Google Git
Sign in
boringssl / boringssl.git / 5f924229aa9b85ae74c613081fe27de22384e7ee / . / pki / testdata / verify_certificate_chain_unittest / root-eku-clientauth / chain.pem
blob: f5b8415e3c7e58d00a980a40f32122e10212742b [file] [log] [blame]
[Created by: generate-chains.py]
Certificate chain where the root certificate restricts the extended key
usage to clientAuth.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:30:29:4c:98:1d:55:e4:df:5e:92:14:f6:68:26:ef:11:01:dd:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:64:a7:01:b2:83:6c:47:bc:2d:30:01:f9:43:
8c:fc:cc:6b:7c:a4:c7:1c:78:fa:a8:8c:be:1e:9a:
72:d0:34:1a:56:80:67:67:76:48:8a:9f:c5:3a:68:
9e:53:c2:35:ce:69:7e:4f:d5:c4:fb:0b:91:3c:af:
00:26:f4:bf:77:ca:cd:ec:87:f9:6e:05:9b:0c:93:
1b:f2:6e:c8:10:32:4e:7b:51:1c:22:77:4c:b8:a3:
bd:d6:dc:95:29:9b:4b:b5:d9:ce:ae:91:d8:05:c5:
c5:bf:4a:9c:b7:94:db:d5:a5:e6:b1:44:e1:02:4a:
1a:dc:21:e5:e6:a6:ba:54:2e:2c:3f:40:f5:fd:5c:
79:dd:55:6d:9e:e2:ab:db:3c:67:b4:84:db:ba:86:
fd:a0:b5:d8:8b:d0:b8:bc:8b:77:e9:32:31:51:68:
ee:18:17:09:e2:f1:27:79:ca:3c:72:a8:f3:96:25:
31:24:3a:05:53:d4:89:0a:48:7a:9c:2d:6d:6a:84:
97:df:34:c9:22:7f:d5:05:f2:2c:91:e9:c4:7f:ab:
d0:ae:76:22:64:ae:be:e2:7f:97:08:ec:86:8a:92:
bf:57:f0:22:f7:91:ff:86:17:62:92:e3:80:8b:19:
84:14:60:19:00:91:d6:fe:51:96:77:5b:22:0d:32:
50:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:27:22:F1:C3:94:E3:48:C4:4C:45:0D:D6:4E:1C:6E:CF:9D:1B:1B
X509v3 Authority Key Identifier:
keyid:8F:7C:F8:3A:27:33:C2:AB:96:9E:BD:0F:68:E0:C9:58:BB:0B:7C:F2
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
9b:da:f1:df:bb:7b:45:32:49:30:c9:75:1b:ca:cf:64:0c:3a:
e4:b3:68:73:da:46:87:7b:0f:ad:23:16:43:f6:9c:b3:e4:c1:
6f:ad:32:3b:68:ce:47:c4:cd:70:a4:5d:c3:91:34:1e:ba:c4:
73:e5:25:b4:4c:85:05:32:5b:fe:b4:98:88:f7:c9:aa:96:6d:
b1:ce:cc:3c:51:6c:ab:ec:c7:20:10:47:dc:6f:13:a6:4c:db:
11:02:1f:98:ae:76:9d:75:28:56:f9:26:73:ef:fb:f9:51:d3:
9a:65:21:70:27:f7:47:05:5c:f3:8c:38:6e:f9:58:c7:d3:f2:
3e:8b:3c:3b:ed:b3:ba:0c:ac:c0:43:0a:c0:34:54:f9:9c:4e:
44:76:1e:f5:a6:b6:7b:a7:dd:1b:22:0d:fa:ff:67:1c:d9:1c:
66:9c:4c:30:88:4c:dc:d6:fb:ad:01:ed:5b:3d:aa:98:b7:27:
e6:68:94:33:2e:32:3d:56:33:88:8b:66:2c:91:3b:20:c1:10:
43:e3:89:1c:ee:8a:ea:b0:66:45:6a:1f:23:ab:e1:d3:2c:a8:
48:3a:6b:9d:f0:cd:52:b3:90:1b:a7:46:07:61:59:d9:aa:12:
94:81:67:43:53:3a:6b:00:4e:e8:f3:3f:af:a3:6d:78:00:08:
3a:4a:9f:a9
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIUdzApTJgdVeTfXpIU9mgm7xEB3RUwDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy
MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwGSnAbKDbEe8LTAB+UOM/MxrfKTHHHj6qIy+Hppy0DQa
VoBnZ3ZIip/FOmieU8I1zml+T9XE+wuRPK8AJvS/d8rN7If5bgWbDJMb8m7IEDJO
e1EcIndMuKO91tyVKZtLtdnOrpHYBcXFv0qct5Tb1aXmsUThAkoa3CHl5qa6VC4s
P0D1/Vx53VVtnuKr2zxntITbuob9oLXYi9C4vIt36TIxUWjuGBcJ4vEneco8cqjz
liUxJDoFU9SJCkh6nC1taoSX3zTJIn/VBfIskenEf6vQrnYiZK6+4n+XCOyGipK/
V/Ai95H/hhdikuOAixmEFGAZAJHW/lGWd1siDTJQBwIDAQABo4HpMIHmMB0GA1Ud
DgQWBBToJyLxw5TjSMRMRQ3WThxuz50bGzAfBgNVHSMEGDAWgBSPfPg6JzPCq5ae
vQ9o4MlYuwt88jA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
ggEBAJva8d+7e0UySTDJdRvKz2QMOuSzaHPaRod7D60jFkP2nLPkwW+tMjtozkfE
zXCkXcORNB66xHPlJbRMhQUyW/60mIj3yaqWbbHOzDxRbKvsxyAQR9xvE6ZM2xEC
H5iudp11KFb5JnPv+/lR05plIXAn90cFXPOMOG75WMfT8j6LPDvts7oMrMBDCsA0
VPmcTkR2HvWmtnun3RsiDfr/ZxzZHGacTDCITNzW+60B7Vs9qpi3J+ZolDMuMj1W
M4iLZiyROyDBEEPjiRzuiuqwZkVqHyOr4dMsqEg6a53wzVKzkBunRgdhWdmqEpSB
Z0NTOmsATujzP6+jbXgACDpKn6k=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:cf:d3:d1:65:21:cc:44:8a:0a:5d:79:88:07:16:54:c3:1f:d8:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e7:5f:fa:d0:9d:f1:e1:e4:87:7f:62:7e:1c:
89:02:66:64:9e:d5:a0:81:f3:65:68:d7:8d:02:37:
99:da:e8:85:00:51:b4:69:e9:57:29:09:51:c2:78:
c8:ee:bb:87:62:4a:a8:46:c3:d4:06:e5:f0:c2:33:
68:13:f7:55:c5:44:42:14:1e:d7:65:a4:a1:b6:67:
38:e0:c2:72:65:ee:ad:f5:94:34:93:4f:e9:d8:a5:
93:98:05:34:e5:f6:0f:3b:71:84:39:71:9b:b6:10:
47:37:ef:87:d2:98:29:a4:f1:18:e7:f4:3b:52:af:
34:b1:39:34:9a:49:b4:7a:ed:21:2c:60:b2:01:e8:
cb:b6:ad:f8:00:95:85:a9:87:91:90:05:54:0b:2e:
9d:4c:79:c4:c8:6d:72:ab:23:5b:d0:2b:90:3c:5b:
53:ed:da:56:39:38:37:45:43:17:3d:81:d5:49:97:
23:88:83:9f:bf:86:8d:52:af:3d:86:45:f1:1e:e8:
dd:8f:4f:fe:da:b5:35:cb:e0:02:ba:8e:6b:61:4a:
f2:c6:5d:d7:02:95:71:23:9e:7b:99:96:cf:ac:df:
20:2a:2d:fe:0c:42:72:c6:b8:c3:81:81:3e:a0:8d:
62:41:17:14:f5:24:67:f1:6c:af:c6:0c:94:09:fb:
56:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7C:F8:3A:27:33:C2:AB:96:9E:BD:0F:68:E0:C9:58:BB:0B:7C:F2
X509v3 Authority Key Identifier:
keyid:91:69:0D:94:34:B5:BA:AF:F1:DD:99:22:88:15:2B:83:B1:37:B2:54
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
31:06:ca:84:8d:bf:6c:6b:4f:31:e5:81:f1:ee:62:80:ef:83:
63:8d:56:00:c0:b7:cd:fd:37:8b:99:ea:a1:01:43:99:19:b9:
8b:5e:9e:f4:55:73:9b:1a:2f:33:97:ac:e3:6a:ae:4b:c4:e9:
e2:04:33:29:a8:55:08:af:4e:cc:2a:83:a4:12:af:11:54:62:
d2:19:ad:6b:6d:54:ac:f6:9c:15:77:0b:d4:68:78:5b:2b:04:
0e:82:9a:98:ac:8f:bc:47:de:29:d2:95:6b:ed:8d:29:a2:60:
d8:86:fc:a1:92:18:85:2d:4f:56:27:d2:de:20:87:f7:35:dd:
9d:a1:26:cb:ed:fe:e8:b6:87:b6:8a:eb:7c:bd:04:d5:be:2a:
96:cd:95:f6:16:9b:29:e1:62:0c:a8:ca:6c:fb:70:08:3c:10:
56:bf:e5:c4:57:19:42:87:5f:ef:fb:77:b9:10:62:1e:5f:e7:
35:58:80:30:92:ef:69:ef:2d:dc:f8:30:58:97:28:8d:64:18:
f2:c8:f3:ce:ce:3f:8a:aa:a0:e8:27:95:b9:58:55:88:32:9c:
27:56:71:54:c1:6e:0a:94:2d:0a:e6:70:7e:42:56:6a:b0:eb:
ad:8c:cd:93:6e:20:00:6e:81:8a:18:1b:30:0e:c2:27:f3:74:
67:98:3a:58
-----BEGIN CERTIFICATE-----
MIIDgDCCAmigAwIBAgIUCM/T0WUhzESKCl15iAcWVMMf2GYwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjnX/rQnfHh5Id/Yn4ciQJmZJ7VoIHzZWjXjQI3mdrohQBR
tGnpVykJUcJ4yO67h2JKqEbD1Abl8MIzaBP3VcVEQhQe12WkobZnOODCcmXurfWU
NJNP6dilk5gFNOX2DztxhDlxm7YQRzfvh9KYKaTxGOf0O1KvNLE5NJpJtHrtISxg
sgHoy7at+ACVhamHkZAFVAsunUx5xMhtcqsjW9ArkDxbU+3aVjk4N0VDFz2B1UmX
I4iDn7+GjVKvPYZF8R7o3Y9P/tq1NcvgArqOa2FK8sZd1wKVcSOee5mWz6zfICot
/gxCcsa4w4GBPqCNYkEXFPUkZ/Fsr8YMlAn7VgcCAwEAAaOByzCByDAdBgNVHQ4E
FgQUj3z4OiczwquWnr0PaODJWLsLfPIwHwYDVR0jBBgwFoAUkWkNlDS1uq/x3Zki
iBUrg7E3slQwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MA0GCSqGSIb3DQEBCwUAA4IBAQAxBsqEjb9sa08x5YHx7mKA74NjjVYAwLfN/TeL
meqhAUOZGbmLXp70VXObGi8zl6zjaq5LxOniBDMpqFUIr07MKoOkEq8RVGLSGa1r
bVSs9pwVdwvUaHhbKwQOgpqYrI+8R94p0pVr7Y0pomDYhvyhkhiFLU9WJ9LeIIf3
Nd2doSbL7f7otoe2iut8vQTVviqWzZX2Fpsp4WIMqMps+3AIPBBWv+XEVxlCh1/v
+3e5EGIeX+c1WIAwku9p7y3c+DBYlyiNZBjyyPPOzj+KqqDoJ5W5WFWIMpwnVnFU
wW4KlC0K5nB+QlZqsOutjM2TbiAAboGKGBswDsIn83RnmDpY
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:cf:d3:d1:65:21:cc:44:8a:0a:5d:79:88:07:16:54:c3:1f:d8:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9d:d7:d1:a5:91:6e:5d:17:d4:89:85:95:b8:
cf:e3:e3:fb:94:dd:cc:c0:99:59:24:ac:c0:4d:cc:
4b:37:88:38:3c:a1:60:06:96:8d:1b:6b:e7:2b:b8:
71:9e:54:4b:cd:c4:4d:93:b6:3b:3f:7a:a2:c6:3b:
ea:9f:36:8d:e5:b0:0f:9e:27:58:7c:f8:fb:6f:e8:
ae:0c:bb:69:02:60:21:d1:bd:dc:e1:33:23:8d:c5:
5f:dc:ff:33:71:95:98:77:07:69:c0:71:2a:bf:62:
eb:b6:e5:cc:2e:3a:98:1c:7b:a4:a7:cb:ba:e5:ab:
22:32:fb:d5:03:1a:03:b7:d1:9f:d9:56:69:ae:b1:
51:e7:8d:06:ca:2a:f9:25:43:af:92:a1:f7:40:60:
85:5a:33:67:2a:62:ad:6e:4a:9a:02:1b:c4:e3:89:
38:d3:06:eb:a3:8c:ce:a8:c8:49:5a:4e:08:b2:7e:
00:16:92:60:4b:ff:77:2d:53:e7:2c:f3:2c:51:b3:
16:87:67:28:43:10:d3:6c:d6:c2:96:97:a3:c8:8e:
0b:ae:f1:56:13:bb:1b:ca:7f:2d:59:cc:37:fc:47:
9d:f7:c9:0a:66:19:87:3d:13:66:50:0b:52:0d:13:
33:6c:0b:fc:fb:88:cf:34:7b:9f:6f:6e:7e:36:ac:
ec:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:69:0D:94:34:B5:BA:AF:F1:DD:99:22:88:15:2B:83:B1:37:B2:54
X509v3 Authority Key Identifier:
keyid:91:69:0D:94:34:B5:BA:AF:F1:DD:99:22:88:15:2B:83:B1:37:B2:54
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Extended Key Usage:
TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
41:b1:b7:39:9a:c9:11:6c:57:42:5d:fa:b6:0f:4d:97:e8:37:
82:fb:f7:b0:ff:db:1c:78:73:17:f3:cf:9f:15:b0:c8:6d:16:
6f:a6:0b:5f:ea:f8:58:73:ad:37:74:f9:f4:8e:6e:db:6b:21:
98:10:80:0c:2d:b5:de:d2:73:74:02:67:8b:0b:eb:40:92:f5:
da:66:a4:dd:84:ce:db:49:47:71:bd:24:b2:5c:b7:03:2f:52:
9f:65:f2:9e:ab:13:09:76:a4:c8:94:3a:30:b1:5f:43:9a:af:
86:c9:e8:e2:37:24:be:b4:d1:ab:34:45:df:3f:77:ff:cd:71:
5d:de:7b:33:6e:60:04:45:d2:31:3e:3d:3f:5a:2e:bc:2e:00:
a2:67:3c:70:8e:90:b1:b5:d2:f7:1e:1b:23:2a:d6:0a:4e:26:
98:35:e0:3b:2d:82:94:ce:b6:a3:1f:5f:67:e2:96:af:c6:89:
ed:28:47:9b:48:47:58:dc:fc:6a:7f:49:2b:6f:0e:6b:40:40:
68:ec:53:fb:ef:16:55:1c:1d:77:1a:49:8f:13:0a:c6:06:16:
09:0d:08:e4:12:ff:cb:a2:0e:42:18:fc:a8:5a:04:e3:72:09:
2b:01:5f:1f:63:b8:aa:51:dd:ae:b6:13:f1:24:2c:b6:1c:87:
95:70:db:97
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIUCM/T0WUhzESKCl15iAcWVMMf2GUwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvndfRpZFuXRfUiYWVuM/j4/uU3czAmVkkrMBNzEs3iDg8oWAGlo0ba+cr
uHGeVEvNxE2Ttjs/eqLGO+qfNo3lsA+eJ1h8+Ptv6K4Mu2kCYCHRvdzhMyONxV/c
/zNxlZh3B2nAcSq/Yuu25cwuOpgce6Sny7rlqyIy+9UDGgO30Z/ZVmmusVHnjQbK
KvklQ6+SofdAYIVaM2cqYq1uSpoCG8TjiTjTBuujjM6oyElaTgiyfgAWkmBL/3ct
U+cs8yxRsxaHZyhDENNs1sKWl6PIjguu8VYTuxvKfy1ZzDf8R533yQpmGYc9E2ZQ
C1INEzNsC/z7iM80e59vbn42rOw5AgMBAAGjgeAwgd0wHQYDVR0OBBYEFJFpDZQ0
tbqv8d2ZIogVK4OxN7JUMB8GA1UdIwQYMBaAFJFpDZQ0tbqv8d2ZIogVK4OxN7JU
MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zATBgNVHSUE
DDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAQbG3OZrJEWxXQl36tg9N
l+g3gvv3sP/bHHhzF/PPnxWwyG0Wb6YLX+r4WHOtN3T59I5u22shmBCADC213tJz
dAJniwvrQJL12mak3YTO20lHcb0ksly3Ay9Sn2XynqsTCXakyJQ6MLFfQ5qvhsno
4jckvrTRqzRF3z93/81xXd57M25gBEXSMT49P1ouvC4Aomc8cI6QsbXS9x4bIyrW
Ck4mmDXgOy2ClM62ox9fZ+KWr8aJ7ShHm0hHWNz8an9JK28Oa0BAaOxT++8WVRwd
dxpJjxMKxgYWCQ0I5BL/y6IOQhj8qFoE43IJKwFfH2O4qlHdrrYT8SQsthyHlXDb
lw==
-----END CERTIFICATE-----