blob: 8afcd0f3a7ed73149e7b8cd95118e2ff9dd0ef93 [file] [log] [blame]
[Created by: generate-expired-target.py]
Certificate chain with 1 intermediary, where the target is expired (violates
validity.notAfter). Verification is expected to fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediary
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Mar 1 12:00:00 2015 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e3:02:17:8f:16:37:b7:e0:0b:44:86:f7:4f:de:
18:39:31:91:ed:11:80:67:c4:e0:18:7e:42:8e:be:
dd:a9:0e:e7:ff:47:f2:1d:eb:a8:53:21:5b:c0:3e:
32:59:cf:31:24:e3:0f:00:4a:d2:f7:9a:77:31:10:
45:89:e3:e8:62:9c:c7:06:31:d0:c8:86:2b:3d:a7:
71:83:82:fa:c1:c2:cb:84:74:48:ad:c9:8a:4d:27:
1e:75:bb:4e:ce:54:3c:c1:b5:25:e5:02:d0:b3:8c:
14:f3:f5:9e:f8:30:20:ec:c6:d9:c4:a2:aa:06:f9:
dc:ca:53:2f:76:cf:32:42:fd:7a:1a:c3:da:4a:d3:
82:30:84:f5:fb:02:82:f6:db:6e:87:fc:e8:69:14:
a0:9f:2d:07:c4:ac:64:86:f5:ac:4b:22:f1:b0:d1:
91:2e:29:f7:cf:e0:10:aa:5d:cd:df:d7:a7:b9:9d:
72:cc:fd:16:d5:11:97:90:75:dc:5e:02:ab:7f:d3:
dd:0a:a8:bc:5a:34:c6:8d:bb:8f:7a:04:d5:b6:99:
20:a4:72:c9:ba:00:cf:69:5e:e5:dd:bf:47:b3:3c:
be:83:0d:4b:95:be:91:58:a4:a4:33:2e:3b:b8:da:
85:3d:74:66:8f:f9:0b:be:8e:9d:3e:b6:ca:8b:9b:
7e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D2:85:3D:00:41:91:25:0B:8B:C2:CB:0E:D7:97:F1:14:8E:DE:01
X509v3 Authority Key Identifier:
keyid:90:4B:3E:89:21:25:2A:3C:CA:35:BF:D9:A6:B1:CF:BC:1F:9D:3A:2F
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediary.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediary.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
6d:36:b8:bc:75:67:0d:8a:5b:00:51:3b:06:31:af:83:23:80:
a0:4f:eb:05:d6:5c:15:20:a3:10:7b:3e:31:0a:ba:45:b5:6b:
21:2b:02:bf:83:73:2c:cd:81:85:a0:38:ed:4e:bd:b7:36:dc:
b6:69:bb:81:7b:75:74:3c:ac:5a:c2:59:74:6d:d9:64:8e:5b:
16:19:25:44:98:cb:9d:cd:a0:d4:6f:7f:d2:a3:11:cd:94:aa:
b0:74:ee:c2:a3:3b:aa:98:e0:c5:0d:01:a4:f8:a2:84:ab:d0:
db:19:9d:4d:ce:84:89:50:e8:3a:44:fb:e5:06:f3:d8:e9:d5:
aa:81:69:af:2a:f2:9e:58:35:d5:3d:97:44:3a:79:47:22:d6:
9c:1b:b9:93:ea:3f:44:ac:cf:2a:54:52:86:0b:db:17:9d:f9:
4d:54:46:4d:af:21:92:cf:8a:01:52:14:07:96:c7:48:75:3c:
66:4d:74:fb:44:06:eb:a9:ab:12:2e:91:80:de:02:c1:12:5b:
32:76:36:46:13:16:00:31:76:c9:ee:64:e6:75:03:49:7d:63:
d6:bf:f1:90:1f:b6:49:38:e5:af:37:63:46:e2:4d:d1:29:b8:
b3:24:ec:f5:f8:32:c3:03:fa:1a:ad:30:1a:db:41:4d:5e:43:
46:ae:6d:4e
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTUwMzAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjAheP
Fje34AtEhvdP3hg5MZHtEYBnxOAYfkKOvt2pDuf/R/Id66hTIVvAPjJZzzEk4w8A
StL3mncxEEWJ4+hinMcGMdDIhis9p3GDgvrBwsuEdEityYpNJx51u07OVDzBtSXl
AtCzjBTz9Z74MCDsxtnEoqoG+dzKUy92zzJC/Xoaw9pK04IwhPX7AoL2226H/Ohp
FKCfLQfErGSG9axLIvGw0ZEuKffP4BCqXc3f16e5nXLM/RbVEZeQddxeAqt/090K
qLxaNMaNu496BNW2mSCkcsm6AM9pXuXdv0ezPL6DDUuVvpFYpKQzLju42oU9dGaP
+Qu+jp0+tsqLm34ZAgMBAAGjgekwgeYwHQYDVR0OBBYEFBzShT0AQZElC4vCyw7X
l/EUjt4BMB8GA1UdIwQYMBaAFJBLPokhJSo8yjW/2aaxz7wfnTovMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAbTa4vHVnDYpbAFE7BjGv
gyOAoE/rBdZcFSCjEHs+MQq6RbVrISsCv4NzLM2BhaA47U69tzbctmm7gXt1dDys
WsJZdG3ZZI5bFhklRJjLnc2g1G9/0qMRzZSqsHTuwqM7qpjgxQ0BpPiihKvQ2xmd
Tc6EiVDoOkT75Qbz2OnVqoFpryrynlg11T2XRDp5RyLWnBu5k+o/RKzPKlRShgvb
F535TVRGTa8hks+KAVIUB5bHSHU8Zk10+0QG66mrEi6RgN4CwRJbMnY2RhMWADF2
ye5k5nUDSX1j1r/xkB+2STjlrzdjRuJN0Sm4syTs9fgywwP6Gq0wGttBTV5DRq5t
Tg==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediary
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c1:92:e2:bf:d0:e9:8f:c6:45:f0:c9:ef:51:cc:
97:cc:cb:80:ac:c1:7c:da:7e:28:12:0c:84:45:6b:
db:fb:4f:ba:16:3e:33:8b:a1:14:70:42:99:ca:4e:
8e:55:ac:13:e5:ac:d4:30:9e:25:dc:19:d9:b9:de:
46:7a:84:80:29:bd:a1:11:f8:f2:af:ce:c1:0c:73:
43:29:37:c3:76:61:32:70:6d:e7:29:bf:dd:9f:68:
ed:9e:c2:b9:8c:f6:16:7c:b9:06:4b:65:ff:57:26:
9d:62:48:ee:0b:0f:4c:5e:fb:d7:a9:e3:d8:4b:a9:
0c:01:b6:00:f8:48:27:64:03:b6:73:d0:85:10:92:
4c:50:f8:f4:33:95:ea:52:30:72:b0:c1:e1:d3:1e:
8e:67:2a:64:42:c8:61:b8:3f:76:d2:01:1d:e6:dc:
d2:66:09:41:24:c3:22:b4:55:3a:f0:5e:3d:82:af:
5d:0d:b7:d7:96:02:dc:94:e4:d2:24:dc:49:f8:d3:
dc:b9:78:0e:ce:cf:8f:1a:3f:06:8b:57:e4:51:91:
7f:64:1b:cd:db:4d:80:88:26:21:dc:da:64:ae:64:
bb:03:21:1c:de:ce:44:eb:a7:b4:43:50:51:cc:67:
da:16:91:93:94:e4:d0:ed:28:dc:8a:16:8b:3d:d8:
cd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4B:3E:89:21:25:2A:3C:CA:35:BF:D9:A6:B1:CF:BC:1F:9D:3A:2F
X509v3 Authority Key Identifier:
keyid:C3:6A:BF:B8:BB:62:64:F0:4C:4C:28:47:94:45:0F:15:0D:DC:CD:5A
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
bd:cb:4f:22:e2:7a:50:05:dd:e3:d6:41:19:2b:6d:4a:3e:a8:
90:27:4f:ce:eb:ee:83:4f:d5:b6:ea:a5:18:1c:00:83:84:76:
92:76:a7:2c:54:5f:94:a7:fc:4c:2f:38:08:c5:24:3f:95:57:
e4:55:e2:a5:96:b7:c0:7b:cc:8f:ce:a1:81:e2:d2:51:17:d3:
7f:6b:76:ed:f5:41:2a:7a:56:e2:d1:ed:55:94:38:2e:9f:cb:
9b:a3:8b:d8:d7:42:24:81:55:97:82:a1:77:52:7c:1f:70:db:
0b:bf:a5:eb:96:2e:d4:fb:9c:d5:6a:6e:9b:60:75:01:e1:fe:
f1:14:64:42:82:2a:f5:ea:b3:e1:2e:40:fe:b2:af:9f:c5:66:
25:d8:7d:8c:5f:00:3d:04:b4:02:8c:c7:99:30:d0:c0:02:e4:
5f:3b:75:01:59:76:1c:3c:95:5b:28:49:90:2f:c0:af:45:f0:
4c:62:ca:40:66:80:7e:25:89:ab:91:55:ee:41:71:af:05:4c:
7e:31:2c:99:24:50:c9:dd:97:79:73:97:f9:5a:79:79:05:ff:
c6:83:b7:e3:4d:86:b6:a3:60:1d:7c:e6:89:80:a3:50:8f:b1:
4a:43:d2:a9:89:92:8b:38:20:71:64:0a:41:8b:fd:2f:4b:ab:
3c:45:99:0f
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZLiv9Dp
j8ZF8MnvUcyXzMuArMF82n4oEgyERWvb+0+6Fj4zi6EUcEKZyk6OVawT5azUMJ4l
3BnZud5GeoSAKb2hEfjyr87BDHNDKTfDdmEycG3nKb/dn2jtnsK5jPYWfLkGS2X/
VyadYkjuCw9MXvvXqePYS6kMAbYA+EgnZAO2c9CFEJJMUPj0M5XqUjBysMHh0x6O
ZypkQshhuD920gEd5tzSZglBJMMitFU68F49gq9dDbfXlgLclOTSJNxJ+NPcuXgO
zs+PGj8Gi1fkUZF/ZBvN202AiCYh3NpkrmS7AyEc3s5E66e0Q1BRzGfaFpGTlOTQ
7SjcihaLPdjNGQIDAQABo4HLMIHIMB0GA1UdDgQWBBSQSz6JISUqPMo1v9mmsc+8
H506LzAfBgNVHSMEGDAWgBTDar+4u2Jk8ExMKEeURQ8VDdzNWjA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AL3LTyLielAF3ePWQRkrbUo+qJAnT87r7oNP1bbqpRgcAIOEdpJ2pyxUX5Sn/Ewv
OAjFJD+VV+RV4qWWt8B7zI/OoYHi0lEX039rdu31QSp6VuLR7VWUOC6fy5uji9jX
QiSBVZeCoXdSfB9w2wu/peuWLtT7nNVqbptgdQHh/vEUZEKCKvXqs+EuQP6yr5/F
ZiXYfYxfAD0EtAKMx5kw0MAC5F87dQFZdhw8lVsoSZAvwK9F8ExiykBmgH4liauR
Ve5Bca8FTH4xLJkkUMndl3lzl/laeXkF/8aDt+NNhrajYB185omAo1CPsUpD0qmJ
kos4IHFkCkGL/S9LqzxFmQ8=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:fa:da:12:88:da:6c:4d:a4:17:2e:e6:c7:c7:f6:
fc:0b:41:94:b9:ad:5e:72:7f:53:82:c3:9b:bd:f0:
39:fd:6c:be:42:2f:28:fe:76:7e:e6:24:f7:6b:32:
42:c7:0e:6f:b3:9b:4d:61:ab:f3:f1:76:67:29:77:
a5:6a:b9:64:65:40:42:0a:ad:dc:27:16:7a:94:ae:
8f:f0:d2:db:e7:7c:71:21:c9:ca:f0:64:94:58:32:
b7:fa:d3:27:bc:84:95:ce:d2:81:43:dc:7d:b3:e8:
76:aa:eb:0a:a6:c1:03:1f:ae:19:db:8a:c4:ef:a1:
bd:f3:d6:e9:e7:20:a8:83:1c:78:d5:85:c2:be:9f:
c9:e2:4e:ab:e6:a8:53:6b:c7:5d:d6:57:6f:4f:2d:
db:75:89:c6:10:a3:96:36:22:8d:c3:0a:20:7b:5f:
75:04:a6:4a:8d:24:d3:21:0b:16:fe:70:ae:34:d4:
bd:33:27:86:cb:b3:c8:b8:9a:80:70:0c:01:38:af:
e8:dc:0a:32:ca:a8:da:6c:a7:0a:2d:f3:b6:f7:cb:
7f:ea:59:38:66:ce:9d:93:f2:75:89:d3:5f:43:5c:
9b:29:1c:d4:e9:37:6d:7c:79:ee:ad:c9:70:62:58:
4f:25:f6:21:20:44:a8:0b:c6:52:9d:2f:ea:a5:f8:
b3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:6A:BF:B8:BB:62:64:F0:4C:4C:28:47:94:45:0F:15:0D:DC:CD:5A
X509v3 Authority Key Identifier:
keyid:C3:6A:BF:B8:BB:62:64:F0:4C:4C:28:47:94:45:0F:15:0D:DC:CD:5A
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
48:d9:ed:17:dd:a3:7c:5f:6b:aa:90:6d:f5:d4:61:a3:27:8e:
83:92:15:7a:6c:d7:87:71:95:6a:e4:e0:d9:11:4e:2a:af:14:
5c:11:ba:a0:2e:15:bd:f0:c6:2d:72:0a:17:ce:02:1a:3b:61:
16:5d:1a:ff:e8:45:4d:d6:f2:93:9d:09:ce:e6:ec:a8:c8:de:
e6:40:dc:26:cc:15:89:38:b9:59:06:27:d0:93:af:0e:83:08:
9f:c3:50:1c:b1:e0:88:69:b2:43:61:c3:4c:bc:d9:19:d7:87:
57:c3:e6:99:7b:f0:02:09:ac:e1:f0:a1:55:d5:53:0c:fc:c4:
b3:3c:49:67:30:70:d5:c7:cd:94:a6:07:f0:cd:89:fd:68:b4:
29:9d:63:91:f6:bf:79:da:6a:93:6d:b5:52:57:d8:1a:62:18:
9f:ed:71:5c:d2:5d:53:0b:04:56:5c:05:81:6b:16:9a:dd:ff:
fe:5d:98:32:97:07:c1:7b:9c:d5:08:07:2e:b9:17:ab:1e:a3:
ea:64:b1:02:1b:04:ca:5f:4c:fd:1f:45:91:d9:f6:de:c7:78:
9d:aa:5d:b7:cc:6f:58:7f:2d:71:cc:5c:3a:8c:e5:db:51:3e:
af:77:1f:d1:e1:81:cb:74:c0:36:46:be:51:4e:55:94:98:65:
7d:33:c0:5e
-----BEGIN TRUSTED_CERTIFICATE-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPraEojabE2kFy7mx8f2
/AtBlLmtXnJ/U4LDm73wOf1svkIvKP52fuYk92syQscOb7ObTWGr8/F2Zyl3pWq5
ZGVAQgqt3CcWepSuj/DS2+d8cSHJyvBklFgyt/rTJ7yElc7SgUPcfbPodqrrCqbB
Ax+uGduKxO+hvfPW6ecgqIMceNWFwr6fyeJOq+aoU2vHXdZXb08t23WJxhCjljYi
jcMKIHtfdQSmSo0k0yELFv5wrjTUvTMnhsuzyLiagHAMATiv6NwKMsqo2mynCi3z
tvfLf+pZOGbOnZPydYnTX0Ncmykc1Ok3bXx57q3JcGJYTyX2ISBEqAvGUp0v6qX4
s88CAwEAAaOByzCByDAdBgNVHQ4EFgQUw2q/uLtiZPBMTChHlEUPFQ3czVowHwYD
VR0jBBgwFoAUw2q/uLtiZPBMTChHlEUPFQ3czVowNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBI2e0X3aN8
X2uqkG311GGjJ46DkhV6bNeHcZVq5ODZEU4qrxRcEbqgLhW98MYtcgoXzgIaO2EW
XRr/6EVN1vKTnQnO5uyoyN7mQNwmzBWJOLlZBifQk68Ogwifw1AcseCIabJDYcNM
vNkZ14dXw+aZe/ACCazh8KFV1VMM/MSzPElnMHDVx82UpgfwzYn9aLQpnWOR9r95
2mqTbbVSV9gaYhif7XFc0l1TCwRWXAWBaxaa3f/+XZgylwfBe5zVCAcuuRerHqPq
ZLECGwTKX0z9H0WR2fbex3idql23zG9Yfy1xzFw6jOXbUT6vdx/R4YHLdMA2Rr5R
TlWUmGV9M8Be
-----END TRUSTED_CERTIFICATE-----
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----