| [Created by: generate-unconstrained-non-self-signed-root.py] |
| |
| Certificate chain with 1 intermediate and a non-self-signed trust anchor. |
| Verification should succeed, it doesn't matter that the root was not |
| self-signed if it is designated as the trust anchor. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:e2:dd:d4:9d:10:ff:0e:87:2d:ba:eb:b5:34:02: |
| 80:b9:83:16:1c:74:27:2b:f1:71:fe:5a:15:ad:26: |
| 7c:80:a6:06:a3:5c:81:30:5f:63:4b:7b:41:c4:2f: |
| ad:6b:31:21:5f:23:1e:a3:6b:41:36:88:6e:cc:97: |
| 5d:ad:67:8e:c5:1c:8f:e4:d0:e5:2b:02:da:e6:7d: |
| 65:6b:a8:fd:90:78:aa:0a:85:31:7c:4e:92:0e:af: |
| 45:00:bb:48:20:22:0e:24:d4:a3:2a:fd:d7:3f:05: |
| 21:70:18:1e:a0:7b:24:25:d9:e5:63:20:dd:59:73: |
| 27:24:9c:a4:4e:8f:93:5d:3c:27:b2:93:7d:1d:15: |
| 09:28:59:f3:70:55:8b:7f:f8:5d:69:0e:3a:0c:a4: |
| 54:7c:32:d4:0e:d4:0b:58:c1:12:74:8a:b6:38:b0: |
| 1d:0e:b2:8e:18:29:ae:8f:75:7b:f3:48:c5:2e:aa: |
| af:e4:0a:a0:fd:c8:8e:fb:a6:17:28:21:36:2e:5d: |
| 20:b4:21:83:a2:6d:7a:ec:7a:14:24:eb:99:90:0e: |
| a0:af:4f:8d:f9:11:36:01:3a:8f:18:4e:15:d4:fe: |
| 12:65:f4:af:11:00:f0:4f:86:11:f3:7c:f6:5d:7b: |
| 28:5c:4f:b1:49:68:3b:de:17:2d:6a:5a:09:5e:1d: |
| 8d:29 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| CF:A5:99:53:C2:5B:C6:BD:10:84:1E:39:95:94:A2:01:79:D4:DA:DD |
| X509v3 Authority Key Identifier: |
| keyid:A3:6A:AF:46:74:A6:CD:26:44:76:D1:81:2A:03:CE:B7:51:58:33:29 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 1c:9c:e2:fa:bd:20:4e:a4:91:63:8d:46:7e:10:1c:d1:ce:5a: |
| c0:dc:cb:8f:c9:fa:54:69:3d:e8:4b:45:a8:34:3d:fb:1b:fe: |
| 8a:08:ce:1c:d3:37:cd:d3:c6:76:41:f4:88:9d:4a:cc:72:45: |
| 00:bf:5f:11:02:49:a5:e7:f4:69:17:ea:ac:8c:9d:75:cb:2e: |
| 35:c7:77:2a:b5:ee:13:aa:ad:84:48:24:77:7d:8b:0b:98:22: |
| 7b:2e:36:2f:41:de:ec:4c:37:96:b2:5d:ce:f1:bc:d9:62:ec: |
| 5c:07:1c:10:8d:65:1a:09:74:a4:f9:d5:5e:c1:06:f7:7c:b2: |
| ae:86:74:04:8f:43:b5:7f:de:9e:9c:10:5e:78:5b:a4:05:de: |
| d8:9a:33:8d:62:23:a9:3c:e8:6a:ad:5d:d9:f1:5b:9f:34:d8: |
| 4a:56:c3:76:1d:9e:d8:05:95:a8:65:00:7a:ad:bd:3d:18:94: |
| f8:07:50:cc:11:39:05:e1:13:a0:9c:8d:17:41:79:76:77:85: |
| b7:6a:c3:bd:db:ee:fe:7e:46:1b:08:e0:05:e4:c5:78:77:f2: |
| 49:b1:02:2c:df:d0:f5:ce:76:f6:63:14:65:f8:df:22:2c:fc: |
| fa:9c:2b:91:32:39:92:8b:31:a7:cf:2a:23:e1:43:ea:fd:ff: |
| f2:d7:b1:f7 |
| -----BEGIN CERTIFICATE----- |
| MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi3dSd |
| EP8Ohy2667U0AoC5gxYcdCcr8XH+WhWtJnyApgajXIEwX2NLe0HEL61rMSFfIx6j |
| a0E2iG7Ml12tZ47FHI/k0OUrAtrmfWVrqP2QeKoKhTF8TpIOr0UAu0ggIg4k1KMq |
| /dc/BSFwGB6geyQl2eVjIN1ZcycknKROj5NdPCeyk30dFQkoWfNwVYt/+F1pDjoM |
| pFR8MtQO1AtYwRJ0irY4sB0Oso4YKa6PdXvzSMUuqq/kCqD9yI77phcoITYuXSC0 |
| IYOibXrsehQk65mQDqCvT435ETYBOo8YThXU/hJl9K8RAPBPhhHzfPZdeyhcT7FJ |
| aDveFy1qWgleHY0pAgMBAAGjgekwgeYwHQYDVR0OBBYEFM+lmVPCW8a9EIQeOZWU |
| ogF51NrdMB8GA1UdIwQYMBaAFKNqr0Z0ps0mRHbRgSoDzrdRWDMpMD8GCCsGAQUF |
| BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAHJzi+r0gTqSRY41GfhAc |
| 0c5awNzLj8n6VGk96EtFqDQ9+xv+igjOHNM3zdPGdkH0iJ1KzHJFAL9fEQJJpef0 |
| aRfqrIyddcsuNcd3KrXuE6qthEgkd32LC5giey42L0He7Ew3lrJdzvG82WLsXAcc |
| EI1lGgl0pPnVXsEG93yyroZ0BI9DtX/enpwQXnhbpAXe2JozjWIjqTzoaq1d2fFb |
| nzTYSlbDdh2e2AWVqGUAeq29PRiU+AdQzBE5BeEToJyNF0F5dneFt2rDvdvu/n5G |
| GwjgBeTFeHfySbECLN/Q9c529mMUZfjfIiz8+pwrkTI5kosxp88qI+FD6v3/8tex |
| 9w== |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:cc:28:1f:e1:1a:a3:da:34:65:45:b7:bb:c1:3b: |
| c8:3b:92:22:e1:fb:0a:82:86:f8:0c:41:c4:8b:33: |
| cd:b7:17:55:25:9c:b6:09:98:cb:ed:6d:81:99:88: |
| 76:c7:ba:11:ec:af:61:b6:73:cf:7c:5a:5c:5f:08: |
| 2e:e4:6f:d8:74:b0:8f:11:8f:6d:56:cd:03:2e:70: |
| f7:59:59:c9:a7:0c:aa:06:d2:f3:a2:99:a1:1a:a2: |
| 56:b8:88:17:13:d5:de:ee:e8:f8:b5:82:23:15:62: |
| 18:c9:68:02:70:3d:d2:b4:90:4b:28:87:31:ad:b7: |
| 4a:9c:07:b5:ea:52:fd:66:dd:15:64:d7:88:25:e1: |
| 92:0b:77:86:af:73:d8:3b:34:aa:02:bf:8d:a5:06: |
| 50:55:2d:55:bc:bb:ca:01:1b:c3:5d:8d:62:35:b2: |
| 64:cd:4b:70:61:cc:cd:85:6f:50:4a:a2:41:d4:5a: |
| a5:30:aa:32:3e:50:02:67:aa:99:ee:24:c7:7b:f8: |
| fd:54:23:3a:4a:b7:67:67:2d:f7:30:4f:b4:d0:28: |
| a7:f9:64:5b:d8:d9:20:c2:a9:75:ed:0b:ff:b6:f1: |
| 75:bc:3b:be:58:da:f6:93:6c:4d:ba:15:cd:ce:4c: |
| de:8f:22:89:d2:ac:15:6d:60:da:b3:8b:5a:ea:e6: |
| ba:75 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| A3:6A:AF:46:74:A6:CD:26:44:76:D1:81:2A:03:CE:B7:51:58:33:29 |
| X509v3 Authority Key Identifier: |
| keyid:1E:88:21:E6:C7:6E:DC:76:90:45:43:56:DD:DA:B3:5F:50:3D:CA:BB |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 76:a9:bf:ab:a6:23:d0:73:52:0f:ac:fb:15:27:2a:ac:cb:2a: |
| 99:80:f2:d7:29:ca:e7:5b:68:72:53:df:ea:c7:fb:f6:cb:c4: |
| 56:af:e1:95:ec:d7:19:b1:94:42:19:d3:71:6f:8b:19:08:46: |
| 0b:ac:05:e3:b2:cb:81:d5:78:37:92:0b:77:75:73:b0:78:0b: |
| 2f:b0:ae:a9:39:80:fa:f1:26:62:28:73:18:c9:33:f8:db:1b: |
| 90:20:54:a8:18:fd:50:4f:63:3c:4f:a7:6e:aa:11:7c:07:f4: |
| 7c:ad:84:fd:a0:f2:d8:63:84:be:c9:ed:b6:c1:2d:2e:23:8f: |
| 7e:5f:e3:63:46:89:1f:56:a4:ea:e4:af:85:62:77:29:d6:ce: |
| 3b:27:69:7b:2f:be:ef:ec:56:59:a8:ea:cf:b9:a0:1d:07:43: |
| 01:84:0e:37:fd:6b:95:39:7e:be:57:9d:33:89:ed:5d:5d:6a: |
| f8:32:3d:59:1b:9a:0c:1c:46:70:80:57:ba:30:6d:a6:b0:70: |
| de:aa:9a:33:bf:5b:ae:33:f3:ee:4d:92:b9:23:22:99:f4:81: |
| 08:7f:ef:4f:8b:37:ae:27:4c:9b:6d:b5:ac:62:8d:7d:b2:7e: |
| 2b:89:dc:eb:5d:14:c9:f6:64:b0:cd:5b:4b:38:f1:b3:58:b5: |
| 07:5d:1a:d9 |
| -----BEGIN CERTIFICATE----- |
| MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCgf4Rqj |
| 2jRlRbe7wTvIO5Ii4fsKgob4DEHEizPNtxdVJZy2CZjL7W2BmYh2x7oR7K9htnPP |
| fFpcXwgu5G/YdLCPEY9tVs0DLnD3WVnJpwyqBtLzopmhGqJWuIgXE9Xe7uj4tYIj |
| FWIYyWgCcD3StJBLKIcxrbdKnAe16lL9Zt0VZNeIJeGSC3eGr3PYOzSqAr+NpQZQ |
| VS1VvLvKARvDXY1iNbJkzUtwYczNhW9QSqJB1FqlMKoyPlACZ6qZ7iTHe/j9VCM6 |
| SrdnZy33ME+00Cin+WRb2Nkgwql17Qv/tvF1vDu+WNr2k2xNuhXNzkzejyKJ0qwV |
| bWDas4ta6ua6dQIDAQABo4HLMIHIMB0GA1UdDgQWBBSjaq9GdKbNJkR20YEqA863 |
| UVgzKTAfBgNVHSMEGDAWgBQeiCHmx27cdpBFQ1bd2rNfUD3KuzA3BggrBgEFBQcB |
| AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB |
| AHapv6umI9BzUg+s+xUnKqzLKpmA8tcpyudbaHJT3+rH+/bLxFav4ZXs1xmxlEIZ |
| 03FvixkIRgusBeOyy4HVeDeSC3d1c7B4Cy+wrqk5gPrxJmIocxjJM/jbG5AgVKgY |
| /VBPYzxPp26qEXwH9HythP2g8thjhL7J7bbBLS4jj35f42NGiR9WpOrkr4VidynW |
| zjsnaXsvvu/sVlmo6s+5oB0HQwGEDjf9a5U5fr5XnTOJ7V1davgyPVkbmgwcRnCA |
| V7owbaawcN6qmjO/W64z8+5NkrkjIpn0gQh/70+LN64nTJtttaxijX2yfiuJ3Otd |
| FMn2ZLDNW0s48bNYtQddGtk= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 2 (0x2) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=UberRoot |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:d2:ee:04:1f:69:cf:1f:13:bf:0c:7f:3b:65:1c: |
| e6:e3:c6:3d:be:86:27:a6:1a:98:44:9e:76:a7:c7: |
| d0:fd:bc:0e:92:3e:f8:a1:6e:6a:ac:19:80:26:f8: |
| 96:2b:27:fb:c1:4f:10:24:6e:9f:53:0f:6e:52:0f: |
| 59:d1:af:cb:1f:bf:fa:92:6b:d8:bb:9d:5b:48:66: |
| 4f:8c:5b:72:98:f1:eb:62:59:23:d6:12:dc:de:2b: |
| e2:78:61:23:2f:21:e5:f5:0b:5c:98:69:f5:15:73: |
| 3d:a6:9c:f5:c2:77:3b:a0:70:af:48:39:5c:21:ff: |
| e2:19:34:82:a0:c4:77:6e:45:11:c6:0d:f3:74:a0: |
| 53:bc:d6:37:6e:17:62:83:43:0c:c8:6e:6a:a3:8f: |
| 83:b4:85:4f:8b:ce:12:55:f5:f1:80:7b:b3:6c:a1: |
| 3a:20:0a:7a:9d:7d:ef:35:e7:15:b4:7a:90:04:54: |
| 68:2d:7a:2d:72:88:99:e7:03:09:55:42:13:9c:55: |
| e7:f4:3f:3c:66:ab:7c:3d:8b:50:c1:d2:2c:eb:d4: |
| b8:f4:13:d1:a7:92:b2:97:29:76:94:a6:49:57:d2: |
| 55:17:86:f1:20:7c:a9:a5:7d:ba:48:cc:87:7e:b4: |
| 14:27:48:d1:72:c5:18:c2:f8:80:4c:ca:1b:92:94: |
| 5f:f3 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 1E:88:21:E6:C7:6E:DC:76:90:45:43:56:DD:DA:B3:5F:50:3D:CA:BB |
| X509v3 Authority Key Identifier: |
| keyid:EA:25:A5:9F:40:47:93:DB:8C:A0:6D:18:4A:47:09:4E:05:93:5F:34 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/UberRoot.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/UberRoot.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 6f:ff:d2:4d:45:07:b2:52:cf:4b:79:b4:37:b8:08:47:37:0e: |
| 6d:db:82:92:14:fe:68:31:c1:cc:4a:6f:55:98:8d:8a:47:32: |
| d5:e4:08:16:eb:68:d2:44:06:55:ec:b7:8b:24:b5:91:c4:a8: |
| 8d:5b:f5:b2:a3:55:a8:01:a7:ae:bc:a9:71:88:53:c9:81:93: |
| d8:73:42:4a:eb:fd:07:5a:ee:89:1f:2f:40:c7:45:24:46:1c: |
| 70:58:12:48:e0:7c:8e:aa:fc:9e:4b:92:83:a0:2f:9a:7e:af: |
| 18:67:38:18:16:d8:4f:69:11:2e:ee:11:30:a6:4f:41:65:a1: |
| 1b:a1:0f:04:bd:ec:7a:e4:a5:d1:a3:fe:3c:6f:9a:f1:cd:85: |
| f3:f5:2d:05:20:08:ff:61:80:14:47:95:b9:00:39:df:dd:61: |
| 55:2b:12:99:60:2a:d1:f4:54:c8:57:77:b3:0d:32:c3:b0:e3: |
| 6b:fd:b4:12:91:bc:e7:a1:55:e3:9c:52:a5:7a:e5:a4:66:d0: |
| f9:a8:23:54:06:fd:73:53:0e:1a:3d:80:0b:6b:71:a0:da:e5: |
| c9:fc:6f:77:ca:87:c0:3b:24:0b:af:24:46:e6:5a:78:05:1b: |
| 4f:c6:c2:bc:e3:b0:6f:6e:5a:7e:c3:d0:a5:7c:6d:48:66:bc: |
| 69:7b:97:d2 |
| -----BEGIN TRUST_ANCHOR_UNCONSTRAINED----- |
| MIIDcTCCAlmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhVYmVy |
| Um9vdDAeFw0xNTAxMDExMjAwMDBaFw0xNjAxMDExMjAwMDBaMA8xDTALBgNVBAMM |
| BFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS7gQfac8fE78M |
| fztlHObjxj2+hiemGphEnnanx9D9vA6SPvihbmqsGYAm+JYrJ/vBTxAkbp9TD25S |
| D1nRr8sfv/qSa9i7nVtIZk+MW3KY8etiWSPWEtzeK+J4YSMvIeX1C1yYafUVcz2m |
| nPXCdzugcK9IOVwh/+IZNIKgxHduRRHGDfN0oFO81jduF2KDQwzIbmqjj4O0hU+L |
| zhJV9fGAe7NsoTogCnqdfe815xW0epAEVGgtei1yiJnnAwlVQhOcVef0Pzxmq3w9 |
| i1DB0izr1Lj0E9GnkrKXKXaUpklX0lUXhvEgfKmlfbpIzId+tBQnSNFyxRjC+IBM |
| yhuSlF/zAgMBAAGjgdMwgdAwHQYDVR0OBBYEFB6IIebHbtx2kEVDVt3as19QPcq7 |
| MB8GA1UdIwQYMBaAFOolpZ9AR5PbjKBtGEpHCU4Fk180MDsGCCsGAQUFBwEBBC8w |
| LTArBggrBgEFBQcwAoYfaHR0cDovL3VybC1mb3ItYWlhL1ViZXJSb290LmNlcjAw |
| BgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vdXJsLWZvci1jcmwvVWJlclJvb3QuY3Js |
| MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA |
| A4IBAQBv/9JNRQeyUs9LebQ3uAhHNw5t24KSFP5oMcHMSm9VmI2KRzLV5AgW62jS |
| RAZV7LeLJLWRxKiNW/Wyo1WoAaeuvKlxiFPJgZPYc0JK6/0HWu6JHy9Ax0UkRhxw |
| WBJI4HyOqvyeS5KDoC+afq8YZzgYFthPaREu7hEwpk9BZaEboQ8Evex65KXRo/48 |
| b5rxzYXz9S0FIAj/YYAUR5W5ADnf3WFVKxKZYCrR9FTIV3ezDTLDsONr/bQSkbzn |
| oVXjnFKleuWkZtD5qCNUBv1zUw4aPYALa3Gg2uXJ/G93yofAOyQLryRG5lp4BRtP |
| xsK847Bvblp+w9ClfG1IZrxpe5fS |
| -----END TRUST_ANCHOR_UNCONSTRAINED----- |
| |
| 150302120000Z |
| -----BEGIN TIME----- |
| MTUwMzAyMTIwMDAwWg== |
| -----END TIME----- |
| |
| SUCCESS |
| -----BEGIN VERIFY_RESULT----- |
| U1VDQ0VTUw== |
| -----END VERIFY_RESULT----- |