• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1[Created by: generate-chains.py]
2
3Certificate chain where the leaf certificate asserts the keyCertSign key
4usage, however does not have CA=true in the basic constraints extension to
5indicate it is a CA.
6
7Certificate:
8    Data:
9        Version: 3 (0x2)
10        Serial Number:
11            0d:e0:65:d2:8a:72:7c:60:7d:f8:7e:88:6d:f0:a6:80:23:e1:38:a9
12        Signature Algorithm: sha256WithRSAEncryption
13        Issuer: CN=Intermediate
14        Validity
15            Not Before: Oct  5 12:00:00 2021 GMT
16            Not After : Oct  5 12:00:00 2022 GMT
17        Subject: CN=Target
18        Subject Public Key Info:
19            Public Key Algorithm: rsaEncryption
20                RSA Public-Key: (2048 bit)
21                Modulus:
22                    00:d5:97:4d:ce:b9:89:7b:00:4f:e4:1f:f6:b0:1d:
23                    26:7d:c5:42:70:21:40:3a:a6:f9:07:5b:11:c6:fb:
24                    0f:8e:79:46:78:ad:34:71:46:b4:fa:96:75:06:c8:
25                    3e:c7:e9:1a:ae:f0:47:7f:4b:53:4a:f2:46:83:89:
26                    92:b0:11:11:0c:04:7c:33:e1:4b:7e:b5:b5:b2:54:
27                    a7:28:64:31:7b:e2:5c:4a:00:30:3f:8c:21:e0:61:
28                    f6:15:e8:20:03:bf:ce:d3:b4:ec:6e:27:88:fb:a9:
29                    b0:9a:73:79:26:46:55:a3:05:ac:25:ba:6f:24:3c:
30                    17:7d:17:6c:25:ad:14:68:0b:fd:a6:d6:5f:5a:9a:
31                    4a:9d:6d:86:e5:77:b9:50:9c:40:2b:40:af:1d:92:
32                    4e:22:7a:c1:eb:57:17:16:4d:fa:12:e3:8c:25:8e:
33                    8d:4b:74:4f:3e:67:cd:84:2a:63:46:43:3c:45:7f:
34                    ad:bc:dd:5c:00:46:7e:25:36:43:d9:98:15:a1:f4:
35                    f6:29:5d:54:9d:20:b8:b6:e1:4c:e3:f1:3c:91:47:
36                    9d:eb:d7:f8:a2:f1:c5:f8:bc:7b:bf:bd:40:38:39:
37                    01:3b:98:33:12:d9:de:c6:f9:eb:4b:e3:82:8e:98:
38                    4b:28:1b:cd:ba:22:d5:b3:02:12:fc:40:86:ec:3e:
39                    e7:51
40                Exponent: 65537 (0x10001)
41        X509v3 extensions:
42            X509v3 Subject Key Identifier:
43                1B:6F:D1:A8:67:1C:5F:A0:86:1B:FF:7B:E0:F4:72:33:CF:7C:F0:26
44            X509v3 Authority Key Identifier:
45                keyid:B2:C0:C2:33:FD:8F:F5:37:4B:52:85:82:DD:31:5D:CE:A2:99:71:D0
46
47            Authority Information Access:
48                CA Issuers - URI:http://url-for-aia/Intermediate.cer
49
50            X509v3 CRL Distribution Points:
51
52                Full Name:
53                  URI:http://url-for-crl/Intermediate.crl
54
55            X509v3 Key Usage: critical
56                Digital Signature, Key Encipherment, Certificate Sign
57            X509v3 Extended Key Usage:
58                TLS Web Server Authentication, TLS Web Client Authentication
59    Signature Algorithm: sha256WithRSAEncryption
60         06:a9:9a:f5:d2:51:8d:b1:ce:45:ae:22:20:c9:61:c3:28:71:
61         ca:cf:e3:f7:86:a8:62:8d:88:90:f0:b5:8a:a0:04:e4:aa:34:
62         95:f6:c9:91:50:b0:79:c8:6d:ef:19:cd:f1:ae:2b:7f:3f:e6:
63         da:99:a6:bb:28:55:f9:8b:4e:e2:90:bf:d9:1d:6b:3b:2c:53:
64         0e:3b:7e:ba:d8:3f:83:18:02:43:01:e2:de:d6:98:47:bb:72:
65         62:5f:f0:90:61:07:fa:ca:15:d2:d1:f3:61:b9:f3:0a:3a:13:
66         43:7a:fb:50:01:63:e9:b6:0c:f4:1a:90:22:21:9d:3e:68:4e:
67         46:d8:a1:4d:67:58:26:58:c8:30:0f:d5:6e:f0:28:2c:cc:5a:
68         70:75:a3:1a:98:0d:4e:f2:bf:dd:9d:d1:72:3c:85:57:3d:eb:
69         77:11:5f:c3:a7:01:82:15:fe:86:cd:b0:6c:9b:2b:5b:48:0e:
70         35:d6:4c:10:39:aa:b7:69:d5:5b:b0:af:17:4b:26:6d:01:ea:
71         55:3d:74:2e:e5:df:f6:7a:d2:78:81:73:42:2a:bb:72:a5:1f:
72         17:25:6b:36:65:42:96:2f:6c:8e:d3:65:b5:95:10:13:99:9d:
73         bb:ea:9f:cf:42:a5:9f:57:3e:f5:fc:47:d6:cf:a3:33:b4:96:
74         92:f1:ba:a2
75-----BEGIN CERTIFICATE-----
76MIIDoDCCAoigAwIBAgIUDeBl0opyfGB9+H6IbfCmgCPhOKkwDQYJKoZIhvcNAQEL
77BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy
78MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
79AAOCAQ8AMIIBCgKCAQEA1ZdNzrmJewBP5B/2sB0mfcVCcCFAOqb5B1sRxvsPjnlG
80eK00cUa0+pZ1Bsg+x+karvBHf0tTSvJGg4mSsBERDAR8M+FLfrW1slSnKGQxe+Jc
81SgAwP4wh4GH2FeggA7/O07TsbieI+6mwmnN5JkZVowWsJbpvJDwXfRdsJa0UaAv9
82ptZfWppKnW2G5Xe5UJxAK0CvHZJOInrB61cXFk36EuOMJY6NS3RPPmfNhCpjRkM8
83RX+tvN1cAEZ+JTZD2ZgVofT2KV1UnSC4tuFM4/E8kUed69f4ovHF+Lx7v71AODkB
84O5gzEtnexvnrS+OCjphLKBvNuiLVswIS/ECG7D7nUQIDAQABo4HpMIHmMB0GA1Ud
85DgQWBBQbb9GoZxxfoIYb/3vg9HIzz3zwJjAfBgNVHSMEGDAWgBSywMIz/Y/1N0tS
86hYLdMV3Ooplx0DA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
87cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
88dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIC
89pDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
90ggEBAAapmvXSUY2xzkWuIiDJYcMoccrP4/eGqGKNiJDwtYqgBOSqNJX2yZFQsHnI
91be8ZzfGuK38/5tqZprsoVfmLTuKQv9kdazssUw47frrYP4MYAkMB4t7WmEe7cmJf
928JBhB/rKFdLR82G58wo6E0N6+1ABY+m2DPQakCIhnT5oTkbYoU1nWCZYyDAP1W7w
93KCzMWnB1oxqYDU7yv92d0XI8hVc963cRX8OnAYIV/obNsGybK1tIDjXWTBA5qrdp
941VuwrxdLJm0B6lU9dC7l3/Z60niBc0Iqu3KlHxclazZlQpYvbI7TZbWVEBOZnbvq
95n89CpZ9XPvX8R9bPozO0lpLxuqI=
96-----END CERTIFICATE-----
97
98Certificate:
99    Data:
100        Version: 3 (0x2)
101        Serial Number:
102            03:1e:f6:e0:d5:64:b5:71:7d:eb:f5:6d:bf:03:da:71:a6:d9:eb:26
103        Signature Algorithm: sha256WithRSAEncryption
104        Issuer: CN=Root
105        Validity
106            Not Before: Oct  5 12:00:00 2021 GMT
107            Not After : Oct  5 12:00:00 2022 GMT
108        Subject: CN=Intermediate
109        Subject Public Key Info:
110            Public Key Algorithm: rsaEncryption
111                RSA Public-Key: (2048 bit)
112                Modulus:
113                    00:c6:14:bf:96:32:0d:cf:bb:58:2a:b4:3c:97:e5:
114                    6c:22:92:ff:d3:14:e2:b9:0b:c9:fe:0d:09:d0:c6:
115                    b5:48:ed:e0:2a:25:04:2e:16:08:6b:55:da:d1:f3:
116                    b1:c1:1a:49:85:33:f4:bb:7c:d6:38:45:c8:af:4d:
117                    d4:a9:43:a7:56:cf:9c:40:a5:2b:b8:13:7f:ee:6b:
118                    fe:98:3b:ed:74:2a:5e:c7:9f:7c:e0:73:6c:a7:c4:
119                    d8:f1:e3:55:79:6c:02:7c:b4:e8:3f:1a:93:57:62:
120                    3a:86:5b:24:db:70:f2:fd:94:91:95:6b:68:72:73:
121                    31:44:a5:36:32:e6:77:37:bb:e1:cb:6d:b5:aa:20:
122                    3a:02:7e:ff:44:6d:79:e4:7d:e6:d3:72:92:e9:59:
123                    92:57:ff:be:e8:e2:d9:84:47:f8:a9:f6:11:ee:cf:
124                    5b:7f:92:d8:19:44:7f:96:40:52:19:09:80:af:2f:
125                    36:65:14:9a:fe:ef:aa:aa:c9:00:fb:ac:d3:87:59:
126                    14:ab:69:52:4c:4f:87:0f:74:49:ab:c5:f2:fb:73:
127                    23:c0:91:c9:93:82:6f:28:8d:23:f9:2d:f3:92:cc:
128                    f5:68:20:86:0d:37:35:d7:46:da:dd:4a:fc:92:3b:
129                    32:a2:67:ba:f5:b3:49:13:76:e9:5e:78:a0:86:3e:
130                    de:2d
131                Exponent: 65537 (0x10001)
132        X509v3 extensions:
133            X509v3 Subject Key Identifier:
134                B2:C0:C2:33:FD:8F:F5:37:4B:52:85:82:DD:31:5D:CE:A2:99:71:D0
135            X509v3 Authority Key Identifier:
136                keyid:24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F
137
138            Authority Information Access:
139                CA Issuers - URI:http://url-for-aia/Root.cer
140
141            X509v3 CRL Distribution Points:
142
143                Full Name:
144                  URI:http://url-for-crl/Root.crl
145
146            X509v3 Key Usage: critical
147                Certificate Sign, CRL Sign
148            X509v3 Basic Constraints: critical
149                CA:TRUE
150    Signature Algorithm: sha256WithRSAEncryption
151         7b:29:9f:c7:c8:ce:5d:3f:cd:53:a3:2a:6e:8e:02:7a:b7:22:
152         6d:02:dc:50:3b:51:bc:25:b7:4f:d4:97:6d:c3:3c:dc:f2:17:
153         be:47:94:48:14:db:9f:89:73:18:b2:75:a6:91:92:5d:84:54:
154         d8:6c:f9:fe:e4:1f:be:53:e7:9d:c2:df:59:a0:ba:63:b6:67:
155         db:05:a1:a5:0a:f9:9b:8a:b4:33:71:1b:a9:c7:91:9a:fa:c4:
156         2e:f9:2d:6a:7d:f3:34:81:51:72:99:4f:74:00:95:9a:9d:19:
157         ee:6d:1b:b0:25:5d:ae:e5:fa:9a:ac:a6:ff:9b:63:51:f4:93:
158         41:bc:35:5b:da:f3:64:4c:53:46:23:07:08:1e:82:ff:86:25:
159         fd:6e:26:dc:f2:bb:e9:62:84:24:ac:a0:f3:18:29:02:9a:11:
160         1e:30:c5:db:8e:cc:ef:f0:4b:75:25:1e:8e:8d:3b:81:93:ec:
161         25:d3:56:f6:a8:7c:85:f6:9c:6e:ff:c8:c3:dd:58:c7:3e:d3:
162         4a:a2:23:88:81:fd:25:6d:40:8f:e7:94:1c:a7:62:48:cd:de:
163         7a:22:de:55:4c:00:4a:75:e2:3d:29:a6:c1:c8:f0:69:cb:b1:
164         de:0c:37:49:dd:8a:5a:88:63:8c:8b:e9:44:a2:a8:9a:18:d9:
165         d5:33:07:ec
166-----BEGIN CERTIFICATE-----
167MIIDgDCCAmigAwIBAgIUAx724NVktXF96/VtvwPacabZ6yYwDQYJKoZIhvcNAQEL
168BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
169MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
170ggEPADCCAQoCggEBAMYUv5YyDc+7WCq0PJflbCKS/9MU4rkLyf4NCdDGtUjt4Col
171BC4WCGtV2tHzscEaSYUz9Lt81jhFyK9N1KlDp1bPnEClK7gTf+5r/pg77XQqXsef
172fOBzbKfE2PHjVXlsAny06D8ak1diOoZbJNtw8v2UkZVraHJzMUSlNjLmdze74ctt
173taogOgJ+/0RteeR95tNykulZklf/vuji2YRH+Kn2Ee7PW3+S2BlEf5ZAUhkJgK8v
174NmUUmv7vqqrJAPus04dZFKtpUkxPhw90SavF8vtzI8CRyZOCbyiNI/kt85LM9Wgg
175hg03NddG2t1K/JI7MqJnuvWzSRN26V54oIY+3i0CAwEAAaOByzCByDAdBgNVHQ4E
176FgQUssDCM/2P9TdLUoWC3TFdzqKZcdAwHwYDVR0jBBgwFoAUJNu03j4/qh2wV3od
177fM2G6WvQFW8wNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
178LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
179b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
180MA0GCSqGSIb3DQEBCwUAA4IBAQB7KZ/HyM5dP81ToypujgJ6tyJtAtxQO1G8JbdP
1811Jdtwzzc8he+R5RIFNufiXMYsnWmkZJdhFTYbPn+5B++U+edwt9ZoLpjtmfbBaGl
182CvmbirQzcRupx5Ga+sQu+S1qffM0gVFymU90AJWanRnubRuwJV2u5fqarKb/m2NR
1839JNBvDVb2vNkTFNGIwcIHoL/hiX9bibc8rvpYoQkrKDzGCkCmhEeMMXbjszv8Et1
184JR6OjTuBk+wl01b2qHyF9pxu/8jD3VjHPtNKoiOIgf0lbUCP55Qcp2JIzd56It5V
185TABKdeI9KabByPBpy7HeDDdJ3YpaiGOMi+lEoqiaGNnVMwfs
186-----END CERTIFICATE-----
187
188Certificate:
189    Data:
190        Version: 3 (0x2)
191        Serial Number:
192            03:1e:f6:e0:d5:64:b5:71:7d:eb:f5:6d:bf:03:da:71:a6:d9:eb:25
193        Signature Algorithm: sha256WithRSAEncryption
194        Issuer: CN=Root
195        Validity
196            Not Before: Oct  5 12:00:00 2021 GMT
197            Not After : Oct  5 12:00:00 2022 GMT
198        Subject: CN=Root
199        Subject Public Key Info:
200            Public Key Algorithm: rsaEncryption
201                RSA Public-Key: (2048 bit)
202                Modulus:
203                    00:e4:4e:96:f6:de:02:05:e7:16:80:fa:ed:b1:3c:
204                    f3:19:ea:7b:d2:fe:ed:93:b7:09:37:7d:c1:98:9b:
205                    65:a9:84:09:72:cd:e5:d8:da:21:44:c2:2e:92:95:
206                    12:fe:35:0c:66:34:ad:f3:4f:c5:2f:d0:2e:57:41:
207                    1c:3b:ce:c9:51:17:05:eb:06:f7:4f:fb:6e:27:9d:
208                    06:d8:10:87:f4:97:5f:0f:9d:5d:d7:2b:d3:3b:21:
209                    5b:5a:8f:20:e0:97:16:7b:15:39:d6:3f:ff:1d:06:
210                    53:74:62:78:68:5b:ed:c2:05:e7:86:8b:1a:63:3a:
211                    d3:e4:a9:25:8f:0e:92:13:df:39:d6:31:82:bf:bd:
212                    ef:d4:21:9d:0e:7f:c9:90:ef:1d:c5:f3:c4:00:1e:
213                    4a:03:61:f4:5e:cf:e9:58:e5:12:49:37:31:49:89:
214                    54:d8:59:40:78:eb:e2:3f:75:9c:a5:ff:1c:33:b8:
215                    6c:26:26:5a:8f:28:12:1f:4e:81:e5:a6:aa:dd:c6:
216                    d9:c9:94:6a:15:3c:9e:7a:59:29:92:cb:7a:f5:67:
217                    c4:d4:dd:4c:c5:6e:fb:b3:c2:5a:9d:f1:0b:35:17:
218                    92:b6:85:dc:fd:45:c5:3f:13:f3:cd:fc:bc:b6:59:
219                    c0:17:0b:ce:b3:e1:47:d1:2f:34:74:a4:5c:ba:a9:
220                    cf:0d
221                Exponent: 65537 (0x10001)
222        X509v3 extensions:
223            X509v3 Subject Key Identifier:
224                24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F
225            X509v3 Authority Key Identifier:
226                keyid:24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F
227
228            Authority Information Access:
229                CA Issuers - URI:http://url-for-aia/Root.cer
230
231            X509v3 CRL Distribution Points:
232
233                Full Name:
234                  URI:http://url-for-crl/Root.crl
235
236            X509v3 Key Usage: critical
237                Certificate Sign, CRL Sign
238            X509v3 Basic Constraints: critical
239                CA:TRUE
240    Signature Algorithm: sha256WithRSAEncryption
241         29:e6:c6:f3:9d:9a:53:9b:3c:f8:79:c9:e3:d3:33:c6:2f:1c:
242         50:a2:de:7d:69:75:40:75:ba:af:8a:61:b0:f2:fc:3c:39:01:
243         df:d6:c2:f6:df:a1:a5:3f:b3:f1:8e:09:3a:fb:87:ca:4c:cd:
244         5f:89:ca:d1:5d:d1:38:94:36:af:52:32:e3:67:9b:ad:6a:e6:
245         f9:dc:92:1e:35:dd:81:9d:d7:5d:ce:75:14:74:2b:4a:16:ef:
246         a0:74:ee:76:a5:4b:90:70:6f:de:d8:0a:1b:e3:0c:b5:f5:33:
247         eb:74:dc:8e:f8:ef:a8:0e:52:74:b8:d4:4e:fb:42:e5:3d:8c:
248         c3:71:d8:99:df:bf:c3:bf:87:e6:cd:84:89:ac:df:5d:c7:a6:
249         8e:b5:10:a5:8a:2f:66:3f:2f:79:c6:e7:9b:76:3b:5e:4f:ce:
250         cf:cc:24:bd:6d:38:6d:b8:17:a6:31:ed:c2:d9:81:84:74:f6:
251         94:a9:6a:28:52:56:cd:a8:62:8d:c7:2f:73:e5:db:8e:f0:9d:
252         a3:c9:b7:c4:07:10:99:be:b7:9f:66:bf:b1:51:30:ee:f5:55:
253         ba:1e:39:a8:73:ca:10:68:7e:29:c7:42:9f:01:6b:47:cd:47:
254         08:52:80:3d:b1:f0:94:a7:35:21:37:47:d8:d9:c8:5a:a5:be:
255         75:37:89:fb
256-----BEGIN CERTIFICATE-----
257MIIDeDCCAmCgAwIBAgIUAx724NVktXF96/VtvwPacabZ6yUwDQYJKoZIhvcNAQEL
258BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
259MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
260AoIBAQDkTpb23gIF5xaA+u2xPPMZ6nvS/u2Ttwk3fcGYm2WphAlyzeXY2iFEwi6S
261lRL+NQxmNK3zT8Uv0C5XQRw7zslRFwXrBvdP+24nnQbYEIf0l18PnV3XK9M7IVta
262jyDglxZ7FTnWP/8dBlN0YnhoW+3CBeeGixpjOtPkqSWPDpIT3znWMYK/ve/UIZ0O
263f8mQ7x3F88QAHkoDYfRez+lY5RJJNzFJiVTYWUB46+I/dZyl/xwzuGwmJlqPKBIf
264ToHlpqrdxtnJlGoVPJ56WSmSy3r1Z8TU3UzFbvuzwlqd8Qs1F5K2hdz9RcU/E/PN
265/Ly2WcAXC86z4UfRLzR0pFy6qc8NAgMBAAGjgcswgcgwHQYDVR0OBBYEFCTbtN4+
266P6odsFd6HXzNhulr0BVvMB8GA1UdIwQYMBaAFCTbtN4+P6odsFd6HXzNhulr0BVv
267MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
268L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
269b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
2709w0BAQsFAAOCAQEAKebG852aU5s8+HnJ49Mzxi8cUKLefWl1QHW6r4phsPL8PDkB
27139bC9t+hpT+z8Y4JOvuHykzNX4nK0V3ROJQ2r1Iy42ebrWrm+dySHjXdgZ3XXc51
272FHQrShbvoHTudqVLkHBv3tgKG+MMtfUz63TcjvjvqA5SdLjUTvtC5T2Mw3HYmd+/
273w7+H5s2EiazfXcemjrUQpYovZj8vecbnm3Y7Xk/Oz8wkvW04bbgXpjHtwtmBhHT2
274lKlqKFJWzahijccvc+XbjvCdo8m3xAcQmb63n2a/sVEw7vVVuh45qHPKEGh+KcdC
275nwFrR81HCFKAPbHwlKc1ITdH2NnIWqW+dTeJ+w==
276-----END CERTIFICATE-----
277