xref: /external/cronet/stable/net/data/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/chain.pem

[Created by: ./generate-chains.py]

Certificate chain where the root keyUsage extension is present but does not
contain keyCertSign.

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:9c:b5:b6:68:93:5e:c6:e1:a7:65:67:49:b3:e4:0e:bd:5e:63:b4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Intermediate
        Validity
            Not Before: Oct  5 12:00:00 2021 GMT
            Not After : Oct  5 12:00:00 2022 GMT
        Subject: CN=Target
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b1:1c:a4:b9:20:81:72:4b:f5:2c:50:7e:3f:1a:
                    85:27:5b:2d:50:7c:e5:36:fd:9c:ac:26:a0:7d:b7:
                    94:d5:6b:fd:c3:46:1a:dc:4d:10:45:98:cc:87:8d:
                    af:fc:0e:bc:c9:b2:61:4b:8c:c2:9b:c8:da:7b:05:
                    b3:3b:e0:21:95:a5:9c:01:72:34:48:3d:e4:44:f2:
                    e7:b6:6b:58:f4:8d:60:92:c8:91:29:41:23:29:23:
                    fd:da:62:d0:c3:78:92:5f:01:09:55:2e:3a:a2:b3:
                    2c:2d:c5:cd:79:26:7a:66:bc:e3:a5:17:51:ae:b7:
                    29:50:75:10:6f:2c:55:a9:79:04:21:05:3b:14:32:
                    65:7c:3a:2c:33:ea:6b:72:20:f1:87:31:f2:8f:27:
                    69:4f:50:1d:c2:18:36:8e:b8:6d:c4:b8:0b:7a:23:
                    87:e1:48:84:ec:44:98:77:df:a7:7a:06:37:4d:42:
                    33:40:e2:b2:c9:67:2f:94:20:69:5c:6d:30:1a:b8:
                    c5:60:9e:32:6e:4d:b2:85:de:94:b9:86:50:f9:0c:
                    72:06:34:bb:f0:4a:fc:cd:c8:89:7b:eb:69:e5:64:
                    e8:55:4c:12:79:cc:81:88:26:f6:59:22:d5:60:8c:
                    36:4f:96:30:e2:ea:f4:10:dc:82:08:d2:3b:e2:05:
                    13:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:6C:19:42:95:E3:95:C7:FF:D2:0F:BD:2C:E9:43:1F:2E:09:A2:C7
            X509v3 Authority Key Identifier:
                5E:60:7B:07:9D:3D:65:C3:D3:DE:FB:C8:28:BE:34:22:10:C9:C4:A2
            Authority Information Access:
                CA Issuers - URI:http://url-for-aia/Intermediate.cer
            X509v3 CRL Distribution Points:
                Full Name:
                  URI:http://url-for-crl/Intermediate.crl
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        14:bf:fa:03:43:bd:68:2c:77:55:2b:4a:49:ed:1b:71:4d:50:
        0c:91:f8:c0:2c:db:66:d8:a9:45:86:25:f6:cf:3a:db:94:e9:
        c2:c9:76:3f:c1:b3:1f:58:08:e8:05:d2:2f:de:82:35:ad:87:
        56:c7:a8:d9:2c:e4:1a:a9:3f:91:52:cc:82:1b:2d:6d:83:99:
        7e:2a:0f:90:93:a7:d3:09:a6:53:49:bc:d2:73:08:73:77:9c:
        5d:d8:7b:3e:ae:42:e3:2d:d5:89:1c:45:de:06:3d:99:a9:e8:
        63:f9:27:f7:01:1c:aa:85:00:1e:37:11:8d:4b:c0:a0:b4:fe:
        16:30:6f:da:88:8e:a9:34:33:9b:9d:6c:d7:f2:c8:e6:86:9d:
        f4:07:60:7e:86:fc:fb:4a:22:a4:cf:84:95:dc:da:cd:35:46:
        71:d3:d3:71:e2:50:0b:a9:8c:25:1e:dc:13:9d:f6:e2:90:fa:
        dd:64:a2:d4:d8:04:fd:64:eb:77:c7:87:88:b5:1a:90:0b:d1:
        e3:5f:5c:94:3a:8d:3b:6b:ad:f7:9c:27:8f:dd:a2:b7:de:64:
        fb:2f:c1:8e:b0:49:88:30:e8:2e:c9:49:26:a2:ad:3f:f8:b5:
        4c:7a:d0:42:33:18:ae:fc:c1:29:66:8a:3d:7b:88:83:48:f6:
        77:c0:02:d1
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIUTZy1tmiTXsbhp2VnSbPkDr1eY7QwDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy
MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAsRykuSCBckv1LFB+PxqFJ1stUHzlNv2crCagfbeU1Wv9
w0Ya3E0QRZjMh42v/A68ybJhS4zCm8jaewWzO+AhlaWcAXI0SD3kRPLntmtY9I1g
ksiRKUEjKSP92mLQw3iSXwEJVS46orMsLcXNeSZ6ZrzjpRdRrrcpUHUQbyxVqXkE
IQU7FDJlfDosM+prciDxhzHyjydpT1Adwhg2jrhtxLgLeiOH4UiE7ESYd9+negY3
TUIzQOKyyWcvlCBpXG0wGrjFYJ4ybk2yhd6UuYZQ+QxyBjS78Er8zciJe+tp5WTo
VUwSecyBiCb2WSLVYIw2T5Yw4ur0ENyCCNI74gUTdwIDAQABo4HpMIHmMB0GA1Ud
DgQWBBSpbBlCleOVx//SD70s6UMfLgmixzAfBgNVHSMEGDAWgBReYHsHnT1lw9Pe
+8govjQiEMnEojA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
ggEBABS/+gNDvWgsd1UrSkntG3FNUAyR+MAs22bYqUWGJfbPOtuU6cLJdj/Bsx9Y
COgF0i/egjWth1bHqNks5BqpP5FSzIIbLW2DmX4qD5CTp9MJplNJvNJzCHN3nF3Y
ez6uQuMt1YkcRd4GPZmp6GP5J/cBHKqFAB43EY1LwKC0/hYwb9qIjqk0M5udbNfy
yOaGnfQHYH6G/PtKIqTPhJXc2s01RnHT03HiUAupjCUe3BOd9uKQ+t1kotTYBP1k
63fHh4i1GpAL0eNfXJQ6jTtrrfecJ4/dorfeZPsvwY6wSYgw6C7JSSairT/4tUx6
0EIzGK78wSlmij17iINI9nfAAtE=
-----END CERTIFICATE-----

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:e3:4d:7d:5e:fd:13:7b:9f:32:55:f3:77:55:e6:39:52:6f:ef:40
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Root
        Validity
            Not Before: Oct  5 12:00:00 2021 GMT
            Not After : Oct  5 12:00:00 2022 GMT
        Subject: CN=Intermediate
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9c:38:da:61:b8:ad:0d:aa:de:44:df:52:78:01:
                    82:89:fb:5f:bd:fc:a9:79:d0:8d:10:5c:3c:4e:b7:
                    b5:43:36:bc:05:3a:0c:4e:54:88:00:45:fb:33:25:
                    ca:cf:3a:aa:ad:a4:de:d2:2e:c1:53:44:b8:f5:58:
                    e7:27:19:5a:70:34:71:c7:4d:77:1f:53:f2:66:b9:
                    79:e8:c2:10:8c:2f:5d:19:17:7e:e3:26:7e:0c:5d:
                    8e:ae:85:01:f7:05:ac:ce:18:5d:7c:a4:fa:fc:38:
                    e6:18:63:a5:4c:d0:a3:cb:a3:e6:47:ad:5f:ec:32:
                    fc:11:02:87:cb:fa:87:c9:38:aa:b8:b2:7e:98:99:
                    1b:4e:f3:01:fc:48:6a:60:a5:29:80:3c:0c:50:23:
                    3a:ae:0a:a6:d4:29:69:1e:15:34:ed:93:31:fb:30:
                    d4:d6:23:59:94:89:fa:99:b4:16:d8:04:63:d0:c3:
                    a9:2d:be:ff:6a:84:c7:54:bb:e8:eb:bd:16:5b:88:
                    33:10:1b:6e:20:4f:60:49:56:09:86:dc:95:fc:c5:
                    d9:2c:de:03:32:88:fc:3a:84:06:48:92:10:7c:2d:
                    b9:6a:25:fd:93:c0:51:75:bd:54:e7:ba:0b:bb:d8:
                    b3:f5:60:55:9e:c7:06:70:fd:f3:f0:13:8e:a8:33:
                    17:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:60:7B:07:9D:3D:65:C3:D3:DE:FB:C8:28:BE:34:22:10:C9:C4:A2
            X509v3 Authority Key Identifier:
                20:1D:40:05:AB:57:09:3B:3A:83:BE:19:65:15:EB:74:EF:0C:0D:D7
            Authority Information Access:
                CA Issuers - URI:http://url-for-aia/Root.cer
            X509v3 CRL Distribution Points:
                Full Name:
                  URI:http://url-for-crl/Root.crl
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        12:3c:5d:46:a3:a4:11:4c:f6:d7:cc:92:61:b0:fd:ec:b6:12:
        37:3f:52:43:39:5e:8b:ff:5f:a9:09:3e:3b:3a:e4:c9:ec:59:
        00:8d:08:12:f9:b5:bd:8b:f4:41:dd:ff:d4:5c:5f:58:e7:e7:
        8c:a9:96:60:f0:78:27:7c:ca:da:24:67:93:ff:72:58:50:6b:
        8c:f2:11:da:8b:27:1b:68:9a:e0:9d:59:78:64:0d:d1:c4:c2:
        72:5f:9f:ef:32:d6:65:10:38:62:54:97:d5:03:cf:c4:a5:34:
        f6:d2:d0:dd:b4:fc:08:49:2d:43:55:7c:2d:43:a1:1c:30:65:
        b2:30:f8:5a:0a:ce:e8:1e:ad:c0:41:2d:d3:a2:64:76:3b:e8:
        82:3a:5b:93:f3:e8:84:de:7e:20:8d:05:06:2b:82:fd:6d:7c:
        35:6a:04:05:c0:6c:1b:91:6d:db:b3:a7:a5:35:42:9f:af:69:
        22:81:a9:f7:58:1c:fc:f1:31:54:26:f6:c5:b9:67:d0:da:eb:
        01:bd:69:10:de:ea:d3:95:29:ab:f2:59:8d:62:b9:01:b2:32:
        75:b7:47:3c:39:51:5d:be:46:48:da:19:f2:a8:61:8c:5f:cf:
        9c:a9:c9:92:a8:4e:ef:5c:8a:3f:73:fd:38:91:c2:90:33:c6:
        60:8e:67:22
-----BEGIN CERTIFICATE-----
MIIDgDCCAmigAwIBAgIUVONNfV79E3ufMlXzd1XmOVJv70AwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJw42mG4rQ2q3kTfUngBgon7X738qXnQjRBcPE63tUM2vAU6
DE5UiABF+zMlys86qq2k3tIuwVNEuPVY5ycZWnA0ccdNdx9T8ma5eejCEIwvXRkX
fuMmfgxdjq6FAfcFrM4YXXyk+vw45hhjpUzQo8uj5ketX+wy/BECh8v6h8k4qriy
fpiZG07zAfxIamClKYA8DFAjOq4KptQpaR4VNO2TMfsw1NYjWZSJ+pm0FtgEY9DD
qS2+/2qEx1S76Ou9FluIMxAbbiBPYElWCYbclfzF2SzeAzKI/DqEBkiSEHwtuWol
/ZPAUXW9VOe6C7vYs/VgVZ7HBnD98/ATjqgzF/8CAwEAAaOByzCByDAdBgNVHQ4E
FgQUXmB7B509ZcPT3vvIKL40IhDJxKIwHwYDVR0jBBgwFoAUIB1ABatXCTs6g74Z
ZRXrdO8MDdcwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MA0GCSqGSIb3DQEBCwUAA4IBAQASPF1Go6QRTPbXzJJhsP3sthI3P1JDOV6L/1+p
CT47OuTJ7FkAjQgS+bW9i/RB3f/UXF9Y5+eMqZZg8HgnfMraJGeT/3JYUGuM8hHa
iycbaJrgnVl4ZA3RxMJyX5/vMtZlEDhiVJfVA8/EpTT20tDdtPwISS1DVXwtQ6Ec
MGWyMPhaCs7oHq3AQS3TomR2O+iCOluT8+iE3n4gjQUGK4L9bXw1agQFwGwbkW3b
s6elNUKfr2kigan3WBz88TFUJvbFuWfQ2usBvWkQ3urTlSmr8lmNYrkBsjJ1t0c8
OVFdvkZI2hnyqGGMX8+cqcmSqE7vXIo/c/04kcKQM8Zgjmci
-----END CERTIFICATE-----

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:e3:4d:7d:5e:fd:13:7b:9f:32:55:f3:77:55:e6:39:52:6f:ef:3f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Root
        Validity
            Not Before: Oct  5 12:00:00 2021 GMT
            Not After : Oct  5 12:00:00 2022 GMT
        Subject: CN=Root
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9d:78:55:f3:0c:19:87:95:61:61:db:6c:07:71:
                    bb:94:fd:a5:8d:cc:a7:b2:d6:0a:36:85:0a:07:1c:
                    6b:e2:06:63:06:2b:ca:c6:ac:a8:fe:9b:02:f4:c0:
                    bc:cf:12:cd:49:18:2c:90:35:55:16:a1:2b:49:77:
                    0a:a3:e2:04:22:e8:2c:58:21:7c:f4:b6:bd:19:61:
                    c6:50:4f:a8:0f:b1:e9:96:e7:fc:f6:1d:bb:ad:58:
                    69:25:e9:db:6d:91:cc:61:2b:e5:93:9d:a9:37:c3:
                    f3:29:74:58:cd:b9:85:48:b8:ca:49:14:7b:18:54:
                    ee:c5:c7:18:98:48:91:f8:c2:c2:ec:15:67:27:bf:
                    a6:1b:29:25:97:67:ce:07:25:13:56:1a:b0:42:c8:
                    1d:1b:33:49:83:f4:da:67:52:79:22:3c:0d:9f:0c:
                    e5:91:87:5f:fe:f6:43:70:bc:2f:68:c8:d6:37:8f:
                    cf:97:7b:c9:d6:3f:9e:06:c6:b0:ea:20:b6:7f:b0:
                    33:a0:0f:5b:05:2a:1a:02:b9:22:80:d8:1a:bb:dc:
                    81:db:68:cb:d7:c1:99:6e:34:f7:f5:b2:72:94:94:
                    c4:0e:04:8c:6d:b7:5f:6b:bb:c5:3f:6b:50:08:42:
                    9a:cc:5f:41:96:ff:a2:fd:67:37:38:77:6f:d3:f4:
                    2c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:1D:40:05:AB:57:09:3B:3A:83:BE:19:65:15:EB:74:EF:0C:0D:D7
            X509v3 Authority Key Identifier:
                20:1D:40:05:AB:57:09:3B:3A:83:BE:19:65:15:EB:74:EF:0C:0D:D7
            Authority Information Access:
                CA Issuers - URI:http://url-for-aia/Root.cer
            X509v3 CRL Distribution Points:
                Full Name:
                  URI:http://url-for-crl/Root.crl
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        24:3d:9b:fe:64:91:03:db:33:58:d3:74:2a:57:a5:82:48:28:
        80:2e:57:82:09:ff:3d:6e:1a:f4:2d:c3:ee:90:9b:07:88:1d:
        25:97:65:5b:ef:90:54:b4:61:86:4c:15:5e:1a:a5:ee:d4:41:
        af:6f:0a:2b:4e:b0:75:bd:d8:2c:8e:20:e9:6f:7a:d1:1b:4a:
        b6:2d:c6:60:be:cb:56:7d:f1:c3:06:03:cd:c4:23:25:1f:09:
        f5:44:d1:7c:9e:48:29:b4:a6:a7:55:40:f7:11:05:dc:45:5c:
        45:3f:2d:a6:23:54:e7:74:a8:d8:a3:81:23:00:77:64:9c:d3:
        1e:f1:f1:33:b6:a5:21:8e:af:a9:14:f5:37:6a:e3:6f:82:9f:
        65:6d:ab:de:0a:a5:29:62:d9:01:57:bf:69:48:c9:93:be:c2:
        2d:4b:e6:ed:0e:1e:e5:d8:fe:9c:8b:fc:36:09:08:45:f8:31:
        45:21:22:0b:62:c3:61:82:8f:65:bb:01:14:37:c2:b0:31:2f:
        a2:40:b9:91:21:54:50:b6:24:39:6b:c1:a5:90:3f:b4:77:9c:
        13:d7:0a:dc:3d:85:ef:77:fa:53:6b:fc:cf:8a:3e:45:db:5c:
        8b:4b:6b:a5:d8:ee:0b:19:f2:c1:a3:02:e0:ba:36:43:c8:e8:
        8b:c8:9a:2f
-----BEGIN CERTIFICATE-----
MIIDeDCCAmCgAwIBAgIUVONNfV79E3ufMlXzd1XmOVJv7z8wDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCdeFXzDBmHlWFh22wHcbuU/aWNzKey1go2hQoHHGviBmMGK8rGrKj+mwL0
wLzPEs1JGCyQNVUWoStJdwqj4gQi6CxYIXz0tr0ZYcZQT6gPsemW5/z2HbutWGkl
6dttkcxhK+WTnak3w/MpdFjNuYVIuMpJFHsYVO7FxxiYSJH4wsLsFWcnv6YbKSWX
Z84HJRNWGrBCyB0bM0mD9NpnUnkiPA2fDOWRh1/+9kNwvC9oyNY3j8+Xe8nWP54G
xrDqILZ/sDOgD1sFKhoCuSKA2Bq73IHbaMvXwZluNPf1snKUlMQOBIxtt19ru8U/
a1AIQprMX0GW/6L9Zzc4d2/T9CyTAgMBAAGjgcswgcgwHQYDVR0OBBYEFCAdQAWr
Vwk7OoO+GWUV63TvDA3XMB8GA1UdIwQYMBaAFCAdQAWrVwk7OoO+GWUV63TvDA3X
MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
b290LmNybDAOBgNVHQ8BAf8EBAMCBaAwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
9w0BAQsFAAOCAQEAJD2b/mSRA9szWNN0KlelgkgogC5Xggn/PW4a9C3D7pCbB4gd
JZdlW++QVLRhhkwVXhql7tRBr28KK06wdb3YLI4g6W960RtKti3GYL7LVn3xwwYD
zcQjJR8J9UTRfJ5IKbSmp1VA9xEF3EVcRT8tpiNU53So2KOBIwB3ZJzTHvHxM7al
IY6vqRT1N2rjb4KfZW2r3gqlKWLZAVe/aUjJk77CLUvm7Q4e5dj+nIv8NgkIRfgx
RSEiC2LDYYKPZbsBFDfCsDEvokC5kSFUULYkOWvBpZA/tHecE9cK3D2F73f6U2v8
z4o+Rdtci0trpdjuCxnywaMC4Lo2Q8joi8iaLw==
-----END CERTIFICATE-----