1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
This certificate comes from the CT database. The encoding of validity fails to be parsed using the strict rules.
$ openssl asn1parse -i < [TBS CERTIFICATE]
0:d=0 hl=4 l=1276 cons: SEQUENCE
4:d=1 hl=2 l= 3 cons: cont [ 0 ]
6:d=2 hl=2 l= 1 prim: INTEGER :02
9:d=1 hl=2 l= 3 prim: INTEGER :2821D5
14:d=1 hl=2 l= 13 cons: SEQUENCE
16:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
27:d=2 hl=2 l= 0 prim: NULL
29:d=1 hl=3 l= 220 cons: SEQUENCE
32:d=2 hl=2 l= 11 cons: SET
34:d=3 hl=2 l= 9 cons: SEQUENCE
36:d=4 hl=2 l= 3 prim: OBJECT :countryName
41:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
45:d=2 hl=2 l= 16 cons: SET
47:d=3 hl=2 l= 14 cons: SEQUENCE
49:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
54:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Arizona
63:d=2 hl=2 l= 19 cons: SET
65:d=3 hl=2 l= 17 cons: SEQUENCE
67:d=4 hl=2 l= 3 prim: OBJECT :localityName
72:d=4 hl=2 l= 10 prim: PRINTABLESTRING :Scottsdale
84:d=2 hl=2 l= 37 cons: SET
86:d=3 hl=2 l= 35 cons: SEQUENCE
88:d=4 hl=2 l= 3 prim: OBJECT :organizationName
93:d=4 hl=2 l= 28 prim: PRINTABLESTRING :Starfield Technologies, Inc.
123:d=2 hl=2 l= 57 cons: SET
125:d=3 hl=2 l= 55 cons: SEQUENCE
127:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
132:d=4 hl=2 l= 48 prim: PRINTABLESTRING :http://certificates.starfieldtech.com/repository
182:d=2 hl=2 l= 49 cons: SET
184:d=3 hl=2 l= 47 cons: SEQUENCE
186:d=4 hl=2 l= 3 prim: OBJECT :commonName
191:d=4 hl=2 l= 40 prim: PRINTABLESTRING :Starfield Secure Certification Authority
233:d=2 hl=2 l= 17 cons: SET
235:d=3 hl=2 l= 15 cons: SEQUENCE
237:d=4 hl=2 l= 3 prim: OBJECT :serialNumber
242:d=4 hl=2 l= 8 prim: PRINTABLESTRING :10688435
252:d=1 hl=2 l= 28 cons: SEQUENCE
254:d=2 hl=2 l= 11 prim: UTCTIME :1401070000Z
267:d=2 hl=2 l= 13 prim: UTCTIME :160401070000Z
282:d=1 hl=3 l= 235 cons: SEQUENCE
285:d=2 hl=2 l= 19 cons: SET
287:d=3 hl=2 l= 17 cons: SEQUENCE
289:d=4 hl=2 l= 11 prim: OBJECT :1.3.6.1.4.1.311.60.2.1.3
302:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
306:d=2 hl=2 l= 24 cons: SET
308:d=3 hl=2 l= 22 cons: SEQUENCE
310:d=4 hl=2 l= 11 prim: OBJECT :1.3.6.1.4.1.311.60.2.1.2
323:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Arizona
332:d=2 hl=2 l= 29 cons: SET
334:d=3 hl=2 l= 27 cons: SEQUENCE
336:d=4 hl=2 l= 3 prim: OBJECT :businessCategory
341:d=4 hl=2 l= 20 prim: PRINTABLESTRING :Private Organization
363:d=2 hl=2 l= 20 cons: SET
365:d=3 hl=2 l= 18 cons: SEQUENCE
367:d=4 hl=2 l= 3 prim: OBJECT :serialNumber
372:d=4 hl=2 l= 11 prim: PRINTABLESTRING :R-1724741-6
385:d=2 hl=2 l= 11 cons: SET
387:d=3 hl=2 l= 9 cons: SEQUENCE
389:d=4 hl=2 l= 3 prim: OBJECT :countryName
394:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
398:d=2 hl=2 l= 16 cons: SET
400:d=3 hl=2 l= 14 cons: SEQUENCE
402:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
407:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Arizona
416:d=2 hl=2 l= 19 cons: SET
418:d=3 hl=2 l= 17 cons: SEQUENCE
420:d=4 hl=2 l= 3 prim: OBJECT :localityName
425:d=4 hl=2 l= 10 prim: PRINTABLESTRING :Scottsdale
437:d=2 hl=2 l= 36 cons: SET
439:d=3 hl=2 l= 34 cons: SEQUENCE
441:d=4 hl=2 l= 3 prim: OBJECT :organizationName
446:d=4 hl=2 l= 27 prim: PRINTABLESTRING :Starfield Technologies, LLC
475:d=2 hl=2 l= 43 cons: SET
477:d=3 hl=2 l= 41 cons: SEQUENCE
479:d=4 hl=2 l= 3 prim: OBJECT :commonName
484:d=4 hl=2 l= 34 prim: PRINTABLESTRING :valid.sfi.catest.starfieldtech.com
520:d=1 hl=4 l= 290 cons: SEQUENCE
524:d=2 hl=2 l= 13 cons: SEQUENCE
526:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
537:d=3 hl=2 l= 0 prim: NULL
539:d=2 hl=4 l= 271 prim: BIT STRING
814:d=1 hl=4 l= 462 cons: cont [ 3 ]
818:d=2 hl=4 l= 458 cons: SEQUENCE
822:d=3 hl=2 l= 12 cons: SEQUENCE
824:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
829:d=4 hl=2 l= 1 prim: BOOLEAN :255
832:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
836:d=3 hl=2 l= 14 cons: SEQUENCE
838:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
843:d=4 hl=2 l= 1 prim: BOOLEAN :255
846:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
852:d=3 hl=2 l= 29 cons: SEQUENCE
854:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
859:d=4 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:301406082B0601050507030106082B06010505070302
883:d=3 hl=2 l= 45 cons: SEQUENCE
885:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative Name
890:d=4 hl=2 l= 38 prim: OCTET STRING [HEX DUMP]:3024822276616C69642E7366692E6361746573742E737461726669656C64746563682E636F6D
930:d=3 hl=2 l= 29 cons: SEQUENCE
932:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier
937:d=4 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:041470EF9012A65C1E984F5BDB33C30F6DCBED401A64
961:d=3 hl=2 l= 31 cons: SEQUENCE
963:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier
968:d=4 hl=2 l= 24 prim: OCTET STRING [HEX DUMP]:30168014494B5227D11BBCF2A1216A627B51427A8AD7D556
994:d=3 hl=2 l= 56 cons: SEQUENCE
996:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution Points
1001:d=4 hl=2 l= 49 prim: OCTET STRING [HEX DUMP]:302F302DA02BA0298627687474703A2F2F63726C2E737461726669656C64746563682E636F6D2F736673332D302E63726C
1052:d=3 hl=3 l= 141 cons: SEQUENCE
1055:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
1065:d=4 hl=3 l= 128 prim: OCTET STRING [HEX DUMP]:307E302A06082B06010505073001861E687474703A2F2F6F6373702E737461726669656C64746563682E636F6D2F305006082B060105050730028644687474703A2F2F6365727469666963617465732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F73665F696E7465726D6564696174652E637274
1196:d=3 hl=2 l= 82 cons: SEQUENCE
1198:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
1203:d=4 hl=2 l= 75 prim: OCTET STRING [HEX DUMP]:30493047060B6086480186FD6E010717033038303606082B06010505070201162A687474703A2F2F63657274732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F
-----BEGIN TBS CERTIFICATE-----
MIIE/KADAgECAgMoIdUwDQYJKoZIhvcNAQEFBQAwgdwxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwd
Bcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG
9naWVzLCBJbmMuMTkwNwYDVQQLEzBodHRwOi8vY2VydGlmaWNhdGVzLnN0YXJmaWVsZHRlY2guY
29tL3JlcG9zaXRvcnkxMTAvBgNVBAMTKFN0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGlvbiBB
dXRob3JpdHkxETAPBgNVBAUTCDEwNjg4NDM1MBwXCzE0MDEwNzAwMDBaFw0xNjA0MDEwNzAwMDB
aMIHrMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRgwFgYLKwYBBAGCNzwCAQITB0FyaXpvbmExHTAbBg
NVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRQwEgYDVQQFEwtSLTE3MjQ3NDEtNjELMAkGA1UEB
hMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJDAiBgNVBAoTG1N0
YXJmaWVsZCBUZWNobm9sb2dpZXMsIExMQzErMCkGA1UEAxMidmFsaWQuc2ZpLmNhdGVzdC5zdGF
yZmllbGR0ZWNoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3UsdA7Nr22Qr
HAYv7/IqL8V7kczSyO9wziJzVdWu+l7Brg//TgjMZKMgY7cJdpICvFAxLOxO3Z1w721InVmTxz0
1lczx5WrH3aJMwR/05By5tanNaas9zdMAWFtWd8SYKm2xcSC3FsAhue2s14OT+EE92XgNgVhF2b
dlOTgkwh/+q4Nl7k62LncnRSzFZdJKiorI811vrvVD45NB9IOPuRUXj5GLcUh4BXXp3ZSekFbVu
A2oDnIhNGyQcThtf3wcM0dRMeKgemAD59d96NaQYH/QVA3gdtlzKxgeF/UvlxYG3P3DknTRiaMz
l/Na9NzdRQX2i7ubskThqoRs05Zv0CAwEAAaOCAc4wggHKMAwGA1UdEwEB/wQCMAAwDgYDVR0PA
QH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAtBgNVHREEJjAkgiJ2YWxp
ZC5zZmkuY2F0ZXN0LnN0YXJmaWVsZHRlY2guY29tMB0GA1UdDgQWBBRw75ASplwemE9b2zPDD23
L7UAaZDAfBgNVHSMEGDAWgBRJS1In0Ru88qEhamJ7UUJ6itfVVjA4BgNVHR8EMTAvMC2gK6Aphi
dodHRwOi8vY3JsLnN0YXJmaWVsZHRlY2guY29tL3NmczMtMC5jcmwwgY0GCCsGAQUFBwEBBIGAM
H4wKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBQBggrBgEFBQcw
AoZEaHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmX2l
udGVybWVkaWF0ZS5jcnQwUgYDVR0gBEswSTBHBgtghkgBhv1uAQcXAzA4MDYGCCsGAQUFBwIBFi
podHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8=
-----END TBS CERTIFICATE-----
ERROR: Failed parsing validity
-----BEGIN ERRORS-----
RVJST1I6IEZhaWxlZCBwYXJzaW5nIHZhbGlkaXR5Cg==
-----END ERRORS-----
|
