Google Git
Sign in
chromium / chromium / src.git / da4307a16fe8c0bbecc8158e21ffef8190e23623 / . / net / data / verify_certificate_chain_unittest / unconstrained-root-lacks-basic-constraints.pem
blob: 24d08c5b839b087810927964c81b892a37cb3b55 [file] [log] [blame]
[Created by: generate-unconstrained-root-lacks-basic-constraints.py]
Certificate chain with 1 intermediate and a trust anchor. The trust anchor
lacks the basic constraints extension. This is not a problem and verification
should succeed.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bc:1b:31:ef:84:8e:64:39:4e:02:f3:81:fc:75:
0b:07:af:5b:57:53:6b:df:27:87:03:1c:3d:ea:b3:
6a:b5:14:e9:98:1d:13:16:fc:51:5b:04:c5:72:81:
3e:26:05:54:9b:19:f8:7e:c0:ee:c8:49:eb:e2:9d:
78:82:c8:e9:c5:af:eb:fc:10:85:e2:5f:e6:6a:8e:
51:19:69:69:10:5e:aa:99:31:64:c4:3d:0f:3e:f0:
5a:2a:cd:dd:b7:27:ff:5a:ee:91:c3:ad:92:9e:da:
91:df:7d:7f:77:f1:79:d8:6e:60:48:ad:57:f1:2d:
6e:67:5b:fe:20:5c:b9:56:a7:70:8d:63:80:5a:99:
cf:3d:6e:14:f5:d8:29:b9:25:81:61:c7:bb:be:3b:
08:38:c5:5d:40:aa:e7:15:51:8a:84:d3:78:64:f5:
3b:09:7b:a9:f2:ed:a5:05:ed:3a:67:21:45:f1:78:
78:e2:92:74:20:e0:41:10:f7:ab:9e:0e:fd:22:af:
ad:8f:b4:81:cb:d9:28:b1:49:90:05:fa:f7:96:a8:
b7:96:3d:5b:87:d9:6b:cc:82:7a:85:26:ba:e6:86:
40:53:44:09:38:27:4d:8a:98:5d:ce:56:a1:93:38:
08:fd:02:92:ef:9b:0c:d5:c0:9d:12:e8:21:08:9d:
ba:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:68:89:3F:A2:F7:48:BC:C6:C4:9C:7E:78:B9:E6:06:A7:37:2E:A2
X509v3 Authority Key Identifier:
keyid:A0:FF:6A:B0:DB:6D:76:3D:1F:D2:A3:83:33:02:BE:32:A2:71:34:85
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
2b:b6:4e:ac:b6:8d:bb:7c:cc:0b:6f:77:9c:54:ed:88:25:34:
c7:42:88:7c:35:23:74:c7:e7:7d:86:7d:fd:f0:0b:40:e2:64:
5b:a3:1b:a2:34:77:09:b4:7d:5e:7b:a4:85:7f:23:b5:2f:43:
f8:0f:33:6c:86:9c:7a:ee:0d:54:45:fb:1c:57:c8:01:91:60:
27:0b:bb:ac:8c:23:c4:5f:18:42:2e:df:24:cb:12:77:2c:0c:
6c:d1:8f:34:ee:a8:06:e3:8a:fe:34:e6:ca:bc:25:e5:33:a4:
23:df:00:4f:f4:e4:af:d9:7f:08:1a:78:a5:ba:80:81:49:bf:
8f:7c:ee:ee:27:ac:fc:d8:91:69:36:2b:dc:33:ae:d6:ad:47:
8d:5d:4c:c0:a5:a2:61:b8:db:b0:7b:92:79:b5:61:64:78:92:
02:05:68:16:2b:9f:81:66:5a:8e:e6:82:55:5b:83:87:26:e2:
da:d0:95:91:06:6d:f9:dc:b6:04:fe:ed:ae:f7:3e:db:a7:38:
31:af:a4:c5:79:f7:d0:3b:b9:2c:79:60:0a:1d:ec:68:8d:3f:
7b:d7:e9:1a:79:de:da:97:42:04:c7:b1:f2:fe:72:68:00:fa:
30:41:0e:1c:26:65:f5:eb:2e:7d:fe:19:05:99:5b:6f:3d:51:
4c:57:c3:cb
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8GzHv
hI5kOU4C84H8dQsHr1tXU2vfJ4cDHD3qs2q1FOmYHRMW/FFbBMVygT4mBVSbGfh+
wO7ISevinXiCyOnFr+v8EIXiX+ZqjlEZaWkQXqqZMWTEPQ8+8Foqzd23J/9a7pHD
rZKe2pHffX938XnYbmBIrVfxLW5nW/4gXLlWp3CNY4Bamc89bhT12Cm5JYFhx7u+
Owg4xV1AqucVUYqE03hk9TsJe6ny7aUF7TpnIUXxeHjiknQg4EEQ96ueDv0ir62P
tIHL2SixSZAF+veWqLeWPVuH2WvMgnqFJrrmhkBTRAk4J02KmF3OVqGTOAj9ApLv
mwzVwJ0S6CEInbrhAgMBAAGjgekwgeYwHQYDVR0OBBYEFKRoiT+i90i8xsScfni5
5ganNy6iMB8GA1UdIwQYMBaAFKD/arDbbXY9H9KjgzMCvjKicTSFMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAK7ZOrLaNu3zMC293nFTt
iCU0x0KIfDUjdMfnfYZ9/fALQOJkW6MbojR3CbR9XnukhX8jtS9D+A8zbIaceu4N
VEX7HFfIAZFgJwu7rIwjxF8YQi7fJMsSdywMbNGPNO6oBuOK/jTmyrwl5TOkI98A
T/Tkr9l/CBp4pbqAgUm/j3zu7ies/NiRaTYr3DOu1q1HjV1MwKWiYbjbsHuSebVh
ZHiSAgVoFiufgWZajuaCVVuDhybi2tCVkQZt+dy2BP7trvc+26c4Ma+kxXn30Du5
LHlgCh3saI0/e9fpGnne2pdCBMex8v5yaAD6MEEOHCZl9esuff4ZBZlbbz1RTFfD
yw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bd:4b:25:64:f8:46:3e:e8:fc:85:3a:e2:4a:dc:
9a:58:70:6f:65:27:93:14:2f:5d:08:b3:ba:dc:2d:
b0:8c:0e:98:f6:21:26:8d:ff:bb:59:2d:db:72:bc:
07:38:8f:11:34:cc:e8:07:0f:07:ed:82:1e:60:be:
d8:67:17:98:cb:81:55:40:5e:d9:a0:bd:a5:98:88:
71:17:8e:65:70:3e:8a:9f:b3:23:56:9f:98:a8:db:
64:6a:1b:e1:1a:2c:b1:94:6d:d3:4b:28:fd:e4:1c:
d3:7d:93:91:53:5c:3d:89:67:13:04:58:21:64:c9:
89:c7:12:58:91:dc:2f:0f:56:ec:a7:00:4f:60:89:
0a:b9:af:52:8e:20:bc:b3:16:e8:a6:06:ca:3b:07:
a5:76:59:7e:4b:17:33:b2:db:8e:d8:31:29:d8:ba:
08:06:51:e1:a1:43:6d:cd:2d:61:e1:03:54:62:1d:
43:28:b9:48:b6:3b:bb:24:47:d0:56:df:ce:ac:d3:
ac:a9:0c:13:a5:c8:76:a3:ee:67:0c:79:35:92:5d:
49:8f:a5:4f:8f:ae:79:09:6c:11:15:3f:3a:01:a3:
4d:54:df:93:50:b5:fe:ed:be:53:87:be:b7:65:55:
96:4c:7c:5b:a0:e3:1e:18:e8:9e:8c:95:d1:4a:ea:
5a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FF:6A:B0:DB:6D:76:3D:1F:D2:A3:83:33:02:BE:32:A2:71:34:85
X509v3 Authority Key Identifier:
keyid:0A:E1:71:15:DF:ED:0D:98:EB:75:A8:37:BC:F1:EE:E3:65:79:AB:C2
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
13:0e:3c:0e:69:c2:bf:7d:aa:a4:8f:47:a6:90:69:0e:d8:b7:
50:2a:c7:95:78:1d:7f:71:41:51:8d:a4:a9:cf:f2:d2:c6:c0:
8f:dd:56:c4:53:94:34:3f:07:e3:b0:4c:71:55:5b:14:a2:de:
8f:1e:3b:15:73:e2:9a:49:df:c8:0e:04:dc:76:76:61:0d:c5:
29:35:12:c4:71:d3:2d:6d:ac:b6:62:53:75:57:44:cf:0b:d2:
1d:66:0a:be:01:b5:a6:58:a0:42:f5:ce:62:3c:d8:21:fd:c6:
c7:27:66:b1:2f:d4:04:c2:29:44:32:3a:3b:b2:3c:08:a5:66:
3e:4c:27:c2:36:71:c5:31:05:e7:e9:f8:47:b4:81:33:57:7d:
c2:ce:ac:de:c4:15:11:1a:f2:c9:59:72:cd:a4:a8:54:41:ef:
d5:d5:67:cf:6e:e3:a0:07:62:ba:83:f7:46:fa:4b:10:7c:91:
9f:ff:aa:1a:c9:46:f9:26:14:c4:01:58:9d:35:75:f0:78:0e:
75:4e:7f:03:e8:83:1b:87:82:99:e0:52:b3:9f:34:a7:26:34:
76:9c:e7:3e:69:d5:9b:e6:9a:45:06:34:19:03:05:b0:15:ca:
a2:59:7c:ac:fe:9c:c4:29:54:e2:c8:9c:e1:98:7e:16:7a:b9:
f3:9e:aa:d1
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUslZPhG
Puj8hTriStyaWHBvZSeTFC9dCLO63C2wjA6Y9iEmjf+7WS3bcrwHOI8RNMzoBw8H
7YIeYL7YZxeYy4FVQF7ZoL2lmIhxF45lcD6Kn7MjVp+YqNtkahvhGiyxlG3TSyj9
5BzTfZORU1w9iWcTBFghZMmJxxJYkdwvD1bspwBPYIkKua9SjiC8sxbopgbKOwel
dll+SxczstuO2DEp2LoIBlHhoUNtzS1h4QNUYh1DKLlItju7JEfQVt/OrNOsqQwT
pch2o+5nDHk1kl1Jj6VPj655CWwRFT86AaNNVN+TULX+7b5Th763ZVWWTHxboOMe
GOiejJXRSupaTwIDAQABo4HLMIHIMB0GA1UdDgQWBBSg/2qw2212PR/So4MzAr4y
onE0hTAfBgNVHSMEGDAWgBQK4XEV3+0NmOt1qDe88e7jZXmrwjA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
ABMOPA5pwr99qqSPR6aQaQ7Yt1Aqx5V4HX9xQVGNpKnP8tLGwI/dVsRTlDQ/B+Ow
THFVWxSi3o8eOxVz4ppJ38gOBNx2dmENxSk1EsRx0y1trLZiU3VXRM8L0h1mCr4B
taZYoEL1zmI82CH9xscnZrEv1ATCKUQyOjuyPAilZj5MJ8I2ccUxBefp+Ee0gTNX
fcLOrN7EFREa8slZcs2kqFRB79XVZ89u46AHYrqD90b6SxB8kZ//qhrJRvkmFMQB
WJ01dfB4DnVOfwPogxuHgpngUrOfNKcmNHac5z5p1ZvmmkUGNBkDBbAVyqJZfKz+
nMQpVOLInOGYfhZ6ufOeqtE=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:99:74:ca:c8:3e:26:66:b5:bc:e5:cc:0b:41:30:
7b:cb:99:a5:31:5f:e6:3f:44:81:d3:c5:16:0e:ac:
db:2e:cf:5a:08:79:5a:44:c4:f1:bc:e5:74:06:42:
57:35:4b:e7:90:88:ef:dd:59:b7:82:40:b5:ff:c2:
03:32:1b:4d:1c:6d:ee:34:60:a8:c5:24:ab:b0:0f:
a6:19:22:86:ae:e3:12:dd:3e:99:3a:36:65:6a:ea:
5d:aa:b0:2d:e9:db:9a:22:83:cb:50:8b:1a:04:cb:
4b:83:83:46:95:e1:45:a7:17:d3:16:ab:70:e6:62:
85:79:ff:73:35:3e:7e:4d:1d:3b:6d:e1:60:0e:15:
3c:12:cf:7a:d7:eb:af:04:0a:43:3b:5f:78:de:df:
ba:51:60:4d:20:61:32:2c:f4:61:d3:e2:48:02:8d:
a1:d5:05:ec:f4:d0:7d:3d:2e:f8:5f:3b:57:76:21:
d8:55:1a:61:34:53:af:2f:de:32:ff:27:7e:12:41:
96:56:0a:9d:d2:e5:3f:38:14:9e:20:50:58:4c:00:
7d:16:4d:2d:b8:f3:75:c5:c4:b3:80:a7:d9:e4:60:
e1:8f:b5:b8:a4:82:db:72:b2:7c:0b:a2:ef:5e:98:
22:48:b2:f9:7c:4a:82:e5:59:fa:0d:93:34:34:88:
93:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E1:71:15:DF:ED:0D:98:EB:75:A8:37:BC:F1:EE:E3:65:79:AB:C2
X509v3 Authority Key Identifier:
keyid:0A:E1:71:15:DF:ED:0D:98:EB:75:A8:37:BC:F1:EE:E3:65:79:AB:C2
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
6d:66:a8:f5:13:4c:3a:8d:26:f2:30:1a:59:72:f3:dd:7a:17:
cf:8d:6e:76:cf:23:db:be:a3:85:e9:78:63:1d:4c:d8:78:93:
9e:57:61:0d:78:2a:5a:67:c3:d8:73:d1:69:72:24:66:e6:9b:
b3:fb:b8:31:7e:c0:4b:8c:03:48:fb:36:b7:ac:42:39:66:94:
26:22:d7:fb:d3:11:67:29:d6:32:9c:c3:9e:bd:b1:43:2e:6f:
a1:a5:4c:ec:5d:df:5e:b6:49:0c:81:9c:2f:09:81:03:97:16:
80:5a:da:c1:25:d6:c8:3e:d9:11:ed:1a:1d:8d:ac:46:90:e9:
1c:e1:23:70:95:2d:b3:19:a5:ba:97:7b:47:4f:af:cc:ed:80:
4e:46:26:8e:39:86:5a:6d:f4:94:56:42:05:49:fc:ef:48:2e:
fa:04:78:34:0f:5a:c9:56:dc:eb:88:3a:fc:d6:8b:73:d7:81:
27:57:e3:27:6f:6b:74:af:6e:42:16:c9:30:a8:3d:8f:24:43:
55:40:9b:fc:39:43:3a:b5:50:6b:11:c3:b8:a1:06:f4:63:3e:
45:01:db:7c:db:b7:35:df:38:c1:eb:83:e8:4e:78:3b:99:66:
e9:d1:14:68:b2:f6:7e:2d:80:eb:f7:e0:87:6a:43:c1:3a:23:
8f:aa:05:5d
-----BEGIN TRUST_ANCHOR_UNCONSTRAINED-----
MIIDVDCCAjygAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJl0ysg+Jma1vOXMC0Ew
e8uZpTFf5j9EgdPFFg6s2y7PWgh5WkTE8bzldAZCVzVL55CI791Zt4JAtf/CAzIb
TRxt7jRgqMUkq7APphkihq7jEt0+mTo2ZWrqXaqwLenbmiKDy1CLGgTLS4ODRpXh
RacX0xarcOZihXn/czU+fk0dO23hYA4VPBLPetfrrwQKQztfeN7fulFgTSBhMiz0
YdPiSAKNodUF7PTQfT0u+F87V3Yh2FUaYTRTry/eMv8nfhJBllYKndLlPzgUniBQ
WEwAfRZNLbjzdcXEs4Cn2eRg4Y+1uKSC23KyfAui716YIkiy+XxKguVZ+g2TNDSI
k6cCAwEAAaOBujCBtzAdBgNVHQ4EFgQUCuFxFd/tDZjrdag3vPHu42V5q8IwHwYD
VR0jBBgwFoAUCuFxFd/tDZjrdag3vPHu42V5q8IwNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAbWao9RNMOo0m8jAaWXLz3XoXz41uds8j
276jhel4Yx1M2HiTnldhDXgqWmfD2HPRaXIkZuabs/u4MX7AS4wDSPs2t6xCOWaU
JiLX+9MRZynWMpzDnr2xQy5voaVM7F3fXrZJDIGcLwmBA5cWgFrawSXWyD7ZEe0a
HY2sRpDpHOEjcJUtsxmlupd7R0+vzO2ATkYmjjmGWm30lFZCBUn870gu+gR4NA9a
yVbc64g6/NaLc9eBJ1fjJ29rdK9uQhbJMKg9jyRDVUCb/DlDOrVQaxHDuKEG9GM+
RQHbfNu3Nd84weuD6E54O5lm6dEUaLL2fi2A6/fgh2pDwTojj6oFXQ==
-----END TRUST_ANCHOR_UNCONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
SUCCESS
-----BEGIN VERIFY_RESULT-----
U1VDQ0VTUw==
-----END VERIFY_RESULT-----