blob: 3a1096d41c17705acd31f16e0bcc1a8ee8b4fee6 [file] [log] [blame]
[Created by: generate-expired-target-notBefore.py]
Certificate chain with 1 intermediary, where the target is expired (violates
validity.notBefore). Verification is expected to fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediary
Validity
Not Before: Mar 2 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b8:1e:b0:de:22:2f:b4:13:ca:c4:72:10:b9:bd:
4c:80:81:be:17:f2:45:bb:5a:d2:b4:a1:f6:3e:1c:
50:00:d5:8d:fe:27:5b:a2:21:07:8b:1a:de:56:56:
58:88:25:41:09:4e:fd:04:bb:6c:75:c7:48:3f:98:
6b:4c:54:8a:22:26:28:f3:c6:76:5f:e8:bf:ad:bf:
4f:ad:6d:1a:1d:ba:5e:fc:0d:2f:92:b2:4f:f7:bb:
e5:fd:3a:ff:8d:fb:f1:9f:96:90:18:46:2c:cf:7b:
62:75:b8:c5:e9:40:ce:67:21:e0:4b:9e:78:65:9b:
9e:71:50:bd:33:12:53:78:7f:ad:fd:bf:e0:ae:d2:
72:51:c1:18:d0:96:71:78:23:ff:a6:55:39:d5:9a:
89:3e:21:72:cd:9d:13:fa:04:9f:08:6f:c0:d0:c5:
ab:b2:27:b5:b8:e2:2d:ab:31:a3:7a:c1:94:56:8b:
35:9c:b8:46:71:1c:d6:69:95:c1:0a:98:e4:14:96:
3c:2f:cb:12:ac:71:88:a4:aa:d0:c8:0e:51:98:47:
71:e8:0e:a0:e7:7e:01:95:b3:73:3f:9b:c4:8b:9d:
d0:dc:17:a9:53:35:99:29:67:f3:28:d2:7f:1e:0d:
17:6b:5d:56:c9:91:a6:ae:e8:07:a6:76:d6:8e:2a:
48:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:06:C6:75:1B:30:9B:E0:78:6C:9C:9B:F1:E1:29:B7:11:41:6D:BD
X509v3 Authority Key Identifier:
keyid:7A:68:26:1F:EE:59:FA:52:EB:B0:98:D1:5D:F6:19:9F:8D:1C:F5:FB
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediary.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediary.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
4e:c4:5a:b3:1f:31:4c:04:75:f8:bb:7d:7b:ed:93:07:81:e3:
41:b9:50:b0:c4:01:06:7d:64:f3:c5:d8:5b:96:0e:b6:c2:fa:
66:50:25:79:c8:6f:6c:03:f1:7b:e6:73:60:cc:68:42:0e:43:
85:58:46:c2:51:27:73:dd:f1:6d:9d:d1:7a:80:97:e5:cf:0c:
9a:85:a1:92:ed:26:3a:d6:10:fd:19:c8:f2:fb:b9:47:ee:a9:
63:1c:52:c5:97:1a:6b:2f:f4:dc:9c:cb:74:86:6a:48:2a:87:
ac:24:d5:cc:8c:2b:12:9d:6d:bc:7e:be:95:3f:88:83:18:68:
75:59:db:79:fb:f0:c7:38:7b:8f:a3:16:e0:44:4c:19:e3:cd:
36:98:fb:fd:c9:17:5e:2f:9c:0c:e1:ba:f2:6e:c0:6e:91:9d:
5e:c0:0b:95:d8:62:7e:2e:8a:2d:4c:f9:b4:ca:17:0d:f0:d2:
71:b0:4d:15:79:b0:8b:9e:96:cf:2e:44:1a:84:a7:4f:61:38:
67:61:1c:a1:70:a0:a4:02:5b:42:f5:a0:09:95:cc:22:89:0d:
4e:e2:1b:dd:1d:fe:ae:d7:84:58:db:dd:07:1d:96:6b:32:11:
da:c6:56:d9:cd:69:10:25:62:fd:91:2d:63:0f:8c:82:fe:00:
8a:eb:87:4f
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhcnkwHhcNMTUwMzAyMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4HrDe
Ii+0E8rEchC5vUyAgb4X8kW7WtK0ofY+HFAA1Y3+J1uiIQeLGt5WVliIJUEJTv0E
u2x1x0g/mGtMVIoiJijzxnZf6L+tv0+tbRodul78DS+Ssk/3u+X9Ov+N+/GflpAY
RizPe2J1uMXpQM5nIeBLnnhlm55xUL0zElN4f639v+Cu0nJRwRjQlnF4I/+mVTnV
mok+IXLNnRP6BJ8Ib8DQxauyJ7W44i2rMaN6wZRWizWcuEZxHNZplcEKmOQUljwv
yxKscYikqtDIDlGYR3HoDqDnfgGVs3M/m8SLndDcF6lTNZkpZ/Mo0n8eDRdrXVbJ
kaau6AemdtaOKkhHAgMBAAGjgekwgeYwHQYDVR0OBBYEFCcGxnUbMJvgeGycm/Hh
KbcRQW29MB8GA1UdIwQYMBaAFHpoJh/uWfpS67CY0V32GZ+NHPX7MD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEATsRasx8xTAR1+Lt9e+2T
B4HjQblQsMQBBn1k88XYW5YOtsL6ZlAlechvbAPxe+ZzYMxoQg5DhVhGwlEnc93x
bZ3ReoCX5c8MmoWhku0mOtYQ/RnI8vu5R+6pYxxSxZcaay/03JzLdIZqSCqHrCTV
zIwrEp1tvH6+lT+IgxhodVnbefvwxzh7j6MW4ERMGePNNpj7/ckXXi+cDOG68m7A
bpGdXsALldhifi6KLUz5tMoXDfDScbBNFXmwi56Wzy5EGoSnT2E4Z2EcoXCgpAJb
QvWgCZXMIokNTuIb3R3+rteEWNvdBx2WazIR2sZW2c1pECVi/ZEtYw+Mgv4AiuuH
Tw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediary
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c0:6b:09:c5:84:c2:5f:1b:c6:98:31:2d:a2:3e:
03:a9:13:4d:b8:4b:03:a6:1d:0a:e4:e1:ba:81:31:
2b:dd:92:7c:6b:81:85:c4:d4:cf:73:30:33:b2:8d:
9f:d9:0b:48:a0:70:51:88:93:d5:f1:ef:bd:14:6e:
7b:da:b6:a4:c5:a9:ca:cd:27:90:38:c8:5e:12:68:
f8:f2:70:01:8a:da:e3:6c:2f:62:c4:67:40:e2:92:
20:fe:77:d9:91:f4:6b:02:0c:40:d6:b5:ef:98:85:
36:58:59:ec:e7:17:c8:72:53:8a:fc:2e:fa:08:70:
ba:ab:ea:42:40:50:e0:6b:14:04:73:78:34:96:db:
8a:c9:22:21:f1:c1:1b:81:7c:95:c6:83:f8:d1:40:
1f:5d:ec:bc:d0:4e:30:7f:b2:07:b4:e2:be:3f:f7:
28:ab:a2:61:fd:98:3b:5a:1c:c9:61:30:13:ea:7c:
7d:13:99:a0:9a:a5:a5:72:3f:a7:e7:7d:3b:a6:b7:
09:6c:48:5c:ec:a3:d6:4c:2e:eb:21:e8:97:aa:44:
32:23:03:dd:24:8d:08:b4:94:df:65:5b:7c:45:59:
11:4b:ce:1f:78:e5:c4:bc:87:00:bb:c4:69:d7:3b:
ae:a6:b7:80:df:4c:e2:0d:be:a4:0e:1c:05:5d:cf:
dc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:68:26:1F:EE:59:FA:52:EB:B0:98:D1:5D:F6:19:9F:8D:1C:F5:FB
X509v3 Authority Key Identifier:
keyid:66:52:63:09:9B:DD:07:2A:2D:E0:F3:6C:29:FB:D9:74:87:F5:02:6A
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
b2:03:09:bd:ed:73:cd:8d:d6:d0:f4:86:40:00:10:eb:b9:37:
74:1d:f2:b3:dc:2d:df:a4:75:77:f1:62:23:b8:2d:70:14:af:
33:4e:0c:8f:6d:13:db:d4:dc:92:04:8d:0e:b6:14:98:07:f6:
80:cb:9a:8d:d3:0e:9d:6d:13:12:c1:01:f0:14:9d:a3:c1:05:
45:3c:26:16:d2:39:3f:ed:3c:6c:ab:c0:2b:b2:21:29:dc:4b:
6b:51:cf:e9:99:ef:fa:14:3a:c4:f1:77:c0:83:f5:7f:af:11:
40:db:f3:3f:7c:18:26:79:e9:15:c0:62:79:06:85:15:8a:53:
03:be:2f:e9:5c:69:7c:c7:d7:47:6a:7b:00:c8:d8:4f:55:ce:
d1:64:58:0f:87:ef:27:b2:7b:59:20:04:7d:4f:16:08:c7:d0:
f0:c1:aa:b6:a9:ae:aa:fd:a7:98:2c:40:28:bb:e5:d7:91:e5:
72:c9:ab:0a:92:0e:b0:d5:ff:9c:db:73:5d:e1:9d:a5:fd:89:
4e:c8:26:8d:f8:76:0b:7e:7f:94:70:73:e4:22:b4:fb:2f:bc:
06:84:73:b1:99:78:fa:5f:e8:d7:20:8f:b9:cb:d9:a4:99:7e:
be:b9:89:1c:07:0a:19:cb:0c:f0:15:70:81:51:ee:d7:8e:e8:
f7:21:3f:fd
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGsJxYTC
XxvGmDEtoj4DqRNNuEsDph0K5OG6gTEr3ZJ8a4GFxNTPczAzso2f2QtIoHBRiJPV
8e+9FG572rakxanKzSeQOMheEmj48nABitrjbC9ixGdA4pIg/nfZkfRrAgxA1rXv
mIU2WFns5xfIclOK/C76CHC6q+pCQFDgaxQEc3g0ltuKySIh8cEbgXyVxoP40UAf
Xey80E4wf7IHtOK+P/coq6Jh/Zg7WhzJYTAT6nx9E5mgmqWlcj+n5307prcJbEhc
7KPWTC7rIeiXqkQyIwPdJI0ItJTfZVt8RVkRS84feOXEvIcAu8Rp1zuupreA30zi
Db6kDhwFXc/cyQIDAQABo4HLMIHIMB0GA1UdDgQWBBR6aCYf7ln6UuuwmNFd9hmf
jRz1+zAfBgNVHSMEGDAWgBRmUmMJm90HKi3g82wp+9l0h/UCajA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
ALIDCb3tc82N1tD0hkAAEOu5N3Qd8rPcLd+kdXfxYiO4LXAUrzNODI9tE9vU3JIE
jQ62FJgH9oDLmo3TDp1tExLBAfAUnaPBBUU8JhbSOT/tPGyrwCuyISncS2tRz+mZ
7/oUOsTxd8CD9X+vEUDb8z98GCZ56RXAYnkGhRWKUwO+L+lcaXzH10dqewDI2E9V
ztFkWA+H7yeye1kgBH1PFgjH0PDBqraprqr9p5gsQCi75deR5XLJqwqSDrDV/5zb
c13hnaX9iU7IJo34dgt+f5Rwc+QitPsvvAaEc7GZePpf6Ncgj7nL2aSZfr65iRwH
ChnLDPAVcIFR7teO6PchP/0=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bb:61:9d:50:28:51:f7:22:01:45:32:28:d0:d0:
b2:c3:41:a4:3a:1f:8b:9a:b0:eb:61:31:39:1a:87:
5b:03:fb:02:82:15:8f:7f:d7:bb:4e:89:ae:08:df:
7e:6f:2f:66:87:8f:57:ab:a0:61:79:25:64:eb:20:
5d:e7:92:17:bd:c4:1b:e0:ea:27:e2:7b:b8:6e:05:
08:07:54:3d:4e:d6:80:8b:b9:50:d0:75:23:93:c3:
e2:1b:de:f7:20:24:35:0f:d4:c3:dd:cf:07:19:29:
6f:08:08:a6:b3:9f:6d:2a:8b:3c:b7:6f:32:fe:81:
6d:1b:ad:88:96:c5:1f:a4:7a:a4:81:b5:e4:b3:9a:
bc:42:b0:40:e5:77:8d:12:32:cc:d9:05:12:6a:47:
62:2b:22:5b:a8:48:fe:14:1a:a1:2f:03:34:f1:2b:
8f:d5:bf:3c:18:ae:f1:67:79:c8:a3:8d:29:d0:ce:
23:03:6f:ee:14:5e:97:dd:4d:c8:f5:1f:c4:1d:49:
08:b5:9c:7d:fa:e1:79:08:27:83:2d:8a:f4:43:d6:
d6:6b:78:f4:0e:4c:42:57:72:03:61:73:b5:82:23:
98:2a:a9:06:f9:b3:95:cd:01:66:c2:3e:96:da:02:
13:95:e1:e6:51:94:67:2d:37:a5:cf:c1:18:62:fb:
56:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:52:63:09:9B:DD:07:2A:2D:E0:F3:6C:29:FB:D9:74:87:F5:02:6A
X509v3 Authority Key Identifier:
keyid:66:52:63:09:9B:DD:07:2A:2D:E0:F3:6C:29:FB:D9:74:87:F5:02:6A
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
09:c6:5a:c2:9c:aa:78:6d:66:79:43:2a:1c:a4:0b:04:42:8c:
54:6c:89:d7:ce:e0:fd:8e:33:5b:6c:2b:a2:ed:05:de:ea:3b:
11:21:bd:e9:23:45:bd:0f:e0:5c:fe:1b:11:8b:46:75:c1:24:
84:5a:95:15:a5:b3:73:86:6b:aa:8f:dc:46:3c:64:d9:60:9e:
c1:7a:63:a3:d5:d6:b4:27:ed:c3:77:ea:5d:59:e7:93:05:df:
be:58:4c:a5:92:52:61:11:d1:7f:27:e6:9b:29:3c:b8:9d:a0:
5c:d0:98:5f:a7:ed:39:14:f4:30:81:f6:0d:3b:cd:96:d6:dd:
7a:e2:b0:55:7c:ab:87:10:54:a6:5d:ac:27:5b:a6:a1:1e:ee:
e7:26:cb:44:1d:fe:84:85:54:e0:cb:62:1b:5a:bb:ed:38:c0:
f4:bd:1e:5d:ee:c6:d7:6e:b3:27:56:5c:8d:1f:dd:70:52:35:
8a:bc:07:0a:97:99:10:80:16:5b:a3:d1:de:f9:97:59:ca:5f:
42:10:c0:26:3e:6e:92:a9:6d:e5:09:1e:4c:92:4b:2e:a7:e8:
81:7f:e4:bb:b3:44:3c:71:e3:0c:ba:66:30:4a:fc:30:40:ce:
50:98:1b:61:52:91:02:84:ff:a1:a3:09:ad:1b:68:db:52:a6:
cf:18:79:af
-----BEGIN TRUSTED_CERTIFICATE-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALthnVAoUfciAUUyKNDQ
ssNBpDofi5qw62ExORqHWwP7AoIVj3/Xu06Jrgjffm8vZoePV6ugYXklZOsgXeeS
F73EG+DqJ+J7uG4FCAdUPU7WgIu5UNB1I5PD4hve9yAkNQ/Uw93PBxkpbwgIprOf
bSqLPLdvMv6BbRutiJbFH6R6pIG15LOavEKwQOV3jRIyzNkFEmpHYisiW6hI/hQa
oS8DNPErj9W/PBiu8Wd5yKONKdDOIwNv7hRel91NyPUfxB1JCLWcffrheQgngy2K
9EPW1mt49A5MQldyA2FztYIjmCqpBvmzlc0BZsI+ltoCE5Xh5lGUZy03pc/BGGL7
VhUCAwEAAaOByzCByDAdBgNVHQ4EFgQUZlJjCZvdByot4PNsKfvZdIf1AmowHwYD
VR0jBBgwFoAUZlJjCZvdByot4PNsKfvZdIf1AmowNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAJxlrCnKp4
bWZ5QyocpAsEQoxUbInXzuD9jjNbbCui7QXe6jsRIb3pI0W9D+Bc/hsRi0Z1wSSE
WpUVpbNzhmuqj9xGPGTZYJ7BemOj1da0J+3Dd+pdWeeTBd++WEylklJhEdF/J+ab
KTy4naBc0Jhfp+05FPQwgfYNO82W1t164rBVfKuHEFSmXawnW6ahHu7nJstEHf6E
hVTgy2IbWrvtOMD0vR5d7sbXbrMnVlyNH91wUjWKvAcKl5kQgBZbo9He+ZdZyl9C
EMAmPm6SqW3lCR5Mkksup+iBf+S7s0Q8ceMMumYwSvwwQM5QmBthUpEChP+howmt
G2jbUqbPGHmv
-----END TRUSTED_CERTIFICATE-----
-----BEGIN TIME-----
MTUwMzAxMTIwMDAwWg==
-----END TIME-----
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----