Google Git
Sign in
chromium / chromium / src.git / 0de7df17b0f15613b30a422226d96c6429255d5c / . / net / data / verify_certificate_chain_unittest / intermediate-basic-constraints-ca-false.pem
blob: f0e39d14f83cd79c5fef160261cd4474e8600ef5 [file] [log] [blame]
[Created by: generate-intermediate-basic-constraints-ca-false.py]
Certificate chain with 1 intermediate and a trusted root. The intermediate
has a basic constraints extension that indicates it is NOT a CA. Verification
is expected to fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b7:1c:6d:3b:54:28:d0:fa:14:25:fe:22:77:55:
16:d3:25:34:af:cd:e7:5a:8a:38:4b:82:99:95:6d:
e1:99:f7:f3:1d:53:2d:8e:90:b2:d5:4e:7e:e7:0c:
9d:73:98:5e:3b:ed:bc:4f:fe:c7:38:f7:8a:ce:b7:
08:0f:bd:78:18:9a:ec:f2:21:9e:25:ba:bc:24:3f:
22:73:60:f7:2c:fa:9a:e9:aa:f8:75:65:4e:af:4e:
d9:01:f3:27:3e:c8:f5:b5:27:98:bd:a2:f6:34:ad:
70:c8:5e:fb:3f:87:08:dc:d0:a6:30:c1:35:ee:95:
7b:f2:7a:59:03:7e:03:39:fb:51:be:b3:13:54:cc:
15:68:e1:b7:97:40:cf:e4:ff:84:a2:10:75:6d:d5:
29:f8:91:8d:38:0a:92:c6:34:89:89:c2:d4:49:84:
35:94:f9:08:ad:8c:44:10:3e:49:40:21:53:bb:6e:
1b:20:1c:ce:e3:c8:a7:c7:e9:ab:4f:3f:f2:21:47:
3a:d5:0a:59:6f:a9:59:42:ff:c5:7c:6a:c5:fc:79:
29:05:a0:07:47:64:39:d0:bc:a1:86:64:c8:4c:08:
ec:f2:03:47:7c:00:ce:02:ff:5a:02:59:d3:ee:2c:
db:35:32:e9:24:a2:c2:f8:50:c8:3e:10:b1:dd:0a:
5d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:34:C9:78:9C:53:67:7A:2C:96:D9:3F:63:F2:18:3D:49:A8:44:87
X509v3 Authority Key Identifier:
keyid:9C:93:40:54:48:97:2B:0C:3B:AF:CE:5C:79:97:26:EC:32:33:4C:FB
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
72:78:37:46:b3:e3:d4:01:73:3a:59:1c:5f:13:27:10:46:dd:
ec:b1:9e:7c:6d:d8:a7:ac:b1:62:36:57:2a:44:17:d4:64:22:
18:67:ae:84:0b:6b:53:49:76:15:a3:d3:7e:69:ae:d4:54:5d:
46:11:0a:15:1c:ee:91:ab:da:6a:88:24:b0:ae:21:ee:a2:e6:
de:c4:cb:79:93:62:18:7d:4e:ee:d8:83:7d:65:63:f3:9c:08:
ca:28:5c:af:51:9f:36:b2:c3:06:3c:ec:cf:35:84:c5:9e:bc:
75:03:be:e5:23:4e:7f:67:7d:86:14:df:21:4d:5e:d3:b7:86:
d6:14:cd:84:3a:3d:29:4f:de:e5:db:ac:96:a9:58:cf:02:e4:
c4:b1:26:08:34:f5:a4:3f:47:a1:0f:b3:0b:69:29:78:50:ba:
a9:eb:4a:44:fc:e7:bf:e9:ce:ba:8b:dc:b9:6a:25:c6:11:32:
24:a0:59:7c:6e:4d:6c:cf:1b:f2:06:0f:5f:d7:4d:35:b1:f9:
a2:f7:c4:b0:b4:bb:ab:58:b5:ba:09:39:0d:50:d9:c2:a4:eb:
d9:79:23:40:ed:51:97:75:de:f5:14:c0:dc:ea:9f:6a:80:70:
ef:4e:b8:52:26:46:fc:70:e8:83:9c:2c:e8:63:b0:7f:81:a3:
4e:91:35:02
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3HG07
VCjQ+hQl/iJ3VRbTJTSvzedaijhLgpmVbeGZ9/MdUy2OkLLVTn7nDJ1zmF477bxP
/sc494rOtwgPvXgYmuzyIZ4lurwkPyJzYPcs+prpqvh1ZU6vTtkB8yc+yPW1J5i9
ovY0rXDIXvs/hwjc0KYwwTXulXvyelkDfgM5+1G+sxNUzBVo4beXQM/k/4SiEHVt
1Sn4kY04CpLGNImJwtRJhDWU+QitjEQQPklAIVO7bhsgHM7jyKfH6atPP/IhRzrV
CllvqVlC/8V8asX8eSkFoAdHZDnQvKGGZMhMCOzyA0d8AM4C/1oCWdPuLNs1Mukk
osL4UMg+ELHdCl0bAgMBAAGjgekwgeYwHQYDVR0OBBYEFAM0yXicU2d6LJbZP2Py
GD1JqESHMB8GA1UdIwQYMBaAFJyTQFRIlysMO6/OXHmXJuwyM0z7MD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAcng3RrPj1AFzOlkcXxMn
EEbd7LGefG3Yp6yxYjZXKkQX1GQiGGeuhAtrU0l2FaPTfmmu1FRdRhEKFRzukava
aogksK4h7qLm3sTLeZNiGH1O7tiDfWVj85wIyihcr1GfNrLDBjzszzWExZ68dQO+
5SNOf2d9hhTfIU1e07eG1hTNhDo9KU/e5duslqlYzwLkxLEmCDT1pD9HoQ+zC2kp
eFC6qetKRPznv+nOuovcuWolxhEyJKBZfG5NbM8b8gYPX9dNNbH5ovfEsLS7q1i1
ugk5DVDZwqTr2XkjQO1Rl3Xe9RTA3OqfaoBw7064UiZG/HDog5ws6GOwf4GjTpE1
Ag==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:22:75:92:c4:7c:6f:77:4d:46:f7:17:84:1b:
e2:08:1f:ff:71:7e:4d:6d:a4:e7:0f:58:46:84:61:
22:02:70:4e:b8:45:3a:e2:10:d1:cf:ff:91:7c:12:
8e:7d:19:ab:0a:46:ac:1b:d6:d6:05:b6:99:43:9b:
ab:e5:cf:ee:62:e9:94:21:84:72:5b:63:6e:5a:e1:
25:42:c3:b7:ee:31:5f:e0:e7:69:19:01:a2:d5:54:
70:f8:aa:aa:24:5b:3b:4d:2b:cd:2f:e4:2a:a4:be:
ba:2f:ab:a2:b6:f8:84:71:f3:23:bc:12:68:26:1e:
49:d0:87:3e:46:46:33:47:70:f2:42:d4:3f:ba:9c:
89:7d:4f:6e:a5:35:cf:d9:46:a8:63:c4:35:4a:e7:
4f:f2:e0:51:90:8e:08:ed:2e:ae:18:ac:5d:16:44:
25:32:fa:1b:3c:14:e9:37:69:9f:72:48:01:a5:1b:
f3:e1:e7:75:ec:ca:92:83:48:a4:67:e1:8d:c1:dd:
15:02:e4:4a:82:93:d3:f3:27:9e:66:ce:a8:3a:17:
d2:c6:a7:08:31:ba:d2:e8:e7:fa:53:b6:4f:09:d8:
7e:e4:53:b2:f1:03:d9:c4:31:0c:6d:32:a0:9d:08:
d3:c4:bb:db:45:11:68:80:ba:f8:52:dc:19:9e:67:
68:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:93:40:54:48:97:2B:0C:3B:AF:CE:5C:79:97:26:EC:32:33:4C:FB
X509v3 Authority Key Identifier:
keyid:6F:25:CD:4D:1F:09:D0:5A:D5:3A:23:08:72:F1:9D:08:8A:1D:CA:34
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
14:4a:f9:6f:29:a6:a1:1b:2b:d7:3d:5d:14:83:05:1a:46:ac:
73:64:d5:b7:09:87:0f:08:1d:b2:ac:1c:db:79:05:e4:62:fa:
37:7d:78:82:c9:7c:44:f3:01:9a:a6:31:78:ac:af:1e:53:9e:
84:ab:95:f0:2e:48:62:d6:3e:a3:95:35:1e:18:c6:9e:0d:15:
9e:94:0f:bd:8c:1b:f6:de:48:d8:cd:7c:9b:23:4d:bb:d0:f6:
df:bb:27:a6:55:82:07:3e:27:2e:80:6e:b3:67:06:67:6d:b6:
f8:5f:60:58:ab:d8:9d:f6:4b:6b:a8:9a:be:9e:c3:69:e8:15:
00:61:9f:b2:24:6d:bd:d5:e3:7e:c7:83:66:4e:12:58:b7:c1:
c1:0e:de:1a:dc:ae:4d:19:78:b8:6c:48:fb:5b:fc:a2:86:0b:
60:77:d7:cb:d6:e6:c9:13:5f:cf:d6:98:6c:ab:9e:9b:9d:99:
4c:87:91:3e:d1:4a:ad:ef:84:f6:45:cc:da:99:fa:ff:57:df:
be:44:70:f9:0c:38:63:c0:31:44:45:05:46:9a:63:db:dd:a0:
f5:dc:1b:f8:51:d8:30:e5:47:23:29:d1:79:a5:e6:1e:87:2b:
c3:f8:0e:fe:de:13:bb:cd:a5:14:f3:d8:0b:34:73:47:68:07:
8a:ac:e0:65
-----BEGIN CERTIFICATE-----
MIIDajCCAlKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiJ1ksR8
b3dNRvcXhBviCB//cX5NbaTnD1hGhGEiAnBOuEU64hDRz/+RfBKOfRmrCkasG9bW
BbaZQ5ur5c/uYumUIYRyW2NuWuElQsO37jFf4OdpGQGi1VRw+KqqJFs7TSvNL+Qq
pL66L6uitviEcfMjvBJoJh5J0Ic+RkYzR3DyQtQ/upyJfU9upTXP2UaoY8Q1SudP
8uBRkI4I7S6uGKxdFkQlMvobPBTpN2mfckgBpRvz4ed17MqSg0ikZ+GNwd0VAuRK
gpPT8yeeZs6oOhfSxqcIMbrS6Of6U7ZPCdh+5FOy8QPZxDEMbTKgnQjTxLvbRRFo
gLr4UtwZnmdomQIDAQABo4HIMIHFMB0GA1UdDgQWBBSck0BUSJcrDDuvzlx5lybs
MjNM+zAfBgNVHSMEGDAWgBRvJc1NHwnQWtU6Iwhy8Z0Iih3KNDA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBABRK
+W8ppqEbK9c9XRSDBRpGrHNk1bcJhw8IHbKsHNt5BeRi+jd9eILJfETzAZqmMXis
rx5TnoSrlfAuSGLWPqOVNR4Yxp4NFZ6UD72MG/beSNjNfJsjTbvQ9t+7J6ZVggc+
Jy6AbrNnBmdttvhfYFir2J32S2uomr6ew2noFQBhn7Ikbb3V437Hg2ZOEli3wcEO
3hrcrk0ZeLhsSPtb/KKGC2B318vW5skTX8/WmGyrnpudmUyHkT7RSq3vhPZFzNqZ
+v9X375EcPkMOGPAMURFBUaaY9vdoPXcG/hR2DDlRyMp0Xml5h6HK8P4Dv7eE7vN
pRTz2As0c0doB4qs4GU=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c4:3e:31:36:4f:df:d0:36:0e:06:5c:89:2c:c8:
01:c6:18:a4:e7:1f:82:11:af:30:66:28:7c:c3:14:
b2:ff:a4:6c:6a:c0:f4:ae:58:82:5f:91:e6:78:19:
d7:d2:87:5c:9e:75:3a:af:c0:fd:e8:18:c4:81:b4:
51:be:f7:c3:0d:74:d7:8a:53:01:28:c9:da:93:f4:
a6:da:51:6a:d1:23:78:1b:ab:17:46:e6:bb:71:4e:
33:8b:9d:e1:75:7e:56:3b:00:02:74:fe:1f:49:01:
81:0f:59:05:d6:2a:a0:48:db:9f:fc:29:6e:77:6e:
e3:78:63:4d:12:9f:f5:54:63:a5:1e:b2:c4:83:62:
ac:79:76:bd:80:d9:4c:dd:99:44:91:c3:31:fd:0f:
3a:d8:13:6d:3c:4f:98:5b:50:e0:1a:84:b5:3b:e2:
0f:52:89:7f:b0:de:97:e2:f9:e5:0b:2c:c4:61:9a:
f3:4b:15:e3:f2:a3:30:44:b0:d4:a6:1a:dd:60:c0:
85:21:30:ed:b5:1e:6f:9f:50:db:ad:42:a6:3a:04:
7c:3f:ae:94:ed:eb:43:2a:d9:85:c8:1d:72:f4:61:
d5:27:7a:a4:62:93:56:37:4b:4e:d5:44:02:f0:29:
1f:70:2c:76:fb:2f:5b:d4:dc:86:09:03:fe:d9:13:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:25:CD:4D:1F:09:D0:5A:D5:3A:23:08:72:F1:9D:08:8A:1D:CA:34
X509v3 Authority Key Identifier:
keyid:6F:25:CD:4D:1F:09:D0:5A:D5:3A:23:08:72:F1:9D:08:8A:1D:CA:34
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
5e:dc:6f:dc:d9:7f:6f:75:c7:c8:27:62:2f:02:7c:c2:26:35:
82:6c:5e:93:88:34:9b:e2:fc:8a:89:9e:0a:a0:89:aa:08:e4:
1c:59:38:4b:c7:5c:ba:92:d5:ce:1a:b0:30:25:ba:69:c9:52:
6e:29:78:31:d6:49:c5:b3:64:e3:49:28:2d:3c:41:8a:10:c4:
77:f1:a8:77:37:50:52:ec:ed:bb:1a:61:3f:29:ad:3e:1a:56:
06:48:a0:89:17:91:77:67:bc:4d:68:9a:ac:a8:a8:ad:4a:05:
2a:33:18:7a:5e:b9:32:f5:c4:7b:c0:23:90:fb:78:9a:0a:18:
f3:9b:46:f1:3c:c5:f0:3c:1b:06:56:39:3b:ba:da:5e:7e:5f:
42:47:bc:fd:a6:bb:64:2d:db:9a:5b:60:61:e6:9d:a6:ac:c9:
24:20:ff:cd:b7:5d:ee:8e:04:92:a1:10:34:26:48:b2:b6:3a:
c7:9a:66:2e:f0:64:f0:61:64:ef:28:85:c9:94:46:6b:fb:c5:
0f:b9:f5:ef:51:5a:61:be:27:39:00:4c:00:7f:8a:49:14:7b:
1a:40:e5:e7:fe:d6:d0:a7:df:33:5c:86:1e:e5:4a:64:ff:e8:
8f:1f:9e:3c:d8:a9:a2:d2:0b:c3:53:b7:cf:f6:d1:92:84:be:
d9:e6:67:06
-----BEGIN TRUST_ANCHOR_UNCONSTRAINED-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQ+MTZP39A2DgZciSzI
AcYYpOcfghGvMGYofMMUsv+kbGrA9K5Ygl+R5ngZ19KHXJ51Oq/A/egYxIG0Ub73
ww1014pTASjJ2pP0ptpRatEjeBurF0bmu3FOM4ud4XV+VjsAAnT+H0kBgQ9ZBdYq
oEjbn/wpbndu43hjTRKf9VRjpR6yxINirHl2vYDZTN2ZRJHDMf0POtgTbTxPmFtQ
4BqEtTviD1KJf7Del+L55QssxGGa80sV4/KjMESw1KYa3WDAhSEw7bUeb59Q261C
pjoEfD+ulO3rQyrZhcgdcvRh1Sd6pGKTVjdLTtVEAvApH3AsdvsvW9TchgkD/tkT
XycCAwEAAaOByzCByDAdBgNVHQ4EFgQUbyXNTR8J0FrVOiMIcvGdCIodyjQwHwYD
VR0jBBgwFoAUbyXNTR8J0FrVOiMIcvGdCIodyjQwNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBe3G/c2X9v
dcfIJ2IvAnzCJjWCbF6TiDSb4vyKiZ4KoImqCOQcWThLx1y6ktXOGrAwJbppyVJu
KXgx1knFs2TjSSgtPEGKEMR38ah3N1BS7O27GmE/Ka0+GlYGSKCJF5F3Z7xNaJqs
qKitSgUqMxh6Xrky9cR7wCOQ+3iaChjzm0bxPMXwPBsGVjk7utpefl9CR7z9prtk
LduaW2Bh5p2mrMkkIP/Nt13ujgSSoRA0JkiytjrHmmYu8GTwYWTvKIXJlEZr+8UP
ufXvUVphvic5AEwAf4pJFHsaQOXn/tbQp98zXIYe5Upk/+iPH5482Kmi0gvDU7fP
9tGShL7Z5mcG
-----END TRUST_ANCHOR_UNCONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
FAIL
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----
Basic Constraints indicates not a CA
-----BEGIN ERRORS-----
QmFzaWMgQ29uc3RyYWludHMgaW5kaWNhdGVzIG5vdCBhIENB
-----END ERRORS-----