| [Created by: generate_policies_tests.py] |
| |
| Cast certificate chain with the following policies: |
| |
| Root: policies={} |
| Intermediate: policies={audioOnly} |
| Leaf: policies={foo} |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 4 (0x4) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Intermediate |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2018 GMT |
| Subject: CN=Leaf |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:b4:ac:61:51:0e:40:b5:27:19:06:0b:a9:13:d8: |
| ec:a4:ab:ae:df:94:33:27:7e:e3:2b:0f:4b:b0:2c: |
| 6a:41:38:b4:0b:aa:29:31:9c:1d:17:42:32:e0:81: |
| bb:a3:ea:52:c0:43:f3:f1:2c:3a:5d:22:9c:e6:e9: |
| cc:96:3b:69:4f:63:e0:29:57:47:4c:94:02:64:39: |
| 52:38:2a:5e:f4:93:12:e1:85:16:87:e8:b4:15:80: |
| 02:ba:af:61:2e:e6:14:2a:39:81:67:27:c4:c7:fc: |
| 4b:f9:e6:f7:b1:84:eb:bd:b6:b0:df:01:11:49:94: |
| 39:8b:b3:2e:0b:c9:46:de:b9:63:ba:d2:d1:60:21: |
| d0:d2:e2:4a:5f:7c:df:3c:99:6f:c9:e8:a5:9f:be: |
| d3:76:89:dd:99:f1:fe:6e:53:bd:b2:19:f1:9f:dc: |
| 68:84:7f:a6:1c:81:4d:c7:7e:b1:ba:bf:d8:05:46: |
| 9a:43:c4:ef:08:08:80:40:49:32:ef:f8:84:0e:da: |
| 67:bf:7b:4b:14:69:f7:e7:c6:16:40:c5:75:21:a1: |
| 19:48:6e:81:88:2a:70:b0:23:87:da:43:ab:b5:f3: |
| 45:2b:c1:31:44:31:2d:94:a5:f6:e4:97:16:54:aa: |
| 76:e4:bc:4f:f9:14:59:83:61:7e:ed:4e:6a:c6:3b: |
| c8:0b |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 5B:20:CE:3D:64:B6:89:52:42:76:50:2E:B6:50:8C:8C:88:BD:44:6A |
| X509v3 Authority Key Identifier: |
| keyid:D7:30:75:D1:B9:8A:C0:67:E9:D7:FB:C4:45:99:2F:AF:B4:E0:DF:2A |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Intermediate.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Intermediate.crl |
| |
| X509v3 Key Usage: critical |
| Digital Signature, Key Encipherment |
| X509v3 Extended Key Usage: |
| TLS Web Client Authentication |
| X509v3 Certificate Policies: |
| Policy: 1.2.840.113554.4.1.72585.2 |
| |
| Signature Algorithm: sha256WithRSAEncryption |
| 23:67:1e:34:11:31:20:b8:a4:6c:36:ae:71:5a:23:6d:73:72: |
| 4e:5b:65:b9:8b:4a:bb:6c:c1:ba:87:24:3a:98:42:59:a3:c3: |
| 75:bf:1d:b4:c7:c4:c8:b9:87:a0:d8:6d:98:14:34:c6:2a:8b: |
| b4:e2:3a:4a:10:b7:fd:52:8e:33:7a:8b:1d:b7:28:f4:99:12: |
| 93:65:f9:1a:66:42:6f:da:19:f9:33:a6:72:9e:f9:15:c6:61: |
| 28:05:92:04:1e:9f:d9:e8:a6:81:11:32:82:38:db:61:68:24: |
| 7f:f8:5b:db:55:78:7c:d8:65:2b:c5:4c:78:31:f6:0e:bc:73: |
| 0c:33:81:47:10:bb:fe:49:66:2a:2c:2c:4c:40:23:06:97:26: |
| b5:d1:b9:a3:9f:0c:7d:e9:1b:6a:f9:61:fd:29:bc:6d:85:68: |
| 92:8f:f6:94:25:c7:85:3a:d1:ee:28:45:06:11:af:a0:0c:7d: |
| a9:da:02:ff:bf:d7:d2:96:7c:6e:34:bf:35:2d:85:64:79:2c: |
| 23:59:c9:e1:fe:0e:56:91:47:a8:22:d1:10:2d:d4:44:38:44: |
| ca:58:59:04:d6:81:60:7f:bc:08:a5:f3:3f:f8:8e:fa:c1:40: |
| 2e:40:8b:5a:15:84:17:a0:92:59:55:97:83:fe:9b:32:95:94: |
| a8:51:99:42 |
| -----BEGIN CERTIFICATE----- |
| MIIDnDCCAoSgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl |
| cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTgwMTAxMTIwMDAwWjAPMQ0wCwYD |
| VQQDDARMZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKxhUQ5A |
| tScZBgupE9jspKuu35QzJ37jKw9LsCxqQTi0C6opMZwdF0Iy4IG7o+pSwEPz8Sw6 |
| XSKc5unMljtpT2PgKVdHTJQCZDlSOCpe9JMS4YUWh+i0FYACuq9hLuYUKjmBZyfE |
| x/xL+eb3sYTrvbaw3wERSZQ5i7MuC8lG3rljutLRYCHQ0uJKX3zfPJlvyeiln77T |
| dondmfH+blO9shnxn9xohH+mHIFNx36xur/YBUaaQ8TvCAiAQEky7/iEDtpnv3tL |
| FGn358YWQMV1IaEZSG6BiCpwsCOH2kOrtfNFK8ExRDEtlKX25JcWVKp25LxP+RRZ |
| g2F+7U5qxjvICwIDAQABo4H6MIH3MB0GA1UdDgQWBBRbIM49ZLaJUkJ2UC62UIyM |
| iL1EajAfBgNVHSMEGDAWgBTXMHXRuYrAZ+nX+8RFmS+vtODfKjA/BggrBgEFBQcB |
| AQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91cmwtZm9yLWFpYS9JbnRlcm1lZGlh |
| dGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly91cmwtZm9yLWNybC9JbnRl |
| cm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD |
| AjAZBgNVHSAEEjAQMA4GDCqGSIb3EgQBhLcJAjANBgkqhkiG9w0BAQsFAAOCAQEA |
| I2ceNBExILikbDaucVojbXNyTltluYtKu2zBuockOphCWaPDdb8dtMfEyLmHoNht |
| mBQ0xiqLtOI6ShC3/VKOM3qLHbco9JkSk2X5GmZCb9oZ+TOmcp75FcZhKAWSBB6f |
| 2eimgREygjjbYWgkf/hb21V4fNhlK8VMeDH2DrxzDDOBRxC7/klmKiwsTEAjBpcm |
| tdG5o58Mfekbavlh/Sm8bYVoko/2lCXHhTrR7ihFBhGvoAx9qdoC/7/X0pZ8bjS/ |
| NS2FZHksI1nJ4f4OVpFHqCLREC3URDhEylhZBNaBYH+8CKXzP/iO+sFALkCLWhWE |
| F6CSWVWXg/6bMpWUqFGZQg== |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 8 (0x8) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2018 GMT |
| Subject: CN=Intermediate |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:a9:b2:82:36:54:a8:98:d5:fd:3d:04:24:22:7a: |
| 96:60:e6:b9:00:f2:b5:30:fe:2a:e7:01:d7:18:08: |
| 14:af:09:2c:2b:fc:09:1c:c5:8f:dc:80:68:0e:e4: |
| 33:6b:6a:e0:9a:e5:5d:7f:72:71:b6:bf:9a:c2:42: |
| 72:2f:02:64:a6:b1:31:9c:3b:f8:f6:f1:5f:58:c6: |
| 15:e7:09:d5:d7:ca:85:48:24:e9:ba:4b:77:dd:55: |
| 52:38:b7:98:6f:98:ac:6b:cb:aa:6b:31:9a:7e:8d: |
| 72:35:ff:d2:13:47:60:39:b6:c9:97:1b:6d:e6:95: |
| 33:c5:df:74:d3:37:7e:5d:92:11:6b:ad:74:0a:5f: |
| 2c:62:56:d2:f2:2e:9f:02:47:66:e4:9c:e9:67:ed: |
| 92:9e:5f:6c:2e:87:ea:ad:c8:b0:d2:72:be:19:7c: |
| a8:bb:10:e7:76:5c:74:8c:42:9c:c0:91:58:e9:ba: |
| b7:6a:71:4a:6f:c0:3c:5d:42:e7:e6:8d:53:57:d5: |
| 06:5d:80:da:f5:97:f3:a7:32:71:49:99:c0:ef:a2: |
| 77:3f:c0:42:a4:6e:1f:ca:41:f5:37:a0:a9:e8:f9: |
| f8:b0:16:5e:a3:98:e7:87:9d:31:c8:c3:c1:0c:34: |
| 8b:e9:0e:9b:30:b7:fc:2a:d0:ff:7d:c8:bc:b5:d6: |
| 7d:6f |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| D7:30:75:D1:B9:8A:C0:67:E9:D7:FB:C4:45:99:2F:AF:B4:E0:DF:2A |
| X509v3 Authority Key Identifier: |
| keyid:97:9F:F1:88:19:93:DC:19:55:06:EB:83:28:9D:18:F0:1E:50:99:EB |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| X509v3 Certificate Policies: |
| Policy: 1.3.6.1.4.1.11129.2.5.2 |
| |
| Signature Algorithm: sha256WithRSAEncryption |
| 93:84:5b:28:41:82:e9:d3:62:fb:5b:6b:2f:03:53:bf:2e:c2: |
| e1:65:15:5b:6d:fc:56:16:d0:d8:c5:45:b6:ce:c8:e3:76:d5: |
| 35:00:02:ab:b9:e1:23:ca:7d:0d:80:d6:e4:dc:70:50:56:4f: |
| 6f:a8:80:c5:45:40:0b:3e:6d:88:02:bc:37:e1:b2:f6:ec:d0: |
| 88:27:49:f6:98:2e:03:35:98:13:04:4e:25:c9:0e:65:70:f7: |
| 7a:da:1c:32:cb:40:3f:8b:54:75:b2:c8:63:45:45:fe:01:af: |
| d9:04:8b:58:18:55:ac:78:3a:20:04:7a:1e:bb:43:49:0b:cd: |
| ac:09:08:0a:c2:96:6f:4f:a0:4e:d5:48:f8:40:e7:f5:46:11: |
| 58:f0:1c:ff:91:db:e9:e8:58:ad:45:dd:ed:06:ed:63:51:93: |
| 4d:40:fc:7e:d8:d3:e3:dc:36:20:63:9f:f0:fd:05:8a:b0:7d: |
| 2d:8a:99:93:fa:73:4e:b5:24:45:e8:bf:0f:a8:e0:ee:c7:18: |
| 2e:b6:b3:ed:52:ba:d1:94:0d:9f:8d:c7:66:a7:91:5d:bd:dc: |
| ca:ff:bb:99:31:1e:78:08:b4:4d:03:2e:af:a6:f1:87:f0:80: |
| e7:81:47:db:be:31:2c:ee:ef:ca:16:b1:15:9e:43:0d:10:ef: |
| 8c:22:be:fc |
| -----BEGIN CERTIFICATE----- |
| MIIDhjCCAm6gAwIBAgIBCDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE4MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 |
| ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbKCNlSo |
| mNX9PQQkInqWYOa5APK1MP4q5wHXGAgUrwksK/wJHMWP3IBoDuQza2rgmuVdf3Jx |
| tr+awkJyLwJkprExnDv49vFfWMYV5wnV18qFSCTpukt33VVSOLeYb5isa8uqazGa |
| fo1yNf/SE0dgObbJlxtt5pUzxd900zd+XZIRa610Cl8sYlbS8i6fAkdm5JzpZ+2S |
| nl9sLofqrciw0nK+GXyouxDndlx0jEKcwJFY6bq3anFKb8A8XULn5o1TV9UGXYDa |
| 9ZfzpzJxSZnA76J3P8BCpG4fykH1N6Cp6Pn4sBZeo5jnh50xyMPBDDSL6Q6bMLf8 |
| KtD/fci8tdZ9bwIDAQABo4HkMIHhMB0GA1UdDgQWBBTXMHXRuYrAZ+nX+8RFmS+v |
| tODfKjAfBgNVHSMEGDAWgBSXn/GIGZPcGVUG64MonRjwHlCZ6zA3BggrBgEFBQcB |
| AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs |
| BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD |
| VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wFwYDVR0gBBAwDjAMBgorBgEE |
| AdZ5AgUCMA0GCSqGSIb3DQEBCwUAA4IBAQCThFsoQYLp02L7W2svA1O/LsLhZRVb |
| bfxWFtDYxUW2zsjjdtU1AAKrueEjyn0NgNbk3HBQVk9vqIDFRUALPm2IArw34bL2 |
| 7NCIJ0n2mC4DNZgTBE4lyQ5lcPd62hwyy0A/i1R1sshjRUX+Aa/ZBItYGFWseDog |
| BHoeu0NJC82sCQgKwpZvT6BO1Uj4QOf1RhFY8Bz/kdvp6FitRd3tBu1jUZNNQPx+ |
| 2NPj3DYgY5/w/QWKsH0tipmT+nNOtSRF6L8PqODuxxgutrPtUrrRlA2fjcdmp5Fd |
| vdzK/7uZMR54CLRNAy6vpvGH8IDngUfbvjEs7u/KFrEVnkMNEO+MIr78 |
| -----END CERTIFICATE----- |
| |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 7 (0x7) |
| Signature Algorithm: sha256WithRSAEncryption |
| Issuer: CN=Root |
| Validity |
| Not Before: Jan 1 12:00:00 2015 GMT |
| Not After : Jan 1 12:00:00 2018 GMT |
| Subject: CN=Root |
| Subject Public Key Info: |
| Public Key Algorithm: rsaEncryption |
| Public-Key: (2048 bit) |
| Modulus: |
| 00:9b:9c:73:93:62:04:5c:af:94:ef:7f:74:ac:8d: |
| 96:d4:50:8a:1f:08:eb:3a:2c:08:6e:53:2a:79:b7: |
| ee:03:31:43:0d:66:d2:af:ee:59:6c:bc:06:42:22: |
| cd:39:49:62:13:51:dd:94:fd:7f:03:d4:55:0f:e3: |
| 82:dd:f5:3f:2f:4b:01:38:e2:d2:31:e3:da:d9:b0: |
| 8e:c4:39:62:8a:dd:5a:68:0e:5c:65:80:e5:74:e7: |
| a3:5a:b7:23:eb:9c:26:6b:82:50:4e:49:f2:2a:15: |
| 41:0c:f8:03:7a:33:92:b6:e1:d0:de:1c:c4:08:74: |
| 4d:dc:e3:82:ab:0b:4e:ef:32:c7:bb:b3:45:30:3b: |
| d9:1e:6f:eb:6c:9a:c7:e4:9d:be:07:09:eb:43:20: |
| a7:b0:68:99:21:45:80:d3:90:71:ea:87:53:e1:20: |
| 99:ef:84:38:f5:71:0a:42:a3:30:b2:d8:6f:ab:87: |
| ac:9a:7c:01:b6:8a:3c:c1:c1:62:25:77:7e:51:f1: |
| 4f:88:92:b1:3d:16:fb:ba:3e:f9:d4:58:dd:6d:c0: |
| 18:a2:9e:f9:82:3f:7f:e9:de:f0:2d:a1:2a:b2:5e: |
| 38:15:73:15:80:ad:63:13:6b:96:4a:8e:cf:6c:f2: |
| 44:7b:7e:52:c6:53:1d:bc:b3:f5:1e:dd:ec:b7:19: |
| a0:eb |
| Exponent: 65537 (0x10001) |
| X509v3 extensions: |
| X509v3 Subject Key Identifier: |
| 97:9F:F1:88:19:93:DC:19:55:06:EB:83:28:9D:18:F0:1E:50:99:EB |
| X509v3 Authority Key Identifier: |
| keyid:97:9F:F1:88:19:93:DC:19:55:06:EB:83:28:9D:18:F0:1E:50:99:EB |
| |
| Authority Information Access: |
| CA Issuers - URI:http://url-for-aia/Root.cer |
| |
| X509v3 CRL Distribution Points: |
| |
| Full Name: |
| URI:http://url-for-crl/Root.crl |
| |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Basic Constraints: critical |
| CA:TRUE |
| Signature Algorithm: sha256WithRSAEncryption |
| 24:16:e4:a2:3a:5f:d6:97:f2:b9:26:a9:03:97:85:12:bb:02: |
| 22:b5:82:30:14:58:a4:c1:45:37:64:a4:8e:05:e0:cf:33:d7: |
| d7:74:f7:ca:ea:e9:19:c8:15:d9:b0:d4:25:d5:45:a8:bb:ff: |
| 7e:e6:9a:d2:9f:d2:a8:7d:ac:04:e7:ab:ed:76:0c:f1:e1:ee: |
| 13:03:6b:71:13:c3:e9:2e:28:aa:b2:4b:0e:7b:ec:b4:d9:bb: |
| 47:94:3a:25:b8:df:43:26:4b:b5:ba:7a:2f:3f:33:3f:f0:7f: |
| 8f:86:50:5a:95:1a:ed:84:f2:cf:84:f3:2b:e6:a6:bf:92:b3: |
| 80:5e:bc:7a:f0:f3:b4:00:2f:ea:2b:22:b4:2a:ea:b5:bb:b2: |
| 68:69:76:65:94:da:89:44:36:fa:83:81:00:af:d6:9b:e5:ec: |
| 77:1d:db:3a:91:17:2c:ba:4f:2e:0b:4a:d5:bb:c5:79:7d:1c: |
| 35:9b:fc:34:88:5d:a6:f7:bc:79:30:f2:05:27:3b:6f:ca:f8: |
| 18:90:15:91:12:9a:d6:56:ac:93:83:1e:28:7f:2b:25:dc:2b: |
| d1:2c:96:8b:60:53:a5:40:21:89:71:15:fe:2d:4c:74:2e:5c: |
| c9:4d:f0:3e:83:c6:54:71:86:a5:9b:6c:37:4b:1a:fe:f7:e7: |
| 46:02:0f:f5 |
| -----BEGIN CERTIFICATE----- |
| MIIDZTCCAk2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 |
| MB4XDTE1MDEwMTEyMDAwMFoXDTE4MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v |
| dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJucc5NiBFyvlO9/dKyN |
| ltRQih8I6zosCG5TKnm37gMxQw1m0q/uWWy8BkIizTlJYhNR3ZT9fwPUVQ/jgt31 |
| Py9LATji0jHj2tmwjsQ5YordWmgOXGWA5XTno1q3I+ucJmuCUE5J8ioVQQz4A3oz |
| krbh0N4cxAh0TdzjgqsLTu8yx7uzRTA72R5v62yax+SdvgcJ60Mgp7BomSFFgNOQ |
| ceqHU+Egme+EOPVxCkKjMLLYb6uHrJp8AbaKPMHBYiV3flHxT4iSsT0W+7o++dRY |
| 3W3AGKKe+YI/f+ne8C2hKrJeOBVzFYCtYxNrlkqOz2zyRHt+UsZTHbyz9R7d7LcZ |
| oOsCAwEAAaOByzCByDAdBgNVHQ4EFgQUl5/xiBmT3BlVBuuDKJ0Y8B5QmeswHwYD |
| VR0jBBgwFoAUl5/xiBmT3BlVBuuDKJ0Y8B5QmeswNwYIKwYBBQUHAQEEKzApMCcG |
| CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw |
| IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE |
| AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAkFuSiOl/W |
| l/K5JqkDl4USuwIitYIwFFikwUU3ZKSOBeDPM9fXdPfK6ukZyBXZsNQl1UWou/9+ |
| 5prSn9KofawE56vtdgzx4e4TA2txE8PpLiiqsksOe+y02btHlDoluN9DJku1unov |
| PzM/8H+PhlBalRrthPLPhPMr5qa/krOAXrx68PO0AC/qKyK0Kuq1u7JoaXZllNqJ |
| RDb6g4EAr9ab5ex3Hds6kRcsuk8uC0rVu8V5fRw1m/w0iF2m97x5MPIFJztvyvgY |
| kBWREprWVqyTgx4ofysl3CvRLJaLYFOlQCGJcRX+LUx0LlzJTfA+g8ZUcYalm2w3 |
| Sxr+9+dGAg/1 |
| -----END CERTIFICATE----- |
