| [Created by: generate-chains.py] |
| |
| Certificate chain with 1 intermediate and a trusted root. The target |
| certificate has only clientAuth EKU, so is expected to fail when verifying for |
| serverAuth. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:e2:eb:a5:10:98:bb:69:c3:14:d9:d6:c6:57:1a: |
| e0:9a:9e:30:b5:d8:b7:e3:fd:4a:ef:08:01:b0:b8: |
| 94:0a:0a:c6:24:5e:3f:50:d1:e7:21:f7:ce:0c:5f: |
| af:a1:ab:6e:35:d4:56:cf:bd:45:fb:6e:35:5d:0f: |
| 34:7e:36:61:ab:f2:dd:4b:d5:23:80:5d:55:77:fc: |
| fb:0e:2c:8d:86:13:e1:eb:88:9f:69:f0:45:19:2f: |
| 94:9e:fa:2c:e0:fc:a3:23:8c:8d:cf:f0:7e:65:9f: |
| 2b:fc:34:04:75:b8:56:a9:19:35:f7:d2:3f:2b:f0: |
| cf:1a:76:dd:da:08:31:9b:4c:b1:83:31:32:2f:ab: |
| 1c:61:51:25:b9:d7:11:3b:fa:7f:8b:1b:c9:76:56: |
| 76:d5:07:f6:95:99:db:3e:e0:e5:5b:04:60:93:d3: |
| 4a:0b:4e:06:66:48:a2:93:de:7e:3c:2f:06:38:b2: |
| 18:6f:b1:d8:1f:a1:10:16:06:d0:a1:67:cf:e2:7d: |
| e0:17:c1:b2:95:6c:34:b2:74:33:ec:eb:71:5e:ac: |
| 25:b2:80:1f:c6:a5:ea:ae:e2:62:72:18:33:53:0e: |
| 44:57:93:e0:cd:3a:23:f3:0b:e9:9a:be:ac:0c:57: |
| 7b:51:76:24:24:28:38:8e:0d:c8:84:ac:31:49:87: |
| 79:0d |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 49:89:8E:36:AD:53:F8:AC:67:4F:B7:A4:DC:48:2F:19:41:7D:33:DE |
| X509v3 Authority Key Identifier: |
| keyid:22:82:C0:6D:04:2C:68:BF:9A:C0:A0:64:5C:CA:16:43:09:45:40:B3 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 1e:8b:4a:94:5f:97:89:86:d3:39:07:51:b0:85:ae:a4:ef:68: |
| d4:02:a1:cc:97:55:10:05:bd:73:de:50:a5:3e:35:0d:3e:f1: |
| a0:2c:2c:9d:36:9e:93:c9:04:ef:aa:c2:3e:71:87:b9:2a:fb: |
| 45:5d:73:89:37:35:33:9a:1d:26:6a:c1:43:f4:c2:6e:96:48: |
| 83:26:6b:29:1c:d0:17:b9:68:93:7e:30:86:ad:82:07:27:85: |
| 74:d0:7a:5d:2c:de:69:f3:6d:9b:07:34:2c:b0:00:fd:28:1a: |
| 79:f0:15:00:c7:d0:72:4e:9d:20:b5:c3:a5:6f:a7:51:16:70: |
| 63:1a:14:53:38:72:24:ae:a2:7f:bc:84:9a:66:85:7d:8e:17: |
| d0:b0:62:9d:77:66:30:61:5c:43:f1:2a:05:4e:c6:d4:51:a1: |
| 23:71:e5:e1:22:02:44:0b:36:ec:d7:8c:20:13:97:38:ec:96: |
| 2e:f1:15:7e:22:96:41:25:8c:6f:35:f1:08:33:5b:f4:66:67: |
| ee:03:1f:d7:76:d1:16:d3:50:6f:8a:56:cd:e6:7c:ca:43:b2: |
| 39:f5:ac:42:c8:e5:b7:94:9a:1d:32:81:6d:39:eb:00:5a:5a: |
| 2c:4d:85:73:ef:62:2f:a8:88:9a:df:26:83:fc:d1:2e:a6:fc: |
| 70:93:33:4e |
| -----BEGIN CERTIFICATE----- |
| MIIDgzCCAmugAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi66UQ |
| mLtpwxTZ1sZXGuCanjC12Lfj/UrvCAGwuJQKCsYkXj9Q0ech984MX6+hq2411FbP |
| vUX7bjVdDzR+NmGr8t1L1SOAXVV3/PsOLI2GE+HriJ9p8EUZL5Se+izg/KMjjI3P |
| 8H5lnyv8NAR1uFapGTX30j8r8M8adt3aCDGbTLGDMTIvqxxhUSW51xE7+n+LG8l2 |
| VnbVB/aVmds+4OVbBGCT00oLTgZmSKKT3n48LwY4shhvsdgfoRAWBtChZ8/ifeAX |
| wbKVbDSydDPs63FerCWygB/Gpequ4mJyGDNTDkRXk+DNOiPzC+mavqwMV3tRdiQk |
| KDiODciErDFJh3kNAgMBAAGjgd8wgdwwHQYDVR0OBBYEFEmJjjatU/isZ0+3pNxI |
| LxlBfTPeMB8GA1UdIwQYMBaAFCKCwG0ELGi/msCgZFzKFkMJRUCzMD8GCCsGAQUF |
| BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUF |
| BwMCMA0GCSqGSIb3DQEBCwUAA4IBAQAei0qUX5eJhtM5B1Gwha6k72jUAqHMl1UQ |
| Bb1z3lClPjUNPvGgLCydNp6TyQTvqsI+cYe5KvtFXXOJNzUzmh0masFD9MJulkiD |
| JmspHNAXuWiTfjCGrYIHJ4V00HpdLN5p822bBzQssAD9KBp58BUAx9ByTp0gtcOl |
| b6dRFnBjGhRTOHIkrqJ/vISaZoV9jhfQsGKdd2YwYVxD8SoFTsbUUaEjceXhIgJE |
| Czbs14wgE5c47JYu8RV+IpZBJYxvNfEIM1v0ZmfuAx/XdtEW01BvilbN5nzKQ7I5 |
| 9axCyOW3lJodMoFtOesAWlosTYVz72IvqIia3yaD/NEupvxwkzNO |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 2 (0x2) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:9a:8b:44:57:fb:d0:44:24:d6:20:38:aa:1b:20: |
| cc:67:40:26:c1:98:2a:6e:95:cf:db:2c:3b:a6:c9: |
| e6:58:06:01:c5:d7:2d:3a:0d:f5:45:92:6c:d7:16: |
| 78:5b:3a:1d:16:f7:3c:c9:9b:1a:95:17:f7:cd:30: |
| 75:44:c4:bd:42:ed:b2:6b:e6:9b:a8:4e:2e:cf:36: |
| 2e:3e:c3:c0:21:df:ed:b2:05:ca:65:59:12:c9:2a: |
| 3d:bf:3a:df:5e:17:f6:eb:a8:78:e6:81:c7:d6:5e: |
| ac:9b:e9:aa:c5:af:6f:d2:04:08:4a:9e:9b:02:68: |
| 40:b3:ca:8d:5e:cf:48:4d:fd:44:fe:8d:15:19:ab: |
| fd:fb:7e:32:34:c9:90:15:b2:8e:6b:4a:9c:63:68: |
| 85:bb:91:bb:1b:cb:8b:c1:6f:06:32:67:4d:0d:f3: |
| 9a:ab:6c:80:f3:79:f1:ac:bb:48:2a:e2:ef:af:8a: |
| 3e:86:8a:72:3e:df:ad:7a:ad:90:50:e4:65:69:37: |
| 26:4a:16:ce:b6:11:9c:36:49:da:85:da:af:5f:91: |
| d6:a7:94:3a:af:96:6f:6f:4e:01:a3:51:06:e7:7a: |
| ab:41:a3:17:21:b6:9d:a6:aa:75:ff:06:7b:fa:e8: |
| 77:5a:58:af:1d:47:b5:c8:8b:bf:c2:a1:6a:4c:01: |
| 82:d7 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 22:82:C0:6D:04:2C:68:BF:9A:C0:A0:64:5C:CA:16:43:09:45:40:B3 |
| X509v3 Authority Key Identifier: |
| keyid:DE:2B:DF:9E:08:76:11:61:90:16:9D:68:25:D2:F9:40:1B:36:70:3D |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 67:75:dd:21:1d:a3:c1:e9:98:a8:b8:28:e6:c4:d4:94:23:32: |
| 67:d8:44:ee:37:ce:a4:1f:6b:48:f5:8e:0f:51:a1:0c:83:d0: |
| cb:ee:7f:24:b7:bc:e6:a9:e1:75:ad:ae:ec:e0:26:3e:79:85: |
| f9:ae:2a:45:3a:dc:69:a2:06:6a:36:89:9e:fe:df:19:74:3f: |
| cb:70:7a:d1:7e:53:77:f3:fb:c4:b9:08:dc:4f:13:e3:3f:23: |
| b9:8b:0d:d7:b5:fd:4c:3b:30:ee:f6:b3:d0:fc:51:a2:f0:62: |
| 76:ae:ba:ec:9b:a5:c9:14:e3:40:9c:f8:4f:38:ef:8d:3b:be: |
| eb:09:d8:34:fb:42:1b:07:8f:2a:b2:93:ff:f3:9f:e4:84:0b: |
| c5:54:2b:b4:a8:66:47:20:2a:97:25:fc:ca:64:12:61:7c:2a: |
| d2:a7:9f:e6:0c:50:0f:3e:bd:fb:a5:4a:ed:94:96:7c:48:f9: |
| 6f:34:d4:2f:e3:21:e8:f8:93:f0:01:ae:1c:1d:73:2a:99:fc: |
| f6:ab:0c:55:ae:9d:63:94:b8:1d:0a:0c:a7:47:4f:aa:d3:a7: |
| 69:17:4d:6c:1c:a3:c5:bd:f8:78:24:35:1d:63:8d:ca:15:d4: |
| 01:71:85:0e:7c:02:c9:5f:26:b8:55:c3:1b:63:fb:da:88:41: |
| 4c:22:6d:37 |
| -----BEGIN CERTIFICATE----- |
| MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmotEV/vQ |
| RCTWIDiqGyDMZ0AmwZgqbpXP2yw7psnmWAYBxdctOg31RZJs1xZ4WzodFvc8yZsa |
| lRf3zTB1RMS9Qu2ya+abqE4uzzYuPsPAId/tsgXKZVkSySo9vzrfXhf266h45oHH |
| 1l6sm+mqxa9v0gQISp6bAmhAs8qNXs9ITf1E/o0VGav9+34yNMmQFbKOa0qcY2iF |
| u5G7G8uLwW8GMmdNDfOaq2yA83nxrLtIKuLvr4o+hopyPt+teq2QUORlaTcmShbO |
| thGcNknahdqvX5HWp5Q6r5Zvb04Bo1EG53qrQaMXIbadpqp1/wZ7+uh3WlivHUe1 |
| yIu/wqFqTAGC1wIDAQABo4HLMIHIMB0GA1UdDgQWBBQigsBtBCxov5rAoGRcyhZD |
| CUVAszAfBgNVHSMEGDAWgBTeK9+eCHYRYZAWnWgl0vlAGzZwPTA3BggrBgEFBQcB |
| AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB |
| AGd13SEdo8HpmKi4KObE1JQjMmfYRO43zqQfa0j1jg9RoQyD0MvufyS3vOap4XWt |
| ruzgJj55hfmuKkU63GmiBmo2iZ7+3xl0P8twetF+U3fz+8S5CNxPE+M/I7mLDde1 |
| /Uw7MO72s9D8UaLwYnauuuybpckU40Cc+E847407vusJ2DT7QhsHjyqyk//zn+SE |
| C8VUK7SoZkcgKpcl/MpkEmF8KtKnn+YMUA8+vfulSu2UlnxI+W801C/jIej4k/AB |
| rhwdcyqZ/ParDFWunWOUuB0KDKdHT6rTp2kXTWwco8W9+HgkNR1jjcoV1AFxhQ58 |
| AslfJrhVwxtj+9qIQUwibTc= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:a9:86:82:11:83:72:a2:7a:5a:86:42:58:ae:80: |
| ca:dc:fd:62:f0:1a:ad:b4:1e:65:34:18:32:1b:10: |
| 3a:61:60:57:5a:41:76:35:c8:34:9c:e7:ac:dd:a8: |
| 20:60:ec:0c:bb:ca:fc:de:bb:55:b2:10:49:9e:50: |
| ef:67:d0:4c:2b:66:26:25:ac:48:fa:86:2e:86:30: |
| 66:3b:8b:d3:cd:09:d4:4c:19:e5:7e:01:f9:8d:29: |
| b3:58:09:a4:4f:c1:6f:a5:19:0d:f3:7d:22:7c:74: |
| 91:ab:b2:39:b4:6a:7a:a2:cb:99:05:d9:f2:f4:4a: |
| 39:47:25:54:2e:b7:3e:df:27:8e:b1:96:04:30:c2: |
| aa:70:46:d6:96:23:47:5f:34:40:ed:42:11:ac:51: |
| a3:d1:a0:c5:17:19:33:5c:e4:53:26:8b:a6:21:b2: |
| 87:e3:43:3f:8e:5a:04:04:62:5a:41:8d:bf:c7:c4: |
| 62:ed:bb:7a:00:9b:60:de:00:2a:5d:b2:40:af:00: |
| a2:9d:28:5a:b1:d9:5a:4d:82:e9:9c:b2:6d:54:16: |
| 95:26:cf:2e:5a:69:86:9e:40:20:d9:42:6e:3f:c7: |
| a1:1d:40:c0:19:ea:15:77:93:ce:02:b2:cb:c9:15: |
| 8a:9c:49:2b:65:07:97:bd:db:00:0d:b2:1e:bd:b3: |
| 0e:55 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| DE:2B:DF:9E:08:76:11:61:90:16:9D:68:25:D2:F9:40:1B:36:70:3D |
| X509v3 Authority Key Identifier: |
| keyid:DE:2B:DF:9E:08:76:11:61:90:16:9D:68:25:D2:F9:40:1B:36:70:3D |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 8d:82:b5:9e:ac:db:05:8b:4b:54:e9:e8:3c:67:2d:7d:e9:9b: |
| cf:ad:3e:78:a7:db:c2:68:cf:a7:df:15:88:f3:eb:60:5f:09: |
| e1:9d:e9:c7:44:19:2a:86:53:57:b6:1a:b4:dc:7f:32:eb:29: |
| 28:3b:74:fe:33:ee:fa:85:c1:0b:43:c3:3f:7a:c2:19:05:9a: |
| 27:73:43:3c:03:9f:10:dc:d1:3e:6d:b2:8c:95:d5:5b:cc:62: |
| 96:51:f8:1c:6a:4c:6c:9d:8a:47:8e:12:08:de:30:0d:b1:4f: |
| b3:f6:95:9a:fc:16:e3:5a:b2:7f:93:09:3f:e1:59:f6:60:e2: |
| 56:22:7c:24:cd:67:9f:bc:a5:c7:10:50:03:92:54:04:d7:f8: |
| 3b:a2:ae:ca:23:21:f2:90:9f:c6:66:0f:62:49:2d:aa:be:8d: |
| 3a:e3:e7:3c:0a:16:48:dc:11:e0:74:9d:11:d8:ce:98:95:7c: |
| 99:a5:7b:a5:3a:3b:3e:e9:29:dd:4a:09:88:a0:ef:6c:a1:bf: |
| 8e:46:07:01:ed:93:fd:64:c9:15:b0:8c:e5:ce:23:9b:22:b4: |
| 93:48:b4:19:04:a6:18:8b:03:11:dd:d0:3a:ff:32:62:da:c4: |
| f0:37:1a:7a:9c:ba:67:6d:bd:a0:b1:13:ea:54:58:78:8c:b8: |
| f7:91:a7:7a |
| -----BEGIN CERTIFICATE----- |
| MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKmGghGDcqJ6WoZCWK6A |
| ytz9YvAarbQeZTQYMhsQOmFgV1pBdjXINJznrN2oIGDsDLvK/N67VbIQSZ5Q72fQ |
| TCtmJiWsSPqGLoYwZjuL080J1EwZ5X4B+Y0ps1gJpE/Bb6UZDfN9Inx0kauyObRq |
| eqLLmQXZ8vRKOUclVC63Pt8njrGWBDDCqnBG1pYjR180QO1CEaxRo9GgxRcZM1zk |
| UyaLpiGyh+NDP45aBARiWkGNv8fEYu27egCbYN4AKl2yQK8Aop0oWrHZWk2C6Zyy |
| bVQWlSbPLlpphp5AINlCbj/HoR1AwBnqFXeTzgKyy8kVipxJK2UHl73bAA2yHr2z |
| DlUCAwEAAaOByzCByDAdBgNVHQ4EFgQU3ivfngh2EWGQFp1oJdL5QBs2cD0wHwYD |
| VR0jBBgwFoAU3ivfngh2EWGQFp1oJdL5QBs2cD0wNwYIKwYBBQUHAQEEKzApMCcG |
| CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCNgrWerNsF |
| i0tU6eg8Zy196ZvPrT54p9vCaM+n3xWI8+tgXwnhnenHRBkqhlNXthq03H8y6yko |
| O3T+M+76hcELQ8M/esIZBZonc0M8A58Q3NE+bbKMldVbzGKWUfgcakxsnYpHjhII |
| 3jANsU+z9pWa/BbjWrJ/kwk/4Vn2YOJWInwkzWefvKXHEFADklQE1/g7oq7KIyHy |
| kJ/GZg9iSS2qvo064+c8ChZI3BHgdJ0R2M6YlXyZpXulOjs+6SndSgmIoO9sob+O |
| RgcB7ZP9ZMkVsIzlziObIrSTSLQZBKYYiwMR3dA6/zJi2sTwNxp6nLpnbb2gsRPq |
| VFh4jLj3kad6 |
| -----END CERTIFICATE----- |
