| [Created by: generate-intermediary-signed-with-md5.py] |
| |
| Certificate chain with 1 intermediary and a trusted root. The intermediary |
| however is signed using the MD5 hash. Verification is expected to fail because |
| MD5 is too weak. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediary |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:e9:b3:cb:c4:9b:c5:59:0a:ca:5e:ca:b3:7b:e1: |
| bb:ec:3d:4b:10:7b:d4:ee:71:92:1c:c0:24:af:0b: |
| c4:5e:55:3b:af:aa:e3:43:a3:d3:ae:1c:db:7b:fe: |
| 2a:35:d0:d8:49:77:09:f5:5d:65:9b:84:42:93:da: |
| 64:a4:12:f7:f5:6d:91:2f:7c:96:aa:7b:50:09:67: |
| 1d:f6:76:a2:4f:64:6c:d7:78:c6:78:f4:5c:83:3a: |
| 01:64:3c:15:37:4e:2a:b9:48:2a:ce:42:36:35:59: |
| b0:b0:f6:4c:db:21:59:14:87:91:09:d8:18:76:b8: |
| fb:0c:b4:e4:ab:5a:24:27:e5:47:9c:c7:eb:d0:74: |
| 17:5b:13:9a:f7:96:b7:1d:de:84:8c:6a:fd:c7:92: |
| 53:09:72:31:66:aa:54:07:3d:1c:2c:86:e9:68:d8: |
| 12:f6:22:ec:37:b5:58:6c:26:fe:79:c5:d0:f7:42: |
| 79:f9:ad:7a:3a:f4:0a:52:3e:5a:5b:45:d9:a8:d1: |
| 18:35:db:9d:56:81:11:49:f9:77:0d:ff:a7:1e:39: |
| 63:14:3b:64:3d:d0:2f:1b:47:c6:ad:6a:a8:d8:c9: |
| 09:cd:58:0b:5d:de:ad:aa:56:38:bd:42:0f:f9:c6: |
| 9d:c0:da:b0:06:03:a5:3f:43:5f:e1:83:74:cc:a7: |
| ab:9f |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| E8:2D:DF:58:DB:57:BD:6D:98:31:15:C9:58:49:E0:02:47:79:10:9D |
| X509v3 Authority Key Identifier: |
| keyid:0E:AF:B4:0B:04:28:C3:55:B4:F8:2D:EB:A1:62:49:26:60:A2:A7:D8 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediary.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediary.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| a2:d6:e1:fe:94:8d:78:bc:5b:9e:53:1a:b9:6b:76:32:2e:66: |
| 0b:b3:ce:8f:96:9a:33:37:b6:e2:fb:99:56:2e:3b:cb:3d:d3: |
| 96:c7:b8:05:9a:00:e4:f4:72:f6:97:b2:b3:72:08:3d:17:59: |
| af:98:b3:16:a2:cb:e7:b8:bf:c1:5b:49:92:28:9c:47:bd:29: |
| 9e:56:f8:52:67:eb:de:23:69:52:79:32:1f:ba:b5:58:d3:b6: |
| 19:58:ac:62:04:a5:29:9a:7b:df:90:ad:c1:b1:42:c4:6c:a6: |
| 16:db:af:5e:ee:85:83:9e:c9:02:ba:c6:3c:63:55:93:58:36: |
| b4:86:b8:fa:e4:09:6f:98:6f:23:2a:2c:98:04:e4:2c:fd:69: |
| 61:b2:36:88:8f:a2:70:ec:2a:47:6d:e0:cb:f8:5c:07:25:71: |
| f4:f6:af:50:a7:d7:49:d8:c8:08:4a:09:12:8c:21:bc:d7:54: |
| f2:04:fc:f0:33:2f:aa:b1:a7:d3:0a:d0:96:0f:69:7c:a4:a8: |
| cd:a5:a6:d3:d2:6a:b1:f2:b1:0a:81:18:68:18:23:c1:6f:9c: |
| 40:9f:d2:2d:6d:e2:52:36:05:4e:99:ae:b2:e1:b3:da:40:99: |
| 1f:c6:9f:ae:9b:43:1d:e3:db:58:7c:96:b5:b8:cc:b6:b7:e9: |
| 1b:57:a0:61 |
| -----BEGIN CERTIFICATE----- |
| MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDps8vE |
| m8VZCspeyrN74bvsPUsQe9TucZIcwCSvC8ReVTuvquNDo9OuHNt7/io10NhJdwn1 |
| XWWbhEKT2mSkEvf1bZEvfJaqe1AJZx32dqJPZGzXeMZ49FyDOgFkPBU3Tiq5SCrO |
| QjY1WbCw9kzbIVkUh5EJ2Bh2uPsMtOSrWiQn5Uecx+vQdBdbE5r3lrcd3oSMav3H |
| klMJcjFmqlQHPRwshulo2BL2Iuw3tVhsJv55xdD3Qnn5rXo69ApSPlpbRdmo0Rg1 |
| 251WgRFJ+XcN/6ceOWMUO2Q90C8bR8ataqjYyQnNWAtd3q2qVji9Qg/5xp3A2rAG |
| A6U/Q1/hg3TMp6ufAgMBAAGjgekwgeYwHQYDVR0OBBYEFOgt31jbV71tmDEVyVhJ |
| 4AJHeRCdMB8GA1UdIwQYMBaAFA6vtAsEKMNVtPgt66FiSSZgoqfYMD8GCCsGAQUF |
| BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAotbh/pSNeLxbnlMauWt2 |
| Mi5mC7POj5aaMze24vuZVi47yz3Tlse4BZoA5PRy9peys3IIPRdZr5izFqLL57i/ |
| wVtJkiicR70pnlb4Umfr3iNpUnkyH7q1WNO2GVisYgSlKZp735CtwbFCxGymFtuv |
| Xu6Fg57JArrGPGNVk1g2tIa4+uQJb5hvIyosmATkLP1pYbI2iI+icOwqR23gy/hc |
| ByVx9PavUKfXSdjICEoJEowhvNdU8gT88DMvqrGn0wrQlg9pfKSozaWm09JqsfKx |
| CoEYaBgjwW+cQJ/SLW3iUjYFTpmusuGz2kCZH8afrptDHePbWHyWtbjMtrfpG1eg |
| YQ== |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 2 (0x2) |
| Signature Algorithm: md5WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediary |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:e9:c2:e1:d4:1c:a8:bf:ff:07:7f:17:bf:a4:f7: |
| f5:bc:e3:1f:76:32:e2:a3:e4:5c:a2:5d:83:a4:ad: |
| c7:19:12:8a:20:dc:5c:d3:db:22:97:e5:59:09:d8: |
| 7f:95:bc:79:61:c2:66:d1:69:02:fc:98:02:12:8e: |
| f4:4e:63:4d:1f:d0:df:f9:25:f0:86:f0:17:ba:3d: |
| 1c:5c:7d:7c:0a:f5:fc:f5:f3:a1:1f:44:45:30:e5: |
| f2:02:b8:e2:04:69:50:f7:b8:10:1d:35:92:56:3b: |
| 06:42:fc:a7:e5:45:40:b0:0c:2f:2c:61:dd:0e:55: |
| cb:23:7d:8b:48:b6:ac:68:b3:e3:3b:fc:07:a4:89: |
| 17:3e:e3:fc:74:12:e6:2f:15:b8:78:dc:a2:6b:6b: |
| 98:e2:36:f6:69:26:71:21:20:d1:60:4d:44:ea:32: |
| fd:54:64:4a:f1:6a:94:f3:51:43:e8:f9:5f:68:9e: |
| 03:a8:a8:6c:a2:0e:55:e5:d8:87:ad:62:db:61:5b: |
| a8:4b:1a:dc:f3:14:9f:97:24:5c:32:98:e4:9b:8b: |
| 1e:32:d4:12:d0:5b:a1:c1:f6:2e:85:42:c4:dc:60: |
| 8f:b1:b2:8b:7a:63:3e:ad:95:62:60:2a:0e:88:dc: |
| 5c:10:c6:90:ab:6b:75:d2:42:f4:b2:a9:81:5a:d8: |
| 0e:41 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 0E:AF:B4:0B:04:28:C3:55:B4:F8:2D:EB:A1:62:49:26:60:A2:A7:D8 |
| X509v3 Authority Key Identifier: |
| keyid:DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: md5WithRSAEncryption |
| 03:a2:90:68:d8:0d:83:e4:1c:83:20:2e:0b:ff:60:1c:01:a9: |
| ec:66:71:cd:3b:61:2c:10:95:ab:42:4e:fc:05:bb:40:d3:8c: |
| 00:34:72:b3:8f:74:de:21:67:0a:e8:b4:93:3d:c3:a2:a0:a0: |
| f0:4b:d9:7d:c6:2b:4f:dd:31:12:ad:72:3c:54:58:5c:21:3f: |
| 75:39:46:80:da:f3:20:1d:93:a3:ef:bb:00:91:bd:8d:22:16: |
| d9:5e:c7:a1:45:39:1a:76:d9:7d:e6:86:6c:65:0e:29:50:4b: |
| 5f:40:ec:79:9c:9a:d0:d9:fa:6a:6a:90:62:db:fa:9e:28:1a: |
| 40:e4:b3:45:90:41:26:09:d4:7c:f7:5c:58:ce:c5:67:6a:d1: |
| 41:86:73:df:6e:cb:79:70:75:5f:d2:54:53:07:e0:53:d1:45: |
| d9:4b:e7:f6:2b:60:fb:56:b4:17:79:be:2a:7e:98:0d:ad:ea: |
| d1:79:5d:87:80:65:84:15:61:d8:dd:a8:3c:5f:f0:90:a6:0b: |
| d8:c5:ca:d8:8d:fb:2f:1b:f8:a2:4d:ea:33:71:c2:30:a5:3b: |
| 56:a4:73:79:51:b7:7a:e7:6c:f7:23:52:48:61:1c:82:54:97: |
| 0d:54:e5:80:07:bb:84:d7:ee:90:ee:4d:85:df:f7:34:fb:d3: |
| d8:bf:19:7f |
| -----BEGIN CERTIFICATE----- |
| MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cLh1Byo |
| v/8Hfxe/pPf1vOMfdjLio+Rcol2DpK3HGRKKINxc09sil+VZCdh/lbx5YcJm0WkC |
| /JgCEo70TmNNH9Df+SXwhvAXuj0cXH18CvX89fOhH0RFMOXyArjiBGlQ97gQHTWS |
| VjsGQvyn5UVAsAwvLGHdDlXLI32LSLasaLPjO/wHpIkXPuP8dBLmLxW4eNyia2uY |
| 4jb2aSZxISDRYE1E6jL9VGRK8WqU81FD6PlfaJ4DqKhsog5V5diHrWLbYVuoSxrc |
| 8xSflyRcMpjkm4seMtQS0FuhwfYuhULE3GCPsbKLemM+rZViYCoOiNxcEMaQq2t1 |
| 0kL0sqmBWtgOQQIDAQABo4HLMIHIMB0GA1UdDgQWBBQOr7QLBCjDVbT4LeuhYkkm |
| YKKn2DAfBgNVHSMEGDAWgBTefvaCyjcAycMwBzXRukjFm7YtpzA3BggrBgEFBQcB |
| AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEB |
| AAOikGjYDYPkHIMgLgv/YBwBqexmcc07YSwQlatCTvwFu0DTjAA0crOPdN4hZwro |
| tJM9w6KgoPBL2X3GK0/dMRKtcjxUWFwhP3U5RoDa8yAdk6PvuwCRvY0iFtlex6FF |
| ORp22X3mhmxlDilQS19A7HmcmtDZ+mpqkGLb+p4oGkDks0WQQSYJ1Hz3XFjOxWdq |
| 0UGGc99uy3lwdV/SVFMH4FPRRdlL5/YrYPtWtBd5vip+mA2t6tF5XYeAZYQVYdjd |
| qDxf8JCmC9jFytiN+y8b+KJN6jNxwjClO1akc3lRt3rnbPcjUkhhHIJUlw1U5YAH |
| u4TX7pDuTYXf9zT709i/GX8= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:c6:d0:57:18:e0:d7:81:35:67:b0:a4:a1:5b:fd: |
| 8f:32:51:4f:d9:76:67:02:84:59:10:4d:4a:b9:ed: |
| 1d:ef:fe:5e:d4:69:c1:24:e3:1f:91:08:d8:15:de: |
| 68:ca:dc:c7:fc:ea:6f:27:a5:60:45:af:0f:f1:44: |
| b8:d7:c7:96:70:d9:e1:dd:84:aa:ea:65:52:62:67: |
| e1:06:cd:d9:18:ad:eb:a3:0a:60:4b:cd:76:71:44: |
| 26:3c:22:c7:44:74:77:31:50:a5:b3:c4:ef:ac:14: |
| 1e:ea:ff:74:a0:7b:e4:7a:ca:87:dd:45:0b:bc:75: |
| 4b:92:44:0f:e8:f3:d2:6d:3e:47:4b:cf:77:a2:e9: |
| ff:f9:e2:79:9f:88:d7:ff:e5:cc:93:91:91:24:e1: |
| 9f:ef:a4:13:15:cc:03:3e:06:ba:9d:4c:de:52:b9: |
| de:c6:57:af:76:d8:9e:4b:37:11:1d:52:57:fe:af: |
| 8e:11:1d:fd:a8:55:3b:84:c9:10:ac:dc:51:62:e8: |
| c8:54:5b:3d:60:0b:8e:ad:66:2a:26:92:81:c6:a1: |
| be:31:51:d3:28:b1:9e:86:67:ca:c4:f2:88:47:1c: |
| 03:c9:f8:ee:f8:87:4c:b4:9e:24:9d:c0:48:d8:ec: |
| a7:8b:52:7a:d0:65:cf:06:2a:63:7f:1c:c9:15:44: |
| 48:01 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7 |
| X509v3 Authority Key Identifier: |
| keyid:DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 8c:97:4a:f9:c2:c2:57:2a:4b:a1:69:03:9e:c1:17:fb:4c:f2: |
| 8e:36:0f:e2:c4:f6:4d:42:9c:ac:7f:67:7b:fd:7e:fd:14:3b: |
| fb:df:08:3d:0e:23:fa:d1:47:d5:68:14:b2:1f:5c:40:db:fe: |
| 8d:e6:fc:17:3a:c6:2f:5e:96:1a:3c:32:fa:63:c5:e5:cf:fc: |
| db:6b:59:71:b8:f7:d2:70:78:cc:7f:8c:54:5f:c6:69:ba:98: |
| 77:92:32:b3:a1:18:84:ed:3c:93:3f:12:93:64:e6:7f:92:8a: |
| 4f:db:42:1d:c0:7c:0d:4a:d6:ef:ca:05:a3:5b:26:47:79:7e: |
| 91:b0:e6:35:92:91:e2:2f:4d:18:17:44:b5:a7:de:8a:92:86: |
| 4c:0c:de:0e:23:53:c0:30:1f:7a:c5:70:59:94:19:02:8a:f1: |
| 23:f9:88:fb:09:af:b8:90:d6:c6:d5:46:92:74:44:8b:8e:66: |
| b1:79:cb:82:3d:80:cc:cf:d9:03:5a:a3:71:a6:f5:f0:75:9f: |
| 79:38:f0:fe:66:e5:d1:a1:9d:0a:48:e1:45:a1:42:fb:d3:16: |
| 53:91:b9:c9:0d:27:8a:34:e0:59:8d:4f:e0:e7:7d:7d:0c:e6: |
| ec:a1:ea:66:23:77:55:fc:f1:d0:13:32:1d:9e:0c:fd:3b:38: |
| 1d:dc:2c:2b |
| -----BEGIN TRUSTED_CERTIFICATE----- |
| MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbQVxjg14E1Z7CkoVv9 |
| jzJRT9l2ZwKEWRBNSrntHe/+XtRpwSTjH5EI2BXeaMrcx/zqbyelYEWvD/FEuNfH |
| lnDZ4d2EquplUmJn4QbN2Rit66MKYEvNdnFEJjwix0R0dzFQpbPE76wUHur/dKB7 |
| 5HrKh91FC7x1S5JED+jz0m0+R0vPd6Lp//nieZ+I1//lzJORkSThn++kExXMAz4G |
| up1M3lK53sZXr3bYnks3ER1SV/6vjhEd/ahVO4TJEKzcUWLoyFRbPWALjq1mKiaS |
| gcahvjFR0yixnoZnysTyiEccA8n47viHTLSeJJ3ASNjsp4tSetBlzwYqY38cyRVE |
| SAECAwEAAaOByzCByDAdBgNVHQ4EFgQU3n72gso3AMnDMAc10bpIxZu2LacwHwYD |
| VR0jBBgwFoAU3n72gso3AMnDMAc10bpIxZu2LacwNwYIKwYBBQUHAQEEKzApMCcG |
| CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCMl0r5wsJX |
| KkuhaQOewRf7TPKONg/ixPZNQpysf2d7/X79FDv73wg9DiP60UfVaBSyH1xA2/6N |
| 5vwXOsYvXpYaPDL6Y8Xlz/zba1lxuPfScHjMf4xUX8Zpuph3kjKzoRiE7TyTPxKT |
| ZOZ/kopP20IdwHwNStbvygWjWyZHeX6RsOY1kpHiL00YF0S1p96KkoZMDN4OI1PA |
| MB96xXBZlBkCivEj+Yj7Ca+4kNbG1UaSdESLjmaxecuCPYDMz9kDWqNxpvXwdZ95 |
| OPD+ZuXRoZ0KSOFFoUL70xZTkbnJDSeKNOBZjU/g5319DObsoepmI3dV/PHQEzId |
| ngz9Ozgd3Cwr |
| -----END TRUSTED_CERTIFICATE----- |
| |
| -----BEGIN TIME----- |
| MTUwMzAyMTIwMDAwWg== |
| -----END TIME----- |
| |
| -----BEGIN VERIFY_RESULT----- |
| RkFJTA== |
| -----END VERIFY_RESULT----- |