Google Git
Sign in
chromium / chromium / src / 52939ed422f481e2970edfa57a8bf24ca3dbacb8 / . / net / data / verify_certificate_chain_unittest / constrained-non-self-signed-root.pem
blob: 07d17fee2c70aa8bcfa9114559c4a8ba3181a8f4 [file] [log] [blame]
[Created by: generate-constrained-non-self-signed-root.py]
Certificate chain with 1 intermediate and a non-self-signed trust anchor.
Verification should succeed, it doesn't matter that the root was not
self-signed if it is designated as the trust anchor.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ef:a6:fc:7a:0a:92:7b:00:d2:de:17:b1:d3:77:
c9:bb:1e:1b:fe:db:d7:5d:5e:0d:4e:be:08:c1:c9:
ed:4f:d7:40:0c:dc:ca:78:34:15:fa:ab:eb:1b:b8:
fe:c2:f9:c4:27:23:82:ec:f9:e5:69:7e:40:9d:14:
24:d4:b0:19:cf:2d:3f:88:dc:fb:59:f1:a8:91:19:
e7:b4:e9:99:0d:bf:62:f8:73:8d:8b:80:d4:84:14:
9a:3b:06:5b:81:2a:36:a0:10:b8:94:7f:c7:aa:a1:
1a:69:4e:e1:0a:00:73:f9:7e:30:e0:ca:ac:2a:09:
e3:08:ce:27:cc:08:27:8b:68:7d:fe:d8:c7:1c:38:
8f:f5:39:49:fc:6a:fa:95:45:5c:ab:c2:60:a9:e6:
25:4f:c6:66:af:61:25:3b:72:17:17:4c:43:b6:74:
13:83:7c:91:0c:f4:4a:82:fb:e2:84:6f:2a:00:e1:
7e:94:71:3d:2f:2a:16:47:22:67:a9:b5:16:4f:e1:
1f:5a:a0:2b:87:26:d0:b4:0c:6d:f9:e4:dd:32:a0:
07:c2:25:ec:89:74:0c:b0:b8:fd:1a:3d:9a:c1:ef:
7d:16:3d:c9:ef:c3:ef:71:b4:f7:a6:db:64:4c:5b:
7b:6c:1c:75:ae:94:26:28:6c:1e:b2:da:51:da:54:
32:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:9D:FF:9F:33:B6:74:1F:15:7D:7F:15:6A:7B:3C:8F:E6:C8:E3:7E
X509v3 Authority Key Identifier:
keyid:22:F5:B2:95:50:F0:FB:08:B5:6F:A0:B1:26:B1:43:CA:6A:CA:AB:AA
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
ca:c3:44:a2:1e:39:c0:77:09:a6:77:50:8a:d9:ab:5b:43:d1:
ee:12:c2:02:61:0e:2d:28:6a:af:92:2a:02:27:c6:f9:80:f5:
c1:4d:d8:35:f2:ed:16:31:3a:a1:54:65:44:e5:80:c2:9f:6d:
89:49:63:7c:93:78:55:d0:32:00:77:a1:9f:09:dc:1f:07:6e:
30:f0:9b:14:ba:60:9c:5c:62:bb:69:f2:59:c3:92:23:47:7a:
b5:5f:06:4d:61:9c:f5:5a:c1:7a:70:2b:fb:79:51:98:e4:e1:
43:8e:f0:e3:e9:8f:0a:52:59:e0:ab:26:5b:e1:a3:7c:dd:d6:
49:4d:a7:7c:8d:58:67:c2:3d:2d:b3:b9:55:02:73:cf:d8:16:
82:36:bc:7b:be:70:07:09:81:46:9a:a6:e0:51:df:3b:25:1c:
ba:40:54:5d:ad:74:26:33:f6:c2:89:6b:aa:42:f7:ba:12:0c:
16:5f:87:26:89:a2:c5:70:ee:7e:52:d3:c0:a0:0d:36:a8:5d:
26:8b:85:68:3c:8e:04:b9:05:ef:2c:9f:91:3c:17:36:95:6f:
d4:8e:51:66:9b:7d:bd:7e:24:f3:6d:d2:f0:66:1e:1a:76:50:
db:e1:26:24:ae:41:31:ea:ad:cf:68:e2:7e:d2:8c:8a:c9:11:
2f:ba:45:43
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvpvx6
CpJ7ANLeF7HTd8m7Hhv+29ddXg1OvgjBye1P10AM3Mp4NBX6q+sbuP7C+cQnI4Ls
+eVpfkCdFCTUsBnPLT+I3PtZ8aiRGee06ZkNv2L4c42LgNSEFJo7BluBKjagELiU
f8eqoRppTuEKAHP5fjDgyqwqCeMIzifMCCeLaH3+2MccOI/1OUn8avqVRVyrwmCp
5iVPxmavYSU7chcXTEO2dBODfJEM9EqC++KEbyoA4X6UcT0vKhZHImeptRZP4R9a
oCuHJtC0DG355N0yoAfCJeyJdAywuP0aPZrB730WPcnvw+9xtPem22RMW3tsHHWu
lCYobB6y2lHaVDL5AgMBAAGjgekwgeYwHQYDVR0OBBYEFMKd/58ztnQfFX1/FWp7
PI/myON+MB8GA1UdIwQYMBaAFCL1spVQ8PsItW+gsSaxQ8pqyquqMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAysNEoh45wHcJpndQitmr
W0PR7hLCAmEOLShqr5IqAifG+YD1wU3YNfLtFjE6oVRlROWAwp9tiUljfJN4VdAy
AHehnwncHwduMPCbFLpgnFxiu2nyWcOSI0d6tV8GTWGc9VrBenAr+3lRmOThQ47w
4+mPClJZ4KsmW+GjfN3WSU2nfI1YZ8I9LbO5VQJzz9gWgja8e75wBwmBRpqm4FHf
OyUcukBUXa10JjP2wolrqkL3uhIMFl+HJomixXDuflLTwKANNqhdJouFaDyOBLkF
7yyfkTwXNpVv1I5RZpt9vX4k823S8GYeGnZQ2+EmJK5BMeqtz2jiftKMiskRL7pF
Qw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:df:7c:3d:65:45:14:01:09:48:a1:8b:0c:cb:91:
7e:9c:65:f1:1b:40:dd:b7:4c:b1:ac:1b:9e:af:b5:
8a:03:59:f1:77:d4:ab:15:14:53:b5:94:fa:34:20:
f8:35:65:18:da:c5:37:f0:39:bf:f3:bc:7e:73:8a:
77:1c:db:4d:aa:f1:82:37:7c:ca:b5:f5:23:81:71:
0f:21:63:7e:73:64:85:d6:7d:77:41:69:89:5e:c2:
35:41:83:77:61:6c:03:31:aa:ad:83:dd:4b:42:b8:
20:f8:0b:ec:eb:0a:97:b7:5b:b9:d2:16:3b:f4:c2:
61:d3:93:0f:dd:be:19:13:3a:3c:e1:3d:67:47:02:
53:9d:c1:80:5c:24:e3:ba:e5:16:85:10:99:3b:72:
6a:6c:40:13:4b:d0:b4:84:2c:4d:1f:ea:50:44:00:
eb:8c:70:2d:ab:67:68:a4:15:09:9c:46:09:61:64:
3f:ba:c3:1b:d9:bf:29:84:f4:14:8a:25:fe:e2:8a:
fa:1d:ae:da:56:f8:e8:da:02:31:5a:96:c0:21:79:
3c:38:b7:0e:5d:74:c2:2d:14:16:f1:05:ca:f1:1b:
1f:df:fa:d7:33:e2:cb:a1:cf:ef:31:b5:10:eb:f8:
e8:7a:2e:9b:2f:89:3b:73:be:a8:b8:f6:66:1c:b8:
3b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F5:B2:95:50:F0:FB:08:B5:6F:A0:B1:26:B1:43:CA:6A:CA:AB:AA
X509v3 Authority Key Identifier:
keyid:F0:A1:F4:41:56:B9:33:53:7B:7C:DB:DC:AF:9B:3C:66:11:E1:DE:B3
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
8d:16:59:e5:09:e5:3b:8a:bb:cc:4d:0c:d9:17:55:49:b0:47:
3e:e2:89:82:5c:82:c2:8a:78:b5:09:3a:a0:9d:27:4e:60:40:
16:f6:88:17:95:8d:88:ee:64:af:13:df:a9:6d:24:75:27:a2:
15:bb:de:0c:fc:c6:16:f2:55:cc:61:e2:12:92:d9:8f:2d:7a:
f5:0d:c4:8d:6b:2b:1a:2f:82:52:b3:9c:ac:cb:40:b7:73:39:
60:a0:a1:0b:23:40:fb:cb:d1:86:84:76:17:ad:cd:05:24:e2:
81:ce:65:d7:56:34:a4:62:19:e1:a2:2d:ce:ac:36:41:d3:33:
a3:58:ea:6e:88:0d:43:38:fe:44:cd:36:b9:10:69:6c:21:2d:
2e:ee:5d:96:db:86:7d:42:72:de:42:36:65:e1:f1:0b:e3:b3:
c2:42:d9:93:6d:b7:e8:41:b3:12:0a:91:f1:9b:40:01:ae:a7:
24:3b:df:6b:35:5a:f2:86:92:c2:31:7f:f5:e8:31:cb:75:54:
a6:57:fd:f7:bb:6b:79:ba:ea:77:3a:b9:20:3b:16:89:1a:21:
00:4f:ee:23:47:43:50:58:d5:cc:a7:70:01:a3:02:ce:a6:b0:
be:5f:ce:7f:12:7c:f2:09:0f:15:a5:5e:10:ed:0d:42:05:49:
1a:25:df:22
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33w9ZUUU
AQlIoYsMy5F+nGXxG0Ddt0yxrBuer7WKA1nxd9SrFRRTtZT6NCD4NWUY2sU38Dm/
87x+c4p3HNtNqvGCN3zKtfUjgXEPIWN+c2SF1n13QWmJXsI1QYN3YWwDMaqtg91L
Qrgg+Avs6wqXt1u50hY79MJh05MP3b4ZEzo84T1nRwJTncGAXCTjuuUWhRCZO3Jq
bEATS9C0hCxNH+pQRADrjHAtq2dopBUJnEYJYWQ/usMb2b8phPQUiiX+4or6Ha7a
Vvjo2gIxWpbAIXk8OLcOXXTCLRQW8QXK8Rsf3/rXM+LLoc/vMbUQ6/joei6bL4k7
c76ouPZmHLg78wIDAQABo4HLMIHIMB0GA1UdDgQWBBQi9bKVUPD7CLVvoLEmsUPK
asqrqjAfBgNVHSMEGDAWgBTwofRBVrkzU3t829yvmzxmEeHeszA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AI0WWeUJ5TuKu8xNDNkXVUmwRz7iiYJcgsKKeLUJOqCdJ05gQBb2iBeVjYjuZK8T
36ltJHUnohW73gz8xhbyVcxh4hKS2Y8tevUNxI1rKxovglKznKzLQLdzOWCgoQsj
QPvL0YaEdhetzQUk4oHOZddWNKRiGeGiLc6sNkHTM6NY6m6IDUM4/kTNNrkQaWwh
LS7uXZbbhn1Cct5CNmXh8Qvjs8JC2ZNtt+hBsxIKkfGbQAGupyQ732s1WvKGksIx
f/XoMct1VKZX/fe7a3m66nc6uSA7FokaIQBP7iNHQ1BY1cyncAGjAs6msL5fzn8S
fPIJDxWlXhDtDUIFSRol3yI=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=UberRoot
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:f3:dc:12:03:cd:db:fd:7e:72:7d:ec:23:30:07:
d3:f6:13:be:72:df:82:73:3f:bb:ea:c9:93:e6:74:
99:81:e2:dd:a0:00:5a:c6:43:6e:fa:79:00:36:fe:
d7:d8:6a:5d:8f:0a:19:53:3c:aa:b5:9f:0d:6c:8a:
23:ae:04:da:f3:f0:23:f2:b2:7b:ab:cc:d1:d7:b6:
d9:7a:3a:e3:2a:b9:ca:d5:42:3c:be:66:83:8a:2e:
0c:53:6c:10:e9:ce:5e:f7:4f:83:f7:c4:32:7b:b7:
33:ff:b1:89:09:39:fd:f4:7b:98:f5:02:8a:5b:9c:
89:04:07:0f:8e:72:13:f1:33:a1:ae:6c:92:51:a8:
07:87:df:32:c9:4b:86:f5:8a:cf:b1:ac:04:17:b1:
6b:09:41:17:51:01:78:c9:4a:b8:3d:31:5c:f1:97:
36:6d:3c:99:cf:66:b2:8b:22:b1:04:66:de:9b:cb:
1c:d7:75:28:75:9f:97:f5:46:e0:53:6a:9c:4e:26:
19:5a:2d:2d:6b:cb:dd:37:6b:08:cd:0d:de:df:6c:
cd:1d:81:8b:e8:35:de:2b:16:c1:e5:f8:58:41:5c:
65:38:d8:c1:e4:b7:df:b1:ad:79:e0:c5:05:a5:9a:
54:25:41:33:61:6e:5c:4b:1b:08:07:25:ce:c0:84:
1a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A1:F4:41:56:B9:33:53:7B:7C:DB:DC:AF:9B:3C:66:11:E1:DE:B3
X509v3 Authority Key Identifier:
keyid:24:E4:04:3C:15:03:89:2D:99:71:16:0F:70:8E:32:24:76:BD:99:C6
Authority Information Access:
CA Issuers - URI:http://url-for-aia/UberRoot.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/UberRoot.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
94:82:81:b0:49:b8:87:5c:c1:eb:62:24:0b:3c:de:26:15:28:
2a:1a:5c:c7:e7:61:85:46:48:df:5c:2c:a2:d0:3e:ca:2e:8c:
6a:fd:3b:4d:58:52:72:58:c1:d9:10:0c:1f:af:ac:40:38:c7:
60:67:8e:14:6b:f9:7a:cb:1c:e0:b6:58:b2:32:f0:c3:2e:c7:
26:af:08:7f:06:42:ec:99:3a:dc:71:2b:cf:35:5f:45:c2:39:
4c:1a:ab:86:99:1f:68:08:94:45:20:eb:49:28:06:a7:b1:69:
5d:0c:da:dc:79:99:b4:46:eb:6c:b5:a9:d2:15:ce:1a:2f:e7:
53:0f:6c:7f:67:a2:f9:63:34:f6:a0:22:7c:fb:31:0b:aa:5c:
02:39:17:9e:c1:60:b7:06:3f:a6:9c:2f:6c:ef:56:36:be:b9:
45:a4:d2:e5:a5:8f:c1:28:0b:1f:e2:c1:8f:29:40:10:86:e5:
f5:12:e5:f7:33:7f:ae:a4:3c:11:2e:03:be:0f:5f:4a:25:83:
d4:28:6a:e5:a8:04:a3:dd:f5:3f:6b:12:ee:45:84:19:32:5e:
ea:32:0c:96:f3:cb:a8:b6:15:d5:0c:99:00:ed:68:84:ef:8b:
d3:86:74:b0:ee:70:60:0e:65:43:62:59:54:b3:26:6b:a7:d0:
3f:71:57:2f
-----BEGIN TRUST_ANCHOR_CONSTRAINED-----
MIIDcTCCAlmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhVYmVy
Um9vdDAeFw0xNTAxMDExMjAwMDBaFw0xNjAxMDExMjAwMDBaMA8xDTALBgNVBAMM
BFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz3BIDzdv9fnJ9
7CMwB9P2E75y34JzP7vqyZPmdJmB4t2gAFrGQ276eQA2/tfYal2PChlTPKq1nw1s
iiOuBNrz8CPysnurzNHXttl6OuMqucrVQjy+ZoOKLgxTbBDpzl73T4P3xDJ7tzP/
sYkJOf30e5j1AopbnIkEBw+OchPxM6GubJJRqAeH3zLJS4b1is+xrAQXsWsJQRdR
AXjJSrg9MVzxlzZtPJnPZrKLIrEEZt6byxzXdSh1n5f1RuBTapxOJhlaLS1ry903
awjNDd7fbM0dgYvoNd4rFsHl+FhBXGU42MHkt9+xrXngxQWlmlQlQTNhblxLGwgH
Jc7AhBpXAgMBAAGjgdMwgdAwHQYDVR0OBBYEFPCh9EFWuTNTe3zb3K+bPGYR4d6z
MB8GA1UdIwQYMBaAFCTkBDwVA4ktmXEWD3COMiR2vZnGMDsGCCsGAQUFBwEBBC8w
LTArBggrBgEFBQcwAoYfaHR0cDovL3VybC1mb3ItYWlhL1ViZXJSb290LmNlcjAw
BgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vdXJsLWZvci1jcmwvVWJlclJvb3QuY3Js
MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
A4IBAQCUgoGwSbiHXMHrYiQLPN4mFSgqGlzH52GFRkjfXCyi0D7KLoxq/TtNWFJy
WMHZEAwfr6xAOMdgZ44Ua/l6yxzgtliyMvDDLscmrwh/BkLsmTrccSvPNV9FwjlM
GquGmR9oCJRFIOtJKAansWldDNrceZm0RutstanSFc4aL+dTD2x/Z6L5YzT2oCJ8
+zELqlwCOReewWC3Bj+mnC9s71Y2vrlFpNLlpY/BKAsf4sGPKUAQhuX1EuX3M3+u
pDwRLgO+D19KJYPUKGrlqASj3fU/axLuRYQZMl7qMgyW88uothXVDJkA7WiE74vT
hnSw7nBgDmVDYllUsyZrp9A/cVcv
-----END TRUST_ANCHOR_CONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
SUCCESS
-----BEGIN VERIFY_RESULT-----
U1VDQ0VTUw==
-----END VERIFY_RESULT-----
serverAuth
-----BEGIN KEY_PURPOSE-----
c2VydmVyQXV0aA==
-----END KEY_PURPOSE-----