blob: 19880c6160c2059361b2203385129e2b06f82b96 [file] [log] [blame]
[Created by: generate-chains.py]
Certificate chain where the supposed root certificate is wrong:
* The intermediate's "issuer" does not match the root's "subject"
* The intermediate's signature was not generated using the root's key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:d4:ce:21:aa:ed:06:7b:56:9b:0b:40:d4:28:fb:ff:a9:d9:2b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b3:d8:e1:c8:d6:ce:ed:3b:b7:8a:5b:17:c2:9e:
0c:04:f4:4e:ba:ad:1b:cf:c0:63:b7:c9:01:e9:7a:
28:d4:d8:0b:71:36:af:02:f6:44:fc:ce:5e:84:50:
fb:5f:ef:a0:b8:b5:77:62:c0:6c:9f:8f:4f:64:52:
67:04:0b:d3:92:31:a5:79:f3:8d:11:03:03:a2:c0:
da:ef:8f:b5:68:f8:55:f0:ac:9b:05:3a:df:ea:7b:
3b:06:f2:de:e3:b2:c5:27:3e:b9:39:90:c0:27:0d:
de:6c:a2:8e:e4:2e:f9:95:13:37:df:20:12:28:ae:
82:5e:91:3a:cb:75:ae:55:fb:07:d6:40:48:cd:6f:
9c:3e:07:0f:48:d1:8f:ba:db:fa:b2:7c:ce:29:10:
e0:6b:48:36:80:db:4c:10:19:a1:28:fb:e0:b5:4f:
b2:89:40:b7:6b:9a:af:a1:9b:b0:52:03:23:16:fb:
0f:5d:c6:c9:f2:98:08:c5:07:85:76:30:57:46:be:
85:46:ed:14:74:60:00:61:ce:f7:88:62:6c:0b:a2:
41:9c:5a:27:3f:e5:29:9c:36:73:a3:04:8b:ab:74:
2d:1e:f5:96:f7:b4:c2:51:77:a9:9c:ef:ac:fd:bc:
aa:cf:ba:98:cf:6c:1b:fc:e9:20:8c:dc:17:45:49:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7E:08:D5:73:67:A9:9C:5B:C1:26:14:D1:96:8E:09:88:11:32:67
X509v3 Authority Key Identifier:
keyid:3F:EE:51:69:3A:24:09:D6:26:3C:A4:08:22:1F:0D:77:7D:D5:E7:3B
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
6f:45:77:15:36:c4:de:ad:a1:91:fd:91:06:3c:ae:9b:c1:9d:
5a:0b:94:52:be:cf:a2:2b:3b:92:04:e1:dd:9b:a5:cd:ae:cb:
60:13:d0:f5:52:f8:83:e1:ae:6b:65:9d:e2:23:23:c6:2f:71:
40:b6:c8:95:45:8e:e6:11:aa:0e:b0:47:64:5d:3a:53:dc:4b:
72:19:69:87:e8:65:a3:a1:b5:da:5b:79:70:83:57:df:69:5e:
4a:fa:6e:6f:ec:83:d8:65:25:90:5d:d3:d2:99:9d:3b:78:56:
44:6c:b5:02:95:2e:b0:4a:4a:c4:13:48:f0:cb:6a:2b:8d:f1:
cf:93:21:c2:fe:b5:67:e9:a0:6b:d3:c0:f6:1d:7f:96:75:88:
cc:72:e8:a0:39:fd:b0:48:fa:be:a0:7c:e2:93:1c:58:16:78:
9e:60:9c:a3:ca:9d:76:43:f2:3b:c3:44:a0:e3:7a:0b:54:07:
07:20:86:94:6d:0f:61:08:6b:05:c5:b3:48:c7:90:42:2d:20:
65:73:ee:34:46:49:8d:23:35:5c:34:52:51:89:9d:60:f7:0f:
d4:b6:a6:ee:37:55:93:b3:3e:91:ac:b4:7c:37:47:20:67:de:
8a:7a:5f:f1:24:75:d1:4b:4c:a1:5b:62:c1:11:76:69:7e:28:
2e:09:02:c4
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIUb9TOIartBntWmwtA1Cj7/6nZK5swDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTE4MDMxMDEyMDAwMFoXDTIx
MDEwMTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAs9jhyNbO7Tu3ilsXwp4MBPROuq0bz8Bjt8kB6Xoo1NgL
cTavAvZE/M5ehFD7X++guLV3YsBsn49PZFJnBAvTkjGlefONEQMDosDa74+1aPhV
8KybBTrf6ns7BvLe47LFJz65OZDAJw3ebKKO5C75lRM33yASKK6CXpE6y3WuVfsH
1kBIzW+cPgcPSNGPutv6snzOKRDga0g2gNtMEBmhKPvgtU+yiUC3a5qvoZuwUgMj
FvsPXcbJ8pgIxQeFdjBXRr6FRu0UdGAAYc73iGJsC6JBnFonP+UpnDZzowSLq3Qt
HvWW97TCUXepnO+s/byqz7qYz2wb/OkgjNwXRUkSRQIDAQABo4HpMIHmMB0GA1Ud
DgQWBBQUfgjVc2epnFvBJhTRlo4JiBEyZzAfBgNVHSMEGDAWgBQ/7lFpOiQJ1iY8
pAgiHw13fdXnOzA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
ggEBAG9FdxU2xN6toZH9kQY8rpvBnVoLlFK+z6IrO5IE4d2bpc2uy2AT0PVS+IPh
rmtlneIjI8YvcUC2yJVFjuYRqg6wR2RdOlPcS3IZaYfoZaOhtdpbeXCDV99pXkr6
bm/sg9hlJZBd09KZnTt4VkRstQKVLrBKSsQTSPDLaiuN8c+TIcL+tWfpoGvTwPYd
f5Z1iMxy6KA5/bBI+r6gfOKTHFgWeJ5gnKPKnXZD8jvDRKDjegtUBwcghpRtD2EI
awXFs0jHkEItIGVz7jRGSY0jNVw0UlGJnWD3D9S2pu43VZOzPpGstHw3RyBn3op6
X/EkddFLTKFbYsERdml+KC4JAsQ=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:47:c8:ca:0d:d0:ba:cc:83:24:aa:c4:09:b2:53:44:d2:da:f7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e4:40:ac:b5:f3:c7:b0:dc:ca:07:85:b4:fa:5f:
0d:28:a4:0d:88:12:cb:05:a3:4f:bb:7d:01:88:de:
0c:b3:b9:0c:cc:3f:b4:6e:9f:d6:b6:a7:2a:6b:03:
c5:bc:3b:10:17:69:fd:29:5c:d3:fd:38:fe:b6:5e:
b2:04:8f:10:93:92:aa:db:76:07:a2:60:0f:3e:07:
bb:8d:f1:ca:c8:f3:38:69:61:38:41:4e:69:2d:70:
c2:ed:af:85:81:99:dc:8e:65:03:45:32:9b:01:95:
7c:d5:c0:90:bd:f4:08:a5:44:4b:e5:a2:e7:fe:17:
e4:f3:3d:59:35:8e:6d:3b:70:4d:b8:49:ac:63:ff:
3e:d4:71:36:e9:2b:50:c9:5c:bc:bb:b0:c6:1b:c4:
0a:01:ec:ae:3f:b7:bd:10:57:08:5e:ec:8a:07:ce:
e5:da:46:25:e8:ca:0a:e0:c2:cc:0d:44:84:db:0c:
88:d5:0f:65:bc:ea:69:10:ba:dc:93:ef:34:f9:2f:
c7:9b:c5:49:27:72:9c:a3:fd:40:9c:49:e3:59:7c:
24:cc:99:9a:01:b6:0d:fb:41:cb:36:80:41:88:c7:
75:9f:d5:01:6f:63:d5:f5:75:85:cd:26:3e:a6:fe:
8d:a9:ef:a8:b0:04:8b:7e:89:f3:5f:75:3a:56:69:
c7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EE:51:69:3A:24:09:D6:26:3C:A4:08:22:1F:0D:77:7D:D5:E7:3B
X509v3 Authority Key Identifier:
keyid:64:6F:C2:6E:64:18:20:24:F6:02:A9:AF:63:23:01:ED:CC:69:9B:E0
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
58:7e:16:d7:e5:72:b1:be:d4:7f:e8:59:cc:53:02:d8:5c:9e:
11:75:b2:01:0b:3f:86:ed:0f:9a:29:2d:69:37:0b:40:19:19:
fe:d2:12:33:82:5e:8f:bc:22:d6:d1:6e:18:9e:f9:39:3d:a7:
d8:a0:18:96:13:a3:41:89:05:24:71:8f:d3:55:4c:2f:62:62:
a5:ef:04:ee:47:a8:ad:c2:d4:fd:d8:fc:18:e7:88:9e:bb:8f:
11:c6:62:6e:2e:3b:2a:c6:17:6a:a6:4b:cb:13:8e:5f:5b:8b:
01:f0:71:cc:01:0c:48:38:6e:aa:dd:b7:17:03:aa:40:a9:47:
99:f2:c5:93:54:7e:33:5b:d1:e3:e1:0f:83:3e:c5:c8:63:e6:
7c:8c:55:92:86:38:5e:cb:e0:96:4e:83:b1:98:6d:e8:e1:30:
88:b0:49:d4:7c:ae:e3:71:df:5d:f6:b6:15:b3:40:a4:e3:15:
61:31:89:d1:25:d5:1d:46:ce:87:88:af:fb:4c:6d:31:58:b4:
b9:c5:39:e9:78:b7:62:48:a1:b7:f1:f8:f2:72:e6:51:b3:6d:
81:f0:97:09:64:ee:c9:7a:20:d7:f1:ce:9f:bf:30:fe:c6:e8:
85:de:48:18:ac:de:0a:d9:e8:f0:d0:7d:74:e9:3c:67:90:b6:
7c:c5:16:a1
-----BEGIN CERTIFICATE-----
MIIDgDCCAmigAwIBAgIUPkfIyg3QusyDJKrECbJTRNLa90swDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAORArLXzx7DcygeFtPpfDSikDYgSywWjT7t9AYjeDLO5DMw/
tG6f1ranKmsDxbw7EBdp/Slc0/04/rZesgSPEJOSqtt2B6JgDz4Hu43xysjzOGlh
OEFOaS1wwu2vhYGZ3I5lA0UymwGVfNXAkL30CKVES+Wi5/4X5PM9WTWObTtwTbhJ
rGP/PtRxNukrUMlcvLuwxhvECgHsrj+3vRBXCF7sigfO5dpGJejKCuDCzA1EhNsM
iNUPZbzqaRC63JPvNPkvx5vFSSdynKP9QJxJ41l8JMyZmgG2DftByzaAQYjHdZ/V
AW9j1fV1hc0mPqb+janvqLAEi36J8191OlZpxwcCAwEAAaOByzCByDAdBgNVHQ4E
FgQUP+5RaTokCdYmPKQIIh8Nd33V5zswHwYDVR0jBBgwFoAUZG/CbmQYICT2Aqmv
YyMB7cxpm+AwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MA0GCSqGSIb3DQEBCwUAA4IBAQBYfhbX5XKxvtR/6FnMUwLYXJ4RdbIBCz+G7Q+a
KS1pNwtAGRn+0hIzgl6PvCLW0W4Ynvk5PafYoBiWE6NBiQUkcY/TVUwvYmKl7wTu
R6itwtT92PwY54ieu48RxmJuLjsqxhdqpkvLE45fW4sB8HHMAQxIOG6q3bcXA6pA
qUeZ8sWTVH4zW9Hj4Q+DPsXIY+Z8jFWShjhey+CWToOxmG3o4TCIsEnUfK7jcd9d
9rYVs0Ck4xVhMYnRJdUdRs6HiK/7TG0xWLS5xTnpeLdiSKG38fjycuZRs22B8JcJ
ZO7JeiDX8c6fvzD+xuiF3kgYrN4K2ejw0H106TxnkLZ8xRah
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:63:f9:27:23:34:d5:b4:a6:e3:b2:e1:3f:8c:39:ed:fb:cd:58:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BogusRoot
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=BogusRoot
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b8:c8:2f:dc:30:b5:3e:65:02:31:fe:76:d5:cf:
18:49:18:9a:99:63:02:ea:1f:9c:fc:34:05:04:f5:
dc:94:15:48:0c:0b:c0:18:b9:0f:a5:a0:8f:66:27:
02:0b:a9:33:0f:a8:27:d7:61:d7:77:7e:d5:ab:db:
d4:a0:32:d0:40:9b:66:91:5b:ec:07:df:67:13:14:
71:1f:21:98:d8:89:ae:15:dd:68:07:3d:3b:62:5c:
34:f8:e8:39:da:2a:23:01:6a:09:a7:91:a1:c1:94:
ab:ba:42:7f:24:20:57:c8:67:2a:d6:cf:24:7b:b6:
14:ad:69:61:c5:50:6b:6b:d2:77:0c:0c:6e:30:df:
2b:e8:c4:de:89:a9:94:bf:8d:70:4e:ee:e1:5d:0f:
11:0f:80:71:3d:67:90:59:c5:c7:d6:8b:6a:29:7d:
8a:43:7a:98:0d:75:83:db:3c:09:27:19:12:77:99:
2c:2b:a2:94:dc:7d:78:41:e2:4a:9a:31:f4:fa:8b:
ef:d3:d3:42:dd:1d:a5:be:5d:2f:1c:9c:33:4f:7d:
c8:bd:12:eb:18:cd:e0:80:d5:7a:1a:2d:93:fc:1f:
59:8e:72:f8:e5:21:e1:f2:fe:b7:6a:c1:e1:39:20:
26:60:98:fd:02:f0:5b:a2:6d:13:c7:15:20:9b:ef:
d5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BD:F8:37:8B:1D:B5:1A:91:4C:D6:08:E8:33:85:8C:08:E9:3E:63
X509v3 Authority Key Identifier:
keyid:6F:BD:F8:37:8B:1D:B5:1A:91:4C:D6:08:E8:33:85:8C:08:E9:3E:63
Authority Information Access:
CA Issuers - URI:http://url-for-aia/BogusRoot.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/BogusRoot.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
1a:f5:48:c5:bc:2a:d4:78:ad:33:1b:59:d9:22:c2:a9:19:f0:
a5:9f:39:40:c5:eb:8f:f2:cd:d5:ac:90:2f:a5:a1:ec:7b:de:
a4:04:80:d7:86:99:64:66:25:5f:e3:1d:75:97:9a:6c:e3:66:
42:aa:f1:75:2f:20:80:06:d5:ea:f1:17:81:83:eb:a7:2c:70:
26:dc:ef:5f:d6:56:bf:83:55:c4:8a:53:68:de:02:92:4e:d3:
35:86:a4:61:24:68:b5:c6:37:f4:e9:d1:dd:96:96:0c:1a:b9:
23:cc:e8:5e:5e:d9:92:5e:85:72:ec:67:b7:38:07:1d:85:1f:
31:93:f9:6e:65:dc:d1:df:3d:22:57:9e:6a:d8:d0:9f:d6:99:
57:75:1c:17:88:1e:64:85:e9:91:a2:34:5a:15:ea:81:25:55:
d8:77:9b:6a:67:33:bf:89:a5:81:4a:20:71:87:b0:ec:fd:66:
5c:f1:62:f3:07:2d:07:ff:a1:41:fb:3f:fa:97:a7:4e:48:60:
55:65:cc:a2:54:88:27:9b:99:82:19:ac:ba:be:a2:5b:df:1e:
ad:fc:72:dd:ca:cb:d6:08:66:96:09:d2:29:a8:98:0d:68:d2:
05:6b:e2:b1:49:37:8d:08:39:b4:4b:c5:f2:f5:35:ee:85:ad:
56:b8:d6:53
-----BEGIN CERTIFICATE-----
MIIDjDCCAnSgAwIBAgIUZmP5JyM01bSm47LhP4w57fvNWPwwDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJQm9ndXNSb290MB4XDTE4MDMxMDEyMDAwMFoXDTIxMDEw
MTEyMDAwMFowFDESMBAGA1UEAwwJQm9ndXNSb290MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuMgv3DC1PmUCMf521c8YSRiamWMC6h+c/DQFBPXclBVI
DAvAGLkPpaCPZicCC6kzD6gn12HXd37Vq9vUoDLQQJtmkVvsB99nExRxHyGY2Imu
Fd1oBz07Ylw0+Og52iojAWoJp5GhwZSrukJ/JCBXyGcq1s8ke7YUrWlhxVBra9J3
DAxuMN8r6MTeiamUv41wTu7hXQ8RD4BxPWeQWcXH1otqKX2KQ3qYDXWD2zwJJxkS
d5ksK6KU3H14QeJKmjH0+ovv09NC3R2lvl0vHJwzT33IvRLrGM3ggNV6Gi2T/B9Z
jnL45SHh8v63asHhOSAmYJj9AvBbom0TxxUgm+/VMQIDAQABo4HVMIHSMB0GA1Ud
DgQWBBRvvfg3ix21GpFM1gjoM4WMCOk+YzAfBgNVHSMEGDAWgBRvvfg3ix21GpFM
1gjoM4WMCOk+YzA8BggrBgEFBQcBAQQwMC4wLAYIKwYBBQUHMAKGIGh0dHA6Ly91
cmwtZm9yLWFpYS9Cb2d1c1Jvb3QuY2VyMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6
Ly91cmwtZm9yLWNybC9Cb2d1c1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNV
HRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAa9UjFvCrUeK0zG1nZIsKp
GfClnzlAxeuP8s3VrJAvpaHse96kBIDXhplkZiVf4x11l5ps42ZCqvF1LyCABtXq
8ReBg+unLHAm3O9f1la/g1XEilNo3gKSTtM1hqRhJGi1xjf06dHdlpYMGrkjzOhe
XtmSXoVy7Ge3OAcdhR8xk/luZdzR3z0iV55q2NCf1plXdRwXiB5khemRojRaFeqB
JVXYd5tqZzO/iaWBSiBxh7Ds/WZc8WLzBy0H/6FB+z/6l6dOSGBVZcyiVIgnm5mC
Gay6vqJb3x6t/HLdysvWCGaWCdIpqJgNaNIFa+KxSTeNCDm0S8Xy9TXuha1WuNZT
-----END CERTIFICATE-----