blob: c357e38aa1ef4fec3ca85fafeeb3700c8c444a8d [file] [log] [blame]
[Created by: generate-chains.py]
Certificate chain where the leaf certificate asserts the keyCertSign key
usage, however does not have CA=true in the basic constraints extension to
indicate it is a CA.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:e0:65:d2:8a:72:7c:60:7d:f8:7e:88:6d:f0:a6:80:23:e1:38:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d5:97:4d:ce:b9:89:7b:00:4f:e4:1f:f6:b0:1d:
26:7d:c5:42:70:21:40:3a:a6:f9:07:5b:11:c6:fb:
0f:8e:79:46:78:ad:34:71:46:b4:fa:96:75:06:c8:
3e:c7:e9:1a:ae:f0:47:7f:4b:53:4a:f2:46:83:89:
92:b0:11:11:0c:04:7c:33:e1:4b:7e:b5:b5:b2:54:
a7:28:64:31:7b:e2:5c:4a:00:30:3f:8c:21:e0:61:
f6:15:e8:20:03:bf:ce:d3:b4:ec:6e:27:88:fb:a9:
b0:9a:73:79:26:46:55:a3:05:ac:25:ba:6f:24:3c:
17:7d:17:6c:25:ad:14:68:0b:fd:a6:d6:5f:5a:9a:
4a:9d:6d:86:e5:77:b9:50:9c:40:2b:40:af:1d:92:
4e:22:7a:c1:eb:57:17:16:4d:fa:12:e3:8c:25:8e:
8d:4b:74:4f:3e:67:cd:84:2a:63:46:43:3c:45:7f:
ad:bc:dd:5c:00:46:7e:25:36:43:d9:98:15:a1:f4:
f6:29:5d:54:9d:20:b8:b6:e1:4c:e3:f1:3c:91:47:
9d:eb:d7:f8:a2:f1:c5:f8:bc:7b:bf:bd:40:38:39:
01:3b:98:33:12:d9:de:c6:f9:eb:4b:e3:82:8e:98:
4b:28:1b:cd:ba:22:d5:b3:02:12:fc:40:86:ec:3e:
e7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6F:D1:A8:67:1C:5F:A0:86:1B:FF:7B:E0:F4:72:33:CF:7C:F0:26
X509v3 Authority Key Identifier:
keyid:B2:C0:C2:33:FD:8F:F5:37:4B:52:85:82:DD:31:5D:CE:A2:99:71:D0
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Certificate Sign
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
5e:d5:2c:0f:bd:dc:c2:8e:c5:4c:00:0c:9e:a6:47:68:49:fb:
14:46:7c:d2:6f:89:20:40:7b:1f:8b:30:e6:10:ce:5a:e7:7e:
f1:d8:85:f5:bb:53:37:1e:93:c5:d7:97:fd:ce:1a:e1:4a:f7:
fc:a8:fb:c0:5a:48:d9:cb:e1:3a:c5:71:d9:05:23:9e:01:9b:
3d:a2:08:ca:e6:5f:0c:80:98:c9:b9:66:48:45:5f:b2:cb:8d:
b6:73:89:ca:53:3b:0b:29:dc:0b:a1:14:fe:32:53:b6:9e:62:
8b:ee:86:df:86:37:86:8d:84:0f:d9:48:c3:1f:33:08:99:2a:
e1:da:2d:a0:b1:b9:47:70:68:1c:f3:15:a3:ac:b8:25:79:fe:
e9:d0:ea:99:69:47:16:03:65:47:7f:ac:a1:a5:f3:2f:ea:d3:
89:c6:ea:a9:8a:6e:c0:64:8d:81:5e:3d:f2:48:52:4f:ba:2f:
78:29:3e:95:55:d4:78:6a:9a:96:a5:0f:05:71:b7:88:d4:15:
13:0f:ef:d7:c3:9d:29:c7:40:09:7d:2b:93:ca:9f:2a:d0:6c:
0d:5f:b8:8a:a4:bc:47:aa:c7:87:50:97:27:19:d0:58:0d:3a:
81:38:63:60:f7:95:21:d5:b2:f9:97:d3:54:a7:53:47:13:bb:
d7:99:82:01
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIUDeBl0opyfGB9+H6IbfCmgCPhOKkwDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTE4MDMxMDEyMDAwMFoXDTIx
MDEwMTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA1ZdNzrmJewBP5B/2sB0mfcVCcCFAOqb5B1sRxvsPjnlG
eK00cUa0+pZ1Bsg+x+karvBHf0tTSvJGg4mSsBERDAR8M+FLfrW1slSnKGQxe+Jc
SgAwP4wh4GH2FeggA7/O07TsbieI+6mwmnN5JkZVowWsJbpvJDwXfRdsJa0UaAv9
ptZfWppKnW2G5Xe5UJxAK0CvHZJOInrB61cXFk36EuOMJY6NS3RPPmfNhCpjRkM8
RX+tvN1cAEZ+JTZD2ZgVofT2KV1UnSC4tuFM4/E8kUed69f4ovHF+Lx7v71AODkB
O5gzEtnexvnrS+OCjphLKBvNuiLVswIS/ECG7D7nUQIDAQABo4HpMIHmMB0GA1Ud
DgQWBBQbb9GoZxxfoIYb/3vg9HIzz3zwJjAfBgNVHSMEGDAWgBSywMIz/Y/1N0tS
hYLdMV3Ooplx0DA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIC
pDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
ggEBAF7VLA+93MKOxUwADJ6mR2hJ+xRGfNJviSBAex+LMOYQzlrnfvHYhfW7Uzce
k8XXl/3OGuFK9/yo+8BaSNnL4TrFcdkFI54Bmz2iCMrmXwyAmMm5ZkhFX7LLjbZz
icpTOwsp3AuhFP4yU7aeYovuht+GN4aNhA/ZSMMfMwiZKuHaLaCxuUdwaBzzFaOs
uCV5/unQ6plpRxYDZUd/rKGl8y/q04nG6qmKbsBkjYFePfJIUk+6L3gpPpVV1Hhq
mpalDwVxt4jUFRMP79fDnSnHQAl9K5PKnyrQbA1fuIqkvEeqx4dQlycZ0FgNOoE4
Y2D3lSHVsvmX01SnU0cTu9eZggE=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1e:f6:e0:d5:64:b5:71:7d:eb:f5:6d:bf:03:da:71:a6:d9:eb:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:14:bf:96:32:0d:cf:bb:58:2a:b4:3c:97:e5:
6c:22:92:ff:d3:14:e2:b9:0b:c9:fe:0d:09:d0:c6:
b5:48:ed:e0:2a:25:04:2e:16:08:6b:55:da:d1:f3:
b1:c1:1a:49:85:33:f4:bb:7c:d6:38:45:c8:af:4d:
d4:a9:43:a7:56:cf:9c:40:a5:2b:b8:13:7f:ee:6b:
fe:98:3b:ed:74:2a:5e:c7:9f:7c:e0:73:6c:a7:c4:
d8:f1:e3:55:79:6c:02:7c:b4:e8:3f:1a:93:57:62:
3a:86:5b:24:db:70:f2:fd:94:91:95:6b:68:72:73:
31:44:a5:36:32:e6:77:37:bb:e1:cb:6d:b5:aa:20:
3a:02:7e:ff:44:6d:79:e4:7d:e6:d3:72:92:e9:59:
92:57:ff:be:e8:e2:d9:84:47:f8:a9:f6:11:ee:cf:
5b:7f:92:d8:19:44:7f:96:40:52:19:09:80:af:2f:
36:65:14:9a:fe:ef:aa:aa:c9:00:fb:ac:d3:87:59:
14:ab:69:52:4c:4f:87:0f:74:49:ab:c5:f2:fb:73:
23:c0:91:c9:93:82:6f:28:8d:23:f9:2d:f3:92:cc:
f5:68:20:86:0d:37:35:d7:46:da:dd:4a:fc:92:3b:
32:a2:67:ba:f5:b3:49:13:76:e9:5e:78:a0:86:3e:
de:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C0:C2:33:FD:8F:F5:37:4B:52:85:82:DD:31:5D:CE:A2:99:71:D0
X509v3 Authority Key Identifier:
keyid:24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
9f:c6:60:37:6a:32:41:1a:c2:23:f0:c7:9a:4f:c7:76:e7:0e:
5c:3f:c0:3a:f9:89:43:f6:79:46:a4:32:aa:02:04:b1:8c:5c:
eb:7a:af:84:ae:a5:f9:65:8a:dc:cf:97:f1:d6:d7:d7:a4:bd:
e7:67:a9:bb:e9:18:16:a2:c1:6e:08:e3:3a:ac:2a:65:cf:e6:
cb:9f:a8:7d:1c:3e:1f:c4:e8:0a:96:09:89:f6:72:8c:da:6a:
88:3d:9d:d2:ba:80:ef:03:ac:ec:33:01:5b:d1:28:50:7d:a4:
d7:67:75:69:10:dd:dc:09:c6:7c:b1:07:96:c1:4f:5c:d9:cb:
18:1b:0d:ab:96:16:cf:b3:79:ae:39:86:5d:e2:94:11:7a:49:
67:e8:62:cd:53:b8:a3:5d:2a:b5:17:93:4b:19:39:75:47:f4:
ea:f5:51:72:65:a2:43:17:29:57:8c:5a:06:c8:d2:a6:16:9a:
ce:c6:f9:89:5c:84:b7:b1:91:92:bd:a9:df:c2:2e:5d:70:ce:
6d:b7:84:67:e5:ce:df:3f:5f:61:93:0e:f5:ad:9b:08:b1:f6:
b6:d8:15:a8:b6:1e:c1:88:ec:7c:80:68:31:4d:79:13:0c:1d:
30:46:cd:db:ab:4c:dd:ec:6a:b3:33:58:0b:0e:1d:b8:fb:7d:
97:e3:5b:54
-----BEGIN CERTIFICATE-----
MIIDgDCCAmigAwIBAgIUAx724NVktXF96/VtvwPacabZ6yYwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYUv5YyDc+7WCq0PJflbCKS/9MU4rkLyf4NCdDGtUjt4Col
BC4WCGtV2tHzscEaSYUz9Lt81jhFyK9N1KlDp1bPnEClK7gTf+5r/pg77XQqXsef
fOBzbKfE2PHjVXlsAny06D8ak1diOoZbJNtw8v2UkZVraHJzMUSlNjLmdze74ctt
taogOgJ+/0RteeR95tNykulZklf/vuji2YRH+Kn2Ee7PW3+S2BlEf5ZAUhkJgK8v
NmUUmv7vqqrJAPus04dZFKtpUkxPhw90SavF8vtzI8CRyZOCbyiNI/kt85LM9Wgg
hg03NddG2t1K/JI7MqJnuvWzSRN26V54oIY+3i0CAwEAAaOByzCByDAdBgNVHQ4E
FgQUssDCM/2P9TdLUoWC3TFdzqKZcdAwHwYDVR0jBBgwFoAUJNu03j4/qh2wV3od
fM2G6WvQFW8wNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MA0GCSqGSIb3DQEBCwUAA4IBAQCfxmA3ajJBGsIj8MeaT8d25w5cP8A6+YlD9nlG
pDKqAgSxjFzreq+ErqX5ZYrcz5fx1tfXpL3nZ6m76RgWosFuCOM6rCplz+bLn6h9
HD4fxOgKlgmJ9nKM2mqIPZ3SuoDvA6zsMwFb0ShQfaTXZ3VpEN3cCcZ8sQeWwU9c
2csYGw2rlhbPs3muOYZd4pQRekln6GLNU7ijXSq1F5NLGTl1R/Tq9VFyZaJDFylX
jFoGyNKmFprOxvmJXIS3sZGSvanfwi5dcM5tt4Rn5c7fP19hkw71rZsIsfa22BWo
th7BiOx8gGgxTXkTDB0wRs3bq0zd7GqzM1gLDh24+32X41tU
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1e:f6:e0:d5:64:b5:71:7d:eb:f5:6d:bf:03:da:71:a6:d9:eb:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e4:4e:96:f6:de:02:05:e7:16:80:fa:ed:b1:3c:
f3:19:ea:7b:d2:fe:ed:93:b7:09:37:7d:c1:98:9b:
65:a9:84:09:72:cd:e5:d8:da:21:44:c2:2e:92:95:
12:fe:35:0c:66:34:ad:f3:4f:c5:2f:d0:2e:57:41:
1c:3b:ce:c9:51:17:05:eb:06:f7:4f:fb:6e:27:9d:
06:d8:10:87:f4:97:5f:0f:9d:5d:d7:2b:d3:3b:21:
5b:5a:8f:20:e0:97:16:7b:15:39:d6:3f:ff:1d:06:
53:74:62:78:68:5b:ed:c2:05:e7:86:8b:1a:63:3a:
d3:e4:a9:25:8f:0e:92:13:df:39:d6:31:82:bf:bd:
ef:d4:21:9d:0e:7f:c9:90:ef:1d:c5:f3:c4:00:1e:
4a:03:61:f4:5e:cf:e9:58:e5:12:49:37:31:49:89:
54:d8:59:40:78:eb:e2:3f:75:9c:a5:ff:1c:33:b8:
6c:26:26:5a:8f:28:12:1f:4e:81:e5:a6:aa:dd:c6:
d9:c9:94:6a:15:3c:9e:7a:59:29:92:cb:7a:f5:67:
c4:d4:dd:4c:c5:6e:fb:b3:c2:5a:9d:f1:0b:35:17:
92:b6:85:dc:fd:45:c5:3f:13:f3:cd:fc:bc:b6:59:
c0:17:0b:ce:b3:e1:47:d1:2f:34:74:a4:5c:ba:a9:
cf:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F
X509v3 Authority Key Identifier:
keyid:24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
69:6d:e6:97:c4:6d:a6:f2:93:c4:45:cf:1c:e5:f8:3d:f5:55:
e4:a9:dc:fe:e4:a5:dc:47:24:9c:05:1e:69:d8:0a:cb:3e:c3:
58:6c:c9:d0:c0:fc:62:8b:04:5c:8a:96:a0:fa:44:31:6c:c7:
8e:91:de:54:70:18:06:a8:f4:cf:b8:f7:2c:33:d1:06:41:cc:
28:4b:94:76:44:3e:48:e2:dd:52:f5:1c:cc:46:02:83:f4:09:
56:16:51:d6:ce:8d:73:12:b2:ab:06:43:dc:0d:3c:12:c5:5a:
7d:94:de:34:2e:f5:da:47:bb:db:6a:1c:cc:23:e4:61:23:57:
f6:cb:93:f2:0c:56:29:50:fb:dc:ce:97:8e:9d:c4:4d:6e:8a:
86:c4:d4:5c:ca:52:21:26:12:17:fd:3b:87:31:9a:85:37:c2:
e5:b3:7f:a8:de:c6:4a:78:1a:e2:55:fe:f0:06:2d:45:59:9f:
10:b6:3d:6e:2d:55:df:42:a7:85:83:b6:53:e9:62:02:d3:9b:
dd:e1:cc:ec:a4:76:14:02:59:1f:39:30:3c:2b:10:72:4c:cc:
f8:62:bb:be:2d:2c:d3:5b:6d:9a:d7:b5:45:77:1c:b5:2e:04:
c0:dc:52:2e:1f:6b:65:cc:3d:03:a1:f0:8d:7d:da:62:49:0a:
f6:74:18:dd
-----BEGIN CERTIFICATE-----
MIIDeDCCAmCgAwIBAgIUAx724NVktXF96/VtvwPacabZ6yUwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw
MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDkTpb23gIF5xaA+u2xPPMZ6nvS/u2Ttwk3fcGYm2WphAlyzeXY2iFEwi6S
lRL+NQxmNK3zT8Uv0C5XQRw7zslRFwXrBvdP+24nnQbYEIf0l18PnV3XK9M7IVta
jyDglxZ7FTnWP/8dBlN0YnhoW+3CBeeGixpjOtPkqSWPDpIT3znWMYK/ve/UIZ0O
f8mQ7x3F88QAHkoDYfRez+lY5RJJNzFJiVTYWUB46+I/dZyl/xwzuGwmJlqPKBIf
ToHlpqrdxtnJlGoVPJ56WSmSy3r1Z8TU3UzFbvuzwlqd8Qs1F5K2hdz9RcU/E/PN
/Ly2WcAXC86z4UfRLzR0pFy6qc8NAgMBAAGjgcswgcgwHQYDVR0OBBYEFCTbtN4+
P6odsFd6HXzNhulr0BVvMB8GA1UdIwQYMBaAFCTbtN4+P6odsFd6HXzNhulr0BVv
MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
9w0BAQsFAAOCAQEAaW3ml8RtpvKTxEXPHOX4PfVV5Knc/uSl3EcknAUeadgKyz7D
WGzJ0MD8YosEXIqWoPpEMWzHjpHeVHAYBqj0z7j3LDPRBkHMKEuUdkQ+SOLdUvUc
zEYCg/QJVhZR1s6NcxKyqwZD3A08EsVafZTeNC712ke722oczCPkYSNX9suT8gxW
KVD73M6Xjp3ETW6KhsTUXMpSISYSF/07hzGahTfC5bN/qN7GSnga4lX+8AYtRVmf
ELY9bi1V30KnhYO2U+liAtOb3eHM7KR2FAJZHzkwPCsQckzM+GK7vi0s01ttmte1
RXcctS4EwNxSLh9rZcw9A6HwjX3aYkkK9nQY3Q==
-----END CERTIFICATE-----