:7f:58:7c:74:ea:d8:0d:50:11:63:43:ee:67:af:9f:16:c3:
89:f1:15:a6:94:a9:72:bb:0c:40:48:54:25:87:e7:94:6f:34:
f5:83:03:ed:2a:6f:b6:2d:b7:70:4d:8b:6e:31:80:0c:dd:3d:
9a:84:5a:55:ce:b7:08:a9:15:59:66:ec:a9:a1:4f:79:73:16:
a2:6a:44:1f:7a:6d:69:f2:de:a0:50:07:da:01:4b:22:2e:40:
f4:8b:e7:7c:f3:cd:27:fd:92:eb:fd:e8:4a:da:32:91:6a:ec:
b8:0c:49:db:f8:73:5e:a4:83:a2:c2:40:dd:e0:78:f9:3c:83:
39:e4:22:88:7c:d1:cf:58:4a:4c:f1:0b:4f:21:94:c4:fb:4e:
a8:c4:84:ce:6a:7c:ff:0c:9b:1f:c6:db:67:22:6d:29:2f:28:
81:60:c2:a3:ab:af:fa:f9:a5:55:83:35:97:1d:17:23:2a:32:
75:92:7b:2b:67:99:3c:25:f4:b5:c8:74:ac:05:7e:59:43:5c:
47:38:16:9b
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+hyr
2pUjAMX3nT76vlBGNrO4bJvtVyKuwRll9VObVUi9n1mVj6aoMyWH+Gm+WKxzH6pb
DY3tZVOo/aSZktefos6dCaevZd3nHBidYW4/BXwJEANQkAM6IHy1gPMWi9geyeRT
XRxu4rOznYf6K0cl/u6LTiI1zCJZlHgTV2dpq5kUcJQsDjLjvIm05LEJS669bX7N
qP/uN4saJV6uIVHiy5xqpScjYsdiiaFpE8MD7PmnWpDi4MXHbex29XaI9RUaTQDa
OFHqAxakkHSHbrojOpFYoJRsPIzxxi9pnkEaUOo70abSm1AEY8q3wesEB4lAQwce
hNVsCAFQf3uqnsRNAgMBAAGjgekwgeYwHQYDVR0OBBYEFL3gL47dSmUv7lLkDzuK
KIDWF8R2MB8GA1UdIwQYMBaAFKieBCVtVcnXEUfT3WdxDn6IiUlxMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAlQfT81fTLcP51UrUVIUf
JT086DRvbrxas1D9T7XPh1Qme6tNXSivKdEkrXVdP1toY7PAIIKOxH9YfHTq2A1Q
EWND7mevnxbDifEVppSpcrsMQEhUJYfnlG809YMD7Spvti23cE2LbjGADN09moRa
Vc63CKkVWWbsqaFPeXMWompEH3ptafLeoFAH2gFLIi5A9IvnfPPNJ/2S6/3oStoy
kWrsuAxJ2/hzXqSDosJA3eB4+TyDOeQiiHzRz1hKTPELTyGUxPtOqMSEzmp8/wyb
H8bbZyJtKS8ogWDCo6uv+vmlVYM1lx0XIyoydZJ7K2eZPCX0tch0rAV+WUNcRzgW
mw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c0:b1:53:c8:38:a8:e5:4e:90:c9:19:52:07:46:
ec:7c:87:46:9e:ac:a4:c9:51:89:9c:55:43:98:a0:
58:60:59:ce:73:e2:53:df:4a:e5:fb:ee:57:a9:9c:
da:d3:c4:76:6b:82:77:94:ee:83:39:e5:d6:6e:ed:
e1:3f:6e:80:a0:51:82:85:79:14:53:b6:aa:15:d8:
d7:7a:1a:96:26:8f:09:b8:29:b4:c8:6c:a7:80:e6:
10:18:ec:d7:f7:b0:ff:59:19:45:f8:37:de:28:bd:
56:4f:67:53:c1:80:44:7d:80:b5:dd:d6:6f:bf:3b:
1f:02:f3:00:67:88:7d:36:65:13:39:7d:3e:a8:35:
13:54:e4:91:c8:ee:f1:53:fd:af:f7:3b:f8:59:e0:
bc:e0:1e:ac:41:01:d1:b8:01:ee:ae:d2:39:b8:fa:
57:6e:b2:7a:98:5f:51:ac:d6:6a:38:80:6b:01:64:
13:96:d7:0b:74:5f:76:82:d9:44:9d:47:26:cc:59:
9a:22:3c:72:eb:20:9a:d9:2b:b1:dd:cd:0a:54:0b:
77:0b:83:2c:0d:bf:b4:62:4a:fc:87:84:4f:29:8d:
fc:6c:b9:3a:4c:8b:45:85:2b:48:7d:2c:33:1f:ac:
8b:77:39:8c:cb:0c:f4:08:93:4c:ec:34:15:be:81:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9E:04:25:6D:55:C9:D7:11:47:D3:DD:67:71:0E:7E:88:89:49:71
X509v3 Authority Key Identifier:
keyid:29:13:82:EE:25:10:7F:40:23:D6:A7:1B:28:25:35:8A:E8:B6:AA:28
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
57:37:54:5c:fd:ce:4e:4c:0f:b5:37:13:0d:0e:5f:dd:d8:4c:
17:53:38:e6:07:65:6c:67:80:e0:75:25:26:78:7b:2e:b8:1a:
6c:31:44:a1:5f:73:83:6d:34:1e:ff:76:42:d5:ad:ab:c0:b9:
cc:25:9e:88:7f:be:29:db:49:25:08:5d:3b:7d:43:2e:85:66:
ff:fe:b5:d4:aa:21:7a:b8:5a:b4:49:ab:c6:ef:8d:28:64:f4:
ea:be:64:33:c4:94:c6:31:f5:cc:55:cb:f1:20:be:e6:85:03:
32:99:61:e0:09:3c:e6:df:61:9a:c5:45:ea:f8:a3:f8:c1:6d:
ff:7b:44:04:8e:7f:74:89:ab:39:5a:fc:a6:09:77:9c:5d:1c:
99:a8:db:bc:2a:8e:19:25:8d:e3:10:37:94:42:e7:37:9c:16:
ba:be:4b:67:94:5f:18:2e:ae:e3:fd:ef:15:12:7d:4b:5a:47:
b7:45:7a:ee:27:3f:e1:6b:42:02:75:40:36:50:fd:6c:1e:de:
8a:b9:f7:d5:f8:69:0c:fd:58:65:35:64:a2:ca:c5:1e:b3:aa:
a0:4b:42:22:00:e3:d8:e7:b4:e8:69:48:37:42:55:60:24:48:
9a:d8:42:9e:d9:cf:2b:3c:9e:b1:fc:2f:39:5d:b5:fe:e3:72:
44:e4:00:50
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLFTyDio
5U6QyRlSB0bsfIdGnqykyVGJnFVDmKBYYFnOc+JT30rl++5XqZza08R2a4J3lO6D
OeXWbu3hP26AoFGChXkUU7aqFdjXehqWJo8JuCm0yGyngOYQGOzX97D/WRlF+Dfe
KL1WT2dTwYBEfYC13dZvvzsfAvMAZ4h9NmUTOX0+qDUTVOSRyO7xU/2v9zv4WeC8
4B6sQQHRuAHurtI5uPpXbrJ6mF9RrNZqOIBrAWQTltcLdF92gtlEnUcmzFmaIjxy
6yCa2Sux3c0KVAt3C4MsDb+0Ykr8h4RPKY38bLk6TItFhStIfSwzH6yLdzmMywz0
CJNM7DQVvoEJowIDAQABo4HLMIHIMB0GA1UdDgQWBBSongQlbVXJ1xFH091ncQ5+
iIlJcTAfBgNVHSMEGDAWgBQpE4LuJRB/QCPWpxsoJTWK6LaqKDA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AFc3VFz9zk5MD7U3Ew0OX93YTBdTOOYHZWxngOB1JSZ4ey64GmwxRKFfc4NtNB7/
dkLVravAucwlnoh/vinbSSUIXTt9Qy6FZv/+tdSqIXq4WrRJq8bvjShk9Oq+ZDPE
lMYx9cxVy/EgvuaFAzKZYeAJPObfYZrFRer4o/jBbf97RASOf3SJqzla/KYJd5xd
HJmo27wqjhkljeMQN5RC5zecFrq+S2eUXxguruP97xUSfUtaR7dFeu4nP+FrQgJ1
QDZQ/Wwe3oq599X4aQz9WGU1ZKLKxR6zqqBLQiIA49jntOhpSDdCVWAkSJrYQp7Z
zys8nrH8Lzldtf7jckTkAFA=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Mar 1 12:00:00 2015 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b4:d2:a3:a5:24:1a:21:0c:58:52:09:77:f1:ab:
2d:49:cb:b0:e5:e2:3c:12:9a:bd:a8:df:36:37:fe:
be:97:6f:18:b0:8e:51:08:94:c1:8e:3e:8f:f0:ae:
23:19:5e:0a:eb:5e:02:a1:bb:be:61:83:39:cb:52:
e1:8f:0e:ba:61:c4:4b:53:09:c3:f7:38:a3:95:fc:
89:86:06:59:bc:0c:b5:e1:a2:d3:6d:d8:84:de:75:
80:7b:1d:04:04:b0:94:03:07:42:b4:73:52:96:b0:
68:3c:08:e3:b3:af:e9:29:60:f6:4f:6f:8a:42:fc:
85:63:f6:18:d6:12:6c:6e:94:eb:c3:c0:60:12:19:
f8:61:d6:47:72:46:1a:cd:ed:6a:0b:65:cc:91:68:
ec:a7:c7:f1:c8:7a:44:5c:1e:e8:8e:2b:ed:50:82:
a2:1d:31:31:be:bd:06:56:52:20:bf:37:25:3d:cf:
18:7f:87:94:ba:c7:9d:6e:68:7f:96:29:20:b7:dc:
fc:73:d9:26:82:6e:f1:97:c2:48:9d:71:35:5c:3e:
b6:86:69:e5:b5:1a:e9:08:4e:dc:dd:c5:0d:e1:4e:
08:97:0a:41:1a:39:56:b1:31:02:0f:c2:e2:94:a0:
3a:e0:d8:77:6e:a9:b6:fe:1d:8e:38:ad:52:e6:de:
59:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:13:82:EE:25:10:7F:40:23:D6:A7:1B:28:25:35:8A:E8:B6:AA:28
X509v3 Authority Key Identifier:
keyid:29:13:82:EE:25:10:7F:40:23:D6:A7:1B:28:25:35:8A:E8:B6:AA:28
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
6a:88:6c:4d:9f:ee:e6:a5:ec:19:64:e7:b9:86:03:c5:f0:32:
92:69:3b:35:03:b8:87:12:db:48:78:5d:44:3b:75:e2:3b:87:
7d:ef:96:83:93:06:93:fc:17:58:71:3e:c6:b0:8b:5b:13:2b:
c7:97:42:ed:3e:de:4a:96:cd:f1:df:3a:90:96:7f:f1:21:72:
90:58:9b:77:cc:80:2d:19:5a:b1:6f:d6:dd:c8:fc:b7:32:1d:
8f:77:d4:5e:f0:9d:e4:05:8a:ae:d9:7c:58:fa:00:6e:9f:f9:
9a:2e:11:25:8b:28:5c:4b:76:ef:62:4d:ff:55:bc:aa:77:fa:
87:33:3c:f5:a9:87:b5:d5:7f:e0:ef:51:a5:74:9a:04:5b:e9:
35:f8:e6:43:d0:82:9a:db:4a:90:df:56:20:1d:31:b1:56:bc:
73:0b:5e:91:bb:a6:62:37:fc:ba:dd:f7:24:69:54:95:c3:28:
41:68:21:16:9f:d6:32:b6:17:88:29:52:f6:d3:2b:98:2f:28:
78:c3:67:b3:76:83:df:a9:86:01:cd:c2:bf:e0:84:61:56:76:
f5:1f:12:d4:d1:fb:9e:c0:1b:22:c8:9e:05:4c:34:3b:93:54:
1e:0a:db:41:91:9a:07:8d:aa:f8:fd:8d:89:ec:eb:32:b3:10:
4f:52:53:68
-----BEGIN TRUST_ANCHOR_UNCONSTRAINED-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE1MDMwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTSo6UkGiEMWFIJd/Gr
LUnLsOXiPBKavajfNjf+vpdvGLCOUQiUwY4+j/CuIxleCuteAqG7vmGDOctS4Y8O
umHES1MJw/c4o5X8iYYGWbwMteGi023YhN51gHsdBASwlAMHQrRzUpawaDwI47Ov
6Slg9k9vikL8hWP2GNYSbG6U68PAYBIZ+GHWR3JGGs3tagtlzJFo7KfH8ch6RFwe
6I4r7VCCoh0xMb69BlZSIL83JT3PGH+HlLrHnW5of5YpILfc/HPZJoJu8ZfCSJ1x
NVw+toZp5bUa6QhO3N3FDeFOCJcKQRo5VrExAg/C4pSgOuDYd26ptv4djjitUube
WeMCAwEAAaOByzCByDAdBgNVHQ4EFgQUKROC7iUQf0Aj1qcbKCU1iui2qigwHwYD
VR0jBBgwFoAUKROC7iUQf0Aj1qcbKCU1iui2qigwNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBqiGxNn+7m
pewZZOe5hgPF8DKSaTs1A7iHEttIeF1EO3XiO4d975aDkwaT/BdYcT7GsItbEyvH
l0LtPt5Kls3x3zqQln/xIXKQWJt3zIAtGVqxb9bdyPy3Mh2Pd9Re8J3kBYqu2XxY
+gBun/maLhEliyhcS3bvYk3/Vbyqd/qHMzz1qYe11X/g71GldJoEW+k1+OZD0IKa
20qQ31YgHTGxVrxzC16Ru6ZiN/y63fckaVSVwyhBaCEWn9YytheIKVL20yuYLyh4
w2ezdoPfqYYBzcK/4IRhVnb1HxLU0fuewBsiyJ4FTDQ7k1QeCttBkZoHjar4/Y2J
7OsysxBPUlNo
-----END TRUST_ANCHOR_UNCONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
SUCCESS
-----BEGIN VERIFY_RESULT-----
U1VDQ0VTUw==
-----END VERIFY_RESULT-----