| OLD | NEW |
| (Empty) | |
| 1 [Created by: generate-unknown-root.py] |
| 2 |
| 3 Simple certificate chain with 1 intermediary, but the root is |
| 4 not in trust store |
| 5 |
| 6 Certificate: |
| 7 Data: |
| 8 Version: 3 (0x2) |
| 9 Serial Number: 1 (0x1) |
| 10 Signature Algorithm: sha256WithRSAEncryption |
| 11 Issuer: CN=Intermediary |
| 12 Validity |
| 13 Not Before: Jan 1 12:00:00 2015 GMT |
| 14 Not After : Jan 1 12:00:00 2016 GMT |
| 15 Subject: CN=Target |
| 16 Subject Public Key Info: |
| 17 Public Key Algorithm: rsaEncryption |
| 18 Public-Key: (2048 bit) |
| 19 Modulus: |
| 20 00:c7:8c:d0:f4:d8:e0:91:bf:28:7b:b6:eb:56:cb: |
| 21 94:16:d3:e6:e3:33:17:8d:e1:7c:c3:7c:a1:2b:40: |
| 22 93:50:62:01:7f:77:e4:71:a0:06:72:d9:87:74:17: |
| 23 57:a5:68:af:8d:55:ef:66:08:80:dd:c4:05:a6:b3: |
| 24 18:be:80:ef:c4:b2:f4:ec:09:d0:a9:70:31:13:ff: |
| 25 a2:e3:2b:8c:3c:32:d2:97:76:12:ba:6f:de:4c:58: |
| 26 67:c2:d3:c3:2c:65:4e:df:47:23:2d:04:db:bc:f6: |
| 27 f0:4c:d2:9d:2a:cf:c3:a5:46:b9:48:4f:34:aa:c4: |
| 28 6a:d9:b6:ff:48:e4:67:e9:a5:1e:0d:f9:13:85:3c: |
| 29 5d:dd:3d:28:9d:b4:d4:7b:32:45:d6:52:a3:5a:2b: |
| 30 f8:09:05:bc:e2:f8:7a:88:34:e4:26:2e:f3:d3:55: |
| 31 66:73:3f:c1:96:76:d4:09:63:52:29:bf:11:bc:ec: |
| 32 e5:d7:5b:66:d2:79:36:75:f2:9e:e8:a9:a7:92:4e: |
| 33 61:06:01:6f:89:04:d8:10:47:ad:41:94:b2:52:54: |
| 34 65:6e:f7:c8:66:a2:a2:83:f6:3a:b9:3e:40:32:37: |
| 35 9c:ce:23:71:03:43:ae:18:61:cc:64:fb:5d:41:05: |
| 36 75:e4:a8:ab:c6:f8:e3:2a:ca:00:e1:1e:44:be:ff: |
| 37 cc:c3 |
| 38 Exponent: 65537 (0x10001) |
| 39 X509v3 extensions: |
| 40 X509v3 Subject Key Identifier: |
| 41 DD:45:C9:D7:30:0E:AE:FB:E7:4E:E4:6B:EE:99:70:3F:6E:7C:13:1B |
| 42 X509v3 Authority Key Identifier: |
| 43 keyid:9B:A3:12:76:6B:07:AA:89:D5:53:F3:C1:C6:BB:7E:9E:90:C4:9D:3
7 |
| 44 |
| 45 Authority Information Access: |
| 46 CA Issuers - URI:http://url-for-aia/Intermediary.cer |
| 47 |
| 48 X509v3 CRL Distribution Points: |
| 49 |
| 50 Full Name: |
| 51 URI:http://url-for-crl/Intermediary.crl |
| 52 |
| 53 X509v3 Key Usage: critical |
| 54 Digital Signature, Key Encipherment |
| 55 X509v3 Extended Key Usage: |
| 56 TLS Web Server Authentication, TLS Web Client Authentication |
| 57 Signature Algorithm: sha256WithRSAEncryption |
| 58 3e:18:07:64:6e:c5:0c:f5:90:6b:2d:c1:f4:c0:43:86:70:9e: |
| 59 02:80:f1:7c:ac:f1:1f:df:a7:e3:c5:0f:cd:54:5f:15:be:ba: |
| 60 e3:78:81:f7:9a:31:f7:57:b8:df:40:35:6d:5a:92:93:04:0f: |
| 61 93:ff:2a:1c:b3:bd:44:cf:a5:fe:52:8a:15:26:7a:0c:af:9f: |
| 62 1f:8f:5b:df:57:c9:64:b1:fe:55:50:35:63:94:b2:c9:70:1c: |
| 63 4c:0b:e4:0b:47:53:0a:bb:0a:86:32:70:e0:fa:de:b6:23:5f: |
| 64 18:15:35:9c:09:45:4b:c6:4c:61:7a:cd:e1:7f:44:9e:97:e7: |
| 65 12:53:01:c1:31:28:8f:2c:cb:6a:32:3c:1a:61:91:7d:bc:9c: |
| 66 9e:f8:58:cf:c9:5a:91:7e:db:55:28:06:24:f7:73:97:a5:e6: |
| 67 7b:0f:18:67:85:41:3d:09:74:00:a7:c3:9b:b2:b5:8a:9f:45: |
| 68 38:55:b7:78:6e:7b:4b:a4:c7:0e:6e:af:4e:bd:93:4a:bc:f5: |
| 69 2b:81:cb:00:1b:1d:70:ec:a2:87:c1:ae:ce:f4:a0:e8:b7:bd: |
| 70 a0:3f:3c:a1:b9:5a:3a:b6:20:22:f3:b5:d8:b8:58:76:f3:86: |
| 71 f2:84:81:49:8d:ce:f3:af:cb:3c:09:ef:91:a1:e0:a2:6e:6a: |
| 72 7a:31:31:ae |
| 73 -----BEGIN CERTIFICATE----- |
| 74 MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| 75 cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| 76 VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHjND0 |
| 77 2OCRvyh7tutWy5QW0+bjMxeN4XzDfKErQJNQYgF/d+RxoAZy2Yd0F1elaK+NVe9m |
| 78 CIDdxAWmsxi+gO/EsvTsCdCpcDET/6LjK4w8MtKXdhK6b95MWGfC08MsZU7fRyMt |
| 79 BNu89vBM0p0qz8OlRrlITzSqxGrZtv9I5GfppR4N+ROFPF3dPSidtNR7MkXWUqNa |
| 80 K/gJBbzi+HqINOQmLvPTVWZzP8GWdtQJY1IpvxG87OXXW2bSeTZ18p7oqaeSTmEG |
| 81 AW+JBNgQR61BlLJSVGVu98hmoqKD9jq5PkAyN5zOI3EDQ64YYcxk+11BBXXkqKvG |
| 82 +OMqygDhHkS+/8zDAgMBAAGjgekwgeYwHQYDVR0OBBYEFN1FydcwDq77507ka+6Z |
| 83 cD9ufBMbMB8GA1UdIwQYMBaAFJujEnZrB6qJ1VPzwca7fp6QxJ03MD8GCCsGAQUF |
| 84 BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| 85 aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| 86 dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| 87 BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAPhgHZG7FDPWQay3B9MBD |
| 88 hnCeAoDxfKzxH9+n48UPzVRfFb6643iB95ox91e430A1bVqSkwQPk/8qHLO9RM+l |
| 89 /lKKFSZ6DK+fH49b31fJZLH+VVA1Y5SyyXAcTAvkC0dTCrsKhjJw4PretiNfGBU1 |
| 90 nAlFS8ZMYXrN4X9EnpfnElMBwTEojyzLajI8GmGRfbycnvhYz8lakX7bVSgGJPdz |
| 91 l6Xmew8YZ4VBPQl0AKfDm7K1ip9FOFW3eG57S6THDm6vTr2TSrz1K4HLABsdcOyi |
| 92 h8GuzvSg6Le9oD88oblaOrYgIvO12LhYdvOG8oSBSY3O86/LPAnvkaHgom5qejEx |
| 93 rg== |
| 94 -----END CERTIFICATE----- |
| 95 |
| 96 Certificate: |
| 97 Data: |
| 98 Version: 3 (0x2) |
| 99 Serial Number: 2 (0x2) |
| 100 Signature Algorithm: sha256WithRSAEncryption |
| 101 Issuer: CN=Root |
| 102 Validity |
| 103 Not Before: Jan 1 12:00:00 2015 GMT |
| 104 Not After : Jan 1 12:00:00 2016 GMT |
| 105 Subject: CN=Intermediary |
| 106 Subject Public Key Info: |
| 107 Public Key Algorithm: rsaEncryption |
| 108 Public-Key: (2048 bit) |
| 109 Modulus: |
| 110 00:bf:9c:b5:90:7c:32:e7:16:88:ff:a5:9a:e3:5d: |
| 111 85:f9:82:c8:4c:b3:c7:01:11:8c:b8:f9:a2:2b:d2: |
| 112 f4:09:5e:d4:b6:42:ac:2f:a0:54:ec:34:31:95:e8: |
| 113 14:b7:a3:50:59:23:7d:cc:a5:93:e4:f6:da:5a:1f: |
| 114 4a:9e:e5:12:d6:28:52:d8:d3:b4:bf:35:3a:70:cf: |
| 115 76:af:96:53:c4:a0:30:ab:c5:f0:a8:cd:20:19:77: |
| 116 d1:77:56:47:d9:a7:88:af:bf:0b:a4:d9:11:d1:a8: |
| 117 58:79:74:63:40:67:30:25:3a:78:53:0d:dd:63:32: |
| 118 2c:62:c3:26:1b:67:56:c9:55:31:90:13:17:09:43: |
| 119 8c:a4:40:f7:b0:2f:4b:0b:1b:b0:db:ba:cc:f4:ce: |
| 120 7e:66:2d:1c:0f:e9:ae:75:8e:c7:8f:cf:d6:dc:c7: |
| 121 42:ba:aa:8b:11:c6:ea:91:05:79:a4:79:6c:fd:56: |
| 122 ed:54:b9:ec:82:3b:d6:d3:e4:93:da:f4:46:c9:d4: |
| 123 87:13:28:e0:ff:76:9b:1d:25:9b:bd:6b:c7:f3:1b: |
| 124 15:71:55:22:02:90:4c:fc:29:6f:63:5a:26:29:af: |
| 125 2a:d0:aa:22:2d:43:12:18:ae:6e:96:bf:1e:9b:f2: |
| 126 d1:98:43:a5:45:1b:8d:81:b1:a5:d2:58:7e:22:ca: |
| 127 f4:d7 |
| 128 Exponent: 65537 (0x10001) |
| 129 X509v3 extensions: |
| 130 X509v3 Subject Key Identifier: |
| 131 9B:A3:12:76:6B:07:AA:89:D5:53:F3:C1:C6:BB:7E:9E:90:C4:9D:37 |
| 132 X509v3 Authority Key Identifier: |
| 133 keyid:BE:CC:9A:58:24:CB:78:F1:07:49:A4:F1:CF:4C:5F:BA:23:21:77:1
2 |
| 134 |
| 135 Authority Information Access: |
| 136 CA Issuers - URI:http://url-for-aia/Root.cer |
| 137 |
| 138 X509v3 CRL Distribution Points: |
| 139 |
| 140 Full Name: |
| 141 URI:http://url-for-crl/Root.crl |
| 142 |
| 143 X509v3 Key Usage: critical |
| 144 Certificate Sign, CRL Sign |
| 145 X509v3 Basic Constraints: critical |
| 146 CA:TRUE |
| 147 Signature Algorithm: sha256WithRSAEncryption |
| 148 33:4c:8f:5d:d7:5c:8d:ef:e9:15:b4:2a:8a:be:0b:17:56:e1: |
| 149 ce:71:03:4f:03:94:81:23:6e:4f:fc:08:b4:d0:4d:8a:75:bc: |
| 150 66:49:4f:c5:34:be:18:d4:2d:b8:00:dd:40:7e:96:f5:59:db: |
| 151 80:19:ad:63:bf:66:67:02:d5:9a:ce:10:f9:41:a2:2c:ac:9b: |
| 152 2d:56:c8:d5:df:57:c8:07:33:7f:8d:70:65:86:ae:ff:7a:2a: |
| 153 45:12:41:93:47:ea:0b:4b:68:0f:04:ee:bc:c5:25:b7:d4:2c: |
| 154 c7:b8:92:93:78:14:4e:48:c8:0a:8d:b3:e8:3a:9f:63:2e:92: |
| 155 9c:d5:f2:bb:a1:f6:cb:fb:fa:2d:e8:74:e7:e4:3c:50:4c:3b: |
| 156 23:ae:10:81:b0:75:7d:38:c8:75:4c:e0:4f:67:85:e6:24:f8: |
| 157 14:70:93:cf:e1:fc:a5:20:73:ac:e3:e1:43:7f:33:16:8d:48: |
| 158 ad:43:88:0d:e2:18:eb:62:e9:8d:32:3b:9b:df:1e:25:d1:41: |
| 159 c6:7f:37:b5:5e:66:12:38:67:fb:d5:d8:cb:da:d1:69:19:8a: |
| 160 08:dd:25:c1:58:b0:c7:7a:57:8d:9b:7f:ff:ef:5d:4f:71:bd: |
| 161 a3:4f:d7:61:58:c8:93:03:e9:41:72:86:d6:df:b6:65:24:ea: |
| 162 31:ad:0f:26 |
| 163 -----BEGIN CERTIFICATE----- |
| 164 MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| 165 MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| 166 ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5y1kHwy |
| 167 5xaI/6Wa412F+YLITLPHARGMuPmiK9L0CV7UtkKsL6BU7DQxlegUt6NQWSN9zKWT |
| 168 5PbaWh9KnuUS1ihS2NO0vzU6cM92r5ZTxKAwq8XwqM0gGXfRd1ZH2aeIr78LpNkR |
| 169 0ahYeXRjQGcwJTp4Uw3dYzIsYsMmG2dWyVUxkBMXCUOMpED3sC9LCxuw27rM9M5+ |
| 170 Zi0cD+mudY7Hj8/W3MdCuqqLEcbqkQV5pHls/VbtVLnsgjvW0+ST2vRGydSHEyjg |
| 171 /3abHSWbvWvH8xsVcVUiApBM/ClvY1omKa8q0KoiLUMSGK5ulr8em/LRmEOlRRuN |
| 172 gbGl0lh+Isr01wIDAQABo4HLMIHIMB0GA1UdDgQWBBSboxJ2aweqidVT88HGu36e |
| 173 kMSdNzAfBgNVHSMEGDAWgBS+zJpYJMt48QdJpPHPTF+6IyF3EjA3BggrBgEFBQcB |
| 174 AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| 175 BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| 176 VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB |
| 177 ADNMj13XXI3v6RW0Koq+CxdW4c5xA08DlIEjbk/8CLTQTYp1vGZJT8U0vhjULbgA |
| 178 3UB+lvVZ24AZrWO/ZmcC1ZrOEPlBoiysmy1WyNXfV8gHM3+NcGWGrv96KkUSQZNH |
| 179 6gtLaA8E7rzFJbfULMe4kpN4FE5IyAqNs+g6n2MukpzV8ruh9sv7+i3odOfkPFBM |
| 180 OyOuEIGwdX04yHVM4E9nheYk+BRwk8/h/KUgc6zj4UN/MxaNSK1DiA3iGOti6Y0y |
| 181 O5vfHiXRQcZ/N7VeZhI4Z/vV2Mva0WkZigjdJcFYsMd6V42bf//vXU9xvaNP12FY |
| 182 yJMD6UFyhtbftmUk6jGtDyY= |
| 183 -----END CERTIFICATE----- |
| 184 |
| 185 -----BEGIN TIME----- |
| 186 MTYwMzAyMTIwMDAwWg== |
| 187 -----END TIME----- |
| 188 |
| 189 -----BEGIN VERIFY_RESULT----- |
| 190 RkFJTA== |
| 191 -----END VERIFY_RESULT----- |
| OLD | NEW |