| [Created by: generate-chains.py] |
| |
| Certificate chain where the intermediate restricts the extended key usage to |
| clientAuth + any, and the target sets serverAuth + clientAuth. |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 0f:19:5d:e8:71:6f:db:08:2d:79:97:74:46:0c:ac:d5:3d:49:b8:b2 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Mar 10 12:00:00 2018 GMT |
| Not After : Jan 1 12:00:00 2021 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:ae:2e:8b:18:8d:f7:76:2c:94:0c:3f:a0:b6:ea: |
| 70:1f:5e:c8:48:c5:aa:ad:55:6b:bd:55:68:0d:8e: |
| ce:e5:99:27:c5:2c:b2:9a:29:a9:8f:8e:c3:c6:97: |
| 89:6d:31:d7:a4:8f:d8:36:37:4f:33:c7:d6:42:03: |
| 11:08:c4:7f:35:8c:ee:0f:1b:7a:31:74:04:aa:01: |
| d3:1e:8b:5b:01:9d:60:4b:9c:d1:8f:1e:ab:e5:dc: |
| 8f:17:77:49:e3:f6:d5:82:a5:2f:0a:e8:dc:9f:96: |
| 1e:2a:a1:41:d1:67:2c:9e:f3:7f:94:0c:6e:cf:5f: |
| 55:52:37:05:d0:39:37:1a:6e:11:ed:db:fa:aa:92: |
| a7:4f:50:29:07:69:af:1d:a7:99:fa:e1:56:f0:03: |
| 38:b0:ae:6b:e7:19:0b:dd:c3:07:31:8e:84:04:a5: |
| b4:eb:b8:bc:23:f3:40:b0:17:b4:ab:9e:3f:05:96: |
| 89:fc:84:23:cc:d1:06:c2:e4:8b:c6:65:f5:24:eb: |
| 72:31:bc:41:7d:3a:c9:55:08:0c:ee:a6:ae:1f:78: |
| 17:f8:a7:9d:7b:b1:82:f5:ce:82:6b:a8:b2:c6:8a: |
| b9:be:a5:d8:39:f4:49:e2:4c:53:32:85:26:53:4d: |
| 44:ce:d5:3b:a0:6b:e7:d9:02:a1:5a:ef:e1:a5:81: |
| a7:fb |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| EB:B0:1C:BD:B7:68:B8:D1:B9:8A:C2:9F:5D:CF:DD:AF:F2:62:70:8A |
| X509v3 Authority Key Identifier: |
| keyid:EE:C6:9A:65:CC:FB:CE:A0:3E:17:02:F9:68:12:86:B6:22:09:60:B4 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 23:f3:f0:bc:ec:a5:2c:0e:c1:9a:23:9c:65:59:04:b0:eb:11: |
| 16:7d:27:90:06:d0:40:4c:7e:13:3f:ca:ac:c9:b1:43:0b:1e: |
| 93:fc:e8:72:f8:0f:1a:b2:bf:66:ca:20:78:05:16:28:6c:ba: |
| 52:2d:22:ec:98:bd:08:f5:94:43:1d:85:67:ee:28:84:b4:bb: |
| ce:db:00:87:0c:42:fd:0e:02:51:0f:37:f1:9c:c5:f6:7a:2b: |
| d8:d6:c4:ee:ba:a6:e5:93:f0:e8:fe:e0:b8:78:90:c2:4e:a0: |
| 8d:c4:d3:37:b5:41:2a:40:ef:3f:b5:4b:ac:45:d5:23:c2:a2: |
| b1:63:4a:3c:fe:7c:70:d7:95:db:cd:b4:70:b3:f0:1f:fc:09: |
| e3:60:7b:67:38:dd:ce:58:86:dc:cd:d5:b2:7e:03:99:56:ed: |
| a9:ab:e1:f9:2f:af:10:f3:5d:21:27:5f:d4:dc:60:49:c8:b1: |
| f2:84:f7:36:d3:d7:de:d5:9a:64:0c:c4:53:bd:6b:d1:57:91: |
| 3c:1d:f5:fa:60:f5:55:dd:c2:03:1f:b4:3b:f6:5b:40:2f:15: |
| 37:92:c5:9b:af:6c:fa:a3:db:ee:8e:78:8d:62:49:f3:18:98: |
| 95:40:ec:f0:4a:6d:3b:12:18:fb:b6:59:1f:0d:3d:84:66:63: |
| 84:2a:bf:ee |
| -----BEGIN CERTIFICATE----- |
| MIIDoDCCAoigAwIBAgIUDxld6HFv2wgteZd0Rgys1T1JuLIwDQYJKoZIhvcNAQEL |
| BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTE4MDMxMDEyMDAwMFoXDTIx |
| MDEwMTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF |
| AAOCAQ8AMIIBCgKCAQEAri6LGI33diyUDD+gtupwH17ISMWqrVVrvVVoDY7O5Zkn |
| xSyymimpj47DxpeJbTHXpI/YNjdPM8fWQgMRCMR/NYzuDxt6MXQEqgHTHotbAZ1g |
| S5zRjx6r5dyPF3dJ4/bVgqUvCujcn5YeKqFB0WcsnvN/lAxuz19VUjcF0Dk3Gm4R |
| 7dv6qpKnT1ApB2mvHaeZ+uFW8AM4sK5r5xkL3cMHMY6EBKW067i8I/NAsBe0q54/ |
| BZaJ/IQjzNEGwuSLxmX1JOtyMbxBfTrJVQgM7qauH3gX+Kede7GC9c6Ca6iyxoq5 |
| vqXYOfRJ4kxTMoUmU01EztU7oGvn2QKhWu/hpYGn+wIDAQABo4HpMIHmMB0GA1Ud |
| DgQWBBTrsBy9t2i40bmKwp9dz92v8mJwijAfBgNVHSMEGDAWgBTuxpplzPvOoD4X |
| AvloEoa2IglgtDA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91 |
| cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0 |
| dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF |
| oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD |
| ggEBACPz8LzspSwOwZojnGVZBLDrERZ9J5AG0EBMfhM/yqzJsUMLHpP86HL4Dxqy |
| v2bKIHgFFihsulItIuyYvQj1lEMdhWfuKIS0u87bAIcMQv0OAlEPN/GcxfZ6K9jW |
| xO66puWT8Oj+4Lh4kMJOoI3E0ze1QSpA7z+1S6xF1SPCorFjSjz+fHDXldvNtHCz |
| 8B/8CeNge2c43c5YhtzN1bJ+A5lW7amr4fkvrxDzXSEnX9TcYEnIsfKE9zbT197V |
| mmQMxFO9a9FXkTwd9fpg9VXdwgMftDv2W0AvFTeSxZuvbPqj2+6OeI1iSfMYmJVA |
| 7PBKbTsSGPu2WR8NPYRmY4Qqv+4= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 22:f0:bc:f5:46:4d:72:4b:8a:5f:7a:8d:54:e1:d7:60:ae:dd:08:ea |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Mar 10 12:00:00 2018 GMT |
| Not After : Jan 1 12:00:00 2021 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:d1:41:40:6f:cb:25:05:d9:29:d0:a3:c7:fe:2f: |
| f0:53:ad:46:36:19:aa:b1:1f:3f:7a:a2:e0:fb:03: |
| 2b:77:65:6a:79:eb:f3:a3:16:13:34:83:3b:42:de: |
| a2:bb:e2:bf:d8:d2:75:3d:48:38:86:bb:2a:7d:14: |
| a3:88:f7:7c:00:f4:0a:6b:6b:aa:9b:44:24:62:fe: |
| db:a3:42:55:15:67:2a:32:ff:b2:4d:80:93:d0:84: |
| ef:1b:dc:7c:ac:56:2d:54:08:02:f6:18:6e:b5:80: |
| a8:77:52:1f:b8:2c:09:6d:cc:f8:1c:04:91:62:6e: |
| 1e:dd:1d:89:b2:f1:23:0b:4d:4c:6c:da:49:3d:61: |
| 83:72:0f:66:36:12:3f:f3:ff:53:52:73:53:a1:ca: |
| 38:bd:c3:48:bf:7a:2f:13:19:d7:c2:28:e1:6f:32: |
| 00:5e:64:ac:4b:05:7a:77:62:57:55:a9:59:83:d5: |
| ed:a3:2e:28:34:71:79:2f:b9:c3:9e:df:b3:2a:b1: |
| 59:cd:04:00:1d:8b:11:56:ae:c6:67:f6:4f:1d:58: |
| 07:65:e0:b0:2f:ef:57:6d:de:c1:a0:7c:6e:38:a8: |
| 45:26:21:96:e0:f6:ef:0e:28:cf:01:70:57:dc:20: |
| 15:08:ad:e8:e3:98:74:8c:54:32:c1:28:17:e0:de: |
| a1:8b |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| EE:C6:9A:65:CC:FB:CE:A0:3E:17:02:F9:68:12:86:B6:22:09:60:B4 |
| X509v3 Authority Key Identifier: |
| keyid:42:75:41:34:C5:59:9F:99:A3:9B:1C:0C:57:DB:5C:C7:C1:48:B7:91 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| X509v3 Extended Key Usage: |
| TLS Web Client Authentication, Any Extended Key Usage |
| Signature Algorithm: sha256WithRSAEncryption |
| 2b:7d:1a:0d:8d:35:73:68:ea:e0:89:c2:05:28:a5:20:02:ce: |
| 0c:a4:76:ce:81:27:f9:72:c0:2f:7a:43:7f:81:0d:f2:3b:2a: |
| ee:4c:a2:b2:7c:a6:35:62:23:63:de:96:d2:0a:c9:6b:d5:f7: |
| 29:5c:03:64:0e:7e:8d:3a:d4:5c:76:75:cd:32:3a:b4:48:ca: |
| 4b:79:10:77:fc:40:06:85:e5:b6:7d:18:77:c9:5f:45:57:c3: |
| 1f:26:b3:73:d0:fe:2f:4c:e7:d3:be:2f:7c:9f:e0:8b:14:dd: |
| 3c:3b:c1:d3:d2:56:46:2f:1b:7d:21:56:98:5a:eb:f1:e1:9b: |
| ad:b5:9e:42:4d:7a:f7:36:0a:f3:3d:00:8b:1e:d7:17:04:ce: |
| f4:b9:da:ba:c3:50:50:c4:41:32:58:d4:dc:b7:1d:29:42:62: |
| aa:5d:7e:d9:b7:0c:f6:5c:89:ef:70:af:8d:44:1e:ae:3c:1d: |
| 1d:80:3f:1f:7f:ba:77:1a:12:ab:eb:7a:b3:76:9b:c7:0b:c6: |
| 6c:a8:dd:9a:78:43:f9:e3:50:62:9f:62:78:e1:c3:f8:7e:26: |
| 69:67:28:c9:84:c2:3a:bd:d0:b6:ba:6a:01:fc:05:8e:91:5f: |
| ca:55:75:a1:83:a4:b7:5a:40:41:03:7f:bf:41:e7:df:27:a1: |
| b5:ec:c8:77 |
| -----BEGIN CERTIFICATE----- |
| MIIDmzCCAoOgAwIBAgIUIvC89UZNckuKX3qNVOHXYK7dCOowDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw |
| MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD |
| ggEPADCCAQoCggEBANFBQG/LJQXZKdCjx/4v8FOtRjYZqrEfP3qi4PsDK3dlannr |
| 86MWEzSDO0Leorviv9jSdT1IOIa7Kn0Uo4j3fAD0CmtrqptEJGL+26NCVRVnKjL/ |
| sk2Ak9CE7xvcfKxWLVQIAvYYbrWAqHdSH7gsCW3M+BwEkWJuHt0dibLxIwtNTGza |
| ST1hg3IPZjYSP/P/U1JzU6HKOL3DSL96LxMZ18Io4W8yAF5krEsFendiV1WpWYPV |
| 7aMuKDRxeS+5w57fsyqxWc0EAB2LEVauxmf2Tx1YB2XgsC/vV23ewaB8bjioRSYh |
| luD27w4ozwFwV9wgFQit6OOYdIxUMsEoF+DeoYsCAwEAAaOB5jCB4zAdBgNVHQ4E |
| FgQU7saaZcz7zqA+FwL5aBKGtiIJYLQwHwYDVR0jBBgwFoAUQnVBNMVZn5mjmxwM |
| V9tcx8FIt5EwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs |
| LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m |
| b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ |
| MBkGA1UdJQQSMBAGCCsGAQUFBwMCBgRVHSUAMA0GCSqGSIb3DQEBCwUAA4IBAQAr |
| fRoNjTVzaOrgicIFKKUgAs4MpHbOgSf5csAvekN/gQ3yOyruTKKyfKY1YiNj3pbS |
| Cslr1fcpXANkDn6NOtRcdnXNMjq0SMpLeRB3/EAGheW2fRh3yV9FV8MfJrNz0P4v |
| TOfTvi98n+CLFN08O8HT0lZGLxt9IVaYWuvx4ZuttZ5CTXr3NgrzPQCLHtcXBM70 |
| udq6w1BQxEEyWNTctx0pQmKqXX7Ztwz2XInvcK+NRB6uPB0dgD8ff7p3GhKr63qz |
| dpvHC8ZsqN2aeEP541Bin2J44cP4fiZpZyjJhMI6vdC2umoB/AWOkV/KVXWhg6S3 |
| WkBBA3+/QeffJ6G17Mh3 |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 22:f0:bc:f5:46:4d:72:4b:8a:5f:7a:8d:54:e1:d7:60:ae:dd:08:e9 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Mar 10 12:00:00 2018 GMT |
| Not After : Jan 1 12:00:00 2021 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:c3:96:66:c7:e7:fd:21:14:ec:df:4a:05:1a:8c: |
| 22:da:8f:3e:b7:8e:ca:a2:de:d7:e3:08:05:cd:28: |
| 1c:da:d4:99:ba:ad:de:92:07:44:18:55:e7:b5:41: |
| 6b:38:64:18:06:ab:6c:b8:ad:3d:b8:4e:c8:fa:8c: |
| fc:58:2c:2c:a8:42:08:28:b4:85:2a:aa:57:e2:a8: |
| 76:4a:6e:fe:38:2f:d1:14:c6:52:6f:05:a4:89:54: |
| c2:0f:f0:93:83:09:b7:55:56:94:7b:57:65:87:09: |
| dd:61:ea:1a:02:3c:24:a5:cc:2d:d3:7c:0a:dc:2e: |
| 67:a2:7f:91:ad:b4:76:76:02:ac:7f:85:5f:61:86: |
| 0c:60:15:a0:82:7f:85:16:f4:10:8d:49:27:e4:33: |
| 58:75:55:6b:5a:ab:c7:d1:bd:3d:a8:3b:68:1b:b4: |
| de:68:89:c4:87:fe:87:04:d4:52:f3:8f:fa:2e:44: |
| 79:c1:62:46:b7:88:4c:bb:75:61:fd:e6:c5:6a:fb: |
| a8:3b:ef:a7:e6:1a:1e:44:2d:61:a7:4e:63:5e:66: |
| b8:f7:85:60:74:8b:ea:20:82:84:84:71:f5:1d:c6: |
| 0c:c2:ee:11:78:01:ae:44:5a:e3:7b:97:2e:01:d0: |
| 18:91:77:01:23:7f:d2:21:73:f4:f3:9a:94:ad:93: |
| 2e:a1 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 42:75:41:34:C5:59:9F:99:A3:9B:1C:0C:57:DB:5C:C7:C1:48:B7:91 |
| X509v3 Authority Key Identifier: |
| keyid:42:75:41:34:C5:59:9F:99:A3:9B:1C:0C:57:DB:5C:C7:C1:48:B7:91 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| b3:5c:da:ed:e5:9b:b2:59:08:f6:37:f2:10:af:0b:b3:b6:ab: |
| a8:7c:a5:9a:eb:dc:ba:a3:48:df:81:65:17:1a:9f:f9:b7:25: |
| 92:44:9c:30:42:f0:c8:86:c2:55:47:fc:39:7c:1d:2b:d1:67: |
| e7:f8:1a:7b:2f:ea:87:75:4d:36:ee:6e:6c:1c:43:cd:d8:d5: |
| 4e:b6:ea:07:75:3e:53:b8:36:ee:79:de:18:53:ba:7a:c3:6a: |
| 30:03:63:b6:a6:1a:e9:a7:31:78:94:d0:bf:0f:e2:7d:23:09: |
| c7:aa:be:a9:e6:01:91:98:b7:88:da:a5:05:1a:db:58:f4:7f: |
| f2:ba:c4:b5:5b:e5:34:26:a3:1d:f9:c6:11:26:96:aa:ad:7a: |
| 48:4f:64:d9:52:fc:58:88:97:f1:17:98:7e:f1:24:8c:fd:16: |
| b9:64:5c:f1:82:f6:16:14:25:03:df:a1:bc:a1:40:8d:d0:21: |
| 2f:36:5b:4c:12:5b:4a:1e:3e:10:8b:bd:0d:ae:02:14:59:ce: |
| 54:dc:ae:ec:c8:51:52:b9:75:91:38:c7:8b:1e:78:57:2f:81: |
| a2:d9:cf:9c:6f:6f:ef:03:d1:4a:27:ee:6e:81:37:72:c1:af: |
| 9f:e4:46:79:db:a2:2d:7f:c0:c0:f6:7f:68:9d:14:76:63:f2: |
| 51:f6:2a:c6 |
| -----BEGIN CERTIFICATE----- |
| MIIDeDCCAmCgAwIBAgIUIvC89UZNckuKX3qNVOHXYK7dCOkwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xODAzMTAxMjAwMDBaFw0yMTAxMDExMjAw |
| MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK |
| AoIBAQDDlmbH5/0hFOzfSgUajCLajz63jsqi3tfjCAXNKBza1Jm6rd6SB0QYVee1 |
| QWs4ZBgGq2y4rT24Tsj6jPxYLCyoQggotIUqqlfiqHZKbv44L9EUxlJvBaSJVMIP |
| 8JODCbdVVpR7V2WHCd1h6hoCPCSlzC3TfArcLmeif5GttHZ2Aqx/hV9hhgxgFaCC |
| f4UW9BCNSSfkM1h1VWtaq8fRvT2oO2gbtN5oicSH/ocE1FLzj/ouRHnBYka3iEy7 |
| dWH95sVq+6g776fmGh5ELWGnTmNeZrj3hWB0i+oggoSEcfUdxgzC7hF4Aa5EWuN7 |
| ly4B0BiRdwEjf9Ihc/TzmpStky6hAgMBAAGjgcswgcgwHQYDVR0OBBYEFEJ1QTTF |
| WZ+Zo5scDFfbXMfBSLeRMB8GA1UdIwQYMBaAFEJ1QTTFWZ+Zo5scDFfbXMfBSLeR |
| MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh |
| L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S |
| b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG |
| 9w0BAQsFAAOCAQEAs1za7eWbslkI9jfyEK8Ls7arqHylmuvcuqNI34FlFxqf+bcl |
| kkScMELwyIbCVUf8OXwdK9Fn5/gaey/qh3VNNu5ubBxDzdjVTrbqB3U+U7g27nne |
| GFO6esNqMANjtqYa6acxeJTQvw/ifSMJx6q+qeYBkZi3iNqlBRrbWPR/8rrEtVvl |
| NCajHfnGESaWqq16SE9k2VL8WIiX8ReYfvEkjP0WuWRc8YL2FhQlA9+hvKFAjdAh |
| LzZbTBJbSh4+EIu9Da4CFFnOVNyu7MhRUrl1kTjHix54Vy+BotnPnG9v7wPRSifu |
| boE3csGvn+RGeduiLX/AwPZ/aJ0UdmPyUfYqxg== |
| -----END CERTIFICATE----- |
