blob: f3f205429d0086edf4dac86b752d9ce4856b8da8 [file] [log] [blame]
[Created by: generate-expired-intermediary.py]
Certificate chain with 1 intermediary, where the intermediary is expired
(violates validity.notAfter). Verification is expected to fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediary
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:aa:15:ea:8b:25:e9:de:1a:5f:39:89:dd:71:6d:
30:a6:24:ca:59:9b:63:ab:c2:18:2d:d4:80:ea:63:
71:70:2e:fe:ac:c0:7d:01:b1:35:06:7c:ad:a8:8c:
18:5f:34:16:23:07:78:07:f1:ee:92:08:39:68:1b:
08:53:c0:4e:68:62:01:e3:5e:3f:6f:bf:84:18:06:
a8:59:8d:81:cc:39:71:b9:49:a8:19:2e:44:49:7b:
8c:a6:71:15:2c:2a:3d:69:b9:42:5f:48:3c:1b:37:
c0:c0:fa:11:a8:d2:5a:bc:70:43:e3:b5:04:62:42:
40:bc:5a:8d:f6:bb:27:7a:70:34:9b:dc:a8:12:75:
0d:1b:5c:1e:81:44:41:7f:57:6e:c6:40:78:f6:a6:
5b:98:93:61:4d:e6:dd:bd:49:8f:ba:1e:c5:ac:e9:
3f:b3:d1:c5:c9:dd:db:88:f0:47:5a:fc:fc:ec:b3:
87:2f:7f:f0:e1:a0:69:05:48:21:58:18:4b:79:e9:
de:92:9c:5f:89:79:68:f7:5e:59:58:9c:09:88:5e:
7e:1c:6d:1e:ad:41:4d:f2:b9:9f:ef:9a:9b:57:8e:
ff:35:c3:69:2c:35:eb:30:f0:e4:07:94:09:87:a6:
ef:f4:1b:4b:61:47:64:d1:c9:8b:ba:08:e3:9a:01:
99:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:79:FB:A7:C3:78:BA:A4:08:EC:1C:B2:14:21:D9:DD:6A:9E:B5:29
X509v3 Authority Key Identifier:
keyid:6D:48:EB:C2:7F:9A:86:86:39:A3:39:79:C1:5B:A7:BD:A9:4E:23:00
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediary.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediary.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
5d:d4:68:d4:44:96:48:60:17:d4:88:12:43:df:6b:f0:b3:4c:
b2:ab:70:57:bc:d3:98:ae:34:d2:ab:e9:a3:b7:ae:76:9b:49:
e5:c5:bd:45:33:6a:19:e2:58:96:c7:49:98:24:0b:c1:57:5e:
64:a7:2d:7a:c6:1f:fb:9d:ba:a9:19:6e:25:31:2a:b1:82:41:
47:d4:02:47:ba:03:c3:43:d1:6b:05:10:b0:25:30:5c:0c:17:
3c:a6:7c:4e:6d:94:35:b4:65:e6:67:32:9a:9b:df:26:fa:c6:
f6:f9:c0:47:62:64:a9:95:02:a3:aa:70:82:38:c3:6d:b3:cd:
75:37:bd:4e:c5:91:bc:a1:48:7e:47:a1:bb:39:c4:7d:06:ef:
dc:c1:28:6b:6e:c6:d5:a3:e1:a0:d5:ec:c3:0a:ae:e5:5b:da:
67:14:af:f5:6e:6a:06:72:2e:0d:61:31:31:b7:d4:a4:7b:45:
21:50:cb:2d:30:c4:1f:c5:55:5c:e2:50:ce:35:cc:23:35:b0:
c2:92:ae:89:16:93:66:94:36:43:ff:30:79:b1:28:4d:6f:d1:
01:83:a4:e5:fd:d2:d8:6f:c0:0e:e2:d1:85:e8:56:ea:a7:9a:
d3:ec:f6:96:fc:d2:0c:ec:61:78:97:c8:2a:6d:49:67:ac:66:
19:37:0a:f1
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqFeqL
JeneGl85id1xbTCmJMpZm2Orwhgt1IDqY3FwLv6swH0BsTUGfK2ojBhfNBYjB3gH
8e6SCDloGwhTwE5oYgHjXj9vv4QYBqhZjYHMOXG5SagZLkRJe4ymcRUsKj1puUJf
SDwbN8DA+hGo0lq8cEPjtQRiQkC8Wo32uyd6cDSb3KgSdQ0bXB6BREF/V27GQHj2
pluYk2FN5t29SY+6HsWs6T+z0cXJ3duI8Eda/Pzss4cvf/DhoGkFSCFYGEt56d6S
nF+JeWj3XllYnAmIXn4cbR6tQU3yuZ/vmptXjv81w2ksNesw8OQHlAmHpu/0G0th
R2TRyYu6COOaAZlDAgMBAAGjgekwgeYwHQYDVR0OBBYEFEB5+6fDeLqkCOwcshQh
2d1qnrUpMB8GA1UdIwQYMBaAFG1I68J/moaGOaM5ecFbp72pTiMAMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAXdRo1ESWSGAX1IgSQ99r
8LNMsqtwV7zTmK400qvpo7eudptJ5cW9RTNqGeJYlsdJmCQLwVdeZKctesYf+526
qRluJTEqsYJBR9QCR7oDw0PRawUQsCUwXAwXPKZ8Tm2UNbRl5mcympvfJvrG9vnA
R2JkqZUCo6pwgjjDbbPNdTe9TsWRvKFIfkehuznEfQbv3MEoa27G1aPhoNXswwqu
5VvaZxSv9W5qBnIuDWExMbfUpHtFIVDLLTDEH8VVXOJQzjXMIzWwwpKuiRaTZpQ2
Q/8webEoTW/RAYOk5f3S2G/ADuLRhehW6qea0+z2lvzSDOxheJfIKm1JZ6xmGTcK
8Q==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Mar 1 12:00:00 2015 GMT
Subject: CN=Intermediary
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b5:a7:f6:93:6b:28:98:90:c6:36:f3:31:5e:b2:
6d:43:8a:03:c7:8d:9a:04:1a:23:9d:07:ee:5c:47:
26:da:31:7e:96:34:7e:9d:d8:29:ff:56:2c:05:f9:
d9:ff:e9:10:26:9e:53:12:4b:cb:9d:b6:2f:9d:87:
33:9c:91:7e:d4:81:c7:63:cf:3a:52:b7:62:18:bb:
b5:47:c4:ba:80:79:71:30:31:ed:08:e6:c5:85:03:
d1:e7:05:24:bf:8b:24:f0:2d:44:3c:80:eb:da:75:
f5:8f:a7:6e:dc:1c:46:b8:c6:bf:76:7b:20:e6:f5:
3d:0a:c1:32:54:c6:f1:e6:34:6c:18:c6:11:a5:16:
5b:29:24:75:fa:d3:ee:b9:91:56:80:88:df:fe:7f:
6b:fa:07:49:95:46:b0:0e:61:ce:8d:f0:a7:64:d5:
e5:05:7a:c1:9a:6f:e9:e0:44:05:f8:75:ea:d9:64:
c9:20:98:28:11:d0:c4:fe:31:2f:9b:a5:79:42:2c:
ee:95:6b:7c:34:d4:15:5c:f8:68:e9:de:5c:b7:c8:
1c:33:aa:24:3d:29:60:6e:18:e8:c8:cb:6a:a6:ad:
3c:eb:36:0f:1a:81:aa:0b:8a:0e:fd:7b:e5:8b:12:
7b:76:04:56:7e:b7:1d:cf:cf:65:77:03:fe:a2:6d:
02:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:48:EB:C2:7F:9A:86:86:39:A3:39:79:C1:5B:A7:BD:A9:4E:23:00
X509v3 Authority Key Identifier:
keyid:7A:B1:AA:9D:A5:49:7E:15:F6:31:BC:33:C7:B6:57:F7:FD:13:5C:CF
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
1f:03:06:d7:ad:e1:fb:5a:3f:20:60:5d:d0:db:54:2b:b7:52:
1a:67:c1:06:75:a7:48:d0:de:14:02:e2:6b:c6:71:d0:da:41:
8e:59:c9:17:8e:c5:1e:27:2e:4a:16:2c:7c:77:1e:d4:1c:14:
84:85:22:b2:d4:49:90:ab:c3:86:a6:b5:52:97:53:1e:1f:2e:
e4:ff:60:42:53:03:bb:59:e2:7e:f0:59:a6:4e:04:e6:73:3e:
d3:2a:c3:ff:1f:69:cd:29:4b:ce:39:aa:93:b9:97:d6:f0:e6:
e4:52:ca:30:5f:7f:2d:60:6f:93:20:ec:74:dc:d6:65:0d:5d:
bc:49:cd:ee:56:29:4f:34:8f:9f:5d:54:b6:2b:df:7b:33:8b:
2a:b8:7d:f4:39:f3:e1:02:95:3f:e4:28:14:73:58:7d:88:2b:
e5:1b:e5:0a:9e:eb:b2:e7:7c:bf:e7:1a:70:5f:0f:3d:50:d9:
8c:ea:4b:0a:e9:03:8e:5b:84:68:af:5f:72:6d:96:62:b3:90:
de:f7:be:8d:95:cb:59:5e:d8:7b:41:3e:32:3a:76:a6:01:45:
54:9c:d5:98:78:f0:f7:bf:6b:00:4f:0e:c6:05:8b:0f:64:6a:
ca:0d:fc:ff:db:08:d4:20:11:5e:2b:70:59:bb:5d:46:da:07:
94:12:e6:c7
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE1MDMwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaf2k2so
mJDGNvMxXrJtQ4oDx42aBBojnQfuXEcm2jF+ljR+ndgp/1YsBfnZ/+kQJp5TEkvL
nbYvnYcznJF+1IHHY886UrdiGLu1R8S6gHlxMDHtCObFhQPR5wUkv4sk8C1EPIDr
2nX1j6du3BxGuMa/dnsg5vU9CsEyVMbx5jRsGMYRpRZbKSR1+tPuuZFWgIjf/n9r
+gdJlUawDmHOjfCnZNXlBXrBmm/p4EQF+HXq2WTJIJgoEdDE/jEvm6V5QizulWt8
NNQVXPho6d5ct8gcM6okPSlgbhjoyMtqpq086zYPGoGqC4oO/XvlixJ7dgRWfrcd
z89ldwP+om0CKQIDAQABo4HLMIHIMB0GA1UdDgQWBBRtSOvCf5qGhjmjOXnBW6e9
qU4jADAfBgNVHSMEGDAWgBR6saqdpUl+FfYxvDPHtlf3/RNczzA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AB8DBtet4ftaPyBgXdDbVCu3UhpnwQZ1p0jQ3hQC4mvGcdDaQY5ZyReOxR4nLkoW
LHx3HtQcFISFIrLUSZCrw4amtVKXUx4fLuT/YEJTA7tZ4n7wWaZOBOZzPtMqw/8f
ac0pS845qpO5l9bw5uRSyjBffy1gb5Mg7HTc1mUNXbxJze5WKU80j59dVLYr33sz
iyq4ffQ58+EClT/kKBRzWH2IK+Ub5Qqe67LnfL/nGnBfDz1Q2YzqSwrpA45bhGiv
X3JtlmKzkN73vo2Vy1le2HtBPjI6dqYBRVSc1Zh48Pe/awBPDsYFiw9kasoN/P/b
CNQgEV4rcFm7XUbaB5QS5sc=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ea:ec:57:02:47:92:bc:08:b2:1a:2b:0d:03:36:
e3:2c:b0:4a:52:00:ed:12:f6:5d:39:61:ba:1c:fc:
06:9c:11:13:b6:97:b1:ae:bc:66:4c:8a:05:03:29:
4c:8a:59:cb:27:86:96:98:ce:5c:35:17:74:ba:ad:
1f:14:00:2c:84:cf:cf:2c:fa:5e:a4:70:e5:66:e1:
28:79:be:5a:39:42:ad:a5:bb:66:ca:f2:59:d2:cc:
22:30:c7:bd:aa:19:e2:ed:be:4f:67:05:26:71:a1:
39:96:52:e1:42:cf:fe:83:d2:87:00:e2:96:7b:34:
64:cb:a7:76:ed:cf:79:ca:0f:1d:44:49:9e:7c:0a:
cb:3f:f4:f2:95:1f:07:23:12:75:0c:f7:f4:55:4e:
3c:39:ac:0b:93:a4:33:76:27:82:d7:fa:9e:41:17:
d6:98:e5:c9:a8:0d:40:62:b6:80:36:e7:35:71:6a:
aa:bb:ae:25:0d:12:b1:c7:f2:18:e6:05:3f:43:df:
37:0b:92:30:1c:1f:7c:55:36:01:35:0b:8b:f0:19:
81:39:52:70:c6:e8:51:14:41:ae:e8:90:e0:ce:78:
31:98:8a:ed:0c:c7:24:bb:1a:3f:ef:78:80:0e:35:
19:e2:57:f7:3e:f6:ca:03:c2:f5:46:25:80:32:c7:
44:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B1:AA:9D:A5:49:7E:15:F6:31:BC:33:C7:B6:57:F7:FD:13:5C:CF
X509v3 Authority Key Identifier:
keyid:7A:B1:AA:9D:A5:49:7E:15:F6:31:BC:33:C7:B6:57:F7:FD:13:5C:CF
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
a2:db:fb:36:6b:24:df:02:28:0c:ba:9d:88:82:7b:e7:e0:87:
58:75:70:78:40:3d:f6:53:b9:57:0f:a3:01:b6:aa:3e:80:34:
2f:b5:dc:9b:30:3e:43:44:79:70:22:48:0a:33:28:87:6d:09:
90:92:d8:41:d5:ca:18:72:ba:65:5d:cb:b2:25:50:1c:07:f7:
b7:b7:23:93:2c:da:61:b4:c8:15:66:17:17:b4:d3:a8:4a:cd:
b6:01:bf:4c:e5:84:5d:b2:fb:fe:24:98:44:e8:84:16:6b:f4:
04:f9:88:50:ec:42:1c:31:4b:87:1b:67:76:63:01:8f:46:0b:
66:1b:59:a6:83:43:ed:33:4f:f8:74:74:2e:fe:8d:2c:f4:55:
9f:c5:f9:c1:eb:44:9b:5b:aa:bd:98:5e:36:87:0f:c8:8e:f3:
f7:e3:ef:08:72:a8:f6:d0:f9:86:fa:58:1e:fb:73:43:b0:ba:
f9:8d:b0:f5:29:da:64:be:d8:e2:94:88:75:25:54:ce:e6:4d:
80:33:be:bc:c0:7e:76:fc:65:2e:dc:74:d7:86:64:08:47:f0:
6c:a1:dc:ae:69:2e:71:23:56:eb:a0:6c:f6:2a:15:2c:a7:a5:
05:92:68:56:16:07:cd:82:62:02:e8:77:1f:0f:85:31:02:0c:
c0:9a:56:cd
-----BEGIN TRUSTED_CERTIFICATE-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOrsVwJHkrwIshorDQM2
4yywSlIA7RL2XTlhuhz8BpwRE7aXsa68ZkyKBQMpTIpZyyeGlpjOXDUXdLqtHxQA
LITPzyz6XqRw5WbhKHm+WjlCraW7ZsryWdLMIjDHvaoZ4u2+T2cFJnGhOZZS4ULP
/oPShwDilns0ZMundu3PecoPHURJnnwKyz/08pUfByMSdQz39FVOPDmsC5OkM3Yn
gtf6nkEX1pjlyagNQGK2gDbnNXFqqruuJQ0SscfyGOYFP0PfNwuSMBwffFU2ATUL
i/AZgTlScMboURRBruiQ4M54MZiK7QzHJLsaP+94gA41GeJX9z72ygPC9UYlgDLH
RDkCAwEAAaOByzCByDAdBgNVHQ4EFgQUerGqnaVJfhX2Mbwzx7ZX9/0TXM8wHwYD
VR0jBBgwFoAUerGqnaVJfhX2Mbwzx7ZX9/0TXM8wNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCi2/s2ayTf
AigMup2Ignvn4IdYdXB4QD32U7lXD6MBtqo+gDQvtdybMD5DRHlwIkgKMyiHbQmQ
kthB1coYcrplXcuyJVAcB/e3tyOTLNphtMgVZhcXtNOoSs22Ab9M5YRdsvv+JJhE
6IQWa/QE+YhQ7EIcMUuHG2d2YwGPRgtmG1mmg0PtM0/4dHQu/o0s9FWfxfnB60Sb
W6q9mF42hw/IjvP34+8Icqj20PmG+lge+3NDsLr5jbD1KdpkvtjilIh1JVTO5k2A
M768wH52/GUu3HTXhmQIR/BsodyuaS5xI1broGz2KhUsp6UFkmhWFgfNgmIC6Hcf
D4UxAgzAmlbN
-----END TRUSTED_CERTIFICATE-----
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----