| [Created by: generate-target-signed-by-512bit-rsa.py] |
| |
| Certificate chain with 1 intermediate and a trusted root. The target |
| certificate is signed using a weak RSA key (512-bit modulus), and so |
| verification is expected to fail. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:b8:8a:4e:71:4c:e6:58:02:9d:bc:08:20:2d:8d: |
| 74:e3:04:2f:59:9e:43:73:e0:ca:83:1b:3a:e2:30: |
| 78:de:f8:07:a1:17:62:5d:4e:35:e8:03:40:2a:1e: |
| 2e:8e:91:a4:96:bf:a7:34:45:13:19:b2:d7:b0:72: |
| d0:10:e2:ad:ab:a8:f8:41:c5:ec:ee:1c:14:cb:cf: |
| 4f:cd:37:71:bd:2d:11:8d:95:e4:fa:2b:16:8c:bf: |
| 82:1c:22:85:25:4a:88:01:af:1e:fe:e7:53:d5:03: |
| d4:36:14:ae:81:d2:3d:73:6c:96:e0:e7:d2:a4:fb: |
| 17:1d:df:6a:93:68:b5:f8:a8:70:df:d0:b6:9d:fb: |
| e5:80:a3:a8:85:df:82:f3:05:23:9f:b6:62:89:b7: |
| 72:0c:99:49:5b:07:bd:c5:fb:4c:f4:32:83:a5:3c: |
| c6:8c:6b:c1:a1:c0:ab:73:68:fb:91:14:12:3a:c5: |
| 31:89:ac:a2:4b:b6:20:3b:03:1f:50:48:ff:7b:3b: |
| be:53:e5:46:e2:ad:18:7a:d3:3e:f9:bb:d0:0b:ac: |
| 0c:23:d8:9c:92:07:6c:ee:a6:64:0d:77:ef:aa:f4: |
| 64:5a:aa:ed:52:cb:20:9a:57:d5:ab:be:8c:07:71: |
| b3:a4:43:8b:d9:7e:6f:46:2c:70:9f:c0:e3:68:89: |
| e5:2b |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 3D:5B:07:9A:2F:A5:14:87:32:C3:F8:54:71:62:3F:A1:E6:60:7F:D0 |
| X509v3 Authority Key Identifier: |
| keyid:7C:0E:01:A5:04:38:CE:0F:6A:AB:34:B2:CD:77:19:DB:84:C1:EC:44 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 6a:f4:be:75:7e:66:b3:42:6e:fb:64:ed:d2:a1:d8:3d:08:04: |
| bf:93:17:0b:9b:79:df:ca:73:95:b4:5a:78:e3:96:d0:7f:5e: |
| 3c:2c:df:00:da:37:fc:61:22:9a:81:d1:bb:5d:13:6a:e4:21: |
| 18:bf:dc:49:36:4e:7a:aa:b8:6f |
| -----BEGIN CERTIFICATE----- |
| MIICyzCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ik5x |
| TOZYAp28CCAtjXTjBC9ZnkNz4MqDGzriMHje+AehF2JdTjXoA0AqHi6OkaSWv6c0 |
| RRMZstewctAQ4q2rqPhBxezuHBTLz0/NN3G9LRGNleT6KxaMv4IcIoUlSogBrx7+ |
| 51PVA9Q2FK6B0j1zbJbg59Kk+xcd32qTaLX4qHDf0Lad++WAo6iF34LzBSOftmKJ |
| t3IMmUlbB73F+0z0MoOlPMaMa8GhwKtzaPuRFBI6xTGJrKJLtiA7Ax9QSP97O75T |
| 5UbirRh60z75u9ALrAwj2JySB2zupmQNd++q9GRaqu1SyyCaV9WrvowHcbOkQ4vZ |
| fm9GLHCfwONoieUrAgMBAAGjgekwgeYwHQYDVR0OBBYEFD1bB5ovpRSHMsP4VHFi |
| P6HmYH/QMB8GA1UdIwQYMBaAFHwOAaUEOM4Paqs0ss13GduEwexEMD8GCCsGAQUF |
| BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAANBAGr0vnV+ZrNCbvtk7dKh2D0I |
| BL+TFwubed/Kc5W0WnjjltB/Xjws3wDaN/xhIpqB0btdE2rkIRi/3Ek2TnqquG8= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 2 (0x2) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (512 bit) |
| Modulus: |
| 00:ba:89:53:56:03:c7:9f:d6:cc:d0:48:7d:3b:52: |
| 02:ee:7e:58:eb:d8:9c:8e:3c:d6:65:b2:8d:94:0d: |
| 87:48:e1:65:65:56:91:5b:1a:52:3a:84:96:46:2a: |
| 8b:1b:7d:0c:43:57:04:0d:38:55:21:5b:0b:45:06: |
| a6:1e:67:ca:5b |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 7C:0E:01:A5:04:38:CE:0F:6A:AB:34:B2:CD:77:19:DB:84:C1:EC:44 |
| X509v3 Authority Key Identifier: |
| keyid:71:59:49:4D:A5:43:49:C5:0E:E4:78:E9:5C:B7:4E:80:A8:A3:BB:5E |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 8e:cc:d3:f3:5a:fb:ca:83:4e:55:e3:ae:2a:b7:b7:ac:9e:87: |
| f0:62:58:23:29:3d:63:7e:8d:42:60:ea:dc:3e:ec:66:19:4b: |
| e6:d6:a7:b7:e1:ea:33:88:3c:ea:8b:87:b9:e7:64:0d:35:b3: |
| 0e:ab:81:71:0c:1c:0a:f3:0a:49:23:4e:d6:21:de:7f:e5:fd: |
| 6d:8b:7a:33:2f:a6:ab:4e:b8:02:cc:01:1e:18:9a:90:f3:56: |
| f8:8a:b5:2f:68:12:c6:83:b2:91:59:00:51:86:75:68:45:3b: |
| 27:c4:e0:0d:ed:e7:51:2d:47:60:26:19:02:fd:43:27:81:ad: |
| 33:cb:eb:98:9a:a1:2e:81:d3:81:52:4a:1d:19:e9:30:f9:fc: |
| 6b:e7:26:c8:c1:6c:65:e4:66:d4:cc:82:16:0a:a6:b9:68:3a: |
| eb:ee:cd:86:aa:a7:80:ed:4f:77:47:d2:c6:1b:eb:53:de:f3: |
| eb:24:60:41:ac:77:08:43:1b:76:ce:a6:4b:f1:4e:1d:32:2b: |
| 31:bd:59:52:f1:60:e7:f5:db:6d:bf:be:af:55:9b:11:63:f7: |
| 6e:19:2c:17:4b:db:fe:40:27:ae:02:f5:c2:17:62:21:7b:ac: |
| 38:d6:17:3e:5c:80:61:6d:95:63:e4:64:d3:07:23:9f:14:bb: |
| df:b2:eb:c2 |
| -----BEGIN CERTIFICATE----- |
| MIICpTCCAY2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXRlMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALqJU1YDx5/WzNBIfTtS |
| Au5+WOvYnI481mWyjZQNh0jhZWVWkVsaUjqElkYqixt9DENXBA04VSFbC0UGph5n |
| ylsCAwEAAaOByzCByDAdBgNVHQ4EFgQUfA4BpQQ4zg9qqzSyzXcZ24TB7EQwHwYD |
| VR0jBBgwFoAUcVlJTaVDScUO5HjpXLdOgKiju14wNwYIKwYBBQUHAQEEKzApMCcG |
| CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCOzNPzWvvK |
| g05V464qt7esnofwYlgjKT1jfo1CYOrcPuxmGUvm1qe34eoziDzqi4e552QNNbMO |
| q4FxDBwK8wpJI07WId5/5f1ti3ozL6arTrgCzAEeGJqQ81b4irUvaBLGg7KRWQBR |
| hnVoRTsnxOAN7edRLUdgJhkC/UMnga0zy+uYmqEugdOBUkodGekw+fxr5ybIwWxl |
| 5GbUzIIWCqa5aDrr7s2GqqeA7U93R9LGG+tT3vPrJGBBrHcIQxt2zqZL8U4dMisx |
| vVlS8WDn9dttv76vVZsRY/duGSwXS9v+QCeuAvXCF2Ihe6w41hc+XIBhbZVj5GTT |
| ByOfFLvfsuvC |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:ca:5e:08:17:b7:7c:c4:55:39:a2:1c:7f:97:49: |
| b0:bb:88:3e:9e:ed:46:36:41:c2:a7:5e:2b:ce:bb: |
| 7b:d2:d2:a8:3b:a3:53:27:39:ac:3a:76:48:a2:85: |
| 97:3f:ba:98:9f:14:f9:b9:31:64:e5:27:a8:9a:23: |
| ae:7d:12:39:65:c0:10:f3:6d:2d:a3:45:3d:c3:69: |
| e6:cf:3e:4d:8a:5c:37:a5:6c:32:17:7c:ab:8f:62: |
| 0e:e4:57:6b:e1:64:22:8d:3b:ad:c6:93:60:4a:c4: |
| 32:6d:be:c4:6b:06:e1:4b:e0:89:3c:ef:ad:78:94: |
| bd:3d:d1:bb:19:1a:86:98:43:0e:84:bb:68:11:47: |
| 9a:06:49:33:e9:48:e6:f2:00:0e:ef:e7:4d:2a:1b: |
| b2:aa:5b:a8:8d:59:ac:b7:c8:77:5d:c9:9f:d3:e8: |
| c7:f2:88:0a:ce:6e:34:b5:8f:5a:63:24:68:42:2f: |
| 60:2c:a5:82:44:e9:12:1f:c3:7a:01:c3:e7:e3:24: |
| 97:0b:bc:5e:48:e1:33:4b:a0:cd:fa:ce:75:90:97: |
| 20:f4:0b:4c:8e:69:c5:8b:cd:1c:ac:8a:7f:d4:18: |
| 22:c7:10:09:52:dc:3a:17:3d:3a:5c:03:99:ee:f8: |
| 9d:a0:bf:ef:72:33:df:43:8d:9f:1b:1c:e3:22:24: |
| 73:99 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 71:59:49:4D:A5:43:49:C5:0E:E4:78:E9:5C:B7:4E:80:A8:A3:BB:5E |
| X509v3 Authority Key Identifier: |
| keyid:71:59:49:4D:A5:43:49:C5:0E:E4:78:E9:5C:B7:4E:80:A8:A3:BB:5E |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 20:51:cc:39:0f:3c:0c:67:47:0c:73:f0:00:0d:57:fb:6f:fe: |
| 4c:e3:c1:d1:a6:f7:40:54:4c:91:0f:ca:e1:eb:b3:7a:44:0e: |
| 57:f5:81:1f:9a:4f:81:57:d8:91:01:7b:09:6a:61:19:04:8f: |
| 00:7a:d1:5b:3f:cb:1b:c0:53:a4:da:dc:40:a5:ef:9b:59:1a: |
| fc:99:b2:0d:66:22:ee:d7:da:69:72:4d:b1:44:e9:2d:57:84: |
| 52:d5:2b:c5:77:ac:a7:d0:f2:27:12:6b:5c:42:7a:3d:fc:e8: |
| 04:91:98:aa:1d:3f:40:9d:9b:e2:43:24:47:7b:b8:24:23:a3: |
| 47:24:cd:9a:44:87:f8:a7:c4:07:90:9a:73:60:e1:0e:7b:82: |
| a1:ef:73:4e:02:46:6d:06:e2:58:8f:79:47:79:a6:59:75:cf: |
| ac:5d:e2:37:6c:88:3f:bf:57:00:f5:fb:09:53:f4:5f:06:42: |
| 58:5e:75:48:96:7d:4f:dd:3b:45:d3:7c:61:8f:75:20:17:a0: |
| 2e:1c:08:4b:22:3f:37:be:d7:43:89:da:59:ac:79:87:1e:6a: |
| cc:53:4d:5b:e9:0a:d6:40:a5:a0:28:99:57:44:5d:d2:7b:bf: |
| 02:38:a3:c4:df:14:a9:c1:b2:ec:15:21:7b:84:a1:a1:56:f8: |
| b9:45:42:cd |
| -----BEGIN TRUST_ANCHOR_UNCONSTRAINED----- |
| MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpeCBe3fMRVOaIcf5dJ |
| sLuIPp7tRjZBwqdeK867e9LSqDujUyc5rDp2SKKFlz+6mJ8U+bkxZOUnqJojrn0S |
| OWXAEPNtLaNFPcNp5s8+TYpcN6VsMhd8q49iDuRXa+FkIo07rcaTYErEMm2+xGsG |
| 4UvgiTzvrXiUvT3RuxkahphDDoS7aBFHmgZJM+lI5vIADu/nTSobsqpbqI1ZrLfI |
| d13Jn9Pox/KICs5uNLWPWmMkaEIvYCylgkTpEh/DegHD5+Mklwu8XkjhM0ugzfrO |
| dZCXIPQLTI5pxYvNHKyKf9QYIscQCVLcOhc9OlwDme74naC/73Iz30ONnxsc4yIk |
| c5kCAwEAAaOByzCByDAdBgNVHQ4EFgQUcVlJTaVDScUO5HjpXLdOgKiju14wHwYD |
| VR0jBBgwFoAUcVlJTaVDScUO5HjpXLdOgKiju14wNwYIKwYBBQUHAQEEKzApMCcG |
| CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAgUcw5DzwM |
| Z0cMc/AADVf7b/5M48HRpvdAVEyRD8rh67N6RA5X9YEfmk+BV9iRAXsJamEZBI8A |
| etFbP8sbwFOk2txApe+bWRr8mbINZiLu19ppck2xROktV4RS1SvFd6yn0PInEmtc |
| Qno9/OgEkZiqHT9AnZviQyRHe7gkI6NHJM2aRIf4p8QHkJpzYOEOe4Kh73NOAkZt |
| BuJYj3lHeaZZdc+sXeI3bIg/v1cA9fsJU/RfBkJYXnVIln1P3TtF03xhj3UgF6Au |
| HAhLIj83vtdDidpZrHmHHmrMU01b6QrWQKWgKJlXRF3Se78COKPE3xSpwbLsFSF7 |
| hKGhVvi5RULN |
| -----END TRUST_ANCHOR_UNCONSTRAINED----- |
| |
| 150302120000Z |
| -----BEGIN TIME----- |
| MTUwMzAyMTIwMDAwWg== |
| -----END TIME----- |
| |
| FAIL |
| -----BEGIN VERIFY_RESULT----- |
| RkFJTA== |
| -----END VERIFY_RESULT----- |
| |
| [Context] Processing Certificate |
| index: 1 |
| [Error] RSA modulus too small |
| actual: 512 |
| minimum: 1024 |
| [Error] Unacceptable modulus length for RSA key |
| [Error] VerifySignedData failed |
| |
| -----BEGIN ERRORS----- |
| W0NvbnRleHRdIFByb2Nlc3NpbmcgQ2VydGlmaWNhdGUKICBpbmRleDogMQogICAgICBbRXJyb3JdIFJTQSBtb2R1bHVzIHRvbyBzbWFsbAogICAgICAgIGFjdHVhbDogNTEyCiAgICAgICAgbWluaW11bTogMTAyNAogICAgICBbRXJyb3JdIFVuYWNjZXB0YWJsZSBtb2R1bHVzIGxlbmd0aCBmb3IgUlNBIGtleQogICAgICBbRXJyb3JdIFZlcmlmeVNpZ25lZERhdGEgZmFpbGVkCg== |
| -----END ERRORS----- |
