| [Created by: generate-chains.py] |
| |
| Certificate chain where the root certificate restricts the extended key |
| usage to clientAuth. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 77:30:29:4c:98:1d:55:e4:df:5e:92:14:f6:68:26:ef:11:01:dd:15 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Mar 10 12:00:00 2018 GMT |
| Not After : Jan 1 12:00:00 2021 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:c0:64:a7:01:b2:83:6c:47:bc:2d:30:01:f9:43: |
| 8c:fc:cc:6b:7c:a4:c7:1c:78:fa:a8:8c:be:1e:9a: |
| 72:d0:34:1a:56:80:67:67:76:48:8a:9f:c5:3a:68: |
| 9e:53:c2:35:ce:69:7e:4f:d5:c4:fb:0b:91:3c:af: |
| 00:26:f4:bf:77:ca:cd:ec:87:f9:6e:05:9b:0c:93: |
| 1b:f2:6e:c8:10:32:4e:7b:51:1c:22:77:4c:b8:a3: |
| bd:d6:dc:95:29:9b:4b:b5:d9:ce:ae:91:d8:05:c5: |
| c5:bf:4a:9c:b7:94:db:d5:a5:e6:b1:44:e1:02:4a: |
| 1a:dc:21:e5:e6:a6:ba:54:2e:2c:3f:40:f5:fd:5c: |
| 79:dd:55:6d:9e:e2:ab:db:3c:67:b4:84:db:ba:86: |
| fd:a0:b5:d8:8b:d0:b8:bc:8b:77:e9:32:31:51:68: |
| ee:18:17:09:e2:f1:27:79:ca:3c:72:a8:f3:96:25: |
| 31:24:3a:05:53:d4:89:0a:48:7a:9c:2d:6d:6a:84: |
| 97:df:34:c9:22:7f:d5:05:f2:2c:91:e9:c4:7f:ab: |
| d0:ae:76:22:64:ae:be:e2:7f:97:08:ec:86:8a:92: |
| bf:57:f0:22:f7:91:ff:86:17:62:92:e3:80:8b:19: |
| 84:14:60:19:00:91:d6:fe:51:96:77:5b:22:0d:32: |
| 50:07 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| E8:27:22:F1:C3:94:E3:48:C4:4C:45:0D:D6:4E:1C:6E:CF:9D:1B:1B |
| X509v3 Authority Key Identifier: |
| keyid:8F:7C:F8:3A:27:33:C2:AB:96:9E:BD:0F:68:E0:C9:58:BB:0B:7C:F2 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 5b:e5:cc:71:8f:57:35:bf:74:af:41:03:f8:84:59:d3:82:a2: |
| 60:7e:f1:2c:75:2c:ab:de:c6:f0:78:e5:56:de:08:37:4a:94: |
| fe:86:dd:ff:24:8f:29:58:63:98:79:38:e1:7a:14:80:00:14: |
| d3:e2:3d:06:4c:ef:e4:ff:fd:3c:a5:50:39:f2:5d:9f:93:93: |
| c0:79:12:d2:6f:7b:b2:2d:43:1f:14:80:52:18:81:02:2f:b8: |
| 43:85:fe:69:b0:ff:e2:34:e1:31:6e:6f:4d:32:f3:ea:fd:2b: |
| 52:8c:e0:8f:d8:f6:89:d1:e6:bd:3a:68:91:23:3c:0f:84:d8: |
| 32:a4:4a:6c:3e:f1:e0:eb:0e:76:c2:68:bc:2a:82:aa:01:e9: |
| a1:fa:8d:14:1b:24:61:78:80:1c:5e:ea:af:a1:58:fd:e7:40: |
| a7:57:24:92:82:b8:d6:72:96:8c:9d:d5:19:fb:e3:dc:ee:1f: |
| 5f:7a:69:27:43:bc:0c:61:d8:65:08:42:f7:72:fb:1f:b8:d9: |
| d5:1e:18:e4:a9:7d:fb:96:65:25:27:14:45:92:2d:32:e2:50: |
| 1e:42:2a:7c:78:44:08:a8:e4:58:1e:ed:86:1c:6f:5a:20:45: |
| 55:ac:43:f5:40:d6:2c:a2:a9:12:90:7d:8e:d9:2e:1a:06:a8: |
| 9d:0e:cd:69 |
| -----BEGIN CERTIFICATE----- |
| MIIDoDCCAoigAwIBAgIUdzApTJgdVeTfXpIU9mgm7xEB3RUwDQYJKoZIhvcNAQEL |
| BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTE4MDMxMDEyMDAwMFoXDTIx |
| MDEwMTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF |
| AAOCAQ8AMIIBCgKCAQEAwGSnAbKDbEe8LTAB+UOM/MxrfKTHHHj6qIy+Hppy0DQa |
| VoBnZ3ZIip/FOmieU8I1zml+T9XE+wuRPK8AJvS/d8rN7If5bgWbDJMb8m7IEDJO |
| e1EcIndMuKO91tyVKZtLtdnOrpHYBcXFv0qct5Tb1aXmsUThAkoa3CHl5qa6VC4s |
| P0D1/Vx53VVtnuKr2zxntITbuob9oLXYi9C4vIt36TIxUWjuGBcJ4vEneco8cqjz |
| liUxJDoFU9SJCkh6nC1taoSX3zTJIn/VBfIskenEf6vQrnYiZK6+4n+XCOyGipK/ |
| V/Ai95H/hhdikuOAixmEFGAZAJHW/lGWd1siDTJQBwIDAQABo4HpMIHmMB0GA1Ud |
| DgQWBBToJyLxw5TjSMRMRQ3WThxuz50bGzAfBgNVHSMEGDAWgBSPfPg6JzPCq5ae |
| vQ9o4MlYuwt88jA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91 |
| cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0 |
| dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF |
| oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD |
| ggEBAFvlzHGPVzW/dK9BA/iEWdOComB+8Sx1LKvexvB45VbeCDdKlP6G3f8kjylY |
| Y5h5OOF6FIAAFNPiPQZM7+T//TylUDnyXZ+Tk8B5EtJve7ItQx8UgFIYgQIvuEOF |
| /mmw/+I04TFub00y8+r9K1KM4I/Y9onR5r06aJEjPA+E2DKkSmw+8eDrDnbCaLwq |
| gqoB6aH6jRQbJGF4gBxe6q+hWP3nQKdXJJKCuNZyloyd1Rn749zuH196aSdDvAxh |
| 2GUIQvdy+x+42dUeGOSpffuWZSUnFEWSLTLiUB5CKnx4RAio5Fge7YYcb1ogRVWs |
| Q/VA1iyiqRKQfY7ZLhoGqJ0OzWk= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 08:cf:d3:d1:65:21:cc:44:8a:0a:5d:79:88:07:16:54:c3:1f:d8:66 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Mar 10 12:00:00 2018 GMT |
| Not After : Jan 1 12:00:00 2021 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:a8:e7:5f:fa:d0:9d:f1:e1:e4:87:7f:62:7e:1c: |
| 89:02:66:64:9e:d5:a0:81:f3:65:68:d7:8d:02:37: |
| 99:da:e8:85:00:51:b4:69:e9:57:29:09:51:c2:78: |
| c8:ee:bb:87:62:4a:a8:46:c3:d4:06:e5:f0:c2:33: |
| 68:13:f7:55:c5:44:42:14:1e:d7:65:a4:a1:b6:67: |
| 38:e0:c2:72:65:ee:ad:f5:94:34:93:4f:e9:d8:a5: |
| 93:98:05:34:e5:f6:0f:3b:71:84:39:71:9b:b6:10: |
| 47:37:ef:87:d2:98:29:a4:f1:18:e7:f4:3b:52:af: |
| 34:b1:39:34:9a:49:b4:7a:ed:21:2c:60:b2:01:e8: |
| cb:b6:ad:f8:00:95:85:a9:87:91:90:05:54:0b:2e: |
| 9d:4c:79:c4:c8:6d:72:ab:23:5b:d0:2b:90:3c:5b: |
| 53:ed:da:56:39:38:37:45:43:17:3d:81:d5:49:97: |
| 23:88:83:9f:bf:86:8d:52:af:3d:86:45:f1:1e:e8: |
| dd:8f:4f:fe:da:b5:35:cb:e0:02:ba:8e:6b:61:4a: |
| f2:c6:5d:d7:02:95:71:23:9e:7b:99:96:cf:ac:df: |
| 20:2a:2d:fe:0c:42:72:c6:b8:c3:81:81:3e:a0:8d: |
| 62:41:17:14:f5:24:67:f1:6c:af:c6:0c:94:09:fb: |
| 56:07 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 8F:7C:F8:3A:27:33:C2:AB:96:9E:BD:0F:68:E0:C9:58:BB:0B:7C:F2 |
| X509v3 Authority Key Identifier: |
| keyid:91:69:0D:94:34:B5:BA:AF:F1:DD:99:22:88:15:2B:83:B1:37:B2:54 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 16:5f:f2:84:13:2c:1b:3f:21:b7:6c:e7:3a:7a:51:c7:f9:aa: |
| 32:50:31:0c:00:1e:08:6d:5d:a6:da:77:cf:39:a5:ba:88:fc: |
| f0:29:0d:58:de:04:05:06:6d:05:b8:aa:0f:71:a0:55:25:9d: |
| 8c:dc:b4:40:ec:68:6a:0d:f8:52:71:db:02:12:a5:c8:91:cb: |
| 68:fd:07:6d:69:d3:ac:74:9e:c5:71:26:66:c7:c6:95:1d:a2: |
| 59:41:6f:70:b6:ca:d9:64:52:38:5e:d0:de:c7:2d:d8:8c:8e: |
| 35:39:8e:e4:33:ee:8c:d7:4b:56:a6:e8:2a:18:46:2e:e4:af: |
| ff:7d:19:6b:ca:14:8a:63:8b:10:b2:05:b2:b0:e0:d2:bb:c5: |
| 2c:91:b0:82:24:4d:9f:21:24:36:f5:75:b9:28:8d:46:5f:8f: |
| 8e:80:98:57:10:b3:50:61:80:4a:36:5b:f1:a7:8b:8b:74:f9: |
| 58:39:7c:4e:7f:9d:e7:41:6a:f0:1f:89:5c:68:4d:64:dd:47: |
| 7b:f6:fb:f6:92:e4:ae:ff:ca:90:89:b7:f8:e7:cf:97:2b:78: |
| 09:4c:1d:50:73:09:0d:0f:a9:e3:34:82:4d:59:73:f8:93:5d: |
| 6a:bf:e1:dc:1a:df:39:c4:9b:d9:40:d1:e8:44:c8:ce:5b:01: |
| 43:9e:82:d5 |
| -----BEGIN CERTIFICATE----- |
| MIIDgDCCAmigAwIBAgIUCM/T0WUhzESKCl15iAcWVMMf2GYwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw |
| MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD |
| ggEPADCCAQoCggEBAKjnX/rQnfHh5Id/Yn4ciQJmZJ7VoIHzZWjXjQI3mdrohQBR |
| tGnpVykJUcJ4yO67h2JKqEbD1Abl8MIzaBP3VcVEQhQe12WkobZnOODCcmXurfWU |
| NJNP6dilk5gFNOX2DztxhDlxm7YQRzfvh9KYKaTxGOf0O1KvNLE5NJpJtHrtISxg |
| sgHoy7at+ACVhamHkZAFVAsunUx5xMhtcqsjW9ArkDxbU+3aVjk4N0VDFz2B1UmX |
| I4iDn7+GjVKvPYZF8R7o3Y9P/tq1NcvgArqOa2FK8sZd1wKVcSOee5mWz6zfICot |
| /gxCcsa4w4GBPqCNYkEXFPUkZ/Fsr8YMlAn7VgcCAwEAAaOByzCByDAdBgNVHQ4E |
| FgQUj3z4OiczwquWnr0PaODJWLsLfPIwHwYDVR0jBBgwFoAUkWkNlDS1uq/x3Zki |
| iBUrg7E3slQwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs |
| LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m |
| b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ |
| MA0GCSqGSIb3DQEBCwUAA4IBAQAWX/KEEywbPyG3bOc6elHH+aoyUDEMAB4IbV2m |
| 2nfPOaW6iPzwKQ1Y3gQFBm0FuKoPcaBVJZ2M3LRA7GhqDfhScdsCEqXIkcto/Qdt |
| adOsdJ7FcSZmx8aVHaJZQW9wtsrZZFI4XtDexy3YjI41OY7kM+6M10tWpugqGEYu |
| 5K//fRlryhSKY4sQsgWysODSu8UskbCCJE2fISQ29XW5KI1GX4+OgJhXELNQYYBK |
| Nlvxp4uLdPlYOXxOf53nQWrwH4lcaE1k3Ud79vv2kuSu/8qQibf458+XK3gJTB1Q |
| cwkND6njNIJNWXP4k11qv+HcGt85xJvZQNHoRMjOWwFDnoLV |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 08:cf:d3:d1:65:21:cc:44:8a:0a:5d:79:88:07:16:54:c3:1f:d8:65 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Mar 10 12:00:00 2018 GMT |
| Not After : Jan 1 12:00:00 2021 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:af:9d:d7:d1:a5:91:6e:5d:17:d4:89:85:95:b8: |
| cf:e3:e3:fb:94:dd:cc:c0:99:59:24:ac:c0:4d:cc: |
| 4b:37:88:38:3c:a1:60:06:96:8d:1b:6b:e7:2b:b8: |
| 71:9e:54:4b:cd:c4:4d:93:b6:3b:3f:7a:a2:c6:3b: |
| ea:9f:36:8d:e5:b0:0f:9e:27:58:7c:f8:fb:6f:e8: |
| ae:0c:bb:69:02:60:21:d1:bd:dc:e1:33:23:8d:c5: |
| 5f:dc:ff:33:71:95:98:77:07:69:c0:71:2a:bf:62: |
| eb:b6:e5:cc:2e:3a:98:1c:7b:a4:a7:cb:ba:e5:ab: |
| 22:32:fb:d5:03:1a:03:b7:d1:9f:d9:56:69:ae:b1: |
| 51:e7:8d:06:ca:2a:f9:25:43:af:92:a1:f7:40:60: |
| 85:5a:33:67:2a:62:ad:6e:4a:9a:02:1b:c4:e3:89: |
| 38:d3:06:eb:a3:8c:ce:a8:c8:49:5a:4e:08:b2:7e: |
| 00:16:92:60:4b:ff:77:2d:53:e7:2c:f3:2c:51:b3: |
| 16:87:67:28:43:10:d3:6c:d6:c2:96:97:a3:c8:8e: |
| 0b:ae:f1:56:13:bb:1b:ca:7f:2d:59:cc:37:fc:47: |
| 9d:f7:c9:0a:66:19:87:3d:13:66:50:0b:52:0d:13: |
| 33:6c:0b:fc:fb:88:cf:34:7b:9f:6f:6e:7e:36:ac: |
| ec:39 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 91:69:0D:94:34:B5:BA:AF:F1:DD:99:22:88:15:2B:83:B1:37:B2:54 |
| X509v3 Authority Key Identifier: |
| keyid:91:69:0D:94:34:B5:BA:AF:F1:DD:99:22:88:15:2B:83:B1:37:B2:54 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| X509v3 Extended Key Usage: |
| TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 04:9c:e7:fd:47:05:69:a0:59:94:ce:13:97:e4:4e:f9:47:09: |
| a2:12:04:51:37:b5:d8:3d:0c:7e:4b:29:23:a7:b1:07:7e:56: |
| 6a:aa:b5:9c:6f:f4:bd:7a:d5:43:b9:ed:c7:34:e2:3a:cb:7b: |
| a5:aa:02:ab:d6:f7:a0:3f:03:03:9c:94:ee:52:52:06:04:10: |
| 37:f3:cb:83:b9:34:bb:1e:fc:08:1d:c4:99:95:5e:08:9b:d9: |
| 1f:a1:2b:d1:3b:81:ea:65:6e:7f:a8:d8:55:d2:af:3b:6c:0a: |
| 8a:60:60:75:89:50:88:d4:e3:36:88:0b:f0:56:50:91:7b:75: |
| 78:f3:6f:b6:80:57:25:a3:97:01:44:14:9f:47:be:b2:eb:12: |
| 5b:4b:58:d4:65:fd:a1:6d:9a:10:2f:be:b9:10:58:18:9a:c5: |
| fb:4a:10:ab:d7:b9:6d:65:92:e4:3c:31:07:eb:c9:d5:40:69: |
| cb:f7:88:d3:01:9e:f0:3e:35:aa:4e:40:59:65:3a:54:fb:eb: |
| a3:ea:ca:8a:ad:03:5c:5c:8b:82:86:b1:8f:e1:34:ba:24:12: |
| c3:7c:5d:da:86:87:31:13:d4:35:cf:c3:4d:59:7f:8d:d9:56: |
| 68:17:20:7f:ec:57:98:a4:f8:53:54:c5:43:26:33:69:21:76: |
| 72:e9:e7:f5 |
| -----BEGIN CERTIFICATE----- |
| MIIDjTCCAnWgAwIBAgIUCM/T0WUhzESKCl15iAcWVMMf2GUwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw |
| MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK |
| AoIBAQCvndfRpZFuXRfUiYWVuM/j4/uU3czAmVkkrMBNzEs3iDg8oWAGlo0ba+cr |
| uHGeVEvNxE2Ttjs/eqLGO+qfNo3lsA+eJ1h8+Ptv6K4Mu2kCYCHRvdzhMyONxV/c |
| /zNxlZh3B2nAcSq/Yuu25cwuOpgce6Sny7rlqyIy+9UDGgO30Z/ZVmmusVHnjQbK |
| KvklQ6+SofdAYIVaM2cqYq1uSpoCG8TjiTjTBuujjM6oyElaTgiyfgAWkmBL/3ct |
| U+cs8yxRsxaHZyhDENNs1sKWl6PIjguu8VYTuxvKfy1ZzDf8R533yQpmGYc9E2ZQ |
| C1INEzNsC/z7iM80e59vbn42rOw5AgMBAAGjgeAwgd0wHQYDVR0OBBYEFJFpDZQ0 |
| tbqv8d2ZIogVK4OxN7JUMB8GA1UdIwQYMBaAFJFpDZQ0tbqv8d2ZIogVK4OxN7JU |
| MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh |
| L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S |
| b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zATBgNVHSUE |
| DDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEABJzn/UcFaaBZlM4Tl+RO |
| +UcJohIEUTe12D0MfkspI6exB35Waqq1nG/0vXrVQ7ntxzTiOst7paoCq9b3oD8D |
| A5yU7lJSBgQQN/PLg7k0ux78CB3EmZVeCJvZH6Er0TuB6mVuf6jYVdKvO2wKimBg |
| dYlQiNTjNogL8FZQkXt1ePNvtoBXJaOXAUQUn0e+susSW0tY1GX9oW2aEC++uRBY |
| GJrF+0oQq9e5bWWS5DwxB+vJ1UBpy/eI0wGe8D41qk5AWWU6VPvro+rKiq0DXFyL |
| goaxj+E0uiQSw3xd2oaHMRPUNc/DTVl/jdlWaBcgf+xXmKT4U1TFQyYzaSF2cunn |
| 9Q== |
| -----END CERTIFICATE----- |
