• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1[Created by: generate-chains.py]
2
3Certificate chain where the intermediate was signed by a different
4certificate with a different key. The intermediate lacks an
5authorityKeyIdentifier extension as some verifiers will not try verifying with
6the bogus root if the authorityKeyIdentifier does not match the root's
7subjectKeyIdentifier.
8
9
10Certificate:
11    Data:
12        Version: 3 (0x2)
13        Serial Number:
14            79:09:02:a5:7e:5f:ed:29:b0:9c:e2:2b:f0:ed:48:a5:f4:32:81:64
15        Signature Algorithm: sha256WithRSAEncryption
16        Issuer: CN=Intermediate
17        Validity
18            Not Before: Oct  5 12:00:00 2021 GMT
19            Not After : Oct  5 12:00:00 2022 GMT
20        Subject: CN=Target
21        Subject Public Key Info:
22            Public Key Algorithm: rsaEncryption
23                RSA Public-Key: (2048 bit)
24                Modulus:
25                    00:ab:12:e3:ca:56:56:53:39:63:22:cd:90:66:ef:
26                    33:38:2d:22:ef:23:1b:4c:81:d0:2e:d0:8e:f8:63:
27                    f4:36:e4:45:45:5c:98:6d:46:f1:d4:98:49:15:44:
28                    6d:81:cd:55:14:95:f8:b0:80:e6:26:4e:ff:04:c7:
29                    d7:71:ab:01:0c:0b:f1:7b:18:80:a2:e2:9c:29:0e:
30                    7d:d5:c0:a7:b5:4a:04:42:5e:d5:4d:9c:68:ed:b4:
31                    04:f2:3e:e3:ce:1e:89:2c:06:13:f3:85:ec:63:01:
32                    a5:de:7c:01:ed:fd:35:60:d2:66:ac:d7:9b:3a:81:
33                    07:7c:90:7f:ae:e2:ac:b3:41:1c:58:7b:21:c6:7d:
34                    22:dc:e9:16:5c:53:a5:bc:4d:09:51:8b:6c:c8:93:
35                    9a:65:cc:16:20:01:3c:cf:99:8e:9e:17:57:0b:d7:
36                    9a:30:6f:db:ed:64:85:d1:ad:8b:a3:ad:f1:c0:6f:
37                    de:3e:83:9a:33:fb:1c:d3:ed:a6:46:1c:3c:c0:41:
38                    95:7c:da:5b:a2:73:eb:99:58:4d:dd:ee:76:4a:d6:
39                    9c:0d:66:46:72:79:f0:95:94:aa:08:18:0e:12:b1:
40                    03:73:9c:a4:52:b2:54:c8:e4:cb:27:6b:aa:24:07:
41                    14:98:76:12:7d:01:5f:df:a7:e8:34:2a:46:61:b6:
42                    11:f5
43                Exponent: 65537 (0x10001)
44        X509v3 extensions:
45            X509v3 Subject Key Identifier:
46                3B:80:B5:C8:C1:DB:F2:5A:84:C6:36:8C:08:04:72:6B:FC:78:48:55
47            X509v3 Authority Key Identifier:
48                keyid:9C:50:7F:A1:0F:62:41:B6:41:8A:7E:5C:6E:73:B4:3E:44:FE:E6:C2
49
50            Authority Information Access:
51                CA Issuers - URI:http://url-for-aia/Intermediate.cer
52
53            X509v3 CRL Distribution Points:
54
55                Full Name:
56                  URI:http://url-for-crl/Intermediate.crl
57
58            X509v3 Key Usage: critical
59                Digital Signature, Key Encipherment
60            X509v3 Extended Key Usage:
61                TLS Web Server Authentication, TLS Web Client Authentication
62            X509v3 Subject Alternative Name:
63                DNS:test.example
64    Signature Algorithm: sha256WithRSAEncryption
65         8c:ed:0b:9b:5a:c2:d1:7e:0f:6f:a0:c0:0d:1f:08:e7:ee:b6:
66         b1:1a:f3:85:3b:97:2c:00:57:13:f0:37:64:53:eb:98:07:4e:
67         fd:62:53:d4:94:6c:28:16:1d:4e:a5:61:ff:6c:f2:a5:04:d0:
68         2f:3b:e9:64:8d:cc:93:6a:47:44:e5:3a:cc:7f:ee:00:e3:6d:
69         40:70:ed:b5:21:88:1f:c5:b3:d9:3b:8b:7a:87:23:17:1e:c5:
70         df:ae:e6:e7:b8:51:7f:a3:d5:41:ef:be:f9:fa:df:39:19:85:
71         4e:3c:fc:a5:43:84:6f:ae:49:cd:4f:73:db:29:fe:94:1a:f0:
72         11:b9:41:12:c3:3c:91:7f:c2:34:3f:9b:dc:69:c7:80:fa:af:
73         ba:f7:25:72:c8:d1:d2:5d:87:42:86:d0:03:49:76:bd:e4:1f:
74         11:90:43:02:b4:7b:b4:23:c1:b1:ff:c5:83:4d:95:80:7f:fd:
75         bd:df:d6:5b:af:f9:3c:5b:c5:95:aa:79:ac:e6:11:fd:7f:5a:
76         ad:54:29:ac:9b:23:61:b5:3a:89:18:cf:55:84:30:87:1b:14:
77         39:9b:19:5f:bd:38:43:da:6e:f1:54:33:13:d9:87:5b:45:b4:
78         69:e6:89:85:e7:69:4b:d1:aa:12:1a:bd:ab:cd:ff:de:86:e6:
79         ec:14:bf:0f
80-----BEGIN CERTIFICATE-----
81MIIDujCCAqKgAwIBAgIUeQkCpX5f7SmwnOIr8O1IpfQygWQwDQYJKoZIhvcNAQEL
82BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy
83MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
84AAOCAQ8AMIIBCgKCAQEAqxLjylZWUzljIs2QZu8zOC0i7yMbTIHQLtCO+GP0NuRF
85RVyYbUbx1JhJFURtgc1VFJX4sIDmJk7/BMfXcasBDAvxexiAouKcKQ591cCntUoE
86Ql7VTZxo7bQE8j7jzh6JLAYT84XsYwGl3nwB7f01YNJmrNebOoEHfJB/ruKss0Ec
87WHshxn0i3OkWXFOlvE0JUYtsyJOaZcwWIAE8z5mOnhdXC9eaMG/b7WSF0a2Lo63x
88wG/ePoOaM/sc0+2mRhw8wEGVfNpbonPrmVhN3e52StacDWZGcnnwlZSqCBgOErED
89c5ykUrJUyOTLJ2uqJAcUmHYSfQFf36foNCpGYbYR9QIDAQABo4IBAjCB/zAdBgNV
90HQ4EFgQUO4C1yMHb8lqExjaMCARya/x4SFUwHwYDVR0jBBgwFoAUnFB/oQ9iQbZB
91in5cbnO0PkT+5sIwPwYIKwYBBQUHAQEEMzAxMC8GCCsGAQUFBzAChiNodHRwOi8v
92dXJsLWZvci1haWEvSW50ZXJtZWRpYXRlLmNlcjA0BgNVHR8ELTArMCmgJ6AlhiNo
93dHRwOi8vdXJsLWZvci1jcmwvSW50ZXJtZWRpYXRlLmNybDAOBgNVHQ8BAf8EBAMC
94BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBcGA1UdEQQQMA6CDHRl
95c3QuZXhhbXBsZTANBgkqhkiG9w0BAQsFAAOCAQEAjO0Lm1rC0X4Pb6DADR8I5+62
96sRrzhTuXLABXE/A3ZFPrmAdO/WJT1JRsKBYdTqVh/2zypQTQLzvpZI3Mk2pHROU6
97zH/uAONtQHDttSGIH8Wz2TuLeocjFx7F367m57hRf6PVQe+++frfORmFTjz8pUOE
98b65JzU9z2yn+lBrwEblBEsM8kX/CND+b3GnHgPqvuvclcsjR0l2HQobQA0l2veQf
99EZBDArR7tCPBsf/Fg02VgH/9vd/WW6/5PFvFlap5rOYR/X9arVQprJsjYbU6iRjP
100VYQwhxsUOZsZX704Q9pu8VQzE9mHW0W0aeaJhedpS9GqEhq9q83/3obm7BS/Dw==
101-----END CERTIFICATE-----
102
103Certificate:
104    Data:
105        Version: 3 (0x2)
106        Serial Number:
107            70:e9:3f:62:d9:75:26:c4:22:75:a1:77:c9:f1:44:79:41:3f:cb:10
108        Signature Algorithm: sha256WithRSAEncryption
109        Issuer: CN=Root
110        Validity
111            Not Before: Oct  5 12:00:00 2021 GMT
112            Not After : Oct  5 12:00:00 2022 GMT
113        Subject: CN=Intermediate
114        Subject Public Key Info:
115            Public Key Algorithm: rsaEncryption
116                RSA Public-Key: (2048 bit)
117                Modulus:
118                    00:b1:5a:2a:19:91:cd:d4:28:05:9d:4e:95:4e:47:
119                    cf:79:0a:12:27:4f:0c:29:93:3f:2a:9c:3a:b3:a3:
120                    07:43:a3:40:06:07:37:7c:1f:d8:6c:6a:af:38:06:
121                    a8:3c:31:cf:c6:46:1e:ba:b8:70:95:5f:85:49:59:
122                    41:78:3b:f9:c2:03:d2:a1:9d:5a:82:f5:c7:ae:74:
123                    53:ec:d1:ae:07:26:0c:bd:67:47:bb:05:fd:d5:a6:
124                    24:d4:c0:39:db:3b:ff:1e:f0:8f:0d:bf:f2:0d:00:
125                    e5:7d:63:13:2d:d0:9b:3f:96:46:5d:c9:06:34:40:
126                    15:94:a3:29:9f:fe:7d:ec:95:9f:e9:e5:c6:97:f6:
127                    10:3f:ea:09:40:84:ba:59:64:d6:83:06:bc:ec:ea:
128                    3f:7c:99:f3:b4:c7:13:9d:1a:74:bc:f5:4f:b5:d7:
129                    c0:fc:0f:78:f9:87:fb:9a:f1:44:00:91:d2:d9:5d:
130                    12:67:a0:cd:75:a4:eb:c2:47:86:b8:bd:d5:4c:7e:
131                    6b:48:8e:a9:7d:0c:3f:4e:a0:2e:a1:fc:67:63:40:
132                    fa:c4:56:b0:a3:ee:8a:73:55:69:fa:ec:5f:39:57:
133                    74:65:1d:ef:66:9e:ad:76:84:e3:a7:ec:7e:d8:c2:
134                    fb:8b:16:0e:1e:65:79:1d:c7:8e:d9:df:1e:31:49:
135                    1e:85
136                Exponent: 65537 (0x10001)
137        X509v3 extensions:
138            X509v3 Subject Key Identifier:
139                9C:50:7F:A1:0F:62:41:B6:41:8A:7E:5C:6E:73:B4:3E:44:FE:E6:C2
140            Authority Information Access:
141                CA Issuers - URI:http://url-for-aia/Root.cer
142
143            X509v3 CRL Distribution Points:
144
145                Full Name:
146                  URI:http://url-for-crl/Root.crl
147
148            X509v3 Key Usage: critical
149                Certificate Sign, CRL Sign
150            X509v3 Basic Constraints: critical
151                CA:TRUE
152    Signature Algorithm: sha256WithRSAEncryption
153         7e:f8:bb:44:37:c0:8a:7d:19:4d:c1:36:97:e9:13:ee:87:62:
154         f7:39:10:53:39:e1:76:fa:89:44:b0:1a:8d:36:5e:79:45:48:
155         8e:a8:a6:57:fe:cc:78:1f:91:a9:59:9c:64:ac:79:91:b0:f2:
156         b9:bd:1c:be:89:df:0c:c7:ee:71:bf:9b:29:38:8e:50:f8:9e:
157         6a:16:6d:c5:69:f8:be:9f:3b:0c:15:1d:1e:be:b6:68:88:c6:
158         03:c9:1f:e0:ed:9b:98:56:fe:d5:a3:0c:6b:76:bb:3e:9d:5d:
159         29:cc:6a:50:ad:e8:6f:38:e7:ab:17:83:86:02:dc:d6:7d:de:
160         93:e1:30:dc:00:60:6a:94:11:40:3d:52:ef:ad:55:59:94:5a:
161         dc:46:1d:3c:ad:ff:d8:fd:ad:09:ee:dd:88:84:48:5b:a0:18:
162         a8:a4:c8:29:85:1a:c1:5a:36:a9:64:1c:f3:66:0c:f5:ae:46:
163         a6:6e:3f:e7:c2:2a:50:9c:5f:46:dc:be:5d:fb:5b:a9:d4:85:
164         6e:bc:92:28:dd:36:2c:11:df:80:2f:54:d7:5b:32:38:1b:e5:
165         73:27:25:08:6a:c9:91:8c:9a:d1:0a:20:a0:30:72:e3:77:7d:
166         4d:08:c7:57:9a:c6:1b:ea:0e:86:80:42:38:25:69:12:e9:98:
167         48:e0:ef:06
168-----BEGIN CERTIFICATE-----
169MIIDXzCCAkegAwIBAgIUcOk/Ytl1JsQidaF3yfFEeUE/yxAwDQYJKoZIhvcNAQEL
170BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
171MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
172ggEPADCCAQoCggEBALFaKhmRzdQoBZ1OlU5Hz3kKEidPDCmTPyqcOrOjB0OjQAYH
173N3wf2GxqrzgGqDwxz8ZGHrq4cJVfhUlZQXg7+cID0qGdWoL1x650U+zRrgcmDL1n
174R7sF/dWmJNTAOds7/x7wjw2/8g0A5X1jEy3Qmz+WRl3JBjRAFZSjKZ/+feyVn+nl
175xpf2ED/qCUCEullk1oMGvOzqP3yZ87THE50adLz1T7XXwPwPePmH+5rxRACR0tld
176EmegzXWk68JHhri91Ux+a0iOqX0MP06gLqH8Z2NA+sRWsKPuinNVafrsXzlXdGUd
17772aerXaE46fsftjC+4sWDh5leR3HjtnfHjFJHoUCAwEAAaOBqjCBpzAdBgNVHQ4E
178FgQUnFB/oQ9iQbZBin5cbnO0PkT+5sIwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUF
179BzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+g
180HYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAP
181BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB++LtEN8CKfRlNwTaX
1826RPuh2L3ORBTOeF2+olEsBqNNl55RUiOqKZX/sx4H5GpWZxkrHmRsPK5vRy+id8M
183x+5xv5spOI5Q+J5qFm3Fafi+nzsMFR0evrZoiMYDyR/g7ZuYVv7Vowxrdrs+nV0p
184zGpQrehvOOerF4OGAtzWfd6T4TDcAGBqlBFAPVLvrVVZlFrcRh08rf/Y/a0J7t2I
185hEhboBiopMgphRrBWjapZBzzZgz1rkambj/nwipQnF9G3L5d+1up1IVuvJIo3TYs
186Ed+AL1TXWzI4G+VzJyUIasmRjJrRCiCgMHLjd31NCMdXmsYb6g6GgEI4JWkS6ZhI
1874O8G
188-----END CERTIFICATE-----
189
190Certificate:
191    Data:
192        Version: 3 (0x2)
193        Serial Number:
194            70:e9:3f:62:d9:75:26:c4:22:75:a1:77:c9:f1:44:79:41:3f:cb:11
195        Signature Algorithm: sha256WithRSAEncryption
196        Issuer: CN=Root
197        Validity
198            Not Before: Oct  5 12:00:00 2021 GMT
199            Not After : Oct  5 12:00:00 2022 GMT
200        Subject: CN=Root
201        Subject Public Key Info:
202            Public Key Algorithm: rsaEncryption
203                RSA Public-Key: (2048 bit)
204                Modulus:
205                    00:9c:03:e4:44:d9:35:7b:d7:f5:f0:78:21:45:10:
206                    23:6f:06:36:12:ff:a2:76:ef:19:ec:6f:a5:07:40:
207                    3c:81:11:8d:0b:5a:6b:1f:fe:73:80:3e:62:0b:00:
208                    de:05:eb:a6:e8:e6:70:33:d1:16:6c:56:d7:0e:a5:
209                    a7:52:9b:9c:9b:33:ab:7e:98:d6:1f:42:36:65:d4:
210                    54:bf:85:fd:ba:23:40:84:c6:0f:48:e6:0a:14:2c:
211                    6e:12:b2:ce:c4:2b:47:aa:61:5c:ba:37:c3:c1:7b:
212                    39:04:1f:2d:5a:6a:b1:35:33:d9:02:66:92:36:0e:
213                    30:50:d6:57:4a:e0:07:d9:4c:39:f3:2f:8d:e3:e6:
214                    2b:ce:ab:37:6b:24:d6:99:fa:25:b2:f5:dc:6c:bd:
215                    85:a2:e5:bb:41:a6:a5:44:8c:12:3f:a8:89:90:8b:
216                    51:bf:25:40:f7:fa:f9:f3:4f:d7:0c:43:c8:ea:bf:
217                    4e:1f:08:90:e6:6e:cc:3f:ab:83:41:52:d4:96:9b:
218                    df:18:90:f0:dc:51:05:10:e0:44:9e:9f:5a:f3:f5:
219                    9b:81:41:fe:64:40:00:54:db:22:c4:b1:dd:7b:1a:
220                    c9:f9:54:21:fc:15:13:c2:b6:c5:8c:45:c8:f6:44:
221                    c8:32:6e:9c:23:cd:2a:61:92:b1:11:b6:35:a2:e4:
222                    e8:2b
223                Exponent: 65537 (0x10001)
224        X509v3 extensions:
225            X509v3 Subject Key Identifier:
226                A4:09:C4:04:3B:00:F6:3C:A0:27:CB:BE:2F:C5:65:78:EE:43:F1:56
227            X509v3 Authority Key Identifier:
228                keyid:A4:09:C4:04:3B:00:F6:3C:A0:27:CB:BE:2F:C5:65:78:EE:43:F1:56
229
230            Authority Information Access:
231                CA Issuers - URI:http://url-for-aia/Root.cer
232
233            X509v3 CRL Distribution Points:
234
235                Full Name:
236                  URI:http://url-for-crl/Root.crl
237
238            X509v3 Key Usage: critical
239                Certificate Sign, CRL Sign
240            X509v3 Basic Constraints: critical
241                CA:TRUE
242    Signature Algorithm: sha256WithRSAEncryption
243         88:08:7b:8f:39:fe:18:2d:2a:ef:32:b8:63:40:62:49:72:b8:
244         49:a2:9a:15:e9:4f:33:43:b4:1a:98:39:b6:e4:33:37:8f:3a:
245         96:b5:12:c2:91:ef:32:a7:c0:64:b8:b9:38:90:ba:b5:5f:12:
246         04:0c:d3:bf:e0:74:c2:5f:60:bf:54:2e:cd:26:2a:dd:3c:fd:
247         c1:55:96:4c:df:6b:26:23:41:26:a0:48:97:82:d4:b3:27:57:
248         ad:74:dd:ea:5a:20:cf:01:e7:6f:9c:34:a2:79:c4:6c:1a:9d:
249         f6:da:21:4b:1e:9e:70:9d:5b:1e:30:3f:7a:b0:5b:7b:bc:05:
250         73:46:50:ee:97:44:3c:70:7a:e3:08:d0:c8:d6:57:96:32:19:
251         d4:91:d3:68:fd:21:b6:e8:e5:b1:01:db:27:6e:f5:1e:6c:d9:
252         e4:7f:49:f4:57:90:ad:d4:bd:f9:5d:2d:35:ca:a7:f1:66:f2:
253         f7:06:20:a5:09:4d:63:9e:d0:1e:77:84:ab:e9:06:51:6b:bd:
254         33:d1:78:78:f1:6c:3b:3e:39:29:01:30:09:48:35:23:40:7e:
255         4f:17:03:9b:3c:2c:8e:3b:cc:a1:3a:82:08:2f:b2:8b:f6:b6:
256         1d:f2:22:41:12:c2:c1:04:c5:29:1e:4d:1a:11:0d:68:9b:0f:
257         78:10:11:14
258-----BEGIN CERTIFICATE-----
259MIIDeDCCAmCgAwIBAgIUcOk/Ytl1JsQidaF3yfFEeUE/yxEwDQYJKoZIhvcNAQEL
260BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
261MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
262AoIBAQCcA+RE2TV71/XweCFFECNvBjYS/6J27xnsb6UHQDyBEY0LWmsf/nOAPmIL
263AN4F66bo5nAz0RZsVtcOpadSm5ybM6t+mNYfQjZl1FS/hf26I0CExg9I5goULG4S
264ss7EK0eqYVy6N8PBezkEHy1aarE1M9kCZpI2DjBQ1ldK4AfZTDnzL43j5ivOqzdr
265JNaZ+iWy9dxsvYWi5btBpqVEjBI/qImQi1G/JUD3+vnzT9cMQ8jqv04fCJDmbsw/
266q4NBUtSWm98YkPDcUQUQ4ESen1rz9ZuBQf5kQABU2yLEsd17Gsn5VCH8FRPCtsWM
267Rcj2RMgybpwjzSphkrERtjWi5OgrAgMBAAGjgcswgcgwHQYDVR0OBBYEFKQJxAQ7
268APY8oCfLvi/FZXjuQ/FWMB8GA1UdIwQYMBaAFKQJxAQ7APY8oCfLvi/FZXjuQ/FW
269MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
270L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
271b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
2729w0BAQsFAAOCAQEAiAh7jzn+GC0q7zK4Y0BiSXK4SaKaFelPM0O0Gpg5tuQzN486
273lrUSwpHvMqfAZLi5OJC6tV8SBAzTv+B0wl9gv1QuzSYq3Tz9wVWWTN9rJiNBJqBI
274l4LUsydXrXTd6logzwHnb5w0onnEbBqd9tohSx6ecJ1bHjA/erBbe7wFc0ZQ7pdE
275PHB64wjQyNZXljIZ1JHTaP0htujlsQHbJ271HmzZ5H9J9FeQrdS9+V0tNcqn8Wby
2769wYgpQlNY57QHneEq+kGUWu9M9F4ePFsOz45KQEwCUg1I0B+TxcDmzwsjjvMoTqC
277CC+yi/a2HfIiQRLCwQTFKR5NGhENaJsPeBARFA==
278-----END CERTIFICATE-----
279