Google Git
Sign in
chromium / chromium / src / d8b7d84c49f08b6e50de6da191264401c074c5a0 / . / net / data / verify_certificate_chain_unittest / constrained-non-self-signed-root.pem
blob: b8f2d4e01e3464140572b640fa1c664c274fbd07 [file] [log] [blame]
[Created by: generate-constrained-non-self-signed-root.py]
Certificate chain with 1 intermediate and a non-self-signed trust anchor.
Verification should succeed, it doesn't matter that the root was not
self-signed if it is designated as the trust anchor.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b3:aa:6c:0c:2e:35:34:f6:1f:5d:c3:8b:9e:fe:
f7:7e:5b:26:fd:2b:ba:20:83:92:3a:4e:02:18:7c:
1d:49:c5:05:15:c1:fa:98:b3:5d:0c:e8:03:9b:60:
d4:e3:a6:3e:0c:ae:b3:c5:21:38:3b:a0:02:fd:80:
a6:05:47:29:d2:12:95:6b:41:7b:41:94:45:ce:bd:
65:84:d4:5a:51:cc:81:2a:a4:03:8f:31:00:d5:15:
06:13:54:07:87:99:d9:55:fa:23:a8:19:56:11:87:
78:4d:62:15:55:4d:b1:5f:00:c3:ce:a1:f0:21:6f:
97:01:ef:76:49:6d:21:6b:f8:50:12:e9:48:94:3e:
cd:01:d2:30:1f:2d:e2:25:f8:b5:ee:ad:a8:91:e9:
0d:03:be:b4:11:84:1c:9f:9f:09:60:37:bf:52:c4:
ad:2c:12:6d:eb:2d:1f:e2:c5:64:a8:55:c3:01:e8:
19:f8:be:96:07:e2:3b:32:7f:59:28:12:79:f2:fd:
e4:98:a7:f1:77:9f:28:13:1e:b7:2c:56:d9:af:8f:
a4:9c:ac:4e:7d:3a:3c:a0:a6:06:61:d2:9c:88:d0:
4b:72:d4:f3:88:18:b5:53:90:ae:b2:80:dd:b4:90:
c4:e4:76:20:c3:ee:ed:ce:bb:44:d9:ad:39:b1:dd:
27:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:67:B6:67:88:D3:B0:33:53:B8:A0:1F:0F:63:46:A3:28:35:A9:A3
X509v3 Authority Key Identifier:
keyid:9C:54:60:08:5E:37:A1:FA:4A:EA:A7:CB:AB:E1:74:51:84:5F:46:FD
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
26:13:cf:55:3b:59:ce:94:65:01:3e:96:fb:c5:62:d9:d8:0c:
53:f2:23:12:f6:a1:a5:c7:30:f3:2b:f2:68:7d:ed:6a:c9:9d:
a5:21:b5:5d:1c:aa:4e:af:57:8c:3d:08:e7:72:d6:8c:20:9f:
25:f5:cf:31:91:23:47:4e:cc:cc:db:9c:e3:f7:53:d4:46:8f:
ea:92:05:37:12:c8:4b:c8:e5:57:24:ed:86:93:0f:14:1b:ea:
83:5c:87:c5:52:a4:bb:1c:48:80:4a:28:f6:ef:e6:6d:9a:0c:
62:75:11:6d:87:bf:8e:79:14:ed:4a:3f:74:5c:5f:7d:f6:53:
f1:dc:94:9b:67:cb:ae:da:18:80:db:31:85:64:ee:b9:36:67:
50:a8:26:55:0e:38:74:e3:b3:4f:19:10:b4:82:2b:90:18:34:
eb:89:47:3c:2a:fc:e5:06:01:99:fe:8c:56:6c:a1:5b:d6:5f:
22:b5:00:c8:dd:fc:ae:43:5a:77:ee:17:1c:27:73:7f:71:a9:
e1:e1:0d:7c:81:31:b7:7d:8d:3f:3e:96:8a:2c:5f:bb:8d:7b:
ad:b3:91:3a:ce:68:f2:25:02:cf:ca:84:0b:91:4f:b3:f5:d3:
e2:34:b6:4a:d7:92:c4:f0:4d:d2:40:f9:46:b7:60:ff:84:95:
cd:da:73:73
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzqmwM
LjU09h9dw4ue/vd+Wyb9K7ogg5I6TgIYfB1JxQUVwfqYs10M6AObYNTjpj4MrrPF
ITg7oAL9gKYFRynSEpVrQXtBlEXOvWWE1FpRzIEqpAOPMQDVFQYTVAeHmdlV+iOo
GVYRh3hNYhVVTbFfAMPOofAhb5cB73ZJbSFr+FAS6UiUPs0B0jAfLeIl+LXuraiR
6Q0DvrQRhByfnwlgN79SxK0sEm3rLR/ixWSoVcMB6Bn4vpYH4jsyf1koEnny/eSY
p/F3nygTHrcsVtmvj6ScrE59OjygpgZh0pyI0Ety1POIGLVTkK6ygN20kMTkdiDD
7u3Ou0TZrTmx3SfPAgMBAAGjgekwgeYwHQYDVR0OBBYEFExntmeI07AzU7igHw9j
RqMoNamjMB8GA1UdIwQYMBaAFJxUYAheN6H6Suqny6vhdFGEX0b9MD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAJhPPVTtZzpRlAT6W+8Vi
2dgMU/IjEvahpccw8yvyaH3tasmdpSG1XRyqTq9XjD0I53LWjCCfJfXPMZEjR07M
zNuc4/dT1EaP6pIFNxLIS8jlVyTthpMPFBvqg1yHxVKkuxxIgEoo9u/mbZoMYnUR
bYe/jnkU7Uo/dFxfffZT8dyUm2fLrtoYgNsxhWTuuTZnUKgmVQ44dOOzTxkQtIIr
kBg064lHPCr85QYBmf6MVmyhW9ZfIrUAyN38rkNad+4XHCdzf3Gp4eENfIExt32N
Pz6Wiixfu417rbOROs5o8iUCz8qEC5FPs/XT4jS2SteSxPBN0kD5Rrdg/4SVzdpz
cw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:0a:10:7c:70:eb:74:84:70:54:78:38:0e:6b:
da:e4:e6:9c:3b:92:69:8c:5f:eb:ab:11:af:56:27:
1d:59:94:21:91:c3:5c:2b:cd:67:75:95:5d:fc:d6:
04:e6:65:0d:9b:4b:70:ce:e5:23:11:a8:a3:f5:61:
d4:5b:d0:99:b8:4b:44:51:3d:7a:ed:9d:5d:e7:82:
09:25:23:60:12:16:0f:b9:9a:3d:9f:02:22:39:f3:
02:85:b2:45:a6:f4:81:e7:2f:6a:f9:65:28:94:b4:
61:b2:4b:04:6e:2d:dd:a9:75:3e:d4:78:16:8a:45:
6f:3c:85:81:b2:f1:8d:3b:84:ff:19:bd:c5:4d:58:
d4:87:ec:dc:34:23:5c:e3:67:d8:26:c0:dc:ae:ad:
27:34:8b:60:9d:47:bb:be:54:c1:4a:0d:56:91:c6:
54:2d:07:51:d5:87:5d:e4:d5:b6:ee:1a:50:51:99:
c4:2d:37:2d:47:4a:3e:19:1c:4f:ba:14:2d:0b:b0:
e7:87:ab:d4:e4:ca:93:a7:77:13:6f:10:c6:df:dd:
f0:86:53:03:0d:b6:92:66:1d:bf:63:1c:84:f0:63:
cb:18:d3:f4:54:20:a8:e8:4c:94:21:7e:3f:b5:81:
49:9f:bc:51:b9:eb:12:ab:6d:cb:03:37:d0:30:a8:
1b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:54:60:08:5E:37:A1:FA:4A:EA:A7:CB:AB:E1:74:51:84:5F:46:FD
X509v3 Authority Key Identifier:
keyid:4E:4A:66:D2:28:27:6E:75:19:FA:97:E6:3D:38:18:C6:A6:56:68:69
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
5e:d4:51:bf:58:80:db:77:af:e6:7c:a7:03:ab:95:ae:e6:0f:
26:64:63:b0:70:30:92:1c:f0:d8:7c:f8:93:13:14:e3:62:6e:
45:ed:cf:dd:c0:4d:8d:b7:b7:2f:bc:29:2d:6e:c2:ed:d5:10:
e6:80:53:91:88:18:35:c5:88:63:69:95:c1:f2:bc:e6:5c:02:
01:e7:e8:22:f4:3e:6d:91:09:82:64:12:86:80:b1:27:3c:9b:
ee:61:43:c2:1f:54:dc:31:9b:89:38:fe:3d:48:27:f0:fb:c6:
44:58:c6:de:21:19:b1:e1:4a:70:e4:1b:aa:ea:ad:e9:d3:a8:
bd:23:9a:95:d8:06:3c:32:9d:21:28:7c:de:37:d7:47:a6:96:
a0:d1:98:04:19:f5:47:bc:19:f8:9e:b6:dc:4b:d5:39:c6:27:
88:ab:9a:19:f1:f1:33:af:e0:62:36:f7:2e:5d:26:5c:70:55:
5e:3c:df:20:12:42:54:64:e0:5e:5f:2e:ee:6a:85:a4:1e:15:
52:0b:01:01:1b:70:19:fe:67:31:b7:6e:5e:4d:61:93:6b:3c:
c3:fd:c7:55:a8:f0:bc:81:5e:2b:38:84:ab:d8:b8:54:3c:a1:
59:db:ae:70:2b:71:ca:f3:5f:f8:ce:d0:67:af:45:99:19:8c:
25:9d:d1:e9
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgoQfHDr
dIRwVHg4Dmva5OacO5JpjF/rqxGvVicdWZQhkcNcK81ndZVd/NYE5mUNm0twzuUj
Eaij9WHUW9CZuEtEUT167Z1d54IJJSNgEhYPuZo9nwIiOfMChbJFpvSB5y9q+WUo
lLRhsksEbi3dqXU+1HgWikVvPIWBsvGNO4T/Gb3FTVjUh+zcNCNc42fYJsDcrq0n
NItgnUe7vlTBSg1WkcZULQdR1Ydd5NW27hpQUZnELTctR0o+GRxPuhQtC7Dnh6vU
5MqTp3cTbxDG393whlMDDbaSZh2/YxyE8GPLGNP0VCCo6EyUIX4/tYFJn7xRuesS
q23LAzfQMKgbEQIDAQABo4HLMIHIMB0GA1UdDgQWBBScVGAIXjeh+krqp8ur4XRR
hF9G/TAfBgNVHSMEGDAWgBROSmbSKCdudRn6l+Y9OBjGplZoaTA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AF7UUb9YgNt3r+Z8pwOrla7mDyZkY7BwMJIc8Nh8+JMTFONibkXtz93ATY23ty+8
KS1uwu3VEOaAU5GIGDXFiGNplcHyvOZcAgHn6CL0Pm2RCYJkEoaAsSc8m+5hQ8If
VNwxm4k4/j1IJ/D7xkRYxt4hGbHhSnDkG6rqrenTqL0jmpXYBjwynSEofN4310em
lqDRmAQZ9Ue8GfiettxL1TnGJ4irmhnx8TOv4GI29y5dJlxwVV483yASQlRk4F5f
Lu5qhaQeFVILAQEbcBn+ZzG3bl5NYZNrPMP9x1Wo8LyBXis4hKvYuFQ8oVnbrnAr
ccrzX/jO0GevRZkZjCWd0ek=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=UberRoot
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a5:1a:7b:1e:97:d2:f5:6c:17:83:73:76:62:4f:
12:53:75:3d:4b:86:2d:42:77:e7:11:75:65:cd:43:
69:5a:b3:80:ad:42:87:a0:8e:9e:cf:e5:9e:6a:2d:
1f:3e:0a:9a:6e:2b:01:e9:aa:d5:bd:91:50:38:f8:
16:04:79:d3:fe:69:1c:82:9d:e7:10:2c:19:31:8a:
1b:8d:a7:ef:f2:4c:36:de:f6:2f:65:93:78:0a:77:
ba:1d:5b:b1:39:bf:55:71:05:43:fb:6c:d4:49:b2:
35:93:85:c0:99:4e:3b:d2:4d:bf:19:4c:1b:55:b6:
ef:ca:40:b3:6e:6a:18:29:eb:78:fa:f5:7e:15:61:
85:70:1d:1f:a4:cd:59:eb:86:c1:a5:c4:8b:74:22:
e1:5d:9b:80:d4:26:a1:a1:7d:40:4d:89:17:4f:ef:
ea:04:d0:d1:b8:7a:38:b1:a5:13:9a:08:64:4d:85:
88:4e:8d:07:fc:55:0b:22:7e:b7:ab:85:28:b9:d9:
71:c9:99:cb:fb:85:fb:cf:8a:2e:cd:98:90:bb:b1:
17:5f:50:02:5e:23:9c:55:d7:f2:fa:76:47:d6:ee:
12:44:9a:17:c4:67:83:9d:75:5f:20:b1:a8:70:c4:
22:69:00:17:26:a8:9d:c5:88:1a:e5:29:bb:63:c8:
02:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4A:66:D2:28:27:6E:75:19:FA:97:E6:3D:38:18:C6:A6:56:68:69
X509v3 Authority Key Identifier:
keyid:8F:01:DF:48:8B:1D:55:FA:61:CF:0A:EF:D6:89:C1:E7:69:7E:24:51
Authority Information Access:
CA Issuers - URI:http://url-for-aia/UberRoot.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/UberRoot.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
c8:bb:c7:40:ef:2b:d4:1d:61:92:65:48:61:99:5b:d4:5b:1d:
8d:c6:ea:b8:d4:bf:1b:e9:ea:5a:f0:21:f3:95:b8:e7:cf:e7:
c3:8b:68:b2:14:53:fc:c8:07:4d:d8:fc:97:27:8d:0d:41:68:
4c:5e:c8:ab:ee:e3:9c:72:d3:d5:5b:a4:3a:2b:e4:2f:e2:13:
c8:a5:8d:63:61:c9:f8:e1:99:3f:c4:22:36:0d:bb:88:28:85:
99:23:ae:b9:0b:4e:50:7b:81:2d:28:da:9e:9e:7e:86:21:99:
ac:f1:a9:bc:1f:cf:6c:5f:90:91:b1:bf:76:b2:3a:5f:f3:e6:
54:89:bf:db:1e:f5:3a:93:53:ec:80:75:7e:ea:81:e0:c1:8b:
2d:89:f8:62:16:f0:96:ae:8e:be:d7:af:e6:fa:d4:54:b4:01:
bc:dd:f0:93:cc:89:b7:f2:06:81:2e:df:02:11:ac:22:21:44:
77:de:22:aa:9f:2b:05:3a:4e:a9:b4:a2:15:50:13:03:b1:a1:
1a:f4:de:c4:7b:2e:84:56:80:7c:98:db:82:af:a0:8e:79:a5:
b1:81:b7:0f:9b:60:78:5b:57:fc:eb:8e:74:91:e5:e3:58:c6:
b7:82:b2:88:d2:83:5f:b4:94:75:6b:97:8a:3f:88:40:ad:5d:
a1:18:da:7a
-----BEGIN TRUST_ANCHOR_CONSTRAINED-----
MIIDcTCCAlmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhVYmVy
Um9vdDAeFw0xNTAxMDExMjAwMDBaFw0xNjAxMDExMjAwMDBaMA8xDTALBgNVBAMM
BFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClGnsel9L1bBeD
c3ZiTxJTdT1Lhi1Cd+cRdWXNQ2las4CtQoegjp7P5Z5qLR8+CppuKwHpqtW9kVA4
+BYEedP+aRyCnecQLBkxihuNp+/yTDbe9i9lk3gKd7odW7E5v1VxBUP7bNRJsjWT
hcCZTjvSTb8ZTBtVtu/KQLNuahgp63j69X4VYYVwHR+kzVnrhsGlxIt0IuFdm4DU
JqGhfUBNiRdP7+oE0NG4ejixpROaCGRNhYhOjQf8VQsifrerhSi52XHJmcv7hfvP
ii7NmJC7sRdfUAJeI5xV1/L6dkfW7hJEmhfEZ4OddV8gsahwxCJpABcmqJ3FiBrl
KbtjyAL1AgMBAAGjgdMwgdAwHQYDVR0OBBYEFE5KZtIoJ251GfqX5j04GMamVmhp
MB8GA1UdIwQYMBaAFI8B30iLHVX6Yc8K79aJwedpfiRRMDsGCCsGAQUFBwEBBC8w
LTArBggrBgEFBQcwAoYfaHR0cDovL3VybC1mb3ItYWlhL1ViZXJSb290LmNlcjAw
BgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vdXJsLWZvci1jcmwvVWJlclJvb3QuY3Js
MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
A4IBAQDIu8dA7yvUHWGSZUhhmVvUWx2Nxuq41L8b6epa8CHzlbjnz+fDi2iyFFP8
yAdN2PyXJ40NQWhMXsir7uOcctPVW6Q6K+Qv4hPIpY1jYcn44Zk/xCI2DbuIKIWZ
I665C05Qe4EtKNqenn6GIZms8am8H89sX5CRsb92sjpf8+ZUib/bHvU6k1PsgHV+
6oHgwYstifhiFvCWro6+16/m+tRUtAG83fCTzIm38gaBLt8CEawiIUR33iKqnysF
Ok6ptKIVUBMDsaEa9N7Eey6EVoB8mNuCr6COeaWxgbcPm2B4W1f86450keXjWMa3
grKI0oNftJR1a5eKP4hArV2hGNp6
-----END TRUST_ANCHOR_CONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
SUCCESS
-----BEGIN VERIFY_RESULT-----
U1VDQ0VTUw==
-----END VERIFY_RESULT-----