| [Created by: ./generate-target-unknown-critical-extension.py] |
| |
| Certificate chain with 1 intermediary and a trusted root. The intermediary |
| has an unknown X.509v3 extension (OID=1.2.3.4) that is marked as critical. |
| Verifying this certificate chain is expected to fail because there is an |
| unrecognized critical extension. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediary |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:c9:42:1d:0f:19:4b:d8:78:b9:3f:4d:43:a8:a9: |
| 92:67:ed:f3:55:a4:f5:9e:f4:d0:21:3c:25:cc:28: |
| 1d:db:22:5c:c0:eb:e8:78:fe:6c:71:72:ed:0c:cd: |
| 76:80:44:dc:72:d1:92:29:7d:e8:7f:e0:42:60:d6: |
| cb:b1:53:06:0d:6c:8b:f4:d3:ce:42:af:34:bc:57: |
| 63:34:dd:b2:00:26:3f:a9:7f:c8:ce:f6:1a:66:75: |
| db:7c:b6:57:ef:ee:3d:e7:d7:b8:38:3a:83:5d:7a: |
| 63:1f:91:c4:f1:15:da:9b:e9:f7:ef:d5:d6:26:16: |
| 96:c1:94:55:3f:3e:67:13:26:bf:3d:0c:93:ab:1b: |
| a2:58:10:38:60:11:18:15:c5:3c:db:71:62:ef:27: |
| 1f:a9:62:61:1f:f6:55:51:d9:7c:2d:b6:e3:2d:c3: |
| 86:2b:cd:5c:30:d3:a0:0d:a4:e4:34:fb:bb:59:09: |
| d5:7b:8f:b2:49:10:0d:d7:2d:0e:34:72:25:7b:b4: |
| 0e:e9:fd:cb:ce:50:ee:d2:71:40:14:3d:06:ad:71: |
| 52:43:cc:e9:77:4e:c4:8c:af:8c:a2:41:40:4a:82: |
| 82:83:a2:58:e3:5e:40:fa:74:f0:fb:bd:46:aa:55: |
| 9d:6d:5b:db:af:6a:1f:7c:46:cf:1a:1f:d3:17:c3: |
| 02:2f |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 07:DB:E2:A1:15:3D:67:0C:54:ED:D5:22:AD:DE:59:73:9E:0F:F5:24 |
| X509v3 Authority Key Identifier: |
| keyid:07:D2:5E:3F:28:F7:AD:46:16:25:D0:4D:DD:6D:77:7B:26:81:89:85 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediary.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediary.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| 1.2.3.4: critical |
| .... |
| Signature Algorithm: sha256WithRSAEncryption |
| 66:78:33:4b:09:c3:20:05:e2:d2:a3:7f:90:2f:96:15:b8:d0: |
| ca:7e:97:c6:12:53:4b:18:92:03:77:b6:2c:8b:57:8e:84:7d: |
| 14:ee:df:cc:99:0d:f9:2e:21:dd:ca:4d:00:77:87:88:4d:13: |
| 28:36:4a:88:82:52:d2:b8:1d:75:67:1f:b5:0a:ea:bd:6a:b8: |
| 98:79:ea:cf:6e:2c:5f:21:94:e4:a9:29:d5:37:87:58:6a:d7: |
| 5b:0b:f5:35:59:c9:68:dd:f9:e7:c6:67:1a:ef:26:17:cf:89: |
| e7:18:8c:be:41:c4:07:d3:b7:1a:20:44:4f:20:12:8c:2e:5a: |
| 39:7c:8b:f3:12:f7:bd:b6:f1:7b:8c:48:7f:c5:29:7f:7a:9e: |
| 1e:28:13:08:36:56:ca:8d:17:f2:37:ce:59:0a:e7:ca:19:90: |
| c7:c8:b4:45:ab:3b:f7:0e:10:db:81:4b:2d:74:05:46:ab:5c: |
| 7e:c2:88:83:87:09:4d:5a:a3:40:56:f5:d5:da:fd:a2:2d:99: |
| 8c:d1:bf:0b:d0:8c:ce:79:12:0c:37:fc:b2:08:68:b2:fe:5e: |
| cc:3e:99:85:40:74:27:88:7f:f6:43:0f:60:dd:b7:6e:31:e3: |
| d4:39:87:8e:b1:cf:2d:b7:2f:bb:f9:ec:f8:86:96:1e:fc:68: |
| 0d:45:21:2c |
| -----BEGIN CERTIFICATE----- |
| MIIDnTCCAoWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJQh0P |
| GUvYeLk/TUOoqZJn7fNVpPWe9NAhPCXMKB3bIlzA6+h4/mxxcu0MzXaARNxy0ZIp |
| feh/4EJg1suxUwYNbIv0085CrzS8V2M03bIAJj+pf8jO9hpmddt8tlfv7j3n17g4 |
| OoNdemMfkcTxFdqb6ffv1dYmFpbBlFU/PmcTJr89DJOrG6JYEDhgERgVxTzbcWLv |
| Jx+pYmEf9lVR2XwttuMtw4YrzVww06ANpOQ0+7tZCdV7j7JJEA3XLQ40ciV7tA7p |
| /cvOUO7ScUAUPQatcVJDzOl3TsSMr4yiQUBKgoKDoljjXkD6dPD7vUaqVZ1tW9uv |
| ah98Rs8aH9MXwwIvAgMBAAGjgfkwgfYwHQYDVR0OBBYEFAfb4qEVPWcMVO3VIq3e |
| WXOeD/UkMB8GA1UdIwQYMBaAFAfSXj8o961GFiXQTd1td3smgYmFMD8GCCsGAQUF |
| BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| BwMBBggrBgEFBQcDAjAOBgMqAwQBAf8EBAECAwQwDQYJKoZIhvcNAQELBQADggEB |
| AGZ4M0sJwyAF4tKjf5AvlhW40Mp+l8YSU0sYkgN3tiyLV46EfRTu38yZDfkuId3K |
| TQB3h4hNEyg2SoiCUtK4HXVnH7UK6r1quJh56s9uLF8hlOSpKdU3h1hq11sL9TVZ |
| yWjd+efGZxrvJhfPiecYjL5BxAfTtxogRE8gEowuWjl8i/MS97228XuMSH/FKX96 |
| nh4oEwg2VsqNF/I3zlkK58oZkMfItEWrO/cOENuBSy10BUarXH7CiIOHCU1ao0BW |
| 9dXa/aItmYzRvwvQjM55Egw3/LIIaLL+Xsw+mYVAdCeIf/ZDD2Ddt24x49Q5h46x |
| zy23L7v57PiGlh78aA1FISw= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 2 (0x2) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediary |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:e1:3b:e0:9e:b3:37:a6:d2:5d:5a:cf:1d:6c:d4: |
| e7:9d:92:0e:29:b6:da:7e:48:32:ea:dd:a8:6e:a5: |
| 4f:d4:07:23:be:f5:b2:e2:e9:57:1b:a1:bc:67:5a: |
| 27:15:9d:f7:51:07:23:d9:0a:0f:21:36:4b:b1:c3: |
| 48:71:f5:f8:67:6f:a4:9c:54:8b:e8:d2:79:da:6e: |
| 70:06:b8:ae:b5:6f:82:ab:89:5a:68:19:56:c7:8a: |
| 93:25:f9:4b:7e:8b:de:2f:1a:92:c4:be:c4:9f:ea: |
| 34:fe:95:f5:74:ab:fc:47:8b:34:7d:28:d3:7a:7b: |
| 29:70:3e:aa:b9:d9:be:53:fe:79:3a:ea:79:c7:d7: |
| 1d:b1:c3:47:e6:7d:8e:ed:40:2a:47:d9:71:5f:c2: |
| 6c:cb:52:be:1b:83:01:de:06:97:d4:98:ea:37:67: |
| f6:fb:67:69:c7:b1:fe:07:ad:be:0a:f8:c8:a8:5d: |
| 98:0b:f6:02:7b:cb:19:f6:23:58:79:f9:d3:8c:a5: |
| 09:73:c9:2b:ae:76:33:3f:2d:a9:49:93:39:89:92: |
| bc:5e:27:1c:ae:a6:29:43:97:a1:04:d0:6c:b6:b6: |
| b8:c3:62:5e:43:7c:ca:27:50:e2:91:da:bb:cc:c6: |
| e5:7b:5a:31:62:77:a6:4d:6a:ee:84:ea:7a:87:de: |
| a9:bd |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 07:D2:5E:3F:28:F7:AD:46:16:25:D0:4D:DD:6D:77:7B:26:81:89:85 |
| X509v3 Authority Key Identifier: |
| keyid:C8:0F:45:73:03:B2:2C:B8:35:14:0F:C4:D7:4B:E4:E2:9D:B2:AB:CE |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 2a:af:ec:1b:fc:c9:ad:bf:ad:97:8d:ed:f4:44:87:7f:72:86: |
| c0:4d:85:dd:eb:6c:d3:c7:17:df:11:0a:f5:e5:2b:c2:53:41: |
| 58:73:66:da:29:8a:43:af:5e:24:b2:16:26:b6:89:7e:4a:6f: |
| 46:13:05:c4:3f:13:6c:ed:b8:37:a7:a9:f6:c9:c8:b9:b3:a1: |
| 7c:eb:99:57:fb:8d:12:c5:47:ff:1e:02:b2:47:dc:e9:6f:41: |
| 17:0a:3b:ff:ba:14:76:cc:14:35:ec:71:b0:1a:d4:eb:b0:6c: |
| a3:96:eb:7d:50:59:d7:01:a0:ee:67:b8:c8:b6:ed:78:02:b1: |
| 0b:72:9c:ea:c3:3b:14:3d:89:fc:89:c2:af:6c:18:ae:b0:13: |
| 31:04:a2:89:4f:a6:99:58:00:c6:00:e1:39:79:d4:31:0b:0f: |
| d5:92:86:a2:e7:ec:c6:b8:f2:62:21:bb:0d:d5:91:b8:f2:5f: |
| db:dc:b1:b2:b2:28:fd:d5:14:54:a6:cf:8d:bd:33:ca:22:27: |
| 72:d8:27:85:03:21:7f:8e:4f:2d:e6:bf:22:08:86:03:a8:f3: |
| 9f:42:2f:81:8f:1e:44:39:e3:23:b2:9d:3d:64:7e:e2:b3:93: |
| 8d:46:a0:b7:08:4e:d5:e6:14:af:1d:5d:b6:74:7c:91:36:37: |
| 0c:c0:ab:14 |
| -----BEGIN CERTIFICATE----- |
| MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TvgnrM3 |
| ptJdWs8dbNTnnZIOKbbafkgy6t2obqVP1AcjvvWy4ulXG6G8Z1onFZ33UQcj2QoP |
| ITZLscNIcfX4Z2+knFSL6NJ52m5wBriutW+Cq4laaBlWx4qTJflLfoveLxqSxL7E |
| n+o0/pX1dKv8R4s0fSjTenspcD6qudm+U/55Oup5x9cdscNH5n2O7UAqR9lxX8Js |
| y1K+G4MB3gaX1JjqN2f2+2dpx7H+B62+CvjIqF2YC/YCe8sZ9iNYefnTjKUJc8kr |
| rnYzPy2pSZM5iZK8XiccrqYpQ5ehBNBstra4w2JeQ3zKJ1Dikdq7zMble1oxYnem |
| TWruhOp6h96pvQIDAQABo4HLMIHIMB0GA1UdDgQWBBQH0l4/KPetRhYl0E3dbXd7 |
| JoGJhTAfBgNVHSMEGDAWgBTID0VzA7IsuDUUD8TXS+TinbKrzjA3BggrBgEFBQcB |
| AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB |
| ACqv7Bv8ya2/rZeN7fREh39yhsBNhd3rbNPHF98RCvXlK8JTQVhzZtopikOvXiSy |
| Fia2iX5Kb0YTBcQ/E2ztuDenqfbJyLmzoXzrmVf7jRLFR/8eArJH3OlvQRcKO/+6 |
| FHbMFDXscbAa1OuwbKOW631QWdcBoO5nuMi27XgCsQtynOrDOxQ9ifyJwq9sGK6w |
| EzEEoolPpplYAMYA4Tl51DELD9WShqLn7Ma48mIhuw3VkbjyX9vcsbKyKP3VFFSm |
| z429M8oiJ3LYJ4UDIX+OTy3mvyIIhgOo859CL4GPHkQ54yOynT1kfuKzk41GoLcI |
| TtXmFK8dXbZ0fJE2NwzAqxQ= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 1 (0x1) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:dc:6a:1a:05:36:f1:a3:7c:28:e9:97:2f:7b:85: |
| d5:c1:91:33:0a:72:2d:bb:45:ae:c6:29:54:22:05: |
| c2:e9:f4:be:f2:39:ec:e0:64:66:1d:e3:c9:42:3e: |
| 6c:c8:3b:65:0a:e4:2c:74:e4:c9:17:c8:8b:27:6e: |
| c0:4c:9a:b4:85:ae:ff:3f:e3:1e:d0:21:1c:8b:84: |
| e0:3b:f6:59:00:a7:ab:59:f3:58:67:d7:af:97:74: |
| a9:b1:1f:78:80:ad:e3:09:31:81:c2:11:55:10:d0: |
| 93:ca:eb:de:a7:72:76:09:33:6a:89:f9:51:b1:de: |
| ca:4a:48:e8:9f:1c:5f:df:bc:7d:a7:f5:27:6b:77: |
| a3:53:e5:c3:e4:3d:9e:82:72:9e:d2:1b:76:52:8c: |
| f0:53:b6:98:5f:6c:54:1b:da:9a:72:14:ee:c3:51: |
| b4:c7:6b:f0:75:b2:2c:6e:b4:b7:29:54:92:ab:69: |
| 57:af:3c:6d:96:e8:05:c8:a4:d0:7a:c2:42:7d:8b: |
| 7f:3c:8f:9d:1d:c1:35:af:41:7b:f5:0e:60:88:72: |
| 90:22:ac:37:2f:7b:b4:47:01:62:b8:fe:73:4b:d2: |
| 7b:56:8d:b2:37:d3:18:2f:dc:fb:d1:fb:e9:14:19: |
| b1:d8:76:eb:34:d2:c0:40:a8:22:68:33:44:a7:84: |
| 90:e1 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| C8:0F:45:73:03:B2:2C:B8:35:14:0F:C4:D7:4B:E4:E2:9D:B2:AB:CE |
| X509v3 Authority Key Identifier: |
| keyid:C8:0F:45:73:03:B2:2C:B8:35:14:0F:C4:D7:4B:E4:E2:9D:B2:AB:CE |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 54:39:78:5b:30:97:aa:99:fb:e5:0a:39:27:2a:ea:ad:9f:37: |
| 3e:aa:5a:b8:c4:51:66:83:6e:36:5c:c3:1b:da:de:cd:a7:6e: |
| bd:55:47:7c:3e:53:12:6a:51:02:13:c2:98:03:32:b6:5b:d9: |
| 5e:26:b2:9a:d1:21:ca:39:cd:20:be:ad:d8:3a:23:a2:de:d7: |
| 18:b2:99:bb:d4:1a:82:43:7c:6e:20:3c:01:f1:22:5f:72:ac: |
| 43:9a:87:07:37:5d:a8:34:26:19:89:aa:f3:18:e3:ee:c6:67: |
| 43:49:64:e4:b3:d8:2c:11:8c:f7:8b:48:7f:fd:e1:6b:e9:a5: |
| 87:55:bf:f1:9d:54:fe:b5:7f:c4:5c:8b:08:cf:4f:47:21:58: |
| 06:5e:ab:40:be:b7:28:0c:27:55:82:6b:e8:17:5e:dd:f8:79: |
| 61:f2:7e:18:59:7a:24:7e:e3:08:3c:d9:d1:81:73:36:51:99: |
| a1:ea:bf:18:ff:94:40:d7:ff:5f:1a:8a:b1:ae:78:c1:91:7b: |
| 55:1a:d8:b1:91:02:b6:5e:94:32:84:5f:77:f8:89:89:00:5c: |
| 74:be:77:1b:95:3e:60:2d:6a:67:a3:e9:42:03:51:af:1f:10: |
| d8:21:6f:36:29:33:72:90:f4:7e:05:17:bb:a5:aa:fb:d6:56: |
| fc:40:2e:0e |
| -----BEGIN TRUSTED_CERTIFICATE----- |
| MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxqGgU28aN8KOmXL3uF |
| 1cGRMwpyLbtFrsYpVCIFwun0vvI57OBkZh3jyUI+bMg7ZQrkLHTkyRfIiyduwEya |
| tIWu/z/jHtAhHIuE4Dv2WQCnq1nzWGfXr5d0qbEfeICt4wkxgcIRVRDQk8rr3qdy |
| dgkzaon5UbHeykpI6J8cX9+8faf1J2t3o1Plw+Q9noJyntIbdlKM8FO2mF9sVBva |
| mnIU7sNRtMdr8HWyLG60tylUkqtpV688bZboBcik0HrCQn2LfzyPnR3BNa9Be/UO |
| YIhykCKsNy97tEcBYrj+c0vSe1aNsjfTGC/c+9H76RQZsdh26zTSwECoImgzRKeE |
| kOECAwEAAaOByzCByDAdBgNVHQ4EFgQUyA9FcwOyLLg1FA/E10vk4p2yq84wHwYD |
| VR0jBBgwFoAUyA9FcwOyLLg1FA/E10vk4p2yq84wNwYIKwYBBQUHAQEEKzApMCcG |
| CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBUOXhbMJeq |
| mfvlCjknKuqtnzc+qlq4xFFmg242XMMb2t7Np269VUd8PlMSalECE8KYAzK2W9le |
| JrKa0SHKOc0gvq3YOiOi3tcYspm71BqCQ3xuIDwB8SJfcqxDmocHN12oNCYZiarz |
| GOPuxmdDSWTks9gsEYz3i0h//eFr6aWHVb/xnVT+tX/EXIsIz09HIVgGXqtAvrco |
| DCdVgmvoF17d+Hlh8n4YWXokfuMIPNnRgXM2UZmh6r8Y/5RA1/9fGoqxrnjBkXtV |
| GtixkQK2XpQyhF93+ImJAFx0vncblT5gLWpno+lCA1GvHxDYIW82KTNykPR+BRe7 |
| par71lb8QC4O |
| -----END TRUSTED_CERTIFICATE----- |
| |
| -----BEGIN TIME----- |
| MTUwMzAyMTIwMDAwWg== |
| -----END TIME----- |
| |
| -----BEGIN VERIFY_RESULT----- |
| RkFJTA== |
| -----END VERIFY_RESULT----- |