| [Created by: generate-expired-target-notBefore.py] |
| |
| Certificate chain with 1 intermediary, where the target is expired (violates |
| validity.notBefore). Verification is expected to fail. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediary |
| Validity |
| Not Before: Mar 2 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:b8:1e:b0:de:22:2f:b4:13:ca:c4:72:10:b9:bd: |
| 4c:80:81:be:17:f2:45:bb:5a:d2:b4:a1:f6:3e:1c: |
| 50:00:d5:8d:fe:27:5b:a2:21:07:8b:1a:de:56:56: |
| 58:88:25:41:09:4e:fd:04:bb:6c:75:c7:48:3f:98: |
| 6b:4c:54:8a:22:26:28:f3:c6:76:5f:e8:bf:ad:bf: |
| 4f:ad:6d:1a:1d:ba:5e:fc:0d:2f:92:b2:4f:f7:bb: |
| e5:fd:3a:ff:8d:fb:f1:9f:96:90:18:46:2c:cf:7b: |
| 62:75:b8:c5:e9:40:ce:67:21:e0:4b:9e:78:65:9b: |
| 9e:71:50:bd:33:12:53:78:7f:ad:fd:bf:e0:ae:d2: |
| 72:51:c1:18:d0:96:71:78:23:ff:a6:55:39:d5:9a: |
| 89:3e:21:72:cd:9d:13:fa:04:9f:08:6f:c0:d0:c5: |
| ab:b2:27:b5:b8:e2:2d:ab:31:a3:7a:c1:94:56:8b: |
| 35:9c:b8:46:71:1c:d6:69:95:c1:0a:98:e4:14:96: |
| 3c:2f:cb:12:ac:71:88:a4:aa:d0:c8:0e:51:98:47: |
| 71:e8:0e:a0:e7:7e:01:95:b3:73:3f:9b:c4:8b:9d: |
| d0:dc:17:a9:53:35:99:29:67:f3:28:d2:7f:1e:0d: |
| 17:6b:5d:56:c9:91:a6:ae:e8:07:a6:76:d6:8e:2a: |
| 48:47 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 27:06:C6:75:1B:30:9B:E0:78:6C:9C:9B:F1:E1:29:B7:11:41:6D:BD |
| X509v3 Authority Key Identifier: |
| keyid:7A:68:26:1F:EE:59:FA:52:EB:B0:98:D1:5D:F6:19:9F:8D:1C:F5:FB |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediary.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediary.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 4e:c4:5a:b3:1f:31:4c:04:75:f8:bb:7d:7b:ed:93:07:81:e3: |
| 41:b9:50:b0:c4:01:06:7d:64:f3:c5:d8:5b:96:0e:b6:c2:fa: |
| 66:50:25:79:c8:6f:6c:03:f1:7b:e6:73:60:cc:68:42:0e:43: |
| 85:58:46:c2:51:27:73:dd:f1:6d:9d:d1:7a:80:97:e5:cf:0c: |
| 9a:85:a1:92:ed:26:3a:d6:10:fd:19:c8:f2:fb:b9:47:ee:a9: |
| 63:1c:52:c5:97:1a:6b:2f:f4:dc:9c:cb:74:86:6a:48:2a:87: |
| ac:24:d5:cc:8c:2b:12:9d:6d:bc:7e:be:95:3f:88:83:18:68: |
| 75:59:db:79:fb:f0:c7:38:7b:8f:a3:16:e0:44:4c:19:e3:cd: |
| 36:98:fb:fd:c9:17:5e:2f:9c:0c:e1:ba:f2:6e:c0:6e:91:9d: |
| 5e:c0:0b:95:d8:62:7e:2e:8a:2d:4c:f9:b4:ca:17:0d:f0:d2: |
| 71:b0:4d:15:79:b0:8b:9e:96:cf:2e:44:1a:84:a7:4f:61:38: |
| 67:61:1c:a1:70:a0:a4:02:5b:42:f5:a0:09:95:cc:22:89:0d: |
| 4e:e2:1b:dd:1d:fe:ae:d7:84:58:db:dd:07:1d:96:6b:32:11: |
| da:c6:56:d9:cd:69:10:25:62:fd:91:2d:63:0f:8c:82:fe:00: |
| 8a:eb:87:4f |
| -----BEGIN CERTIFICATE----- |
| MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhcnkwHhcNMTUwMzAyMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4HrDe |
| Ii+0E8rEchC5vUyAgb4X8kW7WtK0ofY+HFAA1Y3+J1uiIQeLGt5WVliIJUEJTv0E |
| u2x1x0g/mGtMVIoiJijzxnZf6L+tv0+tbRodul78DS+Ssk/3u+X9Ov+N+/GflpAY |
| RizPe2J1uMXpQM5nIeBLnnhlm55xUL0zElN4f639v+Cu0nJRwRjQlnF4I/+mVTnV |
| mok+IXLNnRP6BJ8Ib8DQxauyJ7W44i2rMaN6wZRWizWcuEZxHNZplcEKmOQUljwv |
| yxKscYikqtDIDlGYR3HoDqDnfgGVs3M/m8SLndDcF6lTNZkpZ/Mo0n8eDRdrXVbJ |
| kaau6AemdtaOKkhHAgMBAAGjgekwgeYwHQYDVR0OBBYEFCcGxnUbMJvgeGycm/Hh |
| KbcRQW29MB8GA1UdIwQYMBaAFHpoJh/uWfpS67CY0V32GZ+NHPX7MD8GCCsGAQUF |
| BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEATsRasx8xTAR1+Lt9e+2T |
| B4HjQblQsMQBBn1k88XYW5YOtsL6ZlAlechvbAPxe+ZzYMxoQg5DhVhGwlEnc93x |
| bZ3ReoCX5c8MmoWhku0mOtYQ/RnI8vu5R+6pYxxSxZcaay/03JzLdIZqSCqHrCTV |
| zIwrEp1tvH6+lT+IgxhodVnbefvwxzh7j6MW4ERMGePNNpj7/ckXXi+cDOG68m7A |
| bpGdXsALldhifi6KLUz5tMoXDfDScbBNFXmwi56Wzy5EGoSnT2E4Z2EcoXCgpAJb |
| QvWgCZXMIokNTuIb3R3+rteEWNvdBx2WazIR2sZW2c1pECVi/ZEtYw+Mgv4AiuuH |
| Tw== |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 2 (0x2) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediary |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:c0:6b:09:c5:84:c2:5f:1b:c6:98:31:2d:a2:3e: |
| 03:a9:13:4d:b8:4b:03:a6:1d:0a:e4:e1:ba:81:31: |
| 2b:dd:92:7c:6b:81:85:c4:d4:cf:73:30:33:b2:8d: |
| 9f:d9:0b:48:a0:70:51:88:93:d5:f1:ef:bd:14:6e: |
| 7b:da:b6:a4:c5:a9:ca:cd:27:90:38:c8:5e:12:68: |
| f8:f2:70:01:8a:da:e3:6c:2f:62:c4:67:40:e2:92: |
| 20:fe:77:d9:91:f4:6b:02:0c:40:d6:b5:ef:98:85: |
| 36:58:59:ec:e7:17:c8:72:53:8a:fc:2e:fa:08:70: |
| ba:ab:ea:42:40:50:e0:6b:14:04:73:78:34:96:db: |
| 8a:c9:22:21:f1:c1:1b:81:7c:95:c6:83:f8:d1:40: |
| 1f:5d:ec:bc:d0:4e:30:7f:b2:07:b4:e2:be:3f:f7: |
| 28:ab:a2:61:fd:98:3b:5a:1c:c9:61:30:13:ea:7c: |
| 7d:13:99:a0:9a:a5:a5:72:3f:a7:e7:7d:3b:a6:b7: |
| 09:6c:48:5c:ec:a3:d6:4c:2e:eb:21:e8:97:aa:44: |
| 32:23:03:dd:24:8d:08:b4:94:df:65:5b:7c:45:59: |
| 11:4b:ce:1f:78:e5:c4:bc:87:00:bb:c4:69:d7:3b: |
| ae:a6:b7:80:df:4c:e2:0d:be:a4:0e:1c:05:5d:cf: |
| dc:c9 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 7A:68:26:1F:EE:59:FA:52:EB:B0:98:D1:5D:F6:19:9F:8D:1C:F5:FB |
| X509v3 Authority Key Identifier: |
| keyid:66:52:63:09:9B:DD:07:2A:2D:E0:F3:6C:29:FB:D9:74:87:F5:02:6A |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| b2:03:09:bd:ed:73:cd:8d:d6:d0:f4:86:40:00:10:eb:b9:37: |
| 74:1d:f2:b3:dc:2d:df:a4:75:77:f1:62:23:b8:2d:70:14:af: |
| 33:4e:0c:8f:6d:13:db:d4:dc:92:04:8d:0e:b6:14:98:07:f6: |
| 80:cb:9a:8d:d3:0e:9d:6d:13:12:c1:01:f0:14:9d:a3:c1:05: |
| 45:3c:26:16:d2:39:3f:ed:3c:6c:ab:c0:2b:b2:21:29:dc:4b: |
| 6b:51:cf:e9:99:ef:fa:14:3a:c4:f1:77:c0:83:f5:7f:af:11: |
| 40:db:f3:3f:7c:18:26:79:e9:15:c0:62:79:06:85:15:8a:53: |
| 03:be:2f:e9:5c:69:7c:c7:d7:47:6a:7b:00:c8:d8:4f:55:ce: |
| d1:64:58:0f:87:ef:27:b2:7b:59:20:04:7d:4f:16:08:c7:d0: |
| f0:c1:aa:b6:a9:ae:aa:fd:a7:98:2c:40:28:bb:e5:d7:91:e5: |
| 72:c9:ab:0a:92:0e:b0:d5:ff:9c:db:73:5d:e1:9d:a5:fd:89: |
| 4e:c8:26:8d:f8:76:0b:7e:7f:94:70:73:e4:22:b4:fb:2f:bc: |
| 06:84:73:b1:99:78:fa:5f:e8:d7:20:8f:b9:cb:d9:a4:99:7e: |
| be:b9:89:1c:07:0a:19:cb:0c:f0:15:70:81:51:ee:d7:8e:e8: |
| f7:21:3f:fd |
| -----BEGIN CERTIFICATE----- |
| MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGsJxYTC |
| XxvGmDEtoj4DqRNNuEsDph0K5OG6gTEr3ZJ8a4GFxNTPczAzso2f2QtIoHBRiJPV |
| 8e+9FG572rakxanKzSeQOMheEmj48nABitrjbC9ixGdA4pIg/nfZkfRrAgxA1rXv |
| mIU2WFns5xfIclOK/C76CHC6q+pCQFDgaxQEc3g0ltuKySIh8cEbgXyVxoP40UAf |
| Xey80E4wf7IHtOK+P/coq6Jh/Zg7WhzJYTAT6nx9E5mgmqWlcj+n5307prcJbEhc |
| 7KPWTC7rIeiXqkQyIwPdJI0ItJTfZVt8RVkRS84feOXEvIcAu8Rp1zuupreA30zi |
| Db6kDhwFXc/cyQIDAQABo4HLMIHIMB0GA1UdDgQWBBR6aCYf7ln6UuuwmNFd9hmf |
| jRz1+zAfBgNVHSMEGDAWgBRmUmMJm90HKi3g82wp+9l0h/UCajA3BggrBgEFBQcB |
| AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB |
| ALIDCb3tc82N1tD0hkAAEOu5N3Qd8rPcLd+kdXfxYiO4LXAUrzNODI9tE9vU3JIE |
| jQ62FJgH9oDLmo3TDp1tExLBAfAUnaPBBUU8JhbSOT/tPGyrwCuyISncS2tRz+mZ |
| 7/oUOsTxd8CD9X+vEUDb8z98GCZ56RXAYnkGhRWKUwO+L+lcaXzH10dqewDI2E9V |
| ztFkWA+H7yeye1kgBH1PFgjH0PDBqraprqr9p5gsQCi75deR5XLJqwqSDrDV/5zb |
| c13hnaX9iU7IJo34dgt+f5Rwc+QitPsvvAaEc7GZePpf6Ncgj7nL2aSZfr65iRwH |
| ChnLDPAVcIFR7teO6PchP/0= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:bb:61:9d:50:28:51:f7:22:01:45:32:28:d0:d0: |
| b2:c3:41:a4:3a:1f:8b:9a:b0:eb:61:31:39:1a:87: |
| 5b:03:fb:02:82:15:8f:7f:d7:bb:4e:89:ae:08:df: |
| 7e:6f:2f:66:87:8f:57:ab:a0:61:79:25:64:eb:20: |
| 5d:e7:92:17:bd:c4:1b:e0:ea:27:e2:7b:b8:6e:05: |
| 08:07:54:3d:4e:d6:80:8b:b9:50:d0:75:23:93:c3: |
| e2:1b:de:f7:20:24:35:0f:d4:c3:dd:cf:07:19:29: |
| 6f:08:08:a6:b3:9f:6d:2a:8b:3c:b7:6f:32:fe:81: |
| 6d:1b:ad:88:96:c5:1f:a4:7a:a4:81:b5:e4:b3:9a: |
| bc:42:b0:40:e5:77:8d:12:32:cc:d9:05:12:6a:47: |
| 62:2b:22:5b:a8:48:fe:14:1a:a1:2f:03:34:f1:2b: |
| 8f:d5:bf:3c:18:ae:f1:67:79:c8:a3:8d:29:d0:ce: |
| 23:03:6f:ee:14:5e:97:dd:4d:c8:f5:1f:c4:1d:49: |
| 08:b5:9c:7d:fa:e1:79:08:27:83:2d:8a:f4:43:d6: |
| d6:6b:78:f4:0e:4c:42:57:72:03:61:73:b5:82:23: |
| 98:2a:a9:06:f9:b3:95:cd:01:66:c2:3e:96:da:02: |
| 13:95:e1:e6:51:94:67:2d:37:a5:cf:c1:18:62:fb: |
| 56:15 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 66:52:63:09:9B:DD:07:2A:2D:E0:F3:6C:29:FB:D9:74:87:F5:02:6A |
| X509v3 Authority Key Identifier: |
| keyid:66:52:63:09:9B:DD:07:2A:2D:E0:F3:6C:29:FB:D9:74:87:F5:02:6A |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 09:c6:5a:c2:9c:aa:78:6d:66:79:43:2a:1c:a4:0b:04:42:8c: |
| 54:6c:89:d7:ce:e0:fd:8e:33:5b:6c:2b:a2:ed:05:de:ea:3b: |
| 11:21:bd:e9:23:45:bd:0f:e0:5c:fe:1b:11:8b:46:75:c1:24: |
| 84:5a:95:15:a5:b3:73:86:6b:aa:8f:dc:46:3c:64:d9:60:9e: |
| c1:7a:63:a3:d5:d6:b4:27:ed:c3:77:ea:5d:59:e7:93:05:df: |
| be:58:4c:a5:92:52:61:11:d1:7f:27:e6:9b:29:3c:b8:9d:a0: |
| 5c:d0:98:5f:a7:ed:39:14:f4:30:81:f6:0d:3b:cd:96:d6:dd: |
| 7a:e2:b0:55:7c:ab:87:10:54:a6:5d:ac:27:5b:a6:a1:1e:ee: |
| e7:26:cb:44:1d:fe:84:85:54:e0:cb:62:1b:5a:bb:ed:38:c0: |
| f4:bd:1e:5d:ee:c6:d7:6e:b3:27:56:5c:8d:1f:dd:70:52:35: |
| 8a:bc:07:0a:97:99:10:80:16:5b:a3:d1:de:f9:97:59:ca:5f: |
| 42:10:c0:26:3e:6e:92:a9:6d:e5:09:1e:4c:92:4b:2e:a7:e8: |
| 81:7f:e4:bb:b3:44:3c:71:e3:0c:ba:66:30:4a:fc:30:40:ce: |
| 50:98:1b:61:52:91:02:84:ff:a1:a3:09:ad:1b:68:db:52:a6: |
| cf:18:79:af |
| -----BEGIN TRUSTED_CERTIFICATE----- |
| MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALthnVAoUfciAUUyKNDQ |
| ssNBpDofi5qw62ExORqHWwP7AoIVj3/Xu06Jrgjffm8vZoePV6ugYXklZOsgXeeS |
| F73EG+DqJ+J7uG4FCAdUPU7WgIu5UNB1I5PD4hve9yAkNQ/Uw93PBxkpbwgIprOf |
| bSqLPLdvMv6BbRutiJbFH6R6pIG15LOavEKwQOV3jRIyzNkFEmpHYisiW6hI/hQa |
| oS8DNPErj9W/PBiu8Wd5yKONKdDOIwNv7hRel91NyPUfxB1JCLWcffrheQgngy2K |
| 9EPW1mt49A5MQldyA2FztYIjmCqpBvmzlc0BZsI+ltoCE5Xh5lGUZy03pc/BGGL7 |
| VhUCAwEAAaOByzCByDAdBgNVHQ4EFgQUZlJjCZvdByot4PNsKfvZdIf1AmowHwYD |
| VR0jBBgwFoAUZlJjCZvdByot4PNsKfvZdIf1AmowNwYIKwYBBQUHAQEEKzApMCcG |
| CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAJxlrCnKp4 |
| bWZ5QyocpAsEQoxUbInXzuD9jjNbbCui7QXe6jsRIb3pI0W9D+Bc/hsRi0Z1wSSE |
| WpUVpbNzhmuqj9xGPGTZYJ7BemOj1da0J+3Dd+pdWeeTBd++WEylklJhEdF/J+ab |
| KTy4naBc0Jhfp+05FPQwgfYNO82W1t164rBVfKuHEFSmXawnW6ahHu7nJstEHf6E |
| hVTgy2IbWrvtOMD0vR5d7sbXbrMnVlyNH91wUjWKvAcKl5kQgBZbo9He+ZdZyl9C |
| EMAmPm6SqW3lCR5Mkksup+iBf+S7s0Q8ceMMumYwSvwwQM5QmBthUpEChP+howmt |
| G2jbUqbPGHmv |
| -----END TRUSTED_CERTIFICATE----- |
| |
| -----BEGIN TIME----- |
| MTUwMzAxMTIwMDAwWg== |
| -----END TIME----- |
| |
| -----BEGIN VERIFY_RESULT----- |
| RkFJTA== |
| -----END VERIFY_RESULT----- |