| [Created by: generate-chains.py] |
| |
| A certificate tree with two self-signed root certificates(oldroot, newroot), |
| and a third root certificate (newrootrollover) which has the same key as newroot |
| but is signed by oldroot, all with the same subject and issuer. |
| There are two intermediates with the same key, subject and issuer |
| (oldintermediate signed by oldroot, and newintermediate signed by newroot). |
| The target certificate is signed by the intermediate key. |
| |
| |
| In graphical form: |
| |
| oldroot-------->newrootrollover newroot |
| | | | |
| v v v |
| oldintermediate newintermediate |
| | | |
| +------------+-------------+ |
| | |
| v |
| target |
| |
| |
| Several chains are output: |
| key-rollover-oldchain.pem: |
| target<-oldintermediate<-oldroot |
| key-rollover-rolloverchain.pem: |
| target<-newintermediate<-newrootrollover<-oldroot |
| key-rollover-longrolloverchain.pem: |
| target<-newintermediate<-newroot<-newrootrollover<-oldroot |
| key-rollover-newchain.pem: |
| target<-newintermediate<-newroot |
| |
| All of these chains should verify successfully. |
| |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 60:cf:3c:af:c2:01:a7:ee:48:ed:83:9c:13:19:f0:c1:ff:af:13:68 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Target |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:ef:77:94:e8:68:c5:7e:1d:9b:ae:10:cd:d5:bb: |
| 96:27:0c:05:17:f4:ec:bc:da:7d:28:e5:b7:e5:8f: |
| da:d8:ae:7a:2a:d2:e3:15:9b:12:62:79:02:61:3d: |
| 3f:8b:64:4e:fb:7d:e1:59:bd:2f:83:ad:d3:b8:e5: |
| 45:33:c4:13:5f:79:ef:8a:3e:c0:39:20:81:e2:98: |
| b9:e6:c9:60:b6:8e:b4:bf:b4:2b:55:ae:b1:7c:21: |
| d3:fe:ec:f0:56:31:fe:0a:19:c4:2c:54:a4:97:aa: |
| 84:a2:83:f8:5a:9a:f3:11:b8:ad:3b:14:3a:68:5a: |
| 72:24:49:6f:6f:5a:02:39:91:07:09:cb:18:57:13: |
| 1e:a4:54:03:31:5c:b6:e9:7d:78:2d:e8:ba:2f:70: |
| 17:0a:03:11:aa:90:c7:5e:f0:1b:7f:56:39:f5:e0: |
| 1f:1e:33:8d:23:30:e6:7a:ba:5e:ca:46:33:13:04: |
| 5c:65:b0:be:53:7f:ab:a7:9f:8d:fb:bd:46:e5:87: |
| 44:31:55:e5:9f:97:7e:a3:ec:69:a8:d7:8b:47:ae: |
| 48:ae:74:50:5e:57:55:31:ca:36:ec:43:a1:dd:61: |
| b2:18:12:6a:29:0b:63:24:d5:71:4d:da:e7:0f:0d: |
| e3:2c:aa:76:6b:f9:2c:93:c2:fa:f9:40:2c:1b:34: |
| 65:53 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| FA:2D:AF:E0:5F:8E:8E:18:7A:FB:AF:FE:D9:C9:A3:62:AA:B8:2A:18 |
| X509v3 Authority Key Identifier: |
| keyid:CC:72:60:F0:8D:8C:CB:A9:6C:FF:09:57:F3:6A:FE:29:46:24:26:5B |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Server Authentication, TLS Web Client Authentication |
| Signature Algorithm: sha256WithRSAEncryption |
| 01:db:ae:1e:db:9c:37:2a:1c:f6:44:c8:55:cb:39:9d:88:f5: |
| 72:27:94:80:ec:51:ce:86:c3:64:b9:7f:f6:c2:83:38:9c:66: |
| 27:44:94:31:28:bc:ed:37:dc:bd:7c:84:d5:c6:44:74:ef:81: |
| 54:01:78:55:d0:59:60:99:bc:ab:bb:6a:45:0b:50:f9:de:d4: |
| 3e:ce:ed:1a:26:8f:8b:6c:2d:3a:b2:e8:4b:17:c4:b8:d6:41: |
| 4e:fa:8c:af:70:44:6f:30:71:f5:92:62:7e:db:19:f2:67:18: |
| e9:17:a6:98:b7:9e:7e:df:69:0c:d9:ad:65:b8:0b:5c:1d:c0: |
| a9:4c:e4:1b:2c:56:57:36:3b:8f:50:26:a6:7e:95:4b:06:d6: |
| 67:1d:0e:b4:58:a7:c1:c2:37:ca:87:3a:86:e7:07:df:3c:55: |
| 13:18:e8:5b:8d:08:d2:30:04:1b:de:3f:f3:eb:21:6f:99:e2: |
| 5c:52:6f:37:1f:d9:93:45:e5:81:9d:4b:db:0c:6f:55:fd:e4: |
| 6d:98:ac:88:7b:1a:48:b8:e8:24:ed:a6:cf:e9:f6:e2:a9:71: |
| 60:cd:d7:90:0e:c3:92:b3:57:ec:da:2f:48:84:47:c8:91:c4: |
| 50:1e:f0:c4:91:99:8b:4f:f1:35:65:c1:ab:a2:4a:12:1b:cf: |
| bd:68:1c:bf |
| -----BEGIN CERTIFICATE----- |
| MIIDoDCCAoigAwIBAgIUYM88r8IBp+5I7YOcExnwwf+vE2gwDQYJKoZIhvcNAQEL |
| BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTE1MDEwMTEyMDAwMFoXDTE2 |
| MDEwMTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF |
| AAOCAQ8AMIIBCgKCAQEA73eU6GjFfh2brhDN1buWJwwFF/TsvNp9KOW35Y/a2K56 |
| KtLjFZsSYnkCYT0/i2RO+33hWb0vg63TuOVFM8QTX3nvij7AOSCB4pi55slgto60 |
| v7QrVa6xfCHT/uzwVjH+ChnELFSkl6qEooP4WprzEbitOxQ6aFpyJElvb1oCOZEH |
| CcsYVxMepFQDMVy26X14Lei6L3AXCgMRqpDHXvAbf1Y59eAfHjONIzDmerpeykYz |
| EwRcZbC+U3+rp5+N+71G5YdEMVXln5d+o+xpqNeLR65IrnRQXldVMco27EOh3WGy |
| GBJqKQtjJNVxTdrnDw3jLKp2a/ksk8L6+UAsGzRlUwIDAQABo4HpMIHmMB0GA1Ud |
| DgQWBBT6La/gX46OGHr7r/7ZyaNiqrgqGDAfBgNVHSMEGDAWgBTMcmDwjYzLqWz/ |
| CVfzav4pRiQmWzA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91 |
| cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0 |
| dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF |
| oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD |
| ggEBAAHbrh7bnDcqHPZEyFXLOZ2I9XInlIDsUc6Gw2S5f/bCgzicZidElDEovO03 |
| 3L18hNXGRHTvgVQBeFXQWWCZvKu7akULUPne1D7O7Romj4tsLTqy6EsXxLjWQU76 |
| jK9wRG8wcfWSYn7bGfJnGOkXppi3nn7faQzZrWW4C1wdwKlM5BssVlc2O49QJqZ+ |
| lUsG1mcdDrRYp8HCN8qHOobnB988VRMY6FuNCNIwBBveP/PrIW+Z4lxSbzcf2ZNF |
| 5YGdS9sMb1X95G2YrIh7Gki46CTtps/p9uKpcWDN15AOw5KzV+zaL0iER8iRxFAe |
| 8MSRmYtP8TVlwauiShIbz71oHL8= |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 52:7c:19:50:39:c6:38:0e:14:9f:b2:17:b8:81:f7:cf:f8:66:d1:95 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 2 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:9d:2b:d3:86:6e:f6:af:a0:b2:08:23:93:2a:c0: |
| 1c:02:49:c6:ef:a9:64:39:4e:80:6a:36:56:e5:a5: |
| 93:0e:45:12:ad:05:41:9a:5d:cc:ed:af:2e:7b:b6: |
| cf:bd:14:79:8f:a5:59:16:02:fe:23:5c:2b:e4:90: |
| d2:67:7c:bb:74:cb:37:20:40:c4:62:fa:e0:23:f1: |
| a4:89:70:fe:54:ea:ea:3b:d7:1a:7a:9b:0d:a1:74: |
| 44:89:c9:58:3d:d6:99:42:6b:e5:da:f5:f1:0c:33: |
| 26:11:e1:d4:2b:33:d7:2e:be:b9:42:5d:e7:b2:ce: |
| 52:37:51:30:17:80:a7:77:e0:ca:55:ac:42:12:23: |
| 17:d6:42:5a:6d:55:1f:f8:f1:13:7b:73:7d:b6:ff: |
| b7:67:72:d8:55:af:8e:60:71:cd:b8:a4:72:9f:84: |
| d8:6f:a6:62:1a:0f:79:de:3e:27:a5:08:bc:90:20: |
| f6:a3:b2:64:21:92:3e:1c:8c:35:f5:38:16:96:18: |
| f1:5c:de:fd:89:b6:4d:ca:00:0a:59:91:84:9a:28: |
| ea:1c:8f:0d:14:aa:4b:e5:56:66:9e:40:36:35:ff: |
| dc:72:f3:ea:e3:7f:b4:73:64:66:ff:81:16:b9:93: |
| 8e:61:30:7f:15:2e:1d:6c:23:90:76:56:b2:60:11: |
| 91:19 |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| CC:72:60:F0:8D:8C:CB:A9:6C:FF:09:57:F3:6A:FE:29:46:24:26:5B |
| X509v3 Authority Key Identifier: |
| keyid:01:6B:49:1F:21:8F:80:DD:D4:97:C0:A8:BB:2A:7E:DC:F3:DA:FD:E1 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 58:20:51:07:c1:79:72:0f:8d:3b:34:8d:af:79:8a:f4:65:dd: |
| f6:62:8c:28:b1:e3:91:7a:c1:e0:75:11:6e:f4:cf:90:04:39: |
| 8f:08:19:c9:d5:3b:61:4a:30:5c:f1:dd:93:1d:b0:05:d0:2b: |
| f4:a0:ce:4a:8d:10:f9:ce:47:92:a1:84:8a:5d:42:62:e4:81: |
| 4d:8d:2a:49:cf:41:b7:1f:b8:ef:62:68:80:64:52:b5:b4:e8: |
| 9c:33:10:85:f6:2d:18:0c:a1:cd:a7:6d:2a:b6:73:a8:3d:4c: |
| 64:c3:3a:33:11:8b:6b:0c:68:86:ab:28:c8:e2:21:a0:26:78: |
| ed:15:f6:14:3c:d0:19:ea:d2:88:3b:ed:de:c8:99:4b:74:ff: |
| aa:d3:80:1b:5d:f0:f4:08:33:28:33:e9:0a:e8:07:0c:c4:ab: |
| f6:8c:3d:08:5a:4b:91:84:45:56:85:a0:92:59:e8:b4:e8:c6: |
| 92:0d:db:1a:fe:dc:4f:ac:b6:5c:7e:6f:e5:56:14:85:f4:74: |
| 33:f8:1e:eb:33:d0:0b:74:a6:ef:4e:3b:e7:77:c4:92:26:4e: |
| 5d:e2:cd:6e:dc:f7:25:ee:92:b9:b0:48:5d:46:e5:a9:50:a8: |
| bb:68:57:cb:f8:7f:07:f7:b2:54:97:f9:6e:54:1c:53:09:ce: |
| c0:6b:f1:f1 |
| -----BEGIN CERTIFICATE----- |
| MIIDgDCCAmigAwIBAgIUUnwZUDnGOA4Un7IXuIH3z/hm0ZUwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xNTAxMDIxMjAwMDBaFw0xNjAxMDExMjAw |
| MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD |
| ggEPADCCAQoCggEBAJ0r04Zu9q+gsggjkyrAHAJJxu+pZDlOgGo2VuWlkw5FEq0F |
| QZpdzO2vLnu2z70UeY+lWRYC/iNcK+SQ0md8u3TLNyBAxGL64CPxpIlw/lTq6jvX |
| GnqbDaF0RInJWD3WmUJr5dr18QwzJhHh1Csz1y6+uUJd57LOUjdRMBeAp3fgylWs |
| QhIjF9ZCWm1VH/jxE3tzfbb/t2dy2FWvjmBxzbikcp+E2G+mYhoPed4+J6UIvJAg |
| 9qOyZCGSPhyMNfU4FpYY8Vze/Ym2TcoAClmRhJoo6hyPDRSqS+VWZp5ANjX/3HLz |
| 6uN/tHNkZv+BFrmTjmEwfxUuHWwjkHZWsmARkRkCAwEAAaOByzCByDAdBgNVHQ4E |
| FgQUzHJg8I2My6ls/wlX82r+KUYkJlswHwYDVR0jBBgwFoAUAWtJHyGPgN3Ul8Co |
| uyp+3PPa/eEwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs |
| LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m |
| b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ |
| MA0GCSqGSIb3DQEBCwUAA4IBAQBYIFEHwXlyD407NI2veYr0Zd32YowoseOResHg |
| dRFu9M+QBDmPCBnJ1TthSjBc8d2THbAF0Cv0oM5KjRD5zkeSoYSKXUJi5IFNjSpJ |
| z0G3H7jvYmiAZFK1tOicMxCF9i0YDKHNp20qtnOoPUxkwzozEYtrDGiGqyjI4iGg |
| JnjtFfYUPNAZ6tKIO+3eyJlLdP+q04AbXfD0CDMoM+kK6AcMxKv2jD0IWkuRhEVW |
| haCSWei06MaSDdsa/txPrLZcfm/lVhSF9HQz+B7rM9ALdKbvTjvnd8SSJk5d4s1u |
| 3Pcl7pK5sEhdRuWpUKi7aFfL+H8H97JUl/luVBxTCc7Aa/Hx |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 52:7c:19:50:39:c6:38:0e:14:9f:b2:17:b8:81:f7:cf:f8:66:d1:94 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 2 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:c7:04:19:c8:b2:fc:28:77:e5:99:8e:f0:05:8b: |
| 0d:5b:e5:38:f1:8e:d1:07:d2:f6:d8:6b:bd:c8:c3: |
| 2c:f3:05:e9:1f:4c:b6:c1:39:d4:0f:03:2f:62:ba: |
| e7:c4:7e:9c:7c:1c:be:df:6b:f2:34:b2:45:ec:b9: |
| 76:a5:3a:25:1c:a1:b7:78:76:0c:e8:3d:76:d1:46: |
| bd:20:e1:ef:1c:80:22:12:b5:8a:de:78:4f:ed:05: |
| 25:5d:b4:83:4c:9e:b2:ee:64:b5:df:d9:d1:b7:5f: |
| 3c:e9:8a:e1:e1:49:bd:d6:7c:fe:4a:38:f1:94:9a: |
| b5:cc:cf:85:aa:bd:bb:2d:93:b9:a9:2b:c1:f9:82: |
| c0:ba:68:a5:90:4f:e1:d4:30:6f:99:c4:d9:6c:e8: |
| 6a:0c:71:a8:ff:c4:7f:b5:9a:e6:07:a0:ed:f4:3c: |
| 3a:4b:a3:88:b1:41:cf:f1:b8:ea:f8:b7:43:b0:9f: |
| 88:05:eb:cd:ab:27:f5:ed:62:55:05:3d:62:59:b4: |
| 1c:07:ca:c4:49:3d:07:80:93:13:ff:0f:31:4f:34: |
| 41:9e:5b:a9:0a:79:fa:13:91:da:7c:35:c4:7b:56: |
| 9c:a1:89:05:7d:6e:12:e5:e4:83:be:9a:5e:14:cd: |
| fc:27:58:ae:f5:26:83:36:a4:04:61:a7:4a:01:2f: |
| 1a:4f |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 01:6B:49:1F:21:8F:80:DD:D4:97:C0:A8:BB:2A:7E:DC:F3:DA:FD:E1 |
| X509v3 Authority Key Identifier: |
| keyid:01:6B:49:1F:21:8F:80:DD:D4:97:C0:A8:BB:2A:7E:DC:F3:DA:FD:E1 |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 2c:4d:7f:fd:1c:4e:6a:f0:7b:d1:a6:d2:92:35:0a:bb:00:96: |
| f6:87:a2:8f:c8:20:51:fe:34:1b:e2:72:e0:52:ce:33:14:b8: |
| 9a:fb:2d:71:5d:cb:77:1e:47:cb:00:f3:e8:12:54:1a:d4:02: |
| e7:ee:4b:21:d2:b0:7e:df:a3:47:f2:0a:15:fe:b8:e6:7f:85: |
| 97:eb:2f:8d:1d:9d:0d:ba:34:ce:10:a9:a8:36:b8:ea:95:83: |
| 28:10:4b:09:2f:c6:7d:b4:9c:d7:20:cc:af:9f:99:36:67:a9: |
| 09:27:99:98:e5:10:6e:1b:ad:a1:46:0f:2f:82:98:98:28:30: |
| 72:33:1f:7a:24:fd:61:17:5d:23:a3:ca:70:76:a4:95:b8:7c: |
| 84:d7:f8:68:bd:23:27:34:0b:0f:65:c0:74:2f:28:94:46:73: |
| e3:7c:1a:f6:11:36:13:9b:16:5a:92:84:85:6d:59:88:85:82: |
| b5:43:22:fd:f5:9f:2d:82:27:cb:40:a4:b9:6c:50:7d:31:af: |
| 3f:cf:83:57:72:e5:d4:6b:5e:9d:97:d1:bf:a5:0a:0d:00:88: |
| 3d:25:b4:5c:a5:62:00:69:22:4e:ef:07:39:cf:74:33:7e:bb: |
| 03:07:57:49:38:d7:5c:3c:43:bf:cd:fe:af:1a:75:24:4d:a5: |
| f9:63:2c:bf |
| -----BEGIN CERTIFICATE----- |
| MIIDeDCCAmCgAwIBAgIUUnwZUDnGOA4Un7IXuIH3z/hm0ZQwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xNTAxMDIxMjAwMDBaFw0xNjAxMDExMjAw |
| MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK |
| AoIBAQDHBBnIsvwod+WZjvAFiw1b5TjxjtEH0vbYa73IwyzzBekfTLbBOdQPAy9i |
| uufEfpx8HL7fa/I0skXsuXalOiUcobd4dgzoPXbRRr0g4e8cgCIStYreeE/tBSVd |
| tINMnrLuZLXf2dG3XzzpiuHhSb3WfP5KOPGUmrXMz4Wqvbstk7mpK8H5gsC6aKWQ |
| T+HUMG+ZxNls6GoMcaj/xH+1muYHoO30PDpLo4ixQc/xuOr4t0Own4gF682rJ/Xt |
| YlUFPWJZtBwHysRJPQeAkxP/DzFPNEGeW6kKefoTkdp8NcR7VpyhiQV9bhLl5IO+ |
| ml4UzfwnWK71JoM2pARhp0oBLxpPAgMBAAGjgcswgcgwHQYDVR0OBBYEFAFrSR8h |
| j4Dd1JfAqLsqftzz2v3hMB8GA1UdIwQYMBaAFAFrSR8hj4Dd1JfAqLsqftzz2v3h |
| MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh |
| L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S |
| b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG |
| 9w0BAQsFAAOCAQEALE1//RxOavB70abSkjUKuwCW9oeij8ggUf40G+Jy4FLOMxS4 |
| mvstcV3Ldx5HywDz6BJUGtQC5+5LIdKwft+jR/IKFf645n+Fl+svjR2dDbo0zhCp |
| qDa46pWDKBBLCS/GfbSc1yDMr5+ZNmepCSeZmOUQbhutoUYPL4KYmCgwcjMfeiT9 |
| YRddI6PKcHaklbh8hNf4aL0jJzQLD2XAdC8olEZz43wa9hE2E5sWWpKEhW1ZiIWC |
| tUMi/fWfLYIny0CkuWxQfTGvP8+DV3Ll1GtenZfRv6UKDQCIPSW0XKViAGkiTu8H |
| Oc90M367AwdXSTjXXDxDv83+rxp1JE2l+WMsvw== |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 52:7c:19:50:39:c6:38:0e:14:9f:b2:17:b8:81:f7:cf:f8:66:d1:96 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 2 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:c7:04:19:c8:b2:fc:28:77:e5:99:8e:f0:05:8b: |
| 0d:5b:e5:38:f1:8e:d1:07:d2:f6:d8:6b:bd:c8:c3: |
| 2c:f3:05:e9:1f:4c:b6:c1:39:d4:0f:03:2f:62:ba: |
| e7:c4:7e:9c:7c:1c:be:df:6b:f2:34:b2:45:ec:b9: |
| 76:a5:3a:25:1c:a1:b7:78:76:0c:e8:3d:76:d1:46: |
| bd:20:e1:ef:1c:80:22:12:b5:8a:de:78:4f:ed:05: |
| 25:5d:b4:83:4c:9e:b2:ee:64:b5:df:d9:d1:b7:5f: |
| 3c:e9:8a:e1:e1:49:bd:d6:7c:fe:4a:38:f1:94:9a: |
| b5:cc:cf:85:aa:bd:bb:2d:93:b9:a9:2b:c1:f9:82: |
| c0:ba:68:a5:90:4f:e1:d4:30:6f:99:c4:d9:6c:e8: |
| 6a:0c:71:a8:ff:c4:7f:b5:9a:e6:07:a0:ed:f4:3c: |
| 3a:4b:a3:88:b1:41:cf:f1:b8:ea:f8:b7:43:b0:9f: |
| 88:05:eb:cd:ab:27:f5:ed:62:55:05:3d:62:59:b4: |
| 1c:07:ca:c4:49:3d:07:80:93:13:ff:0f:31:4f:34: |
| 41:9e:5b:a9:0a:79:fa:13:91:da:7c:35:c4:7b:56: |
| 9c:a1:89:05:7d:6e:12:e5:e4:83:be:9a:5e:14:cd: |
| fc:27:58:ae:f5:26:83:36:a4:04:61:a7:4a:01:2f: |
| 1a:4f |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 01:6B:49:1F:21:8F:80:DD:D4:97:C0:A8:BB:2A:7E:DC:F3:DA:FD:E1 |
| X509v3 Authority Key Identifier: |
| keyid:D2:45:64:68:86:8E:07:F2:AF:BF:0B:F3:DD:7F:61:1D:4B:6B:4A:CD |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 92:e9:36:26:51:cb:1d:31:0c:a0:5e:86:32:26:b1:0a:2f:2a: |
| e7:a5:65:0d:6e:56:e2:6d:1e:41:52:23:03:38:63:72:20:10: |
| b8:0f:42:28:9a:53:6e:ea:3c:88:a4:b6:89:67:50:34:2b:84: |
| 15:a3:ee:e2:a6:88:74:80:c0:8d:f0:af:84:10:94:2f:50:6f: |
| b8:7f:55:a6:a2:18:d5:0e:98:1d:2e:62:29:15:eb:07:eb:01: |
| a8:33:f2:11:08:d3:b1:09:2a:2a:05:81:ec:7c:29:10:bd:6f: |
| 07:55:05:77:21:e1:84:25:b3:65:b2:be:e6:db:7b:3f:e2:46: |
| a6:03:75:07:d0:ec:b4:00:e8:46:bf:16:2d:b0:87:0e:06:84: |
| 7c:54:3b:a1:8c:0e:fa:d3:d1:d2:5d:40:c1:24:b9:00:31:b7: |
| bc:9a:3a:e9:68:5a:bc:20:7e:5a:5e:8b:a7:28:e2:a6:5c:9b: |
| ff:0f:c6:ae:39:04:1d:73:77:8f:e3:28:03:7e:c5:92:50:9a: |
| dc:15:67:b6:42:be:7f:b1:a6:5f:25:3c:61:6c:68:a0:b5:d0: |
| d9:d5:bd:45:29:06:bc:ab:ee:16:6f:63:55:6b:eb:d1:9c:a5: |
| a7:47:70:4b:43:3a:2a:b2:a1:b5:3a:a2:fe:57:78:db:16:66: |
| 9f:4c:3e:55 |
| -----BEGIN CERTIFICATE----- |
| MIIDeDCCAmCgAwIBAgIUUnwZUDnGOA4Un7IXuIH3z/hm0ZYwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xNTAxMDIxMjAwMDBaFw0xNjAxMDExMjAw |
| MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK |
| AoIBAQDHBBnIsvwod+WZjvAFiw1b5TjxjtEH0vbYa73IwyzzBekfTLbBOdQPAy9i |
| uufEfpx8HL7fa/I0skXsuXalOiUcobd4dgzoPXbRRr0g4e8cgCIStYreeE/tBSVd |
| tINMnrLuZLXf2dG3XzzpiuHhSb3WfP5KOPGUmrXMz4Wqvbstk7mpK8H5gsC6aKWQ |
| T+HUMG+ZxNls6GoMcaj/xH+1muYHoO30PDpLo4ixQc/xuOr4t0Own4gF682rJ/Xt |
| YlUFPWJZtBwHysRJPQeAkxP/DzFPNEGeW6kKefoTkdp8NcR7VpyhiQV9bhLl5IO+ |
| ml4UzfwnWK71JoM2pARhp0oBLxpPAgMBAAGjgcswgcgwHQYDVR0OBBYEFAFrSR8h |
| j4Dd1JfAqLsqftzz2v3hMB8GA1UdIwQYMBaAFNJFZGiGjgfyr78L891/YR1La0rN |
| MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh |
| L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S |
| b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG |
| 9w0BAQsFAAOCAQEAkuk2JlHLHTEMoF6GMiaxCi8q56VlDW5W4m0eQVIjAzhjciAQ |
| uA9CKJpTbuo8iKS2iWdQNCuEFaPu4qaIdIDAjfCvhBCUL1BvuH9VpqIY1Q6YHS5i |
| KRXrB+sBqDPyEQjTsQkqKgWB7HwpEL1vB1UFdyHhhCWzZbK+5tt7P+JGpgN1B9Ds |
| tADoRr8WLbCHDgaEfFQ7oYwO+tPR0l1AwSS5ADG3vJo66WhavCB+Wl6Lpyjiplyb |
| /w/GrjkEHXN3j+MoA37FklCa3BVntkK+f7GmXyU8YWxooLXQ2dW9RSkGvKvuFm9j |
| VWvr0Zylp0dwS0M6KrKhtTqi/ld42xZmn0w+VQ== |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: |
| 52:7c:19:50:39:c6:38:0e:14:9f:b2:17:b8:81:f7:cf:f8:66:d1:92 |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2016 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:ef:5f:3f:57:00:ad:2d:82:81:56:19:c0:da:98: |
| 72:8b:7f:4b:4f:37:f2:d9:0e:b3:3c:7b:73:d3:8a: |
| ad:5a:94:9c:37:0b:bc:68:4b:40:ac:a9:d1:1f:1b: |
| 35:6a:74:50:6b:91:c2:30:e5:a6:88:87:90:f4:dc: |
| 8d:09:49:6a:3e:f0:fe:cf:bb:b3:3b:33:c1:2a:2e: |
| b9:fb:9b:6a:db:2a:a6:9f:87:46:6a:b0:7d:87:c6: |
| 63:27:cd:58:e7:55:7d:c5:6c:d8:ac:c7:10:fb:6e: |
| 68:40:9d:69:bf:8f:a0:9c:36:d8:7a:dc:fb:14:48: |
| f4:96:5d:c2:0e:8f:e9:2f:1d:08:13:04:a0:1d:03: |
| 78:b8:a6:97:15:13:0f:91:4e:9e:18:00:96:9f:94: |
| e6:ad:02:2e:c7:60:c8:ed:50:54:02:2e:b2:6b:6e: |
| d5:78:7f:7a:74:20:20:f6:9c:fa:98:17:b3:8f:fd: |
| 92:01:3d:ff:e6:56:fa:45:28:41:b1:3c:ba:4a:ef: |
| bc:ff:4c:1e:d3:96:bc:5d:a6:06:7d:27:d8:66:13: |
| e0:40:74:83:8c:f4:89:c9:8d:8a:13:b7:98:88:32: |
| 6c:51:6c:15:92:1c:1b:e7:f7:08:a6:35:81:b4:24: |
| be:45:10:1f:ff:c9:e4:4d:35:b7:4d:3c:ae:54:d2: |
| ee:6f |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| D2:45:64:68:86:8E:07:F2:AF:BF:0B:F3:DD:7F:61:1D:4B:6B:4A:CD |
| X509v3 Authority Key Identifier: |
| keyid:D2:45:64:68:86:8E:07:F2:AF:BF:0B:F3:DD:7F:61:1D:4B:6B:4A:CD |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| c3:93:57:64:ef:a6:14:46:fd:70:31:57:e2:2d:d1:84:90:c6: |
| 24:77:6a:9d:e4:a7:39:fc:ae:f6:22:f8:ae:04:d9:8b:9c:e7: |
| c1:52:b4:1a:39:85:62:30:25:49:40:86:87:48:5f:fb:f8:4e: |
| 19:fe:68:1f:07:17:e2:a7:09:86:f1:49:58:6e:3e:04:49:01: |
| 87:2a:92:c1:38:45:4a:fa:e9:36:f5:30:77:01:2a:03:2b:ae: |
| 9c:bd:bc:a4:61:43:4c:a4:90:97:f6:d8:40:8b:20:c2:7e:cf: |
| ed:83:08:b8:c5:68:4f:a4:69:83:16:c5:b5:e5:9a:a3:4d:f2: |
| 4f:f4:51:3a:19:3f:8b:83:3e:04:c3:bf:7a:bf:cf:37:86:0f: |
| a1:79:a7:bf:c9:9c:7b:52:b9:84:ca:97:51:89:f2:25:bd:15: |
| 4f:61:d5:bd:f0:86:e9:14:b3:77:92:11:d5:b9:7a:58:6c:b3: |
| 96:16:9b:ac:db:e1:97:f7:5e:f9:58:e7:b3:4b:35:05:e6:aa: |
| a4:ca:a5:1a:48:b0:28:84:81:7f:32:07:39:cd:31:32:b5:c8: |
| da:0c:07:c2:1a:01:26:41:76:26:68:36:50:2c:34:5c:3f:b7: |
| 05:4a:50:d3:37:ec:8c:d1:84:3c:25:f0:d9:ef:5e:0d:b9:b1: |
| f9:d9:d6:3a |
| -----BEGIN CERTIFICATE----- |
| MIIDeDCCAmCgAwIBAgIUUnwZUDnGOA4Un7IXuIH3z/hm0ZIwDQYJKoZIhvcNAQEL |
| BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xNTAxMDExMjAwMDBaFw0xNjAxMDExMjAw |
| MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK |
| AoIBAQDvXz9XAK0tgoFWGcDamHKLf0tPN/LZDrM8e3PTiq1alJw3C7xoS0CsqdEf |
| GzVqdFBrkcIw5aaIh5D03I0JSWo+8P7Pu7M7M8EqLrn7m2rbKqafh0ZqsH2HxmMn |
| zVjnVX3FbNisxxD7bmhAnWm/j6CcNth63PsUSPSWXcIOj+kvHQgTBKAdA3i4ppcV |
| Ew+RTp4YAJaflOatAi7HYMjtUFQCLrJrbtV4f3p0ICD2nPqYF7OP/ZIBPf/mVvpF |
| KEGxPLpK77z/TB7TlrxdpgZ9J9hmE+BAdIOM9InJjYoTt5iIMmxRbBWSHBvn9wim |
| NYG0JL5FEB//yeRNNbdNPK5U0u5vAgMBAAGjgcswgcgwHQYDVR0OBBYEFNJFZGiG |
| jgfyr78L891/YR1La0rNMB8GA1UdIwQYMBaAFNJFZGiGjgfyr78L891/YR1La0rN |
| MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh |
| L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S |
| b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG |
| 9w0BAQsFAAOCAQEAw5NXZO+mFEb9cDFX4i3RhJDGJHdqneSnOfyu9iL4rgTZi5zn |
| wVK0GjmFYjAlSUCGh0hf+/hOGf5oHwcX4qcJhvFJWG4+BEkBhyqSwThFSvrpNvUw |
| dwEqAyuunL28pGFDTKSQl/bYQIsgwn7P7YMIuMVoT6RpgxbFteWao03yT/RROhk/ |
| i4M+BMO/er/PN4YPoXmnv8mce1K5hMqXUYnyJb0VT2HVvfCG6RSzd5IR1bl6WGyz |
| lhabrNvhl/de+Vjns0s1BeaqpMqlGkiwKISBfzIHOc0xMrXI2gwHwhoBJkF2Jmg2 |
| UCw0XD+3BUpQ0zfsjNGEPCXw2e9eDbmx+dnWOg== |
| -----END CERTIFICATE----- |