1[Created by: generate_policies_tests.py] 2 3Cast certificate chain with the following policies: 4 5 Root: policies={} 6 Intermediate: policies={anyPolicy} 7 Leaf: policies={foo} 8 9Certificate: 10 Data: 11 Version: 3 (0x2) 12 Serial Number: 12 (0xc) 13 Signature Algorithm: sha256WithRSAEncryption 14 Issuer: CN=Intermediate 15 Validity 16 Not Before: Jan 1 12:00:00 2015 GMT 17 Not After : Jan 1 12:00:00 2018 GMT 18 Subject: CN=Leaf 19 Subject Public Key Info: 20 Public Key Algorithm: rsaEncryption 21 Public-Key: (2048 bit) 22 Modulus: 23 00:e9:db:75:48:f4:dd:0f:37:9a:8e:72:10:80:aa: 24 7c:80:08:d2:ab:a2:1d:28:df:78:9c:52:72:c1:b9: 25 7d:e0:03:a5:53:e9:70:96:0a:be:b9:9e:c0:f7:3e: 26 23:33:15:42:66:5d:64:13:c0:7a:23:6d:7f:71:13: 27 c3:bd:da:d1:39:11:38:1e:91:bc:b3:f8:cb:90:9d: 28 fd:a6:b2:90:cb:fa:1b:70:11:a5:b4:03:25:78:dc: 29 d2:f6:1e:64:74:9b:2c:f4:3d:13:b2:ef:7e:8f:c4: 30 ad:98:8b:0b:df:1c:08:f5:34:9f:78:ca:35:52:b5: 31 1c:b4:fc:f8:60:d7:ef:b4:74:1c:93:f1:80:87:3a: 32 84:ac:43:2e:ce:a2:00:07:83:7e:6d:03:b5:2e:53: 33 c3:9c:ee:88:12:af:50:5c:42:e3:46:12:f1:20:10: 34 a3:fc:90:07:d7:29:04:9b:f6:50:9b:ff:3e:27:0b: 35 29:e4:e4:d6:f9:00:46:82:c6:2a:63:11:9a:b9:6c: 36 fd:e1:fc:34:48:60:9b:8d:7e:3a:4c:ce:ee:28:2d: 37 25:63:8d:07:43:69:3c:fa:d7:3c:bd:5d:40:b7:d7: 38 da:f2:74:ef:d3:00:bf:ac:3b:75:a0:0e:ae:52:63: 39 3c:45:fa:e2:10:82:2b:c9:0f:02:18:c6:c6:09:02: 40 e6:f7 41 Exponent: 65537 (0x10001) 42 X509v3 extensions: 43 X509v3 Subject Key Identifier: 44 94:8A:74:F5:0F:9F:53:34:47:02:B5:04:8D:45:57:79:9B:98:7B:27 45 X509v3 Authority Key Identifier: 46 keyid:9C:53:7F:7A:7F:4E:F2:C0:A5:1A:96:FB:9E:8D:08:DC:DD:73:92:61 47 48 Authority Information Access: 49 CA Issuers - URI:http://url-for-aia/Intermediate.cer 50 51 X509v3 CRL Distribution Points: 52 53 Full Name: 54 URI:http://url-for-crl/Intermediate.crl 55 56 X509v3 Key Usage: critical 57 Digital Signature, Key Encipherment 58 X509v3 Extended Key Usage: 59 TLS Web Client Authentication 60 X509v3 Certificate Policies: 61 Policy: 1.2.840.113554.4.1.72585.2 62 63 Signature Algorithm: sha256WithRSAEncryption 64 04:86:bc:a3:cc:94:a3:b5:97:a6:ca:b4:21:d6:f9:37:f7:b1: 65 ed:d0:4a:43:ff:93:ec:42:62:05:1d:11:df:18:94:c2:fc:63: 66 ad:0b:db:f4:cc:8a:7c:e9:69:29:b3:df:7c:a5:79:31:01:6a: 67 fc:18:6f:fd:5b:f9:11:68:53:0b:78:53:1a:08:6f:5a:33:72: 68 30:25:76:21:45:fb:a2:79:d5:d9:f7:60:1b:3b:cd:21:3d:66: 69 72:73:4a:fa:cd:86:13:54:ca:44:87:97:55:ec:dc:dc:76:24: 70 9e:43:17:ad:f9:2c:29:bc:4a:b3:01:95:bb:83:a6:d0:fa:c6: 71 7d:d8:1d:7d:66:95:b7:fd:80:60:dd:8d:02:8c:80:cb:57:4f: 72 c1:7a:8f:2c:34:1e:5c:08:4f:76:a6:42:c2:66:39:24:5b:46: 73 12:f0:6e:30:51:be:27:03:be:69:f5:b3:b7:6f:25:7e:0b:c8: 74 52:48:90:12:59:54:5a:07:32:2b:3b:a7:13:31:92:5f:c2:5c: 75 61:90:d9:70:04:e6:6f:7f:fa:ec:36:a5:6a:38:49:8d:a2:51: 76 e0:68:b3:c9:f6:c7:3a:99:7f:89:a5:17:d5:1b:fd:39:13:51: 77 2d:26:8f:33:a8:61:86:d8:fe:b4:d4:d7:69:26:bb:4c:b1:a8: 78 cb:4b:a3:6f 79-----BEGIN CERTIFICATE----- 80MIIDnDCCAoSgAwIBAgIBDDANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl 81cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTgwMTAxMTIwMDAwWjAPMQ0wCwYD 82VQQDDARMZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dt1SPTd 83DzeajnIQgKp8gAjSq6IdKN94nFJywbl94AOlU+lwlgq+uZ7A9z4jMxVCZl1kE8B6 84I21/cRPDvdrRORE4HpG8s/jLkJ39prKQy/obcBGltAMleNzS9h5kdJss9D0Tsu9+ 85j8StmIsL3xwI9TSfeMo1UrUctPz4YNfvtHQck/GAhzqErEMuzqIAB4N+bQO1LlPD 86nO6IEq9QXELjRhLxIBCj/JAH1ykEm/ZQm/8+Jwsp5OTW+QBGgsYqYxGauWz94fw0 87SGCbjX46TM7uKC0lY40HQ2k8+tc8vV1At9fa8nTv0wC/rDt1oA6uUmM8RfriEIIr 88yQ8CGMbGCQLm9wIDAQABo4H6MIH3MB0GA1UdDgQWBBSUinT1D59TNEcCtQSNRVd5 89m5h7JzAfBgNVHSMEGDAWgBScU396f07ywKUalvuejQjc3XOSYTA/BggrBgEFBQcB 90AQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91cmwtZm9yLWFpYS9JbnRlcm1lZGlh 91dGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly91cmwtZm9yLWNybC9JbnRl 92cm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD 93AjAZBgNVHSAEEjAQMA4GDCqGSIb3EgQBhLcJAjANBgkqhkiG9w0BAQsFAAOCAQEA 94BIa8o8yUo7WXpsq0Idb5N/ex7dBKQ/+T7EJiBR0R3xiUwvxjrQvb9MyKfOlpKbPf 95fKV5MQFq/Bhv/Vv5EWhTC3hTGghvWjNyMCV2IUX7onnV2fdgGzvNIT1mcnNK+s2G 96E1TKRIeXVezc3HYknkMXrfksKbxKswGVu4Om0PrGfdgdfWaVt/2AYN2NAoyAy1dP 97wXqPLDQeXAhPdqZCwmY5JFtGEvBuMFG+JwO+afWzt28lfgvIUkiQEllUWgcyKzun 98EzGSX8JcYZDZcATmb3/67DalajhJjaJR4GizyfbHOpl/iaUX1Rv9ORNRLSaPM6hh 99htj+tNTXaSa7TLGoy0ujbw== 100-----END CERTIFICATE----- 101 102Certificate: 103 Data: 104 Version: 3 (0x2) 105 Serial Number: 24 (0x18) 106 Signature Algorithm: sha256WithRSAEncryption 107 Issuer: CN=Root 108 Validity 109 Not Before: Jan 1 12:00:00 2015 GMT 110 Not After : Jan 1 12:00:00 2018 GMT 111 Subject: CN=Intermediate 112 Subject Public Key Info: 113 Public Key Algorithm: rsaEncryption 114 Public-Key: (2048 bit) 115 Modulus: 116 00:c0:06:6e:cf:e3:c9:e6:4a:99:bf:9d:a9:cc:42: 117 b0:e3:95:f4:5c:16:5d:6c:c3:3b:7b:65:f9:68:27: 118 07:75:e9:60:fc:c5:1e:37:71:05:e6:f4:c4:8e:76: 119 cf:dd:b3:7a:dd:14:d4:4c:96:1a:5f:b4:c5:04:9a: 120 32:e6:f7:16:4c:38:4a:99:e5:3a:24:85:c3:06:bc: 121 c1:9e:4c:ac:6b:14:9d:49:8c:ec:cd:9a:43:60:09: 122 d8:d0:81:8f:a3:b9:9f:e8:13:fb:69:95:27:7b:fe: 123 6a:d8:9e:42:4b:96:47:ee:1c:69:c6:5a:d7:28:a4: 124 c2:91:46:bf:7a:c6:69:12:96:c8:68:fa:46:cf:fb: 125 92:ca:12:a7:7a:58:39:6f:d1:26:07:2a:59:c5:fb: 126 86:94:33:45:65:04:55:c4:a5:0c:da:e5:56:30:0d: 127 46:32:ce:fe:9b:00:2d:3f:24:64:81:c2:f2:3f:f5: 128 af:71:1d:0e:69:ae:5e:43:28:e5:98:65:b7:16:ee: 129 42:13:26:9d:a5:db:21:aa:85:1b:38:12:eb:f0:0a: 130 93:ef:eb:5c:56:0d:cf:4a:13:4b:03:64:03:59:d9: 131 59:05:f8:e0:79:49:68:44:98:ad:41:a7:9a:d3:9a: 132 0b:74:73:79:b7:84:14:f6:b6:40:0f:68:1e:be:94: 133 50:59 134 Exponent: 65537 (0x10001) 135 X509v3 extensions: 136 X509v3 Subject Key Identifier: 137 9C:53:7F:7A:7F:4E:F2:C0:A5:1A:96:FB:9E:8D:08:DC:DD:73:92:61 138 X509v3 Authority Key Identifier: 139 keyid:02:F4:E3:B3:B5:C8:56:E5:72:02:9D:7A:97:A4:73:0A:88:EF:9C:40 140 141 Authority Information Access: 142 CA Issuers - URI:http://url-for-aia/Root.cer 143 144 X509v3 CRL Distribution Points: 145 146 Full Name: 147 URI:http://url-for-crl/Root.crl 148 149 X509v3 Key Usage: critical 150 Certificate Sign, CRL Sign 151 X509v3 Basic Constraints: critical 152 CA:TRUE 153 X509v3 Certificate Policies: 154 Policy: X509v3 Any Policy 155 156 Signature Algorithm: sha256WithRSAEncryption 157 4f:f7:81:68:2c:99:55:0d:b9:0c:cb:18:bf:cd:c9:a3:1d:05: 158 3e:53:e2:87:0e:94:20:6c:c9:77:4e:25:a0:f3:de:a2:52:3c: 159 2a:4d:31:dc:d5:fc:19:bf:d9:d8:18:88:bf:9a:ff:9f:71:18: 160 25:da:91:49:52:fc:d0:14:e0:97:cc:78:dd:4c:3f:4e:35:c8: 161 57:12:40:a0:ac:1f:81:93:50:db:1b:17:be:e8:76:51:e8:e9: 162 2d:2b:28:eb:cb:23:a7:58:b0:b4:53:f2:21:ef:6e:5d:a6:d3: 163 36:92:da:90:cf:c4:fd:0b:4d:26:88:05:2a:6d:22:48:d2:4e: 164 5f:3a:e0:ee:1a:70:a8:ab:58:ec:24:b4:61:84:f9:f0:8d:f4: 165 93:38:49:f0:d2:14:ba:7d:ca:9e:04:a4:02:7e:e0:1e:9e:40: 166 c5:04:4a:69:fc:9e:fd:9b:2c:e1:c5:1f:ad:95:45:92:bd:38: 167 74:07:2a:1f:cf:91:b3:f1:5a:88:d1:ca:97:1e:8f:6d:62:86: 168 b6:71:93:6f:d4:84:5c:fe:bb:56:d1:5c:01:0b:f0:1f:d5:27: 169 a3:8b:cd:8d:aa:ae:d7:ed:fc:c0:c9:30:89:7a:d2:34:d5:98: 170 ef:a7:44:4c:f9:8d:bd:6b:6c:6b:7c:a5:36:d0:f6:07:47:9f: 171 c3:d2:07:f5 172-----BEGIN CERTIFICATE----- 173MIIDgDCCAmigAwIBAgIBGDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 174MB4XDTE1MDEwMTEyMDAwMFoXDTE4MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 175ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAZuz+PJ 1765kqZv52pzEKw45X0XBZdbMM7e2X5aCcHdelg/MUeN3EF5vTEjnbP3bN63RTUTJYa 177X7TFBJoy5vcWTDhKmeU6JIXDBrzBnkysaxSdSYzszZpDYAnY0IGPo7mf6BP7aZUn 178e/5q2J5CS5ZH7hxpxlrXKKTCkUa/esZpEpbIaPpGz/uSyhKnelg5b9EmBypZxfuG 179lDNFZQRVxKUM2uVWMA1GMs7+mwAtPyRkgcLyP/WvcR0Oaa5eQyjlmGW3Fu5CEyad 180pdshqoUbOBLr8AqT7+tcVg3PShNLA2QDWdlZBfjgeUloRJitQaea05oLdHN5t4QU 1819rZAD2gevpRQWQIDAQABo4HeMIHbMB0GA1UdDgQWBBScU396f07ywKUalvuejQjc 1823XOSYTAfBgNVHSMEGDAWgBQC9OOztchW5XICnXqXpHMKiO+cQDA3BggrBgEFBQcB 183AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs 184BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD 185VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAA 186MA0GCSqGSIb3DQEBCwUAA4IBAQBP94FoLJlVDbkMyxi/zcmjHQU+U+KHDpQgbMl3 187TiWg896iUjwqTTHc1fwZv9nYGIi/mv+fcRgl2pFJUvzQFOCXzHjdTD9ONchXEkCg 188rB+Bk1DbGxe+6HZR6OktKyjryyOnWLC0U/Ih725dptM2ktqQz8T9C00miAUqbSJI 1890k5fOuDuGnCoq1jsJLRhhPnwjfSTOEnw0hS6fcqeBKQCfuAenkDFBEpp/J79myzh 190xR+tlUWSvTh0Byofz5Gz8VqI0cqXHo9tYoa2cZNv1IRc/rtW0VwBC/Af1Seji82N 191qq7X7fzAyTCJetI01Zjvp0RM+Y29a2xrfKU20PYHR5/D0gf1 192-----END CERTIFICATE----- 193 194Certificate: 195 Data: 196 Version: 3 (0x2) 197 Serial Number: 23 (0x17) 198 Signature Algorithm: sha256WithRSAEncryption 199 Issuer: CN=Root 200 Validity 201 Not Before: Jan 1 12:00:00 2015 GMT 202 Not After : Jan 1 12:00:00 2018 GMT 203 Subject: CN=Root 204 Subject Public Key Info: 205 Public Key Algorithm: rsaEncryption 206 Public-Key: (2048 bit) 207 Modulus: 208 00:a5:3e:c8:1f:15:65:7f:e7:ab:7e:07:f3:8e:4d: 209 07:09:61:1c:db:01:f6:0c:7b:b2:a9:c5:49:c4:ae: 210 f6:d9:bc:b5:7d:36:0e:c2:7d:de:38:cd:97:a5:ca: 211 9a:9c:c9:e7:21:83:50:0f:89:98:e2:ce:2b:44:48: 212 ff:3a:05:1d:b2:9e:6a:3e:3b:40:d9:78:bf:97:52: 213 df:62:5d:59:2d:f0:bd:54:f7:21:fb:21:02:fd:38: 214 af:d7:2b:42:16:db:d6:a3:58:9c:a6:4f:85:75:58: 215 6f:aa:c3:e3:8e:59:eb:c3:49:ba:99:c9:ba:03:74: 216 ca:e7:26:d8:1d:5c:2a:c1:f7:a8:3c:31:5b:20:b5: 217 9e:ec:7d:a8:00:cd:f7:6e:5a:57:42:fd:49:66:39: 218 bb:55:95:38:64:51:3a:13:59:86:0e:f2:db:49:07: 219 eb:02:84:00:95:4d:23:b3:72:10:8d:f3:a1:6b:34: 220 68:63:97:0f:69:18:80:4f:ae:d4:f4:a1:f3:21:62: 221 74:04:7a:07:0b:e3:61:cf:ff:07:75:27:78:0a:4e: 222 e3:e5:a2:51:9c:2f:d1:04:3c:7a:1c:0e:b3:bb:e7: 223 db:10:67:c8:c1:af:ce:9a:57:35:77:22:3c:48:fe: 224 31:9b:7d:95:5e:e1:3d:32:99:9d:97:85:a4:7b:fd: 225 1f:5d 226 Exponent: 65537 (0x10001) 227 X509v3 extensions: 228 X509v3 Subject Key Identifier: 229 02:F4:E3:B3:B5:C8:56:E5:72:02:9D:7A:97:A4:73:0A:88:EF:9C:40 230 X509v3 Authority Key Identifier: 231 keyid:02:F4:E3:B3:B5:C8:56:E5:72:02:9D:7A:97:A4:73:0A:88:EF:9C:40 232 233 Authority Information Access: 234 CA Issuers - URI:http://url-for-aia/Root.cer 235 236 X509v3 CRL Distribution Points: 237 238 Full Name: 239 URI:http://url-for-crl/Root.crl 240 241 X509v3 Key Usage: critical 242 Certificate Sign, CRL Sign 243 X509v3 Basic Constraints: critical 244 CA:TRUE 245 Signature Algorithm: sha256WithRSAEncryption 246 9a:7a:13:1c:1e:b6:30:f4:70:d0:47:ce:e6:31:fe:63:ae:08: 247 aa:8e:91:14:1f:1a:08:1b:c3:0e:e5:06:72:cd:28:df:16:73: 248 98:9b:25:78:7c:61:05:6c:68:09:7e:33:9c:49:7e:7c:d2:53: 249 fa:f2:fe:fc:59:8a:2d:04:66:1e:0f:91:98:08:2a:ea:fd:23: 250 22:5d:4b:1e:e3:e9:1a:4f:1d:3d:d0:49:13:af:d8:83:4e:8b: 251 10:da:1b:b6:82:a3:4f:cb:ff:f4:28:2d:a6:88:63:07:db:72: 252 13:fd:e7:c7:e9:77:1d:40:56:39:64:84:24:a8:20:dc:e1:f2: 253 e3:ad:ef:07:03:66:e8:3b:5d:30:82:ba:50:9c:b0:82:c1:14: 254 dd:23:9f:ea:56:02:77:63:56:e3:f4:5f:ef:05:cc:5e:cb:8f: 255 3e:4d:c2:10:8d:e2:82:2f:52:91:d9:d0:d2:c1:6b:56:d2:f2: 256 0c:b8:47:c8:52:69:ba:ce:fa:7d:f7:d5:dd:5d:cc:15:ef:9d: 257 73:1b:6e:6d:ab:76:96:8a:06:94:68:6b:ea:36:44:54:66:66: 258 05:40:1d:31:05:03:2a:78:10:cf:fa:90:dd:eb:9d:61:b5:3c: 259 e5:ec:8e:39:6b:1b:c5:1b:0c:cc:6a:3e:86:d8:ea:6e:d9:5a: 260 d1:8e:ea:a3 261-----BEGIN CERTIFICATE----- 262MIIDZTCCAk2gAwIBAgIBFzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 263MB4XDTE1MDEwMTEyMDAwMFoXDTE4MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v 264dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKU+yB8VZX/nq34H845N 265BwlhHNsB9gx7sqnFScSu9tm8tX02DsJ93jjNl6XKmpzJ5yGDUA+JmOLOK0RI/zoF 266HbKeaj47QNl4v5dS32JdWS3wvVT3IfshAv04r9crQhbb1qNYnKZPhXVYb6rD445Z 26768NJupnJugN0yucm2B1cKsH3qDwxWyC1nux9qADN925aV0L9SWY5u1WVOGRROhNZ 268hg7y20kH6wKEAJVNI7NyEI3zoWs0aGOXD2kYgE+u1PSh8yFidAR6BwvjYc//B3Un 269eApO4+WiUZwv0QQ8ehwOs7vn2xBnyMGvzppXNXciPEj+MZt9lV7hPTKZnZeFpHv9 270H10CAwEAAaOByzCByDAdBgNVHQ4EFgQUAvTjs7XIVuVyAp16l6RzCojvnEAwHwYD 271VR0jBBgwFoAUAvTjs7XIVuVyAp16l6RzCojvnEAwNwYIKwYBBQUHAQEEKzApMCcG 272CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw 273IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE 274AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCaehMcHrYw 2759HDQR87mMf5jrgiqjpEUHxoIG8MO5QZyzSjfFnOYmyV4fGEFbGgJfjOcSX580lP6 2768v78WYotBGYeD5GYCCrq/SMiXUse4+kaTx090EkTr9iDTosQ2hu2gqNPy//0KC2m 277iGMH23IT/efH6XcdQFY5ZIQkqCDc4fLjre8HA2boO10wgrpQnLCCwRTdI5/qVgJ3 278Y1bj9F/vBcxey48+TcIQjeKCL1KR2dDSwWtW0vIMuEfIUmm6zvp999XdXcwV751z 279G25tq3aWigaUaGvqNkRUZmYFQB0xBQMqeBDP+pDd651htTzl7I45axvFGwzMaj6G 2802Opu2VrRjuqj 281-----END CERTIFICATE----- 282