1 [ In the intermediate certificate, the basicConstraints is set - non critical -
2 and the CA is true. This should be validated. ]
7 Serial Number: 52 (0x34)
8 Signature Algorithm: sha1WithRSAEncryption
9 Issuer: C=US, O=U.S. Government, OU=Dod, OU=Testing, CN=CA1-IC.02.04
11 Not Before: Jan 1 12:01:00 1998 GMT
12 Not After : Jan 1 12:01:00 2048 GMT
13 Subject: C=US, O=U.S. Government, OU=DoD, OU=Testing, CN=User1-IC.02.04
14 Subject Public Key Info:
15 Public Key Algorithm: rsaEncryption
16 RSA Public Key: (1024 bit)
18 00:c5:b8:e5:de:5d:3e:bc:d4:25:bb:91:20:37:90:
19 e6:02:09:45:8c:62:f3:43:f1:3e:fc:52:98:97:bc:
20 49:c1:b5:03:e9:7b:e5:20:2d:80:b1:96:03:10:6a:
21 c4:f4:b3:2f:eb:5e:04:15:2c:9e:67:f6:5e:c7:3c:
22 fe:a4:07:1d:eb:fb:e2:e6:ad:d2:5c:6a:f5:8a:d9:
23 de:7a:4b:5b:66:0d:a3:60:9f:c4:b2:b4:33:b1:75:
24 fd:b8:64:1c:ad:9f:f6:db:48:bc:ea:eb:28:8e:bb:
25 05:e1:23:7c:00:94:2d:d2:44:86:5e:37:d6:e5:88:
26 35:65:74:a5:8f:9f:1e:af:a9
27 Exponent: 65537 (0x10001)
29 X509v3 Key Usage: critical
30 Digital Signature, Non Repudiation, Key Encipherment
31 X509v3 Certificate Policies:
32 Policy: 2.16.840.1.101.3.1.48.1
34 X509v3 Subject Key Identifier:
35 23:AD:4D:9D:4B:E0:BE:36
36 X509v3 Authority Key Identifier:
37 keyid:8C:39:BC:2B:96:1C:19:A9
39 Signature Algorithm: sha1WithRSAEncryption
40 8f:08:0b:ea:a3:27:9e:a5:2f:36:ca:6c:0d:a6:29:3d:0c:d3:
41 0a:a5:e4:aa:c8:59:86:cc:b9:1b:f9:cb:93:ad:b5:1f:f6:1b:
42 34:69:67:67:a6:ac:1c:69:63:61:56:0c:ce:39:9c:9f:2d:7a:
43 cb:a9:ed:8a:ff:50:3c:1e:d8:a2:b0:31:db:b5:93:ee:94:0f:
44 16:56:bd:ea:cf:a7:33:fa:df:c1:61:cf:58:8e:90:18:3b:2a:
45 b8:fa:e2:c0:99:bf:33:04:02:fb:5a:03:5c:41:4a:bd:d2:0b:
46 d2:ea:de:8d:f7:79:86:08:97:61:b4:51:c0:c2:3b:92:6f:7b:
48 -----BEGIN CERTIFICATE-----
49 MIIChjCCAe+gAwIBAgIBNDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEY
50 MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsT
51 B1Rlc3RpbmcxFTATBgNVBAMTDENBMS1JQy4wMi4wNDAeFw05ODAxMDExMjAxMDBa
52 Fw00ODAxMDExMjAxMDBaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdv
53 dmVybm1lbnQxDDAKBgNVBAsTA0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UE
54 AxMOVXNlcjEtSUMuMDIuMDQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMW4
55 5d5dPrzUJbuRIDeQ5gIJRYxi80PxPvxSmJe8ScG1A+l75SAtgLGWAxBqxPSzL+te
56 BBUsnmf2Xsc8/qQHHev74uat0lxq9YrZ3npLW2YNo2CfxLK0M7F1/bhkHK2f9ttI
57 vOrrKI67BeEjfACULdJEhl431uWINWV0pY+fHq+pAgMBAAGjUjBQMA4GA1UdDwEB
58 /wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECgQII61NnUvg
59 vjYwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJKoZIhvcNAQEFBQADgYEAjwgL6qMn
60 nqUvNspsDaYpPQzTCqXkqshZhsy5G/nLk621H/YbNGlnZ6asHGljYVYMzjmcny16
61 y6ntiv9QPB7YorAx27WT7pQPFla96s+nM/rfwWHPWI6QGDsquPriwJm/MwQC+1oD
62 XEFKvdIL0urejfd5hgiXYbRRwMI7km97iHg=
63 -----END CERTIFICATE-----
68 Serial Number: 51 (0x33)
69 Signature Algorithm: sha1WithRSAEncryption
70 Issuer: C=US, O=U.S. Government, OU=DoD, OU=Testing, CN=Trust Anchor
72 Not Before: Jan 1 12:01:00 1998 GMT
73 Not After : Jan 1 12:01:00 2048 GMT
74 Subject: C=US, O=U.S. Government, OU=Dod, OU=Testing, CN=CA1-IC.02.04
75 Subject Public Key Info:
76 Public Key Algorithm: rsaEncryption
77 RSA Public Key: (1024 bit)
79 00:df:e6:ee:68:b8:64:25:42:67:4d:7d:ce:1e:96:
80 5d:d1:5c:a5:a6:b6:af:9a:af:d5:4a:32:67:b7:92:
81 9f:03:71:b0:db:51:a5:70:96:f8:56:4e:43:8a:c5:
82 bf:48:db:4f:30:7c:61:b6:9d:08:80:ad:ec:c8:c2:
83 eb:65:01:27:fb:b1:6a:35:e8:43:da:a6:61:9d:08:
84 5f:ab:a7:57:69:8c:03:c1:52:e7:eb:b8:4c:82:67:
85 c9:ee:d8:84:c3:e7:6c:2e:3d:8f:4e:01:c2:87:40:
86 4d:bf:6c:1a:42:25:69:30:f7:b7:d8:5f:a4:3d:3c:
87 f5:b9:ba:86:d6:a1:42:6d:3b
88 Exponent: 65537 (0x10001)
90 X509v3 Basic Constraints:
92 X509v3 Key Usage: critical
93 Certificate Sign, CRL Sign
94 X509v3 Certificate Policies:
95 Policy: 2.16.840.1.101.3.1.48.1
97 X509v3 Subject Key Identifier:
98 8C:39:BC:2B:96:1C:19:A9
99 X509v3 Authority Key Identifier:
100 keyid:AB:9A:EB:F9:C2:E7:54:8F
102 Signature Algorithm: sha1WithRSAEncryption
103 11:02:09:79:98:ff:1c:4d:c7:be:38:c9:57:b3:dd:53:ed:99:
104 7b:c3:9e:09:87:9e:58:3a:1c:c6:b0:3a:e3:bc:69:78:e9:2c:
105 55:70:57:2a:6a:b6:39:53:6a:a0:59:3b:60:db:65:49:4a:a2:
106 4b:64:e5:aa:31:aa:2e:d2:98:7a:d9:3b:6b:5e:ea:4b:ff:04:
107 21:07:2d:f8:7e:4a:59:db:e4:2e:46:0c:91:f2:00:00:c2:6f:
108 25:91:cf:1b:11:2f:8f:ea:15:3c:08:bd:14:84:d1:6c:57:4d:
109 f0:9b:dd:a3:d3:00:b9:4d:aa:f1:dd:b1:f0:c1:76:df:a4:66:
111 -----BEGIN CERTIFICATE-----
112 MIICkjCCAfugAwIBAgIBMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEY
113 MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsT
114 B1Rlc3RpbmcxFTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBa
115 Fw00ODAxMDExMjAxMDBaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdv
116 dmVybm1lbnQxDDAKBgNVBAsTA0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UE
117 AxMMQ0ExLUlDLjAyLjA0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDf5u5o
118 uGQlQmdNfc4ell3RXKWmtq+ar9VKMme3kp8DcbDbUaVwlvhWTkOKxb9I208wfGG2
119 nQiArezIwutlASf7sWo16EPapmGdCF+rp1dpjAPBUufruEyCZ8nu2ITD52wuPY9O
120 AcKHQE2/bBpCJWkw97fYX6Q9PPW5uobWoUJtOwIDAQABo2AwXjAMBgNVHRMEBTAD
121 AQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNV
122 HQ4ECgQIjDm8K5YcGakwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEF
123 BQADgYEAEQIJeZj/HE3HvjjJV7PdU+2Ze8OeCYeeWDocxrA647xpeOksVXBXKmq2
124 OVNqoFk7YNtlSUqiS2TlqjGqLtKYetk7a17qS/8EIQct+H5KWdvkLkYMkfIAAMJv
125 JZHPGxEvj+oVPAi9FITRbFdN8Jvdo9MAuU2q8d2x8MF236RmEds=
126 -----END CERTIFICATE-----
128 Certificate Revocation List (CRL):
130 Signature Algorithm: sha1WithRSAEncryption
131 Issuer: /C=US/O=U.S. Government/OU=Dod/OU=Testing/CN=CA1-IC.02.04
132 Last Update: Jan 1 12:01:00 1999 GMT
133 Next Update: Jan 1 12:01:00 2048 GMT
137 X509v3 Authority Key Identifier:
138 keyid:8C:39:BC:2B:96:1C:19:A9
140 No Revoked Certificates.
141 Signature Algorithm: sha1WithRSAEncryption
142 57:96:d7:ed:6b:13:f2:c5:9e:03:48:90:ed:5f:fe:65:01:12:
143 0f:3b:f2:1c:0e:d9:8a:3b:b4:89:1b:2f:4c:be:ea:39:51:7f:
144 36:5e:6f:fb:33:43:f9:93:4f:85:d2:43:28:43:3f:43:49:44:
145 68:0c:9b:7b:41:3b:dc:d3:26:33:5a:91:5f:57:5a:03:01:3e:
146 fa:31:ee:90:5f:53:31:e3:65:ef:9d:07:25:a4:ba:eb:b1:fa:
147 8d:c8:de:46:b1:d4:24:30:f4:f8:08:2a:ad:96:39:d9:d2:fa:
148 08:f3:37:57:84:12:bd:d7:dc:d7:fc:6d:2a:63:48:65:64:92:
150 -----BEGIN X509 CRL-----
151 MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UE
152 ChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rp
153 bmcxFTATBgNVBAMTDENBMS1JQy4wMi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAx
154 MTIwMTAwWqAjMCEwCgYDVR0UBAMCAQEwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJ
155 KoZIhvcNAQEFBQADgYEAV5bX7WsT8sWeA0iQ7V/+ZQESDzvyHA7Ziju0iRsvTL7q
156 OVF/Nl5v+zND+ZNPhdJDKEM/Q0lEaAybe0E73NMmM1qRX1daAwE++jHukF9TMeNl
157 750HJaS667H6jcjeRrHUJDD0+AgqrZY52dL6CPM3V4QSvdfc1/xtKmNIZWSSoqY=
158 -----END X509 CRL-----
160 Certificate Revocation List (CRL):
162 Signature Algorithm: sha1WithRSAEncryption
163 Issuer: /C=US/O=U.S. Government/OU=DoD/OU=Testing/CN=Trust Anchor
164 Last Update: Jan 1 12:01:00 1999 GMT
165 Next Update: Jan 1 12:01:00 2048 GMT
169 X509v3 Authority Key Identifier:
170 keyid:AB:9A:EB:F9:C2:E7:54:8F
172 Revoked Certificates:
174 Revocation Date: Jan 1 12:00:00 1999 GMT
175 X509v3 CRL Reason Code:
177 Signature Algorithm: sha1WithRSAEncryption
178 0b:b9:6a:67:07:a3:25:15:bb:42:fc:c7:d7:5f:fb:71:87:0b:
179 de:b6:9c:80:cc:47:dc:f4:94:fe:e7:ef:c8:b9:3b:6a:14:7e:
180 f9:1b:47:6a:bc:bf:59:e0:af:45:dc:b3:9c:b8:88:38:0f:19:
181 06:28:2e:5a:d5:4f:aa:c3:72:b0:d9:fb:58:ba:1f:40:85:5a:
182 fb:f4:c3:dd:3f:a5:79:c7:b8:7b:53:70:19:0b:e3:e5:0f:9e:
183 db:04:6d:19:78:3e:80:2b:93:8d:32:94:15:f2:91:9d:6c:fb:
184 3b:b4:72:88:92:8a:8a:6d:23:b4:01:78:46:40:a9:2d:e6:cd:
186 -----BEGIN X509 CRL-----
187 MIIBbzCB2QIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UE
188 ChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rp
189 bmcxFTATBgNVBAMTDFRydXN0IEFuY2hvchcNOTkwMTAxMTIwMTAwWhcNNDgwMTAx
190 MTIwMTAwWjAiMCACAScXDTk5MDEwMTEyMDAwMFowDDAKBgNVHRUEAwoBAaAjMCEw
191 CgYDVR0UBAMCAQEwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQAD
192 gYEAC7lqZwejJRW7QvzH11/7cYcL3racgMxH3PSU/ufvyLk7ahR++RtHary/WeCv
193 RdyznLiIOA8ZBiguWtVPqsNysNn7WLofQIVa+/TD3T+lece4e1NwGQvj5Q+e2wRt
194 GXg+gCuTjTKUFfKRnWz7O7RyiJKKim0jtAF4RkCpLebNChY=
195 -----END X509 CRL-----
200 Serial Number: 99999 (0x1869f)
201 Signature Algorithm: sha1WithRSAEncryption
202 Issuer: C=US, O=U.S. Government, OU=DoD, OU=Testing, CN=Trust Anchor
204 Not Before: Jan 1 12:01:00 1999 GMT
205 Not After : Jan 1 12:01:00 2048 GMT
206 Subject: C=US, O=U.S. Government, OU=DoD, OU=Testing, CN=Trust Anchor
207 Subject Public Key Info:
208 Public Key Algorithm: rsaEncryption
209 RSA Public Key: (1024 bit)
211 00:d3:f3:b9:c1:33:b7:3f:a7:27:f6:41:1d:5c:9c:
212 79:9d:aa:d2:95:10:b7:84:ce:da:a3:e5:58:0c:3e:
213 4e:8b:56:bf:3e:aa:21:2d:50:13:fe:f3:19:2e:7a:
214 cb:11:cf:f3:d3:b8:5f:57:9f:9d:97:80:af:1d:95:
215 57:12:df:34:d4:bd:f3:ae:4d:e7:7c:a6:20:d4:04:
216 4e:da:63:61:3e:3d:2a:8d:37:cf:c5:3c:c9:f9:fa:
217 f0:39:48:04:78:bd:b0:dd:f5:24:46:33:a1:46:9f:
218 17:9f:04:bb:cf:37:94:0c:13:43:aa:90:ac:91:78:
219 1d:ba:f3:18:84:2a:82:2b:47
220 Exponent: 65537 (0x10001)
222 X509v3 Subject Key Identifier:
223 AB:9A:EB:F9:C2:E7:54:8F
224 X509v3 Basic Constraints:
226 X509v3 Authority Key Identifier:
227 keyid:AB:9A:EB:F9:C2:E7:54:8F
229 Signature Algorithm: sha1WithRSAEncryption
230 16:56:0f:61:ac:87:8b:4f:eb:64:12:1b:c3:85:59:4a:68:e1:
231 3b:a5:21:c1:59:2e:91:ac:68:fe:13:ff:63:6d:ee:55:d4:a0:
232 82:4c:37:bc:16:8e:a9:26:61:fe:7f:46:fa:38:1f:13:5c:8a:
233 6a:b7:12:47:98:72:b9:b5:56:80:ee:78:95:18:1a:f4:63:70:
234 26:39:9b:19:20:84:8d:bb:62:5f:df:2c:a1:3d:fc:1b:d0:3a:
235 bb:d8:cc:1b:36:12:a2:ab:ad:3e:e6:e1:52:b4:75:13:11:ec:
236 27:95:a6:63:cf:d3:cc:f4:4e:d8:ba:b8:ad:ad:cc:1a:65:a7:
238 -----BEGIN CERTIFICATE-----
239 MIICbDCCAdWgAwIBAgIDAYafMA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNVBAYTAlVT
240 MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEQMA4GA1UE
241 CxMHVGVzdGluZzEVMBMGA1UEAxMMVHJ1c3QgQW5jaG9yMB4XDTk5MDEwMTEyMDEw
242 MFoXDTQ4MDEwMTEyMDEwMFowXjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4g
243 R292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRUwEwYD
244 VQQDEwxUcnVzdCBBbmNob3IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANPz
245 ucEztz+nJ/ZBHVyceZ2q0pUQt4TO2qPlWAw+TotWvz6qIS1QE/7zGS56yxHP89O4
246 X1efnZeArx2VVxLfNNS9865N53ymINQETtpjYT49Ko03z8U8yfn68DlIBHi9sN31
247 JEYzoUafF58Eu883lAwTQ6qQrJF4HbrzGIQqgitHAgMBAAGjODA2MBEGA1UdDgQK
248 BAirmuv5wudUjzAMBgNVHRMEBTADAQH/MBMGA1UdIwQMMAqACKua6/nC51SPMA0G
249 CSqGSIb3DQEBBQUAA4GBABZWD2Gsh4tP62QSG8OFWUpo4TulIcFZLpGsaP4T/2Nt
250 7lXUoIJMN7wWjqkmYf5/Rvo4HxNcimq3EkeYcrm1VoDueJUYGvRjcCY5mxkghI27
251 Yl/fLKE9/BvQOrvYzBs2EqKrrT7m4VK0dRMR7CeVpmPP08z0Tti6uK2tzBplp1pF
252 -----END CERTIFICATE-----