blob: 5e9ffcf751b272ba20a687b8db57d1ef4f59cb5a [file] [log] [blame]
[Created by: generate-expired-root.py]
Certificate chain with 1 intermediary, where the root certificate is expired
(violates validity.notAfter). Verification is expected to fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediary
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c2:5a:d7:49:58:e0:e3:06:4c:d0:8d:83:ad:7a:
ff:86:7c:0e:00:26:64:44:8a:cb:38:bd:95:8e:b1:
7f:7c:48:7f:02:ef:7d:f9:b4:76:76:eb:5a:1d:71:
99:3a:c8:66:1a:c8:fb:24:d3:e8:9c:af:3b:5c:b5:
10:f0:32:7c:46:87:9a:3f:f6:57:6a:45:5c:18:6e:
92:54:54:16:4e:17:79:1c:a1:05:7c:21:3c:dc:89:
23:5d:aa:f9:1e:a1:8c:9b:9f:d7:a0:f3:c3:23:f0:
f4:b5:12:ac:d3:57:cb:bb:f9:8e:0d:d8:e9:d5:bd:
71:2b:3e:38:d1:fe:f0:17:cb:f0:ce:23:8f:8a:ee:
56:4d:94:18:31:c3:1d:74:07:57:a4:f7:07:e8:b3:
a4:60:53:38:96:83:f7:59:cf:03:f9:38:3c:35:87:
6a:71:92:8a:1b:4f:7e:f0:49:76:ba:65:42:87:fe:
b2:21:e1:17:d6:98:50:36:5a:7f:fe:8d:f6:bf:ab:
46:63:fc:57:e8:57:c5:90:9b:27:07:30:fa:26:1d:
13:eb:f2:e1:b0:99:f9:55:39:76:0f:ca:a4:31:85:
c6:62:df:53:cd:3e:df:bf:83:1d:a9:07:b1:a2:8a:
be:43:f2:05:1e:f9:ca:28:2e:81:39:fa:2c:74:c5:
7c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B3:FA:87:AB:1D:54:2D:2B:B8:C4:5D:33:57:C5:52:F4:15:B8:20
X509v3 Authority Key Identifier:
keyid:ED:CC:99:FA:9D:D2:85:7E:0E:02:42:8E:72:48:C3:F4:29:4B:95:D2
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediary.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediary.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
42:13:4f:10:c0:69:c9:ad:88:94:2d:df:24:e6:47:6c:d3:07:
33:75:77:ba:c8:40:f4:28:1f:7a:0a:49:14:93:5f:d7:6e:91:
49:22:a3:cb:f0:52:f9:d6:22:90:ef:62:79:3d:cc:e5:2f:d0:
c9:c3:0e:b0:54:06:6c:31:7e:f3:9e:48:be:02:c8:f3:60:cb:
d7:5b:65:f6:82:41:fa:b4:19:34:e2:82:9c:0a:02:ee:ec:2a:
53:6d:25:49:19:9a:ce:1a:6c:c4:49:e2:3b:08:fb:6f:05:00:
65:d6:64:29:a9:c5:9f:83:27:af:49:a8:b8:14:de:e0:43:c6:
b4:c2:ad:49:55:d5:58:42:50:cb:20:54:df:1e:9b:0a:9d:d3:
a0:85:4d:a2:5c:cb:07:24:1c:f0:91:d2:89:54:d1:69:7a:68:
05:6a:3c:80:00:e5:7d:6d:9a:0b:37:0d:d0:6b:5e:61:d4:04:
37:73:41:ae:48:10:0a:3b:b1:d4:67:31:19:19:43:d2:22:f4:
29:72:cd:8d:97:5b:f8:11:09:5b:32:07:56:fb:f4:d7:66:cc:
72:e4:db:f6:1d:53:70:0e:bf:4c:c2:0f:61:07:a9:f3:1d:5f:
03:f9:1e:9c:96:f6:49:1a:b8:51:1d:16:22:1a:f5:2b:ac:da:
ce:5a:a6:38
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCWtdJ
WODjBkzQjYOtev+GfA4AJmREiss4vZWOsX98SH8C7335tHZ261odcZk6yGYayPsk
0+icrztctRDwMnxGh5o/9ldqRVwYbpJUVBZOF3kcoQV8ITzciSNdqvkeoYybn9eg
88Mj8PS1EqzTV8u7+Y4N2OnVvXErPjjR/vAXy/DOI4+K7lZNlBgxwx10B1ek9wfo
s6RgUziWg/dZzwP5ODw1h2pxkoobT37wSXa6ZUKH/rIh4RfWmFA2Wn/+jfa/q0Zj
/FfoV8WQmycHMPomHRPr8uGwmflVOXYPyqQxhcZi31PNPt+/gx2pB7Giir5D8gUe
+cooLoE5+ix0xXyxAgMBAAGjgekwgeYwHQYDVR0OBBYEFBSz+oerHVQtK7jEXTNX
xVL0FbggMB8GA1UdIwQYMBaAFO3Mmfqd0oV+DgJCjnJIw/QpS5XSMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAQhNPEMBpya2IlC3fJOZH
bNMHM3V3ushA9CgfegpJFJNf126RSSKjy/BS+dYikO9ieT3M5S/QycMOsFQGbDF+
855IvgLI82DL11tl9oJB+rQZNOKCnAoC7uwqU20lSRmazhpsxEniOwj7bwUAZdZk
KanFn4Mnr0mouBTe4EPGtMKtSVXVWEJQyyBU3x6bCp3ToIVNolzLByQc8JHSiVTR
aXpoBWo8gADlfW2aCzcN0GteYdQEN3NBrkgQCjux1GcxGRlD0iL0KXLNjZdb+BEJ
WzIHVvv012bMcuTb9h1TcA6/TMIPYQep8x1fA/kenJb2SRq4UR0WIhr1K6zazlqm
OA==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediary
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b0:4e:34:a2:37:40:52:cd:58:5e:d8:18:40:f2:
23:9e:a8:78:10:18:db:5b:87:a3:e2:e3:c8:a5:50:
b7:c3:1c:fa:e5:77:7f:93:b3:44:2a:90:60:39:81:
a4:c4:63:e0:3d:8a:d8:36:c8:5d:df:04:01:c1:f1:
b5:65:12:3d:f5:22:f9:f5:ff:c5:60:2a:48:39:90:
69:df:08:9f:bc:07:6c:c6:ab:3f:e4:2d:05:b5:b3:
11:9e:4d:5a:8d:3c:64:3f:1e:7d:df:05:1c:e2:e4:
b7:d9:42:36:cb:86:df:53:2a:ea:51:2b:53:f8:3a:
07:5a:08:8b:df:fb:9d:2f:1f:94:a9:fb:07:93:87:
20:ee:e6:ae:d9:a5:2e:1a:eb:d9:67:0e:ce:8f:7e:
0b:be:3a:ca:b2:9c:40:38:54:5c:35:99:ac:07:12:
3e:00:a3:39:07:76:e1:fa:df:7b:81:59:0b:a3:8e:
4e:42:b7:1e:09:04:e2:0c:ea:eb:d5:c0:da:dd:6f:
f0:6e:6a:34:2a:38:ae:4f:b4:f3:4f:06:17:c3:83:
0a:66:e8:c6:8a:54:71:86:0b:8b:39:3b:73:07:d2:
0b:dc:4c:86:79:da:86:44:25:3d:dc:f1:38:eb:22:
ce:92:df:8b:9b:ff:47:eb:7a:28:0a:91:cd:ba:30:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:CC:99:FA:9D:D2:85:7E:0E:02:42:8E:72:48:C3:F4:29:4B:95:D2
X509v3 Authority Key Identifier:
keyid:62:81:A1:85:84:13:F2:70:79:BD:48:5B:29:88:E0:F1:27:35:41:F7
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
02:82:8b:cf:81:89:f2:15:d3:a7:a6:30:c8:2a:c8:32:c5:95:
7c:18:60:2e:51:48:c5:26:47:b8:5e:49:17:b4:aa:87:f7:8b:
22:73:2a:81:20:1d:1c:54:b7:7b:91:e1:48:40:7a:19:13:05:
05:6e:e4:21:75:d7:a7:a0:54:bf:da:18:a1:52:08:95:0a:c5:
e0:36:f3:6d:ab:ed:21:69:e1:e7:4d:8f:85:85:22:ac:7b:b3:
7f:3f:1a:7e:44:be:06:ee:0b:f5:89:53:e3:d1:fa:f7:51:00:
7c:61:d2:5e:48:ab:4c:bb:47:03:a2:d4:6a:78:02:7e:33:5a:
b9:7c:14:12:5a:c2:bb:66:91:4f:21:cb:c0:b7:80:72:4b:28:
6c:d9:7b:02:fa:04:26:f2:de:2a:54:7d:69:89:88:f3:b9:10:
ab:0a:07:fa:f8:7c:1e:bb:45:0f:4f:de:2e:36:3e:a4:63:b0:
71:a1:be:2b:dd:0c:fa:0b:97:f0:ad:56:b0:dd:76:51:e7:45:
aa:a3:82:cd:77:5a:07:3a:e5:bc:fd:37:8f:52:ee:e0:de:ac:
99:44:94:65:7d:b1:30:89:4d:12:da:73:29:06:a9:28:42:5d:
1f:1a:a7:44:f3:77:5b:99:4a:ca:a6:dd:3a:cd:a1:16:76:11:
16:44:34:c0
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE40ojdA
Us1YXtgYQPIjnqh4EBjbW4ej4uPIpVC3wxz65Xd/k7NEKpBgOYGkxGPgPYrYNshd
3wQBwfG1ZRI99SL59f/FYCpIOZBp3wifvAdsxqs/5C0FtbMRnk1ajTxkPx593wUc
4uS32UI2y4bfUyrqUStT+DoHWgiL3/udLx+UqfsHk4cg7uau2aUuGuvZZw7Oj34L
vjrKspxAOFRcNZmsBxI+AKM5B3bh+t97gVkLo45OQrceCQTiDOrr1cDa3W/wbmo0
KjiuT7TzTwYXw4MKZujGilRxhguLOTtzB9IL3EyGedqGRCU93PE46yLOkt+Lm/9H
63ooCpHNujB3fQIDAQABo4HLMIHIMB0GA1UdDgQWBBTtzJn6ndKFfg4CQo5ySMP0
KUuV0jAfBgNVHSMEGDAWgBRigaGFhBPycHm9SFspiODxJzVB9zA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AAKCi8+BifIV06emMMgqyDLFlXwYYC5RSMUmR7heSRe0qof3iyJzKoEgHRxUt3uR
4UhAehkTBQVu5CF116egVL/aGKFSCJUKxeA2822r7SFp4edNj4WFIqx7s38/Gn5E
vgbuC/WJU+PR+vdRAHxh0l5Iq0y7RwOi1Gp4An4zWrl8FBJawrtmkU8hy8C3gHJL
KGzZewL6BCby3ipUfWmJiPO5EKsKB/r4fB67RQ9P3i42PqRjsHGhvivdDPoLl/Ct
VrDddlHnRaqjgs13Wgc65bz9N49S7uDerJlElGV9sTCJTRLacykGqShCXR8ap0Tz
d1uZSsqm3TrNoRZ2ERZENMA=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Mar 1 12:00:00 2015 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b5:79:69:47:50:a7:53:24:79:a6:6a:35:e8:33:
74:57:45:da:2c:69:13:1f:76:f9:51:ce:b4:47:ad:
a3:c3:58:50:d1:5f:d6:34:5b:3a:62:f0:6c:ea:e7:
86:c2:09:78:b3:53:0d:7f:45:cb:2b:8e:2e:1f:9b:
c0:7e:47:90:e3:7b:20:cc:01:ed:b6:c3:c6:40:69:
74:2b:f1:db:a5:f8:f4:5b:fd:e9:84:db:1a:fc:4f:
91:4b:e7:f5:2e:99:d0:c9:69:f5:48:5b:8b:19:ca:
dc:5c:0d:3d:15:25:56:77:86:b6:54:fc:d3:1d:8e:
f8:ea:f5:ec:de:30:38:93:28:37:7c:d4:b7:29:26:
6f:2a:4a:56:c3:12:91:18:d6:77:cf:4f:31:4e:13:
b3:8f:ca:bc:7b:a7:7f:f1:af:db:77:80:51:8c:42:
1c:27:37:18:ac:6c:45:8e:d5:21:25:16:09:fb:3b:
0c:84:a8:60:ea:8a:03:65:94:f5:5c:d6:62:36:ae:
b4:de:a3:b1:ee:1b:85:12:8c:6e:ba:ee:14:94:b9:
c7:cb:a3:f1:d1:96:ed:81:79:71:27:d0:d8:26:b4:
80:54:c8:07:a9:34:71:a2:a9:04:33:d6:58:02:59:
f9:14:97:5e:a9:2b:8c:41:2a:5c:3e:ac:30:b8:63:
52:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:81:A1:85:84:13:F2:70:79:BD:48:5B:29:88:E0:F1:27:35:41:F7
X509v3 Authority Key Identifier:
keyid:62:81:A1:85:84:13:F2:70:79:BD:48:5B:29:88:E0:F1:27:35:41:F7
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
47:20:58:cf:09:e0:8c:35:aa:91:d7:be:d1:6a:dc:06:11:ef:
4a:b2:f1:94:41:3b:b4:00:d5:d3:be:cb:4b:ef:67:e0:1b:91:
8b:c3:4f:42:92:9a:5b:8f:84:b1:8e:86:f8:9a:f8:aa:d2:66:
34:76:e5:bb:6f:95:4c:f4:23:e4:71:53:6a:02:8d:e4:ad:7f:
c3:6c:77:a0:8d:00:80:c9:cf:e3:d0:96:e2:5a:1c:b6:66:96:
0d:2a:43:58:66:c8:53:b8:7a:6e:c2:c4:2b:c6:54:33:40:b3:
f3:07:67:37:51:92:b2:7f:9a:e3:c1:79:36:4b:d8:9f:e9:6e:
04:c6:49:19:51:fd:6f:21:86:09:9a:00:76:e0:5e:73:b0:57:
00:25:c5:2a:12:b3:bd:9a:8b:1b:ff:46:90:47:20:76:2b:bf:
8e:94:7d:1a:7c:56:f6:0a:03:7b:5a:42:97:76:77:2e:a5:0c:
2e:a0:03:13:a8:39:79:82:a0:98:8c:da:bd:1e:7e:af:56:21:
95:14:26:ef:06:07:d7:ec:42:6b:2f:b1:e6:f7:97:88:30:5f:
79:50:99:92:b4:9e:20:d0:c2:95:8e:f7:61:64:99:c3:13:da:
46:a1:63:73:0b:23:e8:d7:e7:97:36:82:2b:2a:12:8e:b8:a9:
2d:3c:35:b3
-----BEGIN TRUSTED_CERTIFICATE-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE1MDMwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALV5aUdQp1MkeaZqNegz
dFdF2ixpEx92+VHOtEeto8NYUNFf1jRbOmLwbOrnhsIJeLNTDX9FyyuOLh+bwH5H
kON7IMwB7bbDxkBpdCvx26X49Fv96YTbGvxPkUvn9S6Z0Mlp9UhbixnK3FwNPRUl
VneGtlT80x2O+Or17N4wOJMoN3zUtykmbypKVsMSkRjWd89PMU4Ts4/KvHunf/Gv
23eAUYxCHCc3GKxsRY7VISUWCfs7DISoYOqKA2WU9VzWYjautN6jse4bhRKMbrru
FJS5x8uj8dGW7YF5cSfQ2Ca0gFTIB6k0caKpBDPWWAJZ+RSXXqkrjEEqXD6sMLhj
UjUCAwEAAaOByzCByDAdBgNVHQ4EFgQUYoGhhYQT8nB5vUhbKYjg8Sc1QfcwHwYD
VR0jBBgwFoAUYoGhhYQT8nB5vUhbKYjg8Sc1QfcwNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBHIFjPCeCM
NaqR177RatwGEe9KsvGUQTu0ANXTvstL72fgG5GLw09Ckppbj4Sxjob4mviq0mY0
duW7b5VM9CPkcVNqAo3krX/DbHegjQCAyc/j0JbiWhy2ZpYNKkNYZshTuHpuwsQr
xlQzQLPzB2c3UZKyf5rjwXk2S9if6W4ExkkZUf1vIYYJmgB24F5zsFcAJcUqErO9
mosb/0aQRyB2K7+OlH0afFb2CgN7WkKXdncupQwuoAMTqDl5gqCYjNq9Hn6vViGV
FCbvBgfX7EJrL7Hm95eIMF95UJmStJ4g0MKVjvdhZJnDE9pGoWNzCyPo1+eXNoIr
KhKOuKktPDWz
-----END TRUSTED_CERTIFICATE-----
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----