Date: Thu, 30 Apr 2026 15:04:20 +0000 From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav <des@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 47f819c57275 - stable/13 - caroot: Regenerate Message-ID: <69f36f74.3f141.587b9f08@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/13 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=47f819c5727596debeeea5aeba7a1c3b5418144f commit 47f819c5727596debeeea5aeba7a1c3b5418144f Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2026-04-27 09:32:51 +0000 Commit: Dag-Erling Smørgrav <des@FreeBSD.org> CommitDate: 2026-04-30 15:03:24 +0000 caroot: Regenerate Regenerate using certificate data from NSS 3.123.1. MFC after: 1 week Reviewed by: kevans (cherry picked from commit 07b52233e8b74c5ac884b9c9a894f57fad8dbd00) --- ObsoleteFiles.inc | 75 +++++++++++ secure/caroot/Makefile | 2 +- .../Atos_TrustedRoot_Root_CA_ECC_G2_2020.pem | 66 +++++++++ .../Atos_TrustedRoot_Root_CA_RSA_G2_2020.pem | 134 ++++++++++++++++++ .../COMODO_Certification_Authority.pem | 0 .../Camerfirma_Chambers_of_Commerce_Root.pem | 109 --------------- .../Camerfirma_Global_Chambersign_Root.pem | 109 --------------- .../caroot/{trusted => blacklisted}/Certigna.pem | 0 .../Chambers_of_Commerce_Root_-_2008.pem | 149 --------------------- .../Comodo_AAA_Services_root.pem | 0 .../blacklisted/D-Trust_SBR_Root_CA_1_2022.pem | 69 ++++++++++ .../blacklisted/D-Trust_SBR_Root_CA_2_2022.pem | 137 +++++++++++++++++++ .../DIGITALSIGN_GLOBAL_ROOT_ECDSA_CA.pem | 67 +++++++++ .../blacklisted/DIGITALSIGN_GLOBAL_ROOT_RSA_CA.pem | 135 +++++++++++++++++++ .../DigiCert_Assured_ID_Root_CA.pem | 0 .../DigiCert_Global_Root_CA.pem | 0 .../DigiCert_High_Assurance_EV_Root_CA.pem | 0 .../DigiCert_SMIME_ECC_P384_Root_G5.pem | 64 +++++++++ .../blacklisted/DigiCert_SMIME_RSA4096_Root_G5.pem | 131 ++++++++++++++++++ .../blacklisted/E-Tugra_Global_Root_CA_ECC_v3.pem | 69 ---------- .../blacklisted/E-Tugra_Global_Root_CA_RSA_v3.pem | 136 ------------------- secure/caroot/blacklisted/EC-ACC.pem | 107 --------------- .../EE_Certification_Centre_Root_CA.pem | 95 ------------- .../Entrust_Root_Certification_Authority.pem | 0 .../Entrust_Root_Certification_Authority_-_EC1.pem | 0 .../Entrust_Root_Certification_Authority_-_G2.pem | 0 .../Entrust_net_Premium_2048_Secure_Server_CA.pem | 0 .../{trusted => blacklisted}/GTS_Root_R2.pem | 0 .../GeoTrust_Primary_Certification_Authority.pem | 90 ------------- ...oTrust_Primary_Certification_Authority_-_G2.pem | 67 --------- ...oTrust_Primary_Certification_Authority_-_G3.pem | 93 ------------- .../caroot/blacklisted/GeoTrust_Universal_CA.pem | 132 ------------------ .../caroot/blacklisted/GeoTrust_Universal_CA_2.pem | 132 ------------------ .../GlobalSign_Root_CA.pem | 0 .../GlobalSign_Secure_Mail_Root_E45.pem | 64 +++++++++ .../GlobalSign_Secure_Mail_Root_R45.pem | 132 ++++++++++++++++++ .../blacklisted/Global_Chambersign_Root_-_2008.pem | 148 -------------------- .../Go_Daddy_Class_2_CA.pem | 0 .../blacklisted/HARICA_Client_ECC_Root_CA_2021.pem | 65 +++++++++ .../blacklisted/HARICA_Client_RSA_Root_CA_2021.pem | 133 ++++++++++++++++++ ...demic_and_Research_Institutions_RootCA_2011.pem | 103 -------------- .../blacklisted/LAWtrust_Root_CA2__4096_.pem | 135 +++++++++++++++++++ .../caroot/blacklisted/LuxTrust_Global_Root_2.pem | 138 ------------------- .../Network_Solutions_Certificate_Authority.pem | 96 ------------- .../blacklisted/OISTE_Client_Root_ECC_G1.pem | 66 +++++++++ .../blacklisted/OISTE_Client_Root_RSA_G1.pem | 134 ++++++++++++++++++ .../QuoVadis_Root_CA_2.pem | 0 .../QuoVadis_Root_CA_3.pem | 0 .../SSL_com_Client_ECC_Root_CA_2022.pem | 67 +++++++++ .../SSL_com_Client_RSA_Root_CA_2022.pem | 134 ++++++++++++++++++ .../Sectigo_Public_Email_Protection_Root_E46.pem | 64 +++++++++ .../Sectigo_Public_Email_Protection_Root_R46.pem | 132 ++++++++++++++++++ secure/caroot/blacklisted/SecureSign_RootCA11.pem | 89 ------------ .../blacklisted/Security_Communication_RootCA3.pem | 132 ------------------ .../Starfield_Class_2_CA.pem | 0 .../SwissSign_Gold_CA_-_G2.pem | 0 .../blacklisted/SwissSign_Platinum_CA_-_G2.pem | 137 ------------------- .../SwissSign_RSA_SMIME_Root_CA_2022_-_1.pem | 134 ++++++++++++++++++ .../blacklisted/SwissSign_Silver_CA_-_G2.pem | 137 ------------------- ...Public_Primary_Certification_Authority_-_G4.pem | 67 --------- ...Public_Primary_Certification_Authority_-_G6.pem | 93 ------------- ...Public_Primary_Certification_Authority_-_G4.pem | 67 --------- ...Public_Primary_Certification_Authority_-_G6.pem | 93 ------------- .../caroot/blacklisted/TWCA_Global_Root_CA_G2.pem | 134 ++++++++++++++++++ secure/caroot/blacklisted/Taiwan_GRCA.pem | 132 ------------------ .../Telekom_Security_SMIME_ECC_Root_2021.pem | 65 +++++++++ .../Telekom_Security_SMIME_RSA_Root_2023.pem | 135 +++++++++++++++++++ .../blacklisted/TrustAsia_SMIME_ECC_Root_CA.pem | 64 +++++++++ .../blacklisted/TrustAsia_SMIME_RSA_Root_CA.pem | 132 ++++++++++++++++++ secure/caroot/blacklisted/TrustCor_ECA-1.pem | 96 ------------- .../caroot/blacklisted/TrustCor_RootCert_CA-1.pem | 96 ------------- .../caroot/blacklisted/TrustCor_RootCert_CA-2.pem | 137 ------------------- ...Public_Primary_Certification_Authority_-_G4.pem | 73 ---------- ...Public_Primary_Certification_Authority_-_G5.pem | 99 -------------- ...Sign_Universal_Root_Certification_Authority.pem | 99 -------------- ...Public_Primary_Certification_Authority_-_G3.pem | 86 ------------ ...Public_Primary_Certification_Authority_-_G3.pem | 86 ------------ ...Public_Primary_Certification_Authority_-_G3.pem | 86 ------------ .../caroot/blacklisted/thawte_Primary_Root_CA.pem | 94 ------------- .../blacklisted/thawte_Primary_Root_CA_-_G2.pem | 66 --------- .../blacklisted/thawte_Primary_Root_CA_-_G3.pem | 94 ------------- secure/caroot/trusted/AffirmTrust_Commercial.pem | 88 ------------ secure/caroot/trusted/AffirmTrust_Networking.pem | 88 ------------ secure/caroot/trusted/AffirmTrust_Premium.pem | 130 ------------------ secure/caroot/trusted/AffirmTrust_Premium_ECC.pem | 62 --------- .../caroot/trusted/Baltimore_CyberTrust_Root.pem | 89 ------------ .../trusted/CommScope_Public_Trust_ECC_Root-01.pem | 64 --------- .../trusted/CommScope_Public_Trust_ECC_Root-02.pem | 64 --------- .../trusted/CommScope_Public_Trust_RSA_Root-01.pem | 131 ------------------ .../trusted/CommScope_Public_Trust_RSA_Root-02.pem | 131 ------------------ .../trusted/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem | 68 ---------- secure/caroot/trusted/GLOBALTRUST_2020.pem | 134 ------------------ secure/caroot/trusted/OISTE_Server_Root_ECC_G1.pem | 66 +++++++++ secure/caroot/trusted/OISTE_Server_Root_RSA_G1.pem | 134 ++++++++++++++++++ secure/caroot/trusted/SecureTrust_CA.pem | 99 -------------- secure/caroot/trusted/Secure_Global_CA.pem | 99 -------------- .../trusted/SwissSign_RSA_TLS_Root_CA_2022_-_1.pem | 134 ++++++++++++++++++ secure/caroot/trusted/TeliaSonera_Root_CA_v1.pem | 130 ------------------ .../caroot/trusted/TrustAsia_TLS_ECC_Root_CA.pem | 64 +++++++++ .../caroot/trusted/TrustAsia_TLS_RSA_Root_CA.pem | 132 ++++++++++++++++++ .../Trustwave_Global_Certification_Authority.pem | 134 ------------------ ...ave_Global_ECC_P256_Certification_Authority.pem | 61 --------- ...ave_Global_ECC_P384_Certification_Authority.pem | 67 --------- secure/caroot/trusted/XRamp_Global_CA_Root.pem | 102 -------------- secure/caroot/trusted/certSIGN_ROOT_CA.pem | 88 ------------ .../caroot/trusted/e-Szigno_TLS_Root_CA_2023.pem | 74 ++++++++++ 106 files changed, 3273 insertions(+), 5662 deletions(-) diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc index a897879d2bbf..aecebd000317 100644 --- a/ObsoleteFiles.inc +++ b/ObsoleteFiles.inc @@ -51,6 +51,81 @@ # xargs -n1 | sort | uniq -d; # done +# 20260430: Regenerate trust store +OLD_FILES+=usr/share/certs/trusted/Entrust_net_Premium_2048_Secure_Server_CA.pem +OLD_FILES+=usr/share/certs/trusted/AffirmTrust_Premium.pem +OLD_FILES+=usr/share/certs/trusted/Starfield_Class_2_CA.pem +OLD_FILES+=usr/share/certs/trusted/GTS_Root_R2.pem +OLD_FILES+=usr/share/certs/trusted/GLOBALTRUST_2020.pem +OLD_FILES+=usr/share/certs/trusted/Secure_Global_CA.pem +OLD_FILES+=usr/share/certs/trusted/GlobalSign_Root_CA.pem +OLD_FILES+=usr/share/certs/trusted/CommScope_Public_Trust_RSA_Root-01.pem +OLD_FILES+=usr/share/certs/trusted/Trustwave_Global_ECC_P384_Certification_Authority.pem +OLD_FILES+=usr/share/certs/trusted/SwissSign_Gold_CA_-_G2.pem +OLD_FILES+=usr/share/certs/trusted/Go_Daddy_Class_2_CA.pem +OLD_FILES+=usr/share/certs/trusted/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem +OLD_FILES+=usr/share/certs/trusted/Trustwave_Global_Certification_Authority.pem +OLD_FILES+=usr/share/certs/trusted/Trustwave_Global_ECC_P256_Certification_Authority.pem +OLD_FILES+=usr/share/certs/trusted/CommScope_Public_Trust_ECC_Root-01.pem +OLD_FILES+=usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_EC1.pem +OLD_FILES+=usr/share/certs/trusted/Certigna.pem +OLD_FILES+=usr/share/certs/trusted/AffirmTrust_Commercial.pem +OLD_FILES+=usr/share/certs/trusted/DigiCert_Assured_ID_Root_CA.pem +OLD_FILES+=usr/share/certs/trusted/Baltimore_CyberTrust_Root.pem +OLD_FILES+=usr/share/certs/trusted/CommScope_Public_Trust_ECC_Root-02.pem +OLD_FILES+=usr/share/certs/trusted/Entrust_Root_Certification_Authority.pem +OLD_FILES+=usr/share/certs/trusted/AffirmTrust_Premium_ECC.pem +OLD_FILES+=usr/share/certs/trusted/CommScope_Public_Trust_RSA_Root-02.pem +OLD_FILES+=usr/share/certs/trusted/TeliaSonera_Root_CA_v1.pem +OLD_FILES+=usr/share/certs/trusted/QuoVadis_Root_CA_2.pem +OLD_FILES+=usr/share/certs/trusted/COMODO_Certification_Authority.pem +OLD_FILES+=usr/share/certs/trusted/SecureTrust_CA.pem +OLD_FILES+=usr/share/certs/trusted/Comodo_AAA_Services_root.pem +OLD_FILES+=usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_G2.pem +OLD_FILES+=usr/share/certs/trusted/QuoVadis_Root_CA_3.pem +OLD_FILES+=usr/share/certs/trusted/DigiCert_High_Assurance_EV_Root_CA.pem +OLD_FILES+=usr/share/certs/trusted/certSIGN_ROOT_CA.pem +OLD_FILES+=usr/share/certs/trusted/DigiCert_Global_Root_CA.pem +OLD_FILES+=usr/share/certs/trusted/AffirmTrust_Networking.pem +OLD_FILES+=usr/share/certs/trusted/XRamp_Global_CA_Root.pem +OLD_FILES+=usr/share/certs/blacklisted/Security_Communication_RootCA3.pem +OLD_FILES+=usr/share/certs/blacklisted/GeoTrust_Primary_Certification_Authority_-_G3.pem +OLD_FILES+=usr/share/certs/blacklisted/E-Tugra_Global_Root_CA_ECC_v3.pem +OLD_FILES+=usr/share/certs/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G4.pem +OLD_FILES+=usr/share/certs/blacklisted/EE_Certification_Centre_Root_CA.pem +OLD_FILES+=usr/share/certs/blacklisted/EC-ACC.pem +OLD_FILES+=usr/share/certs/blacklisted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem +OLD_FILES+=usr/share/certs/blacklisted/GeoTrust_Universal_CA.pem +OLD_FILES+=usr/share/certs/blacklisted/Global_Chambersign_Root_-_2008.pem +OLD_FILES+=usr/share/certs/blacklisted/Camerfirma_Global_Chambersign_Root.pem +OLD_FILES+=usr/share/certs/blacklisted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem +OLD_FILES+=usr/share/certs/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem +OLD_FILES+=usr/share/certs/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem +OLD_FILES+=usr/share/certs/blacklisted/TrustCor_RootCert_CA-2.pem +OLD_FILES+=usr/share/certs/blacklisted/GeoTrust_Universal_CA_2.pem +OLD_FILES+=usr/share/certs/blacklisted/Network_Solutions_Certificate_Authority.pem +OLD_FILES+=usr/share/certs/blacklisted/thawte_Primary_Root_CA.pem +OLD_FILES+=usr/share/certs/blacklisted/E-Tugra_Global_Root_CA_RSA_v3.pem +OLD_FILES+=usr/share/certs/blacklisted/GeoTrust_Primary_Certification_Authority.pem +OLD_FILES+=usr/share/certs/blacklisted/Taiwan_GRCA.pem +OLD_FILES+=usr/share/certs/blacklisted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem +OLD_FILES+=usr/share/certs/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem +OLD_FILES+=usr/share/certs/blacklisted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem +OLD_FILES+=usr/share/certs/blacklisted/SwissSign_Platinum_CA_-_G2.pem +OLD_FILES+=usr/share/certs/blacklisted/TrustCor_RootCert_CA-1.pem +OLD_FILES+=usr/share/certs/blacklisted/thawte_Primary_Root_CA_-_G3.pem +OLD_FILES+=usr/share/certs/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem +OLD_FILES+=usr/share/certs/blacklisted/SwissSign_Silver_CA_-_G2.pem +OLD_FILES+=usr/share/certs/blacklisted/TrustCor_ECA-1.pem +OLD_FILES+=usr/share/certs/blacklisted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem +OLD_FILES+=usr/share/certs/blacklisted/SecureSign_RootCA11.pem +OLD_FILES+=usr/share/certs/blacklisted/Chambers_of_Commerce_Root_-_2008.pem +OLD_FILES+=usr/share/certs/blacklisted/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem +OLD_FILES+=usr/share/certs/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem +OLD_FILES+=usr/share/certs/blacklisted/LuxTrust_Global_Root_2.pem +OLD_FILES+=usr/share/certs/blacklisted/thawte_Primary_Root_CA_-_G2.pem +OLD_FILES+=usr/share/certs/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G4.pem + # 20251006: Remove libnss_tacplus.a (it never should have been installed) OLD_FILES+=usr/lib/libnss_tacplus.a diff --git a/secure/caroot/Makefile b/secure/caroot/Makefile index e23384078e9b..88fef940218b 100644 --- a/secure/caroot/Makefile +++ b/secure/caroot/Makefile @@ -8,7 +8,7 @@ SUBDIR+= blacklisted # Set this to an upstream hash or tag # https://hg-edge.mozilla.org/projects/nss/tags -HGVER = e71e3de47d4ca7a3efa7c11096ab2e20ae71683e +HGVER = NSS_3_123_1_RTM # To be used by secteam@ to update the trusted certificates fetchcerts: .PHONY diff --git a/secure/caroot/blacklisted/Atos_TrustedRoot_Root_CA_ECC_G2_2020.pem b/secure/caroot/blacklisted/Atos_TrustedRoot_Root_CA_ECC_G2_2020.pem new file mode 100644 index 000000000000..7afdd926fb82 --- /dev/null +++ b/secure/caroot/blacklisted/Atos_TrustedRoot_Root_CA_ECC_G2_2020.pem @@ -0,0 +1,66 @@ +## +## Atos TrustedRoot Root CA ECC G2 2020 +## +## This is a single X.509 certificate for a public Certificate +## Authority (CA). It was automatically extracted from Mozilla's +## root CA list (the file `certdata.txt' in security/nss) +## licensed under the MPL 2.0, http://mozilla.org/MPL/2.0/. +## +## @generated +## +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:73:28:11:18:74:30:1c:ef:6f:08:84 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C=DE, O=Atos, CN=Atos TrustedRoot Root CA ECC G2 2020 + Validity + Not Before: Dec 15 08:39:10 2020 GMT + Not After : Dec 10 08:39:09 2040 GMT + Subject: C=DE, O=Atos, CN=Atos TrustedRoot Root CA ECC G2 2020 + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:c8:5c:80:ca:4e:c2:28:1f:57:bf:38:e6:61:23: + fc:d0:a9:5b:96:16:16:c3:0c:5e:15:a5:90:09:ff: + 38:28:b4:7a:1e:0a:d6:53:2a:c1:bb:90:40:74:37: + e9:81:e8:8d:2f:68:01:35:7c:52:2e:d8:f4:58:b3: + 11:1c:5b:d9:87:18:93:91:2d:ec:9d:da:6c:9e:6d: + 84:48:fc:c2:89:05:eb:98:13:02:01:6c:53:1e:0e: + 49:63:58:47:b1:af:c2 + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Authority Key Identifier: + 5B:1F:C4:71:6C:B2:1B:9F:BE:5C:1F:8C:FD:B3:B6:FB:B3:0E:09:87 + X509v3 Subject Key Identifier: + 5B:1F:C4:71:6C:B2:1B:9F:BE:5C:1F:8C:FD:B3:B6:FB:B3:0E:09:87 + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + Signature Algorithm: ecdsa-with-SHA384 + Signature Value: + 30:66:02:31:00:ec:e0:99:fd:dd:e4:54:c1:cb:1f:e8:3e:28: + d7:15:59:4a:82:ca:53:30:ec:eb:36:a5:b9:c8:ce:93:47:56: + c8:61:a6:e1:6d:92:53:95:8f:f6:e3:55:53:f0:dd:7a:e7:02: + 31:00:b0:87:d5:1b:b3:60:fc:91:8d:80:ca:a2:1b:51:4b:38: + 54:cb:aa:1e:7b:d7:e5:44:95:16:2f:3c:44:78:2e:25:ba:ea: + 90:e4:ec:52:ee:57:ec:03:84:f3:5e:db:16:0d +SHA1 Fingerprint=61:25:56:DA:62:94:E5:AE:B3:3C:F8:11:BD:B1:DC:F8:A5:D8:B3:E4 +-----BEGIN CERTIFICATE----- +MIICMTCCAbagAwIBAgIMC3MoERh0MBzvbwiEMAoGCCqGSM49BAMDMEsxCzAJBgNV +BAYTAkRFMQ0wCwYDVQQKDARBdG9zMS0wKwYDVQQDDCRBdG9zIFRydXN0ZWRSb290 +IFJvb3QgQ0EgRUNDIEcyIDIwMjAwHhcNMjAxMjE1MDgzOTEwWhcNNDAxMjEwMDgz +OTA5WjBLMQswCQYDVQQGEwJERTENMAsGA1UECgwEQXRvczEtMCsGA1UEAwwkQXRv +cyBUcnVzdGVkUm9vdCBSb290IENBIEVDQyBHMiAyMDIwMHYwEAYHKoZIzj0CAQYF +K4EEACIDYgAEyFyAyk7CKB9XvzjmYSP80KlblhYWwwxeFaWQCf84KLR6HgrWUyrB +u5BAdDfpgeiNL2gBNXxSLtj0WLMRHFvZhxiTkS3sndpsnm2ESPzCiQXrmBMCAWxT +Hg5JY1hHsa/Co2MwYTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFFsfxHFs +shufvlwfjP2ztvuzDgmHMB0GA1UdDgQWBBRbH8RxbLIbn75cH4z9s7b7sw4JhzAO +BgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaQAwZgIxAOzgmf3d5FTByx/oPijX +FVlKgspTMOzrNqW5yM6TR1bIYabhbZJTlY/241VT8N165wIxALCH1RuzYPyRjYDK +ohtRSzhUy6oee9flRJUWLzxEeC4luuqQ5OxS7lfsA4TzXtsWDQ== +-----END CERTIFICATE----- diff --git a/secure/caroot/blacklisted/Atos_TrustedRoot_Root_CA_RSA_G2_2020.pem b/secure/caroot/blacklisted/Atos_TrustedRoot_Root_CA_RSA_G2_2020.pem new file mode 100644 index 000000000000..b7651aa21077 --- /dev/null +++ b/secure/caroot/blacklisted/Atos_TrustedRoot_Root_CA_RSA_G2_2020.pem @@ -0,0 +1,134 @@ +## +## Atos TrustedRoot Root CA RSA G2 2020 +## +## This is a single X.509 certificate for a public Certificate +## Authority (CA). It was automatically extracted from Mozilla's +## root CA list (the file `certdata.txt' in security/nss) +## licensed under the MPL 2.0, http://mozilla.org/MPL/2.0/. +## +## @generated +## +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 47:ba:29:46:55:3e:16:92:97:b0:ab:40 + Signature Algorithm: sha384WithRSAEncryption + Issuer: C=DE, O=Atos, CN=Atos TrustedRoot Root CA RSA G2 2020 + Validity + Not Before: Dec 15 08:41:23 2020 GMT + Not After : Dec 10 08:41:22 2040 GMT + Subject: C=DE, O=Atos, CN=Atos TrustedRoot Root CA RSA G2 2020 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:96:31:85:4a:aa:0f:32:fe:79:e1:43:87:9c:fb: + 23:b7:8e:7f:0d:54:bd:c7:62:93:77:e4:1c:35:04: + 76:a3:03:8b:22:ee:c4:84:dd:a5:93:6e:6e:b2:8e: + 09:03:eb:51:16:31:17:aa:69:15:18:0e:67:74:23: + 5e:ea:9a:7d:b5:39:3e:3d:82:a9:6b:e1:fe:a9:1c: + b0:ad:5a:4d:4c:78:83:41:8b:cf:f2:1d:62:9a:98: + 04:9c:63:e9:ab:65:fe:48:1d:24:65:07:47:3e:b9: + 91:2e:e9:9d:9b:7f:1a:35:a9:34:b0:b7:e5:70:33: + ef:4a:72:51:b6:07:bf:60:3f:2a:9f:9d:54:df:f3: + d7:94:49:51:03:5a:40:a9:68:dd:11:59:5c:f8:76: + a6:bc:50:52:10:ed:ac:ec:95:e0:d4:83:6b:49:da: + 0a:4f:99:83:de:32:83:48:83:67:95:b2:7e:e7:81: + 85:3d:cd:82:f7:ca:02:ed:6d:88:5d:08:8d:b8:35: + bf:2a:69:30:99:bb:4b:d1:41:db:45:a0:93:99:51: + 81:90:36:08:aa:8a:b6:e8:8f:b3:cb:ee:e5:46:0d: + 72:75:f5:49:6c:e1:a2:7f:2f:bc:ed:84:a6:37:ee: + de:c2:4f:39:4e:f6:9e:f0:c9:d1:9b:30:9d:49:6d: + e1:da:ff:12:10:8c:d6:e5:99:7b:05:b6:7d:b0:09: + c7:a4:f8:b2:1c:39:95:39:33:f4:35:ce:25:62:7b: + b0:5f:20:f3:cb:6d:f8:6c:52:14:64:44:8f:d3:c8: + a9:76:07:e5:af:71:99:2d:2d:04:25:48:76:af:c3: + e7:cc:43:f2:07:bc:4a:24:24:37:dd:fa:6e:94:09: + 6f:4c:5e:01:b4:fe:54:ec:23:96:a5:5e:dd:86:ff: + e9:46:2a:f1:e8:dc:ec:a5:3d:af:6f:aa:0e:0f:b4: + 75:fa:3e:08:b9:26:45:4f:66:86:4c:bc:19:b8:e1: + d5:35:ee:82:84:c8:d3:ab:12:e7:cd:73:33:62:77: + f4:17:cb:bd:34:76:2a:05:ce:95:e5:78:79:4b:9e: + b0:8d:f9:3c:58:38:91:ea:5e:87:38:c0:b7:42:fd: + aa:4c:87:23:ad:04:20:b1:7e:76:42:da:bb:b6:16: + ba:57:c8:8e:13:fa:75:d5:08:4c:af:38:91:aa:ef: + 8f:fa:9f:49:2e:54:7c:0a:56:b1:7a:fa:c4:4e:2f: + d4:a3:fa:16:8a:d0:95:e5:97:a6:ff:c3:fc:7c:0e: + 47:58:f3:7f:07:7b:12:dc:57:3f:2d:e3:a1:4d:5b: + 52:4c:33:87:99:a8:09:7b:6c:7e:0e:f2:cf:56:42: + 9e:eb:05 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Authority Key Identifier: + 20:25:F3:07:FD:A7:6F:F1:96:EE:91:10:69:CC:9A:EF:7D:C8:68:78 + X509v3 Subject Key Identifier: + 20:25:F3:07:FD:A7:6F:F1:96:EE:91:10:69:CC:9A:EF:7D:C8:68:78 + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + Signature Algorithm: sha384WithRSAEncryption + Signature Value: + 24:2b:4e:98:f2:1d:17:ed:d9:76:26:b6:30:33:e8:69:45:a1: + 51:4b:52:d8:7a:3a:30:b6:e4:12:ea:bf:9f:4c:e0:04:a4:f6: + 35:c6:fe:a1:30:f7:53:85:92:ad:54:05:57:5f:92:e5:2a:de: + 36:27:9e:7b:13:47:c9:6a:75:af:fc:f3:37:e7:0c:f5:3d:01: + 73:b5:69:51:f8:bd:59:d1:ba:0b:f8:ba:ba:64:27:43:b3:7c: + 83:95:8a:e7:9e:13:96:d7:6f:4a:96:41:49:8b:0e:20:ad:16: + c6:f7:a6:87:5b:88:12:89:8b:89:ca:12:d2:56:af:22:01:21: + 46:e9:ab:98:3f:a7:88:de:e4:cb:2a:9a:75:19:fa:39:5e:09: + 05:d7:03:32:1a:b8:17:51:08:c7:00:40:7d:f4:be:f8:0c:59: + f4:69:76:6e:d3:a4:58:5b:5e:26:73:e4:42:55:06:5e:78:40: + 0f:d3:38:9f:ef:26:51:70:74:91:f1:77:62:01:e8:d9:cb:eb: + a1:df:39:32:1d:bb:6b:fd:71:fe:eb:cf:a5:e6:14:fd:00:80: + 13:c6:9a:00:48:b0:99:05:e9:ae:80:48:fb:09:3f:51:14:b5: + b9:e7:60:4d:4d:ca:2f:81:21:ee:52:0c:65:7a:dc:f5:89:49: + 4c:30:92:34:58:80:32:59:b1:0d:ff:24:61:0f:e7:0a:42:d0: + 7b:bc:f8:8e:27:47:3f:70:9d:27:d9:b6:06:3d:a5:bb:cb:5e: + 8f:ae:0e:53:c7:9c:6a:6f:3b:4c:0f:a3:40:70:a8:9a:07:ce: + d4:6e:5b:07:a2:d2:e2:54:b6:bd:6f:33:72:63:ad:51:98:e1: + 8f:76:f1:6a:07:38:25:fe:f6:62:ce:5f:db:63:c2:6e:99:ef: + 06:dc:b9:de:19:1a:e8:54:3d:7d:d2:76:75:d9:5e:3e:32:48: + a7:8c:f2:9e:72:0c:f8:b8:58:b8:17:23:a5:14:87:75:58:7a: + 00:81:07:22:39:6a:4c:94:a0:b5:a2:db:a7:2c:c1:b0:f1:a3: + 9b:c0:4c:f7:6d:70:ea:31:9f:f1:ae:7d:3e:73:28:d9:a1:df: + fa:93:f0:9b:b0:f0:e2:cd:25:20:75:ef:e2:7d:32:05:c9:9b: + 76:ee:cb:bd:31:1e:f9:94:98:4b:24:58:56:48:c0:de:06:4c: + bd:a6:34:5d:ed:16:61:63:73:fb:19:e2:fa:5b:d8:97:75:d4: + 6d:9e:60:39:5e:94:8b:02:2c:eb:99:ce:60:2a:6e:1b:8c:a7: + 4b:bc:fd:36:e6:98:1f:65:f2:7f:f1:e3:8f:4c:80:46:36:58: + b6:a1:65:cb:ce:1c:44:75 +SHA1 Fingerprint=32:D1:27:FA:93:B1:C1:4C:99:E2:4A:40:BC:7F:94:41:1B:5A:AC:A4 +-----BEGIN CERTIFICATE----- +MIIFfzCCA2egAwIBAgIMR7opRlU+FpKXsKtAMA0GCSqGSIb3DQEBDAUAMEsxCzAJ +BgNVBAYTAkRFMQ0wCwYDVQQKDARBdG9zMS0wKwYDVQQDDCRBdG9zIFRydXN0ZWRS +b290IFJvb3QgQ0EgUlNBIEcyIDIwMjAwHhcNMjAxMjE1MDg0MTIzWhcNNDAxMjEw +MDg0MTIyWjBLMQswCQYDVQQGEwJERTENMAsGA1UECgwEQXRvczEtMCsGA1UEAwwk +QXRvcyBUcnVzdGVkUm9vdCBSb290IENBIFJTQSBHMiAyMDIwMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAljGFSqoPMv554UOHnPsjt45/DVS9x2KTd+Qc +NQR2owOLIu7EhN2lk25uso4JA+tRFjEXqmkVGA5ndCNe6pp9tTk+PYKpa+H+qRyw +rVpNTHiDQYvP8h1impgEnGPpq2X+SB0kZQdHPrmRLumdm38aNak0sLflcDPvSnJR +tge/YD8qn51U3/PXlElRA1pAqWjdEVlc+HamvFBSEO2s7JXg1INrSdoKT5mD3jKD +SINnlbJ+54GFPc2C98oC7W2IXQiNuDW/KmkwmbtL0UHbRaCTmVGBkDYIqoq26I+z +y+7lRg1ydfVJbOGify+87YSmN+7ewk85Tvae8MnRmzCdSW3h2v8SEIzW5Zl7BbZ9 +sAnHpPiyHDmVOTP0Nc4lYnuwXyDzy234bFIUZESP08ipdgflr3GZLS0EJUh2r8Pn +zEPyB7xKJCQ33fpulAlvTF4BtP5U7COWpV7dhv/pRirx6NzspT2vb6oOD7R1+j4I +uSZFT2aGTLwZuOHVNe6ChMjTqxLnzXMzYnf0F8u9NHYqBc6V5Xh5S56wjfk8WDiR +6l6HOMC3Qv2qTIcjrQQgsX52Qtq7tha6V8iOE/p11QhMrziRqu+P+p9JLlR8Clax +evrETi/Uo/oWitCV5Zem/8P8fA5HWPN/B3sS3Fc/LeOhTVtSTDOHmagJe2x+DvLP +VkKe6wUCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBQgJfMH +/adv8ZbukRBpzJrvfchoeDAdBgNVHQ4EFgQUICXzB/2nb/GW7pEQacya733IaHgw +DgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBDAUAA4ICAQAkK06Y8h0X7dl2JrYw +M+hpRaFRS1LYejowtuQS6r+fTOAEpPY1xv6hMPdThZKtVAVXX5LlKt42J557E0fJ +anWv/PM35wz1PQFztWlR+L1Z0boL+Lq6ZCdDs3yDlYrnnhOW129KlkFJiw4grRbG +96aHW4gSiYuJyhLSVq8iASFG6auYP6eI3uTLKpp1Gfo5XgkF1wMyGrgXUQjHAEB9 +9L74DFn0aXZu06RYW14mc+RCVQZeeEAP0zif7yZRcHSR8XdiAejZy+uh3zkyHbtr +/XH+68+l5hT9AIATxpoASLCZBemugEj7CT9RFLW552BNTcovgSHuUgxletz1iUlM +MJI0WIAyWbEN/yRhD+cKQtB7vPiOJ0c/cJ0n2bYGPaW7y16Prg5Tx5xqbztMD6NA +cKiaB87UblsHotLiVLa9bzNyY61RmOGPdvFqBzgl/vZizl/bY8Jume8G3LneGRro +VD190nZ12V4+MkinjPKecgz4uFi4FyOlFId1WHoAgQciOWpMlKC1otunLMGw8aOb +wEz3bXDqMZ/xrn0+cyjZod/6k/CbsPDizSUgde/ifTIFyZt27su9MR75lJhLJFhW +SMDeBky9pjRd7RZhY3P7GeL6W9iXddRtnmA5XpSLAizrmc5gKm4bjKdLvP025pgf +ZfJ/8eOPTIBGNli2oWXLzhxEdQ== +-----END CERTIFICATE----- diff --git a/secure/caroot/trusted/COMODO_Certification_Authority.pem b/secure/caroot/blacklisted/COMODO_Certification_Authority.pem similarity index 100% rename from secure/caroot/trusted/COMODO_Certification_Authority.pem rename to secure/caroot/blacklisted/COMODO_Certification_Authority.pem diff --git a/secure/caroot/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem b/secure/caroot/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem deleted file mode 100644 index 5d7577fd66de..000000000000 --- a/secure/caroot/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem +++ /dev/null @@ -1,109 +0,0 @@ -## -## Camerfirma Chambers of Commerce Root -## -## This is a single X.509 certificate for a public Certificate -## Authority (CA). It was automatically extracted from Mozilla's -## root CA list (the file `certdata.txt' in security/nss) -## licensed under the MPL 2.0, http://mozilla.org/MPL/2.0/. -## -## @generated -## -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Chambers of Commerce Root - Validity - Not Before: Sep 30 16:13:43 2003 GMT - Not After : Sep 30 16:13:44 2037 GMT - Subject: C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Chambers of Commerce Root - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:b7:36:55:e5:a5:5d:18:30:e0:da:89:54:91:fc: - c8:c7:52:f8:2f:50:d9:ef:b1:75:73:65:47:7d:1b: - 5b:ba:75:c5:fc:a1:88:24:fa:2f:ed:ca:08:4a:39: - 54:c4:51:7a:b5:da:60:ea:38:3c:81:b2:cb:f1:bb: - d9:91:23:3f:48:01:70:75:a9:05:2a:ad:1f:71:f3: - c9:54:3d:1d:06:6a:40:3e:b3:0c:85:ee:5c:1b:79: - c2:62:c4:b8:36:8e:35:5d:01:0c:23:04:47:35:aa: - 9b:60:4e:a0:66:3d:cb:26:0a:9c:40:a1:f4:5d:98: - bf:71:ab:a5:00:68:2a:ed:83:7a:0f:a2:14:b5:d4: - 22:b3:80:b0:3c:0c:5a:51:69:2d:58:18:8f:ed:99: - 9e:f1:ae:e2:95:e6:f6:47:a8:d6:0c:0f:b0:58:58: - db:c3:66:37:9e:9b:91:54:33:37:d2:94:1c:6a:48: - c9:c9:f2:a5:da:a5:0c:23:f7:23:0e:9c:32:55:5e: - 71:9c:84:05:51:9a:2d:fd:e6:4e:2a:34:5a:de:ca: - 40:37:67:0c:54:21:55:77:da:0a:0c:cc:97:ae:80: - dc:94:36:4a:f4:3e:ce:36:13:1e:53:e4:ac:4e:3a: - 05:ec:db:ae:72:9c:38:8b:d0:39:3b:89:0a:3e:77: - fe:75 - Exponent: 3 (0x3) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:12 - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl.chambersign.org/chambersroot.crl - - X509v3 Subject Key Identifier: - E3:94:F5:B1:4D:E9:DB:A1:29:5B:57:8B:4D:76:06:76:E1:D1:A2:8A - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA - X509v3 Subject Alternative Name: - email:chambersroot@chambersign.org - X509v3 Issuer Alternative Name: - email:chambersroot@chambersign.org - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.17326.10.3.1 - CPS: http://cps.chambersign.org/cps/chambersroot.html - Signature Algorithm: sha1WithRSAEncryption - Signature Value: - 0c:41:97:c2:1a:86:c0:22:7c:9f:fb:90:f3:1a:d1:03:b1:ef: - 13:f9:21:5f:04:9c:da:c9:a5:8d:27:6c:96:87:91:be:41:90: - 01:72:93:e7:1e:7d:5f:f6:89:c6:5d:a7:40:09:3d:ac:49:45: - 45:dc:2e:8d:30:68:b2:09:ba:fb:c3:2f:cc:ba:0b:df:3f:77: - 7b:46:7d:3a:12:24:8e:96:8f:3c:05:0a:6f:d2:94:28:1d:6d: - 0c:c0:2e:88:22:d5:d8:cf:1d:13:c7:f0:48:d7:d7:05:a7:cf: - c7:47:9e:3b:3c:34:c8:80:4f:d4:14:bb:fc:0d:50:f7:fa:b3: - ec:42:5f:a9:dd:6d:c8:f4:75:cf:7b:c1:72:26:b1:01:1c:5c: - 2c:fd:7a:4e:b4:01:c5:05:57:b9:e7:3c:aa:05:d9:88:e9:07: - 46:41:ce:ef:41:81:ae:58:df:83:a2:ae:ca:d7:77:1f:e7:00: - 3c:9d:6f:8e:e4:32:09:1d:4d:78:34:78:34:3c:94:9b:26:ed: - 4f:71:c6:19:7a:bd:20:22:48:5a:fe:4b:7d:03:b7:e7:58:be: - c6:32:4e:74:1e:68:dd:a8:68:5b:b3:3e:ee:62:7d:d9:80:e8: - 0a:75:7a:b7:ee:b4:65:9a:21:90:e0:aa:d0:98:bc:38:b5:73: - 3c:8b:f8:dc -SHA1 Fingerprint=6E:3A:55:A4:19:0C:19:5C:93:84:3C:C0:DB:72:2E:31:30:61:F0:B1 ------BEGIN CERTIFICATE----- -MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg -b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa -MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB -ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw -IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B -AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb -unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d -BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq -7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3 -0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX -roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG -A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j -aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p -26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA -BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud -EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN -BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz -aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB -AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd -p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi -1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc -XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0 -eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu -tGWaIZDgqtCYvDi1czyL+Nw= ------END CERTIFICATE----- diff --git a/secure/caroot/blacklisted/Camerfirma_Global_Chambersign_Root.pem b/secure/caroot/blacklisted/Camerfirma_Global_Chambersign_Root.pem deleted file mode 100644 index 43fd743fd716..000000000000 --- a/secure/caroot/blacklisted/Camerfirma_Global_Chambersign_Root.pem +++ /dev/null @@ -1,109 +0,0 @@ -## -## Camerfirma Global Chambersign Root -## -## This is a single X.509 certificate for a public Certificate -## Authority (CA). It was automatically extracted from Mozilla's -## root CA list (the file `certdata.txt' in security/nss) -## licensed under the MPL 2.0, http://mozilla.org/MPL/2.0/. -## -## @generated -## -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Global Chambersign Root - Validity - Not Before: Sep 30 16:14:18 2003 GMT - Not After : Sep 30 16:14:18 2037 GMT - Subject: C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Global Chambersign Root - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:a2:70:a2:d0:9f:42:ae:5b:17:c7:d8:7d:cf:14: - 83:fc:4f:c9:a1:b7:13:af:8a:d7:9e:3e:04:0a:92: - 8b:60:56:fa:b4:32:2f:88:4d:a1:60:08:f4:b7:09: - 4e:a0:49:2f:49:d6:d3:df:9d:97:5a:9f:94:04:70: - ec:3f:59:d9:b7:cc:66:8b:98:52:28:09:02:df:c5: - 2f:84:8d:7a:97:77:bf:ec:40:9d:25:72:ab:b5:3f: - 32:98:fb:b7:b7:fc:72:84:e5:35:87:f9:55:fa:a3: - 1f:0e:6f:2e:28:dd:69:a0:d9:42:10:c6:f8:b5:44: - c2:d0:43:7f:db:bc:e4:a2:3c:6a:55:78:0a:77:a9: - d8:ea:19:32:b7:2f:fe:5c:3f:1b:ee:b1:98:ec:ca: - ad:7a:69:45:e3:96:0f:55:f6:e6:ed:75:ea:65:e8: - 32:56:93:46:89:a8:25:8a:65:06:ee:6b:bf:79:07: - d0:f1:b7:af:ed:2c:4d:92:bb:c0:a8:5f:a7:67:7d: - 04:f2:15:08:70:ac:92:d6:7d:04:d2:33:fb:4c:b6: - 0b:0b:fb:1a:c9:c4:8d:03:a9:7e:5c:f2:50:ab:12: - a5:a1:cf:48:50:a5:ef:d2:c8:1a:13:fa:b0:7f:b1: - 82:1c:77:6a:0f:5f:dc:0b:95:8f:ef:43:7e:e6:45: - 09:25 - Exponent: 3 (0x3) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:12 - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl.chambersign.org/chambersignroot.crl - - X509v3 Subject Key Identifier: - 43:9C:36:9F:B0:9E:30:4D:C6:CE:5F:AD:10:AB:E5:03:A5:FA:A9:14 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA - X509v3 Subject Alternative Name: - email:chambersignroot@chambersign.org - X509v3 Issuer Alternative Name: - email:chambersignroot@chambersign.org - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.17326.10.1.1 - CPS: http://cps.chambersign.org/cps/chambersignroot.html - Signature Algorithm: sha1WithRSAEncryption - Signature Value: - 3c:3b:70:91:f9:04:54:27:91:e1:ed:ed:fe:68:7f:61:5d:e5: - 41:65:4f:32:f1:18:05:94:6a:1c:de:1f:70:db:3e:7b:32:02: - 34:b5:0c:6c:a1:8a:7c:a5:f4:8f:ff:d4:d8:ad:17:d5:2d:04: - d1:3f:58:80:e2:81:59:88:be:c0:e3:46:93:24:fe:90:bd:26: - a2:30:2d:e8:97:26:57:35:89:74:96:18:f6:15:e2:af:24:19: - 56:02:02:b2:ba:0f:14:ea:c6:8a:66:c1:86:45:55:8b:be:92: - be:9c:a4:04:c7:49:3c:9e:e8:29:7a:89:d7:fe:af:ff:68:f5: - a5:17:90:bd:ac:99:cc:a5:86:57:09:67:46:db:d6:16:c2:46: - f1:e4:a9:50:f5:8f:d1:92:15:d3:5f:3e:c6:00:49:3a:6e:58: - b2:d1:d1:27:0d:25:c8:32:f8:20:11:cd:7d:32:33:48:94:54: - 4c:dd:dc:79:c4:30:9f:eb:8e:b8:55:b5:d7:88:5c:c5:6a:24: - 3d:b2:d3:05:03:51:c6:07:ef:cc:14:72:74:3d:6e:72:ce:18: - 28:8c:4a:a0:77:e5:09:2b:45:44:47:ac:b7:67:7f:01:8a:05: - 5a:93:be:a1:c1:ff:f8:e7:0e:67:a4:47:49:76:5d:75:90:1a: - f5:26:8f:f0 -SHA1 Fingerprint=33:9B:6B:14:50:24:9B:55:7A:01:87:72:84:D9:E0:2F:C3:D2:D8:E9 ------BEGIN CERTIFICATE----- -MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo -YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9 -MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy -NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G -A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA -A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0 -Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s -QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV -eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795 -B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh -z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T -AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i -ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w -TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH -MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD -VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE -VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh -bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B -AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM -bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi -ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG -VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c -ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/ -AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== ------END CERTIFICATE----- diff --git a/secure/caroot/trusted/Certigna.pem b/secure/caroot/blacklisted/Certigna.pem similarity index 100% rename from secure/caroot/trusted/Certigna.pem rename to secure/caroot/blacklisted/Certigna.pem diff --git a/secure/caroot/blacklisted/Chambers_of_Commerce_Root_-_2008.pem b/secure/caroot/blacklisted/Chambers_of_Commerce_Root_-_2008.pem deleted file mode 100644 index 0318e4ee3f43..000000000000 --- a/secure/caroot/blacklisted/Chambers_of_Commerce_Root_-_2008.pem +++ /dev/null @@ -1,149 +0,0 @@ -## -## Chambers of Commerce Root - 2008 -## -## This is a single X.509 certificate for a public Certificate -## Authority (CA). It was automatically extracted from Mozilla's -## root CA list (the file `certdata.txt' in security/nss) -## licensed under the MPL 2.0, http://mozilla.org/MPL/2.0/. -## -## @generated -## -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - a3:da:42:7e:a4:b1:ae:da - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Chambers of Commerce Root - 2008 - Validity - Not Before: Aug 1 12:29:50 2008 GMT - Not After : Jul 31 12:29:50 2038 GMT - Subject: C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Chambers of Commerce Root - 2008 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (4096 bit) - Modulus: - 00:af:00:cb:70:37:2b:80:5a:4a:3a:6c:78:94:7d: - a3:7f:1a:1f:f6:35:d5:bd:db:cb:0d:44:72:3e:26: - b2:90:52:ba:63:3b:28:58:6f:a5:b3:6d:94:a6:f3: - dd:64:0c:55:f6:f6:e7:f2:22:22:80:5e:e1:62:c6: - b6:29:e1:81:6c:f2:bf:e5:7d:32:6a:54:a0:32:19: - 59:fe:1f:8b:d7:3d:60:86:85:24:6f:e3:11:b3:77: - 3e:20:96:35:21:6b:b3:08:d9:70:2e:64:f7:84:92: - 53:d6:0e:b0:90:8a:8a:e3:87:8d:06:d3:bd:90:0e: - e2:99:a1:1b:86:0e:da:9a:0a:bb:0b:61:50:06:52: - f1:9e:7f:76:ec:cb:0f:d0:1e:0d:cf:99:30:3d:1c: - c4:45:10:58:ac:d6:d3:e8:d7:e5:ea:c5:01:07:77: - d6:51:e6:03:7f:8a:48:a5:4d:68:75:b9:e9:bc:9e: - 4e:19:71:f5:32:4b:9c:6d:60:19:0b:fb:cc:9d:75: - dc:bf:26:cd:8f:93:78:39:79:73:5e:25:0e:ca:5c: - eb:77:12:07:cb:64:41:47:72:93:ab:50:c3:eb:09: - 76:64:34:d2:39:b7:76:11:09:0d:76:45:c4:a9:ae: - 3d:6a:af:b5:7d:65:2f:94:58:10:ec:5c:7c:af:7e: - e2:b6:18:d9:d0:9b:4e:5a:49:df:a9:66:0b:cc:3c: - c6:78:7c:a7:9c:1d:e3:ce:8e:53:be:05:de:60:0f: - 6b:e5:1a:db:3f:e3:e1:21:c9:29:c1:f1:eb:07:9c: - 52:1b:01:44:51:3c:7b:25:d7:c4:e5:52:54:5d:25: - 07:ca:16:20:b8:ad:e4:41:ee:7a:08:fe:99:6f:83: - a6:91:02:b0:6c:36:55:6a:e7:7d:f5:96:e6:ca:81: - d6:97:f1:94:83:e9:ed:b0:b1:6b:12:69:1e:ac:fb: - 5d:a9:c5:98:e9:b4:5b:58:7a:be:3d:a2:44:3a:63: - 59:d4:0b:25:de:1b:4f:bd:e5:01:9e:cd:d2:29:d5: - 9f:17:19:0a:6f:bf:0c:90:d3:09:5f:d9:e3:8a:35: - cc:79:5a:4d:19:37:92:b7:c4:c1:ad:af:f4:79:24: - 9a:b2:01:0b:b1:af:5c:96:f3:80:32:fb:5c:3d:98: - f1:a0:3f:4a:de:be:af:94:2e:d9:55:9a:17:6e:60: - 9d:63:6c:b8:63:c9:ae:81:5c:18:35:e0:90:bb:be: - 3c:4f:37:22:b9:7e:eb:cf:9e:77:21:a6:3d:38:81: - fb:48:da:31:3d:2b:e3:89:f5:d0:b5:bd:7e:e0:50: - c4:12:89:b3:23:9a:10:31:85:db:ae:6f:ef:38:33: - 18:76:11 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:12 - X509v3 Subject Key Identifier: - F9:24:AC:0F:B2:B5:F8:79:C0:FA:60:88:1B:C4:D9:4D:02:9E:17:19 - X509v3 Authority Key Identifier: - keyid:F9:24:AC:0F:B2:B5:F8:79:C0:FA:60:88:1B:C4:D9:4D:02:9E:17:19 - DirName:/C=EU/L=Madrid (see current address at www.camerfirma.com\/address)/serialNumber=A82743287/O=AC Camerfirma S.A./CN=Chambers of Commerce Root - 2008 - serial:A3:DA:42:7E:A4:B1:AE:DA - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: http://policy.camerfirma.com - Signature Algorithm: sha1WithRSAEncryption - Signature Value: - 90:12:af:22:35:c2:a3:39:f0:2e:de:e9:b5:e9:78:7c:48:be: - 3f:7d:45:92:5e:e9:da:b1:19:fc:16:3c:9f:b4:5b:66:9e:6a: - e7:c3:b9:5d:88:e8:0f:ad:cf:23:0f:de:25:3a:5e:cc:4f:a5: - c1:b5:2d:ac:24:d2:58:07:de:a2:cf:69:84:60:33:e8:10:0d: - 13:a9:23:d0:85:e5:8e:7b:a6:9e:3d:72:13:72:33:f5:aa:7d: - c6:63:1f:08:f4:fe:01:7f:24:cf:2b:2c:54:09:de:e2:2b:6d: - 92:c6:39:4f:16:ea:3c:7e:7a:46:d4:45:6a:46:a8:eb:75:82: - 56:a7:ab:a0:7c:68:13:33:f6:9d:30:f0:6f:27:39:24:23:2a: - 90:fd:90:29:35:f2:93:df:34:a5:c6:f7:f8:ef:8c:0f:62:4a: - 7c:ae:d3:f5:54:f8:8d:b6:9a:56:87:16:82:3a:33:ab:5a:22: - 08:f7:82:ba:ea:2e:e0:47:9a:b4:b5:45:a3:05:3b:d9:dc:2e: - 45:40:3b:ea:dc:7f:e8:3b:eb:d1:ec:26:d8:35:a4:30:c5:3a: - ac:57:9e:b3:76:a5:20:7b:f9:1e:4a:05:62:01:a6:28:75:60: - 97:92:0d:6e:3e:4d:37:43:0d:92:15:9c:18:22:cd:51:99:a0: - 29:1a:3c:5f:8a:32:33:5b:30:c7:89:2f:47:98:0f:a3:03:c6: - f6:f1:ac:df:32:f0:d9:81:1a:e4:9c:bd:f6:80:14:f0:d1:2c: - b9:85:f5:d8:a3:b1:c8:a5:21:e5:1c:13:97:ee:0e:bd:df:29: - a9:ef:34:53:5b:d3:e4:6a:13:84:06:b6:32:02:c4:52:ae:22: - d2:dc:b2:21:42:1a:da:40:f0:29:c9:ec:0a:0c:5c:e2:d0:ba: - cc:48:d3:37:0a:cc:12:0a:8a:79:b0:3d:03:7f:69:4b:f4:34: - 20:7d:b3:34:ea:8e:4b:64:f5:3e:fd:b3:23:67:15:0d:04:b8: - f0:2d:c1:09:51:3c:b2:6c:15:f0:a5:23:d7:83:74:e4:e5:2e: - c9:fe:98:27:42:c6:ab:c6:9e:b0:d0:5b:38:a5:9b:50:de:7e: - 18:98:b5:45:3b:f6:79:b4:e8:f7:1a:7b:06:83:fb:d0:8b:da: - bb:c7:bd:18:ab:08:6f:3c:80:6b:40:3f:19:19:ba:65:8a:e6: - be:d5:5c:d3:36:d7:ef:40:52:24:60:38:67:04:31:ec:8f:f3: - 82:c6:de:b9:55:f3:3b:31:91:5a:dc:b5:08:15:ad:76:25:0a: - 0d:7b:2e:87:e2:0c:a6:06:bc:26:10:6d:37:9d:ec:dd:78:8c: - 7c:80:c5:f0:d9:77:48:d0 -SHA1 Fingerprint=78:6A:74:AC:76:AB:14:7F:9C:6A:30:50:BA:9E:A8:7E:FE:9A:CE:3C ------BEGIN CERTIFICATE----- -MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz -IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz -MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj -dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw -EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp -MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G -CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9 -28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq -VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q -DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR -5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL -ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a -Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl -UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s -+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5 -Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj -ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx -hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV -HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1 -+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN -YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t -L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy -ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt -IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV -HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w -DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW -PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF -5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1 -glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH -FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2 -pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD -xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG -tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq -jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De -fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg -OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ -d0jQ ------END CERTIFICATE----- diff --git a/secure/caroot/trusted/Comodo_AAA_Services_root.pem b/secure/caroot/blacklisted/Comodo_AAA_Services_root.pem similarity index 100% rename from secure/caroot/trusted/Comodo_AAA_Services_root.pem rename to secure/caroot/blacklisted/Comodo_AAA_Services_root.pem diff --git a/secure/caroot/blacklisted/D-Trust_SBR_Root_CA_1_2022.pem b/secure/caroot/blacklisted/D-Trust_SBR_Root_CA_1_2022.pem new file mode 100644 index 000000000000..3a2ccd41a7aa --- /dev/null +++ b/secure/caroot/blacklisted/D-Trust_SBR_Root_CA_1_2022.pem @@ -0,0 +1,69 @@ +## +## D-Trust SBR Root CA 1 2022 +## +## This is a single X.509 certificate for a public Certificate +## Authority (CA). It was automatically extracted from Mozilla's +## root CA list (the file `certdata.txt' in security/nss) +## licensed under the MPL 2.0, http://mozilla.org/MPL/2.0/. +## +## @generated +## +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 52:cf:e4:8c:6d:a0:4a:f7:3f:82:97:0c:80:09:8c:95 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C=DE, O=D-Trust GmbH, CN=D-Trust SBR Root CA 1 2022 + Validity + Not Before: Jul 6 11:30:00 2022 GMT + Not After : Jul 6 11:29:59 2037 GMT + Subject: C=DE, O=D-Trust GmbH, CN=D-Trust SBR Root CA 1 2022 + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:59:93:39:f6:8c:49:66:28:d7:61:0c:c8:ab:7f: + 0c:a3:2d:df:a2:a4:7c:92:2b:68:d5:2e:7e:1e:40: + cb:b4:68:49:7f:12:a1:ab:7f:57:9f:19:2e:63:2e: + 5b:fe:66:71:0c:33:0f:b9:de:6b:c4:88:c3:b1:ef: + ec:39:40:e3:96:ab:db:e5:7b:ae:1f:dc:f9:af:46: + 9a:6a:46:06:2f:c7:37:64:8b:17:62:fe:96:c3:a2: + ee:84:e0:b0:97:39:bc + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + F1:29:A3:1E:01:12:1D:3D:75:56:4D:C7:50:7C:C5:19:AA:0F:18:B7 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 CRL Distribution Points: + Full Name: + URI:http://crl.d-trust.net/crl/d-trust_sbr_root_ca_1_2022.crl + + Signature Algorithm: ecdsa-with-SHA384 + Signature Value: + 30:66:02:31:00:97:f9:de:ae:4b:8f:98:b5:1e:40:7f:32:7d: + 4d:54:43:da:89:cd:c2:aa:92:3c:d1:82:1e:73:cf:fa:4c:92: + 20:fb:63:27:c5:f5:73:3d:09:3d:f7:a7:61:86:8c:f3:6a:02: + 31:00:e7:2f:7c:b8:f5:25:8c:3b:39:1f:36:ab:8d:f5:86:a2: + 2e:e1:7a:64:da:67:39:02:fe:fe:33:3f:d9:73:b6:58:5b:3a: + fc:b2:a4:d9:60:78:77:cc:79:a7:a6:ae:55:bd +SHA1 Fingerprint=0F:52:3A:6B:4E:7D:1D:18:05:A5:48:F9:4D:CD:E4:C3:1E:1B:E9:E6 +-----BEGIN CERTIFICATE----- +MIICXjCCAeOgAwIBAgIQUs/kjG2gSvc/gpcMgAmMlTAKBggqhkjOPQQDAzBJMQsw +CQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMSMwIQYDVQQDExpELVRy +dXN0IFNCUiBSb290IENBIDEgMjAyMjAeFw0yMjA3MDYxMTMwMDBaFw0zNzA3MDYx +MTI5NTlaMEkxCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxELVRydXN0IEdtYkgxIzAh +BgNVBAMTGkQtVHJ1c3QgU0JSIFJvb3QgQ0EgMSAyMDIyMHYwEAYHKoZIzj0CAQYF +K4EEACIDYgAEWZM59oxJZijXYQzIq38Moy3foqR8kito1S5+HkDLtGhJfxKhq39X +nxkuYy5b/mZxDDMPud5rxIjDse/sOUDjlqvb5XuuH9z5r0aaakYGL8c3ZIsXYv6W +w6LuhOCwlzm8o4GPMIGMMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFPEpox4B +Eh09dVZNx1B8xRmqDxi3MA4GA1UdDwEB/wQEAwIBBjBKBgNVHR8EQzBBMD+gPaA7 +hjlodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Nicl9yb290X2Nh +XzFfMjAyMi5jcmwwCgYIKoZIzj0EAwMDaQAwZgIxAJf53q5Lj5i1HkB/Mn1NVEPa +ic3CqpI80YIec8/6TJIg+2MnxfVzPQk996dhhozzagIxAOcvfLj1JYw7OR82q431 +hqIu4Xpk2mc5Av7+Mz/Zc7ZYWzr8sqTZYHh3zHmnpq5VvQ== +-----END CERTIFICATE----- diff --git a/secure/caroot/blacklisted/D-Trust_SBR_Root_CA_2_2022.pem b/secure/caroot/blacklisted/D-Trust_SBR_Root_CA_2_2022.pem new file mode 100644 index 000000000000..4441fd5e4afb --- /dev/null +++ b/secure/caroot/blacklisted/D-Trust_SBR_Root_CA_2_2022.pem @@ -0,0 +1,137 @@ +## +## D-Trust SBR Root CA 2 2022 +## +## This is a single X.509 certificate for a public Certificate +## Authority (CA). It was automatically extracted from Mozilla's +## root CA list (the file `certdata.txt' in security/nss) +## licensed under the MPL 2.0, http://mozilla.org/MPL/2.0/. +## +## @generated +## +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 54:d5:a3:95:1e:3d:95:ba:72:1b:9a:d0:31:21:4a:ba + Signature Algorithm: sha512WithRSAEncryption + Issuer: C=DE, O=D-Trust GmbH, CN=D-Trust SBR Root CA 2 2022 + Validity + Not Before: Jul 7 07:30:00 2022 GMT + Not After : Jul 7 07:29:59 2037 GMT + Subject: C=DE, O=D-Trust GmbH, CN=D-Trust SBR Root CA 2 2022 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:af:2c:bc:8e:36:8c:eb:64:af:51:6a:d6:6e:3c: + 5e:91:3a:ea:9a:c3:ca:6c:fb:aa:27:9e:64:22:a9: + 40:df:b9:28:45:5a:ec:53:61:16:28:98:c2:8a:a4: + 75:78:50:84:dd:fa:20:48:92:07:65:41:35:66:51: + 12:74:61:9d:07:06:85:39:31:57:7b:28:3f:d5:9c: + a5:ec:5a:e9:1c:4b:27:9f:ce:27:06:f3:37:f5:52: + d8:11:33:16:41:3a:1f:f5:63:78:65:63:86:c9:bf: + c8:01:04:1f:6e:ee:e2:ec:ac:0c:ee:82:92:e2:f6: + 1a:0d:3f:39:f9:9d:65:93:ad:f8:b9:05:c1:3d:f8: + 37:81:56:c3:a0:fe:05:ec:e0:94:16:3a:23:16:04: + da:a6:0a:93:85:72:6d:61:3b:a1:8d:45:d6:e3:7f: + be:15:bd:36:84:08:f6:0b:83:6b:26:aa:a2:bd:e0: + b0:e7:aa:e0:ae:67:c4:d3:82:a5:0c:a9:a4:f0:33: + 79:0d:50:3f:f0:ef:90:3d:24:b9:7f:d2:20:6c:ea: + 97:f3:bf:9c:dc:47:de:09:61:bd:94:79:95:5a:02: + 76:35:60:c4:47:22:0d:f7:76:63:03:d3:c6:fb:83: + c6:5d:ab:ad:ed:69:25:2b:03:5b:4d:25:00:41:e3: + 8c:87:17:52:a8:e0:05:2b:43:4d:14:13:ca:e7:3f: + 43:22:bc:37:a4:75:f1:f6:bf:3a:ef:32:1e:ae:ee: + 58:86:90:72:ba:04:ac:40:48:ef:5c:c4:78:a7:a9: + 8f:27:5a:cb:7a:ec:58:f2:c2:08:58:90:6d:4d:03: + 85:79:71:15:05:0e:4e:3e:f9:df:0f:05:f7:5f:14: + 48:56:21:0d:33:92:b1:ac:8c:e5:18:fe:bf:0f:ee: + e0:04:aa:bd:21:f2:58:b6:5c:89:0a:8b:18:09:22: + 1a:b3:35:c6:66:c2:f5:33:15:99:80:e0:08:f9:96: + 2f:13:8c:ee:da:b7:88:c4:e9:37:b5:d7:6a:d7:3a: + 84:4d:ab:70:8c:d3:4e:14:55:a0:a2:10:fc:64:da: + 67:e8:f1:cb:33:dd:c9:9a:8a:8f:96:2f:58:81:d9: + f8:9a:00:43:cc:90:fb:55:76:fb:86:e3:37:01:28: + 0c:6f:f4:e9:59:4d:15:77:51:42:4a:cc:34:b8:80: + 43:50:81:ef:57:a5:13:db:a7:94:79:0f:4b:ca:7e: + 17:7d:af:a3:21:64:e8:71:55:56:8f:06:b0:47:ec: + 59:0f:5d:70:5b:2c:16:42:f0:86:9e:75:de:6b:4d: + 48:98:84:e2:57:18:b6:9c:82:99:65:3a:8b:80:78: + 57:0c:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 5D:B3:80:94:1B:E5:86:BF:68:BA:14:34:A4:F6:EE:6D:F2:DD:DF:E7 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 CRL Distribution Points: + Full Name: + URI:http://crl.d-trust.net/crl/d-trust_sbr_root_ca_2_2022.crl *** 8687 LINES SKIPPED ***home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69f36f74.3f141.587b9f08>