| [Created by: generate-non-self-signed-root.py] |
| |
| Certificate chain with 1 intermediate and a trusted root. The trusted root |
| is NOT self signed, however its issuer is not included in the chain or root |
| store. Verification is expected to succeed since the root is trusted. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:a5:fd:12:f2:87:40:5c:07:a7:7c:a8:7a:2c:2c: |
| 9e:de:bc:e5:8e:c6:55:90:ce:5d:a9:e6:c8:7d:5a: |
| 9f:b1:f7:32:b4:90:9c:80:12:a2:43:fa:71:95:54: |
| 76:45:b3:28:cc:93:05:f1:f4:e9:5d:1d:4e:5d:1a: |
| a1:ad:a5:4b:4f:50:7a:c2:cd:63:2c:de:5d:54:74: |
| 09:8b:d2:5b:1f:0e:49:b4:ce:cc:24:f4:9d:f7:ca: |
| 65:6e:58:02:c0:8d:06:35:81:01:b1:2d:37:07:1e: |
| 9b:07:fa:a3:12:6b:32:bb:98:f1:41:03:2f:17:b5: |
| 5a:d3:bd:b0:2a:0c:be:2f:34:29:ba:87:44:a5:d9: |
| b7:1c:c0:ff:c5:dd:bf:21:78:38:71:ce:7a:54:d1: |
| 97:d9:aa:86:84:eb:2c:17:bf:61:1b:4b:10:54:a2: |
| a1:a6:ec:01:04:f8:f3:c8:6c:2f:30:15:e0:da:94: |
| 49:98:01:de:e6:c4:04:57:bb:f5:6d:09:53:e1:ff: |
| 76:94:cc:ba:2c:74:70:b7:f9:d4:10:35:8a:b0:8c: |
| 4c:5b:5f:5c:db:e3:a5:b6:c9:d5:b4:13:7c:17:77: |
| fd:ac:0d:65:fb:0a:a4:d4:0e:a5:2e:8f:ef:0d:5c: |
| c1:9b:00:c1:dd:0d:4f:c3:7e:3b:3b:a7:4a:d2:99: |
| f0:e3 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 8E:F7:4C:4C:A6:3A:4A:DA:FB:BE:DE:D3:24:D2:56:B5:3D:55:43:18 |
| X509v3 Authority Key Identifier: |
| keyid:25:1D:DB:44:41:CD:DE:76:AA:96:3B:9B:5B:17:24:39:86:B7:DD:E0 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 6e:29:ba:73:d2:ce:13:e8:a8:61:cc:1c:c9:63:c3:e5:62:72: |
| 3d:bd:19:d9:10:ce:04:5c:b4:1a:0c:52:c6:57:4d:d0:a7:2d: |
| a7:11:90:78:72:8c:1c:56:4f:e4:be:4e:de:6e:f3:e1:eb:7e: |
| 9c:05:86:e4:f2:22:69:7b:7d:43:df:4e:a9:11:4d:8a:68:33: |
| a3:7d:9b:b1:04:9c:c2:bf:d4:9f:78:d9:8f:a5:51:9a:20:8a: |
| 79:c8:40:49:e4:30:d1:b9:9b:09:5e:3d:5e:93:f5:84:e5:2b: |
| 9f:1e:56:1c:2d:ef:09:34:8c:db:a0:b6:f0:91:88:91:6b:1f: |
| 4e:86:11:b6:62:33:63:8b:03:b2:40:d2:b8:28:33:e1:33:5d: |
| ae:e4:0c:08:4b:ab:05:08:6c:4a:b2:b7:cd:cd:28:7f:4a:5c: |
| 4c:9d:fa:93:c7:00:fa:47:4e:00:ca:2d:2b:c9:ed:da:e8:33: |
| 23:b6:98:f1:e5:6f:1b:cc:8b:e2:27:b2:1d:46:53:39:29:45: |
| 46:1a:50:94:c0:e7:5e:a4:ef:a3:ee:13:7a:81:89:e2:4e:f9: |
| 5e:1c:e3:ee:fe:d9:6d:7b:85:c6:99:ed:b0:30:d4:ef:16:65: |
| 1f:37:d9:f9:c1:54:c2:d9:18:3f:e9:89:a3:28:6a:ad:fc:a2: |
| 01:b8:82:d3 |
| -----BEGIN CERTIFICATE----- |
| MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl/RLy |
| h0BcB6d8qHosLJ7evOWOxlWQzl2p5sh9Wp+x9zK0kJyAEqJD+nGVVHZFsyjMkwXx |
| 9OldHU5dGqGtpUtPUHrCzWMs3l1UdAmL0lsfDkm0zswk9J33ymVuWALAjQY1gQGx |
| LTcHHpsH+qMSazK7mPFBAy8XtVrTvbAqDL4vNCm6h0Sl2bccwP/F3b8heDhxznpU |
| 0ZfZqoaE6ywXv2EbSxBUoqGm7AEE+PPIbC8wFeDalEmYAd7mxARXu/VtCVPh/3aU |
| zLosdHC3+dQQNYqwjExbX1zb46W2ydW0E3wXd/2sDWX7CqTUDqUuj+8NXMGbAMHd |
| DU/Dfjs7p0rSmfDjAgMBAAGjgekwgeYwHQYDVR0OBBYEFI73TEymOkra+77e0yTS |
| VrU9VUMYMB8GA1UdIwQYMBaAFCUd20RBzd52qpY7m1sXJDmGt93gMD8GCCsGAQUF |
| BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAbim6c9LOE+ioYcwcyWPD |
| 5WJyPb0Z2RDOBFy0GgxSxldN0KctpxGQeHKMHFZP5L5O3m7z4et+nAWG5PIiaXt9 |
| Q99OqRFNimgzo32bsQScwr/Un3jZj6VRmiCKechASeQw0bmbCV49XpP1hOUrnx5W |
| HC3vCTSM26C28JGIkWsfToYRtmIzY4sDskDSuCgz4TNdruQMCEurBQhsSrK3zc0o |
| f0pcTJ36k8cA+kdOAMotK8nt2ugzI7aY8eVvG8yL4ieyHUZTOSlFRhpQlMDnXqTv |
| o+4TeoGJ4k75Xhzj7v7ZbXuFxpntsDDU7xZlHzfZ+cFUwtkYP+mJoyhqrfyiAbiC |
| 0w== |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:dd:9f:7d:91:ef:30:35:17:fe:58:20:b0:99:23: |
| d3:ce:e4:f6:b2:05:82:69:5b:4c:e4:94:40:41:ad: |
| d6:6b:b3:44:08:50:be:9f:b3:f4:26:d6:10:50:52: |
| e3:a4:71:bd:3d:ed:f0:a8:30:da:21:06:aa:d9:ae: |
| 62:51:ed:06:c1:6e:f5:e2:23:a8:62:db:04:b7:0f: |
| 69:84:39:1f:3d:46:28:ae:a0:56:fe:aa:9b:68:0e: |
| 30:65:6a:38:f8:a6:66:12:78:99:cc:8e:c9:80:15: |
| ab:5a:66:75:71:42:4d:8c:32:2c:15:a7:6d:c9:51: |
| c8:d8:88:28:56:03:e4:ab:98:3b:52:d9:01:f0:4d: |
| 18:71:cf:d3:82:cb:62:af:6c:12:8a:a2:4b:44:c7: |
| a7:61:fd:d6:34:89:c6:f0:6e:2c:77:fd:cc:93:a9: |
| 90:5b:85:e7:46:1c:04:41:3d:df:02:79:c3:e6:98: |
| 66:28:b0:39:9b:59:ce:5e:8c:d1:63:b1:28:a3:05: |
| a3:79:93:3a:dd:92:8b:d2:07:15:96:61:27:98:ae: |
| 53:78:3f:da:79:09:01:e7:dc:03:c4:05:8f:e5:52: |
| b3:bc:d8:8f:6d:0a:89:21:a6:cf:b5:db:1c:65:67: |
| 4c:5f:5e:33:24:d7:3c:3e:61:ce:9a:4e:6e:e7:a5: |
| 30:9f |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 25:1D:DB:44:41:CD:DE:76:AA:96:3B:9B:5B:17:24:39:86:B7:DD:E0 |
| X509v3 Authority Key Identifier: |
| keyid:63:A2:D5:4E:83:BA:38:5F:50:C5:93:E5:5C:93:9D:DE:55:08:73:A9 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| c5:e9:f1:a5:8e:03:ae:78:a2:51:87:0b:ee:26:02:97:5e:31: |
| 41:72:f2:7c:00:46:1b:45:51:02:03:4e:16:d0:69:61:e9:7e: |
| aa:fc:5f:5e:6b:63:99:98:c0:cf:36:96:ae:82:56:70:13:33: |
| 8d:f2:00:7a:b3:50:c7:15:ad:56:1b:ab:1a:6f:27:a4:e1:65: |
| da:22:4c:11:32:02:23:30:f8:7c:63:4d:c6:3b:5f:5b:55:37: |
| 82:29:0d:74:ff:49:4c:10:25:60:4b:3f:e8:06:1f:47:67:38: |
| 26:df:c4:92:d8:c4:9a:c8:bd:e6:1f:b9:52:2e:70:f7:21:48: |
| 43:6b:f5:40:07:c7:fd:15:51:80:54:c6:c8:74:14:a9:56:bd: |
| ad:b4:d4:da:a3:1d:b4:c4:91:73:0a:3d:1e:71:e0:97:e2:d4: |
| 79:8d:00:42:a7:8a:28:a2:2c:49:94:3f:23:e6:66:75:42:88: |
| 66:e5:98:14:b0:8d:76:d3:80:32:60:e9:05:18:65:ff:c8:4d: |
| 3b:ea:b3:d1:77:1b:7f:d1:99:c9:b5:58:72:ea:49:d4:31:68: |
| 28:2d:04:3c:49:99:f0:3a:74:11:91:0e:82:46:84:c7:54:7c: |
| 0b:9b:1a:64:ea:e3:9c:d4:c2:b9:90:e8:0e:2c:82:8b:2a:e1: |
| d1:03:32:77 |
| -----BEGIN CERTIFICATE----- |
| MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Z99ke8w |
| NRf+WCCwmSPTzuT2sgWCaVtM5JRAQa3Wa7NECFC+n7P0JtYQUFLjpHG9Pe3wqDDa |
| IQaq2a5iUe0GwW714iOoYtsEtw9phDkfPUYorqBW/qqbaA4wZWo4+KZmEniZzI7J |
| gBWrWmZ1cUJNjDIsFadtyVHI2IgoVgPkq5g7UtkB8E0Ycc/Tgstir2wSiqJLRMen |
| Yf3WNInG8G4sd/3Mk6mQW4XnRhwEQT3fAnnD5phmKLA5m1nOXozRY7EoowWjeZM6 |
| 3ZKL0gcVlmEnmK5TeD/aeQkB59wDxAWP5VKzvNiPbQqJIabPtdscZWdMX14zJNc8 |
| PmHOmk5u56UwnwIDAQABo4HLMIHIMB0GA1UdDgQWBBQlHdtEQc3edqqWO5tbFyQ5 |
| hrfd4DAfBgNVHSMEGDAWgBRjotVOg7o4X1DFk+Vck53eVQhzqTA3BggrBgEFBQcB |
| AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB |
| AMXp8aWOA654olGHC+4mApdeMUFy8nwARhtFUQIDThbQaWHpfqr8X15rY5mYwM82 |
| lq6CVnATM43yAHqzUMcVrVYbqxpvJ6ThZdoiTBEyAiMw+HxjTcY7X1tVN4IpDXT/ |
| SUwQJWBLP+gGH0dnOCbfxJLYxJrIveYfuVIucPchSENr9UAHx/0VUYBUxsh0FKlW |
| va201NqjHbTEkXMKPR5x4Jfi1HmNAEKniiiiLEmUPyPmZnVCiGblmBSwjXbTgDJg |
| 6QUYZf/ITTvqs9F3G3/Rmcm1WHLqSdQxaCgtBDxJmfA6dBGRDoJGhMdUfAubGmTq |
| 45zUwrmQ6A4sgosq4dEDMnc= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 2 (0x2) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=ShadowRoot |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:d4:fa:c0:4f:fa:75:57:2e:07:a4:26:6d:43:48: |
| a2:47:06:03:dd:a3:f2:10:d1:66:21:4f:fa:28:42: |
| b9:4f:c1:f5:4c:fa:dc:ad:92:30:50:2a:ce:ac:db: |
| 05:cd:c2:19:26:b8:de:46:0e:ec:14:9b:27:92:71: |
| bd:e9:a5:28:55:eb:27:71:dc:ff:d7:2b:ea:ed:f0: |
| 5b:e3:38:bc:35:f8:7b:ec:5d:ba:67:8d:d8:8a:95: |
| bb:a2:01:32:3e:a6:d2:d3:a2:c7:70:f5:7c:fb:53: |
| 6f:b8:11:48:af:0c:a0:60:87:98:43:87:ff:d2:c2: |
| 18:b5:50:67:18:ee:06:8f:80:ff:4b:02:c6:c3:01: |
| 34:e2:7e:fa:60:62:23:2c:8a:68:ae:5a:0f:ad:1a: |
| 52:1f:7f:58:ae:9a:50:6e:fb:c7:53:1a:b6:b7:92: |
| 5d:ba:65:53:4c:73:b4:ed:c5:b5:b4:3a:f6:cb:79: |
| b3:87:f9:69:ac:29:e5:e4:bb:54:89:bf:45:bf:0c: |
| b9:83:6c:31:3e:a5:6e:7d:50:f1:68:f8:3d:ca:c2: |
| 3f:9f:5c:61:35:21:bc:6a:a2:77:2c:53:22:71:2e: |
| 96:70:f9:c2:c3:f6:3a:8c:3a:a4:00:f9:55:d4:01: |
| 6e:be:fc:f9:9a:2b:78:7e:3c:25:e9:09:87:47:5e: |
| a5:4d |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 63:A2:D5:4E:83:BA:38:5F:50:C5:93:E5:5C:93:9D:DE:55:08:73:A9 |
| X509v3 Authority Key Identifier: |
| keyid:F9:8A:EA:DF:3D:59:DD:70:5F:B5:B8:D5:24:99:76:02:DC:6E:30:8F |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/ShadowRoot.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/ShadowRoot.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| ce:fc:9e:82:80:f8:42:20:0d:93:e5:35:7d:8b:44:89:7b:dd: |
| a6:2b:dd:69:ee:16:da:2c:98:76:31:ae:7e:b3:c2:30:e5:9d: |
| 6b:be:11:48:70:d8:bd:d6:01:22:93:c7:14:da:0f:46:2f:98: |
| e7:b1:0b:33:10:75:77:3e:3a:e4:ba:ee:10:98:bd:b3:0a:34: |
| f7:85:09:d2:73:d4:7f:61:e1:5d:e4:eb:d6:7b:c6:f3:a9:a0: |
| 4d:15:46:f9:de:c5:31:10:5b:87:c4:58:99:51:64:7e:0b:31: |
| 22:73:ca:54:34:bd:e6:30:44:0a:59:01:ba:1a:7a:e6:83:76: |
| 3c:5e:8b:d4:06:72:b6:a8:62:07:eb:01:97:02:2d:69:95:4a: |
| 2b:77:27:a3:30:e5:22:7d:96:81:c9:ba:90:22:f4:fe:6c:bc: |
| a2:eb:96:81:4c:1a:83:4f:af:9e:21:77:5e:68:87:f3:eb:f8: |
| 10:7d:38:00:9b:83:0c:2d:9f:7f:b8:93:23:c4:f4:b2:77:c7: |
| cf:1d:bb:12:e4:30:f3:bb:5c:ec:82:1c:47:bf:31:93:93:b2: |
| a0:6f:f8:d2:ec:67:7e:95:4e:f5:eb:d4:64:c5:32:2c:0f:b4: |
| 6c:e4:64:ef:b5:a5:07:cf:f8:b2:f1:c9:67:10:e6:1a:0d:a3: |
| 9c:44:65:6e |
| -----BEGIN TRUST_ANCHOR_UNCONSTRAINED----- |
| MIIDdzCCAl+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApTaGFk |
| b3dSb290MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UE |
| AwwEUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANT6wE/6dVcu |
| B6QmbUNIokcGA92j8hDRZiFP+ihCuU/B9Uz63K2SMFAqzqzbBc3CGSa43kYO7BSb |
| J5JxvemlKFXrJ3Hc/9cr6u3wW+M4vDX4e+xdumeN2IqVu6IBMj6m0tOix3D1fPtT |
| b7gRSK8MoGCHmEOH/9LCGLVQZxjuBo+A/0sCxsMBNOJ++mBiIyyKaK5aD60aUh9/ |
| WK6aUG77x1MatreSXbplU0xztO3FtbQ69st5s4f5aawp5eS7VIm/Rb8MuYNsMT6l |
| bn1Q8Wj4PcrCP59cYTUhvGqidyxTInEulnD5wsP2Oow6pAD5VdQBbr78+ZoreH48 |
| JekJh0depU0CAwEAAaOB1zCB1DAdBgNVHQ4EFgQUY6LVToO6OF9QxZPlXJOd3lUI |
| c6kwHwYDVR0jBBgwFoAU+Yrq3z1Z3XBftbjVJJl2AtxuMI8wPQYIKwYBBQUHAQEE |
| MTAvMC0GCCsGAQUFBzAChiFodHRwOi8vdXJsLWZvci1haWEvU2hhZG93Um9vdC5j |
| ZXIwMgYDVR0fBCswKTAnoCWgI4YhaHR0cDovL3VybC1mb3ItY3JsL1NoYWRvd1Jv |
| b3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 |
| DQEBCwUAA4IBAQDO/J6CgPhCIA2T5TV9i0SJe92mK91p7hbaLJh2Ma5+s8Iw5Z1r |
| vhFIcNi91gEik8cU2g9GL5jnsQszEHV3Pjrkuu4QmL2zCjT3hQnSc9R/YeFd5OvW |
| e8bzqaBNFUb53sUxEFuHxFiZUWR+CzEic8pUNL3mMEQKWQG6Gnrmg3Y8XovUBnK2 |
| qGIH6wGXAi1plUordyejMOUifZaBybqQIvT+bLyi65aBTBqDT6+eIXdeaIfz6/gQ |
| fTgAm4MMLZ9/uJMjxPSyd8fPHbsS5DDzu1zsghxHvzGTk7Kgb/jS7Gd+lU7169Rk |
| xTIsD7Rs5GTvtaUHz/iy8clnEOYaDaOcRGVu |
| -----END TRUST_ANCHOR_UNCONSTRAINED----- |
| |
| 150302120000Z |
| -----BEGIN TIME----- |
| MTUwMzAyMTIwMDAwWg== |
| -----END TIME----- |
| |
| SUCCESS |
| -----BEGIN VERIFY_RESULT----- |
| U1VDQ0VTUw== |
| -----END VERIFY_RESULT----- |