[Created by: generate-intermediary-signed-with-md5.py] Certificate chain with 1 intermediary and a trusted root. The intermediary however is signed using the MD5 hash. Verification is expected to fail because MD5 is too weak. Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Intermediary Validity Not Before: Jan 1 12:00:00 2015 GMT Not After : Jan 1 12:00:00 2016 GMT Subject: CN=Target Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:e9:b3:cb:c4:9b:c5:59:0a:ca:5e:ca:b3:7b:e1: bb:ec:3d:4b:10:7b:d4:ee:71:92:1c:c0:24:af:0b: c4:5e:55:3b:af:aa:e3:43:a3:d3:ae:1c:db:7b:fe: 2a:35:d0:d8:49:77:09:f5:5d:65:9b:84:42:93:da: 64:a4:12:f7:f5:6d:91:2f:7c:96:aa:7b:50:09:67: 1d:f6:76:a2:4f:64:6c:d7:78:c6:78:f4:5c:83:3a: 01:64:3c:15:37:4e:2a:b9:48:2a:ce:42:36:35:59: b0:b0:f6:4c:db:21:59:14:87:91:09:d8:18:76:b8: fb:0c:b4:e4:ab:5a:24:27:e5:47:9c:c7:eb:d0:74: 17:5b:13:9a:f7:96:b7:1d:de:84:8c:6a:fd:c7:92: 53:09:72:31:66:aa:54:07:3d:1c:2c:86:e9:68:d8: 12:f6:22:ec:37:b5:58:6c:26:fe:79:c5:d0:f7:42: 79:f9:ad:7a:3a:f4:0a:52:3e:5a:5b:45:d9:a8:d1: 18:35:db:9d:56:81:11:49:f9:77:0d:ff:a7:1e:39: 63:14:3b:64:3d:d0:2f:1b:47:c6:ad:6a:a8:d8:c9: 09:cd:58:0b:5d:de:ad:aa:56:38:bd:42:0f:f9:c6: 9d:c0:da:b0:06:03:a5:3f:43:5f:e1:83:74:cc:a7: ab:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:2D:DF:58:DB:57:BD:6D:98:31:15:C9:58:49:E0:02:47:79:10:9D X509v3 Authority Key Identifier: keyid:0E:AF:B4:0B:04:28:C3:55:B4:F8:2D:EB:A1:62:49:26:60:A2:A7:D8 Authority Information Access: CA Issuers - URI:http://url-for-aia/Intermediary.cer X509v3 CRL Distribution Points: Full Name: URI:http://url-for-crl/Intermediary.crl X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption a2:d6:e1:fe:94:8d:78:bc:5b:9e:53:1a:b9:6b:76:32:2e:66: 0b:b3:ce:8f:96:9a:33:37:b6:e2:fb:99:56:2e:3b:cb:3d:d3: 96:c7:b8:05:9a:00:e4:f4:72:f6:97:b2:b3:72:08:3d:17:59: af:98:b3:16:a2:cb:e7:b8:bf:c1:5b:49:92:28:9c:47:bd:29: 9e:56:f8:52:67:eb:de:23:69:52:79:32:1f:ba:b5:58:d3:b6: 19:58:ac:62:04:a5:29:9a:7b:df:90:ad:c1:b1:42:c4:6c:a6: 16:db:af:5e:ee:85:83:9e:c9:02:ba:c6:3c:63:55:93:58:36: b4:86:b8:fa:e4:09:6f:98:6f:23:2a:2c:98:04:e4:2c:fd:69: 61:b2:36:88:8f:a2:70:ec:2a:47:6d:e0:cb:f8:5c:07:25:71: f4:f6:af:50:a7:d7:49:d8:c8:08:4a:09:12:8c:21:bc:d7:54: f2:04:fc:f0:33:2f:aa:b1:a7:d3:0a:d0:96:0f:69:7c:a4:a8: cd:a5:a6:d3:d2:6a:b1:f2:b1:0a:81:18:68:18:23:c1:6f:9c: 40:9f:d2:2d:6d:e2:52:36:05:4e:99:ae:b2:e1:b3:da:40:99: 1f:c6:9f:ae:9b:43:1d:e3:db:58:7c:96:b5:b8:cc:b6:b7:e9: 1b:57:a0:61 -----BEGIN CERTIFICATE----- MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl cm1lZGlhcnkwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDps8vE m8VZCspeyrN74bvsPUsQe9TucZIcwCSvC8ReVTuvquNDo9OuHNt7/io10NhJdwn1 XWWbhEKT2mSkEvf1bZEvfJaqe1AJZx32dqJPZGzXeMZ49FyDOgFkPBU3Tiq5SCrO QjY1WbCw9kzbIVkUh5EJ2Bh2uPsMtOSrWiQn5Uecx+vQdBdbE5r3lrcd3oSMav3H klMJcjFmqlQHPRwshulo2BL2Iuw3tVhsJv55xdD3Qnn5rXo69ApSPlpbRdmo0Rg1 251WgRFJ+XcN/6ceOWMUO2Q90C8bR8ataqjYyQnNWAtd3q2qVji9Qg/5xp3A2rAG A6U/Q1/hg3TMp6ufAgMBAAGjgekwgeYwHQYDVR0OBBYEFOgt31jbV71tmDEVyVhJ 4AJHeRCdMB8GA1UdIwQYMBaAFA6vtAsEKMNVtPgt66FiSSZgoqfYMD8GCCsGAQUF BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk aWFyeS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu dGVybWVkaWFyeS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAotbh/pSNeLxbnlMauWt2 Mi5mC7POj5aaMze24vuZVi47yz3Tlse4BZoA5PRy9peys3IIPRdZr5izFqLL57i/ wVtJkiicR70pnlb4Umfr3iNpUnkyH7q1WNO2GVisYgSlKZp735CtwbFCxGymFtuv Xu6Fg57JArrGPGNVk1g2tIa4+uQJb5hvIyosmATkLP1pYbI2iI+icOwqR23gy/hc ByVx9PavUKfXSdjICEoJEowhvNdU8gT88DMvqrGn0wrQlg9pfKSozaWm09JqsfKx CoEYaBgjwW+cQJ/SLW3iUjYFTpmusuGz2kCZH8afrptDHePbWHyWtbjMtrfpG1eg YQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: md5WithRSAEncryption Issuer: CN=Root Validity Not Before: Jan 1 12:00:00 2015 GMT Not After : Jan 1 12:00:00 2016 GMT Subject: CN=Intermediary Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:e9:c2:e1:d4:1c:a8:bf:ff:07:7f:17:bf:a4:f7: f5:bc:e3:1f:76:32:e2:a3:e4:5c:a2:5d:83:a4:ad: c7:19:12:8a:20:dc:5c:d3:db:22:97:e5:59:09:d8: 7f:95:bc:79:61:c2:66:d1:69:02:fc:98:02:12:8e: f4:4e:63:4d:1f:d0:df:f9:25:f0:86:f0:17:ba:3d: 1c:5c:7d:7c:0a:f5:fc:f5:f3:a1:1f:44:45:30:e5: f2:02:b8:e2:04:69:50:f7:b8:10:1d:35:92:56:3b: 06:42:fc:a7:e5:45:40:b0:0c:2f:2c:61:dd:0e:55: cb:23:7d:8b:48:b6:ac:68:b3:e3:3b:fc:07:a4:89: 17:3e:e3:fc:74:12:e6:2f:15:b8:78:dc:a2:6b:6b: 98:e2:36:f6:69:26:71:21:20:d1:60:4d:44:ea:32: fd:54:64:4a:f1:6a:94:f3:51:43:e8:f9:5f:68:9e: 03:a8:a8:6c:a2:0e:55:e5:d8:87:ad:62:db:61:5b: a8:4b:1a:dc:f3:14:9f:97:24:5c:32:98:e4:9b:8b: 1e:32:d4:12:d0:5b:a1:c1:f6:2e:85:42:c4:dc:60: 8f:b1:b2:8b:7a:63:3e:ad:95:62:60:2a:0e:88:dc: 5c:10:c6:90:ab:6b:75:d2:42:f4:b2:a9:81:5a:d8: 0e:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:AF:B4:0B:04:28:C3:55:B4:F8:2D:EB:A1:62:49:26:60:A2:A7:D8 X509v3 Authority Key Identifier: keyid:DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7 Authority Information Access: CA Issuers - URI:http://url-for-aia/Root.cer X509v3 CRL Distribution Points: Full Name: URI:http://url-for-crl/Root.crl X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: md5WithRSAEncryption 03:a2:90:68:d8:0d:83:e4:1c:83:20:2e:0b:ff:60:1c:01:a9: ec:66:71:cd:3b:61:2c:10:95:ab:42:4e:fc:05:bb:40:d3:8c: 00:34:72:b3:8f:74:de:21:67:0a:e8:b4:93:3d:c3:a2:a0:a0: f0:4b:d9:7d:c6:2b:4f:dd:31:12:ad:72:3c:54:58:5c:21:3f: 75:39:46:80:da:f3:20:1d:93:a3:ef:bb:00:91:bd:8d:22:16: d9:5e:c7:a1:45:39:1a:76:d9:7d:e6:86:6c:65:0e:29:50:4b: 5f:40:ec:79:9c:9a:d0:d9:fa:6a:6a:90:62:db:fa:9e:28:1a: 40:e4:b3:45:90:41:26:09:d4:7c:f7:5c:58:ce:c5:67:6a:d1: 41:86:73:df:6e:cb:79:70:75:5f:d2:54:53:07:e0:53:d1:45: d9:4b:e7:f6:2b:60:fb:56:b4:17:79:be:2a:7e:98:0d:ad:ea: d1:79:5d:87:80:65:84:15:61:d8:dd:a8:3c:5f:f0:90:a6:0b: d8:c5:ca:d8:8d:fb:2f:1b:f8:a2:4d:ea:33:71:c2:30:a5:3b: 56:a4:73:79:51:b7:7a:e7:6c:f7:23:52:48:61:1c:82:54:97: 0d:54:e5:80:07:bb:84:d7:ee:90:ee:4d:85:df:f7:34:fb:d3: d8:bf:19:7f -----BEGIN CERTIFICATE----- MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAPMQ0wCwYDVQQDDARSb290 MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 ZXJtZWRpYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cLh1Byo v/8Hfxe/pPf1vOMfdjLio+Rcol2DpK3HGRKKINxc09sil+VZCdh/lbx5YcJm0WkC /JgCEo70TmNNH9Df+SXwhvAXuj0cXH18CvX89fOhH0RFMOXyArjiBGlQ97gQHTWS VjsGQvyn5UVAsAwvLGHdDlXLI32LSLasaLPjO/wHpIkXPuP8dBLmLxW4eNyia2uY 4jb2aSZxISDRYE1E6jL9VGRK8WqU81FD6PlfaJ4DqKhsog5V5diHrWLbYVuoSxrc 8xSflyRcMpjkm4seMtQS0FuhwfYuhULE3GCPsbKLemM+rZViYCoOiNxcEMaQq2t1 0kL0sqmBWtgOQQIDAQABo4HLMIHIMB0GA1UdDgQWBBQOr7QLBCjDVbT4LeuhYkkm YKKn2DAfBgNVHSMEGDAWgBTefvaCyjcAycMwBzXRukjFm7YtpzA3BggrBgEFBQcB AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEB AAOikGjYDYPkHIMgLgv/YBwBqexmcc07YSwQlatCTvwFu0DTjAA0crOPdN4hZwro tJM9w6KgoPBL2X3GK0/dMRKtcjxUWFwhP3U5RoDa8yAdk6PvuwCRvY0iFtlex6FF ORp22X3mhmxlDilQS19A7HmcmtDZ+mpqkGLb+p4oGkDks0WQQSYJ1Hz3XFjOxWdq 0UGGc99uy3lwdV/SVFMH4FPRRdlL5/YrYPtWtBd5vip+mA2t6tF5XYeAZYQVYdjd qDxf8JCmC9jFytiN+y8b+KJN6jNxwjClO1akc3lRt3rnbPcjUkhhHIJUlw1U5YAH u4TX7pDuTYXf9zT709i/GX8= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Root Validity Not Before: Jan 1 12:00:00 2015 GMT Not After : Jan 1 12:00:00 2016 GMT Subject: CN=Root Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c6:d0:57:18:e0:d7:81:35:67:b0:a4:a1:5b:fd: 8f:32:51:4f:d9:76:67:02:84:59:10:4d:4a:b9:ed: 1d:ef:fe:5e:d4:69:c1:24:e3:1f:91:08:d8:15:de: 68:ca:dc:c7:fc:ea:6f:27:a5:60:45:af:0f:f1:44: b8:d7:c7:96:70:d9:e1:dd:84:aa:ea:65:52:62:67: e1:06:cd:d9:18:ad:eb:a3:0a:60:4b:cd:76:71:44: 26:3c:22:c7:44:74:77:31:50:a5:b3:c4:ef:ac:14: 1e:ea:ff:74:a0:7b:e4:7a:ca:87:dd:45:0b:bc:75: 4b:92:44:0f:e8:f3:d2:6d:3e:47:4b:cf:77:a2:e9: ff:f9:e2:79:9f:88:d7:ff:e5:cc:93:91:91:24:e1: 9f:ef:a4:13:15:cc:03:3e:06:ba:9d:4c:de:52:b9: de:c6:57:af:76:d8:9e:4b:37:11:1d:52:57:fe:af: 8e:11:1d:fd:a8:55:3b:84:c9:10:ac:dc:51:62:e8: c8:54:5b:3d:60:0b:8e:ad:66:2a:26:92:81:c6:a1: be:31:51:d3:28:b1:9e:86:67:ca:c4:f2:88:47:1c: 03:c9:f8:ee:f8:87:4c:b4:9e:24:9d:c0:48:d8:ec: a7:8b:52:7a:d0:65:cf:06:2a:63:7f:1c:c9:15:44: 48:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7 X509v3 Authority Key Identifier: keyid:DE:7E:F6:82:CA:37:00:C9:C3:30:07:35:D1:BA:48:C5:9B:B6:2D:A7 Authority Information Access: CA Issuers - URI:http://url-for-aia/Root.cer X509v3 CRL Distribution Points: Full Name: URI:http://url-for-crl/Root.crl X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: sha256WithRSAEncryption 8c:97:4a:f9:c2:c2:57:2a:4b:a1:69:03:9e:c1:17:fb:4c:f2: 8e:36:0f:e2:c4:f6:4d:42:9c:ac:7f:67:7b:fd:7e:fd:14:3b: fb:df:08:3d:0e:23:fa:d1:47:d5:68:14:b2:1f:5c:40:db:fe: 8d:e6:fc:17:3a:c6:2f:5e:96:1a:3c:32:fa:63:c5:e5:cf:fc: db:6b:59:71:b8:f7:d2:70:78:cc:7f:8c:54:5f:c6:69:ba:98: 77:92:32:b3:a1:18:84:ed:3c:93:3f:12:93:64:e6:7f:92:8a: 4f:db:42:1d:c0:7c:0d:4a:d6:ef:ca:05:a3:5b:26:47:79:7e: 91:b0:e6:35:92:91:e2:2f:4d:18:17:44:b5:a7:de:8a:92:86: 4c:0c:de:0e:23:53:c0:30:1f:7a:c5:70:59:94:19:02:8a:f1: 23:f9:88:fb:09:af:b8:90:d6:c6:d5:46:92:74:44:8b:8e:66: b1:79:cb:82:3d:80:cc:cf:d9:03:5a:a3:71:a6:f5:f0:75:9f: 79:38:f0:fe:66:e5:d1:a1:9d:0a:48:e1:45:a1:42:fb:d3:16: 53:91:b9:c9:0d:27:8a:34:e0:59:8d:4f:e0:e7:7d:7d:0c:e6: ec:a1:ea:66:23:77:55:fc:f1:d0:13:32:1d:9e:0c:fd:3b:38: 1d:dc:2c:2b -----BEGIN TRUSTED_CERTIFICATE----- MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbQVxjg14E1Z7CkoVv9 jzJRT9l2ZwKEWRBNSrntHe/+XtRpwSTjH5EI2BXeaMrcx/zqbyelYEWvD/FEuNfH lnDZ4d2EquplUmJn4QbN2Rit66MKYEvNdnFEJjwix0R0dzFQpbPE76wUHur/dKB7 5HrKh91FC7x1S5JED+jz0m0+R0vPd6Lp//nieZ+I1//lzJORkSThn++kExXMAz4G up1M3lK53sZXr3bYnks3ER1SV/6vjhEd/ahVO4TJEKzcUWLoyFRbPWALjq1mKiaS gcahvjFR0yixnoZnysTyiEccA8n47viHTLSeJJ3ASNjsp4tSetBlzwYqY38cyRVE SAECAwEAAaOByzCByDAdBgNVHQ4EFgQU3n72gso3AMnDMAc10bpIxZu2LacwHwYD VR0jBBgwFoAU3n72gso3AMnDMAc10bpIxZu2LacwNwYIKwYBBQUHAQEEKzApMCcG CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCMl0r5wsJX KkuhaQOewRf7TPKONg/ixPZNQpysf2d7/X79FDv73wg9DiP60UfVaBSyH1xA2/6N 5vwXOsYvXpYaPDL6Y8Xlz/zba1lxuPfScHjMf4xUX8Zpuph3kjKzoRiE7TyTPxKT ZOZ/kopP20IdwHwNStbvygWjWyZHeX6RsOY1kpHiL00YF0S1p96KkoZMDN4OI1PA MB96xXBZlBkCivEj+Yj7Ca+4kNbG1UaSdESLjmaxecuCPYDMz9kDWqNxpvXwdZ95 OPD+ZuXRoZ0KSOFFoUL70xZTkbnJDSeKNOBZjU/g5319DObsoepmI3dV/PHQEzId ngz9Ozgd3Cwr -----END TRUSTED_CERTIFICATE----- -----BEGIN TIME----- MTUwMzAyMTIwMDAwWg== -----END TIME----- -----BEGIN VERIFY_RESULT----- RkFJTA== -----END VERIFY_RESULT-----