Google Git
Sign in
chromium / chromium / src / e6d181417ea462ac221d768c960a21018266a4a8 / . / net / data / verify_certificate_chain_unittest / intermediary-lacks-basic-constraints.pem
blob: 016f94e14fd6dda492f3aa1eba3e51e06b99c4da [file] [log] [blame]
[Created by: generate-intermediary-lacks-basic-constraints.py]
Certificate chain with 1 intermediary and a trusted root. The intermediary
lacks the basic constraints extension, and hence is expected to fail validation
(RFC 5280 requires v3 signing certificates have a BasicConstaints).
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediary
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:f3:d6:19:96:48:0c:01:e2:21:3d:98:21:52:df:
5a:79:95:01:e5:c2:ab:77:e4:7b:10:17:64:75:a4:
ca:b6:69:cc:a9:4a:1d:b6:7f:a0:16:89:32:21:c2:
2a:c2:58:28:d2:f3:ef:a5:2d:81:92:47:17:d5:61:
65:ab:43:22:ce:59:5b:20:31:be:6e:84:23:19:d5:
7e:a8:70:50:6c:de:06:b8:58:09:97:fd:02:98:31:
2d:3b:ab:1b:4a:82:6c:28:ab:c5:a3:6b:ea:40:2b:
48:02:73:e4:ce:ea:f6:3b:6a:80:1f:5b:59:30:86:
1b:5e:64:61:b5:94:d2:f0:c8:bb:88:b1:90:05:1a:
e8:e6:97:dc:7d:e8:53:c8:9f:88:09:69:82:1f:1e:
e2:d1:70:f3:85:06:63:18:0a:d2:f1:71:a3:25:a3:
42:76:3a:5e:02:78:e6:7a:c6:a4:82:dd:79:35:5a:
da:8e:37:92:82:bf:01:13:1b:6e:52:97:97:32:f1:
b2:4e:95:bc:55:89:61:61:73:b4:64:30:b1:89:87:
51:17:29:f3:67:de:5b:99:ee:47:71:07:8c:d5:17:
55:e0:70:bc:b6:06:6e:eb:7a:c6:69:69:97:e1:3d:
1d:be:93:da:a0:fa:cb:2f:f0:ed:5c:da:18:0e:67:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C8:4E:91:CD:73:65:1D:13:F9:EC:F0:91:13:F1:D0:01:AD:1E:7C
X509v3 Authority Key Identifier:
keyid:60:E7:1E:8E:53:95:1F:8F:00:D1:F7:9F:36:01:26:15:86:53:0E:F2
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediary.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediary.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
88:1d:e7:e6:1e:4b:93:a9:79:59:0e:10:43:1e:f7:79:a4:c7:
68:55:81:b6:b4:6d:b0:5b:b6:46:13:8b:4e:1c:d4:79:17:b1:
71:46:b6:69:21:92:fa:bf:bd:76:cc:6c:b1:04:58:28:41:79:
34:4f:09:e7:17:5c:d0:ac:fc:c5:2e:1e:5c:31:ca:ed:55:ea:
df:4a:43:9a:72:37:0a:8a:69:dd:4e:e9:a3:ef:dd:48:45:41:
7b:55:e3:d1:98:69:a5:ec:0b:43:32:24:da:33:cd:fd:35:74:
17:81:b1:61:37:b1:12:5d:51:86:e6:a2:08:e5:c7:99:aa:f7:
23:c4:5f:83:c0:59:9c:36:f9:a0:4c:03:f7:40:42:fb:90:39:
5a:45:e5:e2:94:a3:58:c2:a1:d8:c9:aa:3e:83:98:b0:32:a1:
85:9a:b1:34:c7:67:a4:03:67:6e:5b:d7:83:b8:92:0f:af:81:
b5:00:50:c4:0f:f6:bb:cd:7d:0f:a8:cd:28:bb:48:b8:32:82:
ef:d1:cf:96:74:e4:25:74:ce:5e:4c:75:d2:80:55:a3:6b:a6:
76:eb:aa:3e:2b:55:d3:c9:bd:2b:32:d3:1d:01:00:cb:8d:c4:
c0:b9:29:0b:10:e5:ab:34:2f:30:63:29:df:a8:4f:b3:28:dd:
0b:8c:ea:14
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz1hmW
SAwB4iE9mCFS31p5lQHlwqt35HsQF2R1pMq2acypSh22f6AWiTIhwirCWCjS8++l
LYGSRxfVYWWrQyLOWVsgMb5uhCMZ1X6ocFBs3ga4WAmX/QKYMS07qxtKgmwoq8Wj
a+pAK0gCc+TO6vY7aoAfW1kwhhteZGG1lNLwyLuIsZAFGujml9x96FPIn4gJaYIf
HuLRcPOFBmMYCtLxcaMlo0J2Ol4CeOZ6xqSC3Xk1WtqON5KCvwETG25Sl5cy8bJO
lbxViWFhc7RkMLGJh1EXKfNn3luZ7kdxB4zVF1XgcLy2Bm7resZpaZfhPR2+k9qg
+ssv8O1c2hgOZ4mNAgMBAAGjgekwgeYwHQYDVR0OBBYEFP3ITpHNc2UdE/ns8JET
8dABrR58MB8GA1UdIwQYMBaAFGDnHo5TlR+PANH3nzYBJhWGUw7yMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAiB3n5h5Lk6l5WQ4QQx73
eaTHaFWBtrRtsFu2RhOLThzUeRexcUa2aSGS+r+9dsxssQRYKEF5NE8J5xdc0Kz8
xS4eXDHK7VXq30pDmnI3Copp3U7po+/dSEVBe1Xj0ZhppewLQzIk2jPN/TV0F4Gx
YTexEl1RhuaiCOXHmar3I8Rfg8BZnDb5oEwD90BC+5A5WkXl4pSjWMKh2MmqPoOY
sDKhhZqxNMdnpANnblvXg7iSD6+BtQBQxA/2u819D6jNKLtIuDKC79HPlnTkJXTO
Xkx10oBVo2umduuqPitV08m9KzLTHQEAy43EwLkpCxDlqzQvMGMp36hPsyjdC4zq
FA==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediary
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a0:8f:6c:dd:c5:0d:76:a9:8a:da:5d:9f:94:cf:
9a:18:cd:32:ee:e1:c3:88:29:0d:40:7d:8b:37:9c:
18:b9:ed:11:81:5b:cc:8c:7c:4a:f3:e2:b9:eb:f7:
3c:74:5a:5c:78:37:e3:7e:a8:b9:34:d7:da:d2:dc:
52:de:c6:bb:ca:cd:39:c3:ea:8e:84:1b:e5:ad:4b:
67:1b:70:bd:70:0e:5e:20:95:37:bf:ae:d1:f4:b0:
97:c0:8a:d3:e5:2a:04:d8:eb:1d:c8:f0:95:1b:25:
d4:49:ae:d4:5f:d9:bc:ea:19:2d:38:d3:d2:c4:8b:
77:37:45:ae:f9:70:b2:43:93:85:06:58:e0:3e:38:
11:32:d2:bc:a5:d4:df:09:2d:e9:c4:16:a7:f9:5b:
25:8d:57:f7:bf:01:4e:c8:25:b4:f8:5d:33:1d:7a:
04:4b:9d:fe:71:d4:65:78:4b:8d:52:ef:04:80:d4:
45:18:1d:d8:53:8e:2a:e8:23:3f:14:a4:b4:f1:00:
ff:30:be:06:c5:61:ac:13:e8:cb:4c:ef:77:f7:6b:
1d:da:5a:d4:7f:f8:5a:87:cb:4b:45:05:8c:06:73:
7b:65:d5:71:c9:35:c7:6e:07:ce:0b:e2:54:e1:43:
f0:da:a9:51:b8:ad:fe:da:de:29:8c:5f:2d:40:06:
7f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E7:1E:8E:53:95:1F:8F:00:D1:F7:9F:36:01:26:15:86:53:0E:F2
X509v3 Authority Key Identifier:
keyid:73:D9:03:F6:54:EA:FC:42:DA:77:EC:19:89:AD:6D:D2:A3:3E:E9:FD
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
43:31:7d:91:39:1d:8a:88:6c:d2:2d:36:b1:92:53:1d:18:24:
e9:42:27:c3:d3:f1:77:69:6f:67:7b:39:46:32:fb:36:a1:8d:
07:ee:16:6b:ac:09:e3:78:38:7a:a7:4b:fe:3f:81:eb:f2:85:
aa:d6:3e:5a:68:57:e3:98:0d:ae:ee:45:84:d1:ed:6d:9c:78:
fe:63:50:94:55:5e:b5:41:ef:c9:16:ed:4f:38:03:cb:73:3c:
79:c1:c4:0c:c1:95:43:11:49:c0:bc:7e:9a:6a:05:d2:43:c4:
66:72:66:57:69:46:ed:a7:10:af:bf:e9:bb:48:72:4b:00:a2:
46:78:38:68:dd:6b:a9:ac:62:70:4b:0b:f3:29:fa:a7:a2:42:
4b:d7:88:1f:97:1f:71:60:20:82:89:d6:3a:60:d5:4b:08:28:
6a:6a:97:2e:c9:93:d8:a7:32:b7:e1:68:be:07:7a:3c:76:3b:
2c:1b:10:17:4c:c9:ea:ee:48:c9:ad:ac:2e:61:dd:16:eb:62:
1e:33:1d:6c:8a:b4:56:0f:3d:04:35:f3:8f:d0:12:f9:66:8d:
39:95:e9:44:41:32:7e:f3:17:2e:58:c9:0c:23:b1:e3:db:f7:
ed:da:bd:94:0e:00:27:34:3d:3d:c6:48:d8:e4:a3:66:57:d9:
5e:13:3e:59
-----BEGIN CERTIFICATE-----
MIIDXDCCAkSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI9s3cUN
dqmK2l2flM+aGM0y7uHDiCkNQH2LN5wYue0RgVvMjHxK8+K56/c8dFpceDfjfqi5
NNfa0txS3sa7ys05w+qOhBvlrUtnG3C9cA5eIJU3v67R9LCXwIrT5SoE2OsdyPCV
GyXUSa7UX9m86hktONPSxIt3N0Wu+XCyQ5OFBljgPjgRMtK8pdTfCS3pxBan+Vsl
jVf3vwFOyCW0+F0zHXoES53+cdRleEuNUu8EgNRFGB3YU44q6CM/FKS08QD/ML4G
xWGsE+jLTO9392sd2lrUf/hah8tLRQWMBnN7ZdVxyTXHbgfOC+JU4UPw2qlRuK3+
2t4pjF8tQAZ/OQIDAQABo4G6MIG3MB0GA1UdDgQWBBRg5x6OU5UfjwDR9582ASYV
hlMO8jAfBgNVHSMEGDAWgBRz2QP2VOr8Qtp37BmJrW3Soz7p/TA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBDMX2ROR2KiGzSLTaxklMd
GCTpQifD0/F3aW9nezlGMvs2oY0H7hZrrAnjeDh6p0v+P4Hr8oWq1j5aaFfjmA2u
7kWE0e1tnHj+Y1CUVV61Qe/JFu1POAPLczx5wcQMwZVDEUnAvH6aagXSQ8RmcmZX
aUbtpxCvv+m7SHJLAKJGeDho3WuprGJwSwvzKfqnokJL14gflx9xYCCCidY6YNVL
CChqapcuyZPYpzK34Wi+B3o8djssGxAXTMnq7kjJrawuYd0W62IeMx1sirRWDz0E
NfOP0BL5Zo05lelEQTJ+8xcuWMkMI7Hj2/ft2r2UDgAnND09xkjY5KNmV9leEz5Z
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ea:c6:b8:66:62:c2:1a:2a:7d:83:ca:b2:7b:11:
e4:92:4a:b8:3a:39:35:73:aa:89:55:7d:f4:ec:40:
4b:2c:c7:56:58:ac:9d:25:ef:c3:26:86:98:c4:74:
a4:3a:94:36:d8:78:7c:1a:f4:f7:5c:a0:56:69:fc:
23:c0:a4:06:5f:5b:ce:ea:cb:32:9b:c3:21:89:fd:
9f:4e:38:a2:b9:f4:de:af:44:1e:53:02:09:41:44:
92:bc:a5:4f:70:86:23:85:48:2a:51:01:70:ab:b0:
c4:bd:97:3c:2f:d0:2c:3e:9c:be:40:2e:ee:be:f8:
ed:63:a2:1b:fd:e2:0f:d1:b2:3b:b3:ce:da:84:59:
56:bb:77:17:93:ef:c0:b7:b4:11:db:b9:6e:b0:4a:
28:55:fb:56:4e:ed:22:b6:e3:4d:5b:ad:6a:af:ff:
df:33:f9:18:a6:91:0a:b8:89:d3:28:55:18:c7:71:
19:32:bc:88:a8:ee:5b:c8:34:84:e5:f5:fe:6e:5e:
c0:3b:73:9b:a4:bc:4c:6a:8a:5a:31:c0:34:f3:c3:
89:e0:57:97:64:01:dd:c2:9f:75:8e:e3:fd:b3:58:
b5:0b:e3:4d:8f:94:e8:9b:0c:c2:12:af:13:31:30:
d1:a6:1c:2c:f1:0a:7a:a4:17:e2:2f:6f:73:cb:22:
15:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D9:03:F6:54:EA:FC:42:DA:77:EC:19:89:AD:6D:D2:A3:3E:E9:FD
X509v3 Authority Key Identifier:
keyid:73:D9:03:F6:54:EA:FC:42:DA:77:EC:19:89:AD:6D:D2:A3:3E:E9:FD
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
e0:b7:24:3a:ee:4c:8d:42:9f:b9:52:2b:7d:21:c5:7b:dd:2b:
bc:6a:5d:86:57:ee:d5:1f:27:e6:e1:08:e3:72:a3:10:2b:97:
1b:98:b9:39:18:6e:7f:b8:b0:1c:f1:f5:d9:7e:1d:05:3f:5b:
f4:cd:1e:66:7f:77:ed:ab:d0:51:b6:ad:6c:a6:66:ab:fc:31:
a1:ac:ee:66:ae:3b:af:4e:3c:c6:29:07:dc:1a:ac:b5:10:3f:
3f:ad:27:1b:bc:32:19:ab:b3:75:62:47:23:d1:b8:60:78:ac:
96:0c:4f:b8:31:7b:40:7e:f3:f7:ba:a9:ae:9b:65:ef:c5:e3:
fc:c8:28:c6:c0:74:48:00:33:48:a4:e6:3c:0c:5b:a0:1e:c2:
57:c5:0c:24:34:c3:36:c0:8a:f3:a6:c3:16:24:32:c3:dc:81:
76:54:3e:00:68:c8:6a:b6:ee:9f:ab:44:64:64:37:54:ff:1b:
b9:a5:c2:bf:ff:a5:68:b3:5a:ef:d7:bc:64:39:24:2e:ad:c7:
a3:9c:ef:60:cb:ab:de:45:f1:40:65:95:01:0c:52:ea:a8:d6:
8b:77:e0:2e:1f:2b:4f:a3:bc:b8:80:6b:8d:92:42:66:17:10:
4b:d4:b0:2d:8d:4c:77:50:74:83:0e:9a:4c:0d:3b:6b:3d:c6:
0a:2e:f6:5c
-----BEGIN TRUSTED_CERTIFICATE-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOrGuGZiwhoqfYPKsnsR
5JJKuDo5NXOqiVV99OxASyzHVlisnSXvwyaGmMR0pDqUNth4fBr091ygVmn8I8Ck
Bl9bzurLMpvDIYn9n044orn03q9EHlMCCUFEkrylT3CGI4VIKlEBcKuwxL2XPC/Q
LD6cvkAu7r747WOiG/3iD9GyO7PO2oRZVrt3F5PvwLe0Edu5brBKKFX7Vk7tIrbj
TVutaq//3zP5GKaRCriJ0yhVGMdxGTK8iKjuW8g0hOX1/m5ewDtzm6S8TGqKWjHA
NPPDieBXl2QB3cKfdY7j/bNYtQvjTY+U6JsMwhKvEzEw0aYcLPEKeqQX4i9vc8si
FWcCAwEAAaOByzCByDAdBgNVHQ4EFgQUc9kD9lTq/ELad+wZia1t0qM+6f0wHwYD
VR0jBBgwFoAUc9kD9lTq/ELad+wZia1t0qM+6f0wNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDgtyQ67kyN
Qp+5Uit9IcV73Su8al2GV+7VHyfm4QjjcqMQK5cbmLk5GG5/uLAc8fXZfh0FP1v0
zR5mf3ftq9BRtq1spmar/DGhrO5mrjuvTjzGKQfcGqy1ED8/rScbvDIZq7N1Ykcj
0bhgeKyWDE+4MXtAfvP3uqmum2XvxeP8yCjGwHRIADNIpOY8DFugHsJXxQwkNMM2
wIrzpsMWJDLD3IF2VD4AaMhqtu6fq0RkZDdU/xu5pcK//6Vos1rv17xkOSQurcej
nO9gy6veRfFAZZUBDFLqqNaLd+AuHytPo7y4gGuNkkJmFxBL1LAtjUx3UHSDDppM
DTtrPcYKLvZc
-----END TRUSTED_CERTIFICATE-----
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----