OLD | NEW |
(Empty) | |
| 1 [Created by: ./generate-key-rollover.py] |
| 2 |
| 3 A certificate tree with two self-signed root certificates(oldroot, newroot), |
| 4 and a third root certificate (newrootrollover) which has the same key as newroot |
| 5 but is signed by oldroot, all with the same subject and issuer. |
| 6 There are two intermediates with the same key, subject and issuer |
| 7 (oldintermediary signed by oldroot, and newintermediary signed by newroot). |
| 8 The target certificate is signed by the intermediate key. |
| 9 |
| 10 |
| 11 In graphical form: |
| 12 |
| 13 oldroot-------->newrootrollover newroot |
| 14 | | | |
| 15 v v v |
| 16 oldintermediary newintermediary |
| 17 | | |
| 18 +------------+-------------+ |
| 19 | |
| 20 v |
| 21 target |
| 22 |
| 23 |
| 24 Several chains are output: |
| 25 key-rollover-oldchain.pem: |
| 26 target<-oldintermediary<-oldroot |
| 27 key-rollover-rolloverchain.pem: |
| 28 target<-newintermediary<-newrootrollover<-oldroot |
| 29 key-rollover-longrolloverchain.pem: |
| 30 target<-newintermediary<-newroot<-newrootrollover<-oldroot |
| 31 key-rollover-newchain.pem: |
| 32 target<-newintermediary<-newroot |
| 33 |
| 34 All of these chains should verify successfully. |
| 35 |
| 36 |
| 37 Certificate: |
| 38 Data: |
| 39 Version: 3 (0x2) |
| 40 Serial Number: 1 (0x1) |
| 41 Signature Algorithm: sha256WithRSAEncryption |
| 42 Issuer: CN=Intermediary |
| 43 Validity |
| 44 Not Before: Jan 1 12:00:00 2015 GMT |
| 45 Not After : Jan 1 12:00:00 2016 GMT |
| 46 Subject: CN=Target |
| 47 Subject Public Key Info: |
| 48 Public Key Algorithm: rsaEncryption |
| 49 Public-Key: (2048 bit) |
| 50 Modulus: |
| 51 00:e0:75:a4:9a:ce:70:cc:22:41:4b:d4:cd:76:ae: |
| 52 35:80:a5:38:11:fa:47:a0:a2:5a:86:d3:9e:48:10: |
| 53 24:b0:23:7e:69:5c:fc:96:b2:ef:6f:fa:24:45:e4: |
| 54 de:4e:dd:e4:0d:43:78:5a:51:49:5d:21:53:e1:91: |
| 55 7f:7a:4c:60:64:81:8e:fe:bc:6f:e6:f4:59:a6:ce: |
| 56 9c:2a:0f:97:a4:79:77:87:c7:6e:b5:24:44:e0:43: |
| 57 fa:39:47:46:71:01:92:c4:db:3c:35:5d:dd:38:02: |
| 58 5c:2a:27:cb:ca:0c:16:f9:72:31:61:d2:7c:df:c2: |
| 59 cb:06:b0:77:bc:42:48:07:af:ef:7b:81:50:dd:70: |
| 60 b0:cd:50:6c:2d:09:6e:56:98:56:09:b9:70:e0:10: |
| 61 a2:b7:d4:71:47:15:6b:53:f8:82:1a:58:76:dc:67: |
| 62 2a:9b:84:0b:a7:7f:d5:ba:96:34:3b:cb:72:88:e8: |
| 63 c5:d7:d1:0d:2e:4d:32:2f:58:e6:ff:16:94:22:5b: |
| 64 61:5d:4d:86:31:0d:cb:2a:62:7c:5b:fa:34:79:83: |
| 65 06:49:f5:15:92:de:b7:19:30:52:47:03:4e:ff:46: |
| 66 d6:cc:30:f8:86:a8:4c:59:cc:31:16:61:28:11:3e: |
| 67 ae:1e:a9:74:ed:07:74:a9:93:bb:24:de:06:06:1f: |
| 68 2d:3b |
| 69 Exponent: 65537 (0x10001) |
| 70 X509v3 extensions: |
| 71 X509v3 Subject Key Identifier: |
| 72 45:5B:76:CB:6D:E0:6D:3A:63:9A:BA:E6:9A:18:CD:8A:9D:17:EE:44 |
| 73 X509v3 Authority Key Identifier: |
| 74 keyid:95:21:87:1E:BA:A9:30:13:5B:61:C0:A9:0C:4C:76:8E:A8:53:35:2
6 |
| 75 |
| 76 Authority Information Access: |
| 77 CA Issuers - URI:http://url-for-aia/Intermediary.cer |
| 78 |
| 79 X509v3 CRL Distribution Points: |
| 80 |
| 81 Full Name: |
| 82 URI:http://url-for-crl/Intermediary.crl |
| 83 |
| 84 X509v3 Key Usage: critical |
| 85 Digital Signature, Key Encipherment |
| 86 X509v3 Extended Key Usage: |
| 87 TLS Web Server Authentication, TLS Web Client Authentication |
| 88 Signature Algorithm: sha256WithRSAEncryption |
| 89 7e:20:1b:56:3d:05:91:c1:d0:e7:23:5c:79:43:4a:07:70:6a: |
| 90 77:b2:ee:c4:f2:ee:b2:d0:b9:c6:1c:e5:f3:cf:7b:af:93:3e: |
| 91 d9:5f:fa:57:73:7e:31:75:e4:77:38:af:b0:df:dd:db:11:f5: |
| 92 e4:25:cf:3d:51:fa:1b:b5:78:76:61:97:7c:37:26:ce:3d:f3: |
| 93 96:9c:b6:bb:e2:be:d6:71:b6:2e:41:f9:31:d5:2f:de:4f:ad: |
| 94 27:93:1f:ab:79:9c:5a:61:b9:f8:6c:d1:24:6f:2d:9e:68:5f: |
| 95 64:30:ac:dd:5a:0f:9e:1f:97:c6:99:5f:2f:e3:ad:3f:2d:4c: |
| 96 68:d3:08:68:c5:39:18:0f:87:ce:a1:4a:25:c7:35:52:3f:a5: |
| 97 f7:03:4a:09:5f:10:8a:84:f1:c6:ab:fa:b6:f2:23:f7:e4:60: |
| 98 87:c7:79:24:4d:73:bb:f4:19:b8:8d:02:1a:47:09:fb:21:8b: |
| 99 77:3c:08:05:88:c1:a5:c8:55:a5:ed:9f:88:9f:2a:db:78:dc: |
| 100 0f:bc:87:ac:b3:30:5b:f5:06:c9:0e:c3:6d:e3:6b:aa:bf:56: |
| 101 98:da:ce:c5:32:36:1a:1e:79:9f:3c:ab:af:86:87:7a:e9:8c: |
| 102 c1:d0:ae:5a:9a:3c:7e:49:d0:cd:18:77:05:b4:d4:67:61:d8: |
| 103 73:06:52:79 |
| 104 -----BEGIN CERTIFICATE----- |
| 105 MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| 106 cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD |
| 107 VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgdaSa |
| 108 znDMIkFL1M12rjWApTgR+kegolqG055IECSwI35pXPyWsu9v+iRF5N5O3eQNQ3ha |
| 109 UUldIVPhkX96TGBkgY7+vG/m9FmmzpwqD5ekeXeHx261JETgQ/o5R0ZxAZLE2zw1 |
| 110 Xd04AlwqJ8vKDBb5cjFh0nzfwssGsHe8QkgHr+97gVDdcLDNUGwtCW5WmFYJuXDg |
| 111 EKK31HFHFWtT+IIaWHbcZyqbhAunf9W6ljQ7y3KI6MXX0Q0uTTIvWOb/FpQiW2Fd |
| 112 TYYxDcsqYnxb+jR5gwZJ9RWS3rcZMFJHA07/RtbMMPiGqExZzDEWYSgRPq4eqXTt |
| 113 B3Spk7sk3gYGHy07AgMBAAGjgekwgeYwHQYDVR0OBBYEFEVbdstt4G06Y5q65poY |
| 114 zYqdF+5EMB8GA1UdIwQYMBaAFJUhhx66qTATW2HAqQxMdo6oUzUmMD8GCCsGAQUF |
| 115 BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk |
| 116 aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu |
| 117 dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF |
| 118 BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAfiAbVj0FkcHQ5yNceUNK |
| 119 B3Bqd7LuxPLustC5xhzl8897r5M+2V/6V3N+MXXkdzivsN/d2xH15CXPPVH6G7V4 |
| 120 dmGXfDcmzj3zlpy2u+K+1nG2LkH5MdUv3k+tJ5Mfq3mcWmG5+GzRJG8tnmhfZDCs |
| 121 3VoPnh+XxplfL+OtPy1MaNMIaMU5GA+HzqFKJcc1Uj+l9wNKCV8QioTxxqv6tvIj |
| 122 9+Rgh8d5JE1zu/QZuI0CGkcJ+yGLdzwIBYjBpchVpe2fiJ8q23jcD7yHrLMwW/UG |
| 123 yQ7DbeNrqr9WmNrOxTI2Gh55nzyrr4aHeumMwdCuWpo8fknQzRh3BbTUZ2HYcwZS |
| 124 eQ== |
| 125 -----END CERTIFICATE----- |
| 126 |
| 127 Certificate: |
| 128 Data: |
| 129 Version: 3 (0x2) |
| 130 Serial Number: 2 (0x2) |
| 131 Signature Algorithm: sha256WithRSAEncryption |
| 132 Issuer: CN=Root |
| 133 Validity |
| 134 Not Before: Jan 2 12:00:00 2015 GMT |
| 135 Not After : Jan 1 12:00:00 2016 GMT |
| 136 Subject: CN=Intermediary |
| 137 Subject Public Key Info: |
| 138 Public Key Algorithm: rsaEncryption |
| 139 Public-Key: (2048 bit) |
| 140 Modulus: |
| 141 00:bd:f6:aa:4f:a5:b1:3a:df:2a:b2:9b:04:74:fc: |
| 142 f1:0f:c5:d4:1f:d3:b6:93:7e:be:17:c1:60:cd:da: |
| 143 d1:a0:2e:f9:05:51:35:54:2a:51:14:41:28:ce:f9: |
| 144 0b:7b:fb:d8:df:61:ff:16:f2:00:ce:7c:20:cd:af: |
| 145 92:15:2e:32:e9:77:1e:81:b7:0f:86:61:3b:83:d7: |
| 146 1d:40:13:66:9f:83:8c:1f:51:cf:b3:d4:af:53:b9: |
| 147 0a:dc:52:71:ec:53:ad:0e:36:2d:aa:20:59:5c:3c: |
| 148 3b:5d:84:fc:e9:3f:90:8b:9c:24:e3:25:60:01:84: |
| 149 3c:ec:a7:48:66:da:b2:e2:32:f6:0d:d7:99:8d:b6: |
| 150 97:f7:d1:92:5d:57:26:f7:f4:fe:a8:2e:92:a7:6f: |
| 151 a6:84:59:f4:b2:66:ac:73:a4:de:27:8d:9c:a7:4a: |
| 152 67:6c:64:7d:92:36:1a:e7:62:bf:34:9f:12:97:f2: |
| 153 77:2b:8e:f6:5e:28:a0:52:3d:01:5c:c4:11:77:78: |
| 154 59:db:c2:76:da:f6:9c:f8:27:55:4c:4c:3f:55:c8: |
| 155 3c:34:f4:98:9e:2e:c8:f5:6a:69:ff:75:66:e4:25: |
| 156 e8:d0:85:76:16:0a:df:7a:53:f7:40:e0:11:28:1f: |
| 157 cc:cd:0b:d4:ce:fa:7f:41:f2:54:47:fa:bd:6d:07: |
| 158 a8:85 |
| 159 Exponent: 65537 (0x10001) |
| 160 X509v3 extensions: |
| 161 X509v3 Subject Key Identifier: |
| 162 95:21:87:1E:BA:A9:30:13:5B:61:C0:A9:0C:4C:76:8E:A8:53:35:26 |
| 163 X509v3 Authority Key Identifier: |
| 164 keyid:D7:32:56:4A:55:77:36:2A:CD:B8:19:6E:32:13:40:97:54:87:C1:4
1 |
| 165 |
| 166 Authority Information Access: |
| 167 CA Issuers - URI:http://url-for-aia/Root.cer |
| 168 |
| 169 X509v3 CRL Distribution Points: |
| 170 |
| 171 Full Name: |
| 172 URI:http://url-for-crl/Root.crl |
| 173 |
| 174 X509v3 Key Usage: critical |
| 175 Certificate Sign, CRL Sign |
| 176 X509v3 Basic Constraints: critical |
| 177 CA:TRUE |
| 178 Signature Algorithm: sha256WithRSAEncryption |
| 179 cc:4e:fc:f2:a4:0f:2e:b3:6a:8d:c0:0b:27:1c:88:7c:0f:88: |
| 180 9a:bf:ea:a4:0d:50:83:ad:f4:40:25:09:85:26:69:38:c5:a8: |
| 181 4f:d8:1b:d7:40:40:3e:f5:5c:ec:13:0c:87:ff:39:f8:b3:ba: |
| 182 1f:a2:e6:f6:89:ef:cc:16:e5:94:e9:e6:b3:f8:78:ea:46:95: |
| 183 3e:13:50:04:21:29:83:75:c4:fa:e1:a0:36:f1:8b:46:25:73: |
| 184 93:c4:85:37:5c:30:d0:5b:41:10:a8:e6:d1:28:cc:4b:32:6c: |
| 185 6a:12:25:6b:55:36:ae:48:1f:53:fc:59:5b:34:fb:90:c3:e8: |
| 186 fd:32:a7:fe:32:39:68:97:41:97:5c:b7:e9:eb:d7:8a:e8:6a: |
| 187 f4:41:ea:38:be:d7:af:be:33:d6:82:1f:5e:eb:68:a0:a5:65: |
| 188 d2:21:2c:91:01:02:98:3b:ad:fe:69:e5:8f:55:e3:74:98:46: |
| 189 5d:27:cd:22:2e:7c:a8:da:78:4d:4c:88:90:cc:d4:49:10:28: |
| 190 a3:1b:5f:c1:0d:88:40:3b:65:b0:dd:ac:f4:7f:31:17:a3:9e: |
| 191 a5:45:37:fe:f0:40:d5:cb:02:40:ac:14:44:21:68:74:fa:a6: |
| 192 99:dd:66:8d:ab:45:4b:c5:b1:d9:ab:59:28:d8:7e:48:10:83: |
| 193 49:87:87:a6 |
| 194 -----BEGIN CERTIFICATE----- |
| 195 MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| 196 MB4XDTE1MDEwMjEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| 197 ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfaqT6Wx |
| 198 Ot8qspsEdPzxD8XUH9O2k36+F8FgzdrRoC75BVE1VCpRFEEozvkLe/vY32H/FvIA |
| 199 znwgza+SFS4y6XcegbcPhmE7g9cdQBNmn4OMH1HPs9SvU7kK3FJx7FOtDjYtqiBZ |
| 200 XDw7XYT86T+Qi5wk4yVgAYQ87KdIZtqy4jL2DdeZjbaX99GSXVcm9/T+qC6Sp2+m |
| 201 hFn0smasc6TeJ42cp0pnbGR9kjYa52K/NJ8Sl/J3K472XiigUj0BXMQRd3hZ28J2 |
| 202 2vac+CdVTEw/Vcg8NPSYni7I9Wpp/3Vm5CXo0IV2FgrfelP3QOARKB/MzQvUzvp/ |
| 203 QfJUR/q9bQeohQIDAQABo4HLMIHIMB0GA1UdDgQWBBSVIYceuqkwE1thwKkMTHaO |
| 204 qFM1JjAfBgNVHSMEGDAWgBTXMlZKVXc2Ks24GW4yE0CXVIfBQTA3BggrBgEFBQcB |
| 205 AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| 206 BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| 207 VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB |
| 208 AMxO/PKkDy6zao3ACycciHwPiJq/6qQNUIOt9EAlCYUmaTjFqE/YG9dAQD71XOwT |
| 209 DIf/Ofizuh+i5vaJ78wW5ZTp5rP4eOpGlT4TUAQhKYN1xPrhoDbxi0Ylc5PEhTdc |
| 210 MNBbQRCo5tEozEsybGoSJWtVNq5IH1P8WVs0+5DD6P0yp/4yOWiXQZdct+nr14ro |
| 211 avRB6ji+16++M9aCH17raKClZdIhLJEBApg7rf5p5Y9V43SYRl0nzSIufKjaeE1M |
| 212 iJDM1EkQKKMbX8ENiEA7ZbDdrPR/MRejnqVFN/7wQNXLAkCsFEQhaHT6ppndZo2r |
| 213 RUvFsdmrWSjYfkgQg0mHh6Y= |
| 214 -----END CERTIFICATE----- |
| 215 |
| 216 Certificate: |
| 217 Data: |
| 218 Version: 3 (0x2) |
| 219 Serial Number: 1 (0x1) |
| 220 Signature Algorithm: sha256WithRSAEncryption |
| 221 Issuer: CN=Root |
| 222 Validity |
| 223 Not Before: Jan 2 12:00:00 2015 GMT |
| 224 Not After : Jan 1 12:00:00 2016 GMT |
| 225 Subject: CN=Root |
| 226 Subject Public Key Info: |
| 227 Public Key Algorithm: rsaEncryption |
| 228 Public-Key: (2048 bit) |
| 229 Modulus: |
| 230 00:df:90:f5:53:a4:c4:b3:97:68:4a:37:9b:1f:fc: |
| 231 9c:24:e5:b5:ec:8d:f6:64:30:70:92:24:a6:07:8b: |
| 232 28:a2:3b:81:93:79:97:40:28:a5:da:6c:99:5a:35: |
| 233 93:7e:17:8e:89:85:a3:ef:41:be:15:27:c1:9b:b6: |
| 234 1d:e4:83:4a:d6:59:6f:88:95:23:d8:71:6a:7e:fb: |
| 235 8d:29:3c:f3:bd:76:51:eb:50:d1:83:ac:cd:90:87: |
| 236 b5:85:50:5e:0b:bf:77:29:53:ca:7b:4f:7b:da:e4: |
| 237 0e:9d:be:5a:47:44:e3:50:8e:2c:7e:bc:6a:08:e3: |
| 238 bc:ee:64:31:04:84:24:e9:e0:e0:d9:57:86:d6:57: |
| 239 dd:c9:fa:cd:a5:f3:d8:86:8b:84:31:c7:e7:c6:81: |
| 240 42:52:2d:ac:b2:ac:a8:b2:d4:32:c5:b2:c4:0a:47: |
| 241 5c:00:0c:b9:d3:d8:04:65:dd:1c:4b:7e:1f:5b:81: |
| 242 e1:85:17:be:70:4b:a8:1c:0d:15:54:c2:db:65:78: |
| 243 18:15:15:57:73:a8:3a:31:36:5b:6f:c3:38:17:32: |
| 244 ce:05:17:69:53:f4:9b:f3:d0:18:93:b9:e9:a1:de: |
| 245 4a:79:d6:95:ac:f7:dd:eb:15:75:13:73:0d:47:4d: |
| 246 1f:0b:fd:15:88:26:be:71:59:23:d0:d7:55:4a:5d: |
| 247 73:21 |
| 248 Exponent: 65537 (0x10001) |
| 249 X509v3 extensions: |
| 250 X509v3 Subject Key Identifier: |
| 251 D7:32:56:4A:55:77:36:2A:CD:B8:19:6E:32:13:40:97:54:87:C1:41 |
| 252 X509v3 Authority Key Identifier: |
| 253 keyid:D7:32:56:4A:55:77:36:2A:CD:B8:19:6E:32:13:40:97:54:87:C1:4
1 |
| 254 |
| 255 Authority Information Access: |
| 256 CA Issuers - URI:http://url-for-aia/Root.cer |
| 257 |
| 258 X509v3 CRL Distribution Points: |
| 259 |
| 260 Full Name: |
| 261 URI:http://url-for-crl/Root.crl |
| 262 |
| 263 X509v3 Key Usage: critical |
| 264 Certificate Sign, CRL Sign |
| 265 X509v3 Basic Constraints: critical |
| 266 CA:TRUE |
| 267 Signature Algorithm: sha256WithRSAEncryption |
| 268 50:9a:6c:34:e9:18:50:04:54:f3:7a:6c:a7:52:e7:cd:fe:19: |
| 269 58:f1:a7:a0:ea:60:59:87:a7:aa:19:cf:c3:df:05:2f:01:a1: |
| 270 c7:25:98:0e:89:b9:3e:b3:f7:94:36:9c:ed:6e:45:51:cc:37: |
| 271 1c:36:9a:80:b4:6a:05:ef:91:a3:31:d0:9a:34:2f:bd:60:50: |
| 272 f9:ba:03:0b:08:30:d5:8b:d4:f1:d7:14:08:c9:ad:82:f3:7e: |
| 273 13:0b:f5:c9:82:1e:e5:0e:60:c5:d9:8b:8d:94:32:87:03:4e: |
| 274 44:44:ff:af:4a:2f:e3:13:ab:ca:8a:ce:26:72:90:97:c4:7e: |
| 275 38:29:7b:fc:d2:8b:2f:75:35:92:48:c4:78:71:a4:6e:7e:e0: |
| 276 c6:f1:42:a9:63:d5:61:bf:a5:8c:5c:fa:8a:6d:c3:23:72:55: |
| 277 fe:68:4e:21:d7:ad:76:38:cc:26:05:d0:a8:50:f0:63:46:25: |
| 278 62:76:d4:74:c9:50:db:47:e5:ad:4f:93:fc:62:35:db:18:16: |
| 279 6d:27:d2:92:94:6d:a9:83:ae:f7:1e:1e:f9:3e:82:f9:40:e4: |
| 280 96:3a:4d:23:90:98:43:8b:f0:36:07:8e:0b:4e:87:ec:37:8d: |
| 281 47:0f:f7:e8:06:92:65:3f:eb:8b:df:44:1a:2b:8b:c4:54:2d: |
| 282 bc:61:d7:bc |
| 283 -----BEGIN CERTIFICATE----- |
| 284 MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| 285 MB4XDTE1MDEwMjEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| 286 dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+Q9VOkxLOXaEo3mx/8 |
| 287 nCTlteyN9mQwcJIkpgeLKKI7gZN5l0AopdpsmVo1k34XjomFo+9BvhUnwZu2HeSD |
| 288 StZZb4iVI9hxan77jSk88712UetQ0YOszZCHtYVQXgu/dylTyntPe9rkDp2+WkdE |
| 289 41COLH68agjjvO5kMQSEJOng4NlXhtZX3cn6zaXz2IaLhDHH58aBQlItrLKsqLLU |
| 290 MsWyxApHXAAMudPYBGXdHEt+H1uB4YUXvnBLqBwNFVTC22V4GBUVV3OoOjE2W2/D |
| 291 OBcyzgUXaVP0m/PQGJO56aHeSnnWlaz33esVdRNzDUdNHwv9FYgmvnFZI9DXVUpd |
| 292 cyECAwEAAaOByzCByDAdBgNVHQ4EFgQU1zJWSlV3NirNuBluMhNAl1SHwUEwHwYD |
| 293 VR0jBBgwFoAU1zJWSlV3NirNuBluMhNAl1SHwUEwNwYIKwYBBQUHAQEEKzApMCcG |
| 294 CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| 295 IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| 296 AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBQmmw06RhQ |
| 297 BFTzemynUufN/hlY8aeg6mBZh6eqGc/D3wUvAaHHJZgOibk+s/eUNpztbkVRzDcc |
| 298 NpqAtGoF75GjMdCaNC+9YFD5ugMLCDDVi9Tx1xQIya2C834TC/XJgh7lDmDF2YuN |
| 299 lDKHA05ERP+vSi/jE6vKis4mcpCXxH44KXv80osvdTWSSMR4caRufuDG8UKpY9Vh |
| 300 v6WMXPqKbcMjclX+aE4h1612OMwmBdCoUPBjRiVidtR0yVDbR+WtT5P8YjXbGBZt |
| 301 J9KSlG2pg673Hh75PoL5QOSWOk0jkJhDi/A2B44LTofsN41HD/foBpJlP+uL30Qa |
| 302 K4vEVC28Yde8 |
| 303 -----END CERTIFICATE----- |
| 304 |
| 305 Certificate: |
| 306 Data: |
| 307 Version: 3 (0x2) |
| 308 Serial Number: 3 (0x3) |
| 309 Signature Algorithm: sha256WithRSAEncryption |
| 310 Issuer: CN=Root |
| 311 Validity |
| 312 Not Before: Jan 2 12:00:00 2015 GMT |
| 313 Not After : Jan 1 12:00:00 2016 GMT |
| 314 Subject: CN=Root |
| 315 Subject Public Key Info: |
| 316 Public Key Algorithm: rsaEncryption |
| 317 Public-Key: (2048 bit) |
| 318 Modulus: |
| 319 00:df:90:f5:53:a4:c4:b3:97:68:4a:37:9b:1f:fc: |
| 320 9c:24:e5:b5:ec:8d:f6:64:30:70:92:24:a6:07:8b: |
| 321 28:a2:3b:81:93:79:97:40:28:a5:da:6c:99:5a:35: |
| 322 93:7e:17:8e:89:85:a3:ef:41:be:15:27:c1:9b:b6: |
| 323 1d:e4:83:4a:d6:59:6f:88:95:23:d8:71:6a:7e:fb: |
| 324 8d:29:3c:f3:bd:76:51:eb:50:d1:83:ac:cd:90:87: |
| 325 b5:85:50:5e:0b:bf:77:29:53:ca:7b:4f:7b:da:e4: |
| 326 0e:9d:be:5a:47:44:e3:50:8e:2c:7e:bc:6a:08:e3: |
| 327 bc:ee:64:31:04:84:24:e9:e0:e0:d9:57:86:d6:57: |
| 328 dd:c9:fa:cd:a5:f3:d8:86:8b:84:31:c7:e7:c6:81: |
| 329 42:52:2d:ac:b2:ac:a8:b2:d4:32:c5:b2:c4:0a:47: |
| 330 5c:00:0c:b9:d3:d8:04:65:dd:1c:4b:7e:1f:5b:81: |
| 331 e1:85:17:be:70:4b:a8:1c:0d:15:54:c2:db:65:78: |
| 332 18:15:15:57:73:a8:3a:31:36:5b:6f:c3:38:17:32: |
| 333 ce:05:17:69:53:f4:9b:f3:d0:18:93:b9:e9:a1:de: |
| 334 4a:79:d6:95:ac:f7:dd:eb:15:75:13:73:0d:47:4d: |
| 335 1f:0b:fd:15:88:26:be:71:59:23:d0:d7:55:4a:5d: |
| 336 73:21 |
| 337 Exponent: 65537 (0x10001) |
| 338 X509v3 extensions: |
| 339 X509v3 Subject Key Identifier: |
| 340 D7:32:56:4A:55:77:36:2A:CD:B8:19:6E:32:13:40:97:54:87:C1:41 |
| 341 X509v3 Authority Key Identifier: |
| 342 keyid:3C:15:EB:E0:B6:E5:4B:77:A7:DC:BC:E5:01:5F:E2:B6:6B:A0:24:E
1 |
| 343 |
| 344 Authority Information Access: |
| 345 CA Issuers - URI:http://url-for-aia/Root.cer |
| 346 |
| 347 X509v3 CRL Distribution Points: |
| 348 |
| 349 Full Name: |
| 350 URI:http://url-for-crl/Root.crl |
| 351 |
| 352 X509v3 Key Usage: critical |
| 353 Certificate Sign, CRL Sign |
| 354 X509v3 Basic Constraints: critical |
| 355 CA:TRUE |
| 356 Signature Algorithm: sha256WithRSAEncryption |
| 357 8f:47:2b:77:7c:3c:46:a9:88:cd:6f:33:dc:93:09:ff:86:b4: |
| 358 4a:26:ff:7a:db:d8:bc:a2:f3:b1:32:06:68:a8:fb:7e:f3:55: |
| 359 62:45:23:12:65:0b:b9:21:65:6f:06:63:81:83:0b:d6:c6:98: |
| 360 85:53:d1:8d:bd:d0:7b:36:53:54:7e:8c:4b:24:14:eb:f2:35: |
| 361 1c:b8:10:a3:31:96:19:9f:78:6c:6b:26:ab:bb:26:ac:33:b5: |
| 362 1a:b3:76:c8:45:17:16:a0:39:54:99:f9:b3:58:04:d3:09:51: |
| 363 21:e4:24:e4:f4:ce:a6:c7:f7:a9:1e:01:a1:16:c1:d2:7b:5c: |
| 364 5b:bb:98:b6:b2:c2:4f:2c:35:9a:68:ab:1d:6b:63:35:02:f4: |
| 365 f0:bb:f1:ea:ea:6f:46:8a:31:51:5e:16:cc:9f:c0:92:26:e1: |
| 366 78:a7:f5:b4:91:4f:8b:9f:3c:32:6b:db:62:a2:e4:32:e4:83: |
| 367 07:26:68:85:b5:d2:e6:5c:70:b4:bf:ec:ee:a4:79:62:59:7d: |
| 368 ff:11:25:67:63:ec:3f:3e:b5:71:8b:4f:33:1d:26:b0:e3:2c: |
| 369 32:cc:12:43:97:32:7c:7a:02:45:54:f3:9a:25:36:8c:fe:36: |
| 370 05:be:37:5e:e4:92:e8:5d:f0:72:bc:3d:f3:70:88:51:64:19: |
| 371 a6:8f:d3:c9 |
| 372 -----BEGIN CERTIFICATE----- |
| 373 MIIDZTCCAk2gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| 374 MB4XDTE1MDEwMjEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| 375 dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+Q9VOkxLOXaEo3mx/8 |
| 376 nCTlteyN9mQwcJIkpgeLKKI7gZN5l0AopdpsmVo1k34XjomFo+9BvhUnwZu2HeSD |
| 377 StZZb4iVI9hxan77jSk88712UetQ0YOszZCHtYVQXgu/dylTyntPe9rkDp2+WkdE |
| 378 41COLH68agjjvO5kMQSEJOng4NlXhtZX3cn6zaXz2IaLhDHH58aBQlItrLKsqLLU |
| 379 MsWyxApHXAAMudPYBGXdHEt+H1uB4YUXvnBLqBwNFVTC22V4GBUVV3OoOjE2W2/D |
| 380 OBcyzgUXaVP0m/PQGJO56aHeSnnWlaz33esVdRNzDUdNHwv9FYgmvnFZI9DXVUpd |
| 381 cyECAwEAAaOByzCByDAdBgNVHQ4EFgQU1zJWSlV3NirNuBluMhNAl1SHwUEwHwYD |
| 382 VR0jBBgwFoAUPBXr4LblS3en3LzlAV/itmugJOEwNwYIKwYBBQUHAQEEKzApMCcG |
| 383 CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| 384 IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| 385 AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCPRyt3fDxG |
| 386 qYjNbzPckwn/hrRKJv9629i8ovOxMgZoqPt+81ViRSMSZQu5IWVvBmOBgwvWxpiF |
| 387 U9GNvdB7NlNUfoxLJBTr8jUcuBCjMZYZn3hsayaruyasM7Uas3bIRRcWoDlUmfmz |
| 388 WATTCVEh5CTk9M6mx/epHgGhFsHSe1xbu5i2ssJPLDWaaKsda2M1AvTwu/Hq6m9G |
| 389 ijFRXhbMn8CSJuF4p/W0kU+Lnzwya9tiouQy5IMHJmiFtdLmXHC0v+zupHliWX3/ |
| 390 ESVnY+w/PrVxi08zHSaw4ywyzBJDlzJ8egJFVPOaJTaM/jYFvjde5JLoXfByvD3z |
| 391 cIhRZBmmj9PJ |
| 392 -----END CERTIFICATE----- |
| 393 |
| 394 Certificate: |
| 395 Data: |
| 396 Version: 3 (0x2) |
| 397 Serial Number: 1 (0x1) |
| 398 Signature Algorithm: sha256WithRSAEncryption |
| 399 Issuer: CN=Root |
| 400 Validity |
| 401 Not Before: Jan 1 12:00:00 2015 GMT |
| 402 Not After : Jan 1 12:00:00 2016 GMT |
| 403 Subject: CN=Root |
| 404 Subject Public Key Info: |
| 405 Public Key Algorithm: rsaEncryption |
| 406 Public-Key: (2048 bit) |
| 407 Modulus: |
| 408 00:bd:ad:c8:5d:2d:85:2d:00:39:01:33:f2:03:b2: |
| 409 e4:87:7c:e5:45:35:fa:80:8c:99:92:fb:ba:8c:f8: |
| 410 d7:e6:3a:51:1d:a3:b3:67:9f:14:fe:8c:27:c3:82: |
| 411 30:b3:c5:12:9d:7a:7e:c0:13:3c:a3:73:29:ec:f5: |
| 412 6a:d0:68:0d:e8:35:13:01:00:c9:f9:6a:f2:53:50: |
| 413 a4:12:82:82:d4:1a:30:45:6d:b1:a0:d8:56:5b:36: |
| 414 98:59:4c:28:78:88:21:e6:44:34:af:55:12:89:5e: |
| 415 6a:a3:8b:27:a3:65:b1:f0:0b:67:49:d8:41:ca:0a: |
| 416 0e:63:48:5f:4a:2f:12:3f:5a:37:85:4d:70:80:9e: |
| 417 8c:d0:54:e8:3e:09:fe:99:b5:51:67:0a:5d:8a:0e: |
| 418 97:a5:36:55:cf:10:9d:45:07:44:c7:4a:60:4e:13: |
| 419 25:99:0f:6c:7d:f9:7a:99:52:2a:e2:7b:b5:7a:50: |
| 420 21:72:24:e7:52:cf:4a:27:6c:60:a0:a9:2c:c7:70: |
| 421 3e:6e:0b:4e:21:c6:0a:30:a6:a9:73:a0:08:66:ab: |
| 422 99:3e:03:92:44:89:23:2d:03:f4:13:5f:42:55:ef: |
| 423 80:03:5a:aa:34:84:ae:e4:b7:b7:cc:51:1a:d0:ec: |
| 424 04:ab:e5:bb:f1:d1:80:8d:6a:ab:e6:80:2c:7d:0e: |
| 425 fe:f3 |
| 426 Exponent: 65537 (0x10001) |
| 427 X509v3 extensions: |
| 428 X509v3 Subject Key Identifier: |
| 429 3C:15:EB:E0:B6:E5:4B:77:A7:DC:BC:E5:01:5F:E2:B6:6B:A0:24:E1 |
| 430 X509v3 Authority Key Identifier: |
| 431 keyid:3C:15:EB:E0:B6:E5:4B:77:A7:DC:BC:E5:01:5F:E2:B6:6B:A0:24:E
1 |
| 432 |
| 433 Authority Information Access: |
| 434 CA Issuers - URI:http://url-for-aia/Root.cer |
| 435 |
| 436 X509v3 CRL Distribution Points: |
| 437 |
| 438 Full Name: |
| 439 URI:http://url-for-crl/Root.crl |
| 440 |
| 441 X509v3 Key Usage: critical |
| 442 Certificate Sign, CRL Sign |
| 443 X509v3 Basic Constraints: critical |
| 444 CA:TRUE |
| 445 Signature Algorithm: sha256WithRSAEncryption |
| 446 9a:45:ef:29:2f:b6:bf:98:7d:f0:e1:b4:ac:5c:7e:f4:3f:2b: |
| 447 87:76:19:32:b0:f1:b0:ff:32:05:c4:c6:d4:9d:bf:22:31:30: |
| 448 79:a3:a1:ec:66:c5:02:bd:7f:cc:47:e0:39:7f:fd:19:d5:4f: |
| 449 2b:a7:0a:b7:5b:3f:a9:54:51:1d:d7:dd:8f:72:7d:b7:1a:a1: |
| 450 16:5e:80:d0:d0:83:9f:87:13:c5:66:79:cf:26:5e:38:c6:0c: |
| 451 f8:76:2e:ff:8b:68:95:d8:f6:84:f2:13:13:59:d3:b3:a6:93: |
| 452 73:f8:5d:e7:f3:75:9a:42:30:74:ed:c0:a5:84:cf:30:eb:9c: |
| 453 89:ee:26:6c:a3:9a:b4:01:e2:f4:21:94:eb:69:3d:6b:82:dd: |
| 454 f9:88:57:37:64:0a:09:8c:fd:29:73:2d:85:ca:fa:f0:38:76: |
| 455 cc:65:c3:52:50:8d:0e:2e:f5:9f:fe:a0:5a:b3:7a:dc:c6:ee: |
| 456 e8:a6:0a:95:23:ab:0c:86:89:87:aa:ff:6b:88:49:ef:eb:63: |
| 457 d8:ea:d1:86:b0:c8:3c:eb:f3:d3:ff:5f:95:a0:68:dc:52:a1: |
| 458 26:e5:f2:60:c5:fd:9d:fa:03:fd:5f:c9:33:21:c8:9e:3f:e7: |
| 459 75:b4:c5:43:3b:7c:65:38:82:87:76:1d:aa:7b:48:81:27:03: |
| 460 93:cb:81:50 |
| 461 -----BEGIN TRUSTED_CERTIFICATE----- |
| 462 MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| 463 MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| 464 dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL2tyF0thS0AOQEz8gOy |
| 465 5Id85UU1+oCMmZL7uoz41+Y6UR2js2efFP6MJ8OCMLPFEp16fsATPKNzKez1atBo |
| 466 Deg1EwEAyflq8lNQpBKCgtQaMEVtsaDYVls2mFlMKHiIIeZENK9VEoleaqOLJ6Nl |
| 467 sfALZ0nYQcoKDmNIX0ovEj9aN4VNcICejNBU6D4J/pm1UWcKXYoOl6U2Vc8QnUUH |
| 468 RMdKYE4TJZkPbH35eplSKuJ7tXpQIXIk51LPSidsYKCpLMdwPm4LTiHGCjCmqXOg |
| 469 CGarmT4DkkSJIy0D9BNfQlXvgANaqjSEruS3t8xRGtDsBKvlu/HRgI1qq+aALH0O |
| 470 /vMCAwEAAaOByzCByDAdBgNVHQ4EFgQUPBXr4LblS3en3LzlAV/itmugJOEwHwYD |
| 471 VR0jBBgwFoAUPBXr4LblS3en3LzlAV/itmugJOEwNwYIKwYBBQUHAQEEKzApMCcG |
| 472 CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| 473 IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| 474 AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCaRe8pL7a/ |
| 475 mH3w4bSsXH70PyuHdhkysPGw/zIFxMbUnb8iMTB5o6HsZsUCvX/MR+A5f/0Z1U8r |
| 476 pwq3Wz+pVFEd192Pcn23GqEWXoDQ0IOfhxPFZnnPJl44xgz4di7/i2iV2PaE8hMT |
| 477 WdOzppNz+F3n83WaQjB07cClhM8w65yJ7iZso5q0AeL0IZTraT1rgt35iFc3ZAoJ |
| 478 jP0pcy2FyvrwOHbMZcNSUI0OLvWf/qBas3rcxu7opgqVI6sMhomHqv9riEnv62PY |
| 479 6tGGsMg86/PT/1+VoGjcUqEm5fJgxf2d+gP9X8kzIcieP+d1tMVDO3xlOIKHdh2q |
| 480 e0iBJwOTy4FQ |
| 481 -----END TRUSTED_CERTIFICATE----- |
| 482 |
| 483 -----BEGIN TIME----- |
| 484 MTUwMzAyMTIwMDAwWg== |
| 485 -----END TIME----- |
| 486 |
| 487 -----BEGIN VERIFY_RESULT----- |
| 488 U1VDQ0VTUw== |
| 489 -----END VERIFY_RESULT----- |
OLD | NEW |