| [Created by: generate-chains.py] |
| |
| Certificate chain where the leaf certificate asserts the keyCertSign key |
| usage, however does not have CA=true in the basic constraints extension to |
| indicate it is a CA. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 0d:e0:65:d2:8a:72:7c:60:7d:f8:7e:88:6d:f0:a6:80:23:e1:38:a9 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Oct 5 12:00:00 2021 GMT |
| Not After : Oct 5 12:00:00 2022 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| RSA Public-Key: (2048 bit) |
| Modulus: |
| 00:d5:97:4d:ce:b9:89:7b:00:4f:e4:1f:f6:b0:1d: |
| 26:7d:c5:42:70:21:40:3a:a6:f9:07:5b:11:c6:fb: |
| 0f:8e:79:46:78:ad:34:71:46:b4:fa:96:75:06:c8: |
| 3e:c7:e9:1a:ae:f0:47:7f:4b:53:4a:f2:46:83:89: |
| 92:b0:11:11:0c:04:7c:33:e1:4b:7e:b5:b5:b2:54: |
| a7:28:64:31:7b:e2:5c:4a:00:30:3f:8c:21:e0:61: |
| f6:15:e8:20:03:bf:ce:d3:b4:ec:6e:27:88:fb:a9: |
| b0:9a:73:79:26:46:55:a3:05:ac:25:ba:6f:24:3c: |
| 17:7d:17:6c:25:ad:14:68:0b:fd:a6:d6:5f:5a:9a: |
| 4a:9d:6d:86:e5:77:b9:50:9c:40:2b:40:af:1d:92: |
| 4e:22:7a:c1:eb:57:17:16:4d:fa:12:e3:8c:25:8e: |
| 8d:4b:74:4f:3e:67:cd:84:2a:63:46:43:3c:45:7f: |
| ad:bc:dd:5c:00:46:7e:25:36:43:d9:98:15:a1:f4: |
| f6:29:5d:54:9d:20:b8:b6:e1:4c:e3:f1:3c:91:47: |
| 9d:eb:d7:f8:a2:f1:c5:f8:bc:7b:bf:bd:40:38:39: |
| 01:3b:98:33:12:d9:de:c6:f9:eb:4b:e3:82:8e:98: |
| 4b:28:1b:cd:ba:22:d5:b3:02:12:fc:40:86:ec:3e: |
| e7:51 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 1B:6F:D1:A8:67:1C:5F:A0:86:1B:FF:7B:E0:F4:72:33:CF:7C:F0:26 |
| X509v3 Authority Key Identifier: |
| keyid:B2:C0:C2:33:FD:8F:F5:37:4B:52:85:82:DD:31:5D:CE:A2:99:71:D0 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment, Certificate Sign |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 06:a9:9a:f5:d2:51:8d:b1:ce:45:ae:22:20:c9:61:c3:28:71: |
| ca:cf:e3:f7:86:a8:62:8d:88:90:f0:b5:8a:a0:04:e4:aa:34: |
| 95:f6:c9:91:50:b0:79:c8:6d:ef:19:cd:f1:ae:2b:7f:3f:e6: |
| da:99:a6:bb:28:55:f9:8b:4e:e2:90:bf:d9:1d:6b:3b:2c:53: |
| 0e:3b:7e:ba:d8:3f:83:18:02:43:01:e2:de:d6:98:47:bb:72: |
| 62:5f:f0:90:61:07:fa:ca:15:d2:d1:f3:61:b9:f3:0a:3a:13: |
| 43:7a:fb:50:01:63:e9:b6:0c:f4:1a:90:22:21:9d:3e:68:4e: |
| 46:d8:a1:4d:67:58:26:58:c8:30:0f:d5:6e:f0:28:2c:cc:5a: |
| 70:75:a3:1a:98:0d:4e:f2:bf:dd:9d:d1:72:3c:85:57:3d:eb: |
| 77:11:5f:c3:a7:01:82:15:fe:86:cd:b0:6c:9b:2b:5b:48:0e: |
| 35:d6:4c:10:39:aa:b7:69:d5:5b:b0:af:17:4b:26:6d:01:ea: |
| 55:3d:74:2e:e5:df:f6:7a:d2:78:81:73:42:2a:bb:72:a5:1f: |
| 17:25:6b:36:65:42:96:2f:6c:8e:d3:65:b5:95:10:13:99:9d: |
| bb:ea:9f:cf:42:a5:9f:57:3e:f5:fc:47:d6:cf:a3:33:b4:96: |
| 92:f1:ba:a2 |
| -----BEGIN CERTIFICATE----- |
| MIIDoDCCAoigAwIBAgIUDeBl0opyfGB9+H6IbfCmgCPhOKkwDQYJKoZIhvcNAQEL |
| BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy |
| MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF |
| AAOCAQ8AMIIBCgKCAQEA1ZdNzrmJewBP5B/2sB0mfcVCcCFAOqb5B1sRxvsPjnlG |
| eK00cUa0+pZ1Bsg+x+karvBHf0tTSvJGg4mSsBERDAR8M+FLfrW1slSnKGQxe+Jc |
| SgAwP4wh4GH2FeggA7/O07TsbieI+6mwmnN5JkZVowWsJbpvJDwXfRdsJa0UaAv9 |
| ptZfWppKnW2G5Xe5UJxAK0CvHZJOInrB61cXFk36EuOMJY6NS3RPPmfNhCpjRkM8 |
| RX+tvN1cAEZ+JTZD2ZgVofT2KV1UnSC4tuFM4/E8kUed69f4ovHF+Lx7v71AODkB |
| O5gzEtnexvnrS+OCjphLKBvNuiLVswIS/ECG7D7nUQIDAQABo4HpMIHmMB0GA1Ud |
| DgQWBBQbb9GoZxxfoIYb/3vg9HIzz3zwJjAfBgNVHSMEGDAWgBSywMIz/Y/1N0tS |
| hYLdMV3Ooplx0DA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91 |
| cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0 |
| dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIC |
| pDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD |
| ggEBAAapmvXSUY2xzkWuIiDJYcMoccrP4/eGqGKNiJDwtYqgBOSqNJX2yZFQsHnI |
| be8ZzfGuK38/5tqZprsoVfmLTuKQv9kdazssUw47frrYP4MYAkMB4t7WmEe7cmJf |
| 8JBhB/rKFdLR82G58wo6E0N6+1ABY+m2DPQakCIhnT5oTkbYoU1nWCZYyDAP1W7w |
| KCzMWnB1oxqYDU7yv92d0XI8hVc963cRX8OnAYIV/obNsGybK1tIDjXWTBA5qrdp |
| 1VuwrxdLJm0B6lU9dC7l3/Z60niBc0Iqu3KlHxclazZlQpYvbI7TZbWVEBOZnbvq |
| n89CpZ9XPvX8R9bPozO0lpLxuqI= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 03:1e:f6:e0:d5:64:b5:71:7d:eb:f5:6d:bf:03:da:71:a6:d9:eb:26 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Oct 5 12:00:00 2021 GMT |
| Not After : Oct 5 12:00:00 2022 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| RSA Public-Key: (2048 bit) |
| Modulus: |
| 00:c6:14:bf:96:32:0d:cf:bb:58:2a:b4:3c:97:e5: |
| 6c:22:92:ff:d3:14:e2:b9:0b:c9:fe:0d:09:d0:c6: |
| b5:48:ed:e0:2a:25:04:2e:16:08:6b:55:da:d1:f3: |
| b1:c1:1a:49:85:33:f4:bb:7c:d6:38:45:c8:af:4d: |
| d4:a9:43:a7:56:cf:9c:40:a5:2b:b8:13:7f:ee:6b: |
| fe:98:3b:ed:74:2a:5e:c7:9f:7c:e0:73:6c:a7:c4: |
| d8:f1:e3:55:79:6c:02:7c:b4:e8:3f:1a:93:57:62: |
| 3a:86:5b:24:db:70:f2:fd:94:91:95:6b:68:72:73: |
| 31:44:a5:36:32:e6:77:37:bb:e1:cb:6d:b5:aa:20: |
| 3a:02:7e:ff:44:6d:79:e4:7d:e6:d3:72:92:e9:59: |
| 92:57:ff:be:e8:e2:d9:84:47:f8:a9:f6:11:ee:cf: |
| 5b:7f:92:d8:19:44:7f:96:40:52:19:09:80:af:2f: |
| 36:65:14:9a:fe:ef:aa:aa:c9:00:fb:ac:d3:87:59: |
| 14:ab:69:52:4c:4f:87:0f:74:49:ab:c5:f2:fb:73: |
| 23:c0:91:c9:93:82:6f:28:8d:23:f9:2d:f3:92:cc: |
| f5:68:20:86:0d:37:35:d7:46:da:dd:4a:fc:92:3b: |
| 32:a2:67:ba:f5:b3:49:13:76:e9:5e:78:a0:86:3e: |
| de:2d |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| B2:C0:C2:33:FD:8F:F5:37:4B:52:85:82:DD:31:5D:CE:A2:99:71:D0 |
| X509v3 Authority Key Identifier: |
| keyid:24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 7b:29:9f:c7:c8:ce:5d:3f:cd:53:a3:2a:6e:8e:02:7a:b7:22: |
| 6d:02:dc:50:3b:51:bc:25:b7:4f:d4:97:6d:c3:3c:dc:f2:17: |
| be:47:94:48:14:db:9f:89:73:18:b2:75:a6:91:92:5d:84:54: |
| d8:6c:f9:fe:e4:1f:be:53:e7:9d:c2:df:59:a0:ba:63:b6:67: |
| db:05:a1:a5:0a:f9:9b:8a:b4:33:71:1b:a9:c7:91:9a:fa:c4: |
| 2e:f9:2d:6a:7d:f3:34:81:51:72:99:4f:74:00:95:9a:9d:19: |
| ee:6d:1b:b0:25:5d:ae:e5:fa:9a:ac:a6:ff:9b:63:51:f4:93: |
| 41:bc:35:5b:da:f3:64:4c:53:46:23:07:08:1e:82:ff:86:25: |
| fd:6e:26:dc:f2:bb:e9:62:84:24:ac:a0:f3:18:29:02:9a:11: |
| 1e:30:c5:db:8e:cc:ef:f0:4b:75:25:1e:8e:8d:3b:81:93:ec: |
| 25:d3:56:f6:a8:7c:85:f6:9c:6e:ff:c8:c3:dd:58:c7:3e:d3: |
| 4a:a2:23:88:81:fd:25:6d:40:8f:e7:94:1c:a7:62:48:cd:de: |
| 7a:22:de:55:4c:00:4a:75:e2:3d:29:a6:c1:c8:f0:69:cb:b1: |
| de:0c:37:49:dd:8a:5a:88:63:8c:8b:e9:44:a2:a8:9a:18:d9: |
| d5:33:07:ec |
| -----BEGIN CERTIFICATE----- |
| MIIDgDCCAmigAwIBAgIUAx724NVktXF96/VtvwPacabZ6yYwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw |
| MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD |
| ggEPADCCAQoCggEBAMYUv5YyDc+7WCq0PJflbCKS/9MU4rkLyf4NCdDGtUjt4Col |
| BC4WCGtV2tHzscEaSYUz9Lt81jhFyK9N1KlDp1bPnEClK7gTf+5r/pg77XQqXsef |
| fOBzbKfE2PHjVXlsAny06D8ak1diOoZbJNtw8v2UkZVraHJzMUSlNjLmdze74ctt |
| taogOgJ+/0RteeR95tNykulZklf/vuji2YRH+Kn2Ee7PW3+S2BlEf5ZAUhkJgK8v |
| NmUUmv7vqqrJAPus04dZFKtpUkxPhw90SavF8vtzI8CRyZOCbyiNI/kt85LM9Wgg |
| hg03NddG2t1K/JI7MqJnuvWzSRN26V54oIY+3i0CAwEAAaOByzCByDAdBgNVHQ4E |
| FgQUssDCM/2P9TdLUoWC3TFdzqKZcdAwHwYDVR0jBBgwFoAUJNu03j4/qh2wV3od |
| fM2G6WvQFW8wNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs |
| LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m |
| b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ |
| MA0GCSqGSIb3DQEBCwUAA4IBAQB7KZ/HyM5dP81ToypujgJ6tyJtAtxQO1G8JbdP |
| 1Jdtwzzc8he+R5RIFNufiXMYsnWmkZJdhFTYbPn+5B++U+edwt9ZoLpjtmfbBaGl |
| CvmbirQzcRupx5Ga+sQu+S1qffM0gVFymU90AJWanRnubRuwJV2u5fqarKb/m2NR |
| 9JNBvDVb2vNkTFNGIwcIHoL/hiX9bibc8rvpYoQkrKDzGCkCmhEeMMXbjszv8Et1 |
| JR6OjTuBk+wl01b2qHyF9pxu/8jD3VjHPtNKoiOIgf0lbUCP55Qcp2JIzd56It5V |
| TABKdeI9KabByPBpy7HeDDdJ3YpaiGOMi+lEoqiaGNnVMwfs |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 03:1e:f6:e0:d5:64:b5:71:7d:eb:f5:6d:bf:03:da:71:a6:d9:eb:25 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Oct 5 12:00:00 2021 GMT |
| Not After : Oct 5 12:00:00 2022 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| RSA Public-Key: (2048 bit) |
| Modulus: |
| 00:e4:4e:96:f6:de:02:05:e7:16:80:fa:ed:b1:3c: |
| f3:19:ea:7b:d2:fe:ed:93:b7:09:37:7d:c1:98:9b: |
| 65:a9:84:09:72:cd:e5:d8:da:21:44:c2:2e:92:95: |
| 12:fe:35:0c:66:34:ad:f3:4f:c5:2f:d0:2e:57:41: |
| 1c:3b:ce:c9:51:17:05:eb:06:f7:4f:fb:6e:27:9d: |
| 06:d8:10:87:f4:97:5f:0f:9d:5d:d7:2b:d3:3b:21: |
| 5b:5a:8f:20:e0:97:16:7b:15:39:d6:3f:ff:1d:06: |
| 53:74:62:78:68:5b:ed:c2:05:e7:86:8b:1a:63:3a: |
| d3:e4:a9:25:8f:0e:92:13:df:39:d6:31:82:bf:bd: |
| ef:d4:21:9d:0e:7f:c9:90:ef:1d:c5:f3:c4:00:1e: |
| 4a:03:61:f4:5e:cf:e9:58:e5:12:49:37:31:49:89: |
| 54:d8:59:40:78:eb:e2:3f:75:9c:a5:ff:1c:33:b8: |
| 6c:26:26:5a:8f:28:12:1f:4e:81:e5:a6:aa:dd:c6: |
| d9:c9:94:6a:15:3c:9e:7a:59:29:92:cb:7a:f5:67: |
| c4:d4:dd:4c:c5:6e:fb:b3:c2:5a:9d:f1:0b:35:17: |
| 92:b6:85:dc:fd:45:c5:3f:13:f3:cd:fc:bc:b6:59: |
| c0:17:0b:ce:b3:e1:47:d1:2f:34:74:a4:5c:ba:a9: |
| cf:0d |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F |
| X509v3 Authority Key Identifier: |
| keyid:24:DB:B4:DE:3E:3F:AA:1D:B0:57:7A:1D:7C:CD:86:E9:6B:D0:15:6F |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 29:e6:c6:f3:9d:9a:53:9b:3c:f8:79:c9:e3:d3:33:c6:2f:1c: |
| 50:a2:de:7d:69:75:40:75:ba:af:8a:61:b0:f2:fc:3c:39:01: |
| df:d6:c2:f6:df:a1:a5:3f:b3:f1:8e:09:3a:fb:87:ca:4c:cd: |
| 5f:89:ca:d1:5d:d1:38:94:36:af:52:32:e3:67:9b:ad:6a:e6: |
| f9:dc:92:1e:35:dd:81:9d:d7:5d:ce:75:14:74:2b:4a:16:ef: |
| a0:74:ee:76:a5:4b:90:70:6f:de:d8:0a:1b:e3:0c:b5:f5:33: |
| eb:74:dc:8e:f8:ef:a8:0e:52:74:b8:d4:4e:fb:42:e5:3d:8c: |
| c3:71:d8:99:df:bf:c3:bf:87:e6:cd:84:89:ac:df:5d:c7:a6: |
| 8e:b5:10:a5:8a:2f:66:3f:2f:79:c6:e7:9b:76:3b:5e:4f:ce: |
| cf:cc:24:bd:6d:38:6d:b8:17:a6:31:ed:c2:d9:81:84:74:f6: |
| 94:a9:6a:28:52:56:cd:a8:62:8d:c7:2f:73:e5:db:8e:f0:9d: |
| a3:c9:b7:c4:07:10:99:be:b7:9f:66:bf:b1:51:30:ee:f5:55: |
| ba:1e:39:a8:73:ca:10:68:7e:29:c7:42:9f:01:6b:47:cd:47: |
| 08:52:80:3d:b1:f0:94:a7:35:21:37:47:d8:d9:c8:5a:a5:be: |
| 75:37:89:fb |
| -----BEGIN CERTIFICATE----- |
| MIIDeDCCAmCgAwIBAgIUAx724NVktXF96/VtvwPacabZ6yUwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw |
| MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK |
| AoIBAQDkTpb23gIF5xaA+u2xPPMZ6nvS/u2Ttwk3fcGYm2WphAlyzeXY2iFEwi6S |
| lRL+NQxmNK3zT8Uv0C5XQRw7zslRFwXrBvdP+24nnQbYEIf0l18PnV3XK9M7IVta |
| jyDglxZ7FTnWP/8dBlN0YnhoW+3CBeeGixpjOtPkqSWPDpIT3znWMYK/ve/UIZ0O |
| f8mQ7x3F88QAHkoDYfRez+lY5RJJNzFJiVTYWUB46+I/dZyl/xwzuGwmJlqPKBIf |
| ToHlpqrdxtnJlGoVPJ56WSmSy3r1Z8TU3UzFbvuzwlqd8Qs1F5K2hdz9RcU/E/PN |
| /Ly2WcAXC86z4UfRLzR0pFy6qc8NAgMBAAGjgcswgcgwHQYDVR0OBBYEFCTbtN4+ |
| P6odsFd6HXzNhulr0BVvMB8GA1UdIwQYMBaAFCTbtN4+P6odsFd6HXzNhulr0BVv |
| MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh |
| L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S |
| b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG |
| 9w0BAQsFAAOCAQEAKebG852aU5s8+HnJ49Mzxi8cUKLefWl1QHW6r4phsPL8PDkB |
| 39bC9t+hpT+z8Y4JOvuHykzNX4nK0V3ROJQ2r1Iy42ebrWrm+dySHjXdgZ3XXc51 |
| FHQrShbvoHTudqVLkHBv3tgKG+MMtfUz63TcjvjvqA5SdLjUTvtC5T2Mw3HYmd+/ |
| w7+H5s2EiazfXcemjrUQpYovZj8vecbnm3Y7Xk/Oz8wkvW04bbgXpjHtwtmBhHT2 |
| lKlqKFJWzahijccvc+XbjvCdo8m3xAcQmb63n2a/sVEw7vVVuh45qHPKEGh+KcdC |
| nwFrR81HCFKAPbHwlKc1ITdH2NnIWqW+dTeJ+w== |
| -----END CERTIFICATE----- |
