blob: 8c68f56e10a90278c0b5114ed90ad5f33d06b0a1 [file] [log] [blame]
[Created by: ./generate-chains.py]
Chain where the leaf has two policies and the intermediate has anyPolicy.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:e1:0f:c9:fa:59:38:73:f8:5d:58:01:76:a1:f9:07:db:92:01:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a7:fb:0c:b8:75:eb:c8:c2:7a:0c:72:ee:89:76:
8c:a8:0c:54:51:5a:2d:69:42:9f:78:ea:57:3f:c0:
c2:4f:6d:b9:92:cf:41:f5:83:70:56:02:06:80:f6:
0b:61:3d:ff:d6:2c:0e:9d:59:fc:91:a6:47:fe:f0:
36:07:48:1e:18:5b:d1:59:50:e9:07:a7:a6:3b:0c:
53:e3:31:53:e0:3b:c3:1d:02:c4:6d:ed:a7:9d:bc:
a4:f6:1a:1a:c8:c4:51:28:60:11:2d:3f:2c:93:60:
d5:4e:44:83:e3:2b:ea:47:98:7a:c4:6e:6d:67:32:
2c:29:28:3f:b0:73:c1:b2:ce:fc:f6:15:e3:16:d5:
00:11:b4:98:91:43:42:d6:0f:ed:82:95:2f:23:69:
60:0e:9a:09:1b:9a:67:c1:a0:83:d4:74:80:6f:de:
67:34:73:d9:79:bb:83:6b:90:0c:a7:59:05:5c:96:
9b:e2:7e:f2:d7:6b:57:09:81:8b:6a:54:d2:58:50:
22:49:3c:ca:44:a1:a9:c9:41:50:39:d4:ad:78:3c:
e0:4b:74:ff:d6:04:61:6a:e5:4d:eb:2d:45:11:78:
a7:30:bc:12:31:c5:1e:e6:f8:dc:81:60:6f:0b:01:
bc:50:a2:c1:e4:6c:eb:87:b4:b5:89:86:b3:cc:0a:
68:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8B:D4:7E:BA:F1:1F:2F:2B:E6:6A:5E:E5:36:FD:A6:3E:F5:5F:B0
X509v3 Authority Key Identifier:
keyid:DE:60:17:6D:1C:07:19:9D:2A:ED:85:01:D1:5F:20:9F:30:B6:35:87
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.2.3.4
Policy: 1.2.6.7
X509v3 Subject Alternative Name:
DNS:test.example
Signature Algorithm: sha256WithRSAEncryption
4a:36:57:8d:fe:fa:8e:fa:66:44:6c:5f:0e:52:d7:d7:49:e1:
d7:8b:58:49:bf:7d:21:11:01:53:34:23:86:c3:3b:72:b6:e5:
31:e7:f0:23:28:b3:20:3a:ad:b2:53:40:df:19:38:49:95:2d:
bb:7e:67:76:e8:1d:93:62:01:c0:b5:54:67:ff:0e:4d:c6:04:
8a:f8:e8:0e:25:26:7e:d8:ee:09:06:9e:59:6d:0c:a7:21:72:
fa:7d:c9:1e:87:a0:89:4b:06:bf:fb:3c:66:ff:62:f6:e6:c7:
0b:fb:89:37:36:fc:4b:ef:40:a2:54:19:ff:4f:d3:1f:6e:75:
91:df:e8:0a:b6:62:48:2c:2d:ca:10:d0:c3:8a:38:b9:d2:45:
a3:75:14:53:da:e9:b4:d7:3f:7d:f0:df:79:3d:a5:29:97:9a:
0d:21:59:16:b9:9a:ee:cb:10:1f:7d:51:db:4c:ad:4d:af:89:
44:52:5f:25:bd:b9:d7:41:a1:a7:5b:4e:39:bc:f9:22:b2:ec:
06:c9:ca:8b:5f:f0:fe:3e:3e:12:2f:ff:c4:cf:da:66:d9:c7:
65:cc:2f:fa:f1:b1:b4:2f:17:94:03:14:23:89:f5:58:46:eb:
e5:a1:16:db:d9:cf:c3:bd:29:65:80:4b:f7:4f:75:23:88:42:
b5:06:cf:0a
-----BEGIN CERTIFICATE-----
MIID1DCCArygAwIBAgIUa+EPyfpZOHP4XVgBdqH5B9uSAVwwDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTE4MDMxMDEyMDAwMFoXDTIx
MDEwMTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAp/sMuHXryMJ6DHLuiXaMqAxUUVotaUKfeOpXP8DCT225
ks9B9YNwVgIGgPYLYT3/1iwOnVn8kaZH/vA2B0geGFvRWVDpB6emOwxT4zFT4DvD
HQLEbe2nnbyk9hoayMRRKGARLT8sk2DVTkSD4yvqR5h6xG5tZzIsKSg/sHPBss78
9hXjFtUAEbSYkUNC1g/tgpUvI2lgDpoJG5pnwaCD1HSAb95nNHPZebuDa5AMp1kF
XJab4n7y12tXCYGLalTSWFAiSTzKRKGpyUFQOdSteDzgS3T/1gRhauVN6y1FEXin
MLwSMcUe5vjcgWBvCwG8UKLB5Gzrh7S1iYazzApo0QIDAQABo4IBHDCCARgwHQYD
VR0OBBYEFJ2L1H668R8vK+ZqXuU2/aY+9V+wMB8GA1UdIwQYMBaAFN5gF20cBxmd
Ku2FAdFfIJ8wtjWHMD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDov
L3VybC1mb3ItYWlhL0ludGVybWVkaWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYj
aHR0cDovL3VybC1mb3ItY3JsL0ludGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAXBgNVHSAEEDAOMAUG
AyoDBDAFBgMqBgcwFwYDVR0RBBAwDoIMdGVzdC5leGFtcGxlMA0GCSqGSIb3DQEB
CwUAA4IBAQBKNleN/vqO+mZEbF8OUtfXSeHXi1hJv30hEQFTNCOGwztytuUx5/Aj
KLMgOq2yU0DfGThJlS27fmd26B2TYgHAtVRn/w5NxgSK+OgOJSZ+2O4JBp5ZbQyn
IXL6fckeh6CJSwa/+zxm/2L25scL+4k3NvxL70CiVBn/T9MfbnWR3+gKtmJILC3K
ENDDiji50kWjdRRT2um01z998N95PaUpl5oNIVkWuZruyxAffVHbTK1Nr4lEUl8l
vbnXQaGnW045vPkisuwGycqLX/D+Pj4SL//Ez9pm2cdlzC/68bG0LxeUAxQjifVY
RuvloRbb2c/DvSllgEv3T3UjiEK1Bs8K
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:42:db:45:76:7f:b8:53:d5:02:1e:c2:90:7e:60:72:5a:78:fc:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b2:2f:54:6d:cb:bc:2b:71:f5:87:7a:7d:5d:ab:
c3:0e:bd:15:b0:a5:47:e4:2b:2a:a0:a0:0d:0f:65:
fc:84:85:2c:b4:24:a7:cf:87:9e:89:d9:f3:cf:de:
89:61:c7:64:42:65:5f:39:13:89:92:48:54:9c:33:
6b:8e:dc:dc:c6:4d:79:f8:63:37:f4:41:0d:57:ee:
5b:0d:6d:2f:6a:d6:78:d3:d3:f7:29:d0:fa:89:ec:
72:ec:11:49:fe:78:8f:38:ac:69:27:e3:f9:19:3d:
58:18:2e:2d:f6:7c:a5:30:1f:1d:79:65:b5:b1:4d:
05:6a:4b:dd:01:2e:a7:64:d1:16:23:07:05:1a:09:
6a:67:73:d0:f3:d9:c3:81:9e:99:ac:ee:58:06:b5:
d6:ce:df:0d:c4:14:42:cb:44:e1:7b:2a:1f:e6:38:
e6:00:4b:39:d1:89:0c:27:d6:e3:61:16:7e:44:8f:
25:65:8d:a6:a4:95:85:3e:13:c5:d6:14:83:c1:e3:
69:cf:88:ed:f7:74:9e:2b:8e:a7:5f:ad:d2:84:98:
06:14:85:88:54:0a:b6:9c:8a:8f:0b:d1:c4:2c:5e:
06:96:55:4a:92:7b:14:bb:aa:bf:cd:d4:a5:a8:ae:
ef:eb:d8:97:75:7b:a0:7a:b6:69:1c:27:37:f2:f9:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:60:17:6D:1C:07:19:9D:2A:ED:85:01:D1:5F:20:9F:30:B6:35:87
X509v3 Authority Key Identifier:
keyid:E3:1C:57:80:6D:50:B5:5E:E3:27:A5:3F:E5:CC:E0:A9:45:56:C1:9E
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Certificate Policies:
Policy: X509v3 Any Policy
Signature Algorithm: sha256WithRSAEncryption
46:e3:84:f5:f8:ca:cd:67:47:bc:e7:5c:c8:15:9b:43:38:4e:
e8:01:ae:c3:0b:fe:d7:b2:27:5b:d5:eb:1f:c9:b0:13:8e:2d:
ad:34:bb:f3:ce:5f:1e:4a:1c:ee:62:de:bb:8d:95:47:c7:61:
8d:01:c4:a4:0e:27:24:25:55:23:97:54:08:f6:39:0d:b2:26:
41:d5:0a:68:66:19:06:79:4b:78:c6:6e:20:d5:12:12:d0:21:
92:e9:8f:f2:b2:c3:01:5f:9a:12:f3:5d:d4:b9:64:4b:60:f0:
5c:ee:38:82:95:80:e3:cf:56:80:60:e5:65:51:30:5d:97:80:
67:a5:91:79:25:35:8a:18:88:77:0c:6d:9f:1f:32:46:75:4c:
52:98:8c:bf:88:05:99:9f:48:83:3b:4b:57:81:39:59:93:d8:
45:0b:8a:21:3e:92:fa:21:88:c2:60:f8:7e:a4:5a:2f:5f:17:
d1:ac:9b:e8:d8:9c:28:fb:32:d8:99:bd:59:63:e0:93:7b:8f:
2c:47:2f:f8:ac:67:e8:5e:c9:e8:56:26:75:49:3e:c4:ba:58:
3a:e3:ec:15:08:5d:d5:0c:e5:62:92:c0:33:ce:4e:21:6c:9b:
2d:81:66:48:76:e2:45:9f:27:84:68:66:5f:7a:a8:4a:15:92:
e0:3c:bb:5e
-----BEGIN CERTIFICATE-----
MIIDkzCCAnugAwIBAgIUdkLbRXZ/uFPVAh7CkH5gclp4/MgwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIvVG3LvCtx9Yd6fV2rww69FbClR+QrKqCgDQ9l/ISFLLQk
p8+HnonZ88/eiWHHZEJlXzkTiZJIVJwza47c3MZNefhjN/RBDVfuWw1tL2rWeNPT
9ynQ+onscuwRSf54jzisaSfj+Rk9WBguLfZ8pTAfHXlltbFNBWpL3QEup2TRFiMH
BRoJamdz0PPZw4GemazuWAa11s7fDcQUQstE4XsqH+Y45gBLOdGJDCfW42EWfkSP
JWWNpqSVhT4TxdYUg8Hjac+I7fd0niuOp1+t0oSYBhSFiFQKtpyKjwvRxCxeBpZV
SpJ7FLuqv83Upaiu7+vYl3V7oHq2aRwnN/L55QkCAwEAAaOB3jCB2zAdBgNVHQ4E
FgQU3mAXbRwHGZ0q7YUB0V8gnzC2NYcwHwYDVR0jBBgwFoAU4xxXgG1QtV7jJ6U/
5czgqUVWwZ4wNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsFAAOCAQEARuOE9fjKzWdH
vOdcyBWbQzhO6AGuwwv+17InW9XrH8mwE44trTS7885fHkoc7mLeu42VR8dhjQHE
pA4nJCVVI5dUCPY5DbImQdUKaGYZBnlLeMZuINUSEtAhkumP8rLDAV+aEvNd1Llk
S2DwXO44gpWA489WgGDlZVEwXZeAZ6WReSU1ihiIdwxtnx8yRnVMUpiMv4gFmZ9I
gztLV4E5WZPYRQuKIT6S+iGIwmD4fqRaL18X0ayb6NicKPsy2Jm9WWPgk3uPLEcv
+Kxn6F7J6FYmdUk+xLpYOuPsFQhd1QzlYpLAM85OIWybLYFmSHbiRZ8nhGhmX3qo
ShWS4Dy7Xg==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:42:db:45:76:7f:b8:53:d5:02:1e:c2:90:7e:60:72:5a:78:fc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Mar 10 12:00:00 2018 GMT
Not After : Jan 1 12:00:00 2021 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9a:8f:40:d0:8f:a9:e6:69:43:b2:9a:c5:a9:f9:
0f:20:56:10:59:91:36:08:26:d2:eb:0c:e6:82:de:
a5:90:ca:67:dc:f8:17:bc:71:91:9c:f3:46:eb:71:
65:f5:a5:e0:9c:5e:e5:09:2f:a2:9c:5d:49:29:20:
d0:bb:58:c3:ac:9d:4c:a4:df:8a:06:40:13:93:63:
1d:24:d8:5c:01:57:0c:34:ea:47:ae:31:1a:21:d7:
cf:29:73:44:96:97:01:c8:36:57:77:4c:1d:e0:bc:
5a:93:06:3b:d5:45:3f:98:09:8c:db:cc:f2:eb:90:
28:53:94:9f:8d:fd:97:75:ca:c7:fe:92:cf:58:1b:
93:66:37:12:c2:6b:bb:38:a2:43:24:dc:41:c3:b3:
3c:69:f9:a1:7b:ad:7d:92:b3:22:a5:31:df:34:86:
62:43:d8:11:3d:dd:7c:1b:24:9f:0d:2a:0f:c5:1c:
7d:c4:fe:55:4d:33:7a:0a:ef:98:55:64:3f:a7:c6:
40:d3:f7:e0:2d:68:f8:83:0f:c3:8d:c4:65:89:1c:
ab:c8:0d:30:6c:da:dd:8d:a2:8f:ac:96:d8:de:41:
e7:b8:3d:d4:5b:8f:c3:3d:87:6b:d6:7f:bb:4d:23:
d5:08:60:bc:d2:54:85:fe:4f:b4:49:cf:18:32:74:
a1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1C:57:80:6D:50:B5:5E:E3:27:A5:3F:E5:CC:E0:A9:45:56:C1:9E
X509v3 Authority Key Identifier:
keyid:E3:1C:57:80:6D:50:B5:5E:E3:27:A5:3F:E5:CC:E0:A9:45:56:C1:9E
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
93:ab:ec:9b:45:d5:12:c4:80:33:e0:f3:1f:ec:3d:5b:47:80:
2a:f4:7b:87:1f:aa:19:ec:7e:b6:1f:39:15:b2:7e:05:28:01:
74:60:3c:ef:06:77:e0:2c:59:19:01:12:52:3a:c5:e9:81:24:
57:4f:95:b4:5c:22:d9:89:8d:e8:7a:77:1d:57:bd:b6:97:11:
a3:7b:5f:df:27:68:77:2c:50:8b:8e:57:64:62:9b:f3:d4:d7:
09:7c:9f:65:76:22:87:a5:23:e5:cd:cf:56:50:7d:c8:c2:4f:
30:91:3b:d7:1b:f9:04:63:ef:19:5a:a0:46:fc:11:8b:c3:9d:
b0:8b:d7:ae:5c:21:74:36:96:57:db:c4:f1:a8:1c:73:be:e9:
0b:4d:76:60:37:d0:8f:29:a2:da:55:1b:64:46:10:16:ec:ca:
4d:52:fc:e4:30:9f:8e:b9:57:40:87:67:f6:9b:e6:2e:6c:fb:
ea:5c:ee:29:51:4c:03:70:66:d8:ce:bd:78:aa:e8:d5:25:49:
f6:f2:9d:e4:45:90:55:45:0c:10:37:c1:b9:4d:75:b1:77:3a:
89:38:58:fe:ad:46:13:79:ff:7d:c0:04:a6:5e:ae:86:f2:65:
16:1f:0e:b2:71:e3:5e:35:18:4b:d1:70:c6:9e:fb:eb:f5:ca:
3f:03:7f:56
-----BEGIN CERTIFICATE-----
MIIDeDCCAmCgAwIBAgIUdkLbRXZ/uFPVAh7CkH5gclp4/McwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw
MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCaj0DQj6nmaUOymsWp+Q8gVhBZkTYIJtLrDOaC3qWQymfc+Be8cZGc80br
cWX1peCcXuUJL6KcXUkpINC7WMOsnUyk34oGQBOTYx0k2FwBVww06keuMRoh188p
c0SWlwHINld3TB3gvFqTBjvVRT+YCYzbzPLrkChTlJ+N/Zd1ysf+ks9YG5NmNxLC
a7s4okMk3EHDszxp+aF7rX2SsyKlMd80hmJD2BE93XwbJJ8NKg/FHH3E/lVNM3oK
75hVZD+nxkDT9+AtaPiDD8ONxGWJHKvIDTBs2t2Noo+sltjeQee4PdRbj8M9h2vW
f7tNI9UIYLzSVIX+T7RJzxgydKE/AgMBAAGjgcswgcgwHQYDVR0OBBYEFOMcV4Bt
ULVe4yelP+XM4KlFVsGeMB8GA1UdIwQYMBaAFOMcV4BtULVe4yelP+XM4KlFVsGe
MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
9w0BAQsFAAOCAQEAk6vsm0XVEsSAM+DzH+w9W0eAKvR7hx+qGex+th85FbJ+BSgB
dGA87wZ34CxZGQESUjrF6YEkV0+VtFwi2YmN6Hp3HVe9tpcRo3tf3ydodyxQi45X
ZGKb89TXCXyfZXYih6Uj5c3PVlB9yMJPMJE71xv5BGPvGVqgRvwRi8OdsIvXrlwh
dDaWV9vE8agcc77pC012YDfQjymi2lUbZEYQFuzKTVL85DCfjrlXQIdn9pvmLmz7
6lzuKVFMA3Bm2M69eKro1SVJ9vKd5EWQVUUMEDfBuU11sXc6iThY/q1GE3n/fcAE
pl6uhvJlFh8OsnHjXjUYS9Fwxp776/XKPwN/Vg==
-----END CERTIFICATE-----