blob: 600b9ce2ecdce1b16ef52459ba5bb8ae7a530e8b [file] [log] [blame]
Includes extra certs
$ openssl ocsp -resp_text -respin <([OCSP RESPONSE])
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: CN = Test Intermediate CA
Produced At: Mar 2 00:00:00 2017 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 449B1C5B31C6E9990966523E49C3F773C024190A
Issuer Key Hash: FC6D3387CC3B39B049C755C46DF4395548930BCE
Serial Number: 04
Cert Status: good
This Update: Mar 1 00:00:00 2017 GMT
Signature Algorithm: sha1WithRSAEncryption
9b:7c:bb:20:00:86:92:61:6d:8f:6d:70:87:52:1b:ac:d5:0a:
97:ce:76:7b:c4:b4:a7:a8:1d:ea:2c:15:cc:d4:2e:7d:a2:8c:
53:4a:82:06:4a:b6:e2:d9:9b:aa:c4:63:66:94:7a:71:ba:d9:
4e:bc:90:11:56:75:56:aa:7c:34:73:1d:ad:1c:1b:a6:28:81:
ea:f9:a0:85:e6:4f:07:2e:43:63:49:1e:8f:78:b6:96:f4:8b:
4d:7f:58:b2:86:18:45:3a:72:5e:7f:d5:f5:f0:66:83:58:92:
03:4d:e2:1d:af:99:2a:f4:c9:10:24:a8:c7:87:16:7f:b9:76:
b1:ba
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=Test CA
Validity
Not Before: Jan 1 00:00:00 2017 GMT
Not After : Jan 1 00:00:00 2018 GMT
Subject: CN=Test Intermediate CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:b9:32:09:de:33:4a:4f:e2:04:73:49:d5:2e:2b:
83:92:3a:94:e4:1b:0c:27:1b:f8:43:83:17:b8:75:
f5:a4:af:e3:4c:84:3e:6c:48:79:76:df:4d:f5:39:
af:92:4b:c5:a0:86:ab:35:cc:19:6b:93:82:c0:f8:
44:4d:1a:14:5d:48:87:65:02:0e:b0:a8:96:d9:06:
19:3f:aa:85:2d:84:c0:78:19:a6:96:ab:26:56:f7:
6f:5a:1a:97:a2:01:88:00:99:10:8a:97:39:c8:22:
6e:de:e5:56:f4:a6:23:cd:ea:48:0e:65:67:a4:73:
a0:50:91:de:ba:cf:54:08:8f
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
48:d5:9f:8d:90:bc:4a:59:38:1d:2b:83:2d:71:1c:74:9d:01:
73:a0:b6:98:e7:1c:c2:22:66:23:33:0a:8f:64:ff:9c:6b:37:
09:12:1c:15:12:cb:c3:61:d9:ab:cd:96:dd:95:fa:a6:02:67:
3c:4c:ec:98:38:5c:fc:48:cc:85:a9:5b:49:2c:2b:06:66:07:
9e:31:0f:93:10:ab:3e:9f:97:60:64:01:61:7e:86:15:bb:5e:
f1:90:31:a3:54:d0:86:0e:80:05:87:09:2e:65:b6:95:89:5c:
c1:e5:80:d9:b8:81:b6:ed:1a:20:b8:9b:22:ce:ef:d0:26:47:
9d:57
~~~~~BEGIN CERTIFICATE~~~~~
MIIBqTCCARKgAwIBAgIBATANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDDAdUZXN0
IENBMCIYDzIwMTcwMTAxMDAwMDAwWhgPMjAxODAxMDEwMDAwMDBaMB8xHTAbBgNV
BAMMFFRlc3QgSW50ZXJtZWRpYXRlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
iQKBgQC5MgneM0pP4gRzSdUuK4OSOpTkGwwnG/hDgxe4dfWkr+NMhD5sSHl23031
Oa+SS8Wghqs1zBlrk4LA+ERNGhRdSIdlAg6wqJbZBhk/qoUthMB4GaaWqyZW929a
GpeiAYgAmRCKlznIIm7e5Vb0piPN6kgOZWekc6BQkd66z1QIjwIDAQABMA0GCSqG
SIb3DQEBBQUAA4GBAEjVn42QvEpZOB0rgy1xHHSdAXOgtpjnHMIiZiMzCo9k/5xr
NwkSHBUSy8Nh2avNlt2V+qYCZzxM7Jg4XPxIzIWpW0ksKwZmB54xD5MQqz6fl2Bk
AWF+hhW7XvGQMaNU0IYOgAWHCS5ltpWJXMHlgNm4gbbtGiC4myLO79AmR51X
~~~~~END CERTIFICATE~~~~~
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=Test Intermediate CA
Validity
Not Before: Jan 1 00:00:00 2017 GMT
Not After : Jan 1 00:00:00 2018 GMT
Subject: CN=Test OCSP Signer
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:c4:e7:57:6f:76:06:30:1c:60:f3:d9:e2:0f:20:
22:96:c4:2f:2e:3c:d6:96:3d:bf:08:09:b2:1a:ac:
6b:a5:f6:89:a8:67:d1:f1:2c:31:69:ec:5c:56:b1:
b0:8a:62:8b:b8:fe:c4:01:26:b2:ce:3b:ec:e3:0b:
f2:08:96:84:3d:b9:87:57:40:82:4d:32:42:44:dc:
e3:47:e5:1e:ad:52:a7:9b:6f:cd:d0:d3:34:8f:18:
59:01:0e:17:a3:4c:a0:20:c9:ff:bd:b4:93:6b:aa:
bd:b4:a5:c7:e8:7c:35:bd:5a:2a:f6:2d:d7:fe:29:
86:79:75:a6:15:1b:99:24:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
OCSP Signing
Signature Algorithm: sha1WithRSAEncryption
6a:17:94:55:d2:fd:d9:c3:d5:8e:78:cd:23:71:47:4d:bf:e4:
af:87:f8:b6:d7:43:4b:ee:76:61:5a:bf:ed:ff:3e:bc:06:fc:
d9:ed:3f:f9:4e:ea:90:fd:40:b9:2e:ee:25:a8:1f:c8:92:60:
78:87:ad:45:c8:1a:0d:3d:d6:cc:fa:f6:79:fb:ec:a6:b9:17:
d1:ae:a2:76:f9:59:9d:df:f4:62:05:23:3a:ed:b9:66:57:db:
04:95:d6:2e:73:98:77:c1:09:8f:97:95:3a:ec:71:33:54:70:
d8:d9:6a:00:5c:89:14:6c:39:c0:dd:5e:68:54:c0:c5:43:98:
68:fc
~~~~~BEGIN CERTIFICATE~~~~~
MIIByzCCATSgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMR0wGwYDVQQDDBRUZXN0
IEludGVybWVkaWF0ZSBDQTAiGA8yMDE3MDEwMTAwMDAwMFoYDzIwMTgwMTAxMDAw
MDAwWjAbMRkwFwYDVQQDDBBUZXN0IE9DU1AgU2lnbmVyMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQDE51dvdgYwHGDz2eIPICKWxC8uPNaWPb8ICbIarGul9omo
Z9HxLDFp7FxWsbCKYou4/sQBJrLOO+zjC/IIloQ9uYdXQIJNMkJE3ONH5R6tUqeb
b83Q0zSPGFkBDhejTKAgyf+9tJNrqr20pcfofDW9Wir2Ldf+KYZ5daYVG5kkzwID
AQABoxcwFTATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQUFAAOBgQBq
F5RV0v3Zw9WOeM0jcUdNv+Svh/i210NL7nZhWr/t/z68BvzZ7T/5TuqQ/UC5Lu4l
qB/IkmB4h61FyBoNPdbM+vZ5++ymuRfRrqJ2+Vmd3/RiBSM67blmV9sEldYuc5h3
wQmPl5U67HEzVHDY2WoAXIkUbDnA3V5oVMDFQ5ho/A==
~~~~~END CERTIFICATE~~~~~
-----BEGIN OCSP RESPONSE-----
MIIEvQoBAKCCBLYwggSyBgkrBgEFBQcwAQEEggSjMIIEnzCBhaEhMB8xHTAbBgNVBAMMFFRlc3Q
gSW50ZXJtZWRpYXRlIENBGA8yMDE3MDMwMjAwMDAwMFowTzBNMDgwBwYFKw4DAhoEFESbHFsxxu
mZCWZSPknD93PAJBkKBBT8bTOHzDs5sEnHVcRt9DlVSJMLzgIBBIAAGA8yMDE3MDMwMTAwMDAwM
FowDQYJKoZIhvcNAQEFBQADgYEAm3y7IACGkmFtj21wh1IbrNUKl852e8S0p6gd6iwVzNQufaKM
U0qCBkq24tmbqsRjZpR6cbrZTryQEVZ1Vqp8NHMdrRwbpiiB6vmgheZPBy5DY0kej3i2lvSLTX9
YsoYYRTpyXn/V9fBmg1iSA03iHa+ZKvTJECSox4cWf7l2sbqgggOAMIIDfDCCAakwggESoAMCAQ
ICAQEwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAwwHVGVzdCBDQTAiGA8yMDE3MDEwMTAwMDAwM
FoYDzIwMTgwMTAxMDAwMDAwWjAfMR0wGwYDVQQDDBRUZXN0IEludGVybWVkaWF0ZSBDQTCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuTIJ3jNKT+IEc0nVLiuDkjqU5BsMJxv4Q4MXuHX1pK/
jTIQ+bEh5dt9N9TmvkkvFoIarNcwZa5OCwPhETRoUXUiHZQIOsKiW2QYZP6qFLYTAeBmmlqsmVv
dvWhqXogGIAJkQipc5yCJu3uVW9KYjzepIDmVnpHOgUJHeus9UCI8CAwEAATANBgkqhkiG9w0BA
QUFAAOBgQBI1Z+NkLxKWTgdK4MtcRx0nQFzoLaY5xzCImYjMwqPZP+cazcJEhwVEsvDYdmrzZbd
lfqmAmc8TOyYOFz8SMyFqVtJLCsGZgeeMQ+TEKs+n5dgZAFhfoYVu17xkDGjVNCGDoAFhwkuZba
ViVzB5YDZuIG27RoguJsizu/QJkedVzCCAcswggE0oAMCAQICAQIwDQYJKoZIhvcNAQEFBQAwHz
EdMBsGA1UEAwwUVGVzdCBJbnRlcm1lZGlhdGUgQ0EwIhgPMjAxNzAxMDEwMDAwMDBaGA8yMDE4M
DEwMTAwMDAwMFowGzEZMBcGA1UEAwwQVGVzdCBPQ1NQIFNpZ25lcjCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAxOdXb3YGMBxg89niDyAilsQvLjzWlj2/CAmyGqxrpfaJqGfR8SwxaexcVrG
wimKLuP7EASayzjvs4wvyCJaEPbmHV0CCTTJCRNzjR+UerVKnm2/N0NM0jxhZAQ4Xo0ygIMn/vb
STa6q9tKXH6Hw1vVoq9i3X/imGeXWmFRuZJM8CAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYBBQUHA
wkwDQYJKoZIhvcNAQEFBQADgYEAaheUVdL92cPVjnjNI3FHTb/kr4f4ttdDS+52YVq/7f8+vAb8
2e0/+U7qkP1AuS7uJagfyJJgeIetRcgaDT3WzPr2efvsprkX0a6idvlZnd/0YgUjOu25ZlfbBJX
WLnOYd8EJj5eVOuxxM1Rw2NlqAFyJFGw5wN1eaFTAxUOYaPw=
-----END OCSP RESPONSE-----
$ openssl x509 -text < [CA CERTIFICATE]
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN = Test CA
Validity
Not Before: Jan 1 00:00:00 2017 GMT
Not After : Jan 1 00:00:00 2018 GMT
Subject: CN = Test Intermediate CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:b9:32:09:de:33:4a:4f:e2:04:73:49:d5:2e:2b:
83:92:3a:94:e4:1b:0c:27:1b:f8:43:83:17:b8:75:
f5:a4:af:e3:4c:84:3e:6c:48:79:76:df:4d:f5:39:
af:92:4b:c5:a0:86:ab:35:cc:19:6b:93:82:c0:f8:
44:4d:1a:14:5d:48:87:65:02:0e:b0:a8:96:d9:06:
19:3f:aa:85:2d:84:c0:78:19:a6:96:ab:26:56:f7:
6f:5a:1a:97:a2:01:88:00:99:10:8a:97:39:c8:22:
6e:de:e5:56:f4:a6:23:cd:ea:48:0e:65:67:a4:73:
a0:50:91:de:ba:cf:54:08:8f
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
48:d5:9f:8d:90:bc:4a:59:38:1d:2b:83:2d:71:1c:74:9d:01:
73:a0:b6:98:e7:1c:c2:22:66:23:33:0a:8f:64:ff:9c:6b:37:
09:12:1c:15:12:cb:c3:61:d9:ab:cd:96:dd:95:fa:a6:02:67:
3c:4c:ec:98:38:5c:fc:48:cc:85:a9:5b:49:2c:2b:06:66:07:
9e:31:0f:93:10:ab:3e:9f:97:60:64:01:61:7e:86:15:bb:5e:
f1:90:31:a3:54:d0:86:0e:80:05:87:09:2e:65:b6:95:89:5c:
c1:e5:80:d9:b8:81:b6:ed:1a:20:b8:9b:22:ce:ef:d0:26:47:
9d:57
-----BEGIN CA CERTIFICATE-----
MIIBqTCCARKgAwIBAgIBATANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDDAdUZXN0IENBMCIYDzI
wMTcwMTAxMDAwMDAwWhgPMjAxODAxMDEwMDAwMDBaMB8xHTAbBgNVBAMMFFRlc3QgSW50ZXJtZW
RpYXRlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5MgneM0pP4gRzSdUuK4OSOpTkG
wwnG/hDgxe4dfWkr+NMhD5sSHl23031Oa+SS8Wghqs1zBlrk4LA+ERNGhRdSIdlAg6wqJbZBhk/
qoUthMB4GaaWqyZW929aGpeiAYgAmRCKlznIIm7e5Vb0piPN6kgOZWekc6BQkd66z1QIjwIDAQA
BMA0GCSqGSIb3DQEBBQUAA4GBAEjVn42QvEpZOB0rgy1xHHSdAXOgtpjnHMIiZiMzCo9k/5xrNw
kSHBUSy8Nh2avNlt2V+qYCZzxM7Jg4XPxIzIWpW0ksKwZmB54xD5MQqz6fl2BkAWF+hhW7XvGQM
aNU0IYOgAWHCS5ltpWJXMHlgNm4gbbtGiC4myLO79AmR51X
-----END CA CERTIFICATE-----
$ openssl x509 -text < [CERTIFICATE]
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN = Test Intermediate CA
Validity
Not Before: Jan 1 00:00:00 2017 GMT
Not After : Jan 1 00:00:00 2018 GMT
Subject: CN = Test Cert
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:bc:4c:d5:b3:8d:92:fa:66:ac:32:43:1a:9e:eb:
17:e0:aa:76:35:1b:1d:10:48:4e:3e:22:8b:75:2e:
e8:6f:a4:55:1e:0a:5e:60:c0:61:f1:7d:29:58:7e:
0b:ef:29:be:ad:f8:f7:43:c8:58:95:14:5b:1d:af:
4a:b8:90:9e:4e:ec:4e:b3:86:7a:b9:96:c1:34:d3:
b9:a6:57:df:9b:bd:d9:dd:67:15:54:d4:9f:65:b8:
33:29:59:ba:9a:c6:75:ea:a5:76:3d:a4:57:0f:e2:
e4:c3:91:35:1d:6e:ff:61:7d:c2:53:23:66:b2:a8:
0b:e1:c7:55:48:c5:2b:4d:7d
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
18:bb:93:d9:2a:e0:34:69:2f:96:57:ac:55:ac:a7:83:04:b4:
bc:22:7f:5f:f7:c0:dc:ac:af:13:9b:86:7e:ac:02:8c:44:83:
2e:c0:fa:a1:77:1d:dd:86:31:7e:98:93:c0:4f:b2:3d:be:30:
6f:a5:fc:c7:2e:b1:b8:08:d2:17:cb:60:55:bf:5a:e0:94:f3:
1d:44:fa:b1:2f:1a:24:c5:33:e1:d4:f0:ac:d5:2c:67:da:a7:
5d:ee:eb:d6:7a:a7:41:e8:94:7a:34:43:b2:1f:ab:e9:cf:5d:
25:49:56:18:d2:a9:49:1a:37:34:43:c7:06:96:4a:29:38:cc:
f2:1c
-----BEGIN CERTIFICATE-----
MIIBqzCCARSgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMR0wGwYDVQQDDBRUZXN0IEludGVybWV
kaWF0ZSBDQTAiGA8yMDE3MDEwMTAwMDAwMFoYDzIwMTgwMTAxMDAwMDAwWjAUMRIwEAYDVQQDDA
lUZXN0IENlcnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALxM1bONkvpmrDJDGp7rF+Cqd
jUbHRBITj4ii3Uu6G+kVR4KXmDAYfF9KVh+C+8pvq3490PIWJUUWx2vSriQnk7sTrOGermWwTTT
uaZX35u92d1nFVTUn2W4MylZuprGdeqldj2kVw/i5MORNR1u/2F9wlMjZrKoC+HHVUjFK019AgM
BAAEwDQYJKoZIhvcNAQEFBQADgYEAGLuT2SrgNGkvllesVayngwS0vCJ/X/fA3KyvE5uGfqwCjE
SDLsD6oXcd3YYxfpiTwE+yPb4wb6X8xy6xuAjSF8tgVb9a4JTzHUT6sS8aJMUz4dTwrNUsZ9qnX
e7r1nqnQeiUejRDsh+r6c9dJUlWGNKpSRo3NEPHBpZKKTjM8hw=
-----END CERTIFICATE-----
$ openssl asn1parse -i < [OCSP REQUEST]
0:d=0 hl=2 l= 66 cons: SEQUENCE
2:d=1 hl=2 l= 64 cons: SEQUENCE
4:d=2 hl=2 l= 62 cons: SEQUENCE
6:d=3 hl=2 l= 60 cons: SEQUENCE
8:d=4 hl=2 l= 58 cons: SEQUENCE
10:d=5 hl=2 l= 9 cons: SEQUENCE
12:d=6 hl=2 l= 5 prim: OBJECT :sha1
19:d=6 hl=2 l= 0 prim: NULL
21:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:449B1C5B31C6E9990966523E49C3F773C024190A
43:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:FC6D3387CC3B39B049C755C46DF4395548930BCE
65:d=5 hl=2 l= 1 prim: INTEGER :04
-----BEGIN OCSP REQUEST-----
MEIwQDA+MDwwOjAJBgUrDgMCGgUABBREmxxbMcbpmQlmUj5Jw/dzwCQZCgQU/G0zh8w7ObBJx1X
EbfQ5VUiTC84CAQQ=
-----END OCSP REQUEST-----