Certifcate chain:
Target -> Intermediate2 -> Intermediate1 -> Root
The root certificate has a pathlen=1 constraint on it, so when validating with
trust anchor constraints enforced this should fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate2
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2017 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cc:e7:c5:5e:00:e6:6e:62:c7:a5:ee:c5:6e:e0:
a1:1a:83:a7:fa:c8:90:ee:82:ef:94:b7:4c:b8:56:
2e:71:e1:03:67:dc:82:35:1e:b3:68:79:43:86:8f:
04:30:86:a7:4e:43:59:52:9f:e7:43:b8:8e:c1:70:
a4:59:d7:c0:c4:ae:da:70:dc:1a:52:a0:05:1c:c8:
1c:3d:1f:6e:c1:b2:ea:5e:e6:56:f2:4a:3c:01:19:
9a:19:fb:c1:fe:62:77:93:fb:4e:55:44:e3:4f:d6:
c4:bb:32:ef:aa:67:53:04:50:5c:db:06:3b:7e:37:
82:92:26:f2:47:38:c4:6a:9b:d8:42:32:44:1b:89:
84:ab:77:af:ec:27:c3:34:4e:d2:e5:8a:77:40:61:
76:fb:6d:78:3d:a4:d6:00:64:83:24:3b:fc:6b:83:
00:59:03:c1:9b:4f:5e:94:ac:f0:50:5e:e4:d1:e7:
60:c9:f3:74:6e:91:a2:47:47:6c:5a:a3:0b:83:3d:
50:a4:eb:1c:9e:83:7e:3c:f3:68:87:e8:d6:a6:30:
0d:01:a8:9d:96:de:a6:ff:7f:1a:36:5c:7b:b6:92:
73:ec:9d:f1:b6:5f:c5:3c:c8:2a:98:35:15:16:b5:
8d:78:ea:2c:3a:22:14:d4:4d:13:7c:70:81:8b:66:
6a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:44:41:6E:89:1C:49:B5:BF:47:3C:98:EA:28:86:E2:1A:17:64:09
X509v3 Authority Key Identifier:
keyid:BE:E8:01:F9:AD:F7:6E:8B:62:7E:59:3A:10:CC:60:78:95:62:9C:CA
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate2.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate2.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
48:66:26:79:cd:4f:a1:7b:ca:fc:49:27:60:c1:e0:17:6f:14:
13:ae:a0:be:44:d4:49:68:63:31:b1:11:f2:65:7d:2e:13:d9:
df:12:19:fd:ac:8b:03:b6:a3:84:4c:a1:0a:67:3a:35:80:a0:
c7:a1:0c:3b:c8:7a:4a:bc:b2:78:02:80:98:aa:46:ca:55:cd:
d1:5d:60:d8:80:b5:a3:f1:76:7a:0d:a1:9a:f0:4b:da:e1:24:
b7:f9:41:90:6b:fa:d5:ba:e5:31:5a:49:a7:9d:3d:b0:10:64:
fe:2f:f5:aa:88:09:75:dd:86:57:bb:29:a8:80:87:fb:5c:a9:
97:9b:7f:9b:f9:2b:c5:9d:1e:01:46:a7:f2:a1:42:f5:5d:c7:
95:fe:a3:85:5b:23:c1:a7:6b:1d:d5:ab:b0:09:44:14:2f:ea:
db:ca:02:4d:1c:05:b9:88:ce:1e:97:d8:aa:7e:54:5f:a5:fa:
ed:af:25:d0:a8:33:5e:b6:c7:71:0c:8d:6a:f0:d4:c7:e1:d9:
fe:9b:e9:f6:cc:cf:62:36:45:bc:10:53:27:3c:59:83:38:62:
6f:24:87:7e:a4:9b:c9:fc:4b:2a:6e:22:cc:3a:23:17:12:68:
16:fc:40:10:2c:fc:68:46:ff:3b:97:94:88:b3:70:05:1d:40:
f7:05:8c:cd
-----BEGIN CERTIFICATE-----
MIIDkDCCAnigAwIBAgIBATANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1JbnRl
cm1lZGlhdGUyMB4XDTE1MDEwMTEyMDAwMFoXDTE3MDEwMTEyMDAwMFowETEPMA0G
A1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOfF
XgDmbmLHpe7FbuChGoOn+siQ7oLvlLdMuFYuceEDZ9yCNR6zaHlDho8EMIanTkNZ
Up/nQ7iOwXCkWdfAxK7acNwaUqAFHMgcPR9uwbLqXuZW8ko8ARmaGfvB/mJ3k/tO
VUTjT9bEuzLvqmdTBFBc2wY7fjeCkibyRzjEapvYQjJEG4mEq3ev7CfDNE7S5Yp3
QGF2+214PaTWAGSDJDv8a4MAWQPBm09elKzwUF7k0edgyfN0bpGiR0dsWqMLgz1Q
pOscnoN+PPNoh+jWpjANAaidlt6m/38aNlx7tpJz7J3xtl/FPMgqmDUVFrWNeOos
OiIU1E0TfHCBi2ZqYwIDAQABo4HrMIHoMB0GA1UdDgQWBBRsREFuiRxJtb9HPJjq
KIbiGhdkCTAfBgNVHSMEGDAWgBS+6AH5rfdui2J+WToQzGB4lWKcyjBABggrBgEF
BQcBAQQ0MDIwMAYIKwYBBQUHMAKGJGh0dHA6Ly91cmwtZm9yLWFpYS9JbnRlcm1l
ZGlhdGUyLmNlcjA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vdXJsLWZvci1jcmwv
SW50ZXJtZWRpYXRlMi5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEASGYmec1PoXvK/Ekn
YMHgF28UE66gvkTUSWhjMbER8mV9LhPZ3xIZ/ayLA7ajhEyhCmc6NYCgx6EMO8h6
SryyeAKAmKpGylXN0V1g2IC1o/F2eg2hmvBL2uEkt/lBkGv61brlMVpJp509sBBk
/i/1qogJdd2GV7spqICH+1ypl5t/m/krxZ0eAUan8qFC9V3Hlf6jhVsjwadrHdWr
sAlEFC/q28oCTRwFuYjOHpfYqn5UX6X67a8l0KgzXrbHcQyNavDUx+HZ/pvp9szP
YjZFvBBTJzxZgzhibySHfqSbyfxLKm4izDojFxJoFvxAECz8aEb/O5eUiLNwBR1A
9wWMzQ==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate1
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2017 GMT
Subject: CN=Intermediate2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a7:ec:37:93:db:d9:5f:78:b7:a7:b7:41:3a:a0:
18:c6:33:52:72:15:ea:8e:71:4b:38:45:63:fe:5c:
82:2d:6d:ec:86:9d:42:b4:48:24:9f:48:90:a9:7d:
88:89:c8:52:09:57:34:84:65:7b:b5:81:68:cd:86:
a6:7a:b0:ae:d4:29:e4:62:6d:4a:f3:cf:a3:c7:12:
b4:5b:9d:9d:97:a1:49:f9:50:3f:a7:e9:bf:de:1f:
44:35:be:61:57:e0:fc:25:0c:ca:db:aa:6a:bf:c0:
9a:54:be:ad:08:d5:0b:9e:46:4c:b9:69:06:ba:dc:
b4:d5:21:19:c6:2a:ad:7c:63:27:a5:be:a7:85:79:
a3:7b:39:47:e0:90:4e:fc:2d:1a:58:55:9b:f2:34:
e7:c6:49:be:f7:b2:98:e5:29:46:60:66:28:67:24:
1b:86:57:f7:a3:03:dc:0c:c8:b1:44:42:e5:db:f4:
5c:34:e4:9b:06:56:43:16:0b:09:82:7c:b4:68:d8:
0d:cd:34:6c:24:97:16:0e:e1:15:e0:03:04:9a:c6:
c7:e1:8e:45:2b:0f:d5:90:fc:f0:8a:05:79:e5:5e:
ed:85:b0:fe:87:08:e7:6b:7c:d6:a0:37:7f:63:af:
08:19:dd:a9:59:02:78:2d:67:6b:95:d3:e2:f2:07:
58:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E8:01:F9:AD:F7:6E:8B:62:7E:59:3A:10:CC:60:78:95:62:9C:CA
X509v3 Authority Key Identifier:
keyid:AC:1F:06:9D:6A:D6:77:47:85:F5:29:6A:85:DF:71:F7:AC:F7:83:93
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate1.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate1.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
56:5b:1e:a3:6c:34:0f:79:dc:8c:ce:60:2d:46:9e:32:75:18:
06:6a:c4:3e:4d:90:a8:36:33:af:37:7f:16:2b:9f:55:8f:d5:
b7:93:2e:7a:62:85:df:52:c1:e2:19:df:21:7e:0d:eb:74:1f:
8e:dd:d2:9b:42:49:2b:bb:ca:bf:4a:65:f4:33:c7:29:fa:0a:
ce:16:95:28:77:85:eb:a3:50:f8:b0:a9:49:7a:00:15:06:92:
63:34:38:37:aa:7c:18:15:c8:61:ef:a6:e2:43:ad:41:bd:2d:
23:06:9c:6c:b6:ee:0c:2d:e2:b1:1f:ce:1a:39:83:db:ab:7b:
e2:cf:03:f4:bc:e1:8d:9e:22:50:bb:c3:82:04:a1:9b:1a:b6:
8f:28:dc:2b:f0:5c:3a:c6:99:5e:5c:b0:be:c0:ad:6a:56:ba:
1c:88:d1:d6:6a:76:d2:bd:ef:91:3c:f2:f3:ad:19:2f:1d:42:
fc:1a:c7:6a:a9:48:75:04:14:be:1d:d0:bb:4c:d8:7c:93:c4:
eb:25:58:02:0e:2f:66:a9:64:28:23:0c:a7:55:51:94:c8:e6:
65:15:58:e3:53:02:56:f8:13:fa:08:51:3d:a7:35:e2:15:a9:
59:0e:48:1f:9e:c7:dc:cc:a2:1f:db:c9:3d:46:b6:0e:5d:2e:
bc:85:5f:4d
-----BEGIN CERTIFICATE-----
MIIDiTCCAnGgAwIBAgIBATANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1JbnRl
cm1lZGlhdGUxMB4XDTE1MDEwMTEyMDAwMFoXDTE3MDEwMTEyMDAwMFowGDEWMBQG
A1UEAwwNSW50ZXJtZWRpYXRlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfsN5Pb2V94t6e3QTqgGMYzUnIV6o5xSzhFY/5cgi1t7IadQrRIJJ9IkKl9
iInIUglXNIRle7WBaM2GpnqwrtQp5GJtSvPPo8cStFudnZehSflQP6fpv94fRDW+
YVfg/CUMytuqar/AmlS+rQjVC55GTLlpBrrctNUhGcYqrXxjJ6W+p4V5o3s5R+CQ
TvwtGlhVm/I058ZJvveymOUpRmBmKGckG4ZX96MD3AzIsURC5dv0XDTkmwZWQxYL
CYJ8tGjYDc00bCSXFg7hFeADBJrGx+GORSsP1ZD88IoFeeVe7YWw/ocI52t81qA3
f2OvCBndqVkCeC1na5XT4vIHWOMCAwEAAaOB3TCB2jAdBgNVHQ4EFgQUvugB+a33
botiflk6EMxgeJVinMowHwYDVR0jBBgwFoAUrB8GnWrWd0eF9Slqhd9x96z3g5Mw
QAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzAChiRodHRwOi8vdXJsLWZvci1haWEv
SW50ZXJtZWRpYXRlMS5jZXIwNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL3VybC1m
b3ItY3JsL0ludGVybWVkaWF0ZTEuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB
Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBWWx6jbDQPedyMzmAtRp4ydRgG
asQ+TZCoNjOvN38WK59Vj9W3ky56YoXfUsHiGd8hfg3rdB+O3dKbQkkru8q/SmX0
M8cp+grOFpUod4Xro1D4sKlJegAVBpJjNDg3qnwYFchh76biQ61BvS0jBpxstu4M
LeKxH84aOYPbq3vizwP0vOGNniJQu8OCBKGbGraPKNwr8Fw6xpleXLC+wK1qVroc
iNHWanbSve+RPPLzrRkvHUL8GsdqqUh1BBS+HdC7TNh8k8TrJVgCDi9mqWQoIwyn
VVGUyOZlFVjjUwJW+BP6CFE9pzXiFalZDkgfnsfczKIf28k9RrYOXS68hV9N
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2017 GMT
Subject: CN=Intermediate1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bd:dc:ee:4c:41:6f:ec:b0:20:19:e3:70:5f:b0:
25:ed:ac:de:06:06:25:0e:6d:e8:14:cf:cd:8a:93:
14:3d:27:d4:7f:a5:31:a0:5e:bb:7f:ce:f3:f4:3e:
04:60:04:05:45:4b:c7:28:c7:66:75:c0:0b:dd:37:
27:4b:43:c0:dc:20:76:34:e5:ac:8d:29:9c:62:fb:
43:9a:4c:c0:44:52:ca:e3:fa:6f:1d:85:39:a9:c0:
45:32:46:eb:97:4e:f4:81:0d:f2:0a:ea:36:4f:f3:
85:4d:bf:d6:76:97:ff:05:35:fa:19:fe:d4:f2:ed:
22:73:ad:10:5f:ce:7d:fe:a7:40:d0:dc:ef:39:65:
ce:6f:79:3d:18:96:a2:c9:5b:d4:85:2a:52:16:eb:
66:87:90:e6:82:0f:89:0b:56:9a:26:66:4a:03:39:
ef:28:ad:a8:fa:3f:e6:cb:27:fa:fc:6b:7d:cc:de:
5b:7d:7f:01:c7:75:0e:4b:a8:88:fa:80:61:c9:8c:
84:43:4b:c1:73:17:be:23:ed:ee:a7:9f:68:cb:10:
3d:bd:a1:d4:c0:f3:71:ef:40:5e:82:29:a7:e7:97:
57:20:b7:b9:d8:0d:f2:f4:31:99:37:0d:76:4f:6e:
e4:10:e1:c5:20:20:86:30:2c:fb:2d:86:cf:22:64:
b6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1F:06:9D:6A:D6:77:47:85:F5:29:6A:85:DF:71:F7:AC:F7:83:93
X509v3 Authority Key Identifier:
keyid:0A:DF:C7:0D:59:04:C9:15:E8:1C:79:ED:96:12:22:7C:E6:0D:36:3E
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
76:78:87:7e:d8:e4:50:5f:9d:c0:92:51:2a:2e:8c:f5:65:97:
00:52:31:7f:30:8a:33:d1:37:49:1d:57:c3:60:a1:46:48:bc:
95:51:a8:ef:4c:55:5b:8b:e5:b1:84:57:72:ad:e8:aa:30:1d:
2c:f5:cb:e6:b4:88:1b:af:72:1b:37:72:94:16:73:8f:ad:d2:
04:58:68:bc:ac:cc:01:5d:a6:e1:78:c7:b8:7c:38:fb:68:3d:
58:04:77:e7:35:37:1f:30:c5:72:63:d0:2f:0f:ac:46:ad:33:
01:58:a7:23:a7:a5:fe:c0:e2:2b:61:fc:9a:f0:ab:a7:97:9d:
d2:e6:b1:db:52:1e:c3:0c:bf:6a:e0:3c:4b:97:73:c6:84:84:
56:d4:03:35:a0:a5:e5:16:91:02:51:5d:c9:87:13:47:63:92:
c0:ac:f0:2b:43:26:f8:f3:32:c7:a7:39:7c:84:1b:53:15:10:
7a:94:14:e0:b6:7b:98:74:9c:55:88:6b:0d:64:02:8b:a7:17:
4a:76:3f:1d:26:c6:4a:20:03:3a:69:e4:fb:cf:65:95:46:68:
73:66:47:9f:50:86:26:e6:1a:db:eb:45:04:07:7a:79:4d:be:
93:43:30:0d:5f:19:02:71:f2:d4:bc:e0:2e:51:ad:0c:af:59:
ae:47:c9:a7
-----BEGIN CERTIFICATE-----
MIIDbjCCAlagAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE3MDEwMTEyMDAwMFowGDEWMBQGA1UEAwwNSW50
ZXJtZWRpYXRlMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3c7kxB
b+ywIBnjcF+wJe2s3gYGJQ5t6BTPzYqTFD0n1H+lMaBeu3/O8/Q+BGAEBUVLxyjH
ZnXAC903J0tDwNwgdjTlrI0pnGL7Q5pMwERSyuP6bx2FOanARTJG65dO9IEN8grq
Nk/zhU2/1naX/wU1+hn+1PLtInOtEF/Off6nQNDc7zllzm95PRiWoslb1IUqUhbr
ZoeQ5oIPiQtWmiZmSgM57yitqPo/5ssn+vxrfczeW31/Acd1DkuoiPqAYcmMhENL
wXMXviPt7qefaMsQPb2h1MDzce9AXoIpp+eXVyC3udgN8vQxmTcNdk9u5BDhxSAg
hjAs+y2GzyJkthcCAwEAAaOByzCByDAdBgNVHQ4EFgQUrB8GnWrWd0eF9Slqhd9x
96z3g5MwHwYDVR0jBBgwFoAUCt/HDVkEyRXoHHntlhIifOYNNj4wNwYIKwYBBQUH
AQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIw
LAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4G
A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IB
AQB2eId+2ORQX53AklEqLoz1ZZcAUjF/MIoz0TdJHVfDYKFGSLyVUajvTFVbi+Wx
hFdyreiqMB0s9cvmtIgbr3IbN3KUFnOPrdIEWGi8rMwBXabheMe4fDj7aD1YBHfn
NTcfMMVyY9AvD6xGrTMBWKcjp6X+wOIrYfya8Kunl53S5rHbUh7DDL9q4DxLl3PG
hIRW1AM1oKXlFpECUV3JhxNHY5LArPArQyb48zLHpzl8hBtTFRB6lBTgtnuYdJxV
iGsNZAKLpxdKdj8dJsZKIAM6aeT7z2WVRmhzZkefUIYm5hrb60UEB3p5Tb6TQzAN
XxkCcfLUvOAuUa0Mr1muR8mn
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2017 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:98:39:31:20:2b:a7:f7:a5:ff:43:cd:c0:09:56:
e2:85:b2:3e:ff:64:7a:12:b4:d5:8e:a5:6c:fb:b5:
31:1e:18:cb:c6:97:fe:c8:43:b1:f3:a9:68:14:f7:
29:1b:69:ea:39:a0:f1:b9:fd:a4:71:9f:0e:cf:67:
0e:af:2a:16:66:e9:d1:eb:b5:d4:27:d4:b8:9c:10:
70:ea:cb:00:3a:d2:d7:20:7d:b6:e6:29:4b:a7:21:
ba:e8:d7:42:55:83:0a:a5:9f:e3:bc:da:eb:4f:0b:
87:7f:4a:3a:97:8f:de:e5:44:a1:fd:ef:e5:4c:08:
67:b5:04:93:79:f6:6e:d1:ac:98:f1:e8:4c:c4:dd:
5c:9b:f4:c2:18:4e:0b:ab:7d:51:d9:57:a8:e0:5e:
c7:4d:14:17:33:7f:b2:f5:7d:a6:90:eb:e1:3c:55:
b1:d4:4c:a3:5f:2b:19:f3:91:0d:8e:0c:08:ea:18:
62:38:59:01:7e:e4:ed:11:1a:67:b0:72:79:39:4f:
e3:67:4d:f4:d1:af:b1:4d:b4:f8:0d:b2:c9:7d:96:
83:f9:5c:7f:69:99:a6:44:0d:c5:b2:74:47:ca:18:
58:10:95:bf:33:f3:34:9f:25:83:67:c2:d6:61:1a:
7a:7e:a6:95:f6:a3:80:7f:f5:5d:c5:4d:a0:72:af:
a3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:DF:C7:0D:59:04:C9:15:E8:1C:79:ED:96:12:22:7C:E6:0D:36:3E
X509v3 Authority Key Identifier:
keyid:0A:DF:C7:0D:59:04:C9:15:E8:1C:79:ED:96:12:22:7C:E6:0D:36:3E
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:1
Signature Algorithm: sha256WithRSAEncryption
1e:01:f0:29:f0:53:fd:49:52:f0:72:79:4d:e9:ec:7d:04:47:
32:b2:f7:ef:a0:80:15:8c:5f:77:cf:89:49:dc:f9:65:fe:c5:
3b:03:c5:c2:a9:6f:d0:cd:cd:4b:89:6b:74:8b:1a:a5:88:d3:
aa:84:ed:2a:76:8f:60:b4:e4:5d:6f:b2:f4:09:94:6d:ff:c4:
a7:83:bc:f2:8a:95:ff:68:7b:8b:a4:9c:af:35:49:0c:5f:f4:
ac:a4:a8:ab:12:49:02:c5:4d:d2:a3:cc:c0:d8:c7:59:09:40:
d8:0e:2f:e1:f4:a6:77:df:85:51:db:51:fe:1e:75:a5:fd:6a:
5a:cb:7d:42:5c:0c:0a:3d:5f:88:0c:ef:46:68:24:bd:e1:4f:
bf:3c:92:cf:89:8c:12:d8:14:5f:ab:4c:36:27:a7:87:cb:c9:
25:8d:e6:ff:c8:e7:22:23:3e:15:78:ca:19:ad:d8:ce:72:4a:
2a:8d:ce:94:87:bb:60:58:0a:da:a9:f9:f8:d2:64:c5:fd:41:
8f:33:ff:6e:8c:86:db:b8:45:7c:f8:f1:9c:4d:7f:dc:ec:5c:
71:e7:29:10:7f:84:2f:30:b1:a6:75:fe:ea:7f:b0:15:4a:e4:
1a:ce:47:a9:6e:c0:e8:00:bf:e0:0e:bb:4f:3a:08:cd:d7:cc:
83:3b:b0:6b
-----BEGIN CERTIFICATE-----
MIIDaDCCAlCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE3MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJg5MSArp/el/0PNwAlW
4oWyPv9kehK01Y6lbPu1MR4Yy8aX/shDsfOpaBT3KRtp6jmg8bn9pHGfDs9nDq8q
Fmbp0eu11CfUuJwQcOrLADrS1yB9tuYpS6chuujXQlWDCqWf47za608Lh39KOpeP
3uVEof3v5UwIZ7UEk3n2btGsmPHoTMTdXJv0whhOC6t9UdlXqOBex00UFzN/svV9
ppDr4TxVsdRMo18rGfORDY4MCOoYYjhZAX7k7REaZ7ByeTlP42dN9NGvsU20+A2y
yX2Wg/lcf2mZpkQNxbJ0R8oYWBCVvzPzNJ8lg2fC1mEaen6mlfajgH/1XcVNoHKv
o20CAwEAAaOBzjCByzAdBgNVHQ4EFgQUCt/HDVkEyRXoHHntlhIifOYNNj4wHwYD
VR0jBBgwFoAUCt/HDVkEyRXoHHntlhIifOYNNj4wNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAeAfAp
8FP9SVLwcnlN6ex9BEcysvfvoIAVjF93z4lJ3Pll/sU7A8XCqW/Qzc1LiWt0ixql
iNOqhO0qdo9gtORdb7L0CZRt/8Sng7zyipX/aHuLpJyvNUkMX/SspKirEkkCxU3S
o8zA2MdZCUDYDi/h9KZ334VR21H+HnWl/Wpay31CXAwKPV+IDO9GaCS94U+/PJLP
iYwS2BRfq0w2J6eHy8kljeb/yOciIz4VeMoZrdjOckoqjc6Uh7tgWAraqfn40mTF
/UGPM/9ujIbbuEV8+PGcTX/c7Fxx5ykQf4QvMLGmdf7qf7AVSuQazkepbsDoAL/g
DrtPOgjN18yDO7Br
-----END CERTIFICATE-----
Target's private key.
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAzOfFXgDmbmLHpe7FbuChGoOn+siQ7oLvlLdMuFYuceEDZ9yC
NR6zaHlDho8EMIanTkNZUp/nQ7iOwXCkWdfAxK7acNwaUqAFHMgcPR9uwbLqXuZW
8ko8ARmaGfvB/mJ3k/tOVUTjT9bEuzLvqmdTBFBc2wY7fjeCkibyRzjEapvYQjJE
G4mEq3ev7CfDNE7S5Yp3QGF2+214PaTWAGSDJDv8a4MAWQPBm09elKzwUF7k0edg
yfN0bpGiR0dsWqMLgz1QpOscnoN+PPNoh+jWpjANAaidlt6m/38aNlx7tpJz7J3x
tl/FPMgqmDUVFrWNeOosOiIU1E0TfHCBi2ZqYwIDAQABAoIBAQCy/g+x8zVX3iAq
+i4rkjwJLlLxxnycbXKdxZVWPapqvjW8Z6qyfnQYYj2zcIEnZqkFu91uSNK7nJ/P
qPdYqBjzdw7Ioey4mqJ8pu3MEwYsXH9RkQMIugI6r8OmyP6Imjl84n1mDTxIRQMr
x+4GPCYP0aebiJE1y4Xa5/yibJtfx913N+mCbDyS9vOzuh5lOcsdMvfx2UvhuR+z
/fTDCcrzOgyTA4GC5zojUbgNqSJ/bxZ7EudQhkPVrP7MI7vxiL+JdRV8m30txxRn
jkiqh1nrHbyQ97p653CpgkxErlCDERq65dj1Y1OexSk5fCKVUq4jtLNCwe47BcJx
KMXZhd1ZAoGBAOYbgmYNxDpRHJ7YN+tIOcLtlh9NZ1ONcLgwiDsrQmEag3IqsYwX
G4AREhXyWlscMCSR5q2HyHIk6r3et4eoV6R+sIIl2HxiSzyJpXn0L6V2/P86d5wm
PP8MoFkMGWvUiQoNEmM1Jo80mcU29wLYGI50u8iRcRR47f9yyAe4ngLnAoGBAOP2
ScQ0thh71Twg2PPJyuAd9F2CHWz9KXcZd/L/GifPk09DKBGItpWR0vMceZoke/7S
WubIrIjPV8ks263ivgQdzIUCi44NWKc7WkXXzgvNqzpAGs5e0jGZ4Q732rtqWWCX
CLctogFS3AgrQjGhHVPFZjthXxtaTX5VsHnG/yklAoGADULum/UVJws/rAPoDR5H
fe11Zm5ukwkmwubBIy/WDoSZqL2/J8S5KANT2IH0JSYVvDXQZpXZvoJUKQcp6p6Q
FoHaqFWICXscvOtt5v5ktJOL9yWmeRBXGZffseIZoPZJw5OHSMJqa3xrlEsbp0VO
/P7LR77iFnz1snAqCQ/hw2cCgYBtfgBUY1ULUX9MECLkhYoSN5EF0Nc9YCOodu0s
I+d2M7d3nLQEJ/w6vv3pk0W9CcUc0gCjVMO6OozZrdgeHwhRhdaUFHLfWf245UMo
xMzM0o5pvhyh/t1KwbRdsiK3Xg9r219uTFbB+ACDU/PJTq99axT9dHlv8+HAynun
IjOwmQKBgCDlcopCoJ0l9A4wvBhQVu6QRw4mgN22cHl+tYb4Ik4ql9prRJ0nxVDi
DFpyxj5O6SG/DloXzIX6nzZ4dgNVE90EuTHQ311SgZ85Q30Fif6TDGDhwnXLLgyt
O+MJ2bV2eCVsW85gMA9swzoJ1bjXMukCBtVSnOVWkRVwc5Xoy8hy
-----END RSA PRIVATE KEY-----
Codebase Browser
chromium