Google Git
Sign in
boringssl / boringssl / 23824fa0fed94f4660ffafb15aaea8b317f2c8a6 / . / pki / testdata / verify_certificate_chain_unittest / policies-on-root-ok / chain.pem
blob: d243ad69459af138937d0f50b45a9aef4adabdc0 [file] [log] [blame]
[Created by: ./generate-chains.py]
Certificate chain with policies and requireExplicitPolicy, including
policies on the root.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:12:ad:91:9d:43:e6:f6:6c:6e:ad:3b:72:4b:dc:54:82:9a:87:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b8:56:11:e6:4f:80:6b:56:9a:4c:11:bf:0c:6a:
42:ec:59:97:8a:29:4b:55:89:7b:28:f1:80:4e:9f:
fe:01:9b:72:d2:35:96:89:54:ad:db:9e:ae:23:da:
da:9e:1e:5f:7b:4d:a3:f9:c2:93:bd:cb:6a:8a:97:
92:41:62:bd:f5:16:c0:4d:c4:59:98:7c:52:32:62:
45:52:70:4e:48:f7:ac:b7:0e:4c:51:89:04:c3:d6:
ce:12:c7:be:8f:a1:fd:d0:4d:81:86:a5:c2:11:84:
23:1f:de:76:84:d9:70:fb:d7:ad:5b:54:f7:09:fe:
ac:8b:de:4d:cf:a7:d9:dd:23:90:76:3a:de:c3:8b:
5e:b4:3d:6e:2d:87:64:da:0f:a4:f5:34:81:ee:c3:
9a:61:43:56:66:1f:c5:bf:f6:e5:a1:ed:80:49:48:
92:f1:15:b8:f4:07:5c:9d:92:6d:87:19:ca:5c:c8:
55:48:09:ce:f2:e0:af:1e:8b:d5:30:4f:92:b7:a7:
02:84:76:b3:85:81:17:f1:0e:9b:a4:a3:ca:07:3a:
d8:a2:f5:15:40:07:5f:a7:97:27:ca:1d:2c:b8:ff:
c4:0b:43:c1:9e:18:91:fd:01:e7:20:a5:11:b2:db:
71:c2:c9:60:f8:bc:d3:a8:f3:0b:fb:1f:eb:6a:94:
d2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C7:83:51:99:8A:EC:AA:F1:4A:2C:1C:04:C0:37:BD:64:8A:43:47
X509v3 Authority Key Identifier:
CB:C6:A8:3A:83:0E:5B:41:0C:3E:C3:20:48:BF:37:69:DB:5A:DC:87
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies: critical
Policy: 1.2.3.4
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
49:7a:a9:e0:0c:94:e5:f4:5f:63:a4:13:3d:95:d6:01:3b:7a:
55:89:ca:74:25:5e:82:1e:ac:73:d7:b9:a2:a6:b6:cd:c5:05:
47:47:fc:2e:a0:c9:5c:4c:f5:c4:b5:cb:82:cd:71:86:35:41:
3e:43:6f:f6:6f:b9:b3:dc:b5:a8:bd:4b:1c:10:4a:0e:2b:d1:
30:b5:71:6c:9b:26:92:10:78:7f:dd:7d:06:10:d7:76:64:eb:
b7:2e:90:25:9f:f9:f3:7d:d6:92:ad:cf:19:8c:63:c8:3f:8b:
e7:13:36:cf:48:b5:04:bf:95:14:f2:db:65:a3:60:56:94:16:
10:ac:a4:6a:4b:b2:1f:1a:93:c2:0d:d8:1d:4a:a8:cb:31:84:
f1:d6:42:33:3d:52:8a:b2:97:aa:be:1d:3f:28:47:f0:f3:b0:
aa:10:f2:1a:d2:5d:8f:8a:51:9c:14:c0:1f:ba:55:3d:a8:b5:
e2:e4:c6:01:18:17:12:5a:c6:9d:c9:34:b4:7a:43:eb:97:04:
93:6f:e5:10:60:b5:af:cf:68:22:ac:02:cb:86:62:e0:5f:80:
7c:a2:61:4f:14:78:68:86:7b:c1:1c:04:65:2d:36:99:15:08:
f7:dc:69:3d:12:6d:70:c0:0b:06:78:c8:74:84:62:d8:41:85:
9d:a3:2d:61
-----BEGIN CERTIFICATE-----
MIIDtTCCAp2gAwIBAgIUVxKtkZ1D5vZsbq07ckvcVIKah6swDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy
MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuFYR5k+Aa1aaTBG/DGpC7FmXiilLVYl7KPGATp/+AZty
0jWWiVSt256uI9ranh5fe02j+cKTvctqipeSQWK99RbATcRZmHxSMmJFUnBOSPes
tw5MUYkEw9bOEse+j6H90E2BhqXCEYQjH952hNlw+9etW1T3Cf6si95Nz6fZ3SOQ
djrew4tetD1uLYdk2g+k9TSB7sOaYUNWZh/Fv/bloe2ASUiS8RW49AdcnZJthxnK
XMhVSAnO8uCvHovVME+St6cChHazhYEX8Q6bpKPKBzrYovUVQAdfp5cnyh0suP/E
C0PBnhiR/QHnIKURsttxwslg+LzTqPML+x/rapTS+wIDAQABo4H+MIH7MB0GA1Ud
DgQWBBQVx4NRmYrsqvFKLBwEwDe9ZIpDRzAfBgNVHSMEGDAWgBTLxqg6gw5bQQw+
wyBIvzdp21rchzA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEwYDVR0gAQH/BAkwBzAF
BgMqAwQwDQYJKoZIhvcNAQELBQADggEBAEl6qeAMlOX0X2OkEz2V1gE7elWJynQl
XoIerHPXuaKmts3FBUdH/C6gyVxM9cS1y4LNcYY1QT5Db/ZvubPctai9SxwQSg4r
0TC1cWybJpIQeH/dfQYQ13Zk67cukCWf+fN91pKtzxmMY8g/i+cTNs9ItQS/lRTy
22WjYFaUFhCspGpLsh8ak8IN2B1KqMsxhPHWQjM9Uoqyl6q+HT8oR/DzsKoQ8hrS
XY+KUZwUwB+6VT2oteLkxgEYFxJaxp3JNLR6Q+uXBJNv5RBgta/PaCKsAsuGYuBf
gHyiYU8UeGiGe8EcBGUtNpkVCPfcaT0SbXDACwZ4yHSEYthBhZ2jLWE=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:1b:a6:db:3e:59:79:2d:95:4e:a3:37:67:03:a7:c6:1f:54:ba:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b9:0c:ea:12:ab:57:9d:4a:f2:58:74:68:94:60:
14:1e:5f:ff:fc:9d:62:f6:0d:34:6e:e9:2f:ca:d5:
53:29:e6:a3:2f:c0:6b:6e:62:82:b1:5f:26:3d:2d:
98:99:93:7d:6f:f5:1c:cf:54:d3:c4:4b:81:cb:b3:
a5:98:57:bd:fe:7f:19:76:af:99:ef:cc:62:cf:c0:
1c:df:5e:f9:b6:94:49:33:6f:db:ba:bf:5b:e2:20:
87:9d:3f:7e:c2:e7:94:76:3d:8b:7f:a0:49:f1:2d:
30:77:7b:8b:2c:b6:ec:cd:1e:5e:bf:e5:1b:86:dd:
d8:c1:e1:0d:b4:57:f0:aa:0a:58:d4:c3:4d:5b:cb:
bf:0e:f9:c7:23:61:f8:a3:0e:ab:2d:0f:87:1a:4f:
1d:0b:e6:39:0a:0a:35:be:f3:f9:55:f7:87:cd:f7:
7a:d7:18:7d:b7:0c:1f:6a:7a:67:52:55:6d:b8:ed:
87:28:a9:fe:eb:c3:c8:a8:66:bc:33:93:db:9e:20:
44:6b:31:36:b8:15:1b:cf:37:c2:be:9d:45:7c:3d:
d2:13:36:a0:1d:d7:74:52:67:a3:b7:3b:4a:54:01:
c5:6e:72:71:9d:47:39:44:58:27:08:a2:54:15:b5:
27:df:7b:3f:c9:f1:cb:23:be:cf:bd:8e:37:be:f2:
8d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C6:A8:3A:83:0E:5B:41:0C:3E:C3:20:48:BF:37:69:DB:5A:DC:87
X509v3 Authority Key Identifier:
04:CC:EE:85:17:2C:37:4C:D2:D3:08:5A:94:66:EE:5A:FF:A8:79:34
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Certificate Policies: critical
Policy: 1.2.3.4
X509v3 Policy Constraints: critical
Require Explicit Policy:0
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
16:bd:d6:f6:5c:2e:12:33:ce:21:f8:12:59:4a:82:20:2d:05:
88:4f:42:86:53:dc:7f:96:56:ac:cc:e8:23:77:c6:3c:de:ce:
08:2c:f1:ed:26:c7:1f:7d:88:5c:7a:5c:b3:f0:f6:e0:51:41:
0b:3e:7e:c5:09:6e:5c:1e:89:60:08:32:58:4b:c0:c0:9e:be:
e1:1e:43:7d:66:78:5b:fe:f8:38:8d:83:8a:4a:2d:4a:9d:1e:
ba:1b:71:98:ae:9d:cc:4d:1f:13:a2:7a:11:c7:e8:29:2b:c1:
ee:3c:95:eb:5b:97:93:e5:4a:22:c7:04:31:9f:f0:61:f3:bb:
b5:e3:b1:8e:97:c3:c3:50:5a:6d:89:59:9a:a2:19:5a:cc:e8:
2a:01:4c:e2:56:4e:69:5a:61:ce:d6:05:11:4a:66:49:f9:a7:
c5:c2:fd:5f:30:19:0f:e3:79:21:e6:58:fc:a5:10:b5:30:be:
ac:b7:81:31:ce:4e:bd:3a:68:ff:06:1c:ee:1c:b0:dd:fd:13:
47:9e:bb:ef:0b:f5:c8:ed:38:2f:06:32:99:54:d4:0f:dd:45:
e6:ac:04:6b:cc:e1:b7:88:16:ad:bb:09:d0:71:ad:e4:55:b3:
f9:3d:dc:41:72:bc:93:33:1f:3c:8e:d3:d9:6f:e3:17:5e:a8:
a5:c8:89:5a
-----BEGIN CERTIFICATE-----
MIIDpjCCAo6gAwIBAgIUOBum2z5ZeS2VTqM3ZwOnxh9UurgwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkM6hKrV51K8lh0aJRgFB5f//ydYvYNNG7pL8rVUynmoy/A
a25igrFfJj0tmJmTfW/1HM9U08RLgcuzpZhXvf5/GXavme/MYs/AHN9e+baUSTNv
27q/W+Igh50/fsLnlHY9i3+gSfEtMHd7iyy27M0eXr/lG4bd2MHhDbRX8KoKWNTD
TVvLvw75xyNh+KMOqy0PhxpPHQvmOQoKNb7z+VX3h833etcYfbcMH2p6Z1JVbbjt
hyip/uvDyKhmvDOT254gRGsxNrgVG883wr6dRXw90hM2oB3XdFJno7c7SlQBxW5y
cZ1HOURYJwiiVBW1J997P8nxyyO+z72ON77yjY8CAwEAAaOB8TCB7jAdBgNVHQ4E
FgQUy8aoOoMOW0EMPsMgSL83adta3IcwHwYDVR0jBBgwFoAUBMzuhRcsN0zS0wha
lGbuWv+oeTQwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MBMGA1UdIAEB/wQJMAcwBQYDKgMEMA8GA1UdJAEB/wQFMAOAAQAwDQYJKoZIhvcN
AQELBQADggEBABa91vZcLhIzziH4EllKgiAtBYhPQoZT3H+WVqzM6CN3xjzezggs
8e0mxx99iFx6XLPw9uBRQQs+fsUJblweiWAIMlhLwMCevuEeQ31meFv++DiNg4pK
LUqdHrobcZiuncxNHxOiehHH6Ckrwe48letbl5PlSiLHBDGf8GHzu7XjsY6Xw8NQ
Wm2JWZqiGVrM6CoBTOJWTmlaYc7WBRFKZkn5p8XC/V8wGQ/jeSHmWPylELUwvqy3
gTHOTr06aP8GHO4csN39E0eeu+8L9cjtOC8GMplU1A/dReasBGvM4beIFq27CdBx
reRVs/k93EFyvJMzHzyO09lv4xdeqKXIiVo=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:1b:a6:db:3e:59:79:2d:95:4e:a3:37:67:03:a7:c6:1f:54:ba:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a8:ae:84:aa:34:ef:4a:a7:14:8c:a4:e3:d7:7d:
ef:7e:3a:25:72:c0:9c:be:13:87:cd:a0:ae:fc:96:
cb:f7:80:6d:4f:d0:2b:c6:5e:b2:9a:0a:b6:af:ae:
0a:92:93:99:f1:44:d1:ea:bd:01:54:11:4e:04:5f:
00:16:85:81:26:4d:47:44:6b:e2:b7:92:e5:c8:41:
a5:7a:5f:23:c5:4e:7f:db:12:f4:8d:a2:2f:5c:83:
64:b3:6a:fc:f1:36:53:0e:c2:90:88:18:f5:c3:d8:
3d:e7:a6:7f:a0:c7:66:f1:24:aa:80:52:0a:50:96:
c3:14:ae:48:ba:ee:ee:34:9f:7e:99:d4:ee:00:c1:
41:d8:6c:93:ab:2d:11:65:2b:17:cd:6b:f6:80:f2:
66:5b:27:89:7f:92:1c:a6:d0:e1:f4:33:11:b6:7f:
a9:f6:4b:46:eb:2d:3c:8d:7f:7a:fd:cf:dd:43:64:
b0:14:b8:58:05:dc:f7:59:de:1f:c2:af:d6:89:4e:
0e:98:68:21:30:3a:8b:23:00:6c:29:0f:91:fe:99:
d3:ac:fa:76:be:f7:f3:2c:87:e8:44:1b:1f:59:fe:
81:db:70:88:2d:e3:84:65:e8:33:49:03:c3:f0:a1:
39:a5:85:df:58:8d:6d:70:0f:8c:3d:20:fe:f0:ba:
22:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CC:EE:85:17:2C:37:4C:D2:D3:08:5A:94:66:EE:5A:FF:A8:79:34
X509v3 Authority Key Identifier:
04:CC:EE:85:17:2C:37:4C:D2:D3:08:5A:94:66:EE:5A:FF:A8:79:34
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Certificate Policies: critical
Policy: 1.2.3.4
X509v3 Policy Constraints: critical
Require Explicit Policy:0, Inhibit Policy Mapping:0
X509v3 Inhibit Any Policy: critical
0
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
3e:d6:8d:77:e8:e1:83:0b:88:1b:aa:ca:56:aa:c7:4d:58:a2:
8b:24:c6:66:21:ba:95:21:c2:a9:0c:54:09:01:b8:d6:46:e2:
5c:2f:52:5e:f4:b5:a4:2d:5b:2d:10:5e:70:16:7f:0c:a0:93:
ec:25:d0:19:00:33:39:2d:48:1c:23:18:8e:51:ca:95:0a:c7:
72:30:87:13:0f:a6:5b:6d:5c:3f:06:b6:09:f2:64:50:38:b6:
9c:fd:34:3e:9a:18:bd:f6:ca:78:13:7d:5f:06:26:c6:ea:fe:
17:9b:37:6d:94:65:47:37:63:94:16:49:be:a7:02:c5:70:63:
62:1c:40:e4:6c:90:09:b5:88:1a:d2:40:48:9e:e4:a8:32:93:
fb:db:f2:69:23:45:ca:97:b7:97:e6:f4:ff:15:b1:fd:06:30:
87:48:e9:34:5b:33:0f:7b:fd:78:6a:a9:94:35:ed:bd:9d:ca:
b0:c3:79:57:d6:a1:b1:99:35:a3:d3:e1:de:13:d9:72:d1:76:
4d:a0:c0:ae:89:70:3d:31:0c:27:74:49:f5:34:f2:3e:2d:98:
9d:d3:15:81:75:14:3f:90:a8:96:82:9b:90:39:9e:bc:c5:cf:
c9:c9:04:ec:f2:20:27:8d:39:85:3b:9e:27:5c:d3:9b:40:3d:
4e:83:87:ab
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIUOBum2z5ZeS2VTqM3ZwOnxh9UurcwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCoroSqNO9KpxSMpOPXfe9+OiVywJy+E4fNoK78lsv3gG1P0CvGXrKaCrav
rgqSk5nxRNHqvQFUEU4EXwAWhYEmTUdEa+K3kuXIQaV6XyPFTn/bEvSNoi9cg2Sz
avzxNlMOwpCIGPXD2D3npn+gx2bxJKqAUgpQlsMUrki67u40n36Z1O4AwUHYbJOr
LRFlKxfNa/aA8mZbJ4l/khym0OH0MxG2f6n2S0brLTyNf3r9z91DZLAUuFgF3PdZ
3h/Cr9aJTg6YaCEwOosjAGwpD5H+mdOs+na+9/Msh+hEGx9Z/oHbcIgt44Rl6DNJ
A8PwoTmlhd9YjW1wD4w9IP7wuiIZAgMBAAGjggEEMIIBADAdBgNVHQ4EFgQUBMzu
hRcsN0zS0whalGbuWv+oeTQwHwYDVR0jBBgwFoAUBMzuhRcsN0zS0whalGbuWv+o
eTQwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1h
aWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3Js
L1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MBMGA1Ud
IAEB/wQJMAcwBQYDKgMEMBIGA1UdJAEB/wQIMAaAAQCBAQAwDQYDVR02AQH/BAMC
AQAwDQYJKoZIhvcNAQELBQADggEBAD7WjXfo4YMLiBuqylaqx01YooskxmYhupUh
wqkMVAkBuNZG4lwvUl70taQtWy0QXnAWfwygk+wl0BkAMzktSBwjGI5RypUKx3Iw
hxMPplttXD8GtgnyZFA4tpz9ND6aGL32yngTfV8GJsbq/hebN22UZUc3Y5QWSb6n
AsVwY2IcQORskAm1iBrSQEie5Kgyk/vb8mkjRcqXt5fm9P8Vsf0GMIdI6TRbMw97
/XhqqZQ17b2dyrDDeVfWobGZNaPT4d4T2XLRdk2gwK6JcD0xDCd0SfU08j4tmJ3T
FYF1FD+QqJaCm5A5nrzFz8nJBOzyICeNOYU7nidc05tAPU6Dh6s=
-----END CERTIFICATE-----