blob: d15448165e2d4160b537d975af3ef4eb0e08d2a3 [file] [log] [blame]
[Created by: generate-intermediary-signed-with-md5.py]
Certificate chain with 1 intermediary and a trusted root. The intermediary
however is signed using the MD5 hash. Verification is expected to fail because
MD5 is too weak.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediary
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e9:b3:cb:c4:9b:c5:59:0a:ca:5e:ca:b3:7b:e1:
bb:ec:3d:4b:10:7b:d4:ee:71:92:1c:c0:24:af:0b:
c4:5e:55:3b:af:aa:e3:43:a3:d3:ae:1c:db:7b:fe:
2a:35:d0:d8:49:77:09:f5:5d:65:9b:84:42:93:da:
64:a4:12:f7:f5:6d:91:2f:7c:96:aa:7b:50:09:67:
1d:f6:76:a2:4f:64:6c:d7:78:c6:78:f4:5c:83:3a:
01:64:3c:15:37:4e:2a:b9:48:2a:ce:42:36:35:59:
b0:b0:f6:4c:db:21:59:14:87:91:09:d8:18:76:b8:
fb:0c:b4:e4:ab:5a:24:27:e5:47:9c:c7:eb:d0:74:
17:5b:13:9a:f7:96:b7:1d:de:84:8c:6a:fd:c7:92:
53:09:72:31:66:aa:54:07:3d:1c:2c:86:e9:68:d8:
12:f6:22:ec:37:b5:58:6c:26:fe:79:c5:d0:f7:42:
79:f9:ad:7a:3a:f4:0a:52:3e:5a:5b:45:d9:a8:d1:
18:35:db:9d:56:81:11:49:f9:77:0d:ff:a7:1e:39:
63:14:3b:64:3d:d0:2f:1b:47:c6:ad:6a:a8:d8:c9:
09:cd:58:0b:5d:de:ad:aa:56:38:bd:42:0f:f9:c6:
9d:c0:da:b0:06:03:a5:3f:43:5f:e1:83:74:cc:a7:
ab:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2D:DF:58:DB:57:BD:6D:98:31:15:C9:58:49:E0:02:47:79:10:9D
X509v3 Authority Key Identifier:
keyid:0E:AF:B4:0B:04:28:C3:55:B4:F8:2D:EB:A1:62:49:26:60:A2:A7:D8
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediary.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediary.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
a2:d6:e1:fe:94:8d:78:bc:5b:9e:53:1a:b9:6b:76:32:2e:66:
0b:b3:ce:8f:96:9a:33:37:b6:e2:fb:99:56:2e:3b:cb:3d:d3:
96:c7:b8:05:9a:00:e4:f4:72:f6:97:b2:b3:72:08:3d:17:59:
af:98:b3:16:a2:cb:e7:b8:bf:c1:5b:49:92:28:9c:47:bd:29:
9e:56:f8:52:67:eb:de:23:69:52:79:32:1f:ba:b5:58:d3:b6:
19:58:ac:62:04:a5:29:9a:7b:df:90:ad:c1:b1:42:c4:6c:a6:
16:db:af:5e:ee:85:83:9e:c9:02:ba:c6:3c:63:55:93:58:36:
b4:86:b8:fa:e4:09:6f:98:6f:23:2a:2c:98:04:e4:2c:fd:69:
61:b2:36:88:8f:a2:70:ec:2a:47:6d:e0:cb:f8:5c:07:25:71:
f4:f6:af:50:a7:d7:49:d8:c8:08:4a:09:12:8c:21:bc:d7:54:
f2:04:fc:f0:33:2f:aa:b1:a7:d3:0a:d0:96:0f:69:7c:a4:a8:
cd:a5:a6:d3:d2:6a:b1:f2:b1:0a:81:18:68:18:23:c1:6f:9c:
40:9f:d2:2d:6d:e2:52:36:05:4e:99:ae:b2:e1:b3:da:40:99:
1f:c6:9f:ae:9b:43:1d:e3:db:58:7c:96:b5:b8:cc:b6:b7:e9:
1b:57:a0:61
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDps8vE
m8VZCspeyrN74bvsPUsQe9TucZIcwCSvC8ReVTuvquNDo9OuHNt7/io10NhJdwn1
XWWbhEKT2mSkEvf1bZEvfJaqe1AJZx32dqJPZGzXeMZ49FyDOgFkPBU3Tiq5SCrO
QjY1WbCw9kzbIVkUh5EJ2Bh2uPsMtOSrWiQn5Uecx+vQdBdbE5r3lrcd3oSMav3H
klMJcjFmqlQHPRwshulo2BL2Iuw3tVhsJv55xdD3Qnn5rXo69ApSPlpbRdmo0Rg1
251WgRFJ+XcN/6ceOWMUO2Q90C8bR8ataqjYyQnNWAtd3q2qVji9Qg/5xp3A2rAG
A6U/Q1/hg3TMp6ufAgMBAAGjgekwgeYwHQYDVR0OBBYEFOgt31jbV71tmDEVyVhJ
4AJHeRCdMB8GA1UdIwQYMBaAFA6vtAsEKMNVtPgt66FiSSZgoqfYMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAotbh/pSNeLxbnlMauWt2
Mi5mC7POj5aaMze24vuZVi47yz3Tlse4BZoA5PRy9peys3IIPRdZr5izFqLL57i/
wVtJkiicR70pnlb4Umfr3iNpUnkyH7q1WNO2GVisYgSlKZp735CtwbFCxGymFtuv
Xu6Fg57JArrGPGNVk1g2tIa4+uQJb5hvIyosmATkLP1pYbI2iI+icOwqR23gy/hc
ByVx9PavUKfXSdjICEoJEowhvNdU8gT88DMvqrGn0wrQlg9pfKSozaWm09JqsfKx
CoEYaBgjwW+cQJ/SLW3iUjYFTpmusuGz2kCZH8afrptDHePbWHyWtbjMtrfpG1eg
YQ==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediary
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e9:c2:e1:d4:1c:a8:bf:ff:07:7f:17:bf:a4:f7:
f5:bc:e3:1f:76:32:e2:a3:e4:5c:a2:5d:83:a4:ad:
c7:19:12:8a:20:dc:5c:d3:db:22:97:e5:59:09:d8:
7f:95:bc:79:61:c2:66:d1:69:02:fc:98:02:12:8e:
f4:4e:63:4d:1f:d0:df:f9:25:f0:86:f0:17:ba:3d:
1c:5c:7d:7c:0a:f5:fc:f5:f3:a1:1f:44:45:30:e5:
f2:02:b8:e2:04:69:50:f7:b8:10:1d:35:92:56:3b:
06:42:fc:a7:e5:45:40:b0:0c:2f:2c:61:dd:0e:55:
cb:23:7d:8b:48:b6:ac:68:b3:e3:3b:fc:07:a4:89:
17:3e:e3:fc:74:12:e6:2f:15:b8:78:dc:a2:6b:6b:
98:e2:36:f6:69:26:71:21:20:d1:60:4d:44:ea:32:
fd:54:64:4a:f1:6a:94:f3:51:43:e8:f9:5f:68:9e:
03:a8:a8:6c:a2:0e:55:e5:d8:87:ad:62:db:61:5b:
a8:4b:1a:dc:f3:14:9f:97:24:5c:32:98:e4:9b:8b:
1e:32:d4:12:d0:5b:a1:c1:f6:2e:85:42:c4:dc:60:
8f:b1:b2:8b:7a:63:3e:ad:95:62:60:2a:0e:88:dc:
5c:10:c6:90:ab:6b:75:d2:42:f4:b2:a9:81:5a:d8:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AF:B4:0B:04:28:C3:55:B4:F8:2D:EB:A1:62:49:26:60:A2:A7:D8
X509v3 Authority Key Identifier:
keyid:DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: md5WithRSAEncryption
03:a2:90:68:d8:0d:83:e4:1c:83:20:2e:0b:ff:60:1c:01:a9:
ec:66:71:cd:3b:61:2c:10:95:ab:42:4e:fc:05:bb:40:d3:8c:
00:34:72:b3:8f:74:de:21:67:0a:e8:b4:93:3d:c3:a2:a0:a0:
f0:4b:d9:7d:c6:2b:4f:dd:31:12:ad:72:3c:54:58:5c:21:3f:
75:39:46:80:da:f3:20:1d:93:a3:ef:bb:00:91:bd:8d:22:16:
d9:5e:c7:a1:45:39:1a:76:d9:7d:e6:86:6c:65:0e:29:50:4b:
5f:40:ec:79:9c:9a:d0:d9:fa:6a:6a:90:62:db:fa:9e:28:1a:
40:e4:b3:45:90:41:26:09:d4:7c:f7:5c:58:ce:c5:67:6a:d1:
41:86:73:df:6e:cb:79:70:75:5f:d2:54:53:07:e0:53:d1:45:
d9:4b:e7:f6:2b:60:fb:56:b4:17:79:be:2a:7e:98:0d:ad:ea:
d1:79:5d:87:80:65:84:15:61:d8:dd:a8:3c:5f:f0:90:a6:0b:
d8:c5:ca:d8:8d:fb:2f:1b:f8:a2:4d:ea:33:71:c2:30:a5:3b:
56:a4:73:79:51:b7:7a:e7:6c:f7:23:52:48:61:1c:82:54:97:
0d:54:e5:80:07:bb:84:d7:ee:90:ee:4d:85:df:f7:34:fb:d3:
d8:bf:19:7f
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cLh1Byo
v/8Hfxe/pPf1vOMfdjLio+Rcol2DpK3HGRKKINxc09sil+VZCdh/lbx5YcJm0WkC
/JgCEo70TmNNH9Df+SXwhvAXuj0cXH18CvX89fOhH0RFMOXyArjiBGlQ97gQHTWS
VjsGQvyn5UVAsAwvLGHdDlXLI32LSLasaLPjO/wHpIkXPuP8dBLmLxW4eNyia2uY
4jb2aSZxISDRYE1E6jL9VGRK8WqU81FD6PlfaJ4DqKhsog5V5diHrWLbYVuoSxrc
8xSflyRcMpjkm4seMtQS0FuhwfYuhULE3GCPsbKLemM+rZViYCoOiNxcEMaQq2t1
0kL0sqmBWtgOQQIDAQABo4HLMIHIMB0GA1UdDgQWBBQOr7QLBCjDVbT4LeuhYkkm
YKKn2DAfBgNVHSMEGDAWgBTefvaCyjcAycMwBzXRukjFm7YtpzA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEB
AAOikGjYDYPkHIMgLgv/YBwBqexmcc07YSwQlatCTvwFu0DTjAA0crOPdN4hZwro
tJM9w6KgoPBL2X3GK0/dMRKtcjxUWFwhP3U5RoDa8yAdk6PvuwCRvY0iFtlex6FF
ORp22X3mhmxlDilQS19A7HmcmtDZ+mpqkGLb+p4oGkDks0WQQSYJ1Hz3XFjOxWdq
0UGGc99uy3lwdV/SVFMH4FPRRdlL5/YrYPtWtBd5vip+mA2t6tF5XYeAZYQVYdjd
qDxf8JCmC9jFytiN+y8b+KJN6jNxwjClO1akc3lRt3rnbPcjUkhhHIJUlw1U5YAH
u4TX7pDuTYXf9zT709i/GX8=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:d0:57:18:e0:d7:81:35:67:b0:a4:a1:5b:fd:
8f:32:51:4f:d9:76:67:02:84:59:10:4d:4a:b9:ed:
1d:ef:fe:5e:d4:69:c1:24:e3:1f:91:08:d8:15:de:
68:ca:dc:c7:fc:ea:6f:27:a5:60:45:af:0f:f1:44:
b8:d7:c7:96:70:d9:e1:dd:84:aa:ea:65:52:62:67:
e1:06:cd:d9:18:ad:eb:a3:0a:60:4b:cd:76:71:44:
26:3c:22:c7:44:74:77:31:50:a5:b3:c4:ef:ac:14:
1e:ea:ff:74:a0:7b:e4:7a:ca:87:dd:45:0b:bc:75:
4b:92:44:0f:e8:f3:d2:6d:3e:47:4b:cf:77:a2:e9:
ff:f9:e2:79:9f:88:d7:ff:e5:cc:93:91:91:24:e1:
9f:ef:a4:13:15:cc:03:3e:06:ba:9d:4c:de:52:b9:
de:c6:57:af:76:d8:9e:4b:37:11:1d:52:57:fe:af:
8e:11:1d:fd:a8:55:3b:84:c9:10:ac:dc:51:62:e8:
c8:54:5b:3d:60:0b:8e:ad:66:2a:26:92:81:c6:a1:
be:31:51:d3:28:b1:9e:86:67:ca:c4:f2:88:47:1c:
03:c9:f8:ee:f8:87:4c:b4:9e:24:9d:c0:48:d8:ec:
a7:8b:52:7a:d0:65:cf:06:2a:63:7f:1c:c9:15:44:
48:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7
X509v3 Authority Key Identifier:
keyid:DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
8c:97:4a:f9:c2:c2:57:2a:4b:a1:69:03:9e:c1:17:fb:4c:f2:
8e:36:0f:e2:c4:f6:4d:42:9c:ac:7f:67:7b:fd:7e:fd:14:3b:
fb:df:08:3d:0e:23:fa:d1:47:d5:68:14:b2:1f:5c:40:db:fe:
8d:e6:fc:17:3a:c6:2f:5e:96:1a:3c:32:fa:63:c5:e5:cf:fc:
db:6b:59:71:b8:f7:d2:70:78:cc:7f:8c:54:5f:c6:69:ba:98:
77:92:32:b3:a1:18:84:ed:3c:93:3f:12:93:64:e6:7f:92:8a:
4f:db:42:1d:c0:7c:0d:4a:d6:ef:ca:05:a3:5b:26:47:79:7e:
91:b0:e6:35:92:91:e2:2f:4d:18:17:44:b5:a7:de:8a:92:86:
4c:0c:de:0e:23:53:c0:30:1f:7a:c5:70:59:94:19:02:8a:f1:
23:f9:88:fb:09:af:b8:90:d6:c6:d5:46:92:74:44:8b:8e:66:
b1:79:cb:82:3d:80:cc:cf:d9:03:5a:a3:71:a6:f5:f0:75:9f:
79:38:f0:fe:66:e5:d1:a1:9d:0a:48:e1:45:a1:42:fb:d3:16:
53:91:b9:c9:0d:27:8a:34:e0:59:8d:4f:e0:e7:7d:7d:0c:e6:
ec:a1:ea:66:23:77:55:fc:f1:d0:13:32:1d:9e:0c:fd:3b:38:
1d:dc:2c:2b
-----BEGIN TRUSTED_CERTIFICATE-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbQVxjg14E1Z7CkoVv9
jzJRT9l2ZwKEWRBNSrntHe/+XtRpwSTjH5EI2BXeaMrcx/zqbyelYEWvD/FEuNfH
lnDZ4d2EquplUmJn4QbN2Rit66MKYEvNdnFEJjwix0R0dzFQpbPE76wUHur/dKB7
5HrKh91FC7x1S5JED+jz0m0+R0vPd6Lp//nieZ+I1//lzJORkSThn++kExXMAz4G
up1M3lK53sZXr3bYnks3ER1SV/6vjhEd/ahVO4TJEKzcUWLoyFRbPWALjq1mKiaS
gcahvjFR0yixnoZnysTyiEccA8n47viHTLSeJJ3ASNjsp4tSetBlzwYqY38cyRVE
SAECAwEAAaOByzCByDAdBgNVHQ4EFgQU3n72gso3AMnDMAc10bpIxZu2LacwHwYD
VR0jBBgwFoAU3n72gso3AMnDMAc10bpIxZu2LacwNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCMl0r5wsJX
KkuhaQOewRf7TPKONg/ixPZNQpysf2d7/X79FDv73wg9DiP60UfVaBSyH1xA2/6N
5vwXOsYvXpYaPDL6Y8Xlz/zba1lxuPfScHjMf4xUX8Zpuph3kjKzoRiE7TyTPxKT
ZOZ/kopP20IdwHwNStbvygWjWyZHeX6RsOY1kpHiL00YF0S1p96KkoZMDN4OI1PA
MB96xXBZlBkCivEj+Yj7Ca+4kNbG1UaSdESLjmaxecuCPYDMz9kDWqNxpvXwdZ95
OPD+ZuXRoZ0KSOFFoUL70xZTkbnJDSeKNOBZjU/g5319DObsoepmI3dV/PHQEzId
ngz9Ozgd3Cwr
-----END TRUSTED_CERTIFICATE-----
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----