| blob | a424058cbc28437ef69961788641d062a6d96da8 |
1 This is a real-world certificate (in fact the same as cert_version3.pem)
5 -----BEGIN TBS CERTIFICATE-----
6 MIIEP6ADAgECAgcrY6QqcFB2MA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJVUzEQMA4GA1U
7 ECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIE
8 luYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9ye
9 TEwMC4GA1UEAxMnR28gRGFkZHkgU2VjdXJlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MREwDwYD
10 VQQFEwgwNzk2OTI4NzAeFw0xMjA0MTkxMzUzMjRaFw0xMzA0MTkxMzUzMjRaME8xFDASBgNVBAo
11 TC2t0aHVsaHUubmV0MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBA
12 MTC2t0aHVsaHUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzQkuEZv5xkNL
13 J7RCgAYmH4vG87FFPFm5J+9ObenNAFqm8V5C4IzXm1+s7ro0sndLOyDH5INNAtKkuqp7kqubl1b
14 bP3Z4+Ra3ENv7cpwQbQjoaajRKCGRULs/jFMCAASii/+3jkkufNimu7cBfDXOSQR2YQZL4zhDW7
15 ss/zwTVspYnxvU7oDcqOIwCmFwQ/FvYTAxF1uozKBsJfL854v0MKI7GEyyn6W8jZ7f8cSc8ahvr
16 LAYt/etAxrmHcMUVJbW+gxXiwJsHfj03S1/RypHTb4gRqEz3pX6wl8sqtJP0L5mXuQgESoEAZ4S
17 rPYLxXytqrU1yLi32xgWwHu1A7fIQIDAQABo4IBujCCAbYwDwYDVR0TAQH/BAUwAwEBADAdBgNV
18 HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDMGA1UdHwQsMCowKKA
19 moCSGImh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RzMS02OC5jcmwwUwYDVR0gBEwwSjBIBgtghk
20 gBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL
21 3JlcG9zaXRvcnkvMIGABggrBgEFBQcBAQR0MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdv
22 ZGFkZHkuY29tLzBKBggrBgEFBQcwAoY+aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9
23 yZXBvc2l0b3J5L2dkX2ludGVybWVkaWF0ZS5jcnQwHwYDVR0jBBgwFoAU/axhMpNsRdbi7oVfmr
24 rndplozOcwJwYDVR0RBCAwHoILa3RodWxodS5uZXSCD3d3dy5rdGh1bGh1Lm5ldDAdBgNVHQ4EF
25 gQUox4asank9VC8PgXhdM8B0J414Bc=
26 -----END TBS CERTIFICATE-----
28 $ openssl asn1parse -i < [TBS CERTIFICATE]
29 0:d=0 hl=4 l=1087 cons: SEQUENCE
30 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
31 6:d=2 hl=2 l= 1 prim: INTEGER :02
32 9:d=1 hl=2 l= 7 prim: INTEGER :2B63A42A705076
33 18:d=1 hl=2 l= 13 cons: SEQUENCE
34 20:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
35 31:d=2 hl=2 l= 0 prim: NULL
36 33:d=1 hl=3 l= 202 cons: SEQUENCE
37 36:d=2 hl=2 l= 11 cons: SET
38 38:d=3 hl=2 l= 9 cons: SEQUENCE
39 40:d=4 hl=2 l= 3 prim: OBJECT :countryName
40 45:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
41 49:d=2 hl=2 l= 16 cons: SET
42 51:d=3 hl=2 l= 14 cons: SEQUENCE
43 53:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
44 58:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Arizona
45 67:d=2 hl=2 l= 19 cons: SET
46 69:d=3 hl=2 l= 17 cons: SEQUENCE
47 71:d=4 hl=2 l= 3 prim: OBJECT :localityName
48 76:d=4 hl=2 l= 10 prim: PRINTABLESTRING :Scottsdale
49 88:d=2 hl=2 l= 26 cons: SET
50 90:d=3 hl=2 l= 24 cons: SEQUENCE
51 92:d=4 hl=2 l= 3 prim: OBJECT :organizationName
52 97:d=4 hl=2 l= 17 prim: PRINTABLESTRING :GoDaddy.com, Inc.
53 116:d=2 hl=2 l= 51 cons: SET
54 118:d=3 hl=2 l= 49 cons: SEQUENCE
55 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
56 125:d=4 hl=2 l= 42 prim: PRINTABLESTRING :http://certificates.godaddy.com/repository
57 169:d=2 hl=2 l= 48 cons: SET
58 171:d=3 hl=2 l= 46 cons: SEQUENCE
59 173:d=4 hl=2 l= 3 prim: OBJECT :commonName
60 178:d=4 hl=2 l= 39 prim: PRINTABLESTRING :Go Daddy Secure Certification Authority
61 219:d=2 hl=2 l= 17 cons: SET
62 221:d=3 hl=2 l= 15 cons: SEQUENCE
63 223:d=4 hl=2 l= 3 prim: OBJECT :serialNumber
64 228:d=4 hl=2 l= 8 prim: PRINTABLESTRING :07969287
65 238:d=1 hl=2 l= 30 cons: SEQUENCE
66 240:d=2 hl=2 l= 13 prim: UTCTIME :120419135324Z
67 255:d=2 hl=2 l= 13 prim: UTCTIME :130419135324Z
68 270:d=1 hl=2 l= 79 cons: SEQUENCE
69 272:d=2 hl=2 l= 20 cons: SET
70 274:d=3 hl=2 l= 18 cons: SEQUENCE
71 276:d=4 hl=2 l= 3 prim: OBJECT :organizationName
72 281:d=4 hl=2 l= 11 prim: PRINTABLESTRING :kthulhu.net
73 294:d=2 hl=2 l= 33 cons: SET
74 296:d=3 hl=2 l= 31 cons: SEQUENCE
75 298:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
76 303:d=4 hl=2 l= 24 prim: PRINTABLESTRING :Domain Control Validated
77 329:d=2 hl=2 l= 20 cons: SET
78 331:d=3 hl=2 l= 18 cons: SEQUENCE
79 333:d=4 hl=2 l= 3 prim: OBJECT :commonName
80 338:d=4 hl=2 l= 11 prim: PRINTABLESTRING :kthulhu.net
81 351:d=1 hl=4 l= 290 cons: SEQUENCE
82 355:d=2 hl=2 l= 13 cons: SEQUENCE
83 357:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
84 368:d=3 hl=2 l= 0 prim: NULL
85 370:d=2 hl=4 l= 271 prim: BIT STRING
86 645:d=1 hl=4 l= 442 cons: cont [ 3 ]
87 649:d=2 hl=4 l= 438 cons: SEQUENCE
88 653:d=3 hl=2 l= 15 cons: SEQUENCE
89 655:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
90 660:d=4 hl=2 l= 1 prim: BOOLEAN :255
91 663:d=4 hl=2 l= 5 prim: OCTET STRING [HEX DUMP]:3003010100
92 670:d=3 hl=2 l= 29 cons: SEQUENCE
93 672:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
94 677:d=4 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:301406082B0601050507030106082B06010505070302
95 701:d=3 hl=2 l= 14 cons: SEQUENCE
96 703:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
97 708:d=4 hl=2 l= 1 prim: BOOLEAN :255
98 711:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
99 717:d=3 hl=2 l= 51 cons: SEQUENCE
100 719:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution Points
101 724:d=4 hl=2 l= 44 prim: OCTET STRING [HEX DUMP]:302A3028A026A0248622687474703A2F2F63726C2E676F64616464792E636F6D2F676473312D36382E63726C
102 770:d=3 hl=2 l= 83 cons: SEQUENCE
103 772:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
104 777:d=4 hl=2 l= 76 prim: OCTET STRING [HEX DUMP]:304A3048060B6086480186FD6D010717013039303706082B06010505070201162B687474703A2F2F6365727469666963617465732E676F64616464792E636F6D2F7265706F7369746F72792F
105 855:d=3 hl=3 l= 128 cons: SEQUENCE
106 858:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
107 868:d=4 hl=2 l= 116 prim: OCTET STRING [HEX DUMP]:3072302406082B060105050730018618687474703A2F2F6F6373702E676F64616464792E636F6D2F304A06082B06010505073002863E687474703A2F2F6365727469666963617465732E676F64616464792E636F6D2F7265706F7369746F72792F67645F696E7465726D6564696174652E637274
108 986:d=3 hl=2 l= 31 cons: SEQUENCE
109 988:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier
110 993:d=4 hl=2 l= 24 prim: OCTET STRING [HEX DUMP]:30168014FDAC6132936C45D6E2EE855F9ABAE7769968CCE7
111 1019:d=3 hl=2 l= 39 cons: SEQUENCE
112 1021:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative Name
113 1026:d=4 hl=2 l= 32 prim: OCTET STRING [HEX DUMP]:301E820B6B7468756C68752E6E6574820F7777772E6B7468756C68752E6E6574
114 1060:d=3 hl=2 l= 29 cons: SEQUENCE
115 1062:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier
116 1067:d=4 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:0414A31E1AB1A9E4F550BC3E05E174CF01D09E35E017
120 -----BEGIN SERIAL NUMBER-----
121 K2OkKnBQdg==
122 -----END SERIAL NUMBER-----
126 -----BEGIN SIGNATURE ALGORITHM-----
127 MA0GCSqGSIb3DQEBBQUA
128 -----END SIGNATURE ALGORITHM-----
130 $ openssl asn1parse -i < [SIGNATURE ALGORITHM]
131 0:d=0 hl=2 l= 13 cons: SEQUENCE
132 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
133 13:d=1 hl=2 l= 0 prim: NULL
137 -----BEGIN ISSUER-----
138 MIHKMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTE
139 aMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0ZX
140 MuZ29kYWRkeS5jb20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnR28gRGFkZHkgU2VjdXJlIENlcnRpZ
141 mljYXRpb24gQXV0aG9yaXR5MREwDwYDVQQFEwgwNzk2OTI4Nw==
142 -----END ISSUER-----
144 $ openssl asn1parse -i < [ISSUER]
145 0:d=0 hl=3 l= 202 cons: SEQUENCE
146 3:d=1 hl=2 l= 11 cons: SET
147 5:d=2 hl=2 l= 9 cons: SEQUENCE
148 7:d=3 hl=2 l= 3 prim: OBJECT :countryName
149 12:d=3 hl=2 l= 2 prim: PRINTABLESTRING :US
150 16:d=1 hl=2 l= 16 cons: SET
151 18:d=2 hl=2 l= 14 cons: SEQUENCE
152 20:d=3 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
153 25:d=3 hl=2 l= 7 prim: PRINTABLESTRING :Arizona
154 34:d=1 hl=2 l= 19 cons: SET
155 36:d=2 hl=2 l= 17 cons: SEQUENCE
156 38:d=3 hl=2 l= 3 prim: OBJECT :localityName
157 43:d=3 hl=2 l= 10 prim: PRINTABLESTRING :Scottsdale
158 55:d=1 hl=2 l= 26 cons: SET
159 57:d=2 hl=2 l= 24 cons: SEQUENCE
160 59:d=3 hl=2 l= 3 prim: OBJECT :organizationName
161 64:d=3 hl=2 l= 17 prim: PRINTABLESTRING :GoDaddy.com, Inc.
162 83:d=1 hl=2 l= 51 cons: SET
163 85:d=2 hl=2 l= 49 cons: SEQUENCE
164 87:d=3 hl=2 l= 3 prim: OBJECT :organizationalUnitName
165 92:d=3 hl=2 l= 42 prim: PRINTABLESTRING :http://certificates.godaddy.com/repository
166 136:d=1 hl=2 l= 48 cons: SET
167 138:d=2 hl=2 l= 46 cons: SEQUENCE
168 140:d=3 hl=2 l= 3 prim: OBJECT :commonName
169 145:d=3 hl=2 l= 39 prim: PRINTABLESTRING :Go Daddy Secure Certification Authority
170 186:d=1 hl=2 l= 17 cons: SET
171 188:d=2 hl=2 l= 15 cons: SEQUENCE
172 190:d=3 hl=2 l= 3 prim: OBJECT :serialNumber
173 195:d=3 hl=2 l= 8 prim: PRINTABLESTRING :07969287
177 -----BEGIN VALIDITY-----
178 MB4XDTEyMDQxOTEzNTMyNFoXDTEzMDQxOTEzNTMyNFo=
179 -----END VALIDITY-----
181 $ openssl asn1parse -i < [VALIDITY]
182 0:d=0 hl=2 l= 30 cons: SEQUENCE
183 2:d=1 hl=2 l= 13 prim: UTCTIME :120419135324Z
184 17:d=1 hl=2 l= 13 prim: UTCTIME :130419135324Z
188 -----BEGIN SUBJECT-----
189 ME8xFDASBgNVBAoTC2t0aHVsaHUubmV0MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF
190 0ZWQxFDASBgNVBAMTC2t0aHVsaHUubmV0
191 -----END SUBJECT-----
193 $ openssl asn1parse -i < [SUBJECT]
194 0:d=0 hl=2 l= 79 cons: SEQUENCE
195 2:d=1 hl=2 l= 20 cons: SET
196 4:d=2 hl=2 l= 18 cons: SEQUENCE
197 6:d=3 hl=2 l= 3 prim: OBJECT :organizationName
198 11:d=3 hl=2 l= 11 prim: PRINTABLESTRING :kthulhu.net
199 24:d=1 hl=2 l= 33 cons: SET
200 26:d=2 hl=2 l= 31 cons: SEQUENCE
201 28:d=3 hl=2 l= 3 prim: OBJECT :organizationalUnitName
202 33:d=3 hl=2 l= 24 prim: PRINTABLESTRING :Domain Control Validated
203 59:d=1 hl=2 l= 20 cons: SET
204 61:d=2 hl=2 l= 18 cons: SEQUENCE
205 63:d=3 hl=2 l= 3 prim: OBJECT :commonName
206 68:d=3 hl=2 l= 11 prim: PRINTABLESTRING :kthulhu.net
210 -----BEGIN SPKI-----
211 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzQkuEZv5xkNLJ7RCgAYmH4vG87FFPF
212 m5J+9ObenNAFqm8V5C4IzXm1+s7ro0sndLOyDH5INNAtKkuqp7kqubl1bbP3Z4+Ra3ENv7cpwQb
213 QjoaajRKCGRULs/jFMCAASii/+3jkkufNimu7cBfDXOSQR2YQZL4zhDW7ss/zwTVspYnxvU7oDc
214 qOIwCmFwQ/FvYTAxF1uozKBsJfL854v0MKI7GEyyn6W8jZ7f8cSc8ahvrLAYt/etAxrmHcMUVJb
215 W+gxXiwJsHfj03S1/RypHTb4gRqEz3pX6wl8sqtJP0L5mXuQgESoEAZ4SrPYLxXytqrU1yLi32x
216 gWwHu1A7fIQIDAQAB
217 -----END SPKI-----
219 $ openssl asn1parse -i < [SPKI]
220 0:d=0 hl=4 l= 290 cons: SEQUENCE
221 4:d=1 hl=2 l= 13 cons: SEQUENCE
222 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
223 17:d=2 hl=2 l= 0 prim: NULL
224 19:d=1 hl=4 l= 271 prim: BIT STRING
228 -----BEGIN EXTENSIONS-----
229 MIIBtjAPBgNVHRMBAf8EBTADAQEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgN
230 VHQ8BAf8EBAMCBaAwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZH
231 MxLTY4LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcBMDkwNwYIKwYBBQUHAgEWK2h0dHA6L
232 y9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wgYAGCCsGAQUFBwEBBHQwcjAk
233 BggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8
234 vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydD
235 AfBgNVHSMEGDAWgBT9rGEyk2xF1uLuhV+auud2mWjM5zAnBgNVHREEIDAeggtrdGh1bGh1Lm5ld
236 IIPd3d3Lmt0aHVsaHUubmV0MB0GA1UdDgQWBBSjHhqxqeT1ULw+BeF0zwHQnjXgFw==
237 -----END EXTENSIONS-----
239 $ openssl asn1parse -i < [EXTENSIONS]
240 0:d=0 hl=4 l= 438 cons: SEQUENCE
241 4:d=1 hl=2 l= 15 cons: SEQUENCE
242 6:d=2 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
243 11:d=2 hl=2 l= 1 prim: BOOLEAN :255
244 14:d=2 hl=2 l= 5 prim: OCTET STRING [HEX DUMP]:3003010100
245 21:d=1 hl=2 l= 29 cons: SEQUENCE
246 23:d=2 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
247 28:d=2 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:301406082B0601050507030106082B06010505070302
248 52:d=1 hl=2 l= 14 cons: SEQUENCE
249 54:d=2 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
250 59:d=2 hl=2 l= 1 prim: BOOLEAN :255
251 62:d=2 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
252 68:d=1 hl=2 l= 51 cons: SEQUENCE
253 70:d=2 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution Points
254 75:d=2 hl=2 l= 44 prim: OCTET STRING [HEX DUMP]:302A3028A026A0248622687474703A2F2F63726C2E676F64616464792E636F6D2F676473312D36382E63726C
255 121:d=1 hl=2 l= 83 cons: SEQUENCE
256 123:d=2 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
257 128:d=2 hl=2 l= 76 prim: OCTET STRING [HEX DUMP]:304A3048060B6086480186FD6D010717013039303706082B06010505070201162B687474703A2F2F6365727469666963617465732E676F64616464792E636F6D2F7265706F7369746F72792F
258 206:d=1 hl=3 l= 128 cons: SEQUENCE
259 209:d=2 hl=2 l= 8 prim: OBJECT :Authority Information Access
260 219:d=2 hl=2 l= 116 prim: OCTET STRING [HEX DUMP]:3072302406082B060105050730018618687474703A2F2F6F6373702E676F64616464792E636F6D2F304A06082B06010505073002863E687474703A2F2F6365727469666963617465732E676F64616464792E636F6D2F7265706F7369746F72792F67645F696E7465726D6564696174652E637274
261 337:d=1 hl=2 l= 31 cons: SEQUENCE
262 339:d=2 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier
263 344:d=2 hl=2 l= 24 prim: OCTET STRING [HEX DUMP]:30168014FDAC6132936C45D6E2EE855F9ABAE7769968CCE7
264 370:d=1 hl=2 l= 39 cons: SEQUENCE
265 372:d=2 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative Name
266 377:d=2 hl=2 l= 32 prim: OCTET STRING [HEX DUMP]:301E820B6B7468756C68752E6E6574820F7777772E6B7468756C68752E6E6574
267 411:d=1 hl=2 l= 29 cons: SEQUENCE
268 413:d=2 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier
269 418:d=2 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:0414A31E1AB1A9E4F550BC3E05E174CF01D09E35E017